@MichaelHeerklotz opened this Pull Request on June 27th 2018 Contributor

When 3rd party cookies (_pk_uid) are enabled and a pageview is tracked to multiple siteids at once, then there is a race condition:

A new user without the 3rd party cookie arrives at page X.
The pageview of X is tracked to siteid A and at the same time to siteid B.
Both track requests do not have the 3rd party cookie set.
When matomo processes these requests, it will use the visitorid that came with the request as visitorid for the 3rd party cookie.
Here is a race condition: one of the requests will win, its visitorid will be the new global visitorid in the 3rd party cookie.
The visitorid of the request that lost remains in the database as an additional visitor+visit, and thus corrupting the data.

My fix:
Set the 3rd party cookie when sending the piwik javascript code (in /js/tracker.php).
This will of course not fix the problem, when the js is loaded directly from /piwik.js.
Thus I would recommend to add this case to the FAQ: When using 3rd party cookies AND tracking to multiple siteids at once, one must use /js/tracker.php and not /piwik.js to load the js in the browser.

@MichaelHeerklotz commented on August 16th 2018 Contributor

Updated: do not write third party cookie if ignore cookie is present

Powered by GitHub Issue Mirror