@bquiller
In Cookie.php, the expiry time is 2 years ; this should be changed to 13 months 🥇 Thanks.
/**
- Returns the default expiry time, 13 months
- @return int Timestamp in 13 months
/
protected function getDefaultExpire()
{
return time() + 86400 365 + 86400 * 28;
}
Thanks.
@sgiehl
Why should we change that to 13 months instead of 2 years?
If you want custom lifetimes for tracker or login cookies you can overwrite the config values...
@Findus23
Hi,
I am pretty sure this getss overwritten on every cookie. In addition this can be configured for every cookie in the config.ini.php.
See e.g. here:
https://github.com/matomo-org/matomo/blob/947b6b835e47161504fdd285fcbf7facef89db08/config/global.ini.php#L699
In addition the tracking cookies can be configured in JS were they are set:
https://developer.matomo.org/api-reference/tracking-javascript#configuration-of-tracking-cookies
@tsteur
The tracking ignore cookie is set to 2 years currently indeed in https://github.com/matomo-org/matomo/blob/3.5.0/core/Tracker/IgnoreCookie.php#L51
There should be actually no expire date?
For all other tracking cookies such as the 3rd party tracking cookie the default is (should) be set to 13 months through config as @Findus23 pointed out.
As it was mentioned the cookie length can be configured in the config. AFAIK it was set to 13 months as a recommendation by eg the CNIL etc. which required a 13 month or shorter cookie length to not needing consent when using Matomo.
As for the ignore cookie this expiry time should be indeed longer and I will change this in a PR