Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Partitioned cookie flag #22278

Open
wants to merge 1 commit into
base: 5.x-dev
Choose a base branch
from
Open

Support for Partitioned cookie flag #22278

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 36 additions & 11 deletions js/piwik.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2349,6 +2349,9 @@ if (typeof window.Matomo !== 'object') {
// Whether to use "Secure" cookies that only work over SSL
configCookieIsSecure = false,

// Set Partitioned attribute for cookies
configCookieIsPartitioned = false,

// Set SameSite attribute for cookies
configCookieSameSite = 'Lax',

Expand Down Expand Up @@ -2520,7 +2523,7 @@ if (typeof window.Matomo !== 'object') {
/*
* Set cookie value
*/
function setCookie(cookieName, value, msToExpire, path, domain, isSecure, sameSite) {
function setCookie(cookieName, value, msToExpire, path, domain, isSecure, sameSite, isPartitioned) {
if (configCookiesDisabled && cookieName !== CONSENT_REMOVED_COOKIE_NAME) {
return;
}
Expand All @@ -2542,6 +2545,7 @@ if (typeof window.Matomo !== 'object') {
';path=' + (path || '/') +
(domain ? ';domain=' + domain : '') +
(isSecure ? ';secure' : '') +
(isPartitioned ? ';partitioned' : '') +
';SameSite=' + sameSite;

// check the cookie was actually set
Expand Down Expand Up @@ -3340,7 +3344,7 @@ if (typeof window.Matomo !== 'object') {

// for IE we want to actually set the cookie to avoid trigger a warning eg in IE see #11507
var testCookieName = configCookieNamePrefix + 'testcookie';
setCookie(testCookieName, '1', undefined, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(testCookieName, '1', undefined, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);

var hasCookie = getCookie(testCookieName) === '1' ? '1' : '0';
deleteCookie(testCookieName);
Expand Down Expand Up @@ -3664,7 +3668,7 @@ if (typeof window.Matomo !== 'object') {
var cookieValue = visitorIdCookieValues.uuid + '.' +
visitorIdCookieValues.createTs + '.';

setCookie(getCookieName('id'), cookieValue, getRemainingVisitorCookieTimeout(), configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(getCookieName('id'), cookieValue, getRemainingVisitorCookieTimeout(), configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
}

/*
Expand Down Expand Up @@ -3705,7 +3709,7 @@ if (typeof window.Matomo !== 'object') {
{
var testCookieName = configCookieNamePrefix + 'testcookie_domain';
var valueToSet = 'testvalue';
setCookie(testCookieName, valueToSet, 10000, null, domainToTest, configCookieIsSecure, configCookieSameSite);
setCookie(testCookieName, valueToSet, 10000, null, domainToTest, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);

if (getCookie(testCookieName) === valueToSet) {
deleteCookie(testCookieName, null, domainToTest);
Expand Down Expand Up @@ -3769,7 +3773,7 @@ if (typeof window.Matomo !== 'object') {
* Creates the session cookie
*/
function setSessionCookie() {
setCookie(getCookieName('ses'), '1', configSessionCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(getCookieName('ses'), '1', configSessionCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
}

function generateUniqueId() {
Expand Down Expand Up @@ -3971,7 +3975,7 @@ if (typeof window.Matomo !== 'object') {
purify(referralUrl.slice(0, referralUrlMaxLength))
];

setCookie(cookieReferrerName, windowAlias.JSON.stringify(attributionCookie), configReferralCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(cookieReferrerName, windowAlias.JSON.stringify(attributionCookie), configReferralCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
}
}

Expand Down Expand Up @@ -4125,7 +4129,7 @@ if (typeof window.Matomo !== 'object') {
}

if (configStoreCustomVariablesInCookie) {
setCookie(cookieCustomVariablesName, windowAlias.JSON.stringify(customVariables), configSessionCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(cookieCustomVariablesName, windowAlias.JSON.stringify(customVariables), configSessionCookieTimeout, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
}
}

Expand Down Expand Up @@ -6197,7 +6201,7 @@ if (typeof window.Matomo !== 'object') {

configCookiesToDelete.push(cookieName);

setCookie(getCookieName(cookieName), cookieValue, msToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(getCookieName(cookieName), cookieValue, msToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
};

/**
Expand Down Expand Up @@ -6301,6 +6305,27 @@ if (typeof window.Matomo !== 'object') {
configCookieIsSecure = enable;
};

/**
* Enable the Partitioned cookie flag on all first party cookies.
* This should be used when your website is only available under HTTPS
* so that all tracking cookies are always sent over secure connection.
*
* Warning: If your site is available under http and https,
* setting this might lead to duplicate or incomplete visits.
*
* @param {boolean} enable
*/
this.setPartitionedCookie = function (enable) {
if(enable && location.protocol !== 'https:') {
logConsoleError("Error in setPartitionedCookie: You cannot use `Secure` on http.");
return;
}
if (location.protocol === 'https:') {
this.setSecureCookie(true);
}
configCookieIsPartitioned = enable;
};

/**
* Set the SameSite attribute for cookies to a custom value.
* You might want to use this if your site is running in an iframe since
Expand Down Expand Up @@ -6454,7 +6479,7 @@ if (typeof window.Matomo !== 'object') {
}
this.setCookieConsentGiven();
var now = new Date().getTime();
setCookie(COOKIE_CONSENT_COOKIE_NAME, now, hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(COOKIE_CONSENT_COOKIE_NAME, now, hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
};

/**
Expand Down Expand Up @@ -7373,7 +7398,7 @@ if (typeof window.Matomo !== 'object') {
// cookies should be automatically enabled or not.
this.setConsentGiven(setCookieConsent);
var now = new Date().getTime();
setCookie(CONSENT_COOKIE_NAME, now, hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(CONSENT_COOKIE_NAME, now, hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
};

/**
Expand All @@ -7395,7 +7420,7 @@ if (typeof window.Matomo !== 'object') {
}

deleteCookie(CONSENT_COOKIE_NAME, configCookiePath, configCookieDomain);
setCookie(CONSENT_REMOVED_COOKIE_NAME, new Date().getTime(), hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite);
setCookie(CONSENT_REMOVED_COOKIE_NAME, new Date().getTime(), hoursToExpire, configCookiePath, configCookieDomain, configCookieIsSecure, configCookieSameSite, configCookieIsPartitioned);
this.forgetCookieConsentGiven();
this.requireConsent();
};
Expand Down