Skip to content

Set a first-party cookie when user opts out of tracking #15184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 23 commits into from
Dec 31, 2019
Merged

Set a first-party cookie when user opts out of tracking #15184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
5c568cc
First cut at managing opt-out status with a first-party cookie
Nov 18, 2019
1366b00
Send initial state from parent window to iframe once it has loaded
Nov 20, 2019
71a91c9
Tidying up
Nov 21, 2019
c33c0ad
PR changes
Nov 27, 2019
55b5192
Don't send message to iframes other than the intended target
Nov 27, 2019
4040bb7
Check that messages came from expected origin before changing the coo…
Nov 28, 2019
91fd341
Initial JS test for first-party optout cookie
Dec 1, 2019
0fe7416
Push broken unit tests for review
Dec 2, 2019
8dc76f1
Final JS test for optout cookie
Dec 3, 2019
e60e686
Check cookie before sending tracking requests
Dec 3, 2019
bba7d8b
Fix refreshConsentStatus() and add tests
Dec 4, 2019
0db3aee
Initialize configHasConsent with value of third-party optout cookie
Dec 15, 2019
a70f220
Merge remote-tracking branch 'origin/3.x-dev' into 14395-optout-clien…
Dec 15, 2019
e2ff848
Check for potential error conditions in the optout iframe
Dec 16, 2019
c27d964
Fix JSLint errors
Dec 16, 2019
14b1f27
I18n for optout iframe error messages
Dec 17, 2019
2582396
starting to add some fixes and tests
tsteur Dec 22, 2019
e5c7891
some tweaks backing up code
tsteur Dec 23, 2019
f3c5e6c
more fixes & improvements
tsteur Dec 23, 2019
3e8f58d
make sure dom is loaded when checking elements
tsteur Dec 23, 2019
03433c3
Merge branch '3.x-dev' into 14395-optout-clientside
tsteur Dec 31, 2019
c2c429d
update tracker
tsteur Dec 31, 2019
71efd7e
fix jslint test
tsteur Dec 31, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion core/Tracker/IgnoreCookie.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ public static function setIgnoreCookie()
$ignoreCookie->delete();
} else {
$ignoreCookie->set('ignore', '*');
$ignoreCookie->save();
$ignoreCookie->save('None');
}

self::deleteThirdPartyCookieUIDIfExists();
Expand Down
122 changes: 116 additions & 6 deletions js/piwik.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -961,10 +961,10 @@ if (typeof JSON_PIWIK !== 'object' && typeof window.JSON === 'object' && window.
shift, unshift, piwikAsyncInit, piwikPluginAsyncInit, frameElement, self, hasFocus,
createElement, appendChild, characterSet, charset, all,
addEventListener, attachEvent, removeEventListener, detachEvent, disableCookies,
cookie, domain, readyState, documentElement, doScroll, title, text,
cookie, domain, readyState, documentElement, doScroll, title, text, contentWindow, postMessage,
location, top, onerror, document, referrer, parent, links, href, protocol, name, GearsFactory,
performance, mozPerformance, msPerformance, webkitPerformance, timing, requestStart,
responseEnd, event, which, button, srcElement, type, target,
responseEnd, event, which, button, srcElement, type, target, data,
parentNode, tagName, hostname, className,
userAgent, cookieEnabled, sendBeacon, platform, mimeTypes, enabledPlugin, javaEnabled,
XMLHttpRequest, ActiveXObject, open, setRequestHeader, onreadystatechange, send, readyState, status,
Expand All @@ -975,6 +975,7 @@ if (typeof JSON_PIWIK !== 'object' && typeof window.JSON === 'object' && window.
exec, success, trackerUrl, isSendBeacon, xhr,
res, width, height,
pdf, qt, realp, wma, dir, fla, java, gears, ag, showModalDialog,
maq_initial_value, maq_opted_in, maq_optout_by_default, maq_url,
initialized, hook, getHook, resetUserId, getVisitorId, getVisitorInfo, setUserId, getUserId, setSiteId, getSiteId, setTrackerUrl, getTrackerUrl, appendToTrackingUrl, getRequest, addPlugin,
getAttributionInfo, getAttributionCampaignName, getAttributionCampaignKeyword,
getAttributionReferrerTimestamp, getAttributionReferrerUrl,
Expand All @@ -986,13 +987,13 @@ if (typeof JSON_PIWIK !== 'object' && typeof window.JSON === 'object' && window.
setReferrerUrl, setCustomUrl, setAPIUrl, setDocumentTitle, getPiwikUrl, getCurrentUrl,
setDownloadClasses, setLinkClasses,
setCampaignNameKey, setCampaignKeywordKey,
getConsentRequestsQueue, requireConsent, getRememberedConsent, hasRememberedConsent, setConsentGiven,
rememberConsentGiven, forgetConsentGiven, unload, hasConsent,
getConsentRequestsQueue, requireConsent, getRememberedConsent, hasRememberedConsent, isConsentRequired,
setConsentGiven, rememberConsentGiven, forgetConsentGiven, unload, hasConsent,
discardHashTag, alwaysUseSendBeacon,
setCookieNamePrefix, setCookieDomain, setCookiePath, setSecureCookie, setVisitorIdCookie, getCookieDomain, hasCookies, setSessionCookie,
setVisitorCookieTimeout, setSessionCookieTimeout, setReferralCookieTimeout, getCookie, getCookiePath, getSessionCookieTimeout,
setConversionAttributionFirstReferrer, tracker, request,
disablePerformanceTracking, setGenerationTimeMs,
disablePerformanceTracking, setGenerationTimeMs, maq_confirm_opted_in,
doNotTrack, setDoNotTrack, msDoNotTrack, getValuesFromVisitorIdCookie,
enableCrossDomainLinking, disableCrossDomainLinking, isCrossDomainLinkingEnabled, setCrossDomainLinkingTimeout, getCrossDomainLinkingUrlParameter,
addListener, enableLinkTracking, enableJSErrorTracking, setLinkTrackingTimer, getLinkTrackingTimer,
Expand Down Expand Up @@ -3811,10 +3812,23 @@ if (typeof window.Piwik !== 'object') {
callback();
}

