New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
setting the cookie domain even when cookies are disabled for compatibility with "Require Cookie Consent" feature #17417
Comments
@Starker3 can you reproduce this with standard Matomo tracking code alone? BTW In step 3
I'm not sure why there should be both cookies set. I would probably expect it to be set only one of them. Or not sure what you mean here? |
@tsteur What I mean is that for reproducing the error there should be cookies for both .example.com and www.example.com The cookies set directly after giving cookie consent are for www.example.com and the .example.com cookies are created after refreshing the page. I'll try to reproduce using the standard tracking code. |
I'm thinking it might be expected behaviour and it might not even be able to remove |
@tsteur That's just the subdomain that I was testing on. The actual site I tested is for example: static.example.com (I don't have this site setup to use www) |
@tsteur |
@tsteur I've been able to reproduce this with the standard tracking code with the following added: Would you like me to recreate this bug report in Core? |
@Starker3 I moved it. |
FYI - In some cases the cookies left behind are reversed (I.e. in the example above it was the subdomain cookie |
@Starker3 thanks for this. moved it into 4.4 |
Description of issue:
When using a cookie domain such as .example.com and requiring cookie consent causes cookies for both www.example.com and .example.com to be created when cookie consent is given when using MTM
However, when cookie consent is withdrawn only one set of cookies are deleted (.example.com).
The www.example.com cookies remain including the mtm_cookie_consent cookie which causes .example.com cookies to be recreated when refreshing the page.
Steps to reproduce:
Setup MTM container using the following settings:
Enable Link Tracking
Enable Cross Domain Linking
Require Cookie Consent
Cookie domain set to .example.com
Bundle Tracker
Register As Default Tracker
Visit the page and execute
_paq.push(['rememberCookieConsentGiven']);
Refresh the page and check cookies created (There should be cookies for both www.example.com and .example.com when reproducing - in my testing I am using a website with a different subdomain of static.example.com)
It is expected here that cookies should only be set to .example.com
Execute
_paq.push(['forgetCookieConsentGiven']);
and refresh the page. Check cookies, there should be cookies that remained for www.example.com:Refresh the page, it should have recreated the cookies for .example.com:
Expected behaviour:
When not using a cookie domain and having Require Cookie Consent enabled, the Cookie Consent works as expected. It only creates cookies for the subdomain that is being viewed and the cookies are deleted when withdrawing cookie consent.
The text was updated successfully, but these errors were encountered: