Thanks for picking up that work! Can you send a fresh intent for this? That would enable the API owners tooling to pick it up and ensure it's properly reviewed.
On Mon, Dec 29, 2025 at 7:12 PM Maciej Czarnecki <[email protected]> wrote: > Refreshed CL with the proposed implementation: > https://chromium-review.googlesource.com/c/chromium/src/+/7319383 > It contains just the logic to include the signal header and provide > property from js context. > I haven't added any user-facing settings as most likely it should be > discussed here first. I tested the changes with manual modification of > Preferences file. > > czwartek, 25 grudnia 2025 o 00:38:34 UTC+1 Maciej Czarnecki napisał(a): > >> >> Hello, I would be happy to pick up the implementation of `Sec-GPC`. Can I >> continue in this thread or should I start a new one? >> >> Here is a draft of the Intent to Prototype >> >> *Contact emails: * [email protected] >> >> *Explainer *https://github.com/w3c/gpc/blob/main/explainer.md >> >> *Specification* https://w3c.github.io/gpc/ >> >> *Summary* >> This proposal adds support for the Global Privacy Control (GPC) signal. >> GPC allows users to notify businesses of their privacy preferences, such as >> a request not to sell or share their personal information. >> >> This implementation involves: >> >> 1. >> >> Adding a Sec-GPC HTTP request header with a value of 1 when the user >> has enabled the signal. >> 2. >> >> Exposing a navigator.globalPrivacyControl property in the DOM, >> returning true when enabled. >> >> >> *Blink component*Blink >> <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%22> >> >> >> *Motivation*The signal is already implemented by other browsers and >> Chrome should catch-up with this privacy setting. This year California >> signed a bill under the CCPA/CPRA that obligates the browsers to provide >> ability to communicate do-not-sell-or-share preference before 2027. >> Currently, Chrome allows to send GPC header only via an extension which >> may be not sufficient to be compliant with the bill. >> >> *Search tags* GPC, Global Privacy Control, Privacy, Sec-GPC >> >> *Risks* >> >> *Interoperability and Compatibility* >> The risk is low as this is an additive feature. >> >> - >> >> *Gecko*: Shipped (Enabled by default in Firefox private browsing and >> optional in standard mode). >> - >> >> *WebKit*: Based on the info from the Internet, the signal is not yet >> implemented in WebKit >> - >> >> *Web developers*: Publishers are obligated to honor the signal. >> - >> >> *Other signals*: Brave, DuckDuckGo, and other privacy-focused >> browsers have shipped this. >> >> *Ergonomics* >> The feature is simple (a boolean flag). It does not introduce complex >> performance or ergonomic challenges. There is already a similar setting for >> DoNotTrack header. >> >> *Activation* >> Web developers can easily feature-detect navigator.globalPrivacyControl. >> >> *Security* >> This feature exposes a user preference, which could theoretically be used >> for fingerprinting. However, it is a high-entropy bit intended to be >> broadcast to all sites, similar to DNT (Do Not Track), but with a clearer >> legal framework for enforcement. >> >> *WebView application risks* >> Does this intent deprecate or change behavior of existing APIs, such that >> it has potentially high risk for Android WebView-based applications? No. >> >> *Debuggability* >> DevTools will show the Sec-GPC header in network requests and allow >> inspecting navigator.globalPrivacyControl in the console. >> >> >> *Will this feature be supported on all six Blink platforms (Windows, Mac, >> Linux, Chrome OS, Android, and Android WebView)?*Yes. >> >> *Is this feature fully tested by web-platform-tests?* >> No, but tests will be added as part of the prototyping process. >> >> *Flag name* >> --enable-blink-features=GlobalPrivacyControl >> >> *Tracking bug* https://issues.chromium.org/issues/40745270 >> >> *Link to entry on the Chrome Platform Status* >> (Not available yet, I've send a request for access to the platform) >> >> wtorek, 31 stycznia 2023 o 20:32:29 UTC+1 Jeffrey Yasskin napisał(a): >> >>> And, with respect to the launch process, whoever upstreams this will >>> have to put it in Chrome Status (which I can help with) and send an Intent >>> to Prototype, but you can stop there. While we'd love for you to take it >>> all the way to Intent to Ship and have the discussion about how to have >>> Chromium default-on a feature while Chrome is still undecided about it, you >>> aren't signing up for that work just by sending your I2P. >>> >>> Jeffrey >>> >>> On Tue, Jan 31, 2023 at 11:11 AM Ari Chivukula <[email protected]> >>> wrote: >>> >>>> Maxim ended up abandoning the CL to add GPC for lack of time, but >>>> support exists for any contributor who wants to pick that torch back up. >>>> >>>> If you're interested please reach out to myself or Jeffrey (cc'd) for >>>> support on the code and/or on navigating the launch process. >>>> >>>> ~ Ari Chivukula (Their/There/They're) >>>> >>>> On Fri, Jan 20, 2023, 12:35 PM Ari Chivukula <[email protected]> >>>> wrote: >>>> >>>>> Thanks for reaching out! This is the right place to publish intents to >>>>> launch new features in Chrome, and an overview of the process can be found >>>>> here: https://www.chromium.org/blink/launching-features/ >>>>> >>>>> I believe the prototyping phase is the best place to start given GPC >>>>> itself already has a specification. >>>>> https://privacycg.github.io/gpc-spec/ >>>>> >>>>> Some examples of the format in action can be found here: >>>>> https://groups.google.com/a/chromium.org/g/blink-dev/search?q=subject%3Aintent%20subject%3Ato%20subject%3Aprototype >>>>> >>>>> ~ Ari Chivukula (Their/There/They're) >>>>> >>>>> >>>>> On Fri, Jan 20, 2023 at 12:22 PM Maxim Nesterov < >>>>> [email protected]> wrote: >>>>> >>>>>> I uploaded change for review >>>>>> <https://chromium-review.googlesource.com/c/chromium/src/+/4177061/2> >>>>>> with >>>>>> Sec-GPC implementation (both additional header and js api), but was >>>>>> mentioned >>>>>> >>>>>> <https://chromium-review.googlesource.com/c/chromium/src/+/4177061/2#message-30c38ba4734cd7a2fb3ee91ebc71a9fc3d6990e2>that >>>>>> the change should be approved on [email protected] first. >>>>>> Could you, please, help me with that? >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "blink-dev" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/dcdd636b-f476-4291-883b-267b260f8d90n%40chromium.org >>>>>> <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/dcdd636b-f476-4291-883b-267b260f8d90n%40chromium.org?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/fd9fdb82-8508-4916-acdd-6d153a7403b3n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/fd9fdb82-8508-4916-acdd-6d153a7403b3n%40chromium.org?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohSJP4u1o6uDXstqaJNfzoQPcC0DAzEA9NHrGAcqT%2BiwDAA%40mail.gmail.com.
