- From: CVS User dsinger2 <cvsmail@w3.org>
- Date: Wed, 10 Apr 2013 23:37:20 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv29098
Modified Files:
tracking-dnt.html
Log Message:
Integrated Adrian's text on exceptions, domain handling
Integrated Nick's (revised Dave) text on UA exception handling, including merging two sections, x-refs, etc.
Removed one closed issue
Added the non-normative text on site exception handling
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2013/02/12 22:48:35 1.187
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2013/04/10 23:37:20 1.188
@@ -1407,20 +1407,24 @@
general preference is not <a>enabled</a>.
(This permits recording a permission
to allow tracking in jurisdictions where such permission cannot be
- assumed.)
+ assumed – see <a href="#exceptions-no-js" class="sectionRef"></a>.)
</p>
<p>
The user-agent MAY provide interfaces to the user:
<ul>
- <li>To indicate that a call to store an exception has just been made;</li>
- <li>To indicate that one or more exceptions exist for the current
- top-level origin;</li>
- <li>To indicate that one or more exceptions exist for sites
- incorporated into the current page;</li>
- <li>To allow the user to see and possibly revoke stored exceptions.</li>
- <li>Other aspects of the exception mechanism, as desired.</li>
- </ul>
- There is no required user-interface for the user-agent.
+ <li>To indicate that a call to store an exception has just been made;
+ <li>To allow the user to confirm a user-granted exception prior to
+ storage;
+ <li>To indicate that one or more exceptions exist for the current
+ top-level origin;
+ <li>To indicate that one or more exceptions exist for sites
+ incorporated into the current page;
+ <li>To allow the user to see and possibly revoke stored exceptions;
+ <li>Other aspects of the exception mechanism, as desired.
+ </ul>
+ There is no required user interface for the user agent;
+ user agents MAY choose to provide no user interface regarding
+ user-granted exceptions.
</p>
<p class="note">
The requirement for the site to determine the user's intention is new;
@@ -1502,7 +1506,8 @@
will not change the DNT header it sends them.
</p>
<p>
- The calls cause the following steps to occur:
+ The calls cause the following steps to occur (subject to user
+ confirmation of the exception, if the user-agent asks for it):
</p>
<ul>
<li>The UA adds to its local database one or
@@ -1514,27 +1519,15 @@
database, then a DNT:0 header is sent, otherwise DNT:1 is
sent.</li>
</ul>
+ <p>In addition, responses to the JavaScript API indicated should be consistent
+ with this user preference (see below).</p>
+
<p class="note">
The prior version of this required that the UA "somehow confirms with the
user that they agree to the grant of exception, if not already granted"
</p>
- </section>
- <section id='exception-use-browsers'>
- <h3>Exception use by browsers</h3>
- <p>
- If a user agrees to allow tracking by a <strong>target</strong> on
- the <strong>top-level origin</strong>, this should result in two
- user-agent behaviors:
- </p>
- <ol>
- <li>If requests to the <strong>target</strong> for resources that
- are part of the DOM for pages on <strong>top-level origin</strong>
- include a DNT header, that header MUST be DNT:0.</li>
- <li>Responses to the JavaScript API indicated should be consistent
- with this user preference (see below).
- </li>
- </ol>
+
<p class="issue" data-number="159" title="How do we allow sites that mash-in ad-supported content to maintain their own trusted third parties?">
This model does not support mashed-up content which is in turn
supported by ads; it's not clear how to distinguish between
@@ -1576,22 +1569,6 @@
</p>
</div>
- <p class="issue" data-number="111" title="Different DNT values to signify existence of user-granted exception">
- <b>[POSTPONED]</b> Should the user agent send a different DNT
- value to a first party site if there exist user-granted exceptions
- for that first party? (e.g. DNT:2 implies "I have Do Not Track
- enabled but grant permissions to some third parties while browsing
- this domain")<br />
- <b>Proposal</b>: A previous proposal was that it can add itself to the
- list (i.e. an exception for [site, site]) and then it will get DNT:0,
- but DNT:0 to a first party means something different (that it can pass
- data to third parties, and tracking is permitted). It would be better to
- have an indication in the DNT header that one or more site-specific
- exceptions exist for the given target (i.e. that there is at least one
- duplet in the database with target as its first host name), for example
- "DNT:1E" where E means you are a first party with one or more
- active exceptions.
- </p>
<p class="issue" data-number="151" title="User Agent Requirement: Be able to handle an exception request">
<b>[OPEN]</b> There is software that in just a few lines of code
just spawn DNT;1 or DNT;0 headers regardless of user's will. A
@@ -1624,7 +1601,7 @@
<h3>API to Request a Site-specific Exception</h3>
<dl class="idl" title='partial interface Navigator'>
- <dt>integer storeSiteSpecificTrackingException (
+ <dt>void storeSiteSpecificTrackingException (
StoreSiteSpecificExceptionPropertyBag properties)
</dt>
<dd>
@@ -1633,6 +1610,8 @@
</dd>
</dl>
<dl class="idl" title="dictionary StoreExceptionPropertyBag">
+ <dt>DOMString? domain</dt>
+ <dd>Cookie-like domain string to which the exception applies.</dd>
<dt>DOMString? siteName</dt>
<dd>A user-readable string for the name of the top-level origin.</dd>
<dt>DOMString? explanationString</dt>
@@ -1665,28 +1644,14 @@
this in the return value.
</p>
<p>
- The execution of this API and the use of the resulting permission
+ If <code>domain</code> is not specified or is null or empty then
+ the execution of this API and the use of the resulting permission
(if granted) use the 'implicit' parameter, when the API is called,
the <strong>document origin</strong>. This forms the first part of
the duplet in the logical model, and hence in operation will be
compared with the <strong>top-level origin</strong>.
</p>
<p>
- The returned integer has the following possible values:
- </p>
- <ul>
- <li><code>0</code> indicates a syntax or other operational error.</li>
- <li><code>1</code> indicates that the request was for specific
- <strong>target</strong>s and the the user-agent has stored or will store
- an exception on
- <strong>top-level origin</strong> for those specific
- <strong>target</strong>s.</li>
- <li><code>2</code> indicates the user-agent has stored or will store
- a site-wide exception on <strong>top-level origin</strong> for all
- <strong>target</strong>s; the request may have been for
- specific <strong>target</strong>s or for a site-wide exception.</li>
- </ul>
- <p>
If permission is stored for an explicit list, then the set of
duplets (one per target):
</p>
@@ -1703,6 +1668,44 @@
is added to the database of remembered grants.
</p>
<p>
+ If <code>domain</code> is supplied and not empty then it is treated
+ in the same way as the domain parameter to cookies and allows setting
+ for subdomains. The <code>domain</code> argument can be set to
+ fully-qualified right-hand segment of the document host name, up to
+ one level below TLD.
+ </p>
+
+ <p class="note">For example, <em>www.foo.bar.example.com</em> may set the
+ domain parameter as as <code>"bar.example.com"</code> or
+ <code>"example.com"</code>, but not to <code>"something.else.example.com"</code>
+ or <code>"com"</code>.
+ </p>
+
+ <p>If the <code>domain</code> argument is not permitted by following the
+ cookie domain rules (e.g. not a right-hand match or is a TLD) then
+ a SYNTAX_ERR exception should be thrown.
+ </p>
+
+ <p>
+ If permission is stored for an explicit list, then the set of
+ duplets (one per target):
+ </p>
+ <pre>[*.domain, target]</pre>
+ <p>
+ is added to the database of remembered grants.
+ </p>
+ <p>
+ If permission is stored for a site-wide exception, then the
+ duplet:
+ </p>
+ <pre>[*.domain, * ]</pre>
+ <p>
+ is added to the database of remembered grants.
+ </p>
+ <p>Here <code>*.domain</code> indicates that a wildcard match will be performed
+ against the domain suffix.
+ </p>
+ <p>
A particular response to the API — like a DNT response
header — is only valid immediately, and users may choose to
edit the list of stored exceptions and revoke some or all of them.
@@ -1721,21 +1724,43 @@
<h3>API to Cancel a Site-specific Exception</h3>
<dl class="idl" title='partial interface Navigator'>
- <dt>boolean removeSiteSpecificTrackingException( )</dt>
+ <dt>void removeSiteSpecificTrackingException( RemoveExceptionPropertyBag properties )</dt>
<dd>
- Ensures that the database of remembered grants no longer
- contains any duplets for which the first part is the current
- document origin; i.e., no duplets <code>[document-origin,
- target]</code> for any target. There is no callback. After the
- call has been made, it is assured that there are no
- site-specific or site-wide exceptions for the given
- top-level origin.
+ <p>
+ If domain is not supplied or is null or empty then this
+ ensures that the database of remembered grants no longer
+ contains any duplets for which the first part is the current
+ document origin; i.e., no duplets <code>[document-origin,
+ target]</code> for any target.
+
+ </p>
+ <p>
+ If domain is supplied and is not empty then this
+ ensures that the database of remembered grants no longer
+ contains any duplets for which the first part is the
+ domain wildcard; i.e., no duplets <code>[*.domain, target]</code>
+ for any target.
+ </p>
+ <p>
+ There is no callback. After the
+ call has been made, it is assured that there are no
+ site-specific or site-wide exceptions for the given
+ top-level origin.
+ </p>
</dd>
</dl>
- <p>This returns a boolean indicating, when true, that the call has
- succeeded, and that the database of grants no longer contains
- the indicated grant(s); when false,
- some kind of processing error occurred.
+ <dl class="idl" title="dictionary RemoveExceptionPropertyBag">
+ <dt>DOMString? domain</dt>
+ <dd>Cookie-like domain string to which the exception applies.</dd>
+ </dl>
+ <p> When this method returns the database of grants no longer contains
+ the indicated grant(s); if some kind of processing error occurred then
+ an appropriate exception will be thrown.
+ </p>
+ <p class="note">
+ If there are no matching duplets in the database of remembered
+ grants when the method is called then this operation does nothing
+ (and does not throw an exception).
</p>
</section>
@@ -1744,22 +1769,21 @@
<dl class="idl" title='partial interface Navigator'>
<dt>boolean confirmSiteSpecificTrackingException (
- optional sequence<DOMString> arrayOfDomainStrings)
+ ConfirmSiteSpecificExceptionPropertyBag properties)
</dt>
<dd>
Called by a page to confirm a site-specific tracking
exception.
</dd>
</dl>
-
- <p>
- The <code>confirmSiteSpecificTrackingException</code> method takes
- one optional argument:
- </p>
- <ul>
- <li><code>arrayOfDomainStrings</code>, a JavaScript array of
- strings,</li>
- </ul>
+ <dl class="idl" title="dictionary ConfirmExceptionPropertyBag">
+ <dt>DOMString? domain</dt>
+ <dd>Cookie-like domain string to which the exception applies.</dd>
+ </dl>
+ <dl class="idl" title="dictionary ConfirmSiteSpecificExceptionPropertyBag : ConfirmExceptionPropertyBag">
+ <dt>sequence<DOMString> arrayOfDomainStrings</dt>
+ <dd>A JavaScript array of strings.</dd>
+ </dl>
<p>
If the call does not include the
<code>arrayOfDomainStrings</code>, then this call is to confirm a
@@ -1773,7 +1797,8 @@
MUST match by confirming a site-wide exception.
</p>
<p>
- The execution of this API uses the 'implicit' parameter,
+ If the <code>domain</code> argument is not supplied or is null or empty
+ then the execution of this API uses the 'implicit' parameter,
when the API is called,
the <strong>document origin</strong>. This forms the first part of
the duplet in the logical model.
@@ -1790,6 +1815,20 @@
single duplet:
</p>
<pre>[document-origin, * ]</pre>
+ <p>
+ If the user-agent stores explicit lists, and the call includes one,
+ and the <code>domain</code> argument is provided and is not empty then the
+ database is checked for the existence of all the duplets (one per target):
+ </p>
+ <pre>[*.domain, target]</pre>
+
+ <p>
+ If the user-agent stores only site-wide exceptions or the call did
+ not include an explicit list, and the <code>domain</code> argument is
+ provided and is not empty then the database is checked for the single
+ duplet:
+ </p>
+ <pre>[*.domain, * ]</pre>
<p>
The returned boolean has the following possible values:
@@ -1811,16 +1850,17 @@
<h3>API to Request a Web-wide Exception</h3>
<dl class="idl" title='partial interface Navigator'>
- <dt>integer storeWebWideTrackingException (
- optional siteName,
- optional explanationString,
- optional detailURI)
+ <dt>void storeWebWideTrackingException (
+ StoreExceptionPropertyBag properties)
</dt>
<dd>
The single duplet
- <code>[ * , document-origin]</code>
+ <code>[ * , document-origin]</code> or
+ <code>[ * , *.domain]</code> (based on if <code>domain</code>
+ is provided and is not null and not empty)
is added to the database of remembered grants.
- The parameters are as described
+ The members of the <code>StoreExceptionPropertyBag</code>
+ dictionary are as described
<a href="#exceptions-javascript-api">above</a> in the
request for site-specific exceptions.
</dd>
@@ -1829,13 +1869,6 @@
This API requests the addition of a
web-wide grant for a specific site, to the database.
</p>
- <p>
- The returned integer has the following possible values:
- </p>
- <ul>
- <li><code>0</code> indicates a syntax or other operational error.</li>
- <li><code>1</code> indicates that the request was or will be stored.</li>
- </ul>
<p class="note">
As above, this call used to be asynchronous, and the change to the UI
enabled it to be synchronous.
@@ -1846,21 +1879,18 @@
<h3>API to Cancel a Web-wide Exception</h3>
<dl class="idl" title='partial interface Navigator'>
- <dt>boolean removeWebWideTrackingException( )</dt>
+ <dt>void removeWebWideTrackingException( RemoveExceptionPropertyBag properties )</dt>
<dd>
Ensures that the database of remembered grants no longer
- contains the duplet <code>[ * , document-origin]</code>.
+ contains the duplet <code>[ * , document-origin]</code>
+ or <code>[ * , *.domain]</code> (based on if <code>domain</code>
+ is provided and is not null and not empty).
There is no callback. After the call has been made, the
indicated pair is assured not to be in the database. The same
matching as is used for determining which header to send is used
to detect which entry (if any) to remove from the database.
</dd>
</dl>
- <p>This returns a boolean indicating, when true, that the call has
- succeeded, and that the database of grants no longer contains
- the indicated grant; when false,
- some kind of processing error occurred.
- </p>
</section>
@@ -1868,7 +1898,7 @@
<h3>API to Confirm a Web-wide Exception</h3>
<dl class="idl" title='partial interface Navigator'>
- <dt>boolean confirmWebWideTrackingException ()
+ <dt>boolean confirmWebWideTrackingException (ConfirmExceptionPropertyBag properties)
</dt>
</dl>
<p>
@@ -1877,7 +1907,9 @@
</p>
<p>
The returned boolean indicates whether the duplet
- <code>[ * , document-origin]</code> exists in the database.
+ <code>[ * , document-origin]</code> or <code>[ * , *.domain]</code>
+ (based on if <code>domain</code> is provided and is not null and
+ not empty) exists in the database.
</p>
<ul>
<li><code>true</code> indicates that the web-wide exception exists;</li>
@@ -2043,7 +2075,7 @@
[67 lines skipped]
Received on Wednesday, 10 April 2013 23:37:22 UTC