Bug 1030040

Summary: Ads and 3rd party tracking in TLS section of rsyslog documentation
Product: Red Hat Enterprise Linux 6 Reporter: Filip Krska <fkrska>
Component: rsyslog7Assignee: Tomas Heinrich <theinric>
Status: CLOSED ERRATA QA Contact: Dalibor Pospíšil <dapospis>
Severity: low Docs Contact:
Priority: low    
Version: 6.4CC: ksrot, mkolaja, pvrabec
Target Milestone: rcKeywords: Documentation, EasyFix, Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1030041 1030043 1030044 1227287 (view as bug list) Environment:
Last Closed: 2014-10-14 07:30:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1030041, 1030043, 1030044    
Attachments:
Description Flags
proposed patch none

Description Filip Krska 2013-11-13 19:11:49 UTC
Description of problem:

There are unsolicited ads loaded from 3rd party servers (implies unsolicited and unexpected tracking by the 3rd party, so privacy concerns may apply) via following markup:

<span style="float: left">
<script type="text/javascript"><!--
google_ad_client = "pub-3204610807458280";
/* rsyslog doc inline */
google_ad_slot = "5958614527";
google_ad_width = 125;
google_ad_height = 125;
//-->
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</span>

in following doc pages:

/usr/share/doc/rsyslog-4.6.2/rsyslog_secure_tls.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_errmsgs.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_ca.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_machine.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_scenario.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_server.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_client.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_udp_relay.html
/usr/share/doc/rsyslog-4.6.2/tls_cert_summary.html


Version-Release number of selected component (if applicable):

All versions (RHEL 5,6,7, latest Fedora affected)

How reproducible:

Allways

Steps to Reproduce:
1. browse e.g. file:///usr/share/doc/rsyslog-5.8.10/rsyslog_secure_tls.html with web browser

Actual results:

Ads are loaded from http://pagead2.googlesyndication.com

Expected results:

No http request to 3rd party site is performed, no ads displayed when browsing local docs

Additional info:

Comment 1 Tomas Heinrich 2013-11-14 14:40:45 UTC
Good catch, thanks.

Comment 2 Marcel Kolaja 2013-11-18 12:19:25 UTC
Created attachment 825574 [details]
proposed patch

Comment 3 Tomas Heinrich 2013-11-18 15:45:25 UTC
Thanks for the patch, I've already sent a variation of it patch to upstream. They need to review whether there aren't any other glitches and when they merge, I'll use the final version.

Comment 8 errata-xmlrpc 2014-10-14 07:30:40 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2014-1540.html