JQuery AOP allows one to (amongst other things) add an advice around a method. When the method is called, the advice kicks in before the execution. The advice is a function which can investigate and change the parameters used by the method. And that’s exactly what the current version of DoNotTrack does; it has AOP.around (I’ve removed the JQuery dependency) catch insertBefore and appendChild, investigates the src-attribute and replaces that value if it points to quantserve.com before allowing the method execution to proceed.
I’m working on a more generic version of an AOP-based WordPress Privacy plugin now. In a first stage it will probably be based on a blacklist, that is editable in the WP Privacy options-screen but at a later date a whitelist-based approach will be added (based on an integration with webpagetest.org). Let’s add that to my New Years resolution for 2012, shall we?
I uploaded a new version of WP YouTube Lyte to the WordPress SVN repository earlier today. The markdown parser seems to be in a bad mood today and the changes in the readme.txt (the changelog, first and foremost) aren’t visible, so here’s what’s new in this release:
you can now change player size from the default one (as proposed by Edward Owen); httpv://www.youtube.com/watch?v=_SQkWbRublY#stepSize=-2 or httpv://youtu.be/_SQkWbRublY#stepSize=+1 will change player size to one of the other available sizes in your choosen format (4:3 or 16:9)
added a smaller 16:9 size and re-arranged player sizes on the options-screen
Bugfix: changed lyte-div ID to force it to be xhtml-compliant (ID’s can’t start with a digit, hat tip: Ruben of ytuquelees.net
Bugfix: added version in js-call to avoid caching issues (lyte-min.js?ver=0.8.1) as experienced by some users and reported by Ryan of givemeshred.com
Upgrade to the “bonus feature” to fix things (consider this beta though)
After almost a year of peace and quiet, Quantcast tracking code has returned to this blog. As reported by Brian Yang, the stupid hack that stopped the code from being included doesn’t work any more. Automattic recently switched to the new Quantcast-code, which instead of using the old-fashioned document.write now gets inserted asynchronously by a DOM-method (insertBefore). I’m looking at ways to stop this from happening or at least limit it one way or the other, but for the time being there’s no fix. Bear with me and do speak up (in the comments below of via the contact form) if you think you can help!
Quercus really is great stuff; it allows nitwits like me to develop crappy PHP-applications and to deploy them on Google’s App Engine. But when you combine the limitations of Quercus’ PHP implementation with those of GAE, you’re going to have to code around some problems you wouldn’t be facing when developing a “normal” PHP webapp.
One example based on my limited experience (while writing a scanner service to detect “foreign” objects in websites for my future wp-privacy plugin): I had a CSV-file that had to be downloaded & parsed. Normally you would fopen the remote file and than use fgetcsv retrieve all data line per line. Or, if you’d prefer, you could fetch the file with mighty CURL and parse it using str_getcsv. But those approaches don’t work when in Quercus on GAE; fopening remote files doesn’t work (blame GAE) and while you can Curl the CSV into a variable, there’s no str_getcsv in Quercus (yet).
So I did what any self-respecting non-developer would do; I cried for help on StackOverflow. Some of the advice I got there involved obscure tricks like using data-uri’s, fopening php://memory or using SplTempFileObject, but none of those solutions produced anything but errors. So no built-in CSV-parsing for me, but (simple) “manual” parsing of the CSV in a string. Not a huge problem by any measure, but I’m sure there’s a whole lot more limitations, if only for all those functions that rely on file handles. But at least we’re having fun, no? ;-)
Yesterday I pushed WP YouTube Lyte 0.7.3 out the gates. The main trigger for that new release was a bug report about the plugin not behaving as expected when using the youtu.be-links that you get when clicking the “share”-button on YouTube. Being from that TLD mysself I could not but fix this; the new version recognizes and parses both httpv://youtube.com/watch?v=videoid and httpv://youtu.be/videoid links in posts, pages and widgets. Other features: Slovenian translation (thanks Mitja Mihelič @arnes.si) and a small change to the donottrack-inclusion to make it work over https (hat tip; Chris @ campino2k.de).
Not sure where I’ll be going with WP YouTube Lyte, it feels pretty complete to me. Stuff that might be added at a later stage;
Some very popular WordPress plugins include 3rd party tracking, sometimes even without properly disclosing, often without means to disable this behavior
3rd party tracking has privacy implications: all your visitors are tracked by the 3rd party, in general for behavioral marketing purposes (depending on what data is captured, tracking might even be illegal in some countries)
3rd party tracking has a performance impact: every visit to your blog will include between 2 and 5 extra requests for the 3rd party tracking to succeed, effectively delaying full page rendering
It is my conviction that blog owners should be able to install and use WordPress plugins without having to worry about undisclosed tracking and that plugins should provide a way to disable such 3rd party tracking if included.
Some details from the readme.txt:
My little DoNotTrack plugin got downloaded quite a few times this last month. Maybe I should iron out the quirks, make it a bit more generic and see if I can get it listed on the wordpress.org plugins repository?