Page MenuHomePhabricator

Remove obsolete "Permissions-Policy: interest-cohort" header
Open, LowPublicBUG REPORT

Description

Steps to replicate the issue (include links if applicable):

  • visit en.wikipedia.org (anon)

What happens?:

  • Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'
  • Error with Permissions-Policy header: Unrecognized origin: 'intake-analytics.wikimedia.org' (x5)

What should have happened instead?:
No error

Other information (browser name/version, screenshots, etc.):
freshly installed Chromium dev version

Event Timeline

Krinkle triaged this task as Low priority.EditedJul 29 2022, 11:01 PM
Krinkle added a subscriber: Krinkle.

This is not related to the Content-Security-Policy (CSP) header.

This is afaik not related to an Analytics service or feature. The intake-analytics.wikimedia.org is implicated by reference only as it naturally has to be listed for permission policies like this, but there is nothing the EventBus (intake-analytics) service or its configuration can improve to avoid this.

The interest-cohort header was added as part of T279804. Browsers that don't support it emit a warning about this, which does not affect any functionality and does not represent a production error. As per the aforementioned this, this header is implemented by the Traffic team and conceptually supported by the Security Team.

I'm rephrasing this as low prio clean up to remove the now obsolete header as the FLoC experiment has been concluded by Google afaik.

Krinkle renamed this task from Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest cohort' to Remove obsolete "Permissions-Policy: interest-cohort: header.Jul 29 2022, 11:02 PM
Krinkle renamed this task from Remove obsolete "Permissions-Policy: interest-cohort: header to Remove obsolete "Permissions-Policy: interest-cohort" header.