[Piwik-hackers] Domains are not checked (bug or intended behaviour) / Function of site URLs

Patrick Joyce patrick at sandwichboard.com
Thu Jul 17 02:03:20 CEST 2008 

I think these are two separate issues.

Elmar is stating that if you put the tracking code for a website with
main_url of abc.com on another site xyz.com then Piwik will still
count the visit. Elmar thinks that visits should only be counted if
the request is from a page on   the main_url or one of the alias_urls.

Matthieu is talking about an issue with properly tracking referrers.
Basically, he is saying that a referral from the site itself should
count as direct entry.

I think that they're both valid issues that should be resolved. If I
get some free time I'll take a look at submitting a patch, but I don't
know when that will be.

- Patrick Joyce

On Wed, Jul 16, 2008 at 7:45 PM, Matthieu Aubry
<matthieu.aubry at gmail.com> wrote:
>
> Hi,
> This is not a bug, but a "missing feature" :-) Because we know this
> needs to be implemented we already implemented the UI and DB part, but
> not the actual code to do the test.
> There is a related ticket http://dev.piwik.org/trac/ticket/9 "referer
> URLs with host registered as main_url or alias_url should NOT be counted
> as referer, they should instead be counted as "Direct entry".
>
> If you want to jump in, you're welcome to send us a patch!
>
> Elmar Weber wrote:
> > Hello,
> >
> > I don't know if the following is intended behaviour or I get something
> > wrong, therefore I post it to the list instead of directly as a bug.
> >
> > What function do the URLs of a site have? For me it looked like they are
> > used to filter valid domains, i.e. hindering someone from just snipping
> > the Piwik JS code on another domain and wreak havoc with the statistics.
> > Or in a more simpler scenario: to exclude test installations of a site
> > from the statistics.
> >
> > However, in the current version this is not what is done, every access
> > is counted as a visit, even if it occurred from a non-listed domain.
> >
> > Is this intended? If so, isn't this a (major) security problem? And is
> > there are way to limit the statistics to certain URLs in the current
> > version?
> >
> >
> > Thanks & ciao,
> > Elmar Weber
> >
> >
> _______________________________________________
> Piwik-hackers mailing list
> Piwik-hackers at piwik.org
> http://lists.piwik.org/cgi-bin/mailman/listinfo/piwik-hackers

More information about the Piwik-hackers mailing list