1<?xml version="1.0" encoding="ISO-8859-1"?> 2<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 3<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- 4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 5 This file is generated from xml source: DO NOT EDIT 6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 7 --> 8<title>mod_usertrack - Apache HTTP Server</title> 9<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> 10<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> 11<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="/style/css/prettify.css" /> 12<script src="/style/scripts/prettify.js" type="text/javascript"> 13</script> 14 15<link href="/images/favicon.ico" rel="shortcut icon" /></head> 16<body> 17<div id="page-header"> 18<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p> 19<p class="apache">Apache HTTP Server Version 2.2</p> 20<img alt="" src="/images/feather.gif" /></div> 21<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div> 22<div id="path"> 23<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.2</a> > <a href="./">Modules</a></div> 24<div id="page-content"> 25<div id="preamble"><h1>Apache Module mod_usertrack</h1> 26<div class="toplang"> 27<p><span>Available Languages: </span><a href="/en/mod/mod_usertrack.html" title="English"> en </a></p> 28</div> 29<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td> 30<em>Clickstream</em> logging of user activity on a site 31</td></tr> 32<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr> 33<tr><th><a href="module-dict.html#ModuleIdentifier">Module�Identifier:</a></th><td>usertrack_module</td></tr> 34<tr><th><a href="module-dict.html#SourceFile">Source�File:</a></th><td>mod_usertrack.c</td></tr></table> 35<h3>Summary</h3> 36 37 <p>Previous releases of Apache have included a module which 38 generates a 'clickstream' log of user activity on a site using 39 cookies. This was called the "cookies" module, mod_cookies. In 40 Apache 1.2 and later this module has been renamed the "user 41 tracking" module, mod_usertrack. This module has been 42 simplified and new directives added.</p> 43</div> 44<div id="quickview"><h3 class="directives">Directives</h3> 45<ul id="toc"> 46<li><img alt="" src="/images/down.gif" /> <a href="#cookiedomain">CookieDomain</a></li> 47<li><img alt="" src="/images/down.gif" /> <a href="#cookieexpires">CookieExpires</a></li> 48<li><img alt="" src="/images/down.gif" /> <a href="#cookiename">CookieName</a></li> 49<li><img alt="" src="/images/down.gif" /> <a href="#cookiestyle">CookieStyle</a></li> 50<li><img alt="" src="/images/down.gif" /> <a href="#cookietracking">CookieTracking</a></li> 51</ul> 52<h3>Topics</h3> 53<ul id="topics"> 54<li><img alt="" src="/images/down.gif" /> <a href="#logging">Logging</a></li> 55<li><img alt="" src="/images/down.gif" /> <a href="#cookiedate">2-digit or 4-digit dates for cookies?</a></li> 56</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div> 57<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 58<div class="section"> 59<h2><a name="logging" id="logging">Logging</a></h2> 60 61 62 <p>Previously, the cookies module (now the user tracking 63 module) did its own logging, using the <code class="directive">CookieLog</code> 64 directive. In this release, this module does no logging at all. 65 Instead, a configurable log format file should be used to log 66 user click-streams. This is possible because the logging module 67 now allows multiple log files. The cookie itself is logged by 68 using the text <code>%{cookie}n</code> in the log file format. For 69 example:</p> 70<div class="example"><p><code> 71CustomLog logs/clickstream "%{cookie}n %r %t" 72</code></p></div> 73 74 <p>For backward compatibility the configurable log module 75 implements the old <code class="directive"><a href="/mod/mod_log_config.html#cookielog">CookieLog</a></code> directive, but this 76 should be upgraded to the above <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code> directive. </p> 77</div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 78<div class="section"> 79<h2><a name="cookiedate" id="cookiedate">2-digit or 4-digit dates for cookies?</a></h2> 80 81 82 <p>(the following is from message 83 <022701bda43d$9d32bbb0$1201a8c0@christian.office.sane.com> 84 in the new-httpd archives) </p> 85<pre> 86From: "Christian Allen" <christian@sane.com> 87Subject: Re: Apache Y2K bug in mod_usertrack.c 88Date: Tue, 30 Jun 1998 11:41:56 -0400 89 90Did some work with cookies and dug up some info that might be useful. 91 92True, Netscape claims that the correct format NOW is four digit dates, and 93four digit dates do in fact work... for Netscape 4.x (Communicator), that 94is. However, 3.x and below do NOT accept them. It seems that Netscape 95originally had a 2-digit standard, and then with all of the Y2K hype and 96probably a few complaints, changed to a four digit date for Communicator. 