@robocoder opened this Issue on June 26th 2011 Contributor

If the page being tracked is XHTML Strict and being served as content type application/xhtml+xml, some browsers will disable document.write().

At present, we don't differentiate between the secure vs non-secure domains where someone hosts piwik, yet we mimick GA's tag.

I believe we should change the tracking tag to simply use the relative URI without the scheme. This is in the original standard rfc1808 (circa 1995) -- now obsolete by rfc 3986 -- and is well-supported by modern browsers (and even old ones like IE4).

  • more compact tag
  • fixes inconsistency in the noscript tag
<!-- Piwik --> 
<script src="//{$piwikUrl}piwik.js" type="text/javascript"></script>
<script type="text/javascript">
var pkBaseURL = '//{$piwikUrl}';
var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", {$idSite});
<noscript><p><img src="//{$piwikUrl}piwik.php?idsite={$idSite}" style="border:0" alt="" /></p></noscript>
<!-- End Piwik Tracking Code -->

Note: document.write is no longer "deprecated" in html5, but the draft spec sums up why it shouldn't be used: http://dev.w3.org/html5/spec/Overview.html#dom-document-write

@mattab commented on June 29th 2011 Member

I have the feeling that if the GA tag contains the SSL detect logic like ours, there must be a good backward compatible reason, so I think this change has some risk involved.

Decreasing priority since this doesn't cause issues, and will not result in more functionality except for the few bytes saved in the tag.

@robocoder commented on July 2nd 2011 Contributor

It's not a compatibility issue. GA has a separate subdomain for https.

@mattab commented on July 5th 2011 Member

This was reported in: http://forum.piwik.org/read.php?2,78573

Would be nice to make the switch if it doesn't break with old browsers...?

@mattab commented on July 15th 2011 Member

we want to start advertising/pushing asynchronous tag, see #1845

What would be the asynchronous version of this change?


<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
    var u="//{$PIWIK_URL}";
    _paq.push(['setSiteId', {$IDSITE}]);


(not tested)


@mattab commented on September 16th 2011 Member

Increasing priority since disabling document.write sounds like a very good idea in general, and so far there is no known issues? we probably should test it with Ie6, 7, older versions of FF, etc> ?

@mattab commented on January 26th 2012 Member

From email, bug report with document.write causing xhtml to report error in FF.

Should we fix this ticket? is it really not risky at all?

Is the Piwik Javascript Tracking Code XHTML 1.0 compatible?
Unfortunately for the file served as real XHTML errors are generated because document.write is not allowed in DOM and XHTML 1.0 and 1.1.
Made by Firefox
Error: uncaught exception: [Exception... "An attempt was made to use an object that is not, or is no longer, usable"  code: "11" nsresult: "0x8053000b (NS_ERROR_DOM_INVALID_STATE_ERR)"  location: "http://www.pecuch.info/"]
Made by Opera
[2012-01-19 14:42:27] JavaScript - http://www.pecuch.info/
Inline script thread
Uncaught exception: DOMException: INVALID_STATE_ERR
Error thrown at line 3, column 0 in http://www.pecuch.info/:
   document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
@robocoder commented on May 12th 2012 Contributor
@robocoder commented on May 12th 2012 Contributor

closed in error

@mattab commented on September 19th 2012 Member

Thanks Anthon for the great link. It is indeed a wontfix (does not work under IE6).

Also the explicit listing of the https domain is a good reminder to the user that Piwik also needs to work in SSL... so it's useful :)

@mattab commented on December 16th 2012 Member

Milestone 1.8.x Piwik 1.8.x deleted

This Issue was closed on December 16th 2012
Powered by GitHub Issue Mirror