user tracking cookie scheme needs deployment
Bug #343776 reported by
samuel-archive
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| petabox |
New
|
Undecided
|
Unassigned | ||
Bug Description
the other day we figured out a sane scheme for doing user tracking on www.a.o:
issue users a longlived cookie 'archive-
log that cookie with requests at apache level
have log-hide-ip.pl apply the same ip hiding logic it applies to ip #s to the cookie value
put the randomized user cookie in the log file on disk
if we use a global daily rotated key, than we can do sitewide user deduping, and get a count of
browser visits per day
to do this we need:
cookie setting logic
enhanced log-hide-ip.pl to handle cookie fields
apache config that logs user cookies
deployment of key rotation scheme
To post a comment you must log in.
