--- /dev/null
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.xsl"?>
+
+<modulesynopsis>
+<name>mod_usertrack</name>
+<description>
+ This module uses cookies to provide for a
+ <em>clickstream</em> log of user activity on a site.
+</description>
+<status>Extension</status>
+<sourcefile>mod_usertrack.c</sourcefile>
+<identifier>usertrack_module</identifier>
+<compatibility>Known as mod_cookies prior to Apache 1.3.</compatibility>
+
+<summary>
+
+ <h2>Summary</h2>
+
+ <p>Previous releases of Apache have included a module which
+ generates a 'clickstream' log of user activity on a site using
+ cookies. This was called the "cookies" module, mod_cookies. In
+ Apache 1.2 and later this module has been renamed the "user
+ tracking" module, mod_usertrack. This module has been
+ simplified and new directives added.</p>
+</summary>
+
+
+<section>
+<title>Logging</title>
+
+ <p>Previously, the cookies module (now the user tracking
+ module) did its own logging, using the <tt>CookieLog</tt>
+ directive. In this release, this module does no logging at all.
+ Instead, a configurable log format file should be used to log
+ user click-streams. This is possible because the logging module
+ now allows multiple log files. The cookie itself is logged by
+ using the text <tt>%{cookie}n</tt> in the log file format. For
+ example:</p>
+<example>
+CustomLog logs/clickstream "%{cookie}n %r %t"
+</example>
+
+ <p>For backward compatibility the configurable log module
+ implements the old <tt>CookieLog</tt> directive, but this
+ should be upgraded to the above <tt>CustomLog</tt> directive. </p>
+</section>
+
+<section>
+<title>2-digit or 4-digit dates for cookies?</title>
+
+ <p>(the following is from message
+ <022701bda43d$9d32bbb0$1201a8c0@christian.office.sane.com>
+ in the new-httpd archives)
+<pre>
+From: "Christian Allen" <christian@sane.com>
+Subject: Re: Apache Y2K bug in mod_usertrack.c
+Date: Tue, 30 Jun 1998 11:41:56 -0400
+
+Did some work with cookies and dug up some info that might be useful.
+
+True, Netscape claims that the correct format NOW is four digit dates, and
+four digit dates do in fact work... for Netscape 4.x (Communicator), that
+is. However, 3.x and below do NOT accept them. It seems that Netscape
+originally had a 2-digit standard, and then with all of the Y2K hype and
+probably a few complaints, changed to a four digit date for Communicator.
+Fortunately, 4.x also understands the 2-digit format, and so the best way to
+ensure that your expiration date is legible to the client's browser is to
+use 2-digit dates.
+
+However, this does not limit expiration dates to the year 2000; if you use
+an expiration year of "13", for example, it is interpreted as 2013, NOT
+1913! In fact, you can use an expiration year of up to "37", and it will be
+understood as "2037" by both MSIE and Netscape versions 3.x and up (not sure
+about versions previous to those). Not sure why Netscape used that
+particular year as its cut-off point, but my guess is that it was in respect
+to UNIX's 2038 problem. Netscape/MSIE 4.x seem to be able to understand
+2-digit years beyond that, at least until "50" for sure (I think they
+understand up until about "70", but not for sure).
+
+Summary: Mozilla 3.x and up understands two digit dates up until "37"
+(2037). Mozilla 4.x understands up until at least "50" (2050) in 2-digit
+form, but also understands 4-digit years, which can probably reach up until
+9999. Your best bet for sending a long-life cookie is to send it for some
+time late in the year "37".
+</pre>
+</p>
+</section>
+
+<directivesynopsis>
+<name>CookieDomain</name>
+<syntax>CookieDomain <i>domain</i></syntax>
+<default>None</default>
+<contextlist>
+<context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
+</contextlist>
+<description>controls the setting of the domain to which
+ the tracking cookie applies.</description>
+
+<usage>
+
+ <p>This directive controls the setting of the domain to which
+ the tracking cookie applies. If not present, no domain is
+ included in the cookie header field.</p>
+
+ <p>The domain string <b>must</b> begin with a dot, and
+ <b>must</b> include at least one embedded dot. That is,
+ ".foo.com" is legal, but "foo.bar.com" and ".com" are not.</p>
+</usage>
+</directivesynopsis>
+
+
+<directivesynopsis>
+<name>CookieExpires</name>
+<syntax>CookieExpires <em>expiry-period</em></syntax>
+<default></default>
+<contextlist>
+<context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
+</contextlist>
+<override></override>
+<compatibility>In 1.3.20 and earlier, not usable in directory and
+.htaccess</compatibility>
+
+<usage>
+ <p>When used, this directive sets an expiry time on the cookie
+ generated by the usertrack module. The <em>expiry-period</em>
+ can be given either as a number of seconds, or in the format
+ such as "2 weeks 3 days 7 hours". Valid denominations are:
+ years, months, weeks, hours, minutes and seconds. If the expiry
+ time is in any format other than one number indicating the
+ number of seconds, it must be enclosed by double quotes.</p>
+
+ <p>If this directive is not used, cookies last only for the
+ current browser session.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>CookieName</name>
+<syntax>CookieName <em>token</em></syntax>
+<default>Apache</default>
+<contextlist>
+<context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
+</contextlist>
+
+<usage>
+ <p>This directive allows you to change the name of the cookie
+ this module uses for its tracking purposes. By default the
+ cookie is named "<code>Apache</code>".</p>
+
+ <p>You must specify a valid cookie name; results are
+ unpredictable if you use a name containing unusual characters.
+ Valid characters include A-Z, a-z, 0-9, "_", and "-".</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>CookieStyle</name>
+<syntax>CookieStyle
+ <i>Netscape|Cookie|Cookie2|RFC2109|RFC2965</i></syntax>
+<default></default>
+<contextlist>
+<context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
+</contextlist>
+<description>Controls the format of the cookie header
+ field</description>
+
+<usage>
+ <p>This directive controls the format of the cookie header
+ field. The three formats allowed are:</p>
+
+ <ul>
+ <li><b>Netscape</b>, which is the original but now deprecated
+ syntax. This is the default, and the syntax Apache has
+ historically used.</li>
+
+ <li><b>Cookie</b> or <b>RFC2109</b>, which is the syntax that
+ superseded the Netscape syntax.</li>
+
+ <li><b>Cookie2</b> or <b>RFC2965</b>, which is the most
+ current cookie syntax.</li>
+ </ul>
+
+ <p>Not all clients can understand all of these formats. but you
+ should use the newest one that is generally acceptable to your
+ users' browsers.</p>
+</usage>
+</directivesynopsis>
+
+
+
+<directivesynopsis>
+<name>CookieTracking</name>
+<syntax>CookieTracking on|off</syntax>
+<default></default>
+<contextlist>
+<context>server config</context>
+<context>virtual host</context>
+<context>directory</context>
+<context>.htaccess</context>
+</contextlist>
+<override>FileInfo</override>
+
+<usage>
+ <p>When the user track module is compiled in, and
+ "CookieTracking on" is set, Apache will start sending a
+ user-tracking cookie for all new requests. This directive can
+ be used to turn this behavior on or off on a per-server or
+ per-directory basis. By default, compiling mod_usertrack will
+ not activate cookies. </p>
+
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>
+
projects / apache / commitdiff