[POC] Obfuscate tracking parameters #14211
Conversation
for browsers supporting native base64 using btoa()
sgiehl
added
the
RFC
|
wouldn't you just send it as POST maybe if someone really wanted to avoid it? Of course you can't replay maybe but would probably work otherwise. Not sure if it has high prio right now |
|
Correct, POST would be another way to avoid a parameter blocking, but as you mentioned it wouldn't work if replaying logs is required at some point. Actually this was just a simple idea that came up to my mind when reading some issues and forum posts. Thought it might be worth to create a simple draft for it so we can consider using it at some point if usefull... |
|
I kind of like this idea. Just to be sure, it will not be |
|
Try to get rid of the |
|
@sgiehl I think we can maybe close the issue for now as we don't really want to work around ad blockers / privacy lists in such a way at this stage. |
|
Maybe it would be a good idea to take this POC into account and maybe define some requirements, I have made the the mentioned post above with a temporary workaround. |
Even when renaming piwik.php (or matomo.php) some adblockers still seem to block some tracking requests based on the url parameters sent with the request.
This implementation will make it possible to obfuscate all request parameters by doing a base64 on the request string.
Not sure if it might make sense to even enable that by default if it works as expected.
refs #7364, #14207