Merge branch 'feature/opt-out-of-google-floc' into 'develop' - pleroma - My custom branche(s) on git.pleroma.social/pleroma/pleroma

commit: 8defbe431e0d6f00e4a795fc1c5068d150ce3e44
parent 7183655a072375603de46dea341c21b099deed7a
Author: feld <feld@feld.me>
Date:   Mon, 19 Apr 2021 22:39:52 +0000

Merge branch 'feature/opt-out-of-google-floc' into 'develop'

Add opting out of Google FLoC to HTTPSecurityPlug headers

Closes #2630

See merge request pleroma/pleroma!3393
Diffstat:
M CHANGELOG.md 1 +
M lib/pleroma/web/plugs/http_security_plug.ex 3 ++-

2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Changed
 
 - The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change.
+- HTTPSecurityPlug now sends a response header to opt out of Google's FLoC (Federated Learning of Cohorts) targeted advertising.
 
 ### Added
 
diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
@@ -48,7 +48,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
       {"x-content-type-options", "nosniff"},
       {"referrer-policy", referrer_policy},
       {"x-download-options", "noopen"},
-      {"content-security-policy", csp_string()}
+      {"content-security-policy", csp_string()},
+      {"permissions-policy", "interest-cohort=()"}
     ]
 
     headers =

M	CHANGELOG.md	1	+
M	lib/pleroma/web/plugs/http_security_plug.ex	3	++-