CINXE.COM

<!DOCTYPE html> <html xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmlns:data='http://www.google.com/2005/gml/data' xmlns:expr='http://www.google.com/2005/gml/expr'> <head> <link href='https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css' rel='stylesheet' type='text/css'/> <meta content='iitJxuWLjtoK2cUdZtHd8yn6yWLcf5HRPezdIAwXW50=' name='verify-v1'/> <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/> <meta content='blogger' name='generator'/> <link href='http://websiteoptimizer.blogspot.com/favicon.ico' rel='icon' type='image/x-icon'/> <link href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html' rel='canonical'/> <link rel="alternate" type="application/atom+xml" title="Official Google Website Optimizer Blog - Atom" href="http://websiteoptimizer.blogspot.com/feeds/posts/default" /> <link rel="alternate" type="application/rss+xml" title="Official Google Website Optimizer Blog - RSS" href="http://websiteoptimizer.blogspot.com/feeds/posts/default?alt=rss" /> <link rel="service.post" type="application/atom+xml" title="Official Google Website Optimizer Blog - Atom" href="https://www.blogger.com/feeds/36315330/posts/default" /> <link rel="alternate" type="application/atom+xml" title="Official Google Website Optimizer Blog - Atom" href="http://websiteoptimizer.blogspot.com/feeds/2754511111903595734/comments/default" />  <meta content='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html' property='og:url'/> <meta content='Update your Website Optimizer scripts to secure your site' property='og:title'/> <meta content='Earlier this week we notified affected Website Optimizer users of a potential security issue with the Website Optimizer Control Script. If a...' property='og:description'/> <title>Official Google Website Optimizer Blog: Update your Website Optimizer scripts to secure your site</title> <link href='http://www2.blogger.com/widgets/3319451950-blogarchive.css' rel='stylesheet' type='text/css'/><link href='http://www2.blogger.com/widgets/2791266615-blog.css' rel='stylesheet' type='text/css'/> <style type='text/css'>@import url('http://www2.blogger.com/css/blog_controls.css'); @import url('http://www2.blogger.com/dyn-css/authorization.css?blogID=8975829421217267474'); </style> <link href='http://www.google.com/uds/css/gsearch.css' rel='stylesheet' type='text/css'/> <style id='page-skin-1' type='text/css'></style> <script src='http://www.google.com/uds/api?file=uds.js&v=1.0&key=ABQIAAAA8oTp_KDiJ7gFvDuWWFfolxSsjpG0v6LKZNJMgOfcl5DRgehOGRS3tdb0znEuzRx4n3POfAbiiP1VSw' type='text/javascript'></script> <script language='Javascript' type='text/javascript'> //<![CDATA[ function OnLoad() { var controlRoot = document.getElementById("searchResults"); // Create a search control var searchControl = new GSearchControl(); searchControl.setLinkTarget(GSearch.LINK_TARGET_SELF); searchControl.setResultSetSize(GSearch.LARGE_RESULTSET); // Tell the searcher to draw itself and tell it where to attach var searchFormElement = document.getElementById("searchcontrol"); var drawOptions = new GdrawOptions(); drawOptions.setSearchFormRoot(searchFormElement); drawOptions.setDrawMode(GSearchControl.DRAW_MODE_TABBED); // This Blog var searcher = new GwebSearch(); searcher.setSiteRestriction("http://websiteoptimizer.blogspot.com/"); searcher.setUserDefinedLabel("This Blog"); searchControl.addSearcher(searcher); // Official Google Blogs var searcher = new GwebSearch(); searcher.setSiteRestriction("010222979794876194725:abdomvzqczg"); searcher.setUserDefinedLabel("Google Blogs"); searchControl.addSearcher(searcher); // the web searcher = new GwebSearch(); searchControl.addSearcher(searcher); // all blogs searcher = new GblogSearch(); searchControl.addSearcher(searcher); // news searcher = new GnewsSearch(); searchControl.addSearcher(searcher); // draw it searchControl.draw(controlRoot, drawOptions); } //function registerLoadHandler(handler) { // var node = window; // if (node.addEventListener) { // node.addEventListener("load", handler, false); // } else if (node.attachEvent) { // node.attachEvent("onload", handler); // } else { // node['onload'] = handler; // } // return true; //} //registerLoadHandler(OnLoad); //]]> </script> <script type='text/javascript'> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-961555-49']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=36315330&zx=4156a457-ec75-4140-8b79-514b96428be1' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=36315330&zx=4156a457-ec75-4140-8b79-514b96428be1' rel='stylesheet'/></noscript> <meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/> <meta name='google-adsense-platform-domain' content='blogspot.com'/> </head> <body> <div class='navbar section' id='navbar'><div class='widget Navbar' data-version='1' id='Navbar1'><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar/36315330?po\x3d2754511111903595734\x26origin\x3dhttp://websiteoptimizer.blogspot.com', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script><script type="text/javascript"> (function() { var script = document.createElement('script'); script.type = 'text/javascript'; script.src = '//pagead2.googlesyndication.com/pagead/js/google_top_exp.js'; var head = document.getElementsByTagName('head')[0]; if (head) { head.appendChild(script); }})(); </script> </div></div> <center> <div id='outer-wrapper'><div id='wrap2'>  <span id='skiplinks' style='display:none;'> <a href='#main'>skip to main </a> | <a href='#sidebar'>skip to sidebar</a> </span> <div id='content-wrapper'> <div id='main-wrapper'> <div class='header-wrapper'> <a href='http://websiteoptimizer.blogspot.com'><img alt='The Official Google Website Optimizer Blog - The most up-to-date product news, industry insights, and testing strategies' src='https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilsPAFnPgHVXYZlxWyUWO25lqpoasnMVjYxy6JSVRZhl17_1kY_UhtC9u6FuWSFeu8Sf2l_IbbJespgWWXSSbPTP_JCcuOL4iKyVHR-icEDzWWlRg8FB44QrFXOJoPYOHNRJl_/s1600-r/Website+Optimizer+Blog.png'/></a> <div class='header section' id='header'><div class='widget Header' data-version='1' id='Header1'> <p class='description'><span> </span></p> </div></div> </div> <div id='searchResults'></div> <div class='main section' id='main'><div class='widget Blog' data-version='1' id='Blog1'> <div class='blog-posts'> <div class='post uncustomized-post-template'> <a name='2754511111903595734'></a> <h3 class='post-title'> <a href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html'>Update your Website Optimizer scripts to secure your site</a> </h3> <div class='post-body'> <h2 class='date-header'>Tuesday, December 07, 2010 12/07/2010 10:14:00 AM </h2> <span class="byline-author"><div><span class="byline-author"><div><div>Earlier this week we notified affected Website Optimizer users of a potential security issue with the Website Optimizer Control Script. If a website or browser has already been compromised by a separate attack, a hacker might also be able to execute malicious code by exploiting a bug in the Website Optimizer Control Script.</div><div><br /></div><div>We have not seen any evidence indicating that sites using Website Optimizer have been targeted through this bug, but wanted to proactively reach out to site owners. While the probability of this attack is very low, we are urging Website Optimizer users to take action by updating their Control Scripts. We have taken action, so all new experiments created after December 3 are not susceptible. </div><div><br /></div><div>Any experiments you are currently running need to be updated to fix the issue on your site. Additionally, if you have any Website Optimizer scripts from paused or stopped experiments created before December 3, you should remove or update that code as well.</div><div><br /></div><div>There are two ways to update your code:</div><div><ol><li>Stop current experiments, remove the old scripts, and create a new experiment.</li><li>Update the code on your site directly. We strongly recommend creating a new experiment as it is the simpler method. </li></ol></div><div>Instructions for both methods are available here at the <a href="http://www.google.com/support/websiteoptimizer/bin/answer.py?hl=en&answer=1083131">Website Optimizer Help Center</a>.</div><div><br /></div><div>We’re committed to keeping Website Optimizer secure, and we will proactively work to prevent any future vulnerabilities.</div></div></span></div><div><span class="byline-author"><br /></span></div>Posted by Trevor Claiborne, <i>Website Optimizer team</i></span> <div style='clear: both;'></div> </div> <div class='post-footer'> <p class='post-footer-line post-footer-line-1'> <span class='post-comment-link'> </span> <a href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html' title='permanent link'>Permalink</a> <span class='post-icons'> <span class='item-action'> <a href='https://www.blogger.com/email-post/36315330/2754511111903595734' title='Email Post'> <img alt='' class='icon-action' src='http://www.blogger.com/img/icon18_email.gif'/> </a> </span> <span class='item-control blog-admin pid-1285465925'> <a href='https://www.blogger.com/post-edit.g?blogID=36315330&postID=2754511111903595734&from=pencil' title='Edit Post'> <img alt='' class='icon-action' height='18' src='https://resources.blogblog.com/img/icon18_edit_allbkg.gif' width='18'/> </a> </span> </span> </p> <p class='post-footer-line post-footer-line-2'> <span class='post-labels'> Labels: <a href='http://websiteoptimizer.blogspot.com/search/label/Website%20Optimizer%20Blog' rel='tag'>Website Optimizer Blog</a> </span> </p> <p class='post-footer-line post-footer-line-3'></p> </div> </div> <div class='comments' id='comments'> <a name='comments'></a> <h4>3 comments:</h4> <div id='Blog1_comments-block-wrapper'> <dl class='avatar-comment-indent' id='comments-block'> <dt class='comment-author ' id='c1819835594848019650'> <a name='c1819835594848019650'></a> <div class="avatar-image-container avatar-stock"><span dir="ltr"><img src="//resources.blogblog.com/img/blank.gif" width="35" height="35" alt="" title="Matthew"> </span></div> Matthew said... </dt> <dd class='comment-body' id='Blog1_cmt-1819835594848019650'> <p> Thanks for the update. ObservePoint has a quick google optimizer code check script on their website - <br /><br />http://www.observepoint.com/optimizer-test.php<br /><br />You enter the URL of the page in question, and it will tell you whether the google website optimizer code is up-to-date, and if it needs to be edited, it will tell you what to change and where to change it. </p> </dd> <dd class='comment-footer'> <span class='comment-timestamp'> <a href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html?showComment=1291828202551#c1819835594848019650' title='comment permalink'> 12/8/10, 9:10 AM </a> <span class='item-control blog-admin pid-95415783'> <a class='comment-delete' href='https://www.blogger.com/delete-comment.g?blogID=36315330&postID=1819835594848019650' title='Delete Comment'> <img src='https://resources.blogblog.com/img/icon_delete13.gif'/> </a> </span> </span> </dd> <dt class='comment-author blog-author' id='c6214043155491841007'> <a name='c6214043155491841007'></a> <div class="avatar-image-container avatar-stock"><span dir="ltr"><a href="https://www.blogger.com/profile/06256946680237773114" target="" rel="nofollow" onclick="" class="avatar-hovercard" id="av-6214043155491841007-06256946680237773114"><img src="//www.blogger.com/img/blogger_logo_round_35.png" width="35" height="35" alt="" title="Trevor Claiborne"> </a></span></div> <a href='https://www.blogger.com/profile/06256946680237773114' rel='nofollow'>Trevor Claiborne</a> said... </dt> <dd class='comment-body' id='Blog1_cmt-6214043155491841007'> <p> Thanks Matthew, looks helpful. </p> </dd> <dd class='comment-footer'> <span class='comment-timestamp'> <a href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html?showComment=1291828991775#c6214043155491841007' title='comment permalink'> 12/8/10, 9:23 AM </a> <span class='item-control blog-admin pid-1285465925'> <a class='comment-delete' href='https://www.blogger.com/delete-comment.g?blogID=36315330&postID=6214043155491841007' title='Delete Comment'> <img src='https://resources.blogblog.com/img/icon_delete13.gif'/> </a> </span> </span> </dd> <dt class='comment-author ' id='c2651691748099968494'> <a name='c2651691748099968494'></a> <div class="avatar-image-container avatar-stock"><span dir="ltr"><a href="http://www.thebigpropertylist.co.uk" target="" rel="nofollow" onclick=""><img src="//resources.blogblog.com/img/blank.gif" width="35" height="35" alt="" title="James"> </a></span></div> <a href='http://www.thebigpropertylist.co.uk' rel='nofollow'>James</a> said... </dt> <dd class='comment-body' id='Blog1_cmt-2651691748099968494'> <p> Good to know, thaks guys<br /><br />@Matthew thanks for the tool. </p> </dd> <dd class='comment-footer'> <span class='comment-timestamp'> <a href='http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html?showComment=1291928665488#c2651691748099968494' title='comment permalink'> 12/9/10, 1:04 PM </a> <span class='item-control blog-admin pid-95415783'> <a class='comment-delete' href='https://www.blogger.com/delete-comment.g?blogID=36315330&postID=2651691748099968494' title='Delete Comment'> <img src='https://resources.blogblog.com/img/icon_delete13.gif'/> </a> </span> </span> </dd> </dl> </div> <p class='comment-footer'> <div class='comment-form'> <a name='comment-form'></a> <h4 id='comment-post-message'>Post a Comment</h4> <p><i>You are welcome to comment here, but your remarks should be relevant to the conversation. We reserve the right to remove off-topic comments, or self-promoting URLs, and vacuous messages. Please keep your comments relevant, friendly, and respectful.</i><br /><br /><i>We moderate all comments so you may not see your comment show right away.</i></p> <a href='https://www.blogger.com/comment/frame/36315330?po=2754511111903595734&hl=en-US' id='comment-editor-src'></a> <iframe allowtransparency='true' class='blogger-iframe-colorize blogger-comment-from-post' frameborder='0' height='410px' id='comment-editor' name='comment-editor' src='' width='100%'></iframe> <script src='https://www.blogger.com/static/v1/jsbin/3061944402-comment_from_post_iframe.js' type='text/javascript'></script> <script type='text/javascript'> BLOG_CMT_createIframe('https://www.blogger.com/rpc_relay.html'); </script> </div> </p> </div> </div> <div class='blog-pager' id='blog-pager'> <span id='blog-pager-newer-link'> <a class='blog-pager-newer-link' href='http://websiteoptimizer.blogspot.com/2010/12/welcome-google-apps-users.html' id='Blog1_blog-pager-newer-link' title='Newer Post'>Newer Post</a> </span> <span id='blog-pager-older-link'> <a class='blog-pager-older-link' href='http://websiteoptimizer.blogspot.com/2010/10/new-google-website-optimizer-online.html' id='Blog1_blog-pager-older-link' title='Older Post'>Older Post</a> </span> <a class='home-link' href='http://websiteoptimizer.blogspot.com/'>Home</a> </div> <div class='clear'></div> </div></div> </div> <div id='sidebar-wrapper'> <div id='searchcontrol'></div> <script language='Javascript' type='text/javascript'>OnLoad();</script> <div class='sidebar section' id='sidebar'><div class='widget HTML' data-version='1' id='HTML4'> <div class='widget-content'> <a href="http://websiteoptimizer.blogspot.com/atom.xml"><img src="http://www.google.com/images/feed-icon.gif"/></a> <a href="http://websiteoptimizer.blogspot.com/atom.xml">Site Feed</a><br/> <a href="http://fusion.google.com/add?feedurl=http%3A//websiteoptimizer.blogspot.com/atom.xml"><img border="0" alt="Add to Google" style="padding-top:5px;" width="104" src="http://buttons.googlesyndication.com/fusion/add.gif" height="17"/></a> <br/> <a href="http://feeds.feedburner.com/OfficialGoogleWebsiteOptimizerBlog"><img width="88" style="border:0" alt="" src="http://feeds.feedburner.com/~fc/OfficialGoogleWebsiteOptimizerBlog?bg=3300CC&fg=FFFFFF&anim=0" height="26"/></a> </div> <div class='clear'></div> </div><div class='widget BlogArchive' data-version='1' id='BlogArchive1'> <h2>Archives</h2> <div class='widget-content'> <div id='ArchiveList'> <div id='BlogArchive1_ArchiveList'> <select id='BlogArchive1_ArchiveMenu'> <option value=''>Archives</option> <option value='http://websiteoptimizer.blogspot.com/2012/08/'>August (1)</option> <option value='http://websiteoptimizer.blogspot.com/2012/06/'>June (2)</option> <option value='http://websiteoptimizer.blogspot.com/2011/03/'>March (1)</option> <option value='http://websiteoptimizer.blogspot.com/2011/01/'>January (1)</option> <option value='http://websiteoptimizer.blogspot.com/2010/12/'>December (2)</option> <option value='http://websiteoptimizer.blogspot.com/2010/10/'>October (1)</option> <option value='http://websiteoptimizer.blogspot.com/2010/09/'>September (1)</option> <option value='http://websiteoptimizer.blogspot.com/2010/08/'>August (1)</option> <option value='http://websiteoptimizer.blogspot.com/2010/04/'>April (1)</option> <option value='http://websiteoptimizer.blogspot.com/2010/02/'>February (3)</option> <option value='http://websiteoptimizer.blogspot.com/2010/01/'>January (1)</option> <option value='http://websiteoptimizer.blogspot.com/2009/11/'>November (2)</option> <option value='http://websiteoptimizer.blogspot.com/2009/10/'>October (4)</option> <option value='http://websiteoptimizer.blogspot.com/2009/09/'>September (2)</option> <option value='http://websiteoptimizer.blogspot.com/2009/08/'>August (1)</option> <option value='http://websiteoptimizer.blogspot.com/2009/07/'>July (7)</option> <option value='http://websiteoptimizer.blogspot.com/2009/06/'>June (2)</option> <option value='http://websiteoptimizer.blogspot.com/2009/05/'>May (1)</option> <option value='http://websiteoptimizer.blogspot.com/2009/04/'>April (2)</option> <option value='http://websiteoptimizer.blogspot.com/2009/03/'>March (6)</option> <option value='http://websiteoptimizer.blogspot.com/2009/02/'>February (2)</option> <option value='http://websiteoptimizer.blogspot.com/2009/01/'>January (2)</option> <option value='http://websiteoptimizer.blogspot.com/2008/12/'>December (1)</option> <option value='http://websiteoptimizer.blogspot.com/2008/11/'>November (3)</option> <option value='http://websiteoptimizer.blogspot.com/2008/10/'>October (6)</option> <option value='http://websiteoptimizer.blogspot.com/2008/09/'>September (6)</option> <option value='http://websiteoptimizer.blogspot.com/2008/08/'>August (4)</option> <option value='http://websiteoptimizer.blogspot.com/2008/07/'>July (6)</option> <option value='http://websiteoptimizer.blogspot.com/2008/06/'>June (5)</option> <option value='http://websiteoptimizer.blogspot.com/2008/05/'>May (5)</option> <option value='http://websiteoptimizer.blogspot.com/2008/04/'>April (5)</option> </select> </div> </div> <div class='clear'></div> </div> </div><div class='widget Image' data-version='1' id='Image1'> <div class='widget-content'> <img alt='' height='26' id='Image1_img' src='http://2.bp.blogspot.com/_7ZYqYi4xigk/SAPXuzmRlNI/AAAAAAAAAmI/rxoTX0WfS8c/S1600-R/Website+Optimizer.gif' width='170'/> <br/> </div> <div class='clear'></div> </div><div class='widget LinkList' data-version='1' id='LinkList1'> <h2>Useful Links</h2> <div class='widget-content'> <ul> <li><a href='http://www.google.com/websiteoptimizer'>Website Optimizer Website</a></li> <li><a href='http://www.google.com/support/websiteoptimizer'>Website Optimizer Help Center</a></li> <li><a href='http://www.google.com/support/forum/p/websiteoptimizer?hl=en'>Website Optimizer Help Forum</a></li> <li><a href='http://www.google.com/intl/en/websiteoptimizer/partners.html'>GWO Authorized Consultants</a></li> <li><a href='http://www.youtube.com/websiteoptimizer'>GWO YouTube Channel</a></li> <li><a href='http://www.google.com/websiteoptimizer/techieguide'>Techie Guide for Website Optimizer (PDF)</a></li> <li><a href='http://www.gwotricks.com/'>GWO Tricks</a></li> </ul> <div class='clear'></div> </div> </div><div class='widget LinkList' data-version='1' id='LinkList3'> <h2>What We're Reading</h2> <div class='widget-content'> <ul> <li><a href='http://www.kaushik.net/avinash/' rel='nofollow'>Avinash Kaushik's Blog</a></li> <li><a href='http://analytics.blogspot.com/' rel='nofollow'>Google Analytics Blog</a></li> <li><a href='http://conversionroom.blogspot.com/' rel='nofollow'>Conversion Room blog</a></li> <li><a href='http://www.conversion-rate-experts.com/blog/' rel='nofollow'>Conversion Rate Experts Blog</a></li> <li><a