gb-noyb
commented
3 years ago We indeed discussed the option of simply passing the URL of the JSON file to the JavaScript API. However, this seems quite contrary to existing APIs, limits the flexibility of JS (e.g. asking consent while offline?), and there seems no need for it because the website can simply fetch the JSON file itself with two extra lines of code:
const response = await fetch('/my-consent-requests-resource.json');
const jsonContent = await response.json();
const userDecisions = await window.navigator.dataProtectionControl.request(jsonContent.consentRequests)
In section 7, which outlines HTTP based interaction, the server stores its consent request in a JSON file. Why not use this JSON file also in Javascript based interactions? Many websites would want to access ADPC on both client and server side. It would be inconvenient having to use 2 separate mechanism to send requests in each case.