- From: Craig Spiezle <craigs@otalliance.org>
- Date: Sun, 28 Oct 2012 10:05:44 -0700
- To: Tracking Protection Working Group <public-tracking@w3.org>
+ huge issue for abuse or exploit Sent from my phone On Oct 28, 2012, at 8:05 AM, "Tracking Protection Working Group Issue Tracker" <sysbot+tracker@w3.org> wrote: > tracking-ISSUE-185 (WebWide Not): There should not be an API for web-wide exceptions [Tracking Preference Expression (DNT)] > > http://www.w3.org/2011/tracking-protection/track/issues/185 > > Raised by: Mike O'Neill > On product: Tracking Preference Expression (DNT) > > We should not have a "silent" web-wide exception API, to accompany the suggested site-wide one. > As there is now no safety check UI for the site-wide API ,or potential for one as it is now synchronous, it would be very easy for a 1st party site to maliciously or accidentally set a web-wide API, without the user being informed. > I agree that new site-wide API is a good idea, as it will be simpler to implement and does not have the problem of bombarding users with exception dialogs, but it would be a bad idea to project this onto the web-wide one. > I therefore suggest we either remove the web-wide API or insist that it is implemented as it was before, with a browser UI informing the user and getting agreement. > > >
Received on Sunday, 28 October 2012 17:06:12 UTC