Honor the DNT request header
Bug #1487656 reported by
François Marier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Libravatar (obsolete) |
Fix Released
|
Wishlist
|
François Marier |
Bug Description
When users send us the DNT header, we should honor it by not logging their IP address anywhere. To disable logging in Apache, see https:/
We could also expose a tracking policy in /.well-known/dnt and add the "Tk" response header.
See http://
To post a comment you must log in.
As per bug 1394845, we now limit Apache logs on the main server to 10 days (EFF DNT policy) and have remove all logging of IP addresses on the mirrors (via libapache2- mod-removeip) .
In addition, we now show a warning to users who don't have effective tracking protection installed (in Firefox, enable privacy. trackingprotect ion.enabled in about:config) thanks to https:/ /www.aloodo. org/.
So we honor DNT whether or not users send the signal :)
The only third-party we use is also compliant with the EFF's DNT policy: https:/ /ad.aloodo. com/