New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POST when using PiwikTracker instead of GET to prevent token_auth showing in access_log #43
Comments
Hi @c-prompt - thanks for the report. Would it be possible to create your suggestion in the issue tracker for PHP tracker? at https://github.com/matomo-org/matomo-php-tracker/ |
Apologies @mattab. I assume you just wanted the text from my comment on #7349 copy/pasted, correct (as #43 is already here)? Looking through my access_log recently reminded me of a comment @tsteur made in #14099:
I just noticed the token_auth is shown in access_logs anytime the PHP Tracking Web API client (Method 2: HTTP Request) is used. For example, I see a bunch of these in my access_log:
According to Tracking HTTP API:
However, it's not clear how to send these via POST when using PiwikTracker (instead of CURL). I haven't dug into Matomo's code but shouldn't the PiwikTracker be using POST so the token_auth doesn't show up? Is there a way to force PiwikTracker to use POST? Here's some basic scrubbed code I'm using:
|
@c-prompt please ignore my last comment, you already created the issue in the right place :-) Thanks! |
Per:
Originally posted by @c-prompt in matomo-org/matomo#7349 (comment)
The text was updated successfully, but these errors were encountered: