Page MenuHomePhabricator
Create Task
Maniphest T290014

Source geolocation directly rather than using IP in schema
Open, MediumPublic
Actions

Description

With discussion on https://phabricator.wikimedia.org/T288853 and https://gerrit.wikimedia.org/r/c/mediawiki/extensions/EventBus/+/713526, it's worth exploring whether we can source geolocation directly using existing APIs or cookies available to clients (app and web), rather than passing the user IP in some way to the backend, where it is looked up in the geolocation database.

This would mean that when writing schemas or setting up streams, users would specify that they want the 'location' and not the 'ip', since in practice ip is exclusively used for determining geolocation today.

Related Objects

Event Timeline

jlinehan created this task.Aug 30 2021, 3:40 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 30 2021, 3:40 PM
Ottomata mentioned this in T287121: Add geolocation information to Growth schemas.Aug 30 2021, 5:05 PM
Ottomata added a subscriber: Tgr.EditedAug 30 2021, 5:08 PM

Responding to @Tgr's question from T287121: Add geolocation information to Growth schemas:

@Krinkle pointed out on https://gerrit.wikimedia.org/r/c/mediawiki/extensions/EventBus/+/713526 that collecting IPs when we only need high-level geolocation is unnecessarily privacy-invasive. It's possible to collect geodata manually, but adding that for five different schemas is a bit of a chore - @Ottomata is there any chance that will be supported in the foreseeable future? (Ie. a fragment similar to #client_ip that results in the geolocation data, but not the IP, being automatically added in the refine step)

IIRC, there is a limited geolocation http header that is set by varnish (I don't remember the name of the header). Instrumentation code could just set that in http.request_headers['X-Geolocation'] (or whatever the header name is), since http.request_headers is a map type field and would not require schema changes.

This wouldn't be automated though, instrumentation code would do it. Would that work?

Krinkle added a comment.Aug 30 2021, 5:56 PM
In T290014#7319476, @Ottomata wrote:

This wouldn't be automated though, instrumentation code would do it. Would that work?

Depends on the definition of "instrumentation code". To me that means client-side JS calling mw.eventLog or PHP code.

By the way, to my knowledge, most schemas using Geo already do (and have for years) on the instrumentation side, as explicit part of the event object by sending it as one of keys, with a value read from the Geo cookie.

If I understand correctly, you (plural) are suggesting not to adopt this in the newer schemas that started capturing IP addresses instead, but rather leapfrog to a more automated injection. Essentially magically adding it to the data within the event-intake service or some later processing step for schemas that ask for it. I'd support that. I suppose we'd have to make sure that this information is indeed reliably available for the eventgate beacon requests given that it no longer uses a wiki domain (and thus not get as much of the text-lb/varnish treatment).

Ottomata added a comment.Aug 30 2021, 6:34 PM

Oh, it's a cookie?

GeoIP=US:NY:Brooklyn:40.70:-73.97:v4;

https://wikitech.wikimedia.org/wiki/Geolocation

I guess we'd want a similar field for cookie values we want to collect then?

Ottomata added a comment.Aug 30 2021, 6:36 PM

Depends on the definition of "instrumentation code". To me that means client-side JS calling mw.eventLog or PHP code.

Yes, whatever constructs the event.

event.http.cookies['GeoIP'] = getCookie('GeoIP');
odimitrijevic triaged this task as Medium priority.Sep 2 2021, 5:02 PM
odimitrijevic moved this task from Incoming to Event Platform on the Analytics board.
odimitrijevic added a project: Event-Platform.
nettrom_WMF mentioned this in T288853: Migrated Server-side EventLogging events recording http.client_ip as 127.0.0.1 .Sep 13 2021, 6:52 PM
Tgr mentioned this in T292039: Client errors should not log IP address.Sep 29 2021, 1:56 AM
Aklapper added a project: Data-Engineering.Feb 9 2023, 8:19 PM
EChetty edited projects, added Data-Engineering-Planning; removed Data-Engineering.Feb 10 2023, 12:38 PM
EChetty moved this task from Backlog to Event Platform on the Data-Engineering-Planning board.Feb 10 2023, 12:46 PM
kostajh subscribed.Jun 22 2023, 10:02 AM
JArguello-WMF removed a project: Data-Engineering-Planning.Jun 29 2023, 9:50 PM
Restricted Application added a project: Data-Engineering. · View Herald TranscriptJun 29 2023, 9:50 PM
JArguello-WMF moved this task from Incoming (new tickets) to Event Platform Backlog on the Data-Engineering board.Jun 29 2023, 10:34 PM
JArguello-WMF added a project: Data Engineering and Event Platform Team.Jun 30 2023, 4:30 PM
JArguello-WMF moved this task from Data Eng Backlog to Event Platform Backlog on the Data Engineering and Event Platform Team board.Jun 30 2023, 4:38 PM
phuedx moved this task from Backlog to Schema improvements on the Metrics Platform Backlog board.Jul 31 2023, 1:47 PM
phuedx moved this task from Schema improvements to Client improvements on the Metrics Platform Backlog board.Aug 15 2023, 2:32 PM
Ottomata moved this task from Backlog to Radar on the Event-Platform board.Oct 3 2023, 4:38 PM
SBisson subscribed.Oct 13 2023, 12:45 PM
lbowmaker removed a project: Data Engineering and Event Platform Team.Nov 10 2023, 2:29 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits