project Websites / Privacy Sensitive Analytics avatar

websites/privacy-sensitive-analytics#5: Abstracting the user away

Issue Information

Issue Type: issue
Status: closed
Reported By: btasker
Assigned To: btasker

Milestone: 0.1
Created: 18-Dec-21 12:26


Currently, the user's browser will connect directly to my server in order to report in.

That means that access logs on my side will contain the user's IP - that could then be correlated back to a point.

I want to make sure the solution allows us to abstract that away, by serving via CDN. (for example) is already served by a CDN, so this wouldn't be a case of involving a third-party unnecessarily: they're already party to comms to/from the user.

Toggle State Changes


assigned to @btasker

^ fat fingers

The aim of this issue is two-fold really.

Serving the JS agent via CDN is obviously no issue, but want to make sure there's nothing we're doing which'll negatively impact the POST in.

Secondly though, it serves as a sort of marker for future improvements. If we were to start using cookies to track things (like, for example page views in #4), it'd enable cross-domain tracking (because the agent is coming from a common domain), which is explicitly against the aims of this project.

I've been back around the block on this.

Serving via the CDN means some additional latency for writes (because there are now 2 hops), but it gets the agent served quickly as well as moving the client's writes away from being directly to my system.

I'm serving via CDN, and it seems to be working quite well so far.

mentioned in issue #4