-
Notifications
You must be signed in to change notification settings - Fork 8
Security considerations
Arnaud PICHERY edited this page Oct 19, 2018
·
2 revisions
The web application exposes the following HTTP entry points:
| URL (from the webapp's root) | Usage | Recommendation |
|---|---|---|
/public/p.gif |
Javascript GIF tracking backend | Must be exposed to the public |
/public/events |
JSON API endpoint | Should only be exposed if you intend to use the JSON API. (either for a custom application, or for an iOS application) |
/public/globalId |
Global Id API endpoint | Should be publicly exposed if your application requires this function. |
/public/cookie/* |
Opt-out API endpoint | Should be publicly exposed if your application requires this function. Valid only if third-party cookie tracking is enabled. |
/isAlive |
Health checking API | Should be accessible to your load-balancer and supervision platform. This API may be exposed to the public as it does not disclose any sensitive information. |
/internal/live |
Live data API JSON backend | Read-only access to the tracker's status and last requests. Should only be accessible via internal / private networks. Sensitive personal information can be exposed through this URL. |
/internal/live.html |
Live data UI | Read-only access to the tracker's status and last requests. Should only be accessible via internal / private networks. Sensitive personal information can be exposed through this URL. |
/internal/flush |
Flush storage queue API | Should only be accessible via internal / private networks. |
/internal/handlers |
Custom handlers and interaction API | The behaviour of this URL is dependent on each custom tracker's implementation. Should only be accessible via internal / private networks. Sensitive personal information can be exposed through this URL. |
By design, a web tracking API is used directly by the final user's browsers, which directly submit events to the tracking backend.
As such, it is possible for a user to send bogus events to the tracking backend, that do not correspond to any real visit. This limitation is inherent to the concept of web tracking.
Data analysis should be employed to eliminate outliers that could be the result of unwanted submission.