Intent to Merge: Google Analytics on perf-html.io
bzbarsky at mit.edu
Sat Nov 18 06:06:55 UTC 2017
On 11/17/17 7:50 PM, Harald Kirschner wrote:
> nothing private about the profile itself is collected in GA.
Assuming GA itself is not buggy or malicious, right?
> As alternative to uploading you can also download the profiles locally
> and attach them to private bugs; so you stay in control over them and
> can remove them as needed.
I don't see how that's possible in a sane way. Capturing a profile
automatically hands the data to scripts running on perf-html.io, no? It
may not be uploaded in the sense of being stored on the server, but it's
in the global the GA scripts are running in.
I have to admit that this change makes me a lot less comfortable using
the Gecko profiler at all. :(
> Would it be helpful to have anonymization as
> an option; to have a best-effort approach on removing PII like URLs from
If it were done in the profiler itself (i.e. in code we control), not in
perf-html.io (which we don't fully control if we load third-party
scripts into it), it would help with the privacy issue. Of course it
would make the profiles a lot less useful (e.g. make it harder to figure
out which site of the several I have open is causing the performance
More information about the firefox-dev