Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
block domains on the tracking protection list until user consents
See original GitHub issueIn app/trackingProtection.js:
// Temporary whitelist until we find a better solution
const whitelistHosts = ['connect.facebook.net', 'connect.facebook.com', 'staticxx.facebook.com', 'www.facebook.com']
Currently hosts that are on the Tracking Protection list but cause some important functionality (like fb login) to break are added to this whitelist so they don’t get blocked. My preferred long-term solution is to block by default but detect when a site is likely to break and pop up a dialog asking the user if they’d like to allow the domains to potentially track them.
Concrete example:
- user loads coolsite.com
- Brave sees a request to connect.facebook.net to download
sdk.jsorall.jsand infers that coolsite.com is going to use a Facebook feature - Brave shows a dialog that says, “Allow connections to connect.facebook.net and www.facebook.com so that you can use Facebook features (such as login and like buttons) on this page?”
Issue Analytics
- State:
- Created 5 years ago
- Reactions:3
- Comments:12 (8 by maintainers)
Top Results From Across the Web
Tracking protection - Cookie Status
In short, tracking protection, tracking prevention, anti-tracking, cookie blocking, content blocking, etc. are designed to: Identify and classify domains ...
Read more >iQ blocked by Firefox Tracking Protection?
Hi Tealium-Team, I noticed some days ago, that Tealium iQ gets blocked by the Tracking Protection of Firefox. AFAIK the Tracking Protection ......
Read more >Internet Explorer Tracking Protection Lists, Check Before ...
The TRUSTe protection list does not block a single domain. It instead whitelists nearly 4000 domains so that they ads and contents are...
Read more >Web Tracking Protections | DuckDuckGo Help Pages
To protect against this, we first block most 3rd-party tracking requests with 3rd-Party Tracker Loading Protection, which stops requests from loading that would ......
Read more >How to handle Intelligent Tracking Protection (ITP) in Safari
Many browsers block third-party cookies, cookies on requests to domains ... A common form of user tracking is done by loading an iframe...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This came up on hackernews today, although it’s been flagged: https://news.ycombinator.com/item?id=19129309
Maybe I’m missing something, but this is a pretty big issue for a browser that claims to be privacy focused. Can we not escalate this a little. We’re whitelisting one of the most controversial companies at the minute. This can’t be good for PR.
@markwylde please see https://www.reddit.com/r/privacy/comments/ap9149/brave_privacy_browser_has_a_backdoor_to_remotely/eg6vckb/.
@diracdeltas had a better idea noted here: https://twitter.com/brendaneich/status/1094752832790552577?s=21