this post was submitted on 12 Jun 2023
18 points (100.0% liked)

Web Development

3437 readers
2 users here now

Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development

What is web development?

Web development is the process of creating websites or web applications

Rules/Guidelines

Related Communities

Wormhole

Some webdev blogsNot sure what to post in here? Want some web development related things to read?

Heres a couple blogs that have web development related content

CreditsIcon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
 

No more cookie banners for Firefox users?

top 8 comments
sorted by: hot top controversial new old
[–] eternaldeiwos@lm.qtt.no 4 points 1 year ago (1 children)

And I thought FF containers were great! FF have their problems but always good to see where priorities are.

[–] erlingur@programming.dev 5 points 1 year ago* (last edited 1 year ago)

Yeah, I'm happy to see Firefox gaining ground again. It used to be the king before Chrome. We need a little diversity in the browser space.

[–] jmk1ng@programming.dev 3 points 1 year ago (2 children)

This is honestly a nightmare for developers who rely on telemetry and metrics to identify issues and bugs that are otherwise "silent".

Just because your app doesn't throw errors doesn't mean the code isn't flawed and trapping users within a part of the experience that they cannot fix or leave.

I cant speak for every team in every company, but there's very little to no interest in "harvesting" your "data" for profit.

We just want to figure out what broke and how we correct it ASAP.

[–] OptimusPrimeDownfall@discuss.tchncs.de 4 points 1 year ago (1 children)

Yes, but the same thing could be said for outlawing encryption - that it's to make investigators jobs easier. However, that is easily abused.

Turns out to be the same thing for cookies. Why should I be ok with every Tom, Dick, and Harry gathering PII?

[–] jmk1ng@programming.dev 1 points 1 year ago

Of course. The well has been poisoned, and there's no way to know what any company's actually doing behind the scenes. I'm just lamenting that it had to come to this.

[–] Skalman@programming.dev 2 points 1 year ago* (last edited 1 year ago) (1 children)

I don't see why you couldn't still log non-personally identifiable information (non-PII), which should still be able to identify many issues.

That said, many analytics services do log PII, thus requiring consent.

[–] jmk1ng@programming.dev 3 points 1 year ago* (last edited 1 year ago) (1 children)

The trick here is clearly defining PII. Anything that could uniquely identify you and be linked to other sources tends to be problematic.

So IP address? Not guaranteed to be unique so not super useful as a session identifier anyway, but IP could be used to cross reference data from other sources that could identify a individual.

Dropping a totally random session cookie? Not allowed because cookies from your domain are now blocked.

It's really frustrating to hear from your users in the UK about some problems they're having but you have zero logging, analytics, or anything from sessions in the UK because Sentry, GA, Datadog, whatever are all being blocked because they can't drop cookies that they need to group messages and so on by session. Even if that session is considered totally anonymous to you, that doesn't matter because the whole thing is a scoarched earth policy.

[–] Skalman@programming.dev 2 points 1 year ago

Dropping a totally random session cookie? Not allowed because cookies from your domain are now blocked.

The prompts are disabled/dismissed, not the cookies. You can still use e.g. session cookies as long as you don't make it possible to connect it to other PII.

That said, I hear you regarding the tooling. If Sentry/GA/Datadog can't be used due to collecting too much PII, that makes your life as a developer much more difficult. It might even be impossible to create a generic analytics tool that avoids PII, though it's certainly possible to create custom analytics.

Fwiw, I'm based in the EU. My strategy so far has been to talk to and interview real people and rely on aggregate counters. I can see how that makes it difficult to diagnose issues that only appear for a small percentage of users.

load more comments
view more: next ›