~seirdy/seirdy.one

28f70689a4ee79f3018fe7ca9507dda45c32b18f — Rohan Kumar 5 months ago d868be3
Remove superfluous sentence
M content/posts/permissions-policy-floc-misinfo.gmi => content/posts/permissions-policy-floc-misinfo.gmi +0 -2
@@ 67,8 67,6 @@ To be extra safe, you can whitelist exactly what scripts can run with a Content 

If you're concerned about Google breaking the spec and opting you in even after you've not done so yourself, what reason do you have to believe that they'll stop there? There's nothing preventing Google from ignoring your `Permissions-Policy` header, either.

Don't tack a new header onto every request because someone read a post by someone else who read part of a GitHub README.

## Take a breath

Please, don't spam maintainers of web server/backend software to tell them to include this header by default when it may or may not actually reduce user fingerprints. Don't tell webmasters that they have a *moral obligation* to add a Permissions Policy header either.² You don't need to add this permission policy to every request, just as you don't need to wear a helmet for every form of physical activity.

M content/posts/permissions-policy-floc-misinfo.md => content/posts/permissions-policy-floc-misinfo.md +0 -2
@@ 61,8 61,6 @@ To be extra safe, you can whitelist exactly what scripts can run with a [Content

If you're concerned about Google breaking the spec and opting you in even after you've not done so yourself, what reason do you have to believe that they'll stop there? There's nothing preventing Google from ignoring your `Permissions-Policy` header, either.

Don't tack a new header onto every request because someone read a post by someone else who read part of a GitHub README.

Take a breath
-------------