Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PB blocked my CDN address #2638

Closed
erolj opened this issue Jul 2, 2020 · 3 comments
Closed

PB blocked my CDN address #2638

erolj opened this issue Jul 2, 2020 · 3 comments
Labels
broken site DNT policy EFF's Do Not Track policy: www.eff.org/dnt-policy

Comments

@erolj
Copy link

erolj commented Jul 2, 2020

What is your browser and browser version?

Firefox 78.0.1

What is broken and where?

kawanua.id
And, every site using my CDN resources from the URL address below.

What is the "culprit" domain?

static.my.id

What is your debug output for this domain?

**** ACTION_MAP for static.my.id
img.static.my.id {
  "userAction": "",
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 1593587805919
}
static.my.id {
  "userAction": "",
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 1593805808787
}
**** SNITCH_MAP for static.my.id
static.my.id [
  "kawanua.id",
  "127.0.0.1",
  "localhost"
]
@ghostwords ghostwords added broken site DNT policy EFF's Do Not Track policy: www.eff.org/dnt-policy labels Jul 2, 2020
@ghostwords
Copy link
Member

Hello!

Privacy Badger sees a "PHPSESSID" cookie getting set by static.my.id resources and so picks it up as a tracker. Is there a reason for setting cookies from CDN domains? If you can keep your CDN domains cookie-free, Privacy Badger won't learn to block them in the future.

Alternatively, if static.my.id does not actually track users, it may be compliant with EFF's Do Not Track policy. If you posted EFF's DNT policy on the static.my.id domain, the policy file will tell Privacy Badgers to always allow resources from static.my.id.

Let me know if you have any questions.

@ghostwords
Copy link
Member

Related: #817.

@erolj
Copy link
Author

erolj commented Jul 2, 2020

Privacy Badger sees a "PHPSESSID" cookie getting set by static.my.id resources and so picks it up as a tracker. Is there a reason for setting cookies from CDN domains? If you can keep your CDN domains cookie-free, Privacy Badger won't learn to block them in the future.

The static.my.id domain is cookie-free. Apparently img.static.my.id that actually causes this "PHPSESSID" cookie issue, and I'm going to move all resources from that subdomain. Hopefully, this will resolve the issue.

Alternatively, if static.my.id does not actually track users, it may be compliant with EFF's Do Not Track policy. If you posted EFF's DNT policy on the static.my.id domain, the policy file will tell Privacy Badgers to always allow resources from static.my.id.

I will consider doing this as well.

Thanks for the enlightenment.

@erolj erolj closed this as completed Jul 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
broken site DNT policy EFF's Do Not Track policy: www.eff.org/dnt-policy
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ghostwords @erolj