/*
* Check first-party cookies and update the <code>configHasConsent</code> value. Ensures that any
* change to the user opt-in/out status in another browser window will be respected.
*/
function refreshConsentStatus() {
if (getCookie(CONSENT_REMOVED_COOKIE_NAME)) {
configHasConsent = false;
} else if (getCookie(CONSENT_COOKIE_NAME)) {
configHasConsent = true;
}
}

/*
* Send request
*/
function sendRequest(request, delay, callback) {
refreshConsentStatus();
if (!configHasConsent) {
consentRequestsQueue.push(request);
return;
Expand Down Expand Up @@ -7468,6 +7482,16 @@ if (typeof window.Piwik !== 'object') {
});
};

/**
* Returns whether consent is required or not.
*
* @returns boolean
*/
this.isConsentRequired = function()
{
return configConsentRequired;
};

/**
* If the user has given consent previously and this consent was remembered, it will return the number
* in milliseconds since 1970/01/01 which is the date when the user has given consent. Please note that
Expand Down Expand Up @@ -7706,6 +7730,91 @@ if (typeof window.Piwik !== 'object') {
// initialize the Piwik singleton
addEventListener(windowAlias, 'beforeunload', beforeUnloadHandler, false);

window.addEventListener('message', function(e) {
if (!e || !e.origin) {
return;
}

var tracker, i, matomoHost;
var originHost = getHostName(e.origin);

var trackers = Piwik.getAsyncTrackers();
for (i = 0; i < trackers.length; i++) {
matomoHost = getHostName(trackers[i].getPiwikurl(""));

// find the matching tracker
if (matomoHost === originHost) {
tracker = trackers[i];
break;
}
}

if (!tracker) {
// no matching tracker
// Don't accept the message unless it came from the expected origin
return;
}

var data = null;
try {
data = JSON.parse(e.data);
} catch (ex) {
return;
}

if (!data) {
return;
}

function postMessageToCorrectFrame(postMessage){
// Find the iframe with the right URL to send it back to
var iframes = documentAlias.getElementsByTagName('iframe');
for (i = 0; i < iframes.length; i++) {
var iframe = iframes[i];
var iframeHost = getHostName(iframe.src);

if (iframe.contentWindow && isDefined(iframe.contentWindow.postMessage) && iframeHost === originHost) {
var jsonMessage = JSON.stringify(postMessage);
iframe.contentWindow.postMessage(jsonMessage, '*');
}
}
}

// This listener can process two kinds of messages
// 1) maq_initial_value => sent by optout iframe when it finishes loading. Passes the value of the third
// party opt-out cookie (if set) - we need to use this and any first-party cookies that are present to
// initialise the configHasConsent value and send back the result so that the display can be updated.
// 2) maq_opted_in => sent by optout iframe when the user changes their optout setting. We need to update
// our first-party cookie.
if (isDefined(data.maq_initial_value)) {
// Make a message to tell the optout iframe about the current state

postMessageToCorrectFrame({
maq_opted_in: data.maq_initial_value && tracker.hasConsent(),
maq_url: tracker.getPiwikurl(""),
maq_optout_by_default: tracker.isConsentRequired()
});
} else if (isDefined(data.maq_opted_in)) {
// perform the opt in or opt out...
trackers = Piwik.getAsyncTrackers();
for (i = 0; i < trackers.length; i++) {
tracker = trackers[i];
if (data.maq_opted_in) {
tracker.rememberConsentGiven();
} else {
tracker.forgetConsentGiven();
}
}

// Make a message to tell the optout iframe about the current state
postMessageToCorrectFrame({
maq_confirm_opted_in: tracker.hasConsent(),
maq_url: tracker.getPiwikurl(""),
maq_optout_by_default: tracker.isConsentRequired()
});
}
});

Date.prototype.getTimeAlias = Date.prototype.getTime;

/************************************************************
Expand Down Expand Up @@ -7935,7 +8044,8 @@ if (typeof window.Piwik !== 'object') {
apply(missedCalls[i]);
}
}
};

};

// Expose Piwik as an AMD module
if (typeof define === 'function' && define.amd) {
Expand Down
Loading