Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
fastify-floc-off
Advanced tools
fastify-floc-off - npm Package Compare versions
Comparing version 2.0.4 to 2.0.5
| { | ||
| "name": "fastify-floc-off", | ||
| "version": "2.0.4", | ||
| "version": "2.0.5", | ||
| "description": "Fastify plugin to opt out of Google's FLoC advertising-surveillance network", | ||
@@ -27,4 +27,4 @@ "keywords": [ | ||
| "dependencies": { | ||
| "fastify-plugin": "^4.3.0" | ||
| "fastify-plugin": "^4.5.0" | ||
| } | ||
| } |
@@ -13,11 +13,7 @@ # fastify-floc-off | ||
| The `fastify-floc-off` plugin sets the following response header and values to opt-out of Google's FLoC advertising-surveillance network: | ||
| The `fastify-floc-off` plugin adds the "interest-cohort=()" directive to the `Permissions-Policy` response header to opt-out of Google's FLoC advertising-surveillance network. It will create a new header if one does not already exist. | ||
| ``` | ||
| Permissions-Policy: interest-cohort=() | ||
| ``` | ||
| You can read more about the issues surrounding Google's FLoC [on EFF](https://eff.org/deeplinks/2021/03/googles-floc-terrible-idea) and [Plausible Analytics](https://plausible.io/blog/google-floc). | ||
| [Helmet](https://github.com/helmetjs/helmet) (and in turn [fastify-helmet](https://github.com/fastify/fastify-helmet)) does not currently support `Permissions-Policy` response header setting yet, so this plugin was created out of a need for an easy way to disable/opt-out of Google's FLoC network for systems at [Yeovil District Hospital NHS Foundation Trust](https://yeovilhospital.co.uk/). This ensures both patients and staff accessing web applications at the hospital are not subject to Google's unsolicited tracking. | ||
| [Helmet](https://github.com/helmetjs/helmet) and [fastify-helmet](https://github.com/fastify/fastify-helmet) do not support the `Permissions-Policy` response header setting yet, so this plugin was created out of a need for an easy way to disable/opt-out of Google's FLoC network for. This ensures users accessing web applications are not subject to Google's unsolicited tracking. | ||
@@ -24,0 +20,0 @@ ## Installation |
@@ -5,3 +5,4 @@ const fp = require("fastify-plugin"); | ||
| * @description Simple plugin that adds an `onRequest` hook to opt out of Google's FLoC | ||
| * advertising-surveillance network by setting the relevant response headers. | ||
| * advertising-surveillance network by setting/adding the "interest-cohort=()" directive | ||
| * to the Permissions-Policy response header. | ||
| * @param {object} server - Fastify instance. | ||
@@ -11,3 +12,16 @@ */ | ||
| server.addHook("onRequest", async (req, res) => { | ||
| res.header("Permissions-Policy", "interest-cohort=()"); | ||
| const header = res.getHeader("Permissions-Policy"); | ||
| // Header can be returned as array: https://nodejs.org/docs/latest/api/http.html#requestsetheadername-value | ||
| if (Array.isArray(header)) { | ||
| header.push("interest-cohort=()"); | ||
| res.header("Permissions-Policy", header); | ||
| return; | ||
| } | ||
| if (!header) { | ||
| res.header("Permissions-Policy", "interest-cohort=()"); | ||
| } else { | ||
| res.header("Permissions-Policy", `${header}, interest-cohort=()`); | ||
| } | ||
| }); | ||
@@ -14,0 +28,0 @@ } |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by7.92%
4999
- Lines of code
- increased by92.31%
25
Worsened metrics
- Number of lines in readme file
- decreased by-6.78%
55
Dependency changes
Updatedfastify-plugin@^4.5.0