Closed diosmosis closed 6 years ago
Re cookies:
The proxy will just forward the set-cookie header, so the cookies will be associated w/ the tracker-proxy domain. So as long as tracking is done through the tracker-proxy domain, it will receive the ignore cookie. (Tested locally via /etc/hosts).
Also checked to see what will happen if the cookie_domain
INI config option is set, and it doesn't apply to the ignore cookie (it's never created w/ a domain).
Updated to check $_GET
/$_POST
w/o merging the arrays + check for absent module/action.
@diosmosis @mattab see my comments in https://github.com/matomo-org/tracker-proxy/issues/29
There are 2 problems:
If the proxy is communicating with matomo instance which is secured (https://) from an unsecured site (http://), matomo tries to set the PIWIK_SESSID
cookie for the secured site which is not available for the unsecured one. The iframe is displayed correctly, but clicking on the checkbox does not set the piwik_ignore
cookie.
The opt-out iframe only works if it is able to set the PIWIK_SESSID
cookie, which is in my case undesired as I'd like to work without any matomo cookies, besides of the piwik_ignore
cookie.
Opt out should also be possible with a simple cookie piwik_ignore
with value ignore
or similar, so we wouldn't need any special value for the opt out to work. We could also ommit the complete opt out proxy as a simple php file is sufficient which sets or deletes the cookie for the current domain.
Updated to support http proxy => https matomo.
Opt out should also be possible with a simple cookie piwik_ignore with value ignore or similar, so we wouldn't need any special value for the opt out to work. We could also ommit the complete opt out proxy as a simple php file is sufficient which sets or deletes the cookie for the current domain.
@level420 That's a good idea I think, but this would be a core change and improved in the opt-out iframe I believe. so maybe you can create an issue for this idea in https://github.com/matomo-org/matomo/issues ?
Changes:
matomo-proxy.php
endpoint that only allows proxying the optout method.handleHeaderLine()
to avoid obscure curl error.Cookie
header.Tested w/ fopen & curl.
Fixes #29