Filter session ID from URL

[robocoder]

This issue was raised by collection23 on the forum.

1. http://forum.piwik.org/index.php?showtopic=161

Many dynamic generated Websites are using session-IDs to track users. In this case a URL kooks like: domain.tld/site1.html?SID=12345678. But the SID is different for each visitor.

In actions/pages PIWIK shows ten lines with the same page (domain.tld/site1.html) with ten different session IDs. It would be a great feature if there were an option to eliminate everything in the URL starting at a userdefined character string like “?SID=”.

Result should be on line with a 10 times visited URL.

[robocoder]

There is currently no way for the Piwik server to know what the tracking site uses as a session ID name for cookieless sessions. For example, the default for PHP applications is PHPSESSID (configured in php.ini), but can be arbitrarily set by calling session_name().

The session ID could appear in either the action page or the referrer.

A closely related issue to consider is user authentication information in the URL, as in http://user:password@host/path, which should likewise be filtered.
1. We can introduce a method in OO piwik.js that allows the application to specify the session ID used. Examples:
– Piwik.setSessionIDFilter( Piwik.SID.ASP ); // (…), s(…), (S(…)), or (s({…}))
– Piwik.setSessionIDFilter( Piwik.SID.Apache ); // SESSIONID=….
– Piwik.setSessionIDFilter( Piwik.SID.ColdFusion ); // CFID=…&CFTOKEN=…
– Piwik.setSessionIDFilter( Piwik.SID.Java ); // jsessionid=…
– Piwik.setSessionIDFilter( Piwik.SID.PHP ); // PHPSESSID=…
– Piwik.setSessionIDFilter( "sessionID ); // arbitrary sessionID=…
2. We later apply the filter to the action page (and the referrer URL if it originates from the same host).

[mattab]

dup of #41, ticket #41 updated with your suggestions, and priority increased: this should make it to piwik 1.0