Set anti-FLoC server header #26539
Comments
josaur
added
0. Needs triage
|
Relevant discussion: friendica/friendica#10151 TLDR: it's probably not a good idea to include this header in upstream software. |
|
See also #23825 |
This comment has been minimized.
This comment has been minimized.
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
ghost
added
the
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Is there a way to block the annoying bot for specific issues? |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
I heave my doubts server is a good place for this. Maybe a simple app like https://apps.nextcloud.com/apps/hsts that adds it [for the related family of browsers]? Eventually the best way to opt out of being analyzed is perhaps not using a browser of the ad company in the first place. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
J0WI
added
papercut
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
Nextcloud servers should set the Permissions-Policy response header as follows: Permissions-Policy: interest-cohort=() (https://github.com/WICG/floc#opting-out-of-computation). It disables the FLoC tracking method in Chrome browsers for users that visit the Nextcloud Instance.
Motivation
Currently, the new Google tracking method called FLoC is in the media. It cannot be deactivated by Chrome users easily. However, site admins can disable FLoC for their sites by sending the Permissions-Policy header with correct value.
If Nextcloud servers send them by default, this has a huge privacy impact for all Nextcloud users.
The text was updated successfully, but these errors were encountered: