Page MenuHomePhabricator
Create Task
Maniphest T312823

Remove obsolete "Permissions-Policy: interest-cohort" header
Closed, ResolvedPublicBUG REPORT
Actions

Description

Steps to replicate the issue (include links if applicable):

  • visit en.wikipedia.org (anon)

What happens?:

  • Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'
  • Error with Permissions-Policy header: Unrecognized origin: 'intake-analytics.wikimedia.org' (x5)

What should have happened instead?:
No error

Other information (browser name/version, screenshots, etc.):
freshly installed Chromium dev version

Details

SubjectRepoBranchLines +/-
Remove FLoC headersoperations/puppetproduction+0 -21
varnish: update wikimedia-frontend.vcl.erb for 19b9dcb8264operations/puppetproduction+0 -2
Customize query in gerrit

Related Objects

Event Timeline

AlexisJazz created this task.Jul 12 2022, 2:48 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 12 2022, 2:48 AM
AlexisJazz updated the task description. (Show Details)Jul 12 2022, 2:49 AM
AlexisJazz added a comment.Jul 12 2022, 3:49 PM

https://github.com/craftcms/cms/issues/10035
https://amifloced.org/
https://blog.google/products/chrome/get-know-new-topics-api-privacy-sandbox/

Maybe the two errors are unrelated.

Krinkle triaged this task as Low priority.EditedJul 29 2022, 11:01 PM
Krinkle edited projects, added Traffic, Privacy Engineering; removed Analytics, ContentSecurityPolicy, Wikimedia-production-error.
Krinkle subscribed.

This is not related to the Content-Security-Policy (CSP) header.

This is afaik not related to an Analytics service or feature. The intake-analytics.wikimedia.org is implicated by reference only as it naturally has to be listed for permission policies like this, but there is nothing the EventBus (intake-analytics) service or its configuration can improve to avoid this.

The interest-cohort header was added as part of T279804. Browsers that don't support it emit a warning about this, which does not affect any functionality and does not represent a production error. As per the aforementioned this, this header is implemented by the Traffic team and conceptually supported by the Security Team.

I'm rephrasing this as low prio clean up to remove the now obsolete header as the FLoC experiment has been concluded by Google afaik.

Krinkle renamed this task from Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest cohort' to Remove obsolete "Permissions-Policy: interest-cohort: header.Jul 29 2022, 11:02 PM
Krinkle renamed this task from Remove obsolete "Permissions-Policy: interest-cohort: header to Remove obsolete "Permissions-Policy: interest-cohort" header.
Maintenance_bot added a project: SRE.Jul 29 2022, 11:29 PM
JFishback_WMF moved this task from Incoming to Watching on the Privacy Engineering board.Aug 22 2022, 4:47 PM
gerritbot added a comment.Feb 16 2023, 11:40 PM

Change 889892 had a related patch set uploaded (by BCornwall; author: BCornwall):

[operations/puppet@production] Remove FLoC headers

https://gerrit.wikimedia.org/r/889892

gerritbot added a project: Patch-For-Review.Feb 16 2023, 11:40 PM
BCornwall claimed this task.Feb 17 2023, 12:09 AM
BCornwall changed the task status from Open to In Progress.Feb 17 2023, 4:57 PM
gerritbot added a comment.Feb 21 2023, 6:38 PM

Change 889892 merged by BCornwall:

[operations/puppet@production] Remove FLoC headers

https://gerrit.wikimedia.org/r/889892

gerritbot added a comment.Feb 21 2023, 6:59 PM

Change 890895 had a related patch set uploaded (by Ssingh; author: Ssingh):

[operations/puppet@production] varnish: update wikimedia-frontend.vcl.erb for 19b9dcb8264

https://gerrit.wikimedia.org/r/890895

gerritbot added a comment.Feb 21 2023, 7:05 PM

Change 890895 merged by Ssingh:

[operations/puppet@production] varnish: update wikimedia-frontend.vcl.erb for 19b9dcb8264

https://gerrit.wikimedia.org/r/890895

Maintenance_bot removed a project: Patch-For-Review.Feb 21 2023, 7:10 PM
BCornwall closed this task as Resolved.Feb 21 2023, 10:49 PM
BCornwall added a subscriber: ssingh.

Thanks @ssingh for that followup patch ._.

bd808 mentioned this in T353589: Opt out of Chrome topic calculation on Wikimedia sites & Cloud Services.Dec 19 2023, 6:09 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL