You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In e9e5247, I implemented a filter that only includes requests to servers that the user's device also provably (through Tracker Control/the App Privacy Report) contacted.
I am currently doing that by checking the request's hostname from the HAR against the hostnames in the TC/APR export.
Instead of the HAR hostname, I think we should be checking against all endpoint URLs that the corresponding adapter accepts.
Imagine a tracking endpoint https://api\d.tracker.tld/ingest. If during our analysis, we happened to find requests to https://api2.tracker.tld/ingest but the user's device happened to use https://api5.tracker.tld/ingest instead, we would currently exclude those requests.
However, implementing it this way is surprisingly hard. We only get a hostname from the TC/APR export. Meanwhile, our adapters' endpoint URLs can be strings or regexes of full URLs.
How would we check whether android2-ads.adcolony.com matches /^https:\/\/(android|ios)?ads\d-?\d\.adcolony\.com\/configure$/? Maybe I'm missing something, but I really can't see an automated way that isn't hacky and error-prone.
I feel like the only (proper) way to implement this change would be to also manually add a hosts array to each adapter in TrackHAR.
The text was updated successfully, but these errors were encountered:
In e9e5247, I implemented a filter that only includes requests to servers that the user's device also provably (through Tracker Control/the App Privacy Report) contacted.
I am currently doing that by checking the request's hostname from the HAR against the hostnames in the TC/APR export.
Instead of the HAR hostname, I think we should be checking against all endpoint URLs that the corresponding adapter accepts.
Imagine a tracking endpoint
https://api\d.tracker.tld/ingest
. If during our analysis, we happened to find requests tohttps://api2.tracker.tld/ingest
but the user's device happened to usehttps://api5.tracker.tld/ingest
instead, we would currently exclude those requests.However, implementing it this way is surprisingly hard. We only get a hostname from the TC/APR export. Meanwhile, our adapters' endpoint URLs can be strings or regexes of full URLs.
How would we check whether
android2-ads.adcolony.com
matches/^https:\/\/(android|ios)?ads\d-?\d\.adcolony\.com\/configure$/
? Maybe I'm missing something, but I really can't see an automated way that isn't hacky and error-prone.I feel like the only (proper) way to implement this change would be to also manually add a
hosts
array to each adapter in TrackHAR.The text was updated successfully, but these errors were encountered: