<!DOCTYPE html><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=utf-8"><meta name="generator" content="ReSpec 24.2.0"><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><style>/* --- EXAMPLES --- */ span.example-title { text-transform: none; } aside.example, div.example, div.illegal-example { padding: 0.5em; margin: 1em 0; position: relative; clear: both; } div.illegal-example { color: red } div.illegal-example p { color: black } aside.example, div.example { padding: .5em; border-left-width: .5em; border-left-style: solid; border-color: #e0cb52; background: #fcfaee; } aside.example div.example { border-left-width: .1em; border-color: #999; background: #fff; } aside.example div.example span.example-title { color: #999; } </style><style>/* --- ISSUES/NOTES --- */ div.issue-title, div.note-title , div.ednote-title, div.warning-title { padding-right: 1em; min-width: 7.5em; color: #b9ab2d; } div.issue-title { color: #e05252; } div.note-title, div.ednote-title { color: #2b2; } div.warning-title { color: #f22; } div.issue-title span, div.note-title span, div.ednote-title span, div.warning-title span { text-transform: uppercase; } div.note, div.issue, div.ednote, div.warning { margin-top: 1em; margin-bottom: 1em; } .note > p:first-child, .ednote > p:first-child, .issue > p:first-child, .warning > p:first-child { margin-top: 0 } .issue, .note, .ednote, .warning { padding: .5em; border-left-width: .5em; border-left-style: solid; } div.issue, div.note , div.ednote, div.warning { padding: 1em 1.2em 0.5em; margin: 1em 0; position: relative; clear: both; } span.note, span.ednote, span.issue, span.warning { padding: .1em .5em .15em; } .issue { border-color: #e05252; background: #fbe9e9; } .issue.closed span.issue-number { text-decoration: line-through; } .note, .ednote { border-color: #52e052; background: #e9fbe9; } .warning { border-color: #f11; border-width: .2em; border-style: solid; background: #fbe9e9; } .warning-title:before{ content: "⚠"; /*U+26A0 WARNING SIGN*/ font-size: 3em; float: left; height: 100%; padding-right: .3em; vertical-align: top; margin-top: -0.5em; } li.task-list-item { list-style: none; } input.task-list-item-checkbox { margin: 0 0.35em 0.25em -1.6em; vertical-align: middle; } .issue a.respec-gh-label { padding: 5px; margin: 0 2px 0 2px; font-size: 10px; text-transform: none; text-decoration: none; font-weight: bold; border-radius: 4px; position: relative; bottom: 2px; } .issue a.respec-label-dark { color: #fff; background-color: #000; } .issue a.respec-label-light { color: #000; background-color: #fff; } </style><style>/* --- WEB IDL --- */ pre.idl { padding: 1em; } @media print { pre.idl { white-space: pre-wrap; } } pre.idl::before { content: "WebIDL"; display: block; width: 150px; background: #90b8de; color: #fff; font-family: sans-serif; font-weight: bold; margin: -1em 0 1em -1em; height: 28px; line-height: 28px; } .idlID { font-weight: bold; color: #005a9c; } .idlType { color: #005a9c; } .idlName { color: #ff4500; } .idlName a { color: #ff4500; border-bottom: 1px dotted #ff4500; text-decoration: none; } a.idlEnumItem { color: #000; border-bottom: 1px dotted #ccc; text-decoration: none; } .idlSuperclass { font-style: italic; color: #005a9c; } /*.idlParam*/ .idlParamName, .idlDefaultValue { font-style: italic; } .extAttr { color: #666; } /*.idlSectionComment*/ .idlSectionComment { color: gray; } .idlIncludes a { font-weight: bold; } .respec-button-copy-paste:focus { text-decoration: none; border-color: #51a7e8; outline: none; box-shadow: 0 0 5px rgba(81, 167, 232, 0.5); } .respec-button-copy-paste:focus:hover, .respec-button-copy-paste.selected:focus { border-color: #51a7e8; } .respec-button-copy-paste:hover, .respec-button-copy-paste:active, .respec-button-copy-paste.zeroclipboard-is-hover, .respec-button-copy-paste.zeroclipboard-is-active { text-decoration: none; background-color: #ddd; background-image: linear-gradient(#eee, #ddd); border-color: #ccc; } .respec-button-copy-paste:active, .respec-button-copy-paste.selected, .respec-button-copy-paste.zeroclipboard-is-active { background-color: #dcdcdc; background-image: none; border-color: #b5b5b5; box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15) } .respec-button-copy-paste.selected:hover { background-color: #cfcfcf; } .respec-button-copy-paste:disabled, .respec-button-copy-paste:disabled:hover, .respec-button-copy-paste.disabled, .respec-button-copy-paste.disabled:hover { color: rgba(102, 102, 102, 0.5); cursor: default; background-color: rgba(229, 229, 229, 0.5); background-image: none; border-color: rgba(197, 197, 197, 0.5); box-shadow: none; } </style> <title>Tracking Preference Expression (DNT)</title> <style type="text/css"> p, li, dd { hyphens: none; } table { border-collapse: collapse; border-style: hidden hidden none; } table thead { border-bottom: medium solid; } table td, table th { border-bottom: thin solid; border-left: medium solid; border-right: medium solid; padding: 0.2em; vertical-align: top; } table.simple { margin-left: auto; margin-right: auto; width: 80%; } .simple tr { vertical-align: top; } .example .example .example-title { display: none } .option { margin: 1em 0em 0em; padding: 1em; border: 2px solid #E2E3FF; background: #F0F0FC; } .option::before { content: "Option"; display: block; width: 150px; margin: -1.5em 0 0.5em 0; font-weight: bold; border: 1px solid #8084FF; background: #fff; padding: 3px 1em; } </style> <style id="respec-mainstyle">/***************************************************************** * ReSpec 3 CSS * Robin Berjon - http://berjon.com/ *****************************************************************/ /* Override code highlighter background */ .hljs { background: transparent !important; } /* --- INLINES --- */ h1 abbr, h2 abbr, h3 abbr, h4 abbr, h5 abbr, h6 abbr, a abbr { border: none; } dfn { font-weight: bold; } a.internalDFN { color: inherit; border-bottom: 1px solid #99c; text-decoration: none; } a.externalDFN { color: inherit; border-bottom: 1px dotted #ccc; text-decoration: none; } a.bibref { text-decoration: none; } #references :target { background: #eaf3ff; } cite .bibref { font-style: normal; } code { color: #c83500; } th code { color: inherit; } /* --- TOC --- */ .toc a, .tof a { text-decoration: none; } a .secno, a .figno { color: #000; } ul.tof, ol.tof { list-style: none outside none; } .caption { margin-top: 0.5em; font-style: italic; } /* --- TABLE --- */ table.simple { border-spacing: 0; border-collapse: collapse; border-bottom: 3px solid #005a9c; } .simple th { background: #005a9c; color: #fff; padding: 3px 5px; text-align: left; } .simple th[scope="row"] { background: inherit; color: inherit; border-top: 1px solid #ddd; } .simple td { padding: 3px 10px; border-top: 1px solid #ddd; } .simple tr:nth-child(even) { background: #f0f6ff; } /* --- DL --- */ .section dd>p:first-child { margin-top: 0; } .section dd>p:last-child { margin-bottom: 0; } .section dd { margin-bottom: 1em; } .section dl.attrs dd, .section dl.eldef dd { margin-bottom: 0; } #issue-summary>ul, .respec-dfn-list { column-count: 2; } #issue-summary li, .respec-dfn-list li { list-style: none; } details.respec-tests-details { margin-left: 1em; display: inline-block; vertical-align: top; } details.respec-tests-details>* { padding-right: 2em; } details.respec-tests-details[open] { z-index: 999999; position: absolute; border: thin solid #cad3e2; border-radius: 0.3em; background-color: white; padding-bottom: 0.5em; } details.respec-tests-details[open]>summary { border-bottom: thin solid #cad3e2; padding-left: 1em; margin-bottom: 1em; line-height: 2em; } details.respec-tests-details>ul { width: 100%; margin-top: -0.3em; } details.respec-tests-details>li { padding-left: 1em; } a[href].self-link:hover { opacity: 1; text-decoration: none; background-color: transparent; } h2, h3, h4, h5, h6 { position: relative; } aside.example .marker > a.self-link { color: inherit; } h2>a.self-link, h3>a.self-link, h4>a.self-link, h5>a.self-link, h6>a.self-link { border: none; color: inherit; font-size: 83%; height: 2em; left: -1.6em; opacity: .5; position: absolute; text-align: center; text-decoration: none; top: 0; transition: opacity .2s; width: 2em; } h2>a.self-link::before, h3>a.self-link::before, h4>a.self-link::before, h5>a.self-link::before, h6>a.self-link::before { content: "§"; display: block; } @media (max-width: 767px) { dd { margin-left: 0; } /* Don't position self-link in headings off-screen */ h2>a.self-link, h3>a.self-link, h4>a.self-link, h5>a.self-link, h6>a.self-link { left: auto; top: auto; } } @media print { .removeOnSave { display: none; } } </style><style>/* github.com style (c) Vasily Polovnyov <vast@whiteants.net> */ .hljs { display: block; overflow-x: auto; padding: 0.5em; color: #333; background: #f8f8f8; } .hljs-comment, .hljs-quote { color: #998; font-style: italic; } .hljs-keyword, .hljs-selector-tag, .hljs-subst { color: #333; font-weight: bold; } .hljs-number, .hljs-literal, .hljs-variable, .hljs-template-variable, .hljs-tag .hljs-attr { color: #008080; } .hljs-string, .hljs-doctag { color: #d14; } .hljs-title, .hljs-section, .hljs-selector-id { color: #900; font-weight: bold; } .hljs-subst { font-weight: normal; } .hljs-type, .hljs-class .hljs-title { color: #458; font-weight: bold; } .hljs-tag, .hljs-name, .hljs-attribute { color: #000080; font-weight: normal; } .hljs-regexp, .hljs-link { color: #009926; } .hljs-symbol, .hljs-bullet { color: #990073; } .hljs-built_in, .hljs-builtin-name { color: #0086b3; } .hljs-meta { color: #999; font-weight: bold; } .hljs-deletion { background: #fdd; } .hljs-addition { background: #dfd; } .hljs-emphasis { font-style: italic; } .hljs-strong { font-weight: bold; } </style><link rel="stylesheet" href="https://www.w3.org/StyleSheets/TR/2016/W3C-WG-NOTE"><link rel="canonical" href="https://www.w3.org/TR/tracking-dnt/"><script id="initialUserConfig" type="application/json">{ "shortName": "tracking-dnt", "specStatus": "NOTE", "publishDate": "2019-01-17", "previousPublishDate": "2017-10-19", "previousMaturity": "CR", "license": "w3c", "edDraftURI": "https://w3c.github.io/dnt/drafts/tracking-dnt.html", "prevED": "https://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html", "editors": [ { "name": "Roy T. Fielding", "url": "https://roy.gbiv.com/", "company": "Adobe", "companyURL": "https://www.adobe.com/", "w3cid": 31828 }, { "name": "David Singer", "company": "Apple", "companyURL": "https://www.apple.com/", "w3cid": 11534 } ], "wg": "Tracking Protection Working Group", "wgURI": "https://www.w3.org/2011/tracking-protection/", "wgPublicList": "public-tracking", "wgPatentURI": "https://www.w3.org/2004/01/pp-impl/49311/status", "issueBase": "https://github.com/w3c/dnt/issues", "githubAPI": "https://api.github.com/repos/w3c/dnt", "processVersion": 2017, "otherLinks": [ { "key": "Repository and Participation", "data": [ { "value": "Mailing list archive", "href": "https://lists.w3.org/Archives/Public/public-tracking/" }, { "value": "Commit history", "href": "https://github.com/w3c/dnt/commits" }, { "value": "File a bug/issue", "href": "https://github.com/w3c/dnt/issues" } ] } ], "localBiblio": { "TCS": { "authors": [ "Nick Doty", "Heather West", "Justin Brookman", "Sean Harvey", "Erica Newland" ], "status": "WD", "href": "https://www.w3.org/TR/tracking-compliance/", "title": "Tracking Compliance and Scope", "date": "31 March 2015", "publisher": "W3C", "id": "tcs" }, "KnowPrivacy": { "authors": [ "Joshua Gomez", "Travis Pinnick", "Ashkan Soltani" ], "href": "http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf", "title": "KnowPrivacy", "date": "01 June 2009", "publisher": "UC Berkeley, School of Information", "id": "knowprivacy" }, "Orderly": { "authors": [ "Lloyd Hilaiel" ], "href": "https://github.com/lloyd/orderly", "title": "Orderly JSON", "date": "22 February 2010", "id": "orderly" }, "PromiseGuide": { "title": "Writing Promise-Using Specifications", "href": "https://www.w3.org/2001/tag/doc/promises-guide", "authors": [ "Domenic Denicola" ], "status": "Finding of the W3C TAG", "publisher": "W3C", "date": "03 January 2017", "id": "promiseguide" } }, "noIDLSectionTitle": true, "noLegacyStyle": true, "publishISODate": "2019-01-17T00:00:00.000Z", "generatedSubtitle": "Working Group Note 17 January 2019" }</script><meta name="description" content="This specification defines the DNT request header field as an HTTP mechanism for expressing a user's preference regarding tracking, an HTML DOM property to make that expression readable by scripts, and APIs that allow scripts to register exceptions granted by the user. It also defines mechanisms for sites to communicate whether and how they honor a received preference, including well-known resources for retrieving preflight tracking status, a media type for representing tracking status information, and the Tk response header field for confirming tracking status."></head> <body class="h-entry"><div class="head"> <a href="https://www.w3.org/" class="logo"><img alt="W3C" src="https://www.w3.org/StyleSheets/TR/2016/logos/W3C" width="72" height="48"></a> <h1 id="title" class="title p-name">Tracking Preference Expression (DNT)</h1> <h2> <abbr title="World Wide Web Consortium">W3C</abbr> Working Group Note <time class="dt-published" datetime="2019-01-17">17 January 2019</time> </h2> <dl> <dt>This version:</dt><dd> <a class="u-url" href="https://www.w3.org/TR/2019/NOTE-tracking-dnt-20190117/">https://www.w3.org/TR/2019/NOTE-tracking-dnt-20190117/</a> </dd><dt>Latest published version:</dt><dd> <a href="https://www.w3.org/TR/tracking-dnt/">https://www.w3.org/TR/tracking-dnt/</a> </dd> <dt>Latest editor's draft:</dt><dd><a href="https://w3c.github.io/dnt/drafts/tracking-dnt.html">https://w3c.github.io/dnt/drafts/tracking-dnt.html</a></dd> <dt>Previous version:</dt><dd><a href="https://www.w3.org/TR/2017/CR-tracking-dnt-20171019/">https://www.w3.org/TR/2017/CR-tracking-dnt-20171019/</a></dd> <dt>Editors:</dt> <dd class="p-author h-card vcard" data-editor-id="31828"><a class="u-url url p-name fn" href="https://roy.gbiv.com/">Roy T. Fielding</a> (<a class="p-org org h-org h-card" href="https://www.adobe.com/">Adobe</a>) </dd><dd class="p-author h-card vcard" data-editor-id="11534"><span class="p-name fn">David Singer</span> (<a class="p-org org h-org h-card" href="https://www.apple.com/">Apple</a>) </dd> <dt>Repository and Participation:</dt><dd> <a href="https://lists.w3.org/Archives/Public/public-tracking/">Mailing list archive</a> </dd><dd> <a href="https://github.com/w3c/dnt/commits">Commit history</a> </dd><dd> <a href="https://github.com/w3c/dnt/issues">File a bug/issue</a> </dd> </dl> <p class="copyright"> <a href="https://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> © 2019 <a href="https://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a>^® (<a href="https://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="https://www.ercim.eu/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="https://www.keio.ac.jp/">Keio</a>, <a href="http://ev.buaa.edu.cn/">Beihang</a>). <abbr title="World Wide Web Consortium">W3C</abbr> <a href="https://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="https://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a rel="license" href="https://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply. </p> <hr title="Separator for header"> </div> <section id="abstract" class="introductory"><h2>Abstract</h2> <p> This specification defines the <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> request header field as an HTTP mechanism for expressing a user's preference regarding tracking, an HTML DOM property to make that expression readable by scripts, and APIs that allow scripts to register exceptions granted by the user. It also defines mechanisms for sites to communicate whether and how they honor a received preference, including well-known resources for retrieving preflight tracking status, a media type for representing tracking status information, and the <q>Tk</q> response header field for confirming tracking status. </p> </section> <section id="sotd" class="introductory"><h2>Status of This Document</h2><p><em>This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current <abbr title="World Wide Web Consortium">W3C</abbr> publications and the latest revision of this technical report can be found in the <a href="https://www.w3.org/TR/"><abbr title="World Wide Web Consortium">W3C</abbr> technical reports index</a> at https://www.w3.org/TR/.</em></p> <p> This Note is a final outcome of the standardization process by the Tracking Protection Working Group for the extensions to HTTP known variously as DNT, Do Not Track, or Tracking Protection Expression. </p> <p> Since its last publication as a Candidate Recommendation, there has not been sufficient deployment of these extensions (as defined) to justify further advancement, nor have there been indications of planned support among user agents, third parties, and the ecosystem at large. The working group has therefore decided to conclude its work and republish the final product as this Note, with any future addendums to be published separately. </p> <p> This document was published by the <a href="https://www.w3.org/2011/tracking-protection/">Tracking Protection Working Group</a> as a Working Group Note. </p><p> Comments regarding this document are welcome. Please send them to the <a href="https://github.com/w3c/dnt/issues">GitHub repository</a> or <a href="mailto:public-tracking@w3.org">public-tracking@w3.org</a> (<a href="https://lists.w3.org/Archives/Public/public-tracking/">archives</a>). </p><p> Publication as a Working Group Note does not imply endorsement by the <abbr title="World Wide Web Consortium">W3C</abbr> Membership. This is a final document and may be replaced at any time. It is inappropriate to cite this document as other than a final note, with any future addendums to be published separately. </p><p data-deliverer="49311"> This document was produced by a group operating under the <a href="https://www.w3.org/Consortium/Patent-Policy/"><abbr title="World Wide Web Consortium">W3C</abbr> Patent Policy</a>. </p><p> This document is governed by the <a id="w3c_process_revision" href="https://www.w3.org/2018/Process-20180201/">1 February 2018 <abbr title="World Wide Web Consortium">W3C</abbr> Process Document</a>. </p></section><nav id="toc"><h2 class="introductory" id="table-of-contents">Table of Contents</h2><ol class="toc"><li class="tocline"><a class="tocxref" href="#introduction"><span class="secno">1. </span>Introduction</a></li><li class="tocline"><a class="tocxref" href="#terminology"><span class="secno">2. </span>Terminology</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#terminology.http"><span class="secno">2.1 </span>HTTP</a></li><li class="tocline"><a class="tocxref" href="#terminology.html"><span class="secno">2.2 </span>HTML</a></li><li class="tocline"><a class="tocxref" href="#terminology.activity"><span class="secno">2.3 </span>Activity</a></li><li class="tocline"><a class="tocxref" href="#terminology.participants"><span class="secno">2.4 </span>Participants</a></li><li class="tocline"><a class="tocxref" href="#terminology.data"><span class="secno">2.5 </span>Data</a></li></ol></li><li class="tocline"><a class="tocxref" href="#notational"><span class="secno">3. </span>Notational Conventions</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#requirements"><span class="secno">3.1 </span>Requirements</a></li><li class="tocline"><a class="tocxref" href="#notation"><span class="secno">3.2 </span>Formal Syntax</a></li></ol></li><li class="tocline"><a class="tocxref" href="#determining"><span class="secno">4. </span>Determining User Preference</a></li><li class="tocline"><a class="tocxref" href="#expressing"><span class="secno">5. </span>Expressing a Tracking Preference</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#expression-format"><span class="secno">5.1 </span>Expression Format</a></li><li class="tocline"><a class="tocxref" href="#dnt-header-field"><span class="secno">5.2 </span>DNT Header Field for HTTP Requests</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#dnt-extensions"><span class="secno">5.2.1 </span>Extensions to the DNT Field Value</a></li></ol></li><li class="tocline"><a class="tocxref" href="#js-dom"><span class="secno">5.3 </span>JavaScript Property to Detect Preference</a></li><li class="tocline"><a class="tocxref" href="#other-protocols"><span class="secno">5.4 </span>Tracking Preference Expressed in Other Protocols</a></li></ol></li><li class="tocline"><a class="tocxref" href="#exceptions"><span class="secno">6. </span>User-Granted Exceptions</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#exception-overview"><span class="secno">6.1 </span>Overview</a></li><li class="tocline"><a class="tocxref" href="#exception-scope"><span class="secno">6.2 </span>Site-specific or Web-wide</a></li><li class="tocline"><a class="tocxref" href="#exception-granting"><span class="secno">6.3 </span>Granting an Exception</a></li><li class="tocline"><a class="tocxref" href="#exception-checking"><span class="secno">6.4 </span>Checking for an Exception</a></li><li class="tocline"><a class="tocxref" href="#exception-revoking"><span class="secno">6.5 </span>Revoking an Exception</a></li><li class="tocline"><a class="tocxref" href="#exception-javascript-api"><span class="secno">6.6 </span>Client-side Scripting API</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#exception-javascript-api-store"><span class="secno">6.6.1 </span>API to Store a Tracking Exception</a></li><li class="tocline"><a class="tocxref" href="#exception-javascript-api-cancel"><span class="secno">6.6.2 </span>API to Remove a Tracking Exception</a></li><li class="tocline"><a class="tocxref" href="#exception-javascript-api-confirm"><span class="secno">6.6.3 </span>API to Confirm a Tracking Exception</a></li></ol></li><li class="tocline"><a class="tocxref" href="#exception-management"><span class="secno">6.7 </span>User Agent Management of Exceptions</a></li></ol></li><li class="tocline"><a class="tocxref" href="#responding"><span class="secno">7. </span>Communicating a Tracking Status</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#response-overview"><span class="secno">7.1 </span>Overview</a></li><li class="tocline"><a class="tocxref" href="#tracking-status-value"><span class="secno">7.2 </span>Tracking Status Value</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#TSV-defn"><span class="secno">7.2.1 </span>Definition</a></li><li class="tocline"><a class="tocxref" href="#TSV-!"><span class="secno">7.2.2 </span>Under Construction (!)</a></li><li class="tocline"><a class="tocxref" href="#TSV-?"><span class="secno">7.2.3 </span>Dynamic (?)</a></li><li class="tocline"><a class="tocxref" href="#TSV-G"><span class="secno">7.2.4 </span>Gateway (G)</a></li><li class="tocline"><a class="tocxref" href="#TSV-N"><span class="secno">7.2.5 </span>Not Tracking (N)</a></li><li class="tocline"><a class="tocxref" href="#TSV-T"><span class="secno">7.2.6 </span>Tracking (T)</a></li><li class="tocline"><a class="tocxref" href="#TSV-C"><span class="secno">7.2.7 </span>Consent (C)</a></li><li class="tocline"><a class="tocxref" href="#TSV-P"><span class="secno">7.2.8 </span>Potential Consent (P)</a></li><li class="tocline"><a class="tocxref" href="#TSV-D"><span class="secno">7.2.9 </span>Disregarding (D)</a></li><li class="tocline"><a class="tocxref" href="#TSV-U"><span class="secno">7.2.10 </span>Updated (U)</a></li><li class="tocline"><a class="tocxref" href="#TSV.extension"><span class="secno">7.2.11 </span>Extensions to the Tracking Status Value</a></li></ol></li><li class="tocline"><a class="tocxref" href="#response-header-field"><span class="secno">7.3 </span>Tk Header Field for HTTP Responses</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#Tk-header-defn"><span class="secno">7.3.1 </span>Definition</a></li><li class="tocline"><a class="tocxref" href="#referring-status-id"><span class="secno">7.3.2 </span>Referring to a Request-specific Tracking Status Resource</a></li><li class="tocline"><a class="tocxref" href="#interactive-status-change"><span class="secno">7.3.3 </span>Indicating an Interactive Status Change</a></li></ol></li><li class="tocline"><a class="tocxref" href="#status-resource"><span class="secno">7.4 </span>Tracking Status Resource</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#site-wide-status-resource"><span class="secno">7.4.1 </span>Site-wide Tracking Status</a></li><li class="tocline"><a class="tocxref" href="#request-specific-status-resource"><span class="secno">7.4.2 </span>Request-specific Tracking Status</a></li><li class="tocline"><a class="tocxref" href="#status-checks-not-tracked"><span class="secno">7.4.3 </span>Status Checks are Not Tracked</a></li><li class="tocline"><a class="tocxref" href="#status-caching"><span class="secno">7.4.4 </span>Caching</a></li></ol></li><li class="tocline"><a class="tocxref" href="#status-representation"><span class="secno">7.5 </span>Tracking Status Representation</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#rep.status-object"><span class="secno">7.5.1 </span>Status Object</a></li><li class="tocline"><a class="tocxref" href="#rep.tracking"><span class="secno">7.5.2 </span>Tracking Property</a></li><li class="tocline"><a class="tocxref" href="#rep.compliance"><span class="secno">7.5.3 </span>Compliance Property</a></li><li class="tocline"><a class="tocxref" href="#rep.qualifiers"><span class="secno">7.5.4 </span>Qualifiers Property</a></li><li class="tocline"><a class="tocxref" href="#rep.controller"><span class="secno">7.5.5 </span>Controller Property</a></li><li class="tocline"><a class="tocxref" href="#rep.same-party"><span class="secno">7.5.6 </span>Same-party Property</a></li><li class="tocline"><a class="tocxref" href="#rep.audit"><span class="secno">7.5.7 </span>Audit Property</a></li><li class="tocline"><a class="tocxref" href="#rep.policy"><span class="secno">7.5.8 </span>Policy Property</a></li><li class="tocline"><a class="tocxref" href="#rep.config"><span class="secno">7.5.9 </span>Config Property</a></li><li class="tocline"><a class="tocxref" href="#rep.extension"><span class="secno">7.5.10 </span>Extensions to the Status Object</a></li></ol></li><li class="tocline"><a class="tocxref" href="#response-error"><span class="secno">7.6 </span>Status Code for Tracking Required</a></li></ol></li><li class="tocline"><a class="tocxref" href="#use-cases"><span class="secno">8. </span>Use Cases</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#using-deployment"><span class="secno">8.1 </span>Discovering Deployment</a></li><li class="tocline"><a class="tocxref" href="#using-preflight"><span class="secno">8.2 </span>Preflight Checks</a></li></ol></li><li class="tocline"><a class="tocxref" href="#security"><span class="secno">9. </span>Security Considerations</a></li><li class="tocline"><a class="tocxref" href="#privacy"><span class="secno">10. </span>Privacy Considerations</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#privacy.not-preconfigured"><span class="secno">10.1 </span>Why DNT:1 is Not Preconfigured by Default</a></li><li class="tocline"><a class="tocxref" href="#privacy.fingerprinting"><span class="secno">10.2 </span>Fingerprinting</a></li><li class="tocline"><a class="tocxref" href="#privacy.history"><span class="secno">10.3 </span>Stored Exceptions are Stored History</a></li></ol></li><li class="tocline"><a class="tocxref" href="#acks"><span class="secno">A. </span>Acknowledgements</a></li><li class="tocline"><a class="tocxref" href="#registrations"><span class="secno">B. </span>Registrations</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#reg.tracking-status.json"><span class="secno">B.1 </span>Registration of application/tracking-status+json</a></li><li class="tocline"><a class="tocxref" href="#reg.DNT"><span class="secno">B.2 </span>Registration of DNT Header Field</a></li><li class="tocline"><a class="tocxref" href="#reg.Tk"><span class="secno">B.3 </span>Registration of Tk Header Field</a></li><li class="tocline"><a class="tocxref" href="#reg.well-known.dnt"><span class="secno">B.4 </span>Registration of URI /.well-known/dnt</a></li></ol></li><li class="tocline"><a class="tocxref" href="#changes"><span class="secno">C. </span>Changes</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#changes-CR2"><span class="secno">C.1 </span>Since Second CR</a></li><li class="tocline"><a class="tocxref" href="#changes-CR1"><span class="secno">C.2 </span>Since First CR</a></li></ol></li><li class="tocline"><a class="tocxref" href="#references"><span class="secno">D. </span>References</a><ol class="toc"><li class="tocline"><a class="tocxref" href="#normative-references"><span class="secno">D.1 </span>Normative references</a></li><li class="tocline"><a class="tocxref" href="#informative-references"><span class="secno">D.2 </span>Informative references</a></li></ol></li></ol></nav> <section id="introduction"> <!--OddPage--><h2 id="x1-introduction"><span class="secno">1. </span>Introduction<a class="self-link" aria-label="§" href="#introduction"></a></h2> <p> The World Wide Web consists of billions of resources interconnected through the use of hypertext. Hypertext provides a simple, page-oriented view of the information provided by those resources, which can be traversed by selecting links, manipulating controls, and supplying data via forms and search dialogs. </p> <p> A Web page is often composed of many information sources beyond the initial resource request, including embedded references to stylesheets, inline images, javascript, and other elements that might be automatically requested as part of the rendering or behavioral processing defined for that page. The user's experience is seamless, even if the page has been composed from the results of many network interactions with multiple servers. From the user's perspective, they are simply visiting and interacting with a single Web site: all of the technical details and protocol mechanisms used to compose a page to represent that site are hidden behind the scenes. </p> <p> Web site owners often collect data regarding usage of their sites, for a variety of purposes, including what led a user to visit the site (<dfn data-dfn-type="dfn" id="dfn-referrals">referrals</dfn>), how effective the user experience is within the site (<dfn data-dfn-type="dfn" id="dfn-web-analytics">web analytics</dfn>), and the nature of who is using the site (<dfn data-dfn-type="dfn" id="dfn-audience-segmentation">audience segmentation</dfn>). In some cases, the data collected is used to dynamically adapt content (<dfn data-dfn-type="dfn" id="dfn-personalization">personalization</dfn>) or advertising presented to the user (<dfn data-dfn-type="dfn" id="dfn-targeted-advertising">targeted advertising</dfn>). Data collection often occurs through insertion of embedded elements on each page, resulting in a stream of data that connects a user's activity across multiple pages. A survey of these techniques and their privacy implications can be found in [<cite><a class="bibref" href="#bib-knowprivacy">KnowPrivacy</a></cite>]. </p> <p> Users need a mechanism to express their own preferences regarding <a href="#dfn-tracking" class="internalDFN" data-link-type="dfn">tracking</a> that is both simple to configure and efficient when implemented. However, merely expressing a preference does not imply that all recipients will comply. In some cases, a server might be dependent on some forms of tracking and unwilling or unable to turn that off. In other cases, a server might perform only limited forms of tracking that would be acceptable to most users. Therefore, servers need mechanisms for communicating their own tracking behavior, requesting consent, and storing a <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a> once the user has made an informed choice. </p> <p> This specification extends Hypertext Transfer Protocol (HTTP) semantics [<cite><a class="bibref" href="#bib-rfc7231">RFC7231</a></cite>] to communicate a user's tracking preference, if any, and an origin server's tracking behavior. The <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> request header field is defined for communicating the user's tracking preference for the <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a>. A well-known URI for a <a href="#status-resource">tracking status resource</a> and the <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> response header field are defined for communicating the server's tracking behavior. In addition, JavaScript APIs are defined for enabling scripts to determine DNT status and register a user-granted exception. </p> <p> This specification does not define requirements on what a recipient needs to do to comply with a user's expressed tracking preference, except for the means by which such compliance is communicated. Instead, the tracking status provides the ability to identify a set of compliance regimes to which the server claims to comply, with the assumption being that each regime defines its own requirements on compliant behavior. For example, [<cite><a class="bibref" href="#bib-tcs">TCS</a></cite>] is a work-in-progress that intends to define such a compliance regime. </p> </section> <section id="terminology"> <!--OddPage--><h2 id="x2-terminology"><span class="secno">2. </span>Terminology<a class="self-link" aria-label="§" href="#terminology"></a></h2> <section id="terminology.http"> <h3 id="x2-1-http"><span class="secno">2.1 </span>HTTP<a class="self-link" aria-label="§" href="#terminology.http"></a></h3> <p> The following terms are used as defined by HTTP/1.1 syntax [<cite><a class="bibref" href="#bib-rfc7230">RFC7230</a></cite>] and semantics [<cite><a class="bibref" href="#bib-rfc7231">RFC7231</a></cite>]: <dfn data-dfn-type="dfn" id="dfn-client"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">client</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-server"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">server</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-origin-server"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">origin server</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-user-agent"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">user agent</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-sender"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">sender</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-recipient"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">recipient</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-request"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">request</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-response"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">response</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-message"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.1">message</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-intermediary"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.3">intermediary</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-proxy"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.3">proxy</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-cache"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.3">cache</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-uri-host"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.7">uri-host</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-authority"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-2.7">authority</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-header-field"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-3.2">header field</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-target-resource"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7230#section-5.1">target resource</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-resource"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7231#section-2">resource</a></dfn>, and <dfn data-dfn-type="dfn" id="dfn-representation"><a class="externalDFN" href="https://tools.ietf.org/html/rfc7231#section-3">representation</a></dfn>. </p> </section> <section id="terminology.html"> <h3 id="x2-2-html"><span class="secno">2.2 </span>HTML<a class="self-link" aria-label="§" href="#terminology.html"></a></h3> <p> The following terms are used as defined by HTML [<cite><a class="bibref" href="#bib-html51">HTML51</a></cite>]: <dfn data-dfn-type="dfn" id="dfn-active-document"><a class="externalDFN" href="https://www.w3.org/TR/html5/single-page.html#active-document">active document</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-document-domain"><a class="externalDFN" href="https://www.w3.org/TR/html5/single-page.html#dom-document-domain">document.domain</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-effective-script-origin"><a class="externalDFN" href="https://html.spec.whatwg.org/multipage/origin.html">effective script origin</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-responsible-document"><a class="externalDFN" href="https://www.w3.org/TR/html5/single-page.html#responsible-document">responsible document</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-browsing-context"><a class="externalDFN" href="https://www.w3.org/TR/html5/single-page.html#browsing-context">browsing context</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-nested-browsing-context"><a class="externalDFN" href="https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-contexts">nested browsing context</a></dfn>, and <dfn data-dfn-type="dfn" id="dfn-top-level-browsing-context"><a class="externalDFN" href="https://www.w3.org/TR/html5/single-page.html#top-level-browsing-context">top-level browsing context</a></dfn>. </p> </section> <section id="terminology.activity"> <h3 id="x2-3-activity"><span class="secno">2.3 </span>Activity<a class="self-link" aria-label="§" href="#terminology.activity"></a></h3> <p> <dfn data-dfn-type="dfn" id="dfn-tracking">Tracking</dfn> is the collection of data regarding a particular user's activity across multiple distinct contexts and the retention, use, or sharing of data derived from that activity outside the context in which it occurred. A <dfn data-dfn-type="dfn" id="dfn-context">context</dfn> is a set of resources that are controlled by the same party or jointly controlled by a set of parties. </p> <p> A <dfn data-dfn-type="dfn" id="dfn-network-interaction">network interaction</dfn> is a single HTTP request and its corresponding response(s): zero or more interim (1xx) responses and a single final (2xx-5xx) response. </p> <p> A <dfn data-dfn-type="dfn" id="dfn-user-action">user action</dfn> is a deliberate action by the user, via configuration, invocation, or selection, to initiate a network interaction. Selection of a link, submission of a form, and reloading a page are examples of user actions. <dfn data-dfn-type="dfn" id="dfn-user-activity">User activity</dfn> is any set of such user actions. </p> </section> <section id="terminology.participants"> <h3 id="x2-4-participants"><span class="secno">2.4 </span>Participants<a class="self-link" aria-label="§" href="#terminology.participants"></a></h3> <p> A <dfn data-dfn-type="dfn" id="dfn-user">user</dfn> is a natural person who is making, or has made, use of the Web. </p> <p> A <dfn data-dfn-type="dfn" id="dfn-party">party</dfn> is a natural person, a legal entity, or a set of legal entities that share common owner(s), common controller(s), and a group identity that is easily discoverable by a user. Common branding or providing a list of affiliates that is available via a link from a resource where a party describes DNT practices are examples of ways to provide this discoverability. </p> <p> With respect to a given user action, a <dfn data-dfn-type="dfn" id="dfn-first-party">first party</dfn> is a party with which the user intends to interact, via one or more network interactions, as a result of making that action. Merely hovering over, muting, pausing, or closing a given piece of content does not constitute a user's intent to interact with another party. </p> <p> In some cases, a resource on the Web will be jointly controlled by two or more distinct parties. Each of those parties is considered a first party if a user would reasonably expect to communicate with all of them when accessing that resource. For example, prominent co-branding on the resource might lead a user to expect that multiple parties are responsible for the content or functionality. </p> <p> For any data collected as a result of one or more network interactions resulting from a user's action, a <dfn data-dfn-type="dfn" id="dfn-third-party">third party</dfn> is any party other than that user, a first party for that user action, or a service provider acting on behalf of either that user or that first party. </p> <p> Access to Web resources often involves multiple parties that might process the data received in a network interaction. For example, domain name services, network access points, content distribution networks, load balancing services, security filters, cloud platforms, and software-as-a-service providers might be a party to a given network interaction because they are contracted by either the user or the resource owner to provide the mechanisms for communication. Likewise, additional parties might be engaged after a network interaction, such as when services or contractors are used to perform specialized data analysis or records retention. </p> <p> For the data received in a given network interaction, a <dfn data-dfn-type="dfn" id="dfn-service-provider">service provider</dfn> is considered to be the same party as its <dfn data-dfn-type="dfn" id="dfn-contractee">contractee</dfn> if the service provider: </p> <ol> <li>processes the data on behalf of the contractee;</li> <li>ensures that the data is only retained, accessed, and used as directed by the contractee;</li> <li>has no independent right to use the data other than in a <a href="#dfn-permanently-de-identified" class="internalDFN" data-link-type="dfn">permanently de-identified</a> form (e.g., for monitoring service integrity, load balancing, capacity planning, or billing); and,</li> <li>has a contract in place with the contractee which is consistent with the above limitations.</li> </ol> </section> <section id="terminology.data"> <h3 id="x2-5-data"><span class="secno">2.5 </span>Data<a class="self-link" aria-label="§" href="#terminology.data"></a></h3> <p> A party <dfn data-dfn-type="dfn" id="dfn-collects">collects</dfn> data received in a network interaction if that data remains within the party’s control after the network interaction is complete. </p> <p> A party <dfn data-dfn-type="dfn" id="dfn-uses">uses</dfn> data if the party processes the data for any purpose other than storage or merely forwarding it to another party. </p> <p> A party <dfn data-dfn-type="dfn" id="dfn-shares">shares</dfn> data if it transfers or provides a copy of that data to any other party. </p> <p> Data is <dfn data-dfn-type="dfn" id="dfn-permanently-de-identified">permanently de-identified</dfn> when there exists a high level of confidence that no human subject of the data can be identified, directly or indirectly (e.g., via association with an identifier, user agent, or device), by that data alone or in combination with other retained or available information. </p> </section> </section> <section id="notational"> <!