Page MenuHomePhabricator

[ClickTracking] cookie persistence after logout
Closed, ResolvedPublic

Description

Author: M8R-udfkkf

Description:
The "clicktracking-session" cookie on the en-wiki remains the same before (anonymous), during (logged in), and after logout. This allows the tracking of a user after logout until they have cleared their cookies. It also allows the correlation of logins from "different" users in the same browser session.

The clicktracking-cookie should also be listed in privacy policy:
https://wikimediafoundation.org/wiki/Privacy_policy

For how long is clicktracking data kept and what is its purpose (wikipedia doesn't have advertising...so for whom are the analytics)?


Version: unspecified
Severity: normal

Details

Reference
bz34794

Event Timeline

bzimport raised the priority of this task from to Low.Nov 22 2014, 12:11 AM
bzimport set Reference to bz34794.

Diederik, could you look into this one?

M8R-udfkkf wrote:

Any progress? It's not hard to fix...just delete the cookie on logout along with the other cookies.