verification-plugin icon indicating copy to clipboard operation
verification-plugin copied to clipboard

Published 20 hours ago verified publisher icon AFP-Medialab

Browser support & RGPD questions

Open ysard opened this issue 1 year ago • 1 comments

Hi, I discovered your project thanks to the NoLimit Secu podcast in which a speaker presented it (podcast).

Unfortunately, I see that your plugin is not compatible with the Firefox browser. However, the APIs for Chrome and Firefox are similar. In addition, your issue #435 mentions the outright removal of Firefox support (which has already been dropped a few versions ago). So I'm wondering whether this is a technical limitation or a desire to ignore Mozilla's browser?

Also, could you please clarify in your Readme the usefulness of REACT_APP_* configuration variables? This is to specify for what purposes tracking APIs such as Matomo, Google Analytics, etc. are used.

According to the RGPD, while tracking operated by Matomo may be exempted of consent under some conditions, this is not the case for the tracking operated by Google Analytics. Yet, your code embeds compatibility for this platform.

In these conditions, an opt-in strategy rather than an opt-out strategy would be a preferable move for your users.

Thank you for reading.

ysard avatar Mar 22 '24 15:03 ysard

Hi @ysard, first of all, thank you for opening this issue. And sorry for replying asynchronously.

So I'm wondering whether this is a technical limitation or a desire to ignore Mozilla's browser?

Regarding Firefox, we discontinued Firefox because of technical / staffing limitations. The team had trouble making the Firefox app available on their add-on store. The other reason is that we are a significantly small team and we simply didn't have the time to take care of it as we are focusing on adding new features from the veraai project. Adding Firefox support has also been of a lesser priority since its market share is significantly less important than Chromium-based browsers. But don't get me wrong, we use Firefox in our team and would like to support it. We eventually would like to support Firefox and Safari. If you'd like to work on adding Firefox support, or if you have any advice to speed up the development and support we are welcoming a contribution.

Also, could you please clarify in your Readme the usefulness of REACT_APP_* configuration variables?

These config variables are used in order to access our partners' apis as well as our Matomo url. But the documentation is deprecated and needs a refresher (which is why #435 is opened)

According to the RGPD, while tracking operated by Matomo may be exempted of consent under some conditions, this is not the case for the tracking operated by Google Analytics. Yet, your code embeds compatibility for this platform.

In these conditions, an opt-in strategy rather than an opt-out strategy would be a preferable move for your users.

Regarding GA, Matomo and RGPD: we have actually moved from GA to Matomo because of RGPD reasons. We only use Matomo to capture the usage of our tools. There may still be some variables in our code named with GA or referencing GA, but this is a mistake from our end since we only rely on (and call) Matomo now. We will clean this up asap.

Sallaa avatar Apr 04 '24 09:04 Sallaa

@ysard I am closing this, feel free to open it again if you have more questions

Sallaa avatar Jun 14 '24 12:06 Sallaa