You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
mattab opened this issue
Jul 26, 2014
· 4 comments
Labels
TaskIndicates an issue is neither a feature nor a bug and it's purely a "technical" change.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
The CNIL has suggested that it would be more readable and useful to remove the ID found in the 3rd party opt-out cookie. Having an ID in that cookie is not a problem but it's a bit confusing as it almost looks like it's a visitor ID (though its only a static ID that will be the same for all opt-out cookies).
More info: the reason an id appears there is that our cookies are signed. @robocoder do you think there is still a security advantage to signing our cookie? Maybe we could now safely remove the signing part of the Cookie class.
The text was updated successfully, but these errors were encountered:
We sign the cookie to ensure the cookie was created by Piwik by a user who explicitly opted out. If you remove the ID, then third-party developers can easily spoof the cookie (e.g., via a browser extension).
You're welcome to remove the ID, but I think some users would prefer it be configureable and/or default to prevent spoofing.
Either way, CNIL's suggestion has no weight. First, it's not an ID -- it isn't personal identifiable information that needs to be kept confidential. Second, removing it would allow spoofing, which would be counter to the principle of data security.
mattab
modified the milestones:
Current milestone,
Future releasesAug 1, 2014
TaskIndicates an issue is neither a feature nor a bug and it's purely a "technical" change.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
The CNIL has suggested that it would be more readable and useful to remove the ID found in the 3rd party opt-out cookie. Having an ID in that cookie is not a problem but it's a bit confusing as it almost looks like it's a visitor ID (though its only a static ID that will be the same for all opt-out cookies).
More info: the reason an id appears there is that our cookies are signed. @robocoder do you think there is still a security advantage to signing our cookie? Maybe we could now safely remove the signing part of the Cookie class.
The text was updated successfully, but these errors were encountered: