Making WordPress.org

#5481 closed defect (wontfix)

Prevent/strip UTM tags in plugin readme 'internal' links

Reported by: jonoaldersonwp Owned by:
Milestone: Priority: lowest
Component: Plugin Directory Keywords: analytics


Plugins like https://fr.wordpress.org/plugins/popups-for-divi/ include UTM parameters in their links (e.g., in this case, ?utm_source=wporg&utm_medium=link&utm_campaign=popups-for-divi), for their own attribution purposes.

However, when these links point to wordpress.org URLs, that breaks our attribution (by resetting the user session and allocating it to the defined channel).

That makes these kinds of links annoying at best, and, an attack vector on our analytics at worst.

As such, we should strip these parameters when they're present on 'internal' links (i.e., any which match something along the lines of https?://([a-z-]+)\.wordpress\.org).

Change History (4)

#1 @Otto42
12 months ago

Is the problem widespread enough to where we need code for it? It seems like simply reporting the plugins doing it to the plugins team would be enough to email authors and tell them to stop. This applies to any incorrect links in the readme.txt.

#2 @jonoaldersonwp
12 months ago

I've only seen one or two of these, so it's definitely not widespread.
But if we can automate the fix, isn't that preferable to relying on folks to see/remember/understand/police manually?

#3 @Otto42
12 months ago

Automating the fix also means maintaining the code that does this automation, which isn't always the easiest thing to do, or which might have unintended side effects later.

If it's only a couple of bad readmes, then fixing them directly is simpler and safer in the long run.

#4 @jonoaldersonwp
12 months ago

  • Resolution set to wontfix
  • Status changed from new to closed


Note: See TracTickets for help on using tickets.