Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

17417 cookie domain #17744

Merged
merged 14 commits into from Jul 15, 2021
Merged

17417 cookie domain #17744

merged 14 commits into from Jul 15, 2021

Conversation

justinvelluppillai
Copy link
Contributor

Description:

Fixes #17417 by setting the cookie domain (configCookieDomain) even when cookies are disabled.

Also checks whether setCookie is able to successfully create a cookie and if not, log a console message for visibility.

Build js

Review

  • Functional review done
  • Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
  • Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
  • Security review done see checklist
  • Code review done
  • Tests were added if useful/possible
  • Reviewed for breaking changes
  • Developer changelog updated if needed
  • Documentation added if needed
  • Existing documentation updated if needed

@justinvelluppillai justinvelluppillai added Needs Review PRs that need a code review not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. labels Jul 8, 2021
@justinvelluppillai
Copy link
Contributor Author

build js

@diosmosis
Copy link
Member

Tested locally via the test-examples repo, after adding the following code:

        _paq.push(['requireCookieConsent']);
        _paq.push(["setCookieDomain", ".matomotestexamples"]);

And viewing the page on the www.matomotestexamples URL (both mapped via /etc/hosts).

On 4.x-dev, rememberConsentGiven() creates cookies (only one set, for the www.matomotestexamples domain). On this branch, the cookies are not created and the message "There was an error setting the cookie" is in the console log. I'm not sure why it works in one but not the other...

@justinvelluppillai
Copy link
Contributor Author

@diosmosis I think that issue is because you are trying to set cookies on a top level domain (.matomotestexamples). Other than that your results are as I expect.

@diosmosis
Copy link
Member

@justinvelluppillai would you know why it works without your changes and sets the cookie correctly, but doesn't w/ the changes? I don't see anything in the code that could cause this, but it is reproducible.

@justinvelluppillai
Copy link
Contributor Author

@diosmosis it used to set the cookie on the wrong domain, ignoring the setCookieDomain directive. On the new it doesn't ignore the setCookieDomain directive and tries to set the cookie on the domain specified, but you have specified a top level domain on which it can't set a cookie, therefore it doesn't set the cookie on the new. Once you change the test domains to for example www.matomotestexamples.matomo and .matomotestexamples.matomo it will work

@diosmosis
Copy link
Member

@justinvelluppillai I see, thanks for the explanation!

@diosmosis
Copy link
Member

@justinvelluppillai fyi, there are still some JSLint errors it seems

@justinvelluppillai
Copy link
Contributor Author

build js

@justinvelluppillai
Copy link
Contributor Author

build js

@justinvelluppillai
Copy link
Contributor Author

build js

@justinvelluppillai
Copy link
Contributor Author

Passing js tests now @diosmosis - took me a few iterations of adding semicolons to get it through the jslint-ing.

@diosmosis diosmosis merged commit 96f9c8a into 4.x-dev Jul 15, 2021
@diosmosis diosmosis deleted the 17417-cookie-domain branch July 15, 2021 02:55
@diosmosis diosmosis added this to the 4.4.0 milestone Jul 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Needs Review PRs that need a code review not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
3 participants