Email Campaign - External Landing Pages create a new visitor on each visit

Your software
My Mautic version is: 4.4.4
My PHP version is: 7.4.30
My Database type and version is: Maria DB 10.5.15

Your problem
My problem is: On an email campaign, the email has two links, one that brings to the Mautic Landig and one that goes to an external landing page. The external landing have all the Mautic-tracking script. The first click from the email to the landings is properly associated to the contact but once the user lands on the landings (Can see it from the browser cookies), on the mautic landing pages it properly has the mtc_id equal to the contact id and therefore all the events are properly tracked and associated to the user while on the external landing it seems that the script creates a new user (anonymous) each time and so all the events that happend from there on are associated to this new anonymous user and not to the user to whom i sent the email. I have read a lot these days about CORS problems but I don’t see to have any. No errors on console and the external landing domain is properly added to the CORS settings on mautic and checking the local.php file the domain is actually is there.

These errors are showing in the log:
the only error on log is
ERROR: Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\BadRequestHttpException: “Untrusted Host “xx.xx.xx.xx”.” at /var/www/html/vendor/symfony/http-kernel/HttpKernel.php line 83
where is the ip of the server, which has been added to the trusted list bu Sympfony continues to give the error

Steps I have tried to fix the problem:

  • Tried to put Restrict domains to FALSE in CORS SETTINGS
  • Added the external domain to the Valid Domains
  • Added #Header set Access-Control-Allow-Origin “*” to the htaccess of the external server


could you provide the request sent via the event-script to your mautic instance from the landing pages (both ideally= especially the payload/parameters?

Might be helpful in debugging

Hi, there are 4 calls i can see in the Network console

The first Url calls the Mautic server passing in ct= the base64 of the client. This is the url that the client clicks on the email
Request URL: https://mymautic.domain/r/fd9f2eb1d53f3e0c77b205421?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czoxNDoiY2FtcGFpZ24uZXZlbnQiO2k6MTtpOjI5O31zOjU6ImVtYWlsIjtpOjEwO3M6NDoic3RhdCI7czoyMjoiNjM4OGViNjYxNDlkZTg5MTAxMzAwMyI7czo0OiJsZWFkIjtzOjM6IjIxMyI7czo3OiJjaGFubmVsIjthOjE6e3M6NToiZW1haWwiO2k6MTA7fX0%3D&utm_source=attivazione_gratuite&utm_medium=email_marketing&utm_campaign=website_proposal&utm_content=website_bozza
Request Method: GET
Status Code: 302 Found
Remote Address: xx.xx.xx.xx:443
Referrer Policy: strict-origin-when-cross-origin

The response header has the redirect url that I initially inserted on the email on mautic
Apache/2.4.54 (Debian)
Set-Cookie: mautic_referer_id=544; expires=Fri, 02-Dec-2022 18:06:22 GMT; Max-Age=1800; path=/
Cache-Control: max-age=0, must-revalidate, private
Expires: Fri, 02 Dec 2022 17:36:22 GMT
Content-Length: 1254
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: it-IT,it;q=0.9
Connection: keep-alive
Cookie: mautic_device_id=me62cg6vpylktqkzeq9ygom; mtc_id=213; mtc_sid=me62cg6vpylktqkzeq9ygom; mautic_referer_id=535
sec-ch-ua: “Google Chrome”;v=“107”, “Chromium”;v=“107”, “Not=A?Brand”;v=“24”
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: “macOS”
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla

ON the cookies tab under NETWORK I can see the correct mtc_id being set during this call. The thing is that it is set as referred to the yourmautic.domain

Then we come to the redirect: to landingpage.example
Here the payload can be empty or contain eventual url parameters you have set in the email on mautic.
The strange thing is that the cookies are passed in the request with the new client id already,

My opinion is that the landingpage seems to find the cookies set with the wrong (newly created) mautic_it due to a bug on the ridirect procedure.
The same thing does not happen if the final landing page is hosted on the mautic domain. I tried and it does not even matter if the landing is a mautic one or not. It simply matters
the domain on which it is hosted. You can simply put a html page on mautic folder somewhere and make it accessible. You will find yourself on that page with the correct mautic_it and so tracking everything
Schermata 2022-12-02 alle 19.12.03
Schermata 2022-12-02 alle 19.12.09

![Schermata 2022-12-02 alle 19.12.18|690x431](upload://cebSAHyj0AP56KaybHStu4dl59c.png)
![Schermata 2022-12-02 alle 19.12.24|690x431](upload://f0o6Pdf0eOb1rQvPftaE5GAMsoZ.png)