-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider removing landing page destination restriction #590
Comments
Another issue that is solved by this: there are cases where the "redirect chain" includes JS-redirects, not just HTTP redirects. In the following case:
If all the ad1,ad2,ad3 respond properly with registration headers.
|
I support this proposal 👍 |
I also support this proposal. |
This would also simplify the implementation, which currently has to buffer sources until the landing page destination is known. |
Currently in the API for navigation sources, we have a restriction that a user must land on the destination site for the source to be valid. Otherwise, the source registration is ignored.
We are hearing cases of legitimate use-cases where this restriction is difficult to conform to, e.g.
Additionally, the restriction in the API is no longer fully “load bearing” because event sources already have the capability to leak some amount of browsing history, which we protect with noise that is also present on navigation sources. Therefore it doesn’t feel as necessary to add additional protections on clicks which are already rate-limited by user interaction.
Note: this doesn’t fully solve the use cases detailed in #549 but it does partially solve the case where only a single domain is required to register conversions. Note that this also partially fixes #44.
The text was updated successfully, but these errors were encountered: