Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Matomo unique ID cookie _pk_id is set, even if no consent has been given yet #35

Open
fredvd opened this issue Dec 6, 2024 · 1 comment
Open

Matomo unique ID cookie _pk_id is set, even if no consent has been given yet #35

fredvd opened this issue Dec 6, 2024 · 1 comment

Comments

@fredvd
Copy link

fredvd commented Dec 6, 2024

I suspect this is an issue in the datapunt/matomo-tracker.js library or how we call the tracker module in the addon:

volto-dsgvo-banner/package.json

Line 81 in d15ce58

"@datapunt/matomo-tracker-js": "0.5.1",

Even if the confirm_tracking cookie has not been set, on initial load of the dsgvo add'on, a unique Matomo _pk_id cookie is set. The pageview tracking does not occur, but addblockers like ghostery are already responding on the setCookie (we got a complaint from a visitor on the client project using volto-dsgvo-banner.

I think the problem in here, where the tracker is always initialised and immediately sets the cookie. But I'm a bit wary with my state management/hooks knowledge in React, would it be safe here to move the tracker initialiasation in the useEffect? Or will that mess up the state as the tracker object is also in the useEffect variables array.

volto-dsgvo-banner/src/components/Banner/Matomo.jsx

Lines 6 to 22 in d15ce58

const Matomo = ({ matomoTracker }) => {
const [cookies] = useCookies();
const confirmTracking = !!Number(cookies.confirm_tracking);
let tracker;
if (__CLIENT__) {
tracker = new matomoTracker.default({
urlBase: config.settings.DSGVOBanner.tracker.urlBase,
siteId: config.settings.DSGVOBanner.tracker.id,
});
}
useEffect(() => {
if (confirmTracking) {
tracker.trackPageView();
}
}, [tracker, confirmTracking]);

The matomo-tracker-js readme mentions a separate subkey 'configurations' where you can disable setting cookies. But as soon as a visitor does give consent, you'd want to enable it again. Maybe it is enough to add disableCookes as an option to the tracker initialisation as long as consent hasn't been given.

https://www.npmjs.com/package/@datapunt/matomo-tracker-js
@fredvd fredvd mentioned this issue Dec 6, 2024
Open
@fredvd
Copy link
Author

fredvd commented Dec 8, 2024
edited
Loading

@sneridagh @danalvrz So the issue with the current Matomo integration in volto-dsgvo-banner is that the tracker object that is created in the Matomo.jsx component with the code outlined above, by default sets a _pk_id client. By adding

  configurations: { // optional, default value: {}
    // any valid matomo configuration, all below are optional
    disableCookies: true,
     }

as an extra subkey to the new matomoTracker.default({}) call, I think this could be prevented. But I wonder if I end up in React StateHelll.

Becaue I would need to change/recreate the matomoTracker object with 'disableCookies: false' as soon as confirmTracking becomes True. And the reverse if consent is withdrawn for tracking. and the tracking object is part of the useEffect array. How can I set this us correctly without hurting my brain?

fredvd added a commit that referenced this issue Dec 9, 2024
@fredvd
Only create Matomo Tracker instance if confirm_tracking cookie has be…
680fd08 
…en set (#35)
@fredvd fredvd mentioned this issue Dec 9, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fredvd