Google Analytics - can it collect form data?

Simple scenario: I have a signup form, with user name, password, email address, may be credit card number.

At the bottom of the page, I implement the Google Analytics code. when user clicks submit, it goes to a page wihtout google analytics.

question is.. can GA get the data (user naem, password..email..etc) in the first form after user input the data?

Do they say anything about it in their TOS or Privacy policy?

Answers


Yes. Any <script> you include in the page has complete access to alter the user's interaction with the site due to the Same Origin Policy. Google, if they were feeling Evil today, could certainly rewrite the action of your <form> to point to themselves, or log every keypress, or create an <iframe> containing another page on your site and simulate the user clicking on any action in that page.

Do not include <script> on any page from a party you don't completely trust with the security of everything on your site. Even a single tracking or advertiser script on any page compromises everything on the same hostname (and maybe other subdomains if you are setting window.domain to allow cross-hostname-scripting, or sharing cookies between hostnames).

However, the Analytics script doesn't currently do any of these things and the form submission will not flow to Google as a matter of course; they would have to deliberately act to steal the data. Clearly it would be disastrous for them to be discovered doing it, so they presumably won't. But technically, they could. It always pains me to see third-party ad and tracking scripts on bank sites.


UPDATE: The landscape has changed quite a bit over the years since my original answer below was written: the scripts are now generally served (or at least have the option to be fetched) over HTTPS, so those scripts should be secure against the trivial man-in-the-middle attacks. However, you are still trusting the script source not to do malicious stuff in your page, since they still get to fully control what happens on your web page.


Original answer:

Yes. I recommend against putting any third party script on sensitive pages secured by SSL. It's not likely that Google is going to hijack sensitive data on your page but you should take into account the possibility that a malicious ISP can hijack the request (say, using DNS) to Google Analytics script and do whatever it wants on your page.


Need Your Help

Getting selected date from calendar date picker

php jquery calendar datepicker

I need help with getting the selected date from calendar date picker. Currently I can select the date(from...to...) and place it into textbox. But I cannot get the value to put into PHP variable.

When to rewrite vs. upgrade?

scope project-planning sdlc

All custom legacy software needs changing, or so say our users. Sometimes they want a feature or two added and all that is necessary to change a bit of code, add a control, or some other minor upgr...