--OddPage--><h2 id="x3-notational-conventions"><span class="secno">3. </span>Notational Conventions<a class="self-link" aria-label="§" href="#notational"></a></h2> <section id="requirements"> <h3 id="x3-1-requirements"><span class="secno">3.1 </span>Requirements<a class="self-link" aria-label="§" href="#requirements"></a></h3> <p>The key words <em title="must" class="rfc2119">must</em>, <em title="must not" class="rfc2119">must not</em>, <em title="required" class="rfc2119">required</em>, <em title="should" class="rfc2119">should</em>, <em title="should not" class="rfc2119">should not</em>, <em title="recommended" class="rfc2119">recommended</em>, <em title="may" class="rfc2119">may</em>, and <em title="optional" class="rfc2119">optional</em> in this specification are to be interpreted as described in [<cite><a class="bibref" href="#bib-rfc2119">RFC2119</a></cite>]. </p> </section> <section id="notation"> <h3 id="x3-2-formal-syntax"><span class="secno">3.2 </span>Formal Syntax<a class="self-link" aria-label="§" href="#notation"></a></h3> <p> This specification uses the Augmented Backus-Naur Form (ABNF) notation of [<cite><a class="bibref" href="#bib-rfc5234">RFC5234</a></cite>] to define network protocol syntax and WebIDL [<cite><a class="bibref" href="#bib-webidl-20161215">WebIDL-20161215</a></cite>] to define scripting APIs. Conformance criteria and considerations regarding error handling are defined in Section 2.5 of [<cite><a class="bibref" href="#bib-rfc7230">RFC7230</a></cite>]. </p> <p> How to <dfn data-dfn-type="dfn" id="dfn-throw"><a class="externalDFN" href="https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/#dfn-throw">throw</a></dfn> a <dfn data-dfn-type="dfn" id="dfn-domexception"><a class="externalDFN" href="https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/#idl-DOMException">DOMexception</a></dfn> and the <dfn data-dfn-type="dfn" id="dfn-exceptions"><a class="externalDFN" href="https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/#idl-exceptions">exceptions</a></dfn> named "InvalidStateError", "SecurityError", and "SyntaxError" are defined in [<cite><a class="bibref" href="#bib-webidl-20161215">WebIDL-20161215</a></cite>]. </p> <p> <dfn data-dfn-type="dfn" id="dfn-promise-objects"><a class="externalDFN" href="https://tc39.github.io/ecma262/#sec-promise-objects">Promise objects</a></dfn> are defined in [<cite><a class="bibref" href="#bib-ecmascript">ECMASCRIPT</a></cite>]; the phrases <dfn data-dfn-type="dfn" id="dfn-promise-call"><a class="externalDFN" href="https://www.w3.org/2001/tag/doc/promises-guide#promise-calling">promise-call</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-resolve-promise"><a class="externalDFN" href="https://www.w3.org/2001/tag/doc/promises-guide#resolve-promise">resolve promise</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-reject-promise"><a class="externalDFN" href="https://www.w3.org/2001/tag/doc/promises-guide#reject-promise">reject promise</a></dfn>, <dfn data-dfn-type="dfn" id="dfn-upon-fulfillment"><a class="externalDFN" href="https://www.w3.org/2001/tag/doc/promises-guide#upon-fulfillment">upon fulfillment</a></dfn>, and <dfn data-dfn-type="dfn" id="dfn-upon-rejection"><a class="externalDFN" href="https://www.w3.org/2001/tag/doc/promises-guide#upon-rejection">upon rejection</a></dfn> are used in accordance with [<cite><a class="bibref" href="#bib-promiseguide">PromiseGuide</a></cite>]. </p> </section> </section> <section id="determining"> <!--OddPage--><h2 id="x4-determining-user-preference"><span class="secno">4. </span>Determining User Preference<a class="self-link" aria-label="§" href="#determining"></a></h2> <p> The goal of this protocol is to allow a user to express their personal preference regarding tracking to each server and web application that they communicate with via HTTP, thereby allowing recipients of that preference to adjust tracking behavior accordingly or to reach a separate agreement with the user that satisfies all parties. </p> <p> Key to that notion of expression is that the signal sent <em class="rfc2119" title="MUST">MUST</em> reflect the user's preference, not the choice of some vendor, institution, site, or network-imposed mechanism outside the user's control; this applies equally to both the general preference and exceptions. The basic principle is that a tracking preference expression is only transmitted when it reflects a deliberate choice by the user. In the absence of user choice, there is no tracking preference expressed (see <a href="#privacy.not-preconfigured" class="sectionRef sec-ref">section <span class="secno">10.1</span> <span class="sec-title">Why DNT:1 is Not Preconfigured by Default</span></a>). </p> <p> A user agent <em class="rfc2119" title="MUST">MUST</em> offer users a minimum of two alternative choices for a <q>Do Not Track</q> preference: <code><dfn data-dfn-type="dfn" id="dfn-unset">unset</dfn></code> or <code><dfn data-dfn-type="dfn" id="dfn-dnt-1">DNT:1</dfn></code>. A user agent <em class="rfc2119" title="MAY">MAY</em> offer a third alternative choice: <code><dfn data-dfn-type="dfn" id="dfn-dnt-0">DNT:0</dfn></code>. </p> <p> If the user's choice is <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> or <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a>, the tracking preference is <dfn data-dfn-type="dfn" id="dfn-enabled">enabled</dfn>; otherwise, the tracking preference is <dfn data-dfn-type="dfn" id="dfn-not-enabled">not enabled</dfn>. </p> <p> A user agent <em class="rfc2119" title="MUST">MUST</em> have a default tracking preference of <code>unset</code> (not enabled) unless a specific tracking preference is implied by the user's decision to use that agent. For example, use of a general-purpose browser would not imply a tracking preference when invoked normally as <q>SuperFred</q>, but might imply a preference if invoked as <q>SuperDoNotTrack</q> or <q>UltraPrivacyFred</q>. </p> <p> Implementations of HTTP that are not under control of the user <em class="rfc2119" title="MUST NOT">MUST NOT</em> add, delete, or modify a tracking preference. Some controlled network environments, such as public access terminals or managed corporate intranets, might impose restrictions on the use or configuration of installed user agents, such that a user might only have access to user agents with a predetermined preference enabled. However, if a user brings their own Web-enabled device to a library or cafe with wireless Internet access, the expectation will be that their chosen user agent and personal preferences regarding Web site behavior will not be altered by the network environment (aside from blanket limitations on what resources can or cannot be accessed through that network). </p> <p> An HTTP intermediary <em class="rfc2119" title="MUST NOT">MUST NOT</em> add, delete, or modify a tracking preference expression in a request forwarded through that intermediary unless the intermediary has been specifically installed or configured to do so by the user making the request. For example, an Internet Service Provider <em class="rfc2119" title="MUST NOT">MUST NOT</em> inject <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> on behalf of all users who have not expressed a preference. </p> <p> User agents often include user-installable <dfn data-dfn-type="dfn" id="dfn-extensions">extensions</dfn>, also known as <dfn data-dfn-type="dfn" id="dfn-add-ons">add-ons</dfn> or <dfn data-dfn-type="dfn" id="dfn-plug-ins">plug-ins</dfn>, that are capable of modifying configurations and making network requests. From the user's perspective, these extensions are considered part of the user agent and ought to respect the user's configuration of a tracking preference. The user agent as a whole is responsible for ensuring conformance with this protocol, to the extent possible, which means the user agent core and each extension are jointly responsible for conformance. However, there is no single standard for extension interfaces. A user agent that permits such extensions <em class="rfc2119" title="SHOULD">SHOULD</em> provide an appropriate mechanism for extensions to determine the user's tracking preference. </p> <p> A user agent extension <em class="rfc2119" title="MUST NOT">MUST NOT</em> alter the tracking preference expression or its associated configuration unless the act of installing and enabling that extension is an explicit choice by the user for that tracking preference, or the extension itself complies with all of the requirements this protocol places on a user agent. </p> <p> Likewise, software outside of the user agent might filter network traffic or cause a user agent's configuration to be changed. Software that alters a user agent configuration <em class="rfc2119" title="MUST">MUST</em> adhere to the above requirements on a user agent extension. Software that filters network traffic <em class="rfc2119" title="MUST">MUST</em> adhere to the above requirements on an HTTP intermediary. </p> <p> Aside from the above requirements, we do not specify how the tracking preference choices are offered to the user or how the preference is enabled: each implementation is responsible for determining the user experience by which a tracking preference is <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a>. </p> <p> For example, a user might select a check-box in their user agent's configuration, install an extension that is specifically designed to add a tracking preference expression, or make a choice for privacy that then implicitly includes a tracking preference (e.g., <q>Privacy settings: high</q>). A user agent might ask the user for their preference during startup, perhaps on first use or after an update adds the tracking protection feature. Likewise, a user might install or configure a proxy to add the expression to their own outgoing requests. </p> </section> <section id="expressing"> <!--OddPage--><h2 id="x5-expressing-a-tracking-preference"><span class="secno">5. </span>Expressing a Tracking Preference<a class="self-link" aria-label="§" href="#expressing"></a></h2> <section id="expression-format"> <h3 id="x5-1-expression-format"><span class="secno">5.1 </span>Expression Format<a class="self-link" aria-label="§" href="#expression-format"></a></h3> <p> When a user has <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a> a tracking preference, that preference needs to be expressed to all mechanisms that might perform or initiate <a href="#dfn-tracking" class="internalDFN" data-link-type="dfn">tracking</a>. </p> <p> When <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a>, a tracking preference is expressed as either: </p> <table class="simple"> <tbody><tr><th>DNT</th> <th>meaning</th> </tr> <tr><td>1</td> <td>This user prefers not to be tracked on this request.</td> </tr> <tr><td>0</td> <td>This user prefers to allow tracking on this request.</td> </tr> </tbody></table> <p> A user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> send a tracking preference expression if a tracking preference is <a href="#dfn-not-enabled" class="internalDFN" data-link-type="dfn">not enabled</a>. This means that no expression is sent for each of the following cases: </p> <ul> <li>the user agent does not implement this protocol;</li> <li>the user has not yet made a choice for a specific preference; or,</li> <li>the user has chosen not to transmit a preference.</li> </ul> <p> In the absence of regulatory, legal, or other requirements, servers <em class="rfc2119" title="MAY">MAY</em> interpret the lack of an expressed tracking preference as they find most appropriate for the given user, particularly when considered in light of the user's privacy expectations and cultural circumstances. Likewise, servers might make use of other preference information outside the scope of this protocol, such as site-specific user preferences or third-party registration services, to inform or adjust their behavior when no explicit preference is expressed via this protocol. </p> </section> <section id="dnt-header-field"> <h3 id="x5-2-dnt-header-field-for-http-requests"><span class="secno">5.2 </span>DNT Header Field for HTTP Requests<a class="self-link" aria-label="§" href="#dnt-header-field"></a></h3> <p> The <code><dfn data-dfn-type="dfn" id="dfn-dnt">DNT</dfn></code> header field is a mechanism for expressing the user's tracking preference in an HTTP request ([<cite><a class="bibref" href="#bib-rfc7230">RFC7230</a></cite>]). At most one <code>DNT</code> header field can be present in a valid request. </p> <pre class="abnf hljs" aria-busy="false">DNT-field-name = "DNT" DNT-field-value = ( "0" / "1" ) *DNT-extension </pre> <p> A user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> generate a <code>DNT</code> header field if the user's tracking preference is <a href="#dfn-not-enabled" class="internalDFN" data-link-type="dfn">not enabled</a>. </p> <p> A user agent <em class="rfc2119" title="MUST">MUST</em> generate a <code>DNT</code> header field with a field-value that begins with the numeric character "1" if the user's tracking preference is <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a>, their preference is for <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a>, and no exception has been granted for the target resource (see <a href="#exceptions" class="sectionRef sec-ref">section <span class="secno">6.</span> <span class="sec-title">User-Granted Exceptions</span></a>). </p> <p> A user agent <em class="rfc2119" title="MUST">MUST</em> generate a <code>DNT</code> header field with a field-value that begins with the numeric character "0" if the user's tracking preference is <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a> and their preference is for <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a>, or if an exception has been granted for the target resource. </p> <p> A proxy <em class="rfc2119" title="MUST NOT">MUST NOT</em> generate a <code>DNT</code> header field unless it has been specifically installed or configured to do so by the user making the request and adheres to the above requirements as if it were a user agent. </p> <div class="example" id="ex-1-example-1-get-something-here-http-1-1-host-example-com-dnt-1"> <div class="marker"><a class="self-link" href="#ex-1-example-1-get-something-here-http-1-1-host-example-com-dnt-1">Example 1</a></div> <pre class="hljs http" aria-busy="false"><span class="hljs-keyword">GET</span> <span class="hljs-string">/something/here</span> HTTP/1.1 <span class="hljs-attribute">Host</span>: example.com <span class="hljs-attribute">DNT</span>: 1</pre> </div> <section id="dnt-extensions"> <h4 id="x5-2-1-extensions-to-the-dnt-field-value"><span class="secno">5.2.1 </span>Extensions to the DNT Field Value<a class="self-link" aria-label="§" href="#dnt-extensions"></a></h4> <p> The remainder of the <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> field-value, after the initial character, is reserved for future extensions. DNT extensions can only be transmitted when a tracking preference is <a href="#dfn-enabled" class="internalDFN" data-link-type="dfn">enabled</a>. The extension syntax is restricted to visible ASCII characters that can be parsed as a single word in HTTP and safely embedded in a JSON string without further encoding (<a href="#status-representation" class="sectionRef sec-ref">section <span class="secno">7.5</span> <span class="sec-title">Tracking Status Representation</span></a>). </p> <pre class="abnf hljs" aria-busy="false">DNT-extension = %x21 / %x23-2B / %x2D-5B / %x5D-7E ; excludes CTL, SP, DQUOTE, comma, backslash </pre> <p> For example, additional characters might indicate modifiers to the main preference expressed by the first digit, such that the main preference will be understood if the recipient does not understand the extension. Hence, a field-value of "1xyz" can be thought of as <q>do not track, but if you understand the refinements defined by x, y, or z, then adjust my preferences according to those refinements.</q> </p> <p> User agents that do not implement DNT extensions <em class="rfc2119" title="MUST NOT">MUST NOT</em> send DNT-extension characters in the <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> field-value. Servers that do not implement DNT extensions <em class="rfc2119" title="SHOULD">SHOULD</em> ignore anything beyond the first character. </p> <div class="note" id="issue-container-generatedID"><div role="heading" class="note-title marker" id="h-note" aria-level="5"><span>Note</span></div><p class=""> This DNT-extension feature is speculative because no known extensions have been defined; implementers that do not read this specification are likely to assume that DNT only has the fixed values of "0" or "1". Furthermore, the potential benefits of this mechanism are unclear given that extension information could be supplied using separate request header fields. Inappropriate extensions to the "1" value might cause the user's requests to be more easily <a href="#privacy.fingerprinting">fingerprinted</a>. </p></div> </section> </section> <section id="js-dom"> <h3 id="x5-3-javascript-property-to-detect-preference"><span class="secno">5.3 </span>JavaScript Property to Detect Preference<a class="self-link" aria-label="§" href="#js-dom"></a></h3> <p> The <code><dfn data-dfn-type="dfn" data-lt="navigator.donottrack|donottrack" id="dom-navigator-donottrack" data-idl="attribute" data-title="Navigator.doNotTrack" data-dfn-for="navigator" data-type="DOMString">Navigator.doNotTrack</dfn></code> property enables a client-side script with read access to the <code><dfn data-dfn-type="dfn" id="dom-navigator" data-idl="interface" data-title="Navigator" data-dfn-for=""><a href="https://www.w3.org/TR/html51/webappapis.html#the-navigator-object">Navigator</a></dfn></code> object [<cite><a class="bibref" href="#bib-html51">HTML51</a></cite>] to determine what <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> header field value would be sent to the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a>, taking into account the user's general preference (if any) and user-granted exceptions applicable to the <a href="#dfn-target-domain" class="internalDFN" data-link-type="dfn">target domain</a> when referenced by the active document's <a href="#dfn-top-level-browsing-context" class="internalDFN" data-link-type="dfn">top-level browsing context</a>. </p> <div><pre class="def idl"><span data-idl="" class="idlInterface" id="idl-def-navigator-partial-1" data-title="Navigator">partial interface <span class="idlID"><a data-link-for="" data-lt="" data-link-type="dfn" href="https://www.w3.org/TR/html51/webappapis.html#the-navigator-object"><code>Navigator</code></a></span> {<span data-idl="" class="idlAttribute" id="idl-def-navigator-donottrack" data-title="doNotTrack" data-dfn-for="navigator"> readonly attribute<span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>?</span> <span class="idlName"><a data-link-for="navigator" data-lt="navigator.donottrack|donottrack" href="#dom-navigator-donottrack" class="internalDFN" data-link-type="dfn"><code>doNotTrack</code></a></span>;</span> };</span></pre></div> <p> The value is <code>null</code> if no DNT header field would be sent (e.g., because a tracking preference is <a href="#dfn-not-enabled" class="internalDFN" data-link-type="dfn">not enabled</a> and no user-granted exception is applicable); otherwise, the value is a string beginning with "0" or "1", possibly followed by DNT-extension characters. </p> <p> Specifically, the value of <a href="#dom-navigator-donottrack" class="internalDFN" data-link-type="dfn"><code>Navigator.doNotTrack</code></a> for a given script is either <code>null</code> or the string value that would be sent in a <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> field-value (<a href="#dnt-header-field" class="sectionRef sec-ref">section <span class="secno">5.2</span> <span class="sec-title">DNT Header Field for HTTP Requests</span></a>) in a request to a <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a> at the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a> (the current <a href="#dfn-document-domain" class="internalDFN" data-link-type="dfn">document.domain</a> of the script's <a href="#dfn-responsible-document" class="internalDFN" data-link-type="dfn">responsible document</a>) when that request is due to an embedded reference from this site (the <a href="#dfn-document-domain" class="internalDFN" data-link-type="dfn">document.domain</a> of the <a href="#dfn-top-level-browsing-context" class="internalDFN" data-link-type="dfn">top-level browsing context</a>'s <a href="#dfn-active-document" class="internalDFN" data-link-type="dfn">active document</a>). </p> <p> Ideally, the value of <a href="#dom-navigator-donottrack" class="internalDFN" data-link-type="dfn"><code>Navigator.doNotTrack</code></a> ought to reflect the current set of user-granted exceptions in effect when the attribute is read. In practice, however, the value might only reflect the value that was in effect when the script was initiated. </p> </section> <section id="other-protocols"> <h3 id="x5-4-tracking-preference-expressed-in-other-protocols"><span class="secno">5.4 </span>Tracking Preference Expressed in Other Protocols<a class="self-link" aria-label="§" href="#other-protocols"></a></h3> <p> A user's tracking preference is intended to apply in general, regardless of the protocols being used for Internet communication. However, it is beyond the scope of this specification to define how a user's tracking preference might be communicated via protocols other than HTTP. </p> </section> </section> <section id="exceptions"> <!--OddPage--><h2 id="x6-user-granted-exceptions"><span class="secno">6. </span>User-Granted Exceptions<a class="self-link" aria-label="§" href="#exceptions"></a></h2> <section id="exception-overview"> <h3 id="x6-1-overview"><span class="secno">6.1 </span>Overview<a class="self-link" aria-label="§" href="#exception-overview"></a></h3> <p> Content providers might wish to prompt visitors to <q>opt in</q> to tracking for behavioral advertising or similar purposes when they arrive with the Do Not Track setting enabled. However, granting an exception in one context (e.g., while browsing a news site) does not imply that exception is applicable to other contexts (e.g., browsing an unrelated medical site). Furthermore, users might wish to view or edit all the exceptions they've granted in a single, consistent user interface, rather than managing preferences in a different way on every content provider or tracker's privacy page. </p> <p> A <dfn data-dfn-type="dfn" id="dfn-user-granted-exception">user-granted exception</dfn> is the record of a decision by the user to grant consent for tracking (<a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a>) on future requests from a given site to a set of target domains. Both site and target are scoped by domain, similar to the existing domain scope of cookies (<a href="https://www.w3.org/TR/html5/single-page.html#relaxing-the-same-origin-restriction">Section 5.3.1</a> of [<cite><a class="bibref" href="#bib-html51">HTML51</a></cite>]), to avoid prompting the user for every subdomain of a site and every target resource that might be referenced. </p> <p> A client-side database can be used for persistent storage of user-granted exceptions, such that permission to send <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a> is obtained by a site and stored via a JavaScript API. However, we only define the API (below); the choice of storage mechanism is left to each implementation. In comparison to the use of cookies to manage consent, an exception database and APIs provide more transparency and better user control, while also providing better persistence of those exceptions for sites. </p> </section> <section id="exception-scope"> <h3 id="x6-2-site-specific-or-web-wide"><span class="secno">6.2 </span>Site-specific or Web-wide<a class="self-link" aria-label="§" href="#exception-scope"></a></h3> <p> There are three domain concepts involved in the processing of user-granted exceptions: </p> <dl> <dt><dfn data-dfn-type="dfn" id="dfn-site-domain">site domain</dfn></dt> <dd>the domain associated with a site on which a given reference might be found and for which the user-granted exceptions API might be queried: specifically, the current <a href="#dfn-document-domain" class="internalDFN" data-link-type="dfn">document.domain</a> of the <a href="#dfn-top-level-browsing-context" class="internalDFN" data-link-type="dfn">top-level browsing context</a>'s <a href="#dfn-active-document" class="internalDFN" data-link-type="dfn">active document</a> [<cite><a class="bibref" href="#bib-html51">HTML51</a></cite>].