search

DavidWells / analytics

Lightweight analytics abstraction layer for tracking page views, custom events, & identifying visitors
https://getanalytics.io
MIT License
2.46k stars 243 forks source link

Insistence on HTTP for Snowplow collector / ERR with POST #198

Closed markojak closed 3 years ago

markojak commented 3 years ago

I've finally managed to deploy Snowplow Analytics and self hosted the Javascript Tracker (v3.1.1) and am using the following configuration.

I have tried using forceSecureTracker set to true and protocol set to https but the analytics plugin seems to be insisting on using HTTP (see error below)

Does anyone know if I'm doing something wrong?

In console I am seeing: VM3536:1 POST http://sp.secta.ai/com.snowplowanalytics.snowplow/tp2 net::ERR_FAILED

The strange thing is that even if not using HTTPS I should not be getting ERR_FAILED (see curl below that shows the right output). Are these two separate issues?

    const analytics = Analytics({
        app: 'awesome-app',
        plugins: [
          // Minimal recommended configuration
          snowplowPlugin({
            name: 'snowplow',
            scriptSrc: 'https://cdn.secta.ai/3.1.1/q4E5lh.js',
            collectorUrl: 'sp.secta.ai',
            protocol:'https',
            trackerSettings: {
              appId: 'secta',
              forceSecureTracker: true,
              contexts: {
                webPage: true
              }
            }
          })
        ]
      })

Further Troubleshooting you can see that the Collector is working properly:

curl 'https://sp.secta.ai/com.snowplowanalytics.snowplow/tp2' \
  -H 'Content-Type: application/json; charset=UTF-8' \
  -H 'Cookie: _sp=305902ac-8d59-479c-ad4c-82d4a2e6bb9c' \
  --data-raw '{"schema":"iglu:com.snowplowanalytics.snowplow/payload_data/jsonschema/1-0-4","data":[{"e":"pv","url":"https://docs.snowplowanalytics.com/docs/send-test-events-to-your-pipeline/","page":"Send test events to your pipeline - Snowplow Docs","refr":"https://docs.snowplowanalytics.com/","tv":"js-2.17.2","tna":"spExample","aid":"docs-example","p":"web","tz":"Europe/London","lang":"en-GB","cs":"UTF-8","res":"3440x1440","cd":"24","cookie":"1","eid":"4e35e8c6-03c4-4c17-8202-80de5bd9d953","dtm":"1626182778191","cx":"eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI0YTU2ZjQyNy05MTk2LTQyZDEtOWE0YS03ZjRlNzk2OTM3ZmEifX1dfQ","vp":"863x1299","ds":"848x5315","vid":"3","sid":"87c18fc8-2055-4ec4-8ad6-fff64081c2f3","duid":"5f06dbb0-a893-472b-b61a-7844032ab3d6","stm":"1626182778194"},{"e":"ue","ue_px":"eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy91bnN0cnVjdF9ldmVudC9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJzY2hlbWEiOiJpZ2x1OmNvbS5teV9jb21wYW55L3Byb2R1Y3Rfdmlldy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6IjVOMFctUEwwVyIsImN1cnJlbnRfcHJpY2UiOjQ0Ljk5LCJkZXNjcmlwdGlvbiI6IlB1cnBsZSBTbm93cGxvdyBIb29kaWUifX19","tv":"js-2.17.2","tna":"spExample","aid":"docs-example","p":"web","tz":"Europe/London","lang":"en-GB","cs":"UTF-8","res":"3440x1440","cd":"24","cookie":"1","eid":"542a79d3-a3b8-421c-99d6-543ff140a56a","dtm":"1626182778193","cx":"eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI0YTU2ZjQyNy05MTk2LTQyZDEtOWE0YS03ZjRlNzk2OTM3ZmEifX1dfQ","vp":"863x1299","ds":"848x5315","vid":"3","sid":"87c18fc8-2055-4ec4-8ad6-fff64081c2f3","duid":"5f06dbb0-a893-472b-b61a-7844032ab3d6","refr":"https://docs.snowplowanalytics.com/","url":"https://docs.snowplowanalytics.com/docs/send-test-events-to-your-pipeline/","stm":"1626182778194"}]}'
DavidWells commented 3 years ago

Interesting...

This plugin is really just loading the https://cdn.secta.ai/3.1.1/q4E5lh.js script https://github.com/DavidWells/analytics/blob/a7bf790f23febd68d5f45926384c7d64df4336b3/packages/analytics-plugin-snowplow/src/browser.js#L90 and mapping calls to thee underlying snowplow SDK.

It's possible this forceSecureTracker setting doesn't exist on the snowplow tracker version you are using (v3) https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/javascript-trackers/browser-tracker/browser-tracker-v3-reference/tracker-setup/initialization-options/ I don't see that in their docs

markojak commented 3 years ago

Thanks @DavidWells So the "protocol" flag is a parameter for the plug-in and anything under trackerSettings {} is just passed to the JavaScript tracker being loaded?

If protocol is 'https' what is that then forcing?

markojak commented 3 years ago

Hi @DavidWells let's go ahead and close this ticket. The issue is that the tracker defaults to the same protocol as the page that is loading the tracker

This means if we load the tracker in development environments it will send events over HTTP Post

https://github.com/snowplow/snowplow/wiki/1-General-parameters-for-the-Javascript-tracker#2213-setting-the-event-request-protocol

As also described it looks like forceSecure is no longer used in v3 -

Wavfact commented 3 years ago

I too have this issue.. tried using forceSecure and potocol and still sends to http from my local development environment.. Our SP instance is on AWS and only has https.. My local is not running https.. Forcing to use the calling protocol makes this package useless unfortunately.. All browsers are forcing https these days, why wouldn't you allow us to change to https?

markojak commented 3 years ago

This is a Snowplow issue not an Analytics issue. ForceSecureTracker is a Snowplow thing as @DavidWells commented.

You can run your local with HTTPS using something like tunnelto.dev (I'm using this now to test local Snowplow)

Without this I anyways get a CORS error from Snowplow