W3C home > Mailing lists > Public > public-tracking@w3.org > April 2012

Re: navigator.doNotTrack

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 11 Apr 2012 17:06:58 -0400
Cc: Tracking Protection Working Group WG <public-tracking@w3.org>
Message-Id: <F2C63341-8424-4FC4-AFE7-D6066D224DD9@gbiv.com>
To: Justin Lebar <jlebar@mozilla.com>
On Apr 11, 2012, at 12:45 PM, Justin Lebar wrote:

>> Is there a way to achieve this same-trueness of the property while also providing an obvious way to add extensions in the JavaScript property?
>> 
>> Could the doNotTrack property be "1", "0" or "unspecified" and then any extension to the header should be appended to "1" and "0" (and header values shouldn't ever be "unspecified")?
>> 
>> Thanks,
>> Nick
> 
> "1", "0", and "unspecified" would work as well as "yes", "no", and
> "unspecified", yes.
> 
> But I don't see how extensions would fit in here without breaking
> existing logic.  Suppose you added a "foo" extension, so now people
> send "DNT: 1 foo".  If we reflected this verbatim in the DOM, then
> every site which checks for navigator.doNotTrack == "1" will break.

Yes, so don't do that.  There is no "existing logic".  There are no sites
that check navigator.doNotTrack == "1" right now.  I don't care about
the potential ability for web developers to write bad code given
that there is no current documentation that they can copy that tells
them how to test it properly.  The standard specifies it properly, so
we just need to make sure the implementations and examples do the same.

> Or alternatively, suppose we added DNT: 2.  Again, websites would
> handle this incorrectly if we returned it in navigator.doNotTrack,
> because many sites would do an if {} elseif {} else {}.
> 
> To be clear, it's a problem that web servers would have to be updated
> to handle this new DNT field, but at least there's some hope of
> getting that right, since there are only a handful of web servers.
> With the Web, there's no hope of getting legacy pages updated.

There are no legacy DNT pages.

> It seems to me that we'd want to expose an extension as
> navigator.doNotTrackFoo, or perhaps
> navigator.doNotTrackExtensions['foo'], or something other than
> navigator.doNotTrack.
> 
> Perhaps I'm missing the point of these extensions?

The whole point of having extensibility is that we don't know what
extensions will be needed.  This is not a problem.

If you implement it according to the spec, then the test will be
future-proof.  If you don't implement the test as specified, then the
test will fail.  We specified it that way specifically so that
it would be extensible.

....Roy
Received on Wednesday, 11 April 2012 21:07:40 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:27 UTC