Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integrate with Permissions Policy #40

Open
martinthomson opened this issue Oct 3, 2024 · 0 comments
Open

Integrate with Permissions Policy #40

martinthomson opened this issue Oct 3, 2024 · 0 comments

Comments

@martinthomson
Copy link
Collaborator

This probably needs discussion, but I suggest the following:

  1. We define two policy-controlled features that correspond to saveImpression and measureConversion.
  2. We allow those features by default in all contexts.

There is no real risk to enabling saveImpression everywhere, because it does basically nothing. At some point, browsers will probably need to drop impressions if the API is called too often, but those limits are unlikely to be hit without some pretty serious abuse. A site that abuses the API can be the first to lose impressions. That all seems manageable.

Calls to measureConversion will burn privacy budget, so there might be a reasonable case to disable it by default. However, that would mean that an intermediary would not be able to access the capability without explicit action on the part of the advertiser. Only those intermediaries that run script in the top-level context (a common practice, even if it is generally inadvisable) would be able to access the API from frames if that was the case.

Note that permissions policy manifests as a simple allowlist. That means that it would not be possible to provide precise apportionment of privacy budgets to different intermediaries. Tracking that capability is going to be a separate issue; one that we might choose to defer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Essential
Development

No branches or pull requests

1 participant