Details
-
Bug
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
Description
The tracking cookie set by ezreco and odoscope installations is shared between all siteaccesses using the same domain name.
This is not correct when url-based siteaccess matching is used, as there might be subtle bugs introduced:
- user visits siteaccess A
- he gets a tracking cookie
- user visits siteaccess B
- tracking cookie gets changed
- user goes to site A again => tracked as different user
Attachments
Issue Links
- relates to
-
EZP-22005 REST API: when using sessions, is_logged_in cookie is always set for top-level domain, not for site root dir
- Closed