href='http://www.epikone.com/blog/tag/website-optimizer' rel='nofollow'>EpikOne Blog</a></li> <li><a href='http://www.grokdotcom.com/' rel='nofollow'>Future Now Blog</a></li> <li><a href='http://www.lunametrics.com/blog/' rel='nofollow'>Lunametrics Blog</a></li> <li><a href='http://online-behavior.com/' rel='nofollow'>Online Behavior</a></li> <li><a href='http://www.roirevolution.com/blog/' rel='nofollow'>ROI Revolution Blog</a></li> <li><a href='http://sitetuners.wordpress.com/' rel='nofollow'>SiteTuners Blog</a></li> <li><a href='http://blog.vkistudios.com/' rel='nofollow'>VKI Studios Blog</a></li> <li><a href='http://www.websharedesign.com/conversion-marketing-blog/' rel='nofollow'>WebShare Blog</a></li> <li><a href='http://www.widerfunnel.com/blog/' rel='nofollow'>WiderFunnel Blog</a></li> </ul> <div class='clear'></div> </div> </div><div class='widget LinkList' data-version='1' id='LinkList2'> <h2>Related Google Products</h2> <div class='widget-content'> <ul> <li><a href='https://adwords.google.com/select/Login?sourceid=awo&subid=na-en-et-analytics_blog&medium=link'>Google AdWords</a></li> <li><a href='http://www.google.com/adsense?hl=en&sourceid=aso&subid=na-en-et-ET111_WebsiteOptimizer_Blog&medium=et'>Google AdSense</a></li> <li><a href='http://www.google.com/analytics'>Google Analytics</a></li> <li><a href='http://www.google.com/webmasters'>Google Webmaster Central</a></li> </ul> <div class='clear'></div> </div> </div><div class='widget HTML' data-version='1' id='HTML2'> <h2 class='title'>More Google Blogs</h2> <div class='widget-content'> <div id="blog_posts"> <script type="text/javascript"> function build_posts(data) { var container = document.getElementById('blog_posts'); var list = document.createElement('div'); // Loop through all data items returned for (var i=0; i < data.items.length; i++) { var item = data.items[i]; var link = document.createElement('a'); link.appendChild(document.createTextNode(item.title)); link.href = item.alternate.href; list.appendChild(link); list.appendChild(document.createElement('br')); } container.appendChild(list); } </script> <script src="http://www.google.com/reader/public/javascript-sub/user/10949413115399023739/label/ads?callback=build_posts" type="text/javascript"></script></div> </div> <div class='clear'></div> </div><div class='widget HTML' data-version='1' id='HTML5'> <div class='widget-content'> <br/>The Official Google Website Optimizer Blog is powered by Blogger. <a href="http://www.blogger.com/">Start your own weblog</a>.<br/><br/> </div> <div class='clear'></div> </div><div class='widget BloggerButton' data-version='1' id='BloggerButton1'> <div class='widget-content'> <a href='https://www.blogger.com'><img alt='Powered By Blogger' src='https://www.blogger.com/buttons/blogger-simple-blue.gif'/></a> <div class='clear'></div> </div> </div><div class='widget HTML' data-version='1' id='HTML6'> <h2 class='title'>More Blogs from Google</h2> <div class='widget-content'> Visit our <a href="http://www.google.com/press/blogs/directory.html#tab0"> directory</a> for more information about Google blogs. </div> <div class='clear'></div> </div></div> <br/><br/><br/> </div>  </div> <div class='footer'> <div class='section' id='footer'><div class='widget HTML' data-version='1' id='HTML1'> <div class='widget-content'> Copyright © 2008 Google Inc. All rights reserved.<br/> <a href="http://www.google.com/privacy.html">Privacy Policy</a> | <a href="http://www.google.com/terms_of_service.html">Terms of Service</a> </div> <div class='clear'></div> </div></div> </div> </div></div> </center> <script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/60983134-widgets.js"></script> <script type='text/javascript'> window['__wavt'] = 'AOuZoY4VIsdOgXEVxj8YsDgeSVmI6CkCfg:1739800319043';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d36315330','//websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html','36315330'); _WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '36315330', 'title': 'Official Google Website Optimizer Blog', 'url': 'http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html', 'canonicalUrl': 'http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html', 'homepageUrl': 'http://websiteoptimizer.blogspot.com/', 'searchUrl': 'http://websiteoptimizer.blogspot.com/search', 'canonicalHomepageUrl': 'http://websiteoptimizer.blogspot.com/', 'blogspotFaviconUrl': 'http://websiteoptimizer.blogspot.