97Fortunately, 4.x also understands the 2-digit format, and so the best way to 98ensure that your expiration date is legible to the client's browser is to 99use 2-digit dates. 100 101However, this does not limit expiration dates to the year 2000; if you use 102an expiration year of "13", for example, it is interpreted as 2013, NOT 1031913! In fact, you can use an expiration year of up to "37", and it will be 104understood as "2037" by both MSIE and Netscape versions 3.x and up (not sure 105about versions previous to those). Not sure why Netscape used that 106particular year as its cut-off point, but my guess is that it was in respect 107to UNIX's 2038 problem. Netscape/MSIE 4.x seem to be able to understand 1082-digit years beyond that, at least until "50" for sure (I think they 109understand up until about "70", but not for sure). 110 111Summary: Mozilla 3.x and up understands two digit dates up until "37" 112(2037). Mozilla 4.x understands up until at least "50" (2050) in 2-digit 113form, but also understands 4-digit years, which can probably reach up until 1149999. Your best bet for sending a long-life cookie is to send it for some 115time late in the year "37". 116</pre> 117 118</div> 119<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 120<div class="directive-section"><h2><a name="CookieDomain" id="CookieDomain">CookieDomain</a> <a name="cookiedomain" id="cookiedomain">Directive</a></h2> 121<table class="directive"> 122<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The domain to which the tracking cookie applies</td></tr> 123<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieDomain <em>domain</em></code></td></tr> 124<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> 125<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr> 126<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 127<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_usertrack</td></tr> 128</table> 129 130 <p>This directive controls the setting of the domain to which 131 the tracking cookie applies. If not present, no domain is 132 included in the cookie header field.</p> 133 134 <p>The domain string <strong>must</strong> begin with a dot, and 135 <strong>must</strong> include at least one embedded dot. That is, 136 <code>.example.com</code> is legal, but <code>foo.example.com</code> and 137 <code>.com</code> are not.</p> 138 139 <div class="note">Most browsers in use today will not allow cookies to be set 140 for a two-part top level domain, such as <code>.co.uk</code>, 141 although such a domain ostensibly fulfills the requirements 142 above.<br /> 143 144 These domains are equivalent to top level domains such as 145 <code>.com</code>, and allowing such cookies may be a security 146 risk. Thus, if you are under a two-part top level domain, you 147 should still use your actual domain, as you would with any other top 148 level domain (for example, use <code>.foo.co.uk</code>). 149 </div> 150 151 152</div> 153<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 154<div class="directive-section"><h2><a name="CookieExpires" id="CookieExpires">CookieExpires</a> <a name="cookieexpires" id="cookieexpires">Directive</a></h2> 155<table class="directive"> 156<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Expiry time for the tracking cookie</td></tr> 157<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieExpires <em>expiry-period</em></code></td></tr> 158<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> 159<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr> 160<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 161<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_usertrack</td></tr> 162</table> 163 <p>When used, this directive sets an expiry time on the cookie 164 generated by the usertrack module. The <em>expiry-period</em> 165 can be given either as a number of seconds, or in the format 166 such as "2 weeks 3 days 7 hours". Valid denominations are: 167 years, months, weeks, days, hours, minutes and seconds. If the expiry 168 time is in any format other than one number indicating the 169 number of seconds, it must be enclosed by double quotes.</p> 170 171 <p>If this directive is not used, cookies last only for the 172 current browser session.</p> 173 174</div> 175<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 176<div class="directive-section"><h2><a name="CookieName" id="CookieName">CookieName</a> <a name="cookiename" id="cookiename">Directive</a></h2> 177<table class="directive"> 178<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Name of the tracking cookie</td></tr> 179<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieName <em>token</em></code></td></tr> 180<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CookieName Apache</code></td></tr> 181<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> 182<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr> 183<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 184<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_usertrack</td></tr> 185</table> 186 <p>This directive allows you to change the name of the cookie 187 this module uses for its tracking purposes. By default the 188 cookie is named "<code>Apache</code>".