To get around XSS you can use GET requests to your logging script, sending the data as arguments by one of two methods (maybe there are others?): * one way is to just "get" an Image by setting an image's SRC to your logging script. * another is to have an inline IFRAME where you also change its SRC to your logging script's URL. You might have to have some built-in delay to let the logging script have time to actually log the event before the form gets submitted... I'm thinking using setTimeout() in javascript. _alejandro Yitzchak Schaffer said the following on 23/11/2009 06:01 p.m.: > Alejandro Garza Gonzalez wrote: >> 1) You *can* use GA and some Javascript embedded in your III pages to >> log "events" (as they´re called in GA lingo). The javascript >> (depending on your coding wizardry level) could track anything from >> hovers over elements, form submission, "next page" events, etc. > > Hi Alejandro, > > Thanks for a great suggestion. I tried poking around at it; it seems > to me like Events aren't built for what I'm really interested in > doing, namely systematic exploration and analysis of the search > sessions. IOW, let's say a form looks like > > t=finn > a=twain > l=circ,reserve > > It looks like I could log this as three separate events, or one; but > either way, how would one analyze this? I'm not interested (solely) > in how many times this particular query was entered. > > I started looking at ways to funnel the params into my own tracking > script, the prototype of which just writes a line to a text file with > a JSON serialization of the form data; but I'm not a JS ninja, so I'm > still trying to figure out how to get around the XSS problems. > > Ruddy III turnkey... > -- _________________ ___ _ _ _ _ _ _ _ *Ing. Alejandro Garza González* Coordinación de proyectos y desarrollo de sistemas Centro Innov@TE, Centro para la Innovación en Tecnología y Educación Tecnológico de Monterrey Tel. +52 [81] 8358.2000, Ext. 6751 Enlace intercampus: 80.689.6751, 80.788.6106 http://www.itesm.mx/innovate/ El contenido de este mensaje de datos no se considera oferta, propuesta o acuerdo, sino hasta que sea confirmado en documento por escrito que contenga la firma autógrafa del apoderado legal del ITESM. El contenido de este mensaje de datos es confidencial y se entiende dirigido y para uso exclusivo del destinatario, por lo que no podrá distribuirse y/o difundirse por ningún medio sin la previa autorización del emisor original. Si usted no es el destinatario, se le prohíbe su utilización total o parcial para cualquier fin. The content of this data transmission must not be considered an offer, proposal, understanding or agreement unless it is confirmed in a document signed by a legal representative of ITESM. The content of this data transmission is confidential and is intended to be delivered only to the addressees. Therefore, it shall not be distributed and/or disclosed through any means without the authorization of the original sender. If you are not the addressee, you are forbidden from using it, either totally or partially, for any purpose.