On Tue, Nov 13, 2018 at 4:33 AM Andrea Marchesini <[email protected]> wrote:
> Reporting API covers 2 different features: > a. reporting to the current page, via ReportingObserver > b. reporting to a remote server, known via 'report-to' HTTP header. > My implementation covers only the first aspect. However I also have patches > for the second part, not in review yet. > What are your plans with regards to implementing the second part? Can these reports be sent cross-origin? (From the spec, it seems like the answer is yes.) If so, how are you planning to handle issues such as sending these reports to third-parties, including third-party trackers? I'm worried about: a) sending these reports to a third-party not on the TP list, b) sending these reports to a third-party on the TP list, and c) what options we have to mitigate the tracking impact of these reports for both of the previous cases, but especially for (b). Also, do I understand correctly that ReportingObserver objects only receive reports from the same origin as the context they're created in? Thanks, -- Ehsan _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
