W3C home > Mailing lists > Public > public-tracking@w3.org > May 2012

Re: Transitive third party exceptions

From: イアンフェッティ <ifette@google.com>
Date: Wed, 9 May 2012 09:24:26 -0700
Message-ID: <CAF4kx8cHKsM=K98GQrSyzJWQ0NHtXDjF7eRzwgkRaH9mJymdVQ@mail.gmail.com>
To: Jonathan Mayer <jmayer@stanford.edu>
Cc: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Optional things in the spec just lead to more complexity, things that never
get implemented, and more bugs.

On Wed, May 9, 2012 at 9:18 AM, Jonathan Mayer <jmayer@stanford.edu> wrote:

> If we were to support transitivity—an issue that's still in the air—why
> make it mandatory?  Why not make it optional?
>
> Jonathan
>
> On Wednesday, May 9, 2012 at 8:37 AM, Ian Fette (イアンフェッティ) wrote:
>
> This is meant to satisfy ACTION-194 and is a proposal for transitive third
> party exceptions. I'm not sure if it's necessary if we restrict things to
> "first-party/*" but if you want to list out "first-party/third-party"
> explicit/explicit exceptions, I believe it would be necessary for things
> like advertising networks to function.
>
> "If a third party has been granted an exception on a page, then any
> resources fetched by that third party, including items such as images
> included by that third party, content dynamically fetched by that third
> party, or another third party that is redirected to (such as via an HTTP
> 302 status code) are considered to be covered by that exception. This
> applies transitively, meaning that if in a given context "Site A" is a
> third party and has an exception, if it redirects to "Site B" then "Site B"
> is covered by that exception, as would "Site C" if "Site B" either included
> content from or redirected to "Site C".
>
> -Ian
>
>
>
Received on Wednesday, 9 May 2012 16:24:57 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:28 UTC