New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow web cron via POST #14190
Comments
I see that |
Added little mention in https://matomo.org/docs/setup-auto-archiving/
|
Note that Further notes: https://developer.mozilla.org/en-US/docs/Glossary/Idempotent |
@valerio-bozzolan it does at least have the security impact of not leaving token_auth in server logs I guess. |
On a normal Linux server, logs can be read only from |
I just noticed that the Web Cron Docs recommends accessing this URL (I just updated it to include https)
https://matomo.your-server.example/path/to/piwik/misc/cron/archive.php?token_auth=XYZ
Sending the admin token via GET isn't ideal, but it seems to be hardcoded:
matomo/misc/cron/archive.php
Line 60 in 7edf461
Would it be possible to update the script to support POST (and mention it in the docs) or maybe even recommend people to directly call
CoreAdminHome.runCronArchiving
?The text was updated successfully, but these errors were encountered: