New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't set any cookies when no consent is given #16173
Conversation
build js |
build js |
* | ||
* It will also automatically enable cookies if they were disabled previously. | ||
* | ||
* @param bool [enableCookies=true] Internal parameter. Defines whether cookies should be enabled or not. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we could generally expose this parameter as a support official parameter. However, then we'd also need to add this to rememberConsentGiven ()
method and the problem is that we'd then need to persist in yet another cookie whether rememberConsentGiven ()
should always enable cookies or not. Easier to consider it an internal parameter for now
* Better detection for cookies for browser plugins report * rebuilt piwik.js * improve comment * Add method to enable cookies * rebuilt piwik.js * fix test * no longer include cookie in fingerprint * only ignore cookies in fingerprint for IE * fix tests * fix test * tweak enablecookies * rebuilt piwik.js * send tracking request if needed when enable cookies * rebuilt piwik.js * tweak code * update docs * rebuilt piwik.js * Update Visit.php * fix tests * Don't set cookies unless consent given when consent is required * fix test * rebuilt piwik.js * add tests * add missing function * rebuilt piwik.js * fix jslint test
* Better detection for cookies for browser plugins report * rebuilt piwik.js * improve comment * Add method to enable cookies * rebuilt piwik.js * fix test * no longer include cookie in fingerprint * only ignore cookies in fingerprint for IE * fix tests * fix test * tweak enablecookies * rebuilt piwik.js * send tracking request if needed when enable cookies * rebuilt piwik.js * tweak code * update docs * rebuilt piwik.js * Update Visit.php * fix tests * Don't set cookies unless consent given when consent is required * fix test * rebuilt piwik.js * add tests * add missing function * rebuilt piwik.js * fix jslint test
fix #13246
this PR is based on https://github.com/matomo-org/matomo/pull/16113/files and should be reviewed and merged soon. The change is this PR is a lot smaller.
This applies when someone calls
requireConsent
. In the past we would have still set a visitor cookie even though if no further call to egsetConsentGiven
orrememberConsentGiven
followed.In the past, the visitorId cookie was set when calling
setSiteId
. I'm not sure why this was the case but it shouldn't be needed to set it so early in the configuration process of a new tracker. In fact we're setting the session and attribution cookie already only when callinggetRequest('...')
(eggetRequest('action_name=foo')
) so it should be fine to set the visitor cookie also only oncegetRequest
is being called which this PR now does.It does change the
nowTs
which is stored in the visitor cookie but that shouldn't really change anything cause mostly a tracking request follows directly anyway. And if in past there were cookies disabled etc then we wouldn't have been able to set this anyway.It's adding a new tracker method
areCookiesEnabled
but not adding it to the changelog as it doesn't actually do anything and you can't really use it with _paq.push but will document it once merged.