New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Permissions Policy directive browsing-topics #24
Conversation
There's nothing on the Chrome Roadmap for this for 105 and typically there's a release or two (often more) while the results of the origin trail are analysed. So I'm still a -1 on this change for now while it is still experimental. But, full disclosure, I've joined the Chrome team since we last discussed this so will leave the decision to someone else. Though I'm working on web performance not privacy so know no more than you on this particular feature 😁 |
Yes, I meant to say that there is no urgency in merging this PR since
This makes sense, there is no rush at all. Also, as of now, accidental use of Browsing Topics API is very unlikely: site administrator needs to explicitly register for an origin trial, copy the token and configure site to serve it for every context where Topics API would be used. |
This PR just got less relevant, might become relevant by year Based on this Chromium blog post, looks like launch of Privacy Sandbox (including Topics API) is postponed a bit further. Starting with Chrome 104, OT will include stable users, but most likely sites will still need to explicitly opt in to be included in Topics calculation. |
They're planning to push "Topics API" out to "all Chrome users" in the 2nd half of 2023: https://developer.chrome.com/en/blog/expanding-privacy-sandbox-testing-2023/ |
In Chrome 115 this became a thing again: https://developer.chrome.com/blog/privacy-sandbox-launch/. I'm keen on disabling browsing-topics by default to enhance privacy. @tunetheweb, what do you think? |
As I work on the Chrome team now I'll bow out of commenting whether this is a good change or not, but no objections from me as it's no longer behind a flag. |
@bershanskiy, what do you think? Would you be willing to rebase your PR? If not, I'll create a new one this weekend to merge your change. |
@Jonakemon Yes, sure I'll rebase and test it (within the next day). |
8b9a0de
to
12eea6f
Compare
@Jonakemon I rebased the PR, and just to make sure everything is OK ran unit tests on CI (ran manually in my repo and then they were automatically here), and tested manually locally and am happy with the way this works now. Please merge whenever it is convenient. Also, is there a plan to make a release any time soon? Thanks! |
@bershanskiy I really appreciate the rebase, thanks! After the other PR is merged, I'll propose a deploy. |
@bershanskiy a new release was just published on Pypi https://pypi.org/project/flask-talisman/1.1.0/. Thanks for all the help :) |
This PR adds Permissions Policy directive
browsing-topics
which controls access to The Topics API. This API is Chromium-only and is still in Origin Trial (in Chrome 101 to 104 until August 29) and it might land in Chrome 105 which is scheduled to be released on August 30.Fixes #22.
Related to #20 and #21.