Beyond Measure

Language Detection in SQL with BigQuery Remote Functions Over the last few years SQL has really started embracing its second adolescence. That's cool, but what if you could easily extend your queries beyond the SQL domain and add in Python and Javascript based serverless functions to get real time stock information, enrich location data or: build a language detection function!? That's what we'll do. Continue reading...

4 min read

Check Cookie Consent with Playwright's browser automation in Python There's nothing like watching 20 browser windows pop-up on your screen to make you feel like a proper hacker. Let's write a Python script to do GDPR consent checks with Playwright and detect the consent manager, cookies set, and marketing and analytics trackers on a site. Continue reading...

consent python playwright puppeteer testing browser_automation

8 min read

Analytics on the edge: server-side request tracking and cookie setting using Cloudflare Workers Server-side tracking is all the rage these days, but let me tell you about the uber-coolest kid on the blockchain: edge analytics. I'm kidding, there's no such thing as edge analytics (except maybe for IoT devices), but there is the possibility to intercept requests on the 'edge' of the network. Using Cloudflare Workers, you can send data to Google Analytics for all kinds of scenarios, even for users visiting pages THAT DON'T EVEN EXIST! Continue reading...

google-analytics measurement-protocol cloudflare serverless cloudflare-workers dns edge-analytics server-side

7 min read

How I got millions of credit card details using agencies’ Google Tag Manager (GTM) accounts If you've been around this blog before you might know that I know a thing or two about Google Tag Manager (GTM), the convenient tool that lets you run marketing and analytics scripts on your website. What you might not know is that I'm also a father of two young children, and I can tell you, kids are expensive! So, obviously, on sleepless nights, one starts to ponder all the ways to make a quick buck on the side: 'How to use one's knowledge of the interwebs to create a nice college fund for the kids?' Continue reading...

gtm security hacking infosec

9 min read

DocTags: automatically generate documentation from the notes field in Google Tag Manager (GTM) GTM DocTags is a lightweight documentation generator for Google Tag Manager. It uses the notes field on tags, triggers and variables in Google Tag Manager —does anybody even use the note field?— and grabs that and some additional info through the GTM API to create a set of markdown files. The markdown files can be stored in Google Cloud Storage and rendered at runtime with Docsify to create a fully searchable, neat looking documentation site that you can serve your developers and other team members. Continue reading...

gtm gcp documentation

11 min read

Monitor Google Tag Manager version status and send notifications to Slack: the easy way (Zapier) and hard way (GCP) It's impossible to sett up a pipeline in Google Tag Manager for when new container versions are published. It'd be great to get notifications of container updates, for security reasons, to run tests, update documentation, or to get notifications in services like Slack. Let's try and build a GTM status monitor that can send a notification to Slack when a new container version is published! Continue reading...

gtm gcp monitoring Zapier

10 min read

Speeding up GTM with a caching proxy using Cloudflare Workers Is GTM slowing down your site? Or are your developers or SEO consultants going on about how GTM is showing up in the Google Page Speed Insights report? Let me show you how to load GTM faster and also make it more secure in the process by building a caching proxy using Cloudflare Workers. Continue reading...

gtm security performance page-speed

6 min read

Using GTM with a Content Security Policy (CSP) and impress your DevOps team in the process The internet is a beautiful place. If you think chaos is beautiful, that is, because it is also a place where everyone and everything is hacked, abused, and manipulated for money, status or just the lolz. To prevent your precious Google Tag Manager implementation —and your entire site for that matter— from falling victim to malicious code taking over checkout funnels or secretly listening to form input from visitors it's time to implement a Content Security Policy (CSP). Continue reading...

gtm security

10 min read

Tf-Idf in Google Sheets: implementing text analysis, keyword counting, tokenisation and stemming in a spreadsheet Google Sheets, the online Excel alternative, is basically the Swiss army knife of any modern knowledge worker. We're adding to it's multitude of uses and abuses today by creating a custom Tf-Idf model _in_ Google Sheets. A Tf-Idf model can help us digest large quantities of text like reviews, comments, feedback, chat histories, and even 17th century philosophy books with ease. Continue reading...

howto google-sheets javascript text-analysis tf-idf

6 min read

Cookie Consent: A Simple Checklist for Compliance With terms like GDPR, Cookies, ePrivacy Directive, ePrivacy Regulation, ITP, ETP, most people's heads will start spinning. Nonetheless, not complying with privacy regulation can be a costly business in multiple ways. Find out what's what and how to check if your website is compliant. Continue reading...

avg consent cookies gdpr itp

6 min read