[Webkit-unassigned] [Bug 225783] PCM: How can I check if PCM feature is enabled in a given Safari instance?

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu May 13 17:44:36 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=225783

--- Comment #5 from Maojie <mwei at pinterest.com> ---
(In reply to John Wilander from comment #4)
> (In reply to Maojie from comment #3)
> > Hi John, I would like to add another reason why we think this signal is
> > useful from the point of social.example's side. :) 
> > 
> > To integrate with PCM, the social.example server needs to make the decision
> > about if a HTTP 302 redirect request needs to be sent in order to tell the
> > browser to trigger the attribution. Before making that realtime decision,
> > social.example needs to know if there is already an unattributed click
> > already stored locally within the browser. Otherwise, social.example needs
> > to request 302 HTTP redirect for every tag firing it received. However, if
> > only small percentage of Safari upgraded to the version which supports PCM,
> > then most of HTTP 302 redirect requests would be unnecessary. Hope this make
> > senses to you.
> 
> I think this indicates a misunderstanding. No site should ever know if there
> is a stored click that would match a redirect. No webpage should ever know
> anything about the inner state of PCM since that would allow for covert
> cross-site data leakage that can be tied to a user. Concretely, anyone,
> including social.example, could learn that a specific user has previously
> clicked a PCM link to land on this website. No one should learn such info
> about the user. That is a core requirement of PCM.
> 
> It is the clear intention to have all the pixels redirect in a speculative
> manner so that *if* there is a stored click that matches the redirect, an
> attribution report is scheduled.
> 
> The model is:
> * The click source learns nothing about what the user does on the click
> destination site.
> * The click destination site does not know that the user came from the click
> source site – not that they came from there now or earlier.

I totally agree with the core requirement of PCM to protect users' privacy. It's not my intention to learn about users' preference or behavior. Rather, I'm interested in if their browsers are upgraded to the versions that will support PCM. Or I could add logic that PCM is enabled for all versions later than version X. Otherwise, it's to the challenge of social.example server to intelligently make the correct redirect:

1. To determine the correct redirect location.
For example, if the user is browsing using Chrome, the redirect location would be /.well-known/register-conversion/. If the user is browsing using Safari, the redirect location would be /.well-known/private-click-measurement/trigger-attribution/. There may be other well-known path if other browsers follow the same pattern. 
2. To determine if a redirect is needed. Would there be warning if a redirect was made on previous versions of browsers that do not support PCM?

Thanks
Maojie

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210514/3608a935/attachment.htm>

More information about the webkit-unassigned mailing list