Handle sensitive URLs

[jamesarosen]

Our app has information in URLs that is quite sensitive -- such as password-reset tokens, invitation tokens, and internal user IDs. We don't want to send that information to Google. I found two ways in which this information leaks: dl and dp.

I've tested this out locally, and the following seems to work about how I would expect, protecting the URLs:

// Prevent analytics.js from sending sensitive URLs in Document Location:
ga('set', 'location', document.baseURI);

router.on('didTransition', function() {
  ga('send', 'pageview', {
    // send the symbolic route name, not the full URL:
    page: '/' + this.get('currentRouteName')
  })
});

This has the side-effect of treating a view of /blog-posts/123 and /blog-posts/456 the same. I'm not sure whether everyone would agree, but for our purposes that's an advantage.