fix: assign domain after cookie storage options are given #528
Conversation
src/amplitude-client.js
Outdated
| @@ -126,6 +126,7 @@ AmplitudeClient.prototype.init = function init(apiKey, opt_userId, opt_config, o | |||
| secure: this.options.secureCookie, | |||
| sameSite: this.options.sameSiteCookie, | |||
| }); | |||
| this.options.domain = this.cookieStorage.options().domain; | |||
There was a problem hiding this comment.
im curious how this impacts sdk usages that did not use defer init. would they have existing cookie without the domain suffix? if we move it up to this line, then would it look for cookie with the domain prefix, which it may not find?
There was a problem hiding this comment.
It is really interesting that we actually have two cookie names: with domain and without domain.
And it does not defer init
There was a problem hiding this comment.
When initializing the metadata storage without domain, all cookies saved by the metadata storage does not include the domain suffix. After domain is assigned to this.options.domain, SDK looks for cookie but cannot find it, and then a new cookies with domain suffix is created. I think this is the flow.
There was a problem hiding this comment.
Hmm not sure about that, but isn't metadata storage only instantiated once for the most part? then does this mean even if this.options.domain changes, it would still use the initial storage key?
There was a problem hiding this comment.
isn't metadata storage only instantiated once for the most part?
If deferInitialization is not set, then it is only one metadata storage instance. But for defer init, a new metadata storage instance is initialized with the new domain value.
then does this mean even if
this.options.domainchanges, it would still use the initial storage key?
If this.options.domain changes, the storage key is still the initial one.
Here we have two options:
- Move the
this.options.domain = this.cookieStorage.options().domain;before initialize metadata storage, so the cookies include domain suffix. - Move the
this.options.domain = this.cookieStorage.options().domain;after the defer init check, so the metadata storage is initialized again, the storage key is still the same.
I pick the first one option, but I am thinking if you have any other concern.
There was a problem hiding this comment.
From setDomain method, the this.options.domain is updated immediately.
Amplitude-JavaScript/src/amplitude-client.js
Lines 862 to 880 in 52abaf0
There was a problem hiding this comment.
Yeah my concern is what I mentioned in my first comment. Like if they don't defer init, which is default behavior, and client devices have an existing cookie key with no suffix. If we go with option 1, then it will not find the existing cookies right? If it does not find existing cookies, then it will generate new session ids and device ids and potentially disassociate events that would have been for the same amplitude ID, I'm thinking.
There was a problem hiding this comment.
Right. I think it is a valid concern. I will move to option 2.
## [8.18.2](v8.18.1...v8.18.2) (2022-05-12) ### Bug Fixes * assign domain after cookie storage options are given ([#528](#528)) ([2440e9a](2440e9a)) * fix perms for github token in release workflow ([#532](#532)) ([195c6ef](195c6ef)) * fix release work flow perms to include write access to contents ([#533](#533)) ([c8845ca](c8845ca)) * replace String.prototype.includes with String.prototype.indexOf ([#530](#530)) ([b0992f8](b0992f8)) * update analytics connector 1.4.2 ([#531](#531)) ([fba43bf](fba43bf))
Summary
Because this domain value is needed while initializing metadata storage, assign
options.domainafter cookie storage options are given.Checklist