{"id":11163,"date":"2016-11-29T11:42:03","date_gmt":"2016-11-29T11:42:03","guid":{"rendered":"https:\/\/evosec.eu\/?p=11163"},"modified":"2016-11-29T12:36:51","modified_gmt":"2016-11-29T12:36:51","slug":"google-analytics-no-data-validation","status":"publish","type":"post","link":"https:\/\/evosec.eu\/de\/google-analytics-no-data-validation\/","title":{"rendered":"Google Analytics &#8211; no data validation?"},"content":{"rendered":"<p>Recently, one of our clients contacted about something rather strange: a &#8222;language&#8220; value in his newly Google Analytics setup that stated: &#8222;Secret.\u0262oogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!&#8220;<\/p>\n<p>Of course, we all know that browser headers\/requests can be easily altered, but we still wonder why Google allows such values in it&#8217;s [non-bot] visitor-related reports. And if it does some data validation \/ sanitizing or not really.<br \/>\n<figure id=\"attachment_11164\" aria-describedby=\"caption-attachment-11164\" style=\"width: 1421px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret.png\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret.png\" alt=\"Google Secret Trump\" width=\"1421\" height=\"501\" class=\"size-full wp-image-11164\" srcset=\"https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret.png 1421w, https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret-300x106.png 300w, https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret-768x271.png 768w, https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret-1024x361.png 1024w, https:\/\/evosec.eu\/wp-content\/uploads\/2016\/11\/google_secret-800x282.png 800w\" sizes=\"auto, (max-width: 1421px) 100vw, 1421px\" \/><\/a><figcaption id=\"caption-attachment-11164\" class=\"wp-caption-text\">Google Analytics: Secret.\u0262oogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!<\/figcaption><\/figure><\/p>\n<p>P.S. Beware that &#8222;secret.\u0262oogle.com&#8220; differs from &#8222;secret.google.com&#8220;. Here are the ASCII code values:<br \/>\nSecret.\u0262oogle.com: 115 101 099 114 101 116 046 <strong>201 162<\/strong> 111 111 103 108 101 046 099 111 109<br \/>\nsecret.google.com: 115 101 099 114 101 116 046 <strong>103<\/strong>     111 111 103 108 101 046 099 111 109<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, one of our clients contacted about something rather strange: a &#8222;language&#8220; value in his newly Google Analytics setup that stated: &#8222;Secret.\u0262oogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!&#8220; Of course, we all know that browser headers\/requests can be easily altered, but we &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[947,99],"tags":[982,549],"class_list":["post-11163","post","type-post","status-publish","format-image","hentry","category-it-security","category-it-security-newsupdates","tag-secret-google-com","tag-trump","post_format-post-format-image"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"de","enabled_languages":["en","da","de","es","fi","fr","it","hu","nl","no","pl","pt","ru","sv"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"da":{"title":false,"content":false,"excerpt":false},"de":{"title":false,"content":false,"excerpt":false},"es":{"title":false,"content":false,"excerpt":false},"fi":{"title":false,"content":false,"excerpt":false},"fr":{"title":false,"content":false,"excerpt":false},"it":{"title":false,"content":false,"excerpt":false},"hu":{"title":false,"content":false,"excerpt":false},"nl":{"title":false,"content":false,"excerpt":false},"no":{"title":false,"content":false,"excerpt":false},"pl":{"title":false,"content":false,"excerpt":false},"pt":{"title":false,"content":false,"excerpt":false},"ru":{"title":false,"content":false,"excerpt":false},"sv":{"title":false,"content":false,"excerpt":false}}},"_links":{"self":[{"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/posts\/11163","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/comments?post=11163"}],"version-history":[{"count":2,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/posts\/11163\/revisions"}],"predecessor-version":[{"id":11169,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/posts\/11163\/revisions\/11169"}],"wp:attachment":[{"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/media?parent=11163"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/categories?post=11163"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/evosec.eu\/de\/wp-json\/wp\/v2\/tags?post=11163"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}