- From: Paul Libbrecht <paul@hoplahup.net>
- Date: Sun, 14 Aug 2011 15:53:53 +0200
- To: Jonathan Rees <jar@creativecommons.org>
- Cc: www-tag@w3.org
Or... they are the same server... (adwords google and google analytics for example). Rejecting cookies of transcluded content seems like a good idea for a realistic approach. It would break many functionality such as the Facebook friends-bar or fans-bar which can show "your friends"; it would also break the google analytics quality but it would not break existing functionality of log-in-through forms. It should still tolerate a site difference such as static.mysite.net and app.mysite.net. paul Le 14 août 2011 à 13:36, Jonathan Rees a écrit : >> are you assuming the servers communicate to one another? > > They are obviously communicating - otherwise the 2nd server wouldn't > show information only the 1st knows. But they do so via an > hub-and-spokes intermediary, as Alan explained. There is probably no > direct relationship between the two. > > I found the behavior disconcerting because I don't expect Expedia (or > Kayak or whoever it was) to be broadcasting my travel planning > behavior. I'm not saying there's a law saying they can't, and I'm not > saying that the recipient has a way to know my personal identity, but > I can imagine scenarios in which this leak could turn out badly for > someone.
Received on Sunday, 14 August 2011 13:54:35 UTC