- Removed
api_urlfrominit()parameters — the proxy URL (https://api.mbuzz.co/api/v1) is now hardcoded. This prevents accidental bypass of the edge ingest proxy. For development,config.api_urlcan still be set directly after init.
event()andconversion()now handle proxy-buffered responses gracefully — when the edge proxy accepts a request but Rails is temporarily unreachable, the SDK returnsTrackResult(success=True)with nil IDs instead ofTrackResult(success=False).
- Default API URL updated to
https://api.mbuzz.co/api/v1— traffic now routes through the edge ingest proxy for improved reliability.
identify()now writesuser_idback to context — after a successful API call,user_idis stored in theRequestContextso that subsequentconversion()calls in the same request can resolve it.
- Navigation-aware session creation — middleware now only creates server-side sessions for real page navigations, filtering out Turbo frames, htmx partials, fetch/XHR, prefetch, and other sub-requests. Uses browser-enforced
Sec-Fetch-*headers as the primary signal with a framework-specific blacklist fallback for old browsers. device_fingerprint()utility — computesSHA256(ip|user_agent)[0:32], matching the server-side fingerprint for session deduplication.- Async session creation via
POST /sessions— fire-and-forget background thread on real navigations.
- 5x visit count inflation caused by concurrent sub-requests (Turbo frames, htmx) each creating separate sessions on first page load.
- Initial release with Flask middleware, visitor cookie management, event tracking, user identification, and conversion tracking.
- Session cookie removed — server handles session resolution via device fingerprint.