search

simpleanalytics / extension

Browser extension to block visits on websites with Simple Analytics installed
3 stars 0 forks source link

Extension blocks more than Simple Analytics' own script #3

Open malvese opened 4 years ago

malvese commented 4 years ago

When I use the Chrome extension to block my own visites, my site's admin interface stops working.

The CMS I use is Kirby, and it seems the extension blocks their API (https://getkirby.com/docs/guide/api/introduction). I get errors like "Failed to fetch" or "The panel cannot connect to the API". So I wonder if the extension could be more specific about what it blocks?

As an alternative I can probably block Simple Analytics' requests by creating a rule in µBlock. Something like mysite.com simpleanalytics.com * block should do the trick.

wbnns commented 4 years ago

I wonder if there might possibly be some sort of namespace collision that could be causing this.

malvese commented 4 years ago

Is there an easy way to check that? I'm more of a design guy, Javascript is not my forte. In the console I see blocked requests like:

Failed to load resource: net::ERR_BLOCKED_BY_CLIENT                /api/system?view=panel:1

GET https://malvese.com/api/auth net::ERR_BLOCKED_BY_CLIENT                        app.js:1

Oh well I think I just discovered why in background.js: https://github.com/simpleanalytics/extension/blob/7562ea2ca63fd148df45dfc76fec2384ebcc87a8/background.js#L281

Not sure why this is done?

adriaandotcom commented 4 years ago

Oops, that should not happen of course. We check for certain file names when a user clicks the extension button. When the file name matches a certain filter we block it.

That's to prevent a request to our servers to see if the script is actually a Simple Analytics script. We can't check that within the extension.

We have to make this better, I wonder how we should do this though. We do send a Simple Analytics header (simple-analytics: true) with the scripts.

The options tab of the extension shows the URLs that are blocked. Does that also show the URL you don't want to have blocked?

malvese commented 4 years ago

Yes, the options popup shows the site. image When checked my visits are blocked but so is the admin interface. And of course unchecking it would defeat the purpose :)

For now I managed to block my own visits with a custom rule in uBlock: malvese.com simpleanalytics.com * block But of course it doesn't solve the issue, as it might also happen with other CMS/frameworks.

adriaandotcom commented 4 years ago

You are right, thanks for explaining. Will keep this in mind when working on the extension again. There should be a nice solution for it.