Comments (4)
@michael-oneill I'm not sure why per-origin control would require a promise? If the user makes that decision in the browser or the extension the browser would understand that at the point of page load. Are you thinking of some other user flow?
from gpc-spec.
The problem is how to make an internal record (i.e. a boolean) available so that script loaded synchronously on page initialisation so the browsing context gets an accurate value from the navigator.gpc property.The browser itself could maybe have an internal record, but it is hard for an extension to do it.
A callback does not have that issue becase it only needs to occur once the determination is made (by examining non-origin storage out of process i.e. in a background script), and a promise is the modern way to achieve that.
You can do it employing some localStorage but it is quite hard to get it right, and it uses up some of the origin's storage that may get overwritten or cleared.
I know this from developing a browse extension to implement the DNT API back in 2013.
from gpc-spec.
I understand where you're coming from, but I don't think that adding the overhead of a promise only to support extensions is a good compromise. Also, I would think that an allowlist managed by an extension should be at most of the order of tens of entries, thousands at the most (beyond that it's not a very good mechanism). This can readily by managed in memory and implemented synchronously.
from gpc-spec.
Its not only to support extensions, making the decision early enough to guarentee the signal would be hard for native browsers also.
The problem with synchronously using localStorage is it is accessable to other script, so could be amended by a third-party to simulate the presense or absense of a consent signal.
AdTech lobbyists would use the resulting uncertainty to justify ignoring it.
from gpc-spec.
Related Issues (20)
- Update gpc-spec links
- Ensure consistency between HTTP and JavaScript HOT 6
- Make the architecture support other privacy laws HOT 10
- Give UAs more help in establishing user intent HOT 7
- Legal Effects section may fall out of date HOT 5
- Set up explainer document in this repo with more detail for implementers HOT 6
- Are implementers expected to always have the header active or not? HOT 3
- Should the navigator property always have the property active or not? HOT 5
- Create consumer-facing GPC instructions HOT 1
- Mixed documentation on navigator.globalPrivacyControl returning 1 or true HOT 5
- Clarify when a Global Privacy Control preference needs to be conveyed
- Add direct identification for each jurisdiction HOT 1
- GPC spec status HOT 4
- Move laws to Explainer HOT 2
- ยง5 should end after the sentence "For additional details on legal effects, consult the explainer." HOT 2
- Respec
- I'll merge this. If any devs think we should change the glob pattern instead we can change the behavior in a secondary PR. HOT 1
- F
- Evaluation
- Notion
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gpc-spec.