Add index.php to proxy opt out HTTP requests + fix regressions in curl support.

matomo-org / tracker-proxy

HTTP proxy for Matomo's tracker API. This script allows to track websites with Matomo without revealing to your visitors the secret Matomo server URL.

http://matomo.org/faq/how-to/faq_132/

GNU General Public License v3.0

151 stars 46 forks source link

Add index.php to proxy opt out HTTP requests + fix regressions in curl support. #37

Closed diosmosis closed 6 years ago

diosmosis commented 6 years ago

Changes:

Add matomo-proxy.php endpoint that only allows proxying the optout method.
Return correct value in handleHeaderLine() to avoid obscure curl error.
The curl HTTP header option requires an array not a string, so give it one.
Forward the Cookie header.
Tests for index.php.
Blurb in readme about proxying the opt-out form.

Tested w/ fopen & curl.

Fixes #29

diosmosis commented 6 years ago

Re cookies:

The proxy will just forward the set-cookie header, so the cookies will be associated w/ the tracker-proxy domain. So as long as tracking is done through the tracker-proxy domain, it will receive the ignore cookie. (Tested locally via /etc/hosts).

Also checked to see what will happen if the cookie_domain INI config option is set, and it doesn't apply to the ignore cookie (it's never created w/ a domain).

diosmosis commented 6 years ago

Updated to check $_GET/$_POST w/o merging the arrays + check for absent module/action.

level420 commented 6 years ago

@diosmosis @mattab see my comments in https://github.com/matomo-org/tracker-proxy/issues/29

There are 2 problems:

If the proxy is communicating with matomo instance which is secured (https://) from an unsecured site (http://), matomo tries to set the PIWIK_SESSID cookie for the secured site which is not available for the unsecured one. The iframe is displayed correctly, but clicking on the checkbox does not set the piwik_ignore cookie.
The opt-out iframe only works if it is able to set the PIWIK_SESSID cookie, which is in my case undesired as I'd like to work without any matomo cookies, besides of the piwik_ignore cookie.
Opt out should also be possible with a simple cookie piwik_ignore with value ignore or similar, so we wouldn't need any special value for the opt out to work. We could also ommit the complete opt out proxy as a simple php file is sufficient which sets or deletes the cookie for the current domain.

diosmosis commented 6 years ago

Updated to support http proxy => https matomo.

mattab commented 6 years ago

Opt out should also be possible with a simple cookie piwik_ignore with value ignore or similar, so we wouldn't need any special value for the opt out to work. We could also ommit the complete opt out proxy as a simple php file is sufficient which sets or deletes the cookie for the current domain.

@level420 That's a good idea I think, but this would be a core change and improved in the opt-out iframe I believe. so maybe you can create an issue for this idea in https://github.com/matomo-org/matomo/issues ?