Add Global Privacy Control (GPC) to OkHttp

[SebastianZimmeck]

Is there interest to include Global Privacy Control (GPC) in OkHttp?

The idea of GPC is to give users a setting to opt out from tracking by attaching a respective flag to all HTTP requests. Major publishers, such as the New York Time and Washington Post, are already honoring GPC signals. Various browsers, such as Brave and the DuckDuckGo browser, and extensions have also implemented GPC settings. Users can send signals to sites they visit or to just some. It would be nice to bring GPC to the mobile ecosystem as well.

Here is the draft spec if anyone is interested in the details. I am computer science professor at Wesleyan University and one of the initiators of GPC.

Also, as you may be wondering, a major difference to the earlier Do Not Track (DNT) effort is that the California Attorney General will actually enforce GPC.

Looking forward to discuss ...

[connyduck]

So it is just a header sent with every request? You can create an interceptor that does that, I don't see why there is a need to change anything in OkHttp.

[SebastianZimmeck]

You can create an interceptor that does that, I don't see why there is a need to change anything in OkHttp.

Well, attaching a header potentially for all apps' requests on a device isn't really feasible with an interceptor (without a VPN, web proxy, etc).

[swankjesse]

I think it's a neat idea. But I don't think it's appropriate to add this to OkHttp by default; instead app developers should opt in with their own interceptors.

[SebastianZimmeck]

But I don't think it's appropriate to add this to OkHttp by default; instead app developers should opt in with their own interceptors.

Just want to clarify that GPC generally would need to be enabled by device users. But point taken.