</p> 189 190 <p>You must specify a valid cookie name; results are 191 unpredictable if you use a name containing unusual characters. 192 Valid characters include A-Z, a-z, 0-9, "_", and "-".</p> 193 194</div> 195<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 196<div class="directive-section"><h2><a name="CookieStyle" id="CookieStyle">CookieStyle</a> <a name="cookiestyle" id="cookiestyle">Directive</a></h2> 197<table class="directive"> 198<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Format of the cookie header field</td></tr> 199<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieStyle 200 <em>Netscape|Cookie|Cookie2|RFC2109|RFC2965</em></code></td></tr> 201<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CookieStyle Netscape</code></td></tr> 202<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> 203<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr> 204<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 205<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_usertrack</td></tr> 206</table> 207 <p>This directive controls the format of the cookie header 208 field. The three formats allowed are:</p> 209 210 <ul> 211 <li><strong>Netscape</strong>, which is the original but now deprecated 212 syntax. This is the default, and the syntax Apache has 213 historically used.</li> 214 215 <li><strong>Cookie</strong> or <strong>RFC2109</strong>, which is the syntax that 216 superseded the Netscape syntax.</li> 217 218 <li><strong>Cookie2</strong> or <strong>RFC2965</strong>, which is the most 219 current cookie syntax.</li> 220 </ul> 221 222 <p>Not all clients can understand all of these formats, but you 223 should use the newest one that is generally acceptable to your 224 users' browsers. At the time of writing, most browsers only fully 225 support <code>CookieStyle Netscape</code>.</p> 226 227</div> 228<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div> 229<div class="directive-section"><h2><a name="CookieTracking" id="CookieTracking">CookieTracking</a> <a name="cookietracking" id="cookietracking">Directive</a></h2> 230<table class="directive"> 231<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables tracking cookie</td></tr> 232<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieTracking on|off</code></td></tr> 233<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CookieTracking off</code></td></tr> 234<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> 235<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr> 236<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr> 237<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_usertrack</td></tr> 238</table> 239 <p>When <code class="module"><a href="/mod/mod_usertrack.html">mod_usertrack</a></code> is loaded, and 240 <code>CookieTracking on</code> is set, Apache will send a 241 user-tracking cookie for all new requests. This directive can 242 be used to turn this behavior on or off on a per-server or 243 per-directory basis. By default, enabling 244 <code class="module"><a href="/mod/mod_usertrack.html">mod_usertrack</a></code> will <strong>not</strong> 245 activate cookies. </p> 246 247 248</div> 249</div> 250<div class="bottomlang"> 251<p><span>Available Languages: </span><a href="/en/mod/mod_usertrack.html" title="English"> en </a></p> 252</div><div class="top"><a href="#page-header"><img src="/images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div> 253<script type="text/javascript"><!--//--><![CDATA[//><!-- 254var comments_shortname = 'httpd'; 255var comments_identifier = 'http://httpd.apache.org/docs/2.2/mod/mod_usertrack.html'; 256(function(w, d) { 257 if (w.location.hostname.toLowerCase() == "httpd.apache.org") { 258 d.write('<div id="comments_thread"><\/div>'); 259 var s = d.createElement('script'); 260 s.type = 'text/javascript'; 261 s.async = true; 262 s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier; 263 (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s); 264 } 265 else { 266 d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>'); 267 } 268})(window, document); 269//--><!]]></script></div><div id="footer"> 270<p class="apache">Copyright 2013 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> 271<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- 272if (typeof(prettyPrint) !== 'undefined') { 273 prettyPrint(); 274} 275//--><!]]></script> 276</body></html>