allisonking
commented
1 year ago requirements from the spec:
The origin server MUST return the GPC support resource as a valid representation using the application/json media type [RFC8259], otherwise the origin's support is unknown.
The GPC support representation MUST be an JSON object, otherwise the origin's support is unknown. Members of this JSON object not in the list below have no meaning in this specification and MUST be ignored. Members include:
- A gpc member. The value of the gpc member MUST be either true, to indicate that the server intends to abide by GPC requests, or false, to indicate that it does not. For any other value the origin's support is unknown.
- A lastUpdate member. The value of the lastUpdate member MUST be an RFC3339 full-date (YYYY-MM-DD) or date-time (YYYY-MM-DDTHH:mm:ss.sssZ) [RFC3339]. This indicates the time at which the statement of support was made, such that later changes to the meaning of the GPC standard should not affect the interpretation of the resource for legal purposes. If the member is not in a valid RFC3339 format, the last update date and time is unknown.
@NevilleS / @rsilvery , any thoughts on what the lastUpdate date should be based on the description above?
rsilvery
Is your feature request related to a specific problem?
It's a seemingly small detail, but all Privacy Centers should implement the
.well-known/gpc.jsonendpoint as per the GPC spec: https://privacycg.github.io/gpc-spec/#gpc-support-resourceDescribe the solution you'd like
Add a static asset to
/public/.well-known/gpc.jsonthat returns:...where we need to figure out some way to decide what "date" to put for the support...
Describe alternatives you've considered, if any
n/a