</dd> <dt><dfn data-dfn-type="dfn" id="dfn-target-domain">target domain</dfn></dt> <dd>the <a href="#dfn-uri-host" class="internalDFN" data-link-type="dfn">uri-host</a> subcomponent of the <a href="#dfn-authority" class="internalDFN" data-link-type="dfn">authority</a> component of a referenced "http" or "https" URI [<cite><a class="bibref" href="#bib-rfc7230">RFC7230</a></cite>].</dd> <dt><dfn data-dfn-type="dfn" id="dfn-script-domain">script domain</dfn></dt> <dd>the effective domain of a script when it uses the exception API: specifically, the current <a href="#dfn-document-domain" class="internalDFN" data-link-type="dfn">document.domain</a> of the script's <a href="#dfn-responsible-document" class="internalDFN" data-link-type="dfn">responsible document</a> [<cite><a class="bibref" href="#bib-html51">HTML51</a></cite>].</dd> </dl> <p> A user-granted exception is <dfn data-dfn-type="dfn" id="dfn-site-specific">site-specific</dfn> if the exception is limited to requests embedded in, or referred by, a given <a href="#dfn-site-domain" class="internalDFN" data-link-type="dfn">site domain</a>; otherwise, the exception is <dfn data-dfn-type="dfn" id="dfn-web-wide">web-wide</dfn> because it applies to the target domain regardless of the referring site. For example, a user might wish to grant a certain target domain a web-wide exception for the purpose of audience measurement across multiple sites, perhaps in exchange for some incentive. </p> <p> When asking for consent to record a <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception, a site might make some claims regarding limitations on the actions and behavior of the known third parties that it references. Such a site might wish to restrict its <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exceptions to only target domains for which those claims have been verified. (For example, consider the dilemma of a site that has trusted advertisers and analytics providers, along with some less trusted mashed-up content that might reference other sites). For this reason, <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exceptions can be limited to the script domain, limited to a named set of target domains, or be applicable to any target domain ("*"). </p> </section> <section id="exception-granting"> <h3 id="x6-3-granting-an-exception"><span class="secno">6.3 </span>Granting an Exception<a class="self-link" aria-label="§" href="#exception-granting"></a></h3> <p> It is expected that a site will explain to the user, in its online content, the need for an exception and the consequences of granting or denying that exception. Upon receipt of an informed consent from the user, a script operating on the site's page is expected to promise-call the <a href="#dom-navigator-storetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.storeTrackingException</code></a> API using parameters consistent with the consent granted by the user. </p> <p> A site <em class="rfc2119" title="MUST">MUST</em> ensure that a call to store an exception reflects the user's intention to grant an exception at the time of that call. It is the sole responsibility of the site to determine that a call to record an exception reflects the user's informed consent at the time of that call. </p> <p> Third party target domains that might wish to receive a user-granted exception often do not have the ability to invoke an interactive JavaScript presence on a page (for example, those that provide only images or "tracking pixels"). They cannot request an exception under these circumstances, either because a script is needed to make the API call or it requires interaction to ensure the user is informed and to receive an indication of their consent. In general, this process of informing, getting consent, and calling the API is not expected within page elements where such trackers are invoked. </p> <p> A first party site's page (the <a href="#dfn-top-level-browsing-context" class="internalDFN" data-link-type="dfn">top-level browsing context</a>) might be used to obtain consent for multiple parties; e.g., using multiple iframe elements containing scripts that can convey information about each party's policies and obtain specific consent for each party. In this case, the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a> might be different from the site for which consent is being granted. </p> <p> Alternatively, a third party might encourage the user to visit their own site directly in order to engage in a consent dialog and make use of the API to store a <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception. </p> <p> A site can request an exception be stored even when the user's general preference is <a href="#dfn-not-enabled" class="internalDFN" data-link-type="dfn">not enabled</a>. This permits the sending of <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> only for target resources for which an expressed preference is desired. Stored exceptions could affect which preference is transmitted if a user later chooses to configure a general tracking preference. </p> <p> A user agent might not store the exception immediately, possibly because it is allowing the user to confirm. Even though the site has acquired the user's informed consent before calling the store API, it is possible that the user will change their mind, allow the storing of an exception to proceed but later remove it, or perhaps deny the storage by prior configuration. Nonetheless, at the time of a call, the site has acquired the user's consent and can proceed on that basis whether or not the user agent has stored an exception. </p> </section> <section id="exception-checking"> <h3 id="x6-4-checking-for-an-exception"><span class="secno">6.4 </span>Checking for an Exception<a class="self-link" aria-label="§" href="#exception-checking"></a></h3> <p> A site can promise-call the <a href="#dom-navigator-trackingexceptionexists" class="internalDFN" data-link-type="dfn"><code>Navigator.trackingExceptionExists</code></a> API to enquire whether a set of exceptions has been granted and stands in the user agent. If the promise resolves to false (indicating the exception set has expired, been deleted, or has not yet been stored), the user can be asked again for consent. </p> <p> A user agent is expected to query the exceptions database at the time of a request in order to determine what value (if any) to send as the user's tracking preference. </p> <ul> <li>While the user is browsing a given site, if the duplet [<a href="#dfn-site-domain" class="internalDFN" data-link-type="dfn">site domain</a>, <a href="#dfn-target-domain" class="internalDFN" data-link-type="dfn">target domain</a>] matches any duplet in the database, then a <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a> preference is sent, otherwise the user’s general preference is sent (if any).</li> </ul> <p> A pair of duplets [A,B] and [X,Y] match if A matches X and B matches Y. A pair of values A and X match if and only if one of the following is true: </p> <ul> <li>either A or X is "*";</li> <li>A and X are the same string;</li> <li>A has the form '*.domain' and X is 'domain' or is of the form 'string.domain', where 'string' is any sequence of characters.</li> </ul> <p class="example"> For example, a user might grant an exception for metrics.example.net to track their activity on news.example.com and weather.example.com, but not on medical.example.org. If the document at <code>http://news.example.com/news/story/2098373.html</code> has embedded references to <code>http://metrics.example.net/1x1.gif</code> and <code>http://weather.example.com/widget.js</code>, the site domain for those references is <code>news.example.com</code> and the target domains are <code>metrics.example.net</code> and <code>weather.example.com</code>, respectively. </p> <p> A user agent <em class="rfc2119" title="MAY">MAY</em> choose to disregard a user-granted exception when the <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a> does not have a corresponding tracking status resource with a valid tracking status representation, since that would imply the <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a> does not conform to this specification. </p> </section> <section id="exception-revoking"> <h3 id="x6-5-revoking-an-exception"><span class="secno">6.5 </span>Revoking an Exception<a class="self-link" aria-label="§" href="#exception-revoking"></a></h3> <p> A site that stores exceptions is also expected to enable revocation of those exceptions. The <a href="#dom-navigator-removetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.removeTrackingException</code></a> API can be promise-called by a script to remove all exceptions applicable to that site. </p> <p> A site <em class="rfc2119" title="MAY">MAY</em> monitor for changes to its user-granted exceptions. If a user revokes consent by deleting an exception, the site <em class="rfc2119" title="MUST">MUST</em> respect that revocation, though it <em class="rfc2119" title="MAY">MAY</em> ask again for a new exception. In other words, a site <em class="rfc2119" title="MUST NOT">MUST NOT</em> resurrect a deleted exception without first interacting with and receiving new consent from the user. </p> </section> <section id="exception-javascript-api"> <h3 id="x6-6-client-side-scripting-api"><span class="secno">6.6 </span>Client-side Scripting API<a class="self-link" aria-label="§" href="#exception-javascript-api"></a></h3> <section id="exception-javascript-api-store"> <h4 id="x6-6-1-api-to-store-a-tracking-exception"><span class="secno">6.6.1 </span>API to Store a Tracking Exception<a class="self-link" aria-label="§" href="#exception-javascript-api-store"></a></h4> <p> When a site has obtained consent for a <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a>, a script running within an active <a href="#dfn-browsing-context" class="internalDFN" data-link-type="dfn">browsing context</a> or <a href="#dfn-nested-browsing-context" class="internalDFN" data-link-type="dfn">nested browsing context</a> of that site can <a href="#dfn-promise-call" class="internalDFN" data-link-type="dfn">promise-call</a> <code><dfn data-dfn-type="dfn" data-lt="navigator.storetrackingexception|navigator.storetrackingexception()|storetrackingexception()|storetrackingexception" id="dom-navigator-storetrackingexception" data-idl="operation" data-title="Navigator.storeTrackingException" data-dfn-for="navigator" data-type="Promise">Navigator.storeTrackingException</dfn></code> to store one or more tracking exceptions. A <code><dfn data-dfn-type="dfn" id="dom-trackingexdata" data-idl="dictionary" data-title="TrackingExData" data-dfn-for="">TrackingExData</dfn></code> object is supplied as a parameter to define the exception's scope (the set of [site, target] duplets that encompass the granted exception) and optional information to be stored for that exception. The call returns a promise which either resolves to a <code><dfn data-dfn-type="dfn" id="dom-trackingexresult" data-idl="dictionary" data-title="TrackingExResult" data-dfn-for="">TrackingExResult</dfn></code> or is rejected with a <code>DOMException</code> identifying the reason for the failure. </p> <div><pre class="def idl"><span data-idl="" class="idlInterface" id="idl-def-navigator-partial-2" data-title="Navigator">partial interface <span class="idlID"><a data-link-for="" data-lt="" data-link-type="dfn" href="https://www.w3.org/TR/html51/webappapis.html#the-navigator-object"><code>Navigator</code></a></span> {<span data-idl="" class="idlMethod" id="idl-def-navigator-storetrackingexception-properties" data-title="storeTrackingException" data-dfn-for="navigator"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-promise">Promise</a>&lt;<a data-link-for="" href="#dom-trackingexresult" class="internalDFN" data-link-type="dfn"><code>TrackingExResult</code></a>&gt;</span> <span class="idlName"><a data-link-for="navigator" data-lt="navigator.storetrackingexception|navigator.storetrackingexception()|storetrackingexception()|storetrackingexception" href="#dom-navigator-storetrackingexception" class="internalDFN" data-link-type="dfn"><code>storeTrackingException</code></a></span> (<span class="idlType"> <a data-link-for="" href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a></span> <span class="idlParamName">properties</span> );</span> };</span><span data-idl="" class="idlDictionary" id="idl-def-trackingexdata" data-title="TrackingExData"> dictionary <span class="idlID"><a data-link-for="" data-lt="" href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a></span> {<span data-idl="" class="idlMember" id="idl-def-trackingexdata-site" data-title="site" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a></span>;</span><span data-idl="" class="idlMember" id="idl-def-trackingexdata-targets" data-title="targets" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-sequence">sequence</a>&lt;<a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>&gt;?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a></span>;</span><span data-idl="" class="idlMember" id="idl-def-trackingexdata-name" data-title="name" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-name" class="internalDFN" data-link-type="dfn"><code>name</code></a></span>;</span><span data-idl="" class="idlMember" id="idl-def-trackingexdata-explanation" data-title="explanation" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-explanation" class="internalDFN" data-link-type="dfn"><code>explanation</code></a></span>;</span><span data-idl="" class="idlMember" id="idl-def-trackingexdata-details" data-title="details" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-DOMString">DOMString</a>?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-details" class="internalDFN" data-link-type="dfn"><code>details</code></a></span>;</span><span data-idl="" class="idlMember" id="idl-def-trackingexdata-maxage" data-title="maxAge" data-dfn-for="trackingexdata"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-long">long</a>?</span> <span class="idlName"><a data-link-for="trackingexdata" data-lt="" href="#dom-trackingexdata-maxage" class="internalDFN" data-link-type="dfn"><code>maxAge</code></a></span>;</span> };</span><span data-idl="" class="idlDictionary" id="idl-def-trackingexresult" data-title="TrackingExResult"> dictionary <span class="idlID"><a data-link-for="" data-lt="" href="#dom-trackingexresult" class="internalDFN" data-link-type="dfn"><code>TrackingExResult</code></a></span> {<span data-idl="" class="idlMember" id="idl-def-trackingexresult-issitewide" data-title="isSiteWide" data-dfn-for="trackingexresult"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-boolean">boolean</a></span> <span class="idlName"><a data-link-for="trackingexresult" data-lt="" href="#dom-trackingexresult-issitewide" class="internalDFN" data-link-type="dfn"><code>isSiteWide</code></a></span>;</span> };</span></pre></div> <p> <a href="#dom-navigator-storetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.storeTrackingException</code></a> passes a <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object. A user agent <em class="rfc2119" title="MUST">MUST</em> ignore unknown properties of the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object (for future extensibility). The following <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> properties are defined: </p> <dl data-dfn-for="TrackingExData"> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-site" data-idl="field" data-title="site" data-type="DOMString">site</dfn></code></dt> <dd>The referring domain scope for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is undefined, null, or the empty string, the exception's referring domain scope defaults to the <a href="#dfn-script-domain" class="internalDFN" data-link-type="dfn">script domain</a>.</li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is defined and equal to "<code>*</code>", the exception is intended to be <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> for the set of <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a>. A user agent <em class="rfc2119" title="MUST">MUST</em> reject the promise with the <code>DOMException</code> named "SecurityError" if both <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> and any of the <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> are "<code>*</code>".</li> <li>Otherwise, the exception's referring domain scope is defined by a domain found in <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> that is treated in the same way as the domain parameter to cookies [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>], allowing subdomains to be included with the prefix "<code>*.</code>". The value can be set to a fully-qualified right-hand segment of the document host name, up to one level below TLD.</li> </ul></dd> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-targets" data-idl="field" data-title="targets" data-type="sequence">targets</dfn></code></dt> <dd>An array of target domains for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is undefined or null, the user-granted exception to be stored is <code>[site,&nbsp;*]</code>, meaning that the exception applies to all domains referenced by the site.</li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is an empty array, the user-granted exception to be stored is <code>[site,&nbsp;script&nbsp;domain]</code>, meaning that the exception applies only to resources that share the same domain as the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a>.</li> <li>Otherwise, for each domain string in the <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> array, a user-granted exception to be stored is the duplet <code>[site,&nbsp;domain]</code>.</li> </ul></dd> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-name" data-idl="field" data-title="name" data-type="DOMString">name</dfn></code></dt> <dd>When defined and not null or an empty string, <a data-link-for="TrackingExData" href="#dom-trackingexdata-name" class="internalDFN" data-link-type="dfn"><code>name</code></a> is a user-readable string for naming the exception, usually descriptive of the targets or their intended purpose for this site, encoded as UTF-8 and appropriate for the natural language(s) used to inform consent for the exception.</dd> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-explanation" data-idl="field" data-title="explanation" data-type="DOMString">explanation</dfn></code></dt> <dd>When defined and not null or an empty string, <a data-link-for="TrackingExData" href="#dom-trackingexdata-explanation" class="internalDFN" data-link-type="dfn"><code>explanation</code></a> is a user-readable short explanation of the granted exception, encoded as UTF-8 and in the same natural language(s) used to inform consent for the exception.</dd> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-details" data-idl="field" data-title="details" data-type="DOMString">details</dfn></code></dt> <dd>When defined and not null or an empty string, <a data-link-for="TrackingExData" href="#dom-trackingexdata-details" class="internalDFN" data-link-type="dfn"><code>details</code></a> is a URI reference at which further information about the granted exception can be found [<cite><a class="bibref" href="#bib-rfc3986">RFC3986</a></cite>].</dd> <dt><code><dfn data-dfn-for="trackingexdata" data-dfn-type="dfn" id="dom-trackingexdata-maxage" data-idl="field" data-title="maxAge" data-type="long">maxAge</dfn></code></dt> <dd>When defined and not null, <a data-link-for="TrackingExData" href="#dom-trackingexdata-maxage" class="internalDFN" data-link-type="dfn"><code>maxAge</code></a> is a positive number of seconds indicating the maximum lifetime of the grant: <ul> <li>If <code>maxAge</code> is supplied and not null, empty, or negative, the user agent <em class="rfc2119" title="MUST">MUST</em> remove the stored exception no later than the specified number of seconds after being stored.</li> <li>If <code>maxAge</code> is not supplied, the user agent <em class="rfc2119" title="MAY">MAY</em> retain the stored grant indefinitely.</li> </ul> </dd> </dl> <p> The properties <a data-link-for="TrackingExData" href="#dom-trackingexdata-name" class="internalDFN" data-link-type="dfn"><code>name</code></a>, <a data-link-for="TrackingExData" href="#dom-trackingexdata-explanation" class="internalDFN" data-link-type="dfn"><code>explanation</code></a>, and <a data-link-for="TrackingExData" href="#dom-trackingexdata-details" class="internalDFN" data-link-type="dfn"><code>details</code></a> are provided by the caller for the sake of potential user interfaces. If a user agent presents these properties to the user, it ought to be clear that they are provided for informational value and are less important than the exception's technical effect. </p> <p> In addition to the data above, a user agent might also store ambient information about the call, such as the URI associated with the <a href="#dfn-top-level-browsing-context" class="internalDFN" data-link-type="dfn">top-level browsing context</a>, the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a>, a current timestamp, or other information potentially obtained from applicable tracking status resources. </p> <p> The calling <a href="#dfn-script-domain" class="internalDFN" data-link-type="dfn">script domain</a> <em class="rfc2119" title="MUST">MUST</em> have a <a href="#dfn-site-wide-tracking-status-resource" class="internalDFN" data-link-type="dfn">site-wide tracking status resource</a> with a valid <a href="#status-representation">tracking status representation</a> that includes a <a href="#dfn-policy" class="internalDFN" data-link-type="dfn"><code>policy</code></a> property. This allows a user agent to obtain and possibly store additional information about the caller’s controller and tracking policies at the time an exception is granted. </p> <p> A user agent <em class="rfc2119" title="MAY">MAY</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "InvalidStateError" if it cannot determine the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a> or if the site corresponding to that origin does not have a <a href="#dfn-site-wide-tracking-status-resource" class="internalDFN" data-link-type="dfn">site-wide tracking status resource</a> with a valid <a href="#status-representation">tracking status representation</a>. </p> <p> For each <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception being stored, a user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> store the duplets and <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that duplet's referring domain scope following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. </p> <p class="example"> For example, a script on <em>www.foo.bar.example.com</em> can set the <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> as <code>"bar.example.com"</code> or <code>"example.com"</code>, but not to <code>"something.else.example.com"</code> or <code>"com"</code>. </p> <p> For each <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception being stored, a user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> store the duplets and <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that target domain following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. This limits storing of a web-wide exception to scripts that share the same domain scope as the exception targets, but allows such scripts to be embedded within iframes of a common consent portal. </p> <p> For any other failure, such as an incorrectly formatted parameter in the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a>, the user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> store any of the target duplets in the database and <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SyntaxError". </p> <p> <a href="#dfn-upon-fulfillment" class="internalDFN" data-link-type="dfn">Upon fulfillment</a>, the user agent has added to its local database one or more site-pair duplets [site, target], each indicating that a request from that <a href="#dfn-site-domain" class="internalDFN" data-link-type="dfn">site domain</a> to the <a href="#dfn-target-domain" class="internalDFN" data-link-type="dfn">target domain</a> will include <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a> regardless of the user's general tracking preference. The fulfilled promise object contains the following <a href="#dom-trackingexresult" class="internalDFN" data-link-type="dfn"><code>TrackingExResult</code></a> attribute: </p> <dl data-dfn-for="TrackingExResult"> <dt><code><dfn data-dfn-for="trackingexresult" data-dfn-type="dfn" id="dom-trackingexresult-issitewide" data-idl="field" data-title="isSiteWide" data-type="boolean">isSiteWide</dfn></code></dt> <dd><code>true</code> if the user agent stored a potentially broader exception that applies to all domains (as opposed to just the listed targets); otherwise, <code>false</code>.</dd> </dl> <p> When a list of <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is supplied for a <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception, the user agent <em class="rfc2119" title="MAY">MAY</em> ignore that list, choosing instead to store a <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception for all domains (<code>[site,&nbsp;*]</code>), if it also indicates that result by setting the returned promise's <a data-link-for="TrackingExResult" href="#dom-trackingexresult-issitewide" class="internalDFN" data-link-type="dfn"><code>isSiteWide</code></a> property to <code>true</code>. </p> <p> User agents <em class="rfc2119" title="MAY">MAY</em> instantiate <a href="#dom-navigator-storetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.storeTrackingException</code></a> even when <a href="#dom-navigator-donottrack" class="internalDFN" data-link-type="dfn"><code>Navigator.doNotTrack</code></a> is null. Scripts <em class="rfc2119" title="SHOULD">SHOULD</em> test for the existence of <a href="#dom-navigator-storetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.storeTrackingException</code></a> before calling the method. </p> <div class="note" id="api-security"><div role="heading" class="note-title marker" id="h-note-0" aria-level="5"><span>Note</span></div><p class=""> There are some security concerns here regarding the ability of a script with an <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a> matching one site being able to persist the DNT value received by resources on other (target) sites. In particular, this feature could be abused to set/unset an array of exceptions, similar to an array of bit values, and be "read" as a persistent identifier by embedding requests to those domains (which might all point to the same Internet host). However, we expect that would leave an obvious trail on the user agent, unlike other sources of fingerprinting.<br> <br> Likewise, allowing an exception to be stored within an iframe of another site's page could be ripe for abuse unless the calling script ensures that it is being run within a page where it expects to be collecting user consent and where the context of that consent is consistent with the exceptions being stored.<br> <br> This design is consistent with the fact that there is no technical restraint from sites calling the API without having first obtained an informed consent from the user. We are assuming that the social and regulatory environment will be sufficient to punish those who might misuse the API or abuse the scope of stored exceptions. A user agent might further limit such risks by checking for a <a href="#dfn-site-wide-tracking-status-resource" class="internalDFN" data-link-type="dfn">site-wide tracking status resource</a> when its presence is required by the API. </p></div> </section> <section id="exception-javascript-api-cancel"> <h4 id="x6-6-2-api-to-remove-a-tracking-exception"><span class="secno">6.6.2 </span>API to Remove a Tracking Exception<a class="self-link" aria-label="§" href="#exception-javascript-api-cancel"></a></h4> <p> When a site decides, or has been directed by the user, to revoke a <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a>, a script running within an active <a href="#dfn-browsing-context" class="internalDFN" data-link-type="dfn">browsing context</a> or <a href="#dfn-nested-browsing-context" class="internalDFN" data-link-type="dfn">nested browsing context</a> of that site can <a href="#dfn-promise-call" class="internalDFN" data-link-type="dfn">promise-call</a> <code><dfn data-dfn-type="dfn" data-lt="navigator.removetrackingexception|navigator.removetrackingexception()|removetrackingexception()|removetrackingexception" id="dom-navigator-removetrackingexception" data-idl="operation" data-title="Navigator.removeTrackingException" data-dfn-for="navigator" data-type="Promise">Navigator.removeTrackingException</dfn></code> to remove one or more tracking exceptions. A <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object is supplied as a parameter to identify which exceptions are to be removed. The call returns a promise which either resolves to indicate success or is rejected with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> identifying the reason for the failure. </p> <div><pre class="def idl"><span data-idl="" class="idlInterface" id="idl-def-navigator-partial-3" data-title="Navigator">partial interface <span class="idlID"><a data-link-for="" data-lt="" data-link-type="dfn" href="https://www.w3.org/TR/html51/webappapis.html#the-navigator-object"><code>Navigator</code></a></span> {<span data-idl="" class="idlMethod" id="idl-def-navigator-removetrackingexception-properties" data-title="removeTrackingException" data-dfn-for="navigator"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-promise">Promise</a>&lt;void&gt;</span> <span class="idlName"><a data-link-for="navigator" data-lt="navigator.removetrackingexception|navigator.removetrackingexception()|removetrackingexception()|removetrackingexception" href="#dom-navigator-removetrackingexception" class="internalDFN" data-link-type="dfn"><code>removeTrackingException</code></a></span> (<span class="idlType"> <a data-link-for="" href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a></span> <span class="idlParamName">properties</span> );</span> };</span></pre></div> <p> <a href="#dom-navigator-removetrackingexception" class="internalDFN" data-link-type="dfn"><code>Navigator.removeTrackingException</code></a> passes a <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object. A user agent <em class="rfc2119" title="MUST">MUST</em> ignore unknown properties of the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object (for future extensibility). The following <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> properties are defined: </p> <dl> <dt><a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a></dt> <dd>The referring domain scope for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is undefined, null, or the empty string, the exception's referring domain scope defaults to the <a href="#dfn-script-domain" class="internalDFN" data-link-type="dfn">script domain</a>. All stored exceptions matching that domain, regardless of target, are to be removed. </li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is defined and equal to "<code>*</code>", the exceptions to be removed are <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> and identified by the set of <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a>.</li> <li>Otherwise, the exceptions to be removed are identified by a domain found in <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> that is treated in the same way as the domain parameter to cookies [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>], allowing subdomains to be included with the prefix "<code>*.</code>". All stored exceptions matching that domain scope, regardless of target, are to be removed. </li> </ul></dd> <dt><a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a></dt> <dd>An array of target domains for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is not defined or not equal to "<code>*</code>", then <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is ignored (it is only used for removing web-wide exceptions).</li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is an empty array, the <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception to be removed is the duplet <code>[*,&nbsp;script&nbsp;domain]</code>.</li> <li>Otherwise, for each domain string in the <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> array, a <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception to be removed is the duplet <code>[*,&nbsp;domain]</code>.</li> </ul></dd> </dl> <p> For each <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception being removed, a user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> remove the duplets and <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that duplet's referring domain scope following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. </p> <p> For each <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception being removed, a user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> remove the duplets and <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that target domain following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. </p> <p> Any processing failure, such as an incorrectly formatted parameter in the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a>, will result in no duplet being removed from the database of stored grants and the returned promise being rejected with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SyntaxError". </p> <p> If there are no matching duplets in the database of stored grants when the method is called, this operation does nothing other than resolve the promise. </p> <p> <a href="#dfn-upon-fulfillment" class="internalDFN" data-link-type="dfn">Upon fulfillment</a>, the user agent <em class="rfc2119" title="MUST">MUST</em> have removed any stored exceptions that matched the identified duplet(s). </p> </section> <section id="exception-javascript-api-confirm"> <h4 id="x6-6-3-api-to-confirm-a-tracking-exception"><span class="secno">6.6.3 </span>API to Confirm a Tracking Exception<a class="self-link" aria-label="§" href="#exception-javascript-api-confirm"></a></h4> <p> When a site wishes to confirm that a <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a> exists for a set of target domains potentially referenced by that site, a script running within an active <a href="#dfn-browsing-context" class="internalDFN" data-link-type="dfn">browsing context</a> or <a href="#dfn-nested-browsing-context" class="internalDFN" data-link-type="dfn">nested browsing context</a> of that site can <a href="#dfn-promise-call" class="internalDFN" data-link-type="dfn">promise-call</a> <code><dfn data-dfn-type="dfn" data-lt="navigator.trackingexceptionexists|navigator.trackingexceptionexists()|trackingexceptionexists()|trackingexceptionexists" id="dom-navigator-trackingexceptionexists" data-idl="operation" data-title="Navigator.trackingExceptionExists" data-dfn-for="navigator" data-type="Promise">Navigator.trackingExceptionExists</dfn></code> with a <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object supplied as a parameter that identifies the set of exceptions to confirm. The call returns a promise which either resolves to true or false or is rejected with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> identifying the reason for the failure. </p> <div><pre class="def idl"><span data-idl="" class="idlInterface" id="idl-def-navigator-partial-4" data-title="Navigator">partial interface <span class="idlID"><a data-link-for="" data-lt="" data-link-type="dfn" href="https://www.w3.org/TR/html51/webappapis.html#the-navigator-object"><code>Navigator</code></a></span> {<span data-idl="" class="idlMethod" id="idl-def-navigator-trackingexceptionexists-properties" data-title="trackingExceptionExists" data-dfn-for="navigator"><span class="idlType"> <a href="https://heycam.github.io/webidl/#idl-promise">Promise</a>&lt;<a href="https://heycam.github.io/webidl/#idl-boolean">boolean</a>&gt;</span> <span class="idlName"><a data-link-for="navigator" data-lt="navigator.trackingexceptionexists|navigator.trackingexceptionexists()|trackingexceptionexists()|trackingexceptionexists" href="#dom-navigator-trackingexceptionexists" class="internalDFN" data-link-type="dfn"><code>trackingExceptionExists</code></a></span> (<span class="idlType"> <a data-link-for="" href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a></span> <span class="idlParamName">properties</span> );</span> };</span></pre></div> <p> <a href="#dom-navigator-trackingexceptionexists" class="internalDFN" data-link-type="dfn"><code>Navigator.trackingExceptionExists</code></a> passes a <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object. A user agent <em class="rfc2119" title="MUST">MUST</em> ignore unknown properties of the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a> object (for future extensibility). The following <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> properties are defined: </p> <dl> <dt><a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a></dt> <dd>The referring domain scope for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is undefined, null, or the empty string, the set of exceptions to be confirmed have a referring domain scope equal to the <a href="#dfn-script-domain" class="internalDFN" data-link-type="dfn">script domain</a>.</li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a> is defined and equal to "<code>*</code>", the set of exceptions to be confirmed is <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> for the set of <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a>.</li> <li>Otherwise, the set of exceptions to be confirmed have a referring domain scope matching the string found in <a data-link-for="TrackingExData" href="#dom-trackingexdata-site" class="internalDFN" data-link-type="dfn"><code>site</code></a>, which is treated in the same way as the domain parameter to cookies [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>], allowing subdomains to be included with the prefix "<code>*.</code>".</li> </ul></dd> <dt><code><dfn data-dfn-type="dfn" id="dfn-targets">targets</dfn></code></dt> <dd>An array of target domains for which the exception applies: <ul> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is undefined or null, the user-granted exception to be confirmed is <code>[site,&nbsp;*]</code>, meaning that the exception applies to all domains referenced by the site.</li> <li>If <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> is an empty array, the user-granted exception to be confirmed is <code>[site,&nbsp;script&nbsp;domain]</code>, meaning that the exception applies only to resources that share the same domain as the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a>.</li> <li>Otherwise, for each domain string in the <a data-link-for="TrackingExData" href="#dom-trackingexdata-targets" class="internalDFN" data-link-type="dfn"><code>targets</code></a> array, a user-granted exception to be confirmed is the duplet <code>[site,&nbsp;domain]</code>.</li> </ul></dd> </dl> <p> For each <a href="#dfn-site-specific" class="internalDFN" data-link-type="dfn">site-specific</a> exception being confirmed, a user agent <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that duplet's referring domain scope following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. </p> <p> For each <a href="#dfn-web-wide" class="internalDFN" data-link-type="dfn">web-wide</a> exception being confirmed, a user agent <em class="rfc2119" title="MUST">MUST</em> reject the promise with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SecurityError" if the script would not be able to set a cookie on that target domain following the cookie domain rules [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>]. </p> <p> Any processing failure, such as an incorrectly formatted parameter in the <a href="#dom-trackingexdata" class="internalDFN" data-link-type="dfn"><code>TrackingExData</code></a>, will result in the returned promise being rejected with a <a href="#dfn-domexception" class="internalDFN" data-link-type="dfn">DOMException</a> named "SyntaxError". </p> <p> A user agent <em class="rfc2119" title="MUST">MUST</em> fulfill the promise with the value <code>true</code> if a current (non-expired) matching exception exists for all of the duplets identified above, or <code>false</code> if any of the identified duplets do not have a matching exception. </p> <p> Because the database might be changed at any time (via other windows or additional user interfaces), a particular response to the API might only be accurate at the time the promise is fulfilled. </p> </section> </section> <section id="exception-management"> <h3 id="x6-7-user-agent-management-of-exceptions"><span class="secno">6.7 </span>User Agent Management of Exceptions<a class="self-link" aria-label="§" href="#exception-management"></a></h3> <p> There is no required user interface for a user agent regarding the granting of exceptions; a user agent <em class="rfc2119" title="MAY">MAY</em> choose to provide none. Alternatively, a user agent <em class="rfc2119" title="MAY">MAY</em>: </p> <ul> <li>indicate that a call to store an exception has just been made;</li> <li>allow the user to confirm a user-granted exception prior to storage;</li> <li>indicate that one or more exceptions exist for the current site;</li> <li>indicate that one or more exceptions exist for target domains incorporated into the current page; or,</li> <li>provide a user interface to see and edit the database of recorded exception grants.</li> </ul> <p> When an explicit list of target domains is provided through the API, their names might mean little to the user. The user might, for example, be told that there is a stored exception for a specific set of targets on such-and-such site, rather than listing them by name; or the user agent might decide to store an all-target exception, effectively ignoring any list of targets. </p> <p> Conversely, if a wild-card is used for the target, the user might be told that there is a stored exception for all third parties that are embedded by the indicated site. </p> <p> A user agent that chooses to highlight when tracking exceptions are applicable might provide an interface, such as a selectable icon in the status bar, that can direct the user to more information about the exception and how to revoke it. </p> <p> In some user agent implementations, decisions to grant exceptions might have been made in the past (and since forgotten) or might have been made by other users of the device. Thus, exceptions might not always represent the current preferences of the user. Some user agents might choose to provide ambient notice that user-opted tracking is ongoing, or easy access to view and control these preferences. Users might also desire to edit exceptions within a separate user interface, which would allow a user to modify their stored exceptions without visiting the target sites. </p> <p> A user-agent <em class="rfc2119" title="MUST">MUST</em> handle each set of exception duplets stored by a single storeTrackingException call as a 'unit', granting and maintaining the duplets in their entirety, or not at all. A user agent <em class="rfc2119" title="MUST NOT">MUST NOT</em> indicate to a site that it has stored an exception for targets {a, b, c} in the database, and later remove only one or two of {a, b, c} from its logical database of stored grants. This assures sites that the set of target domains they need for operational integrity is treated as a unit. </p> </section> </section> <section id="responding"> <!