braze-inc / braze-web-sdk

Public repo for the Braze Web SDK
https://www.braze.com
Other
73 stars 26 forks source link

[Feature]: zero storage version #160

Open tomradcliffe opened 2 months ago

tomradcliffe commented 2 months ago

What problem are you facing?

The SDK requires either cookies or local storage to function: When using it for analytics, analytics cookie/storage consent must be obtained from the user when GDPR compliance is required. This means that event data will not have full user coverage when using for logged in users where we can obtain consent for analytics via T&Cs. (cookie/localStorage cannot be via T&Cs).

Workarounds

None available for the SDK, have to fallback to implementing something using the braze rest api and a secured proxy to keep api key private.

Ideal Solution

Instead of noCookie: boolean option, have a storage option e.g. storage: 'cookie' | 'localStorage' | 'none'. Requests could be stored in memory and sent in batches until navigation away from page (especially in SPAs) - at which point they would be sent utilising visibilitychange window event and Beacon API .

Other Information

No response

davidbielik commented 1 month ago

Hi @tomradcliffe thanks for the feedback and suggestions. We're almost ready to launch a new Javascript SDK that lets you customize storage options, and works on non-browser environments (i.e. NodeJS).

I'll keep this open and let you know once it's ready for early access (likely in Q4).

In the meantime, the general approach is to not initialize until consent is received from users, and using wipeData and disableSdk if consent is revoked.