Supercookie config

This module sets a persistent, unique cookie and corresponding database session record within the specified expiration interval for every site visitor, regardless of their user agent (browser) settings. This module was created specifically to address the problem of tracking many anonymous users visiting a site from a single IP address (e.g. a school, corporate office, etc.)

From some marketeer out in the ether:

Recently, online properties like Hulu, MSN and Flixster have been caught using a tougher version of the common cookie. These “supercookies” (aka "Flash cookies" and “zombie cookies”) serve the same purpose as regular cookies by tracking user preferences and browsing histories. Unlike their popular cousins, however, this breed is difficult to detect and subsequently remove. These cookies secretly collect user data beyond the limitations of common industry practice, and thus raise serious privacy concerns.

This module only stores a hash of the client and server-side variables that it gathers; the cookie itself however, is very difficult to remove or hack. Dependent modules can also implement hook_supercookie_custom to store their own tracking data in the serialized supercookie.custom field. Tracking unique, anonymous visitors can be extremely useful for modules that may use this as a dependency -- and the standard Drupal pattern of using core's ip_address() function for uniqueness is often insufficient.

Strongly recommend that this module be used in conjunction with CacheExclude (7.x only) or similar, particularly when Varnish is in use.

This module requires two 3rd-party JavaScript libraries to function correctly:

Inspired by the work at, and particularly the EFF whitepaper on browser fingerprinting: How Unique Is Your Browser?

A few words of advice: if this type of granular tracking feels invasive or scary -- use Tor and disable JavaScript in your browser whenever possible.

Brought to you by your friends at Socha Dev.

Supporting organizations: 

Project information