--OddPage--><h2 id="x7-communicating-a-tracking-status"><span class="secno">7. </span>Communicating a Tracking Status<a class="self-link" aria-label="§" href="#responding"></a></h2> <section id="response-overview"> <h3 id="x7-1-overview"><span class="secno">7.1 </span>Overview<a class="self-link" aria-label="§" href="#response-overview"></a></h3> <p> In addition to expressing the user's preference regarding tracking, this protocol enables servers to communicate machine-readable claims regarding their own tracking behavior. Since a personalized tracking status on every response would disable caching, a combination of response mechanisms are defined to allow the tracking status to be communicated prior to making a trackable request and without making every response dynamic. </p> </section> <section id="tracking-status-value"> <h3 id="x7-2-tracking-status-value"><span class="secno">7.2 </span>Tracking Status Value<a class="self-link" aria-label="§" href="#tracking-status-value"></a></h3> <section id="TSV-defn"> <h4 id="x7-2-1-definition"><span class="secno">7.2.1 </span>Definition<a class="self-link" aria-label="§" href="#TSV-defn"></a></h4> <p> A <dfn data-dfn-type="dfn" id="dfn-tracking-status-value">tracking status value</dfn> (<dfn data-dfn-type="dfn" id="dfn-tsv">TSV</dfn>) is a single character response to the user's tracking preference with regard to data collected via the <dfn data-dfn-type="dfn" id="dfn-designated-resource">designated resource</dfn>. For a site-wide tracking status resource, the designated resource is any resource on the same origin server. For a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> response header field, the <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a> of the corresponding request is the designated resource, and remains so for any subsequent request-specific tracking status resource referred to by the Tk field value. </p> <p> The tracking status value is case sensitive, as defined formally by the following ABNF. </p> <pre class="abnf hljs" aria-busy="false">TSV = %x21 ; "!" — under construction / %x3F ; "?" — dynamic / %x47 ; "G" — gateway to multiple parties / %x4E ; "N" — not tracking / %x54 ; "T" — tracking / %x43 ; "C" — tracking with consent / %x50 ; "P" — tracking only if consented / %x44 ; "D" — disregarding DNT / %x55 ; "U" — updated / TSV-extension </pre> </section> <section id="TSV-!"> <h4 id="x7-2-2-under-construction"><span class="secno">7.2.2 </span>Under Construction (!)<a class="self-link" aria-label="§" href="#TSV-!"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-generatedID">!</dfn></code> means that the origin server is currently testing its communication of tracking status. The <code>!</code> value has been provided to ease testing and deployment on production systems during the initial periods of testing compliance and during adjustment periods due to future protocol changes or shifting regulatory constraints. Note that this value does not indicate that the user's preference will be ignored, nor that tracking will occur as a result of accessing the designated resource. </p> </section> <section id="TSV-?"> <h4 id="x7-2-3-dynamic"><span class="secno">7.2.3 </span>Dynamic (?)<a class="self-link" aria-label="§" href="#TSV-?"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-generatedID-0">?</dfn></code> means the origin server needs more information to determine tracking status, usually because the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> dynamically adjusts behavior based on information in a request. </p> <p> If <code>?</code> is present in the site-wide tracking status, the origin server <em class="rfc2119" title="MUST">MUST</em> send a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field in all responses to requests on the designated resource. If <code>?</code> is present in the <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field, more information will be provided in a request-specific tracking status resource referred to by the <a href="#dfn-status-id" class="internalDFN" data-link-type="dfn"><code>status-id</code></a>. An origin server <em class="rfc2119" title="MUST NOT">MUST NOT</em> send <code>?</code> as the tracking status value in the representation of a request-specific tracking status resource. </p> </section> <section id="TSV-G"> <h4 id="x7-2-4-gateway-g"><span class="secno">7.2.4 </span>Gateway (G)<a class="self-link" aria-label="§" href="#TSV-G"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-g">G</dfn></code> means the server is acting as a gateway to an exchange involving multiple parties. This might occur if a response to the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> involves an automated selection process, such as dynamic bidding, where the party that is selected determines how the request data will be treated with respect to an expressed tracking preference. Similar to the <a href="#dfn-generatedID-0" class="internalDFN" data-link-type="dfn"><code>?</code></a> value, the <code>G</code> TSV indicates that the actual tracking status is dynamic and will be provided in the response message's <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field, presumably using information forwarded from the selected party. </p> <p> This tracking status value is only valid as a site-wide status. A server <em class="rfc2119" title="MUST NOT">MUST NOT</em> send <code>G</code> as the tracking status value in a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field or within the representation of a request-specific tracking status resource. </p> <p> If <code>G</code> is present in the site-wide tracking status: </p> <ul> <li>the gateway <em class="rfc2119" title="MUST">MUST</em> send a link within its site-wide tracking status representation to a privacy policy that explains what limitations are placed on parties that might receive data via that gateway;</li> <li>the gateway <em class="rfc2119" title="MUST">MUST</em> forward any expressed tracking preference in the request to each party that receives data from that request;</li> <li>the gateway <em class="rfc2119" title="MUST">MUST</em> have a contract in place with each of the parties to whom it provides request data such that only the selected party is allowed to retain tracking data from a request with an expressed tracking preference of <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a>; and,</li> <li>the gateway <em class="rfc2119" title="MUST">MUST</em> send a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field in responses to requests on the designated resource and include within that field's value a <a href="#dfn-status-id" class="internalDFN" data-link-type="dfn"><code>status-id</code></a> specific to the selected party, such that information about the selected party can be obtained via the request-specific tracking status resource (see <a href="#request-specific-status-resource" class="sectionRef sec-ref">section <span class="secno">7.4.2</span> <span class="sec-title">Request-specific Tracking Status</span></a>).</li> </ul> <p> With respect to tracking performed by the gateway itself, the <code>G</code> response can be considered equivalent to the <a href="#dfn-t" class="internalDFN" data-link-type="dfn"><code>T</code></a> (tracking) response defined below. The other information within the site-wide tracking status representation indicates how the gateway intends to comply with an expressed tracking preference, aside from the potential sharing of data implied by the gateway process. </p> </section> <section id="TSV-N"> <h4 id="x7-2-5-not-tracking-n"><span class="secno">7.2.5 </span>Not Tracking (N)<a class="self-link" aria-label="§" href="#TSV-N"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-n">N</dfn></code> means the origin server claims that data collected via the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> is not used for tracking and will not be combined with other data in a form that would enable tracking. </p> </section> <section id="TSV-T"> <h4 id="x7-2-6-tracking-t"><span class="secno">7.2.6 </span>Tracking (T)<a class="self-link" aria-label="§" href="#TSV-T"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-t">T</dfn></code> means the origin server might perform or enable tracking using data collected via the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a>. Information provided in the tracking status representation might indicate whether such tracking is limited to a set of commonly accepted uses or adheres to one or more compliance regimes. </p> </section> <section id="TSV-C"> <h4 id="x7-2-7-consent-c"><span class="secno">7.2.7 </span>Consent (C)<a class="self-link" aria-label="§" href="#TSV-C"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-c">C</dfn></code> means that the origin server believes it has received prior consent for tracking this user, user agent, or device, perhaps via some mechanism not defined by this specification, and that prior consent overrides the tracking preference expressed by this protocol. An origin server that sends the <code>C</code> tracking status value for a <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> <em class="rfc2119" title="MUST">MUST</em> provide a reference for controlling consent within the <a href="#dfn-config" class="internalDFN" data-link-type="dfn"><code>config</code></a> property of its corresponding tracking status representation (<a href="#status-representation" class="sectionRef sec-ref">section <span class="secno">7.5</span> <span class="sec-title">Tracking Status Representation</span></a>). </p> </section> <section id="TSV-P"> <h4 id="x7-2-8-potential-consent-p"><span class="secno">7.2.8 </span>Potential Consent (P)<a class="self-link" aria-label="§" href="#TSV-P"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-p">P</dfn></code> means that the origin server does not know, in real-time, whether it has received prior consent for tracking this user, user agent, or device, but promises not to use or share any <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> data until such consent has been determined, and further promises to delete or <a href="#dfn-permanently-de-identified">permanently de-identify</a> within forty-eight hours any <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> data received for which such consent has not been received. </p> <p> Since this status value does not itself indicate whether a specific request is tracked, an origin server that sends a <code>P</code> tracking status value <em class="rfc2119" title="MUST">MUST</em> provide a <a href="#dfn-config" class="internalDFN" data-link-type="dfn"><code>config</code></a> property in the corresponding tracking status representation that links to a resource for obtaining consent status. </p> <p> The <code>P</code> tracking status value is specifically meant to address audience survey systems for which determining consent at the time of a request is either impractical, due to legacy systems not being able to keep up with Web traffic, or potentially "gamed" by first party sites if they can determine which of their users have consented. The data cannot be used for the sake of personalization. If consent can be determined at the time of a request, the <a href="#dfn-c" class="internalDFN" data-link-type="dfn"><code>C</code></a> tracking status is preferred. </p> </section> <section id="TSV-D"> <h4 id="x7-2-9-disregarding-d"><span class="secno">7.2.9 </span>Disregarding (D)<a class="self-link" aria-label="§" href="#TSV-D"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-d">D</dfn></code> means that the origin server is unable or unwilling to respect a tracking preference received from the requesting user agent. An origin server that sends the <code>D</code> tracking status value <em class="rfc2119" title="MUST">MUST</em> detail within the server's corresponding privacy policy the conditions under which a tracking preference might be disregarded. </p> <p> For example, an origin server might disregard the DNT field received from specific user agents (or via specific network intermediaries) that are deemed to be non-conforming, might be collecting additional data from specific source network locations due to prior security incidents, or might be compelled to disregard certain DNT requests to comply with a local law, regulation, or order. </p> <div class="note" id="issue-container-generatedID-0"><div role="heading" class="note-title marker" id="h-note-1" aria-level="5"><span>Note</span></div><p class=""> This specification is written with an assumption that the <code>D</code> tracking status value would only be used in situations that can be adequately described to users as an exception to normal behavior. If this turns out not to be the case, either the server's decision to send the <code>D</code> signal needs re-examination, or this specification, or both. </p></div> </section> <section id="TSV-U"> <h4 id="x7-2-10-updated-u"><span class="secno">7.2.10 </span>Updated (U)<a class="self-link" aria-label="§" href="#TSV-U"></a></h4> <p> A tracking status value of <code><dfn data-dfn-type="dfn" id="dfn-u">U</dfn></code> means that the request resulted in a potential change to the tracking status applicable to this user, user agent, or device. A user agent that relies on a cached tracking status <em class="rfc2119" title="SHOULD">SHOULD</em> update the cache entry with the current status by making a new request on the applicable tracking status resource. </p> <p> An origin server <em class="rfc2119" title="MUST NOT">MUST NOT</em> send <code>U</code> as a tracking status value anywhere other than a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field that is in response to a state-changing request. </p> </section> <section id="TSV.extension"> <h4 id="x7-2-11-extensions-to-the-tracking-status-value"><span class="secno">7.2.11 </span>Extensions to the Tracking Status Value<a class="self-link" aria-label="§" href="#TSV.extension"></a></h4> <p> Extensibility of the <a href="#dfn-tsv" class="internalDFN" data-link-type="dfn">TSV</a> set ensures that this protocol will continue to be usable as regional laws and regulatory environments evolve over time and compliance specifications are developed accordingly. </p> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a <dfn data-dfn-type="dfn" id="dfn-tsv-extension">TSV-extension</dfn> character as a <a href="#dfn-tsv" class="internalDFN" data-link-type="dfn">TSV</a> if that extension has been defined by a future version of this specification or a compliance regime identified within the <a href="#dfn-compliance" class="internalDFN" data-link-type="dfn"><code>compliance</code></a> property. Aside from storage or presentation of a server's response, a recipient <em class="rfc2119" title="MUST">MUST</em> treat a TSV-extension value that it does not recognize as if the value was <a href="#dfn-p" class="internalDFN" data-link-type="dfn"><code>P</code></a> (tracking only if consented). </p> <pre class="abnf hljs" aria-busy="false">TSV-extension = %x23-25 ; #$% / %x2A-3B ; *+,-./0-9:; / %x40-42 ; @AB / %x45-46 ; EF / %x48-4D ; HIJKLM / %x4F ; O / %x51-53 ; QRS / %x56-5A ; VWXYZ / %x5F ; _ / %x61-7A ; a-z </pre> </section> </section> <section id="response-header-field"> <h3 id="x7-3-tk-header-field-for-http-responses"><span class="secno">7.3 </span>Tk Header Field for HTTP Responses<a class="self-link" aria-label="§" href="#response-header-field"></a></h3> <section id="Tk-header-defn"> <h4 id="x7-3-1-definition"><span class="secno">7.3.1 </span>Definition<a class="self-link" aria-label="§" href="#Tk-header-defn"></a></h4> <p> The <code><dfn data-dfn-type="dfn" id="dfn-tk">Tk</dfn></code> response header field is a means for indicating the tracking status that applied to the corresponding request. An origin server is <em class="rfc2119" title="REQUIRED">REQUIRED</em> to send a <code>Tk</code> header field if its site-wide tracking status value is <a href="#dfn-generatedID-0" class="internalDFN" data-link-type="dfn"><code>?</code></a> (dynamic) or <a href="#dfn-g" class="internalDFN" data-link-type="dfn"><code>G</code></a> (gateway), or when an interactive change is made to the tracking status and indicated by <a href="#dfn-u" class="internalDFN" data-link-type="dfn"><code>U</code></a> (updated). </p> <pre class="abnf hljs" aria-busy="false">Tk-field-name = "Tk" Tk-field-value = TSV [ ";" status-id ] </pre> <p> The Tk field-value begins with a tracking status value (<a href="#tracking-status-value" class="sectionRef sec-ref">section <span class="secno">7.2</span> <span class="sec-title">Tracking Status Value</span></a>), optionally followed by a semicolon and a <code>status-id</code> that refers to a request-specific tracking status resource (<a href="#referring-status-id" class="sectionRef sec-ref">section <span class="secno">7.3.2</span> <span class="sec-title">Referring to a Request-specific Tracking Status Resource</span></a>). </p> <p> For example, a Tk header field for a resource that claims not to be tracking would look like: </p> <div class="example" id="ex-2-example-2-tk-n"> <div class="marker"><a class="self-link" href="#ex-2-example-2-tk-n">Example 2</a></div> <pre class="hljs http" aria-busy="false"><span class="hljs-attribute">Tk</span>: N</pre> </div> </section> <section id="referring-status-id"> <h4 id="x7-3-2-referring-to-a-request-specific-tracking-status-resource"><span class="secno">7.3.2 </span>Referring to a Request-specific Tracking Status Resource<a class="self-link" aria-label="§" href="#referring-status-id"></a></h4> <p> If an origin server has multiple, request-specific tracking policies, such that the tracking status might differ depending on some aspect of the request (e.g., method, <a href="#dfn-target-resource" class="internalDFN" data-link-type="dfn">target resource</a>, header fields, data, etc.), the origin server can provide an additional subtree of well-known resources corresponding to each of those distinct tracking statuses. The <code><dfn data-dfn-type="dfn" id="dfn-status-id">status-id</dfn></code> portion of the <code>Tk</code> field-value indicates which specific tracking status resource applies to the current request. The <code>status-id</code> is case-sensitive. </p> <pre class="abnf hljs" aria-busy="false">status-id = 1*id-char id-char = ALPHA / DIGIT / "_" / "-" / "+" / "=" / "/" </pre> <p> For example, a response containing </p> <div class="example" id="ex-3-example-3-tk-t-frx42"> <div class="marker"><a class="self-link" href="#ex-3-example-3-tk-t-frx42">Example 3</a></div> <pre class="hljs http" aria-busy="false"><span class="hljs-attribute">Tk</span>: T;fRx42</pre> </div> <p> indicates that data collected via the target resource might be used for tracking and that an applicable tracking status representation can be obtained by performing a retrieval request on </p> <pre aria-busy="false" class="hljs">/.well-known/dnt/fRx42</pre> <p> Note that the <code>status-id</code> is resolved relative to the origin server of the current request. A retrieval request targeting that URI can be redirected, if desired, to some other server. The <code>status-id</code> has been intentionally limited to a small set of characters to encourage use of short tokens instead of potentially long, human-readable strings. </p> <p> If a Tk field-value has a tracking status value of <a href="#dfn-generatedID-0" class="internalDFN" data-link-type="dfn"><code>?</code></a> (dynamic), the origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>status-id</code> in the field-value. </p> </section> <section id="interactive-status-change"> <h4 id="x7-3-3-indicating-an-interactive-status-change"><span class="secno">7.3.3 </span>Indicating an Interactive Status Change<a class="self-link" aria-label="§" href="#interactive-status-change"></a></h4> <p> Interactive mechanisms might be used, beyond the scope of this specification, that have the effect of asking for and obtaining prior consent for tracking, or for modifying prior indications of consent. For example, the tracking status resource's status object defines a <a href="#dfn-config" class="internalDFN" data-link-type="dfn"><code>config</code></a> property that can refer to such a mechanism. Although such out-of-band mechanisms are not defined by this specification, their presence might influence the tracking status object's response value. </p> <p> When an origin server provides a mechanism via HTTP for establishing or modifying out-of-band tracking preferences, the origin server <em class="rfc2119" title="MUST">MUST</em> indicate within the mechanism's response when a state-changing request has resulted in a change to the tracking status for that server. This indication of an interactive status change is accomplished by sending a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field in the response with a tracking status value of <a href="#dfn-u" class="internalDFN" data-link-type="dfn"><code>U</code></a> (updated). </p> <div class="example" id="ex-4-example-4-tk-u"> <div class="marker"><a class="self-link" href="#ex-4-example-4-tk-u">Example 4</a></div> <pre class="hljs http" aria-busy="false"><span class="hljs-attribute">Tk</span>: U</pre> </div> </section> </section> <section id="status-resource"> <h3 id="x7-4-tracking-status-resource"><span class="secno">7.4 </span>Tracking Status Resource<a class="self-link" aria-label="§" href="#status-resource"></a></h3> <section id="site-wide-status-resource"> <h4 id="x7-4-1-site-wide-tracking-status"><span class="secno">7.4.1 </span>Site-wide Tracking Status<a class="self-link" aria-label="§" href="#site-wide-status-resource"></a></h4> <p> A <dfn data-dfn-type="dfn" id="dfn-site-wide-tracking-status-resource">site-wide tracking status resource</dfn> provides information about the potential tracking behavior of resources located at that origin server. A site-wide tracking status resource has the well-known identifier </p> <pre aria-busy="false" class="hljs">/.well-known/dnt/</pre> <p> relative to the origin server's URI [<cite><a class="bibref" href="#bib-rfc5785">RFC5785</a></cite>]. </p> <p> An origin server that receives a valid <code>GET</code> request targeting its site-wide tracking status resource <em class="rfc2119" title="MUST">MUST</em> send either a successful response containing a machine-readable representation of the site-wide tracking status, as defined below, or a sequence of redirects that leads to such a representation. Failure to provide access to such a representation implies that the origin server does not implement this protocol. The representation can be cached, as described in <a href="#status-caching" class="sectionRef sec-ref">section <span class="secno">7.4.4</span> <span class="sec-title">Caching</span></a>. </p> <p> See <a href="#use-cases" class="sectionRef sec-ref">section <span class="secno">8.</span> <span class="sec-title">Use Cases</span></a> for examples of how tracking status resources can be used to discover support for this protocol. </p> </section> <section id="request-specific-status-resource"> <h4 id="x7-4-2-request-specific-tracking-status"><span class="secno">7.4.2 </span>Request-specific Tracking Status<a class="self-link" aria-label="§" href="#request-specific-status-resource"></a></h4> <p> If an origin server has multiple, request-specific tracking policies, such that the tracking status might differ depending on some aspect of the request (e.g., method, target resource, header fields, data, etc.), the origin server can provide an additional subtree of well-known resources corresponding to each of those distinct tracking statuses. The <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> response header field (<a href="#response-header-field" class="sectionRef sec-ref">section <span class="secno">7.3</span> <span class="sec-title">Tk Header Field for HTTP Responses</span></a>) can include a <a href="#dfn-status-id" class="internalDFN" data-link-type="dfn"><code>status-id</code></a> to indicate which specific tracking status resource applies to the current request. </p> <p> A <dfn data-dfn-type="dfn" id="dfn-tracking-status-resource-space">tracking status resource space</dfn> is defined by the following URI Template [<cite><a class="bibref" href="#bib-rfc6570">RFC6570</a></cite>]: </p> <pre aria-busy="false" class="hljs">/.well-known/dnt/{+status-id}</pre> <p> where the value of <a href="#dfn-status-id" class="internalDFN" data-link-type="dfn"><code>status-id</code></a> is a string of URI-safe characters provided by a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> field-value in response to a prior request. For example, a prior response containing </p> <div class="example" id="ex-5-example-5-tk-ahoy"> <div class="marker"><a class="self-link" href="#ex-5-example-5-tk-ahoy">Example 5</a></div> <pre class="hljs http" aria-busy="false"><span class="hljs-attribute">Tk</span>: ?;ahoy</pre> </div> <p> refers to the specific tracking status resource </p> <pre aria-busy="false" class="hljs">/.well-known/dnt/ahoy</pre> <p> Resources within the request-specific tracking status resource space are represented using the same format as a site-wide tracking status resource. </p> </section> <section id="status-checks-not-tracked"> <h4 id="x7-4-3-status-checks-are-not-tracked"><span class="secno">7.4.3 </span>Status Checks are Not Tracked<a class="self-link" aria-label="§" href="#status-checks-not-tracked"></a></h4> <p> When sending a request for the tracking status, a user agent <em class="rfc2119" title="SHOULD">SHOULD</em> include any cookie data [<cite><a class="bibref" href="#bib-rfc6265">RFC6265</a></cite>] (set prior to the request) that would be sent in a normal request to that origin server, since that data might be needed by the server to determine the current tracking status. For example, the cookie data might indicate a prior out-of-band decision by the user to opt-out or consent to tracking by that origin server. </p> <p> An origin server <em class="rfc2119" title="MUST NOT">MUST NOT</em> retain tracking data regarding requests on the site-wide tracking status resource or within the tracking status resource space, regardless of the presence, absence, or value of a DNT header field, cookies, or any other information in the request. In addition, an origin server <em class="rfc2119" title="MUST NOT">MUST NOT</em> send Set-Cookie or Set-Cookie2 header fields in responses to those requests, including the responses to redirected tracking status requests, and <em class="rfc2119" title="MUST NOT">MUST NOT</em> send a response having content that initiates tracking beyond what was already present in the request. A user agent <em class="rfc2119" title="SHOULD">SHOULD</em> ignore, or treat as an error, any Set-Cookie or Set-Cookie2 header field received in such a response. </p> </section> <section id="status-caching"> <h4 id="x7-4-4-caching"><span class="secno">7.4.4 </span>Caching<a class="self-link" aria-label="§" href="#status-caching"></a></h4> <p> If the tracking status is applicable to all users, regardless of the received <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> field-value and other data received via the request, then the origin server <em class="rfc2119" title="SHOULD">SHOULD</em> mark the response as cacheable [<cite><a class="bibref" href="#bib-rfc7234">RFC7234</a></cite>] and assign a time-to-live (expiration or max-use) that is sufficient to enable shared caching but not greater than the earliest point at which the service's tracking behavior might increase. </p> <p> For example, if the tracking status response is set to expire in seven days, then the earliest point in time that the service's tracking behavior can be increased is seven days after the tracking status representation has been updated to reflect the new behavior, since old copies might persist in caches until the expiration is triggered. A service's tracking behavior can be reduced at any time, with or without a corresponding change to the tracking status resource. </p> <p> If the tracking status is only applicable to users that have the same <a href="#dfn-dnt" class="internalDFN" data-link-type="dfn"><code>DNT</code></a> field-value, the origin server <em class="rfc2119" title="MUST">MUST</em> send a Vary header field that includes "DNT" in its field-value or a Cache-Control header field containing one of the following directives: "private", "no-cache", "no-store", or "max-age=0". </p> <p> If the tracking status is only applicable to the specific user that requested it, then the origin server <em class="rfc2119" title="MUST">MUST</em> send a Cache-Control header field containing one of the following directives: "private", "no-cache", or "no-store". </p> <p> Regardless of the cache-control settings, it is expected that user agents will check the tracking status of a service only once per session (at most). A public Internet site that intends to change its tracking status to increase tracking behavior <em class="rfc2119" title="MUST">MUST</em> update the tracking status resource in accordance with that planned behavior at least twenty-four hours prior to activating that new behavior on the service. </p> <p> A user agent that adjusts behavior based on active verification of tracking status, relying on cached tracking status responses to do so, <em class="rfc2119" title="SHOULD">SHOULD</em> check responses to its state-changing requests (e.g., POST, PUT, DELETE, etc.) for a <a href="#dfn-tk" class="internalDFN" data-link-type="dfn"><code>Tk</code></a> header field with the <a href="#dfn-u" class="internalDFN" data-link-type="dfn"><code>U</code></a> tracking status value, as described in <a href="#interactive-status-change" class="sectionRef sec-ref">section <span class="secno">7.3.3</span> <span class="sec-title">Indicating an Interactive Status Change</span></a>. </p> </section> </section> <section id="status-representation"> <h3 id="x7-5-tracking-status-representation"><span class="secno">7.5 </span>Tracking Status Representation<a class="self-link" aria-label="§" href="#status-representation"></a></h3> <p> For each tracking status resource, an origin server <em class="rfc2119" title="MUST">MUST</em> provide a valid representation using the <code><dfn data-dfn-type="dfn" id="dfn-application-tracking-status-json">application/tracking-status+json</dfn></code> media type. This media type consists of a <a href="#dfn-status-object" class="internalDFN" data-link-type="dfn">status object</a> serialized as JSON [<cite><a class="bibref" href="#bib-rfc8259">RFC8259</a></cite>]. More information about the <code>application/tracking-status+json</code> media type can be found in <a href="#registrations" class="sectionRef sec-ref">section <span class="secno">B.</span> <span class="sec-title">Registrations</span></a>. </p> <section id="rep.status-object"> <h4 id="x7-5-1-status-object"><span class="secno">7.5.1 </span>Status Object<a class="self-link" aria-label="§" href="#rep.status-object"></a></h4> <p> A tracking status representation consists of a single <dfn data-dfn-type="dfn" id="dfn-status-object">status object</dfn> containing properties that describe the tracking status applicable to the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a>. Most of the properties are optional and can be <a href="#rep.extension">extended over time</a>, as illustrated by the following Orderly schema [<cite><a class="bibref" href="#bib-orderly">Orderly</a></cite>]: </p> <pre class="orderly hljs" aria-busy="false">object { string tracking; // TSV array { string; } compliance?; // hrefs string qualifiers?; // compliance flags array { string; } controller?; // hrefs array { string; } same-party?; // domains array { string; } audit?; // hrefs string policy?; // href string config?; // href }*; </pre> <p> The following example representation demonstrates a status object with all of the properties defined by this specification. </p> <div class="example" id="ex-6-example-6-tracking-t-compliance-https-acme-example-org-tracking101-qualifiers-afc-controller-https-www-example-com-privacy-same-party-example-com-example_vids-net-example_stats-com-audit-http-auditor-example-org-727073-policy-privacy-html-tracking-config-http-example-com-your-data"> <div class="marker"><a class="self-link" href="#ex-6-example-6-tracking-t-compliance-https-acme-example-org-tracking101-qualifiers-afc-controller-https-www-example-com-privacy-same-party-example-com-example_vids-net-example_stats-com-audit-http-auditor-example-org-727073-policy-privacy-html-tracking-config-http-example-com-your-data">Example 6</a></div> <pre class="hljs json" aria-busy="false">{ <span class="hljs-attr">"tracking"</span>: <span class="hljs-string">"T"</span>, <span class="hljs-attr">"compliance"</span>: [<span class="hljs-string">"https://acme.example.org/tracking101"</span>], <span class="hljs-attr">"qualifiers"</span>: <span class="hljs-string">"afc"</span>, <span class="hljs-attr">"controller"</span>: [<span class="hljs-string">"https://www.example.com/privacy"</span>], <span class="hljs-attr">"same-party"</span>: [ <span class="hljs-string">"example.com"</span>, <span class="hljs-string">"example_vids.net"</span>, <span class="hljs-string">"example_stats.com"</span> ], <span class="hljs-attr">"audit"</span>: [ <span class="hljs-string">"http://auditor.example.org/727073"</span> ], <span class="hljs-attr">"policy"</span>: <span class="hljs-string">"/privacy.html#tracking"</span>, <span class="hljs-attr">"config"</span>: <span class="hljs-string">"http://example.com/your/data"</span> }</pre> </div> </section> <section id="rep.tracking"> <h4 id="x7-5-2-tracking-property"><span class="secno">7.5.2 </span>Tracking Property<a class="self-link" aria-label="§" href="#rep.tracking"></a></h4> <p> A <a href="#dfn-status-object" class="internalDFN" data-link-type="dfn">status object</a> <em class="rfc2119" title="MUST">MUST</em> have a property named <code>tracking</code> with a string value containing the tracking status value (<a href="#tracking-status-value" class="sectionRef sec-ref">section <span class="secno">7.2</span> <span class="sec-title">Tracking Status Value</span></a>) applicable to the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a>. </p> <p> For example, the following demonstrates a minimal tracking status representation that is applicable to any resource that does not perform tracking. </p> <div class="example" id="ex-7-example-7-tracking-n"> <div class="marker"><a class="self-link" href="#ex-7-example-7-tracking-n">Example 7</a></div> <pre class="hljs json" aria-busy="false">{<span class="hljs-attr">"tracking"</span>: <span class="hljs-string">"N"</span>}</pre> </div> </section> <section id="rep.compliance"> <h4 id="x7-5-3-compliance-property"><span class="secno">7.5.3 </span>Compliance Property<a class="self-link" aria-label="§" href="#rep.compliance"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-compliance">compliance</dfn></code> with an array value containing a list of URI references that identify specific regimes to which the origin server claims to comply for the designated resource. Communicating such a claim of compliance is presumed to improve transparency, which might influence a user's decisions or configurations regarding allowed tracking. </p> <p> If an origin server sends a <a href="#dfn-tsv-extension" class="internalDFN" data-link-type="dfn">TSV-extension</a> or an <a href="#rep.extension">extension property in the status object</a> that is not defined by successors of this specification, the origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>compliance</code> property that contains a reference to the definitive specification of that extension. If more than one reference in the <code>compliance</code> array defines the same extension value, the origin server <em class="rfc2119" title="SHOULD">SHOULD</em> list the array of references in order by intended precedence. </p> </section> <section id="rep.qualifiers"> <h4 id="x7-5-4-qualifiers-property"><span class="secno">7.5.4 </span>Qualifiers Property<a class="self-link" aria-label="§" href="#rep.qualifiers"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-qualifiers">qualifiers</dfn></code> with a string value containing a sequence of case sensitive characters corresponding to explanations or limitations on the extent of tracking. Multiple qualifiers indicate that multiple explanations or forms of tracking might apply for the designated resource. The meaning of each qualifier is presumed to be defined by one or more of the regimes listed in <a href="#dfn-compliance" class="internalDFN" data-link-type="dfn"><code>compliance</code></a>. </p> </section> <section id="rep.controller"> <h4 id="x7-5-5-controller-property"><span class="secno">7.5.5 </span>Controller Property<a class="self-link" aria-label="§" href="#rep.controller"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-controller">controller</dfn></code> with an array value containing a list of URI references indirectly identifying the party or set of parties that claims to be the responsible data controller for personal data collected via the designated resource. An origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>controller</code> property if the responsible data controller does not own the designated resource's domain name. </p> <p> An origin server that does not send <code>controller</code> is implying that its domain owner is the sole data controller; information about the data controller ought to be found on the designated resource's site root page, or by way of a clearly indicated link from that page (i.e., an absent controller property is equivalent to: <code>"controller":["/"]</code>). </p> <p> If the <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> has joint data controllers (i.e., multiple parties have independent control over the collected data), the origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>controller</code> property that contains a reference for each data controller. </p> <p> Each URI reference provided in <code>controller</code> ought to refer to a resource that, if a retrieval action is performed on that URI, would provide the user with information regarding (at a minimum) the identity of the corresponding party and its data collection practices. </p> </section> <section id="rep.same-party"> <h4 id="x7-5-6-same-party-property"><span class="secno">7.5.6 </span>Same-party Property<a class="self-link" aria-label="§" href="#rep.same-party"></a></h4> <p> Since a user's experience on a given site might be composed of resources that are assembled from multiple domains, it might be useful for a site to distinguish those domains that are subject to their own control (i.e., share the same data controller as the referring site). An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-same-party">same-party</dfn></code> with an array value containing a list of domain names that the origin server claims are the same party, to the extent they are referenced by the designated resource, if all data collected via those references share the same data controller as the designated resource. </p> <p> A user agent might use the <code>same-party</code> array, when provided, to inform or enable different behavior for references that are claimed to be same-party versus those for which no claim is made. For example, a user agent might choose to exclude, or perform additional pre-flight verification of, requests to other domains that have not been claimed as same-party by the referring site. </p> </section> <section id="rep.audit"> <h4 id="x7-5-7-audit-property"><span class="secno">7.5.7 </span>Audit Property<a class="self-link" aria-label="§" href="#rep.audit"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-audit">audit</dfn></code> with an array value containing a list of URI references to external audits of the designated resource's privacy policy and tracking behavior. Preferably, the audit references are to resources that describe the auditor and the results of that audit; however, if such a resource is not available, a reference to the auditor is sufficient. </p> </section> <section id="rep.policy"> <h4 id="x7-5-8-policy-property"><span class="secno">7.5.8 </span>Policy Property<a class="self-link" aria-label="§" href="#rep.policy"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-policy">policy</dfn></code> with a string value containing a URI reference to a human-readable document that describes the relevant privacy policy for the designated resource. This document can inform users about data that might be collected when the designated resource is accessed and how collection, use, or sharing of such data might differ based on receipt of an expressed tracking preference (<a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> or <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a>). </p> <p> An origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>policy</code> property if that server is the <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a> of a script that calls the JavaScript API for storing a <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a>, as described in <a href="#exception-granting" class="sectionRef sec-ref">section <span class="secno">6.3</span> <span class="sec-title">Granting an Exception</span></a>. </p> <p> The content of such a policy document is beyond the scope of this protocol and only supplemental to what is described in the machine-readable tracking status representation. If no <code>policy</code> property is provided, this information might be obtained via the links provided in <a href="#dfn-controller" class="internalDFN" data-link-type="dfn"><code>controller</code></a>. </p> <p> If the policy associated with a designated resource happens to be defined as a common standard that is applicable to multiple sites, or includes such a standard by reference, that standard ought to be referenced by a URI within the machine-readable <a href="#dfn-compliance" class="internalDFN" data-link-type="dfn"><code>compliance</code></a> property. </p> </section> <section id="rep.config"> <h4 id="x7-5-9-config-property"><span class="secno">7.5.9 </span>Config Property<a class="self-link" aria-label="§" href="#rep.config"></a></h4> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send a property named <code><dfn data-dfn-type="dfn" id="dfn-config">config</dfn></code> with a string value containing a URI reference to a resource for giving the user control over personal data collected via the designated resource (and possibly other resources). If the tracking status value indicates prior consent (<a href="#dfn-c" class="internalDFN" data-link-type="dfn"><code>C</code></a>), the origin server <em class="rfc2119" title="MUST">MUST</em> send a <code>config</code> property referencing a resource that describes how such consent is established and how to revoke that consent. </p> <p> A config resource might include the ability to review past data collected, delete some or all of the data, provide additional data (if desired), or <q>opt-in</q>, <q>opt-out</q>, or otherwise modify an out-of-band consent status regarding data collection. The design of such a resource, the extent to which it can provide access to that data, and how one might implement an out-of-band consent mechanism are beyond the scope of this protocol. </p> <p> If no <code>config</code> property is provided, this information might be obtained via the links provided in <a href="#dfn-controller" class="internalDFN" data-link-type="dfn"><code>controller</code></a> or <a href="#dfn-policy" class="internalDFN" data-link-type="dfn"><code>policy</code></a>. </p> </section> <section id="rep.extension"> <h4 id="x7-5-10-extensions-to-the-status-object"><span class="secno">7.5.10 </span>Extensions to the Status Object<a class="self-link" aria-label="§" href="#rep.extension"></a></h4> <p> Extensibility of the status object ensures that this protocol will continue to be usable as regional laws and regulatory environments evolve over time and compliance specifications are developed accordingly. </p> <p> An origin server <em class="rfc2119" title="MAY">MAY</em> send additional properties in the <a href="#dfn-status-object" class="internalDFN" data-link-type="dfn">status object</a> if those extensions have been defined by a future version of this specification or a compliance regime identified within the <a href="#dfn-compliance" class="internalDFN" data-link-type="dfn"><code>compliance</code></a> property. Aside from storage or presentation of a server's response, a recipient <em class="rfc2119" title="MUST">MUST</em> ignore extension properties that it does not recognize. </p> </section> </section> <section id="response-error"> <h3 id="x7-6-status-code-for-tracking-required"><span class="secno">7.6 </span>Status Code for Tracking Required<a class="self-link" aria-label="§" href="#response-error"></a></h3> <p> If an origin server receives a request with <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a>, does not have out-of-band consent for tracking this user, and wishes to deny access to the requested resource until the user provides some form of user-granted exception or consent for tracking, then the origin server <em class="rfc2119" title="SHOULD">SHOULD</em> send a 409 (Conflict) response with a message payload that describes why the request has been refused and how one might supply the required consent or exception to avoid this conflict [<cite><a class="bibref" href="#bib-rfc7231">RFC7231</a></cite>]. </p> <p> The 409 response ought to include a user authentication mechanism in the header fields and/or message body if user login is one of the ways through which access is granted. </p> </section> </section> <section id="use-cases" class="informative"> <!--OddPage--><h2 id="x8-use-cases"><span class="secno">8. </span>Use Cases<a class="self-link" aria-label="§" href="#use-cases"></a></h2><p><em>This section is non-normative.</em></p> <div class="ednote" id="issue-container-generatedID-1"><div role="heading" class="ednote-title marker" id="h-ednote" aria-level="3"><span>Editor's note</span></div><p class=""> This section is for collecting use cases that describe questions a user agent might have about tracking status and how the protocol can be used to answer such questions. More cases are needed. </p></div> <section id="using-deployment"> <h3 id="x8-1-discovering-deployment"><span class="secno">8.1 </span>Discovering Deployment<a class="self-link" aria-label="§" href="#using-deployment"></a></h3> <p> Deployment of this protocol for a given service can be discovered by making a retrieval request on the site-wide tracking resource <q><code>/.well-known/dnt/</code></q> relative to the service URI. </p> <p> If the response is an error, then the service does not implement this standard. If the response is a redirect, then follow the redirect to obtain the tracking status (up to some reasonable maximum of redirects to avoid misconfigured infinite request loops). If the response is successful, obtain the tracking status representation from the message payload, if possible, or consider it an error. </p> </section> <section id="using-preflight"> <h3 id="x8-2-preflight-checks"><span class="secno">8.2 </span>Preflight Checks<a class="self-link" aria-label="§" href="#using-preflight"></a></h3> <p> A key advantage of providing the tracking status at a resource separate from the site's normal services is that the status can be accessed and reviewed prior to making use of those services. </p> <p> A user agent can check the tracking status for a <a href="#dfn-designated-resource" class="internalDFN" data-link-type="dfn">designated resource</a> by first making a retrieval request for the site-wide tracking status representation, as described above, and then parsing the representation as JSON to extract the <a href="#dfn-status-object" class="internalDFN" data-link-type="dfn">status object</a>. If the retrieval is unsuccessful or parsing results in a syntax error, the user agent ought to consider the site to be non-conformant with this protocol. </p> <p> The <a href="#dfn-status-object" class="internalDFN" data-link-type="dfn">status object</a> is supposed to have a property named <code>tracking</code> containing the tracking status value. The meaning of each tracking status value is defined in <a href="#tracking-status-value" class="sectionRef sec-ref">section <span class="secno">7.2</span> <span class="sec-title">Tracking Status Value</span></a>. </p> <p> If the tracking status value is <a href="#dfn-n" class="internalDFN" data-link-type="dfn"><code>N</code></a>, then the origin server claims that no tracking is performed for the designated resource for at least the next 24 hours or until the Cache-Control information indicates that this response expires. </p> <p> If the tracking status value is not <a href="#dfn-n" class="internalDFN" data-link-type="dfn"><code>N</code></a>, then the origin server claims that it might track the user agent for requests on the URI being checked for at least the next 24 hours or until the Cache-Control information indicates that this response expires. </p> </section> </section> <section id="security"> <!--OddPage--><h2 id="x9-security-considerations"><span class="secno">9. </span>Security Considerations<a class="self-link" aria-label="§" href="#security"></a></h2> <p> Information communicated via the DNT header field is minimized to avoid abuse of the field for fingerprinting or as a side-channel. However, future DNT-extensions might allow for the sending of additional information when signaling consent for tracking via <a href="#dfn-dnt-0" class="internalDFN" data-link-type="dfn"><code>DNT:0</code></a>, since this consent mechanism is intended to be more persistent than cookies and could be used to convey a pseudonymous identifier as a user-preferred alternative to allowing a cookie to be set. </p> <p> Use of client-side storage is always a security concern. Although the information being stored for each <a href="#dfn-user-granted-exception" class="internalDFN" data-link-type="dfn">user-granted exception</a> is limited and cannot be directly accessed by scripts, storing too many exceptions might exceed available storage or indicate an attempt to exploit other vulnerabilities. </p> <p> There are also security concerns regarding the ability of scripts to store exceptions beyond the scope of their <a href="#dfn-effective-script-origin" class="internalDFN" data-link-type="dfn">effective script origin</a>. See the <a href="#api-security">note about API security</a> in <a href="#exception-javascript-api-store" class="sectionRef sec-ref">section <span class="secno">6.6.1</span> <span class="sec-title">API to Store a Tracking Exception</span></a>. </p> </section> <section id="privacy"> <!--OddPage--><h2 id="x10-privacy-considerations"><span class="secno">10. </span>Privacy Considerations<a class="self-link" aria-label="§" href="#privacy"></a></h2> <section id="privacy.not-preconfigured"> <h3 id="x10-1-why-dnt-1-is-not-preconfigured-by-default"><span class="secno">10.1 </span>Why DNT:1 is Not Preconfigured by Default<a class="self-link" aria-label="§" href="#privacy.not-preconfigured"></a></h3> <p> This specification defines a protocol for communicating the user's tracking preference, not a protocol that prevents tracking on its own. It might be tempting to assume that <q>design for privacy</q> would justify calling for <a href="#dfn-dnt-1" class="internalDFN" data-link-type="dfn"><code>DNT:1</code></a> to be preconfigured as the default for all user agents. However, that would violate the field's semantics, make its presence in a request meaningless, and add eight extra bytes to every HTTP request (with no effect). </p> <p> The DNT signal alone does nothing to enhance a user's privacy. It is only when recipients believe that the signal has been deliberately and knowingly configured, and not defined as a default, that they will consider it to be the user's preference. Furthermore, when no signal is sent, recipients remain subject to whatever regulatory, legal, or other regional requirements regarding tracking exist in the absence of consent. </p> </section> <section id="privacy.fingerprinting"> <h3 id="x10-2-fingerprinting"><span class="secno">10.2 </span>Fingerprinting<a class="self-link" aria-label="§" href="#privacy.fingerprinting"></a></h3> <p> User-granted exceptions introduce a privacy risk. By storing client-side configurable state and providing functionality to learn about it later, the user-granted exceptions API might facilitate user fingerprinting and tracking. User agent developers ought to consider the possibility of fingerprinting during implementation and might consider rate-limiting requests or using other heuristics to mitigate fingerprinting risk. </p> </section> <section id="privacy.history"> <h3 id="x10-3-stored-exceptions-are-stored-history"><span class="secno">10.3 </span>Stored Exceptions are Stored History<a class="self-link" aria-label="§" href="#privacy.history"></a></h3> <p> A database of stored exceptions is effectively storing a local history of the sites browsed by the user over time. Separate databases are needed per user profile (and per incognito session) and ought to be protected from observation. A user might wish to clear stored exceptions, or clear the database as a whole, but as a separate action from clearing the visible browser history. </p> </section> </section> <section id="acks" class="appendix"> <!--OddPage--><h2 id="a-acknowledgements"><span class="secno">A. </span>Acknowledgements<a class="self-link" aria-label="§" href="#acks"></a></h2> <p> This specification consists of input from many discussions within and around the <abbr title="World Wide Web Consortium">W3C</abbr> Tracking Protection Working Group, along with written contributions from Adrian&nbsp;Bateman (Microsoft), Justin&nbsp;Brookman (CDT), Nick&nbsp;Doty (<abbr title="World Wide Web Consortium">W3C</abbr>/<abbr title="Massachusetts Institute of Technology">MIT</abbr>), Marcos&nbsp;Caceres (Mozilla), Rob&nbsp;van&nbsp;Eijk (Invited Expert), Roy&nbsp;T.&nbsp;Fielding (Adobe), Vinay&nbsp;Goel (Adobe), Tom&nbsp;Lowenthal (Mozilla), Jonathan&nbsp;Mayer (Stanford), Aleecia&nbsp;M.&nbsp;McDonald (Stanford), Mike&nbsp;O'Neill (Baycloud Systems), Matthias&nbsp;Schunter (Intel), John&nbsp;Simpson (Consumer Watchdog), David&nbsp;Singer (Apple), Rigo&nbsp;Wenning (<abbr title="World Wide Web Consortium">W3C</abbr>/<abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr>), Shane&nbsp;Wiley (Yahoo!), and Andy&nbsp;Zeigler (Microsoft). </p> <p> The DNT header field is based on the original <em>Do Not Track</em> submission by Jonathan&nbsp;Mayer (Stanford), Arvind&nbsp;Narayanan (Stanford), and Sid&nbsp;Stamm (Mozilla). The JavaScript DOM property for <code>doNotTrack</code> is based on the <em>Web Tracking Protection</em> submission by Andy&nbsp;Zeigler, Adrian&nbsp;Bateman, and Eliot&nbsp;Graff (Microsoft). Many thanks to Robin&nbsp;Berjon for ReSpec.js. </p> </section> <section id="registrations" class="appendix"> <!--OddPage--><h2 id="b-registrations"><span class="secno">B. </span>Registrations<a class="self-link" aria-label="§" href="#registrations"></a></h2> <section id="reg.tracking-status.json"> <h3 id="b-1-registration-of-application-tracking-status-json"><span class="secno">B.1 </span>Registration of application/tracking-status+json<a class="self-link" aria-label="§" href="#reg.tracking-status.json"></a></h3> <p> The media type <a href="#dfn-application-tracking-status-json" class="internalDFN" data-link-type="dfn"><code>application/tracking-status+json</code></a> is used for tracking status representations (<a href="#status-representation" class="sectionRef sec-ref">section <span class="secno">7.5</span> <span class="sec-title">Tracking Status Representation</span></a>). </p> <dl> <dt>Type name:</dt><dd>application</dd> <dt>Subtype name:</dt><dd>tracking-status+json</dd> <dt>Required parameters:</dt><dd>N/A</dd> <dt>Optional parameters:</dt><dd>N/A</dd> <dt>Encoding considerations:</dt><dd>binary</dd> <dt>Security considerations:</dt> <dd>See JSON [RFC8259], Section 12.</dd> <dt>Interoperability considerations:</dt><dd>N/A</dd> <dt>Published specification:</dt> <dd>Tracking Preference Expression (DNT), <a href="#status-representation" class="sectionRef sec-ref">section <span class="secno">7.5</span> <span class="sec-title">Tracking Status Representation</span></a>.<br> https://www.w3.org/TR/tracking-dnt/</dd> <dt>Applications that use this media type:</dt><dd>N/A</dd> <dt>Fragment identifier considerations:</dt><dd>N/A</dd> <dt>Additional information:</dt> <dd> Deprecated alias names for this type: N/A<br> Magic number(s): N/A<br> File extension(s): N/A<br> Macintosh file type code(s): N/A </dd> <dt>Person &amp; email address to contact for further information:</dt> <dd><abbr title="World Wide Web Consortium">W3C</abbr> Tracking Protection Working Group &lt;public-tracking@w3.org&gt;</dd> <dt>Intended usage:</dt><dd>COMMON</dd> <dt>Restrictions on usage:</dt><dd>N/A</dd> <dt>Author(s):</dt><dd>Roy T. Fielding and David Singer</dd> <dt>Change controller:</dt><dd><abbr title="World Wide Web Consortium">W3C</abbr></dd> </dl> </section> <section id="reg.DNT"> <h3 id="b-2-registration-of-dnt-header-field"><span class="secno">B.2 </span>Registration of DNT Header Field<a class="self-link" aria-label="§" href="#reg.DNT"></a></h3> <p> The DNT header field, defined in <a href="#dnt-header-field" class="sectionRef sec-ref">section <span class="secno">5.2</span> <span class="sec-title">DNT Header Field for HTTP Requests</span></a>, is to be registered in the Message Headers registry for the protocol "http" [<cite><a class="bibref" href="#bib-rfc3864">RFC3864</a></cite>]. </p> <p> DNT's use by this specification is limited to providing control data within an HTTP request consisting of a single value that excludes the comma list separator; multiple DNT header fields per message are not allowed. DNT is intended to pass through intermediaries unmodified and end-to-end; it is not intended to be listed in Connection. Although unlikely to be used in a PUT request, the field is not part of a representation and is not intended to be stored as such. </p> <p> Both <a href="#dnt-header-field">DNT</a> and <a href="#response-header-field">Tk</a> have been specifically designed to avoid the need for responses that vary based on DNT value. However, a server that chooses to generate different content based on the received value of DNT can indicate that by including the DNT field name within a Vary header field of its response. </p> </section> <section id="reg.Tk"> <h3 id="b-3-registration-of-tk-header-field"><span class="secno">B.3 </span>Registration of Tk Header Field<a class="self-link" aria-label="§" href="#reg.Tk"></a></h3> <p> The Tk header field, defined in <a href="#response-header-field" class="sectionRef sec-ref">section <span class="secno">7.3</span> <span class="sec-title">Tk Header Field for HTTP Responses</span></a>, is to be registered in the Message Headers registry for the protocol "http" [<cite><a class="bibref" href="#bib-rfc3864">RFC3864</a></cite>]. </p> <p> Tk's use by this specification is limited to providing control data within an HTTP response consisting of a single value that excludes the comma list separator; multiple Tk header fields per message are not allowed. Tk is intended to pass through intermediaries unmodified and end-to-end; it is not intended to be listed in Connection. </p> </section> <section id="reg.well-known.dnt"> <h3 id="b-4-registration-of-uri-well-known-dnt"><span class="secno">B.4 </span>Registration of URI /.well-known/dnt<a class="self-link" aria-label="§" href="#reg.well-known.dnt"></a></h3> <p> The well-known URI space for tracking status resources, defined in <a href="#status-resource" class="sectionRef sec-ref">section <span class="secno">7.4</span> <span class="sec-title">Tracking Status Resource</span></a>, is to be registered in the Well-Known URIs registry [<cite><a class="bibref" href="#bib-rfc5785">RFC5785</a></cite>]. </p> </section> </section> <section id="changes" class="appendix"> <!--OddPage--><h2 id="c-changes"><span class="secno">C. </span>Changes<a class="self-link" aria-label="§" href="#changes"></a></h2> <section id="changes-CR2" class="appendix"> <h3 id="c-1-since-second-cr"><span class="secno">C.1 </span>Since Second CR<a class="self-link" aria-label="§" href="#changes-CR2"></a></h3> <p> The name and explanation parameters on tracking exceptions have been further defined as UTF-8 and in the same natural language as used for informing consent. </p> <p> Appendices have been added for registration of DNT and Tk header fields, plus registration of well-known dnt URI space. </p> </section> <section id="changes-CR1" class="appendix"> <h3 id="c-2-since-first-cr"><span class="secno">C.2 </span>Since First CR<a class="self-link" aria-label="§" href="#changes-CR1"></a></h3> <p> The client-side scripting API has been rewritten to use fewer functions and to return Promises. The API names have also been changed to prevent confusion with potential deployments of the prior API. </p> <p> The terminology for browsing context, top-level origin, and domain has been updated to use terms from HTML5. </p> <p> The specification now defines how to extend the Tk header field (e.g., to comply with possible future legal requirements). No such extensions are currently known. </p> <p> The ability to add extensions to the DNT header field is no longer marked “at risk” because the group considers that this feature cannot be removed. </p> </section> </section><section id="references" class="appendix"> <!--OddPage--><h2 id="d-references"><span class="secno">D. </span>References<a class="self-link" aria-label="§" href="#references"></a></h2> <section id="normative-references"> <h3 id="d-1-normative-references"><span class="secno">D.1 </span>Normative references<a class="self-link" aria-label="§" href="#normative-references"></a></h3> <dl class="bibliography"> <dt id="bib-html51">[HTML51]</dt><dd><a href="https://www.w3.org/TR/html51/"><cite>HTML 5.1 2nd Edition</cite></a>. Steve Faulkner; Arron Eicholz; Travis Leithead; Alex Danilo. W3C. 3 October 2017. W3C Recommendation. URL: <a href="https://www.w3.org/TR/html51/">https://www.w3.org/TR/html51/</a></dd><dt id="bib-rfc2119">[RFC2119]</dt><dd><a href="https://tools.ietf.org/html/rfc2119"><cite>Key words for use in RFCs to Indicate Requirement Levels</cite></a>. S. Bradner. IETF. March 1997. Best Current Practice. URL: <a href="https://tools.ietf.org/html/rfc2119">https://tools.ietf.org/html/rfc2119</a></dd><dt id="bib-rfc3986">[RFC3986]</dt><dd><a href="https://tools.ietf.org/html/rfc3986"><cite>Uniform Resource Identifier (URI): Generic Syntax</cite></a>. T. Berners-Lee; R. Fielding; L. Masinter. IETF. January 2005. Internet Standard. URL: <a href="https://tools.ietf.org/html/rfc3986">https://tools.ietf.org/html/rfc3986</a></dd><dt id="bib-rfc5234">[RFC5234]</dt><dd><a href="https://tools.ietf.org/html/rfc5234"><cite>Augmented BNF for Syntax Specifications: ABNF</cite></a>. D. Crocker, Ed.; P. Overell. IETF. January 2008. Internet Standard. URL: <a href="https://tools.ietf.org/html/rfc5234">https://tools.ietf.org/html/rfc5234</a></dd><dt id="bib-rfc6265">[RFC6265]</dt><dd><a href="https://tools.ietf.org/html/rfc6265"><cite>HTTP State Management Mechanism</cite></a>. A. Barth. IETF. April 2011. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc6265">https://tools.ietf.org/html/rfc6265</a></dd><dt id="bib-rfc7230">[RFC7230]</dt><dd><a href="https://tools.ietf.org/html/rfc7230"><cite>Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing</cite></a>. R. Fielding, Ed.; J. Reschke, Ed.. IETF. June 2014. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc7230">https://tools.ietf.org/html/rfc7230</a></dd><dt id="bib-rfc7231">[RFC7231]</dt><dd><a href="https://tools.ietf.org/html/rfc7231"><cite>Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content</cite></a>. R. Fielding, Ed.; J. Reschke, Ed.. IETF. June 2014. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc7231">https://tools.ietf.org/html/rfc7231</a></dd><dt id="bib-rfc7234">[RFC7234]</dt><dd><a href="https://tools.ietf.org/html/rfc7234"><cite>Hypertext Transfer Protocol (HTTP/1.1): Caching</cite></a>. R. Fielding, Ed.; M. Nottingham, Ed.; J. Reschke, Ed.. IETF. June 2014. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc7234">https://tools.ietf.org/html/rfc7234</a></dd><dt id="bib-rfc8259">[RFC8259]</dt><dd><a href="https://tools.ietf.org/html/rfc8259"><cite>The JavaScript Object Notation (JSON) Data Interchange Format</cite></a>. T. Bray, Ed.. IETF. December 2017. Internet Standard. URL: <a href="https://tools.ietf.org/html/rfc8259">https://tools.ietf.org/html/rfc8259</a></dd><dt id="bib-webidl">[WEBIDL]</dt><dd><a href="https://heycam.github.io/webidl/"><cite>Web IDL</cite></a>. Cameron McCormack; Boris Zbarsky; Tobie Langel. W3C. 15 December 2016. W3C Editor's Draft. URL: <a href="https://heycam.github.io/webidl/">https://heycam.github.io/webidl/</a></dd><dt id="bib-webidl-20161215">[WebIDL-20161215]</dt><dd><a href="https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/"><cite>WebIDL Level 1</cite></a>. Cameron McCormack. W3C. 15 December 2016. W3C Recommendation. URL: <a href="https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/">https://www.w3.org/TR/2016/REC-WebIDL-1-20161215/</a></dd> </dl></section><section id="informative-references"> <h3 id="d-2-informative-references"><span class="secno">D.2 </span>Informative references<a class="self-link" aria-label="§" href="#informative-references"></a></h3> <dl class="bibliography"> <dt id="bib-ecmascript">[ECMASCRIPT]</dt><dd><a href="https://tc39.github.io/ecma262/"><cite>ECMAScript Language Specification</cite></a>. Ecma International. URL: <a href="https://tc39.github.io/ecma262/">https://tc39.github.io/ecma262/</a></dd><dt id="bib-knowprivacy">[KnowPrivacy]</dt><dd><a href="http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf"><cite>KnowPrivacy</cite></a>. Joshua Gomez; Travis Pinnick; Ashkan Soltani. UC Berkeley, School of Information. 01 June 2009. URL: <a href="http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf">http://www.knowprivacy.org/report/KnowPrivacy_Final_Report.pdf</a></dd><dt id="bib-orderly">[Orderly]</dt><dd><a href="https://github.com/lloyd/orderly"><cite>Orderly JSON</cite></a>. Lloyd Hilaiel.22 February 2010. URL: <a href="https://github.com/lloyd/orderly">https://github.com/lloyd/orderly</a></dd><dt id="bib-promiseguide">[PromiseGuide]</dt><dd><a href="https://www.w3.org/2001/tag/doc/promises-guide"><cite>Writing Promise-Using Specifications</cite></a>. Domenic Denicola. W3C. 03 January 2017. Finding of the W3C TAG. URL: <a href="https://www.w3.org/2001/tag/doc/promises-guide">https://www.w3.org/2001/tag/doc/promises-guide</a></dd><dt id="bib-rfc3864">[RFC3864]</dt><dd><a href="https://tools.ietf.org/html/rfc3864"><cite>Registration Procedures for Message Header Fields</cite></a>. G. Klyne; M. Nottingham; J. Mogul. IETF. September 2004. Best Current Practice. URL: <a href="https://tools.ietf.org/html/rfc3864">https://tools.ietf.org/html/rfc3864</a></dd><dt id="bib-rfc5785">[RFC5785]</dt><dd><a href="https://tools.ietf.org/html/rfc5785"><cite>Defining Well-Known Uniform Resource Identifiers (URIs)</cite></a>. M. Nottingham; E. Hammer-Lahav. IETF. April 2010. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc5785">https://tools.ietf.org/html/rfc5785</a></dd><dt id="bib-rfc6570">[RFC6570]</dt><dd><a href="https://tools.ietf.org/html/rfc6570"><cite>URI Template</cite></a>. J. Gregorio; R. Fielding; M. Hadley; M. Nottingham; D. Orchard. IETF. March 2012. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc6570">https://tools.ietf.org/html/rfc6570</a></dd><dt id="bib-tcs">[TCS]</dt><dd><a href="https://www.w3.org/TR/tracking-compliance/"><cite>Tracking Compliance and Scope</cite></a>. Nick Doty; Heather West; Justin Brookman; Sean Harvey; Erica Newland. W3C. 31 March 2015. W3C Working Draft. URL: <a href="https://www.w3.org/TR/tracking-compliance/">https://www.w3.org/TR/tracking-compliance/</a></dd> </dl></section></section><p role="navigation" id="back-to-top"><a href="#toc"><abbr title="Back to Top">↑</abbr></a></p><script src="https://www.w3.org/scripts/TR/2016/fixup.js"></script></body></html>