Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Brave Browser with Cookie Livetime max 7 days #20591

Open
Metis77 opened this issue Apr 15, 2023 · 4 comments
Open

Brave Browser with Cookie Livetime max 7 days #20591

Metis77 opened this issue Apr 15, 2023 · 4 comments
Labels
c: Privacy For issues that impact or improve the privacy. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. Needs priority decision This issue may need to be added to the current milestone by Product Manager triaged

Comments

@Metis77
Copy link

Metis77 commented Apr 15, 2023

The cookie "mtm_consent_removed" is set to expire in 7 days, instead of 30years.

This is because Brave Browser allows for JS Cookies a max expire time of 7 days.
For HTTP Cookies 180 days are allowed.

This is confirmed by Brave here: https://community.brave.com/t/cookie-max-age-too-short/466612/9
This "issue" is still present.

Summary

Maybe there is any way to set HTTP Cookies, as they are allowed for a longer livetime.
180 Days in Brave Browser.
@Metis77 Metis77 added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. To Triage An issue awaiting triage by a Matomo core team member labels Apr 15, 2023
@bx80
Copy link
Contributor

bx80 commented Apr 18, 2023

Hi @Metis77, thanks for reporting this.

All the cookies set by the Matomo JavaScript tracker are going to be JS cookies, setting an HTTP cookie from the JavaScript tracker isn't possible at this time.

The Matomo PHP Tracker will set HTTP/S cookies and could be a good alternative to work around this. Additionally Cookie-less tracking should also work.

This probably isn't going to be something we address in the short term, but I'll add this ticket to the backlog for further consideration and discussion. It may be a case of specifically detecting browsers with limited cookie capability and treating them as if cookies were disabled.
@bx80 bx80 removed the To Triage An issue awaiting triage by a Matomo core team member label Apr 18, 2023
@bx80 bx80 added this to the Backlog (Help wanted) milestone Apr 18, 2023
@Metis77
Copy link
Author

Metis77 commented Apr 18, 2023
edited
Loading

Additionally Cookie-less tracking should also work.

I found this while implementing the opt-out.
So this is more about not tracking, instead of tracking.

While I am aware, that this behavior is caused by Brave Browser, not allowing JS cookies to live longer than 7 days, this could still lead to some legal problems.
@bx80
Copy link
Contributor

bx80 commented Apr 18, 2023

That's a good point @Metis77 👍

Opting out and then being automatically opted back in a week later because Brave Browser has deleted the JS 'consent removed' cookie is definitely problematic. I'll bump the priority so the product team can review this.
@bx80 bx80 added the Needs priority decision This issue may need to be added to the current milestone by Product Manager label Apr 18, 2023
@tsteur tsteur added the c: Privacy For issues that impact or improve the privacy. label Apr 22, 2023
@innocraft-automation innocraft-automation removed this from the For Prioritization milestone Sep 13, 2024
@randy-innocraft
Copy link

Hi @Metis77. Thank you for creating the issue and bringing this to our attention, that's very appreciated. We have reviewed and triaged the problem internally, and we have confirmed it is an issue. Our team will prioritise this, and we will update you on the progress here when we have an update to share. If you have any further information or questions, please feel free to add them here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c: Privacy For issues that impact or improve the privacy. Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. Needs priority decision This issue may need to be added to the current milestone by Product Manager triaged
5 participants
@tsteur @Metis77 @bx80 @innocraft-automation @randy-innocraft