[Feature suggestion] hash or obfuscate id as optional #9975
Description
Hi guys,
I'm PHP developer too and on my public url I like to protect url when have id as below.
https://my.domain/product/1/laptop-dell = open id
https://my.domain/product/514cdi42/laptop-dell = hash id
I think that is good idea to implement this on piwik as optional, if you enable hash public id, public ID will be hased, otherswide not, as below.
Open
<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
_paq.push(["setDomains", ["*.my.domain"]]);
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//analytics.my.domain/";
_paq.push(['setTrackerUrl', u+'piwik.php']);
_paq.push(['setSiteId', 1]);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<noscript><p><img src="//analytics.my.domain/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->
<!-- Piwik Image Tracker-->
<img src="https://analytics.my.domain/piwik.php?idsite=1&rec=1" style="border:0" alt="" />
<!-- End Piwik -->Hashed
<!-- Piwik -->
<script type="text/javascript">
var _paq = _paq || [];
_paq.push(["setDomains", ["*.my.domain"]]);
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//analytics.my.domain/";
_paq.push(['setTrackerUrl', u+'piwik.php']);
_paq.push(['setSiteId', 'laHquq']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'piwik.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<noscript><p><img src="//analytics.my.domain/piwik.php?idsite=laHquq" style="border:0;" alt="" /></p></noscript>
<!-- End Piwik Code -->
<!-- Piwik Image Tracker-->
<img src="https://analytics.my.domain/piwik.php?idsite=laHquq&rec=1" style="border:0" alt="" />
<!-- End Piwik -->On my project I'm using hashids php library and I'm like this lib a lot because is possible to hash and unhash id without problems.
What you think guys, is a good security implementation to reduce attack attempts and improve more security? Let's discuss.