|
|
|
|
|
|
by magicalist
3991 days ago
|
|
|
That's true, but at that point you're really asking if it's possible to send JavaScript to an attacker to run and have them not be able to arbitrarily alter what that code does. In which case the answer is of course not, regardless of what the code is. Usually the answer is gk1's above and keeping an eye on server logs to see if they match up with the client analytics data you're getting. You can even have events sent from both in GA or Piwik or whatever so you can compare them in the same UI, looking at e.g. event flow so that everyone who loaded some data first triggered a fetch event on the server for that data. Of course then your attacker can just get a botnet to start mindlessly doing page views of your site... |
|
|