New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Better detection for cookies for browser plugins report for hybrid consent #16101
Conversation
build js |
} else { | ||
// Eg IE11 ... prevent error when cookieEnabled is requested within modal dialog. see #11507 | ||
browserFeatures.cookie = hasCookies(); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually don't understand why that should be needed here. Isn't that actually the same that is already done here:
Lines 3056 to 3063 in aeaa91c
function hasCookies() { | |
if (configCookiesDisabled) { | |
return '0'; | |
} | |
if(!isDefined(windowAlias.showModalDialog) && isDefined(navigatorAlias.cookieEnabled)) { | |
return navigatorAlias.cookieEnabled ? '1' : '0'; | |
} |
So only calling hasCookies
would have the same effect, besides the additional check for configCookiesDisabled
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@sgiehl yes it is the same code and kind of copied from there... we can't reuse the same method there though as it's different behaviour.
Basically here we want to detect if cookies are generally enabled unless it is IE11 or older. for IE 11 and older we need to execute different logic. It would end up in complicated code to put it in the method itself therefore rather copying code so it's in the end easier... so for IE 11 we might report cookies are disabled when cookies are disabled in Matomo and that's fine. But for all other browsers when cookies are disabled we still report the correct value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
User tested and confirms it works: #13056 (comment)
Except for IE 11 where we will follow up in #16113
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't see any complexity here 🤷 The only difference is about to ignore the check for configCookiesDisabled
. So it would be basically the same to change the hasCookies method like that:
function hasCookies(ignoreConfig) {
if (ignoreConfig !== true && configCookiesDisabled) {
return '0';
}
if(!isDefined(windowAlias.showModalDialog) && isDefined(navigatorAlias.cookieEnabled)) {
return navigatorAlias.cookieEnabled ? '1' : '0';
}
and then call
browserFeatures.cookie = hasCookies(true);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Config should not be ignored for IE eg when windowAlias.showModalDialog
is defined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok. Guess simply switching the code blocks in hasCookies
would cause an issue if hasCookies is called eg here:
Line 3296 in de5ae85
} else if ('0' === hasCookies()){ |
Right? If that's the case, should be good to merge...
Track actual cookie value so when implementing a hybrid consent screen where you first disable cookies and then enable cookies if consent given, then no new visitor is being created. If user doesn't give consent, then cookies stay disabled.
Setting actual cookie value is important because we include whether the user has cookies or not in the fingerprint: https://github.com/matomo-org/matomo/blob/3.13.6/core/Tracker/Settings.php#L145 . disableCookies / enableCookies otherwise creates a different fingerprint.
refs #13056
Creating this as part of 3.x since this is rather "urgently" needed as nowadays this behaviour is often wanted/needed and already used by various users.