Add option for: forceSSL

Have you considered adding ga(‘set’, ‘forceSSL’, true); into advanced settings (before snippet)? This is why this settings field exists. I think we cannot add a checkbox for all the 200-300 settings Google Analytics has.

I forced my sites to ssl... :-)

It is highly difficult to decide what options should be in the gui and what not. I'm not sure how many really need this.

What issue does this forcessl solve about EU law? The cookie law is already bullshit... But ssl solves nothing if your site is still running on http.

I try my best to get around your traffic jams... :-)

Don't get me wrong, I know all what you are writing about and I'm the last who is not for harder rules if it comes to tracking and prying eyes. I'm only hardly confused about the benefit if a bad guy already listen on the wire and you only encrypt the tracking beacon. They already know who you are and what you are doing in these unencrypted site.

You are required to enable anonymizeIp and forceSSL.

Where is it written that you need to enable forceSSL and what is the benefit? I know we also require anonymizeIp in Germany... but SSL if the site is not?

I do not speak Dutch... Sorry. I think you need to expain or reference german/english translations or the EU law. I never heard of such an interpretation in Germany yet.

I'm not sure if this is another Dutch round in misunderstandings about EU rules... The cookie rules in Dutch are already a prove of something goes wrong...

I still try to learn and understand why we need this and than I may commit this if it helps.

What exactly is this law forcing you to do? I guess it is not telling you to enable ForceSSL in Google Analytics...

You are not really answering my questions.

The cookie law - how I understood it - was made to *disallow* you as website owner to save a cookie on the customers browser/computer without customer confirmation. So you need to ask your customer if he allows your site to save this. If yes you can save, otherwise you are not allowed to do so.

So far so good... Tracking cookies are discussable bad, but netherlands as I know have also forbidden to set a session cookies. A quite stupid idea from my point of view as this make websites no longer usable. No longer any shopping cart and so on. But this is not my point here.

ForceSSL does NOT stop google from setting a tracking cookie on your customer computer. It only encrypts the process on the wire. This means you still need to ask your customers if you are allowed to save the cookie on their computer. ForceSSL changes nothing or I'm missing a point.

Please explain what this setting helps you in regards of cookie law compliance. It does not help me moving this case forward if you cannot answer and prove this question exhaustive.

30 days no feedback and no answers.

Google has forced our hand on this. They are now automatically sending all beacons using SSL. If your site is running over plain text - the beacon will get a 307 response code from Google - to then resend the beacon over SSL - which slows things down and runs the risk of missing a submission. Can we at least get the tick box in place - it would actually make sense to force the entire js code as per Google spec:

  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');

forcing the tag to use ssl as per #4 - combined with using a locally cached copy of the tracking js fixes up the redirects for now.