Spot Test

Spot Test – Inline

This is a set of tests for Spot using simple inline code. View page source to see the code.


Spot automatically creates a unique device_token for the browser on first visit. This is stored in the “spot_dt” cookie and will identify the device even if the user is subsequently identified. A device token is a unique 128-bit number generated UUID (generated as uuidv4) such as “4d8f9e7a-3ccb-4b2b-8297-6372fd3bdfe0”. The cookie max age is set to the Spot cookieMaxAge config setting, which defaults to 2 months.

Spot also generates a random UUID session_token for the browsing session. The cookie max age is set to the Spot sessionLength config setting, which defaults to 30 minutes.

You can use Spot to submit an Event such as “visit web page”, by pushing the event to the data layer:

spot_data.push({ "event":"visit_web_page", params: { url: "{url}", referrer: "{referrer}", user_agent: "{useragent}"} }) spot_data.push({ "event":"browse_product", params: { url: "{url}", product_category: "accessories", product_id: "162224" } })

All Events submitted include the device_token and session_token.

Spot does not automatically submit any events, only those you create.

An anonymous event for a device_token will result in a new member record.

User Identification

If a user signs in or is otherwise identified, the identifier is stored in the “spot_ut” cookie, and “identify” event is submitted matching the user identifier to the device_token. The user identifier will be used for events instead of device_token. All EDP identity fields are supported, except as noted below.

Identify Sign in

Email is not specifically not allowed as an identifier out of respect for user privacy. An identifier that appears to be an email address will not be across the network or stored as a cookie.

Email Identify

The Event payload can include attribute values to update, such as “what should we call you?”.

Update Name Update Address

The user token cookie is cleared (set to “”) on a “signout” event.

Sign out

A “spot_user” querystring parameter or javascript variable can be used to identify the user. The value of spot_user is a JSON object with parameters “ut” (“user_token”) and optionally “uta” (defaults to “user_token”). The value can be base64 encoded or plain text.

Querystring parameter “spot_user”:





Querystring parameters “spot_ut” and “spot_uta”:



JavaScript variable:

var spot_user = {"ut":"4d8f9e7a-3ccb-4b2b-8297-6372fd3bdfe0"};

Abandoned Cart

Click buttons to trigger events to test an “abandoned cart” scenario. Each button pushes an event onto the data layer. Spot detects updates to the data layer and submits EDP Events. Some of the buttons define Spot callback functions for “before”, “after”, and “cancel”.

Browse Product Add to Cart

View Cart Remove from Cart Checkout

This button simulates an abandoned cart. In production this will be detected on the server after some delay (e.g. 8 hours) but for testing a button is more convenient.

Abandoned Cart

Managing User Consent

Spot supports user consent to tracking, using a “Do Not Track” cookie.

Optin Optout

Tracking is enabled by default. An optin or optout Event out sets a Do Not Track cookie “spot_dnt”. Optin sets “spot_dnt=0”, and Optout sets “spot_dnt=1”.

If Do Not Track is enabled (“spot_dnt=1”) Events are blocked and not sent to the server. Optin/optout does not affect other cookies.


Spot can display Loyalty Offers

Get Offer Get Placement Offer Get Offer (default display)

(Offer will display here)

To get an offer, submit an “offer” event and declare your “processOffer” callback functions.

// offer event spot_data.push({ "event": "offer", "params": { "category": "spot_test" }, "processOffer": "showOffer" }); // show offer function showOffer(offer) { $("#offer_display").html(offer.html); }

Offers contain personalized content that you can use however you like. Here are a few examples.

// personalize page background image function showOffer(offer) { $("body").style({ 'background: '+offer.image_url }); } // apply offer coupon code to cart function showOffer(offer) { cart.applyPromoCode(offer.respondable_info.code); } // load the offer target url function showOffer(offer) { location = offer.target_url; }


Spot sets a small number of cookies, listed below. All Spot cookies are first-party and not sent to Cheetah servers.

Device Token (“spot_dt”)

Spot generates a random UUID device_token for the browser. The value is a randomly generated unique 128-bit number (generated as uuidv4) such as “4d8f9e7a-3ccb-4b2b-8297-6372fd3bdfe0”. All events submitted include the device token.

Session Token (“spot_st”)

Spot generates a random UUID device_token for the browser session. The cookie max age is set to the Spot config.sessionLength setting, which default to one hour. All Events submitted include the session token.

User Token (“spot_ut”)

Spot can read a user_token from the querystring or javascript variable. The recommended usage is the EDP user_token attribute, which is a random UUID not based on the member_id or customer db id. In addition, Spot also supports any standard EDP identifier field (e.g. integration_id), in which case the value might not be a UUID.

User Token Attribute (“spot_uta”)

This cookie associates the User Token value with an EDP member attribute. The standard EDP member attribute for storing a device token is “user_token”, but any other identifier field can be used, such as: integration_id, integration2_id, email, etc.

Do Not Track (“spot_dnt”)

Spot preserves user’s optin or optout choice by setting a Do Not Track cookie “spot_dnt=1”. Optin sets “spot_dnt=0”, and Optout sets “spot_dnt=1”. If Do Not Track is enabled (“spot_dnt=1”) Events are blocked and not sent to the server.

Obviously Personal Information

Spot attempts to detect obviously personal information such as email addresses and will avoid saving those into cookies. So if a customer were to send an email address as the user_token in a querystring parameter (which is not recommended but technically possible), Spot would use the value for submitting events but never store it as a cookie.