When Google Analytics sends data from an http page, it starts out as an http request like so:
But this causes a 307 status code (Internal Redirect) due to HTTP Strict Transport Security (HSTS), and this redirect is the https version of the exact same URL.
How do I force Google Analytics to only send one https request from an http page?
When Google Analytics sends data from an http page, it starts out as an http request like so:
http://www.google-analytics./collect?payload-data-goes-here
But this causes a 307 status code (Internal Redirect) due to HTTP Strict Transport Security (HSTS), and this redirect is the https version of the exact same URL.
How do I force Google Analytics to only send one https request from an http page?
Share Improve this question edited May 25, 2017 at 22:24 budi asked Jun 13, 2016 at 21:39 budibudi 6,55110 gold badges60 silver badges83 bronze badges1 Answer
Reset to default 9The solution is to use ForceSSL. This forces Google Analytics to always send the data via https.
analytics.js
ga('set', 'forceSSL', true);
By default, tracking beacons sent from https pages will be sent using https while beacons sent from http pages will be sent using http. Setting forceSSL to true will force http pages to also send all beacons using https.
https://developers.google./analytics/devguides/collection/analyticsjs/field-reference#forceSSL
Example:
<!-- Google Analytics -->
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics./analytics.js','ga');
ga('create', 'UA-XXXXX-Y', 'auto');
ga('set', 'forceSSL', true); // <---------------------------- add this!
ga('send', 'pageview');
</script>
<!-- End Google Analytics -->
ga.js (legacy)
_gaq.push(['_gat._forceSSL']);
Configures Google Analytics to send all hits using SSL, even from insecure (HTTP) pages.
https://developers.google./analytics/devguides/collection/gajs/methods/gaJSApi_gat#_forcessl
Example (async):
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-XXXXX-X']);
_gaq.push(['_gat._forceSSL']); // <------------------------ add this!
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics./ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
Example (traditional .js snippet):
var pageTracker = _gat._getTracker("UA-XXXXX-X");
_gat._forceSSL(); // <---------------------------------------- add this!
pageTracker._trackPageview();