Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Better GDPR support #1354

Open
4 tasks
chalin opened this issue Jan 11, 2023 · 2 comments
Open
4 tasks

Better GDPR support #1354

chalin opened this issue Jan 11, 2023 · 2 comments
Labels
e2-days p1-high p2-medium
Milestone
25Q2

Comments

@chalin
Copy link
Collaborator

chalin commented Jan 11, 2023
edited by deining
Loading

This is an umbrella issue for better addressing GDPR needs. Or, to say this another way, ensure that it isn't harder for projects wishing to be GDPR compliant to use Docsy.
@deining deining mentioned this issue Feb 13, 2023
Merged
@deining deining mentioned this issue Aug 11, 2023
Merged
@chalin chalin mentioned this issue Aug 18, 2023
Closed
21 tasks
@chalin chalin modified the milestones: 23Q4, 23Q3 Aug 18, 2023
@chalin chalin modified the milestones: 23Q3, 23Q4 Nov 3, 2023
@chalin chalin modified the milestones: 23Q4, 24Q1 Jan 11, 2024
@chalin chalin modified the milestones: 24Q1, 24Q2 Feb 2, 2024
@chalin chalin modified the milestones: 24Q2, 24Q3 Apr 2, 2024
@naturedamends
Copy link

naturedamends commented May 28, 2024
edited
Loading

Simple fix with no consequences

Why not just add any network requests to a separate partial which can be overridden.

Surely we can ask Devon to do this for us, jeeez. If you want me to PR i will

For example there is only three simple ones.

Other large SaaS platforms like angolia are fine, if I want to use them I can add them to my polices, however there is just no reason to do this simple static assets.

Related issues

#1436

Using third parties in general.

  • Sure the CDN may be faster to load some rare requests, but jquery is nowhere near modular enough to do that effectively. + any version increment hurts the cache potential. If things are modular, should it not be to have a script integrity hash for scripts which may be duplicated across domains in separated binaries.
  • They offer points of failure. If anyone of them are down, then my page is not usable.
  • Failure is hard to monitor, without sending event logs via javascript, which is possible but adds heavy services to the Infrastructure.
  • cookie partitions does not stop sharing personal information via TCP
  • Does a repeat request for a CDN even have any time saving or data saving, because could that not be a way to identity a user across domains.

@chalin chalin modified the milestones: 24Q3, 24Q4 Jul 2, 2024
@chalin chalin modified the milestones: 24Q4, 25Q1 Oct 3, 2024
@chalin chalin modified the milestones: 25Q1, 25Q2 Jan 7, 2025
@sftim
Copy link

sftim commented Jan 21, 2025

I noticed that Docsy mention GDPR even in places where other legislation may be more relevant.
For example:

docsy/layouts/partials/head.html

Line 47 in ef59ee7

{{/* To comply with GDPR, cookie consent scripts places in head-end must execute before Google Analytics is enabled */ -}}

Cookies are actually regulated under PECR, although if you link the tracking data to anything that allows identifying an individual, or your site allows optional linking, then GDPR also applies.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
e2-days p1-high p2-medium
Projects
None yet
Milestone
25Q2
Development

No branches or pull requests
3 participants
@chalin @sftim @naturedamends