andreslucena
commented
2 years ago To see the cookies on a YouTube embedded iframe, you can see it at https://meta.decidim.org/assemblies/eix-lab/f/87/meetings/1671
Closed andreslucena closed 2 years ago
andreslucena
commented
2 years ago To see the cookies on a YouTube embedded iframe, you can see it at https://meta.decidim.org/assemblies/eix-lab/f/87/meetings/1671
ahukkanen
commented
2 years ago 2. Jitsi. We use it for some online meetings, but as far as I see it doesn't use Cookies, but Local Storage. We use the https://meet.jit.si server
Just to note that with the "data consent" the intention is to report all local data/identifiers that the external services store in your devices which also includes Local Storage and the other data storage techniques provided by the browsers. Referring to the recent discussion regarding "cookie consent" vs "data consent" that we had when implementing this.
That said, I don't know what kind of data Jitsi stores in the Local Storage but if it categorizes as "identifiable" data (i.e. being able to pinpoint a specific user based on that data), then it should be documented as well.
andreslucena
commented
2 years ago Referring to the recent discussion regarding "cookie consent" vs "data consent" that we had when implementing this.
You're absolutely right, we've talked about this recently. I guess I had a mental hiccup
I've updated this with all the LocalStorage settings I could find, most notably:
I've also found a new cookie from devise (remember_user_token)
That said, I don't know what kind of data Jitsi stores in the Local Storage but if it categorizes as "identifiable" data (i.e. being able to pinpoint a specific user based on that data), then it should be documented as well.
I prefer to be exhaustive regarding these subjects, as potentially almost preference/setting can be used as a way of tracking. For instance, I've just found out that GraphiQL saves the position of the separator with too much precision (as graphiql:editorFlex):
https://user-images.githubusercontent.com/717367/177962871-5fc1eac6-e463-4e4d-98d8-f181e2073e11.mp4
That could potentially be used for tracking. Even booleans like graphiql:historyPaneOpen, in conjunction with other storage settings could be used for this, so better give too much detail than too little.
I've updated the screenshot with all the new services. As I said, once this is approved I'll handle the other languages translation, and also I'll make a PR with all the docs changes/default settings for this feature to the main repository.
This is ready to be reviewed again @ahukkanen
ahukkanen
commented
2 years ago @andreslucena I will review (and merge) this once:
andreslucena
commented
2 years ago @andreslucena I will review (and merge) this once:
1. [Update decidim to 0.27.0.rc2 #108](https://github.com/decidim/metadecidim/pull/108) is merged
Done
2. The naming changes are made as per [Fix data consent expiry decidim#9570](https://github.com/decidim/decidim/pull/9570).
Changed on 52e8836589445afa9a11555a5aec2204a790c618
After the upgrade to v0.27.0.rc1 we have the new cookie consent modal. This PR adds the configuration relevant to Metadecidim.
Some caveats/points to close before merging this:
Testing
Click on "Cookie settings" in the footer, click in the sections, see that you have more information.
Screenshot
Note that the font size is tiny in the details. We should probably change this line to a 0.8 or 0.9