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': false, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': '', 'encoding': 'UTF-8', 'locale': 'en-US', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Official Google Website Optimizer Blog - Atom\x22 href\x3d\x22http://websiteoptimizer.blogspot.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Official Google Website Optimizer Blog - RSS\x22 href\x3d\x22http://websiteoptimizer.blogspot.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Official Google Website Optimizer Blog - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/36315330/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Official Google Website Optimizer Blog - Atom\x22 href\x3d\x22http://websiteoptimizer.blogspot.com/feeds/2754511111903595734/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': false, 'adsenseAutoAds': false, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/4b890f0df4aad4c4', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'X', 'key': 'twitter', 'shareMessage': 'Share to X', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '2754511111903595734', 'pageName': 'Update your Website Optimizer scripts to secure your site', 'pageTitle': 'Official Google Website Optimizer Blog: Update your Website Optimizer scripts to secure your site'}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': false, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'Update your Website Optimizer scripts to secure your site', 'description': 'Earlier this week we notified affected Website Optimizer users of a potential security issue with the Website Optimizer Control Script. If a...', 'url': 'http://websiteoptimizer.blogspot.com/2010/12/update-your-website-optimizer-scripts.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 2754511111903595734}}]); _WidgetManager._RegisterWidget('_NavbarView', new _WidgetInfo('Navbar1', 'navbar', document.getElementById('Navbar1'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HeaderView', new _WidgetInfo('Header1', 'header', document.getElementById('Header1'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false, 'lightboxEnabled': true, 'lightboxModuleUrl': 'https://www.blogger.com/static/v1/jsbin/918196653-lbx.js', 'lightboxCssUrl': 'https://www.blogger.com/static/v1/v-css/1964470060-lightbox_bundle.css'}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML4', 'sidebar', document.getElementById('HTML4'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_BlogArchiveView', new _WidgetInfo('BlogArchive1', 'sidebar', document.getElementById('BlogArchive1'), {'languageDirection': 'ltr', 'loadingMessage': 'Loading\x26hellip;'}, 'displayModeFull')); _WidgetManager._RegisterWidget('_ImageView', new _WidgetInfo('Image1', 'sidebar', document.getElementById('Image1'), {'resize': false}, 'displayModeFull')); _WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList1', 'sidebar', document.getElementById('LinkList1'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList3', 'sidebar', document.getElementById('LinkList3'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList2', 'sidebar', document.getElementById('LinkList2'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML2', 'sidebar', document.getElementById('HTML2'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML5', 'sidebar', document.getElementById('HTML5'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_BloggerButtonView', new _WidgetInfo('BloggerButton1', 'sidebar', document.getElementById('BloggerButton1'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'sidebar', document.getElementById('HTML6'), {}, 'displayModeFull')); _WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML1', 'footer', document.getElementById('HTML1'), {}, 'displayModeFull')); </script> </body> </html>