You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
BugFor errors / faults / flaws / inconsistencies etc.MajorIndicates the severity or impact or benefit of an issue is much higher than normal but not critical.
I think I found a bug in the tracker which affects every user. One of my customers wondered about having single Visitors who have actions with different IP adresses at peak hours.
After searching for a possible issue in the visitor recognition, I think I found the issue - it occurs, when visitors with the same userAgent / OS / Browserfeatures (which pretty much applies to every iPad / iPhone with the same iOS) accesses a page at the same second. These visits will all get the same visitor-ID. The cause of that can be found in piwik.js line 1489 (version 06ac8c0). This is because the IP-Address (or anonymized IP or any other unique salt) is not part of the hashing function, only userAgent,platform,features and the timestamp (in seconds). It is hard to track down in the stats, but this could be a quite big error in every piwik instance with more than one visitor per second
Can anybody confirm this?
possible fixes - "nowTs" should be replaced by something like "nowTsMs", a millisecond timestamp to reduce collisions. But this is not ideal, because there are instances with 200 and more visitors per second, so there will be collisions again
-> random salt
The text was updated successfully, but these errors were encountered:
BugFor errors / faults / flaws / inconsistencies etc.MajorIndicates the severity or impact or benefit of an issue is much higher than normal but not critical.
report from Peter:
I think I found a bug in the tracker which affects every user. One of my customers wondered about having single Visitors who have actions with different IP adresses at peak hours.
After searching for a possible issue in the visitor recognition, I think I found the issue - it occurs, when visitors with the same userAgent / OS / Browserfeatures (which pretty much applies to every iPad / iPhone with the same iOS) accesses a page at the same second. These visits will all get the same visitor-ID. The cause of that can be found in piwik.js line 1489 (version 06ac8c0). This is because the IP-Address (or anonymized IP or any other unique salt) is not part of the hashing function, only userAgent,platform,features and the timestamp (in seconds). It is hard to track down in the stats, but this could be a quite big error in every piwik instance with more than one visitor per second
Can anybody confirm this?
possible fixes - "nowTs" should be replaced by something like "nowTsMs", a millisecond timestamp to reduce collisions. But this is not ideal, because there are instances with 200 and more visitors per second, so there will be collisions again
-> random salt
The text was updated successfully, but these errors were encountered: