Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When UserId Pseudonymization is enabled, the visitorId should be Pseudonymized as well #12853

Closed
tsteur opened this issue May 8, 2018 · 1 comment
Closed

When UserId Pseudonymization is enabled, the visitorId should be Pseudonymized as well #12853

tsteur opened this issue May 8, 2018 · 1 comment
Labels
worksforme The issue cannot be reproduced and things work as intended.

Comments

@tsteur
Copy link
Member

tsteur commented May 8, 2018

See https://github.com/matomo-org/matomo/blob/3.5.0-rc1/core/Tracker/Request.php#L830-L832

If the privacy feature introduced in Matomo 3.5.0 is enabled and the userId is hashed with a salt, then the visitorId would still kind of leak the userId. Ideally, when the userId is set and the feature is enabled, then the userId should be salted there as well.
@tsteur tsteur added the Bug For errors / faults / flaws / inconsistencies etc. label May 8, 2018
@tsteur
Copy link
Member Author

tsteur commented May 8, 2018

Actually, it should not be an issue as manipulateRequest in privacy manager "request processor" is executed before getting the visitor Id. So we are there creating a hash on the already hashed User Id.

@tsteur tsteur closed this as completed May 8, 2018
@tsteur tsteur added worksforme The issue cannot be reproduced and things work as intended. and removed Bug For errors / faults / flaws / inconsistencies etc. labels May 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
worksforme The issue cannot be reproduced and things work as intended.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tsteur