GoDaddy customers are unhappy with JS injections from the hoster

One GoDaddy client noticed that the hoster injects extraneous JavaScript into its users' HTML pages.

There were no scripts on the admin side, and on the client side, <script> </ script> appeared in the code with a comment from the hoster.

<script>'undefined'=== typeof _trfq || (window._trfq = []);'undefined'=== typeof _trfd && (window._trfd=[]),_trfd.push({'tccl.baseHost':'secureserver.net'}),_trfd.push({'ap':'cpsh'},{'server':'xxxxxxxx0000'}) // Monitoring performance to make your website faster. If you want to opt-out, please contact web hosting support.</script><script src='https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js'></script> 

Of course, the comment explains the behavior of the script, which is designed to monitor performance. But the user still could not believe that the hoster injects javascript without his consent.

But GoDaddy really does that. The technology is called Real User Metrics. In the rules for using the service it is written that all customers from the United States automatically subscribe to this service. This refers to customers whose sites are located in the US data center. The pages of these sites stranger JavaScript is embedded by default.

Most interestingly, even in the help section, GoDaddy recognizes that these scripts "can slow down or break your site."



To disable the imposed service, click on the button with ellipsis in the upper right corner of the admin interface, select the item Help us , and then Opt Out .





After this, extraneous scripts will disappear from the pages of the site.