[MGNLPN-507] Consider an in-memory ip-based cache as an alternative to session storage for geo ip information Created: 15/Oct/20 Updated: 02/Nov/21 Resolved: 11/Mar/21 |
|
| Status: | Closed |
| Project: | Magnolia Personalization |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Neutral |
| Reporter: | Aleksandr Pchelintcev | Assignee: | Unassigned |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | maintenance | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Template: |
|
||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||
| Task DoR: |
Empty
|
||||||||||||||||
| Date of First Response: | |||||||||||||||||
| Epic Link: | Security | ||||||||||||||||
| Description |
|
The side effect of info.magnolia.personalization.geoip.CountryDetectorFilter currently is that it triggers the session creation for even anonymous users. This is done supposedly to not invoke costly GeoIp calls upon every request, but is prone to various problems related to the anonymous user sessions:
|
| Comments |
| Comment by Jan Haderka [ 15/Oct/20 ] |
|
Also raises GDPR concerns regarding the data being stored about anonymous users and possibly not mentioned in the privacy statement which clients don't know how to answer. |
| Comment by Roman Kovařík [ 15/Oct/20 ] |
Session scoped traits were introduce mainly because of traits resolved by calls to 3th party systems. |