Bitrix Framework allows to create and control more than one site. Such approach features:
- common access permissions, for all sites;
- common set of user accounts, for all sites;
- common statistics system, for all sites, etc.
This brings about the task to identify a user who visits sites with different domain names. Of course, the matter concerns the sites created in the context of one portal.
Identifying users is feasible due to stored cookies, which in fact are the information transferred between the web server and the browser, and stored on the local disc.
Here is the example to clear up the crux of the matter:
- When a user first visits site A, they are assigned a set of identifiers used by different modules and stored in the site A cookies (for example, the user ID in the Statistics module, or the customer ID in the e-Store module etc.).
- When the user visits the site A next time, they are identified due to the information stored in the site A cookies.
- Now consider the situation when this user visits the site B. There appears the task to identify them as the recent visitor of the site A. This can be done using the identifiers assigned to the user by the site A. The task is complicated if the domain name of the site B is not that same as that of the site A: the information stored in the site A cookies cannot be obtained when the user visits the site B. On the other hand, the site A cookies cannot be accessed by the site B. Such is the browser security policy.
To resolve the above problems, the cookie transfer technology is used. The technology (also called "UserMultiSiteTransfer") allows to transfer user cookies between sites with different domain names within one portal.
The technology algorithm can be described in the following way.
- When a user visits the site A, the identifiers assigned to them are stored in cookies using the CMain::set_cookie function. The main task of this function is to set the cookies for the current site A and to store this cookie for its further use on the sites B, C, D.
- In the end of the epilogue, the CMain::ShowSpreadCookieHTML function is called. This function emits a set of IFRAME's each calling the /bitrix/spread.php script on behalf of the domain whose cookie is to be set. Thus, for the sites B, C, D there will be created three IFRAME's each of which calling the http://site domain name/bitrix/spread.php script. Information required to set the cookie is passed as the parameters to this script. This information is transferred in the encrypted form and signed with an encrypted portal license key. As a result, the site A cookie will be copied (transferred) to other sites B, C, D.
- The situation with other sites is quite the same. If a user visits site B they are assigned identifiers that will be also stored in cookies of other sites A, C, D. As a result, we have a common set of cookies for all sites of a single portal.
The use of this technology in the Statistics module allows to track unique users for the whole portal. In the Advertising and banners module, it provides for accurate counting the number of banner impressions done to a definite user. Other modules also take advantage of this technology.
The described technology is only used for sites of multisite configuration if the Spread cookies across all domains option is checked in the Kernel module settings.