Dear Sirs,
I installed a 'Share on social media' module in my Drupal 7 site called AddToAny. http://drupal.org/project/addtoany
I'm working on customizing my Aqcuia theme and stumbled on the code below hidden in my site right at the top of the html:
iframe id="a2apage_sm_ifr" width="1" height="1" frameborder="0" style="border: 0px none; left: 0px; top: 0px; position: absolute; z-index: 100000; display: none;" transparency="true" allowtransparency="true" src="http://a2a.lockerz.com/menu/sm9.html#type=page&event=load&url=http%3A%2F...">
/iframe
(I took out the enclosing brackets in case it's uncool to send that code out...)
People more technical than I suggest that this is at best unethical and that I should report it to you.
The module does not make it clear that any sort of referral advertising is included with an install.
S
Comments
Comment #1
killes@www.drop.org CreditAttribution: killes@www.drop.org commentedThanks for reporting this.
We've had the same problem with the same module in #851680: Removing and documenting 3rd party tracking pixel on AddToAny.
We had resolved this by adding a remark on the project page.
That notice was removed by the maintainer a few months later.
I have re-added the notice.
Not sure how we should deal with the removal problem.
Comment #2
gregglesI solved the removal problem by making the input format full html.
Moving this issue to the module issue queue so it can be discussed with the maintainer.
Comment #3
SMartin CreditAttribution: SMartin commentedGuys,
If the maintainer has been warned already and removed the flag from the project page, then surely they should be banned from the site. This sort of thing will only give Drupal a bad name in the long term.
S
Comment #4
webmestre CreditAttribution: webmestre commentedSame for me.
How is it possible a so bad code could remain as a Drupal module ? :(((((
Comment #5
micropat CreditAttribution: micropat commentedResolved a couple years ago. AddToAny isn't affiliated with Lockerz anymore, a link to the privacy policy is in the module description, and the module has a checkbox to disable 3rd party cookies, too.
Worth noting, the utility iframe is what does the cross-domain messaging for AddToAny features and user preferences.