Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop Piwik from setting any cookies for visitors #10484

Closed
paya-cz opened this issue Sep 11, 2016 · 4 comments · Fixed by #10579
Closed

Stop Piwik from setting any cookies for visitors #10484

paya-cz opened this issue Sep 11, 2016 · 4 comments · Fixed by #10579
Labels
answered For when a question was asked and we referred to forum or answered it. Bug For errors / faults / flaws / inconsistencies etc.
Milestone
3.0.0-b2

Comments

@paya-cz
Copy link

paya-cz commented Sep 11, 2016

So I want to make sure none of my visitors ever get any cookies at all. I use the following code:

<!-- Piwik -->
<script type="text/javascript">
  var _paq = _paq || [];
  _paq.push(['disableCookies']);
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {
    var u="//<?php echo $_SERVER['HTTP_HOST']; ?>/piwik/";
    _paq.push(['setTrackerUrl', u+'piwik.php']);
    _paq.push(['setSiteId', '1']);
    var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
    g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
  })();
</script>
<noscript><p><img src="//<?php echo $_SERVER['HTTP_HOST']; ?>/piwik/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->

However, the Piwik PHP code seems to be setting an expired _pk_uid=deleted for all visitors (using a request to piwik.php?action_name=XXX&idsite=XXX&rec=XXX&r=XXX&h=XXX.... which returns 43-byte long 1x1 empty image/gif). Chrome then reports as if my website set a real cookie:

chrome

Firefox recognizes the cookie in response, but does not set it for the website:

ff1
ff2

Internet Explorer completely ignores the cookie and does not even notice it in the response headers:

ie

I get it why Piwik does this - to delete the _pk_uid cookie in case it was already set before. But in my case, this will never be required since I do not plan to use cookies at all from the site's very inception. How can I stop Piwik from issuing even the expired cookie? I do not want Chrome users to be confused and think I am actually setting a cookie. Maybe the piwik.php can be tuned to set the expired cookie only in case the _pk_uid was actually set before?
@mattab
Copy link
Member

mattab commented Sep 27, 2016
edited

Hello @paya-cz

  • Are you using "third party cookie" (ie. did you set this config setting in your config file) ?
  • If not, have you maybe clicked in the Admin > Exclude my visits using cookie link?
  • If not, are you using Do not track?

@mattab mattab mentioned this issue Sep 27, 2016
Merged
@mattab
Copy link
Member

mattab commented Sep 27, 2016

Could you try this patch: https://github.com/piwik/piwik/pull/10579/files

I haven't tested it but hopefully it fixes the issue

@mattab mattab added this to the 3.0.0-b2 milestone Sep 27, 2016
@mattab mattab added the Bug For errors / faults / flaws / inconsistencies etc. label Sep 27, 2016
@mattab
Copy link
Member

mattab commented Sep 30, 2016

@paya-cz please can you confirm whether the patch above, fixes the issue you reported?

@mattab mattab closed this as completed Oct 1, 2016
@paya-cz
Copy link
Author

paya-cz commented Oct 3, 2016

@mattab Hi, sorry for the late reply, I was busy with other things.

  • I am not using third party cookie. The only change I made to the deployed Piwik was just adding the _paq.push(['disableCookies']); line.
  • I have not clicked the Exclude my visits using cookie link
  • I am not using Do not track and I have disabled all addons before testing, particularly AdBlock and Ghostery

Anyway, I am no longer able to reproduce the issue in Chrome 53.0.2785.143 m 64-bit. I was using previous stable release when I reported the issue. To my experience, the previous Chrome release was kinda buggy, I had other problems mainly related to visual glitches / rendering issues. They all seem to be fixed in this version, including the cookie thing. But as you can see from the screenshots, I was not making this up. I will let you know if the issue ever shows up again. Thanks for your assistance.

@mattab mattab added the answered For when a question was asked and we referred to forum or answered it. label Oct 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
answered For when a question was asked and we referred to forum or answered it. Bug For errors / faults / flaws / inconsistencies etc.
Projects
None yet
Milestone
3.0.0-b2
Development

Successfully merging a pull request may close this issue.

Delete third party UID cookie only when it was found in the cookie jar matomo-org/matomo
2 participants
@mattab @paya-cz