From dev-return-8982-archive-asf-public=cust-asf.ponee.io@allura.apache.org Thu Nov 15 17:12:44 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 0CAC6180669 for ; Thu, 15 Nov 2018 17:12:43 +0100 (CET) Received: (qmail 2167 invoked by uid 500); 15 Nov 2018 16:12:43 -0000 Mailing-List: contact dev-help@allura.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@allura.apache.org Delivered-To: mailing list dev@allura.apache.org Received: (qmail 2145 invoked by uid 99); 15 Nov 2018 16:12:42 -0000 Received: from mail-relay.apache.org (HELO mailrelay1-lw-us.apache.org) (207.244.88.152) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Nov 2018 16:12:42 +0000 Received: from allura-vm2.apache.org (unknown [62.210.60.238]) by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPS id 88247F03 for ; Thu, 15 Nov 2018 16:12:41 +0000 (UTC) Received: from [172.18.0.8] (unknown [172.18.0.8]) by allura-vm2.apache.org (ASF Mail Server at allura-vm2.apache.org) with ESMTPS id 96A34A01C3 for ; Thu, 15 Nov 2018 16:12:39 +0000 (UTC) Content-Type: multipart/related; boundary="===============1663953614385862124==" MIME-Version: 1.0 To: dev@allura.apache.org From: "Dave Brondsema" Reply-To: "[allura:tickets] " <8261@tickets.allura.p.forge-allura.apache.org> Subject: [allura:tickets] #8261 Embed youtube videos without cookies Message-ID:

Date: Thu, 15 Nov 2018 16:12:39 -0000 Sender: tickets@allura.p.forge-allura.apache.org In-Reply-To: <5bdaf624c829180eb5bee2ce.tickets@allura.p.forge-allura.apache.org> References: <5bdaf624c829180eb5bee2ce.tickets@allura.p.forge-allura.apache.org> --===============1663953614385862124== Content-Type: multipart/alternative; boundary="===============5841812699020067018==" MIME-Version: 1.0 --===============5841812699020067018== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit - **status**: open --> review - **assigned_to**: Dave Brondsema - **Comment**: On branch db/8261 allows embed code to use youtube-cookie.com urls and converts iframe output to youtube-nocookie (for both youtube or youtube-nocookie inputs) --- ** [tickets:#8261] Embed youtube videos without cookies** **Status:** review **Milestone:** unreleased **Created:** Thu Nov 01, 2018 12:48 PM UTC by Ingo **Last Updated:** Thu Nov 01, 2018 03:08 PM UTC **Owner:** Dave Brondsema Embedded youtube videos are trackers, as they are storing coockies for a foreign host. With the new european GDPR that's a problem. Currently I patched macros.py and utils.py to patch the URL: ~~~ embed_url = html.find('iframe').get('src').replace("youtube.com", "youtube-nocookie.com") ~~~ But I don't know what the correct solution for this problem might be. At least we need to allow the nocookie URLs if the user adds those. But I guess that's not enough, as I don't think that you can't easily pass the responsibility for trackers on project pages to the admin of the page. --- Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list. --===============5841812699020067018== MIME-Version: 1.0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: 7bit
  • status: open --> review
  • assigned_to: Dave Brondsema
  • Comment:

On branch db/8261 allows embed code to use youtube-cookie.com urls and converts iframe output to youtube-nocookie (for both youtube or youtube-nocookie inputs)

[tickets:#8261] Embed youtube videos without cookies

Status: review
Milestone: unreleased
Created: Thu Nov 01, 2018 12:48 PM UTC by Ingo
Last Updated: Thu Nov 01, 2018 03:08 PM UTC
Owner: Dave Brondsema

Embedded youtube videos are trackers, as they are storing coockies for a foreign host. With the new european GDPR that's a problem. Currently I patched macros.py and utils.py to patch the URL:

embed_url = html.find('iframe').get('src').replace("youtube.com", "youtube-nocookie.com")

But I don't know what the correct solution for this problem might be. At least we need to allow the nocookie URLs if the user adds those. But I guess that's not enough, as I don't think that you can't easily pass the responsibility for trackers on project pages to the admin of the page.

Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/

To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.

--===============5841812699020067018==-- --===============1663953614385862124==--