- From: Justin Lebar <jlebar@mozilla.com>
- Date: Wed, 21 Dec 2011 14:00:51 -0500
- To: public-privacy@w3.org, Sid Stamm <sid@mozilla.com>, Jonas Sicking <jonas@sicking.cc>
In Firefox, we implemented navigator.doNotTrack to return either "unspecified", if the user has not opted in to DNT, or "yes", if the user has opted in to DNT. The proposed DNT spec has us return "1" if the user has opted in to DNT and doesn't seem to specify what we should return otherwise. I propose the spec be modified to explicitly state what UAs should return if the user has not opted in to DNT, and to use unspecified/yes instead of ??/1. DNT is a tri-state, not a boolean. The DNT http header may be 1, 0, or not present. 0 indicates that the user has explicitly opted in to tracking. Although Firefox doesn't support this option at the moment, we'd like to spec DNT in such a way as to allow users to explicitly opt in to tracking. We propose that navigator.doNotTrack == "no" correspond to DNT: 0. It's confusing that navigator.doNotTrack's value doesn't correspond to the value of the HTTP header, but we did this because we wanted to protect against buggy JS which assumes navigator.doNotTrack is a boolean. If we were to use navigator.doNotTrack == '' for users who have neither oped in nor out of DNT, then sites could do |if (navigator.doNotTrack) { // don't track me }|. This would make it difficult for us to introduce navigator.doNotTrack = "no" in the future, because "no" resolves to the boolean |true|. I've filed a webkit bug on this issue [1]. [1] https://bugs.webkit.org/show_bug.cgi?id=75008
Received on Wednesday, 21 December 2011 19:01:42 UTC