[D9][D10][D7] Remove interest-cohort header #6199
Comments
|
My understanding is that the entire FLoC concept that utilized Interest-Cohort was scrapped because all major systems (including WordPress) decided to start blocking user-tracking by default. The backlash was so severe Google backed out of it entirely. |
|
Should the change record at: https://docs.backdropcms.org/change-records/header-added-by-default-to-disable-floc be simply updated or should another change record that cross references with that one be added? |
yorkshire-pudding
changed the title
|
PR added at backdrop/backdrop#4500 Can be tested by just looking for the usual warning that appears in Console and noting that it is not there anymore. |
Are any @backdrop/core-committers able to advise whether I need to write a new change record or update the existing change record? |
|
Current Change Record:
HTML<p>By default, a new <code>Permissions-Policy: interest-cohort=()</code> header is now present on Backdrop websites. This header is added in response to the implementation of <a href="https://en.wikipedia.org/wiki/Federated_Learning_of_Cohorts" target="_blank">Federated Learning of Cohorts (FLoC)</a>, which is a way to gather user data without cookies, regardless of whether a website loads any tracking scripts. As of April 2021, Google's Chrome browser is the only major web browser to implement FLoC.</p>
<p>To disable this header and allow FLoC for the website, a new Backdrop setting, <code>block_interest_cohort</code>, can be set to <code>FALSE</code> in your settings.php:</p>
<pre>
<span class="blob-code-inner blob-code-marker" data-code-marker="+"><span class="pl-c">$config['system.core']['block_interest_cohort'] = FALSE;</span></span></pre>Proposed New Version
Feedback? |
|
Code LGTM, and all tests are passing (with the exception of the spell checker). For the change record, I would prefer if we reword it so the fact that this was removed appears first, and then later mention when it was added, so that at first glance people know it's gone. Something like this... The Permissions-Policy: interest-cohort=() header has been removed in Backdrop versions 1.26 and 1.25.2. This header was added to Backdrop websites by default, in version 1.19.3. The addition was in response to the implementation of Federated Learning of Cohorts (FLoC), which was a way to gather user data without cookies, regardless of whether a website loads any tracking scripts. The recent removal was due to widespread blocking by websites, and the fact that no browser other than Google Chrome had implemented FloC. Support for this header was dropped in January 2022 and it now causes a warning to appear in the Console on Google Chrome and other Chromium based browsers:
|
|
Thanks @jenlampton - CR text looks good to me. |
|
I updated the change record, now located at https://docs.backdropcms.org/change-records/permissions-policy-header and I have merged the PR into 1.x for 1.26.0. I could not cherry-pick it back into 1.25.x because of conflicting update hook numbers in system.install. Thanks @yorkshire-pudding for taking the lead on this! |
quicksketch
added
status - fixed
and removed
needs - change record
pr - needs testing
labels
Shouldn't we update the change record at https://docs.backdropcms.org/change-records/permissions-policy-header then? It mentions:
|
|
Thanks, I updated the change record. |
My curiosity about this warning arose again:
I searched for it and among the results was this Drupal issue to remove the header: https://www.drupal.org/project/drupal/issues/3260401
D7
I note it was added in #5103 for valid reasons, but the consensus in Drupal now seems to be that it can be removed.
Should we remove it too?
People might think there is an error with Backdrop if we don't?
There is also mentioned this link: https://blog.google/products/chrome/get-know-new-topics-api-privacy-sandbox/
PR added - https://github.com/backdrop/backdrop/pull/4500
The text was updated successfully, but these errors were encountered: