- From: Shane M Wiley <wileys@oath.com>
- Date: Sun, 20 Aug 2017 18:09:39 -0700
- To: "public-tracking@w3.org" <public-tracking@w3.org>
- Message-ID: <CAEwb2y=ntG_YgrwnhoXX2J_ZzHLZ9VYOXTjZX5M2avdWSwbG4g@mail.gmail.com>
*Multi-Domain First Party:* Many websites operate under more than one core domain to manage their resources in a distributed manner or across individual product domains under the corporate domain. Our team has not reviewed the UGE API since the consolidation and noticed on this pass that the ability to send multiple first party domains as part of a site wide exception has been lost in the new approach. It appears only a single "site" can be provided per call now requiring multiple API calls for the same entity. For example, www.yahoo.com and www.yimg.net would each require a separate call. It doesn't appear there was a desire to force to a same origin policy here such that only the host domain can request a site-wide exception for its domain so would it be possible to include the "site" array property again? *3rd Parties Registering Exceptions on 1st Party Sites:* It appears it may be possible for a 3rd party to attempt to register a user granted exception while operating on a 1st party site. As it would be unexpected to occur in this scenario we'd ask that we determine a way for the 1st party to be notified in this case. - Shane Shane Wiley VP, Privacy Oath: A Verizon Company
Received on Monday, 21 August 2017 08:24:06 UTC