Replies: 1 comment
-
|
As a user that glanced at session code today: seems to be by design. The tracking does NOT tie to device at all, no fingerprinting of any kind; see #1681 Session ID varies by: month, IP from which the request comes, UA, website (Umami tracker "ID") and hostname.
There is a And it's done in a way that recovering the IP information from session ID or correlating them across months is impossible. Whether this balance of privacy preservation vs accurate targeting of data is OK for you determines if Umami is a good fit for you. |
Beta Was this translation helpful? Give feedback.
-
Hello, I encountered an issue with the sessionId generation in Umami. The sessionId is generated using a combination of uuid(websiteId, hostname, ip, userAgent). However, I noticed that when I visited a landing page (which has Umami installed) using my mobile device and the Google Chrome browser, and my colleague did the same using their own mobile device, the sessionId generated was identical.
The key detail here is that both of us were connected to the same public Wi-Fi network. I would expect each session to have a unique sessionId, even if the network is the same.
Steps to reproduce:
Two different users visit the same website with Umami installed.
Both use mobile devices with Google Chrome.
Both are connected to the same Wi-Fi network.
Expected result: Different sessionIds for different devices.
Actual result: The sessionId generated is the same for both devices.
This could potentially lead to inaccurate tracking, as different users are being logged under the same session. Could this be a result of how sessionId generation relies on ip in environments with shared networks?
Beta Was this translation helpful? Give feedback.
All reactions