New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account payment page depends on resources #636

geofft opened this Issue Oct 15, 2015 · 3 comments


None yet
5 participants
Copy link

geofft commented Oct 15, 2015

I think you can reproduce this publicly without logging in (and without actually paying, of course):

Privacy Badger, for me, has a red slider for, but it seems at least images from that site need to be loaded so I can click on the links. Kimsufi is a brand of OVH (same organization), so there's no loss to privacy in allowing cross-origin requests between and

I'd imagine the same thing is true of, which is also an OVH brand. They also have a payment page at the corresponding URL.


This comment has been minimized.

Copy link

michael-oneill commented Oct 15, 2015

This why there is a same-party property (array of domain names) in the DNT Tracking Status Resource. It allows a site to declare what embedded “third-parties” are in face managed by the same Data Controller as the first-party. Not that anyone implements it yet, but if PB supported that then they might start to.


This comment has been minimized.

Copy link

cooperq commented Nov 3, 2015

@geofft moving the slider to yellow or green for the blocked domain should solve this issue.
@michael-oneill it seems like the same-party property could be pretty easily abused by advertising partners (requiring first parties to add them to the same party array, etc) What provisions are in place to stop this?


This comment has been minimized.

Copy link

theel0ja commented Jul 13, 2018

Kimsufi and SoYouStart are OVH's brands, so this should be in MDFP list.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment