Proposal of web facing feature about Sec-GPC implementation

160 views
Skip to first unread message

Maxim Nesterov

unread,
Jan 20, 2023, 12:22:16 PM1/20/23
to blink-dev
I uploaded change for review with  Sec-GPC  implementation (both additional header and js api), but was mentioned that the change should be approved on blin...@chromium.org first.
Could you, please, help me with that?

Ari Chivukula

unread,
Jan 20, 2023, 12:36:07 PM1/20/23
to Maxim Nesterov, blink-dev
Thanks for reaching out! This is the right place to publish intents to launch new features in Chrome, and an overview of the process can be found here: https://www.chromium.org/blink/launching-features/

I believe the prototyping phase is the best place to start given GPC itself already has a specification. https://privacycg.github.io/gpc-spec/

Some examples of the format in action can be found here: https://groups.google.com/a/chromium.org/g/blink-dev/search?q=subject%3Aintent%20subject%3Ato%20subject%3Aprototype

~ Ari Chivukula (Their/There/They're)


On Fri, Jan 20, 2023 at 12:22 PM Maxim Nesterov <m-nes...@yandex-team.ru> wrote:
I uploaded change for review with  Sec-GPC  implementation (both additional header and js api), but was mentioned that the change should be approved on blin...@chromium.org first.
Could you, please, help me with that?

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/dcdd636b-f476-4291-883b-267b260f8d90n%40chromium.org.

Ari Chivukula

unread,
Jan 31, 2023, 2:11:28 PM1/31/23
to Maxim Nesterov, blink-dev, Jeffrey Yasskin
Maxim ended up abandoning the CL to add GPC for lack of time, but support exists for any contributor who wants to pick that torch back up.

If you're interested please reach out to myself or Jeffrey (cc'd) for support on the code and/or on navigating the launch process. 

~ Ari Chivukula (Their/There/They're)

Jeffrey Yasskin

unread,
Jan 31, 2023, 2:32:29 PM1/31/23
to Ari Chivukula, Maxim Nesterov, blink-dev, Jeffrey Yasskin
And, with respect to the launch process, whoever upstreams this will have to put it in Chrome Status (which I can help with) and send an Intent to Prototype, but you can stop there. While we'd love for you to take it all the way to Intent to Ship and have the discussion about how to have Chromium default-on a feature while Chrome is still undecided about it, you aren't signing up for that work just by sending your I2P.

Jeffrey

Maciej Czarnecki

unread,
6:38 PM (3 hours ago) 6:38 PM
to blink-dev, Jeffrey Yasskin, blink-dev, Ari Chivukula
Created feature:
https://chromestatus.com/feature/5137324344213504

Maciej Czarnecki

unread,
6:38 PM (3 hours ago) 6:38 PM
to blink-dev, Jeffrey Yasskin, Maxim Nesterov, blink-dev, Ari Chivukula

Hello, I would be happy to pick up the implementation of `Sec-GPC`. Can I continue in this thread or should I start a new one?

Here is a draft of the Intent to Prototype

Contact emails:  mccz...@gmail.com

Explainer https://github.com/w3c/gpc/blob/main/explainer.md

Specification https://w3c.github.io/gpc/

Summary
This proposal adds support for the Global Privacy Control (GPC) signal. GPC allows users to notify businesses of their privacy preferences, such as a request not to sell or share their personal information.

This implementation involves:

  1. Adding a Sec-GPC HTTP request header with a value of 1 when the user has enabled the signal.

  2. Exposing a navigator.globalPrivacyControl property in the DOM, returning true when enabled.

Blink component
Blink

Motivation
The signal is already implemented by other browsers and Chrome should catch-up with this privacy setting. This year California signed a bill under the CCPA/CPRA that obligates the browsers to provide ability to communicate do-not-sell-or-share preference before 2027.
Currently, Chrome allows to send GPC header only via an extension which may be not sufficient to be compliant with the bill.

Search tags GPC, Global Privacy Control, Privacy, Sec-GPC

Risks

Interoperability and Compatibility
The risk is low as this is an additive feature.

  • Gecko: Shipped (Enabled by default in Firefox private browsing and optional in standard mode).

  • WebKit: Based on the info from the Internet, the signal is not yet implemented in WebKit

  • Web developers: Publishers are obligated to honor the signal.

  • Other signals: Brave, DuckDuckGo, and other privacy-focused browsers have shipped this.

Ergonomics
The feature is simple (a boolean flag). It does not introduce complex performance or ergonomic challenges. There is already a similar setting for DoNotTrack header.

Activation
Web developers can easily feature-detect navigator.globalPrivacyControl.

Security
This feature exposes a user preference, which could theoretically be used for fingerprinting. However, it is a high-entropy bit intended to be broadcast to all sites, similar to DNT (Do Not Track), but with a clearer legal framework for enforcement.

WebView application risks
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? No.

Debuggability
DevTools will show the Sec-GPC header in network requests and allow inspecting navigator.globalPrivacyControl in the console.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Yes.

Is this feature fully tested by web-platform-tests?
No, but tests will be added as part of the prototyping process.

Flag name
--enable-blink-features=GlobalPrivacyControl

Tracking bug https://issues.chromium.org/issues/40745270

Link to entry on the Chrome Platform Status
(Not available yet, I've send a request for access to the platform)


wtorek, 31 stycznia 2023 o 20:32:29 UTC+1 Jeffrey Yasskin napisał(a):
Reply all
Reply to author
Forward
0 new messages