Commit eb66609d authored by mcdruid's avatar mcdruid
Browse files

Issue #3209976 by mcdruid, DamienMcKenna, Maeglin, antiorario, effulgentsia,...

Issue #3209976 by mcdruid, DamienMcKenna, Maeglin, antiorario, effulgentsia, gapple, rachel_norfolk, rootwork, phenaproxima, neclimdul, larowlan, longwave: Add Permissions-Policy header to block Google FLoC
parent 2800597d
......@@ -2696,6 +2696,19 @@ function drupal_deliver_html_page($page_callback_result) {
drupal_add_http_header('X-Frame-Options', $frame_options);
}
if (variable_get('block_interest_cohort', TRUE)) {
$permissions_policy = drupal_get_http_header('Permissions-Policy');
if (is_null($permissions_policy)) {
drupal_add_http_header('Permissions-Policy', 'interest-cohort=()');
}
else {
// Only add interest-cohort if the header does not contain it already.
if (strpos($permissions_policy, 'interest-cohort') === FALSE) {
drupal_add_http_header('Permissions-Policy', ', interest-cohort=()', TRUE);
}
}
}
// Menu status constants are integers; page content is a string or array.
if (is_int($page_callback_result)) {
// @todo: Break these up into separate functions?
......
......@@ -3244,3 +3244,56 @@ class DrupalGetQueryArrayTestCase extends DrupalWebTestCase {
}
}
/**
* Test for block_interest_cohort.
*/
class BlockInterestCohortTest extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'Block Interest Cohort',
'description' => 'Check Permissions-Policy header to disable Google FLoC',
'group' => 'System',
);
}
function setUp() {
parent::setUp('common_test');
}
/**
* Tests that FLoC is blocked by default.
*/
function testDefaultBlocking() {
$this->drupalGet('node');
$this->assertEqual($this->drupalGetHeader('Permissions-Policy'), 'interest-cohort=()', 'FLoC is blocked by default.');
}
/**
* Tests that an existing interest-cohort policy is not overwritten.
*/
function testExistingInterestCohortPolicy() {
$this->drupalGet('common-test/existing_interest_cohort_policy');
$this->assertEqual($this->drupalGetHeader('Permissions-Policy'), 'interest-cohort=*', 'Existing interest-cohort policy is not overwritten.');
}
/**
* Tests that an existing header is appended to correctly.
*/
function testExistingPolicyHeader() {
$this->drupalGet('common-test/existing_permissions_policy_header');
$this->assertTrue((strpos($this->drupalGetHeader('Permissions-Policy'), 'geolocation=()') !== FALSE), 'The existing header is appended to.');
$this->assertTrue((strpos($this->drupalGetHeader('Permissions-Policy'), 'interest-cohort=()') !== FALSE), 'The interest-cohort policy is appended to existing header.');
}
/**
* Tests that FLoC blocking can be disabled.
*/
function testDisableBlocking() {
variable_set('block_interest_cohort', FALSE);
$this->drupalGet('node');
$this->assertFalse($this->drupalGetHeader('Permissions-Policy'), 'FLoC blocking can be disabled.');
}
}
......@@ -52,6 +52,18 @@ function common_test_menu() {
'access arguments' => array('access content'),
'type' => MENU_CALLBACK,
);
$items['common-test/existing_interest_cohort_policy'] = array(
'title' => 'Test existing interest-cohort policy',
'page callback' => 'existing_interest_cohort_policy',
'access arguments' => array('access content'),
'type' => MENU_CALLBACK,
);
$items['common-test/existing_permissions_policy_header'] = array(
'title' => 'Test existing Permissions-Policy header',
'page callback' => 'existing_permissions_policy_header',
'access arguments' => array('access content'),
'type' => MENU_CALLBACK,
);
return $items;
}
......@@ -286,3 +298,19 @@ function common_test_js_and_css_querystring() {
function common_test_cron() {
throw new Exception(t('Uncaught exception'));
}
/**
* Page callback.
*/
function existing_interest_cohort_policy() {
drupal_add_http_header('Permissions-Policy', 'interest-cohort=*');
print __FUNCTION__;
}
/**
* Page callback.
*/
function existing_permissions_policy_header() {
drupal_add_http_header('Permissions-Policy', 'geolocation=()');
print __FUNCTION__;
}
......@@ -744,4 +744,19 @@
* @see drupal_session_start()
* @see https://www.php.net/manual/en/session.configuration.php#ini.session.cookie-samesite
*/
#$conf['samesite_cookie_value'] = 'None';
# $conf['samesite_cookie_value'] = 'None';
/**
* Add Permissions-Policy header to disable Google FLoC.
*
* By default, Drupal sends the 'Permissions-Policy: interest-cohort=()' header
* to disable Google's Federated Learning of Cohorts feature, introduced in
* Chrome 89.
*
* See https://en.wikipedia.org/wiki/Federated_Learning_of_Cohorts for more
* information about FLoC.
*
* If you don't wish to disable FLoC in Chrome, you can set this value
* to FALSE.
*/
# $conf['block_interest_cohort'] = TRUE;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment