How I got millions of credit card details using agencies’ Google Tag Manager (GTM) accounts
If you've been around this blog before you might know that I know a thing or two about Google Tag Manager (GTM), the convenient tool that lets you run marketing and analytics scripts on your website. What you might not know is that I'm also a father of two young children, and I can tell you, kids are expensive! So, obviously, on sleepless nights, one starts to ponder all the ways to make a quick buck on the side: 'How to use one's knowledge of the interwebs to create a nice college fund for the kids?'
Continue reading...
DocTags: automatically generate documentation from the notes field in Google Tag Manager (GTM)
GTM DocTags is a lightweight documentation generator for Google Tag Manager. It uses the notes field on tags, triggers and variables in Google Tag Manager —does anybody even use the note field?— and grabs that and some additional info through the GTM API to create a set of markdown files. The markdown files can be stored in Google Cloud Storage and rendered at runtime with Docsify to create a fully searchable, neat looking documentation site that you can serve your developers and other team members.
Continue reading...
Speeding up GTM with a caching proxy using Cloudflare Workers
Is GTM slowing down your site? Or are your developers or SEO consultants going on about how GTM is showing up in the Google Page Speed Insights report? Let me show you how to load GTM faster and also make it more secure in the process by building a caching proxy using Cloudflare Workers.
Continue reading...
Using GTM with a Content Security Policy (CSP) and impress your DevOps team in the process
The internet is a beautiful place. If you think chaos is beautiful, that is, because it is also a place where everyone and everything is hacked, abused, and manipulated for money, status or just the lolz. To prevent your precious Google Tag Manager implementation —and your entire site for that matter— from falling victim to malicious code taking over checkout funnels or secretly listening to form input from visitors it's time to implement a Content Security Policy (CSP).
Continue reading...
Cookie Consent: A Simple Checklist for Compliance
With terms like GDPR, Cookies, ePrivacy Directive, ePrivacy Regulation, ITP, ETP, most people's heads will start spinning. Nonetheless, not complying with privacy regulation can be a costly business in multiple ways. Find out what's what and how to check if your website is compliant.
Continue reading...
Building a complete tag monitoring solution for Google Tag Manager
Do you know if all your tags are used in Google Tag Manager or if you can remove some? Do you know if they work for all your users? Or if they fire on the right dataLayer events and how long they take to execute? Follow along for a complete solution to monitor your Google Tag Manager implementation including a dashboard. Tag monitoring will allow you to understand if important tags are actually firing for real users on your site and see when they break down.
Continue reading...