first and third party script info #3
Conversation
| We need to improve the host validation. A lot of sites use a subdomain for the resources (as a custom CDN), and these resources doesn't Thrid-party. e.g. On this site, all the resources use a subdomain, and the script detects all the First Party Scripts as Third Party Scripts.
An options is add an array with the "first" hosts, and check the current host with this config hosts const HOSTS = [ 'assets.domain.com', 'cdn.domain.com' ] |
| You are right. Technically they aren't third party despite the fact they usually incur network cost. So the wording is kinda deceiving in this case. But you are totally right and like your idea So basically create a hosts array for the user edit themselves and then add that to the first party check. |
| Example using katespade.com just bc I knew a subdomain. Please test on the site you used above. Thanks! |
| if (resource.initiatorType === "script") { | ||
| const { host } = new URL(resource.name); | ||
| // check if resource url host matches location.host = first party script | ||
| if (host === location.host || HOSTS.includes(host)) { |
| // set for first party scripts | ||
| const first = []; | ||
| // set for third party scripts | ||
| const third = []; |
2 participants
Example output