How does the __utmLinker and __utmLinkPost functions work?

Rating: +2

The __utmLinker() or __utmLinkPost() functions transfer the Google Analytics tracking cookies from one domain to another by appending the values to a URL as query string variables. The goal is to have two sets of cookies with the same values on each domain.

It may be a good idea to review the Third Party Shopping Cart documentation before I begin to explain the process:

http://www.google.com/support/analytics/bin/answer.py?answer=26915&topic=7295

Here is the normal flow of processing when directing a visitor across multiple domains:

1. Visitor clicks on a link (or button) that directs visitor to a different domain.
2. The __utmLinker() or __utmLinkPost() function reads the Google Analytics cookie values and appends them to the destination of URL. The Google Analytics tracking cookies are as follows:
__utma : Identifies the visitor
__utmb : A timestamp
__utmc : Another timestamp
__utmv : The custom segment cookie
__utmz : The campaign tracking cookie
3. The __utmLinker() or __utmLinkPost() function calculates a check sum of all the cookie values and appends the check sum to the end of the destination URL. The check sum value is stored in the __utmk query string variable.
4. The __utmLinker() or __utmLinkPost() function re-directs the browser to the destination URL.
5. When the destination page render in the visitor's browser the urchin.js function examines the value in the browser's location bar.
6. The urchin.js script reads the query string values and creates a check sum.
7. The urchin.js compares the calculated check sum with the passed check sum (__utmk variable). If the values match then the urchin.js sets the Google Analytics tracking cookies based on the values in the URL. If the values do not match then the urchin.js sets a new set of Google Analytics tracking cookies.

Based on what I know of your architecture you need to append the cookie values and the __utmk value to the end of the URL that you use in your response.redirect call.

I believe the key to your implementation of the above process is replicating the way urchin.js validates the cookies values. There are two options:

1. You can change the urchin.js script to NOT validate the value of __utmk. This requires that you host the urchin.js file locally.
2. You can replicate the function that calculates the value of __utmk. This function, _uHash(), has been attached for your review. If you could create some server side function that calculates the hash then you can create __utmk on the server side and append it to the URL with all the cookie values. Then urchin.js can validate the cookie values as normal.

I suggest going with option number 2 as it insures that the cookie values are not tampered with during transmission.