6438afadbf
Core system: - AnalyticsUniqId entity (visitor identity with device/os/browser parsing) - AnalyticsEvent entity (page views linked to visitor) - POST /t endpoint with AES-256-GCM encrypted payloads - HMAC-SHA256 visitor hash for anti-tampering - Async processing via Messenger - JS module: auto page_view tracking, setAuth for logged users - Encryption key shared via data-k attribute on body - setAuth only triggers when cookie consent is accepted - Clean CSP: remove old tracker domains (Cloudflare, Umami) 100% first-party, no cookies, invisible to adblockers, RGPD-friendly. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
15 KiB
15 KiB