Details
-
Task
-
Resolution: Unresolved
-
Neutral
-
None
-
None
-
None
Description
- Unlike it was assumed, GeoIp calls emitted by the filter aren't expensive (do not make extra http calls rather relying on the local db).
- With that it would be advisable to reconfigure the filter to use the request-scoped storage instead of the session-scoped one.
- this way we wouldn't be creating the new sessions for anonymous users, preventing potential DoS attacks.
- also we'd avoid potential inquiries from the privacy-matters concerned clients, who might be confused by the fact that session cookies being created where they are not expected.
Workaround:
Set https://demo.magnolia-cms.com/.magnolia/admincentral#app:configuration:browser;/modules/personalization-traits/traits/country@traitStorageClass:treeview: to info.magnolia.personalization.trait.storage.StorageAwareTraitCollector$RequestScopedTraitStorage
Checklists
Acceptance criteria
Attachments
Issue Links
- is related to
-
MGNLPN-513 Document the un-obvious implications of StorageAwareTraitCollector
-
- Open
-
- supersedes
-
-
- Closed
-
