our piwik-server “stats.example.com” tracks multiple websites “www.domain1.com”, “www.domain2.com”, etc.
Should all sites use the same opt-out iFrame (src=“stats.example.com/index.php…”)? If so, we get the following result:
When a visitor on “www.domain1.com” clicks the checkbox to opt out, he receives a piwik_ignore-Cookie from domain “stats.example.com”.
He then visits “www.domain2.com”, where the iFrame shows the message “You are currently opted out. Click here to opt in.”, even if the visitor did not click the checkbox on “www.domain2.com”.
Even worse, his visits are recorded, regardless of whether he chooses the opt-out-Checkbox or not.
I found this in #409: “Also I think the piwik_ignore cookie should stay 3rd party (and signed), to avoid abuse.” Why exactly?
Thanks for a hint.