Misplaced Pages

Talk:Client Hints/GA1: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
< Talk:Client Hints Browse history interactively← Previous editNext edit →Content deleted Content addedVisualWikitext
Revision as of 02:56, 16 September 2024 editRoySmith (talk | contribs)Autopatrolled, Checkusers, Administrators92,144 edits GA Review: spot checks← Previous edit Revision as of 15:44, 17 September 2024 edit undoRoySmith (talk | contribs)Autopatrolled, Checkusers, Administrators92,144 edits GA Review: ping DreamyJazzNext edit →
Line 39: Line 39:
**{{tq|] Additionally, concerns were also raised that the Client-Hint proposal was too permissive and explicitly allowed for new privacy compromising information that could not be obtained by simply parsing HTTP Headers to be leaked to servers. }} **{{tq|] Additionally, concerns were also raised that the Client-Hint proposal was too permissive and explicitly allowed for new privacy compromising information that could not be obtained by simply parsing HTTP Headers to be leaked to servers. }}
***Some of this verifies, but I don't see where the source talks about "information that could not be obtained by simply parsing HTTP Headers". ***Some of this verifies, but I don't see where the source talks about "information that could not be obtained by simply parsing HTTP Headers".

Just as a note, {{u|Dreamy Jazz}} knows more about Client Hints than I do, so he may be willing to leave some comments. ] ] 15:43, 17 September 2024 (UTC)

Revision as of 15:44, 17 September 2024

GA Review

GA toolbox
Reviewing

Article (edit | visual edit | history· Article talk (edit | history· Watch

Nominator: Sohom Datta (talk · contribs) 19:54, 2 June 2024 (UTC)

Reviewer: RoySmith (talk · contribs) 01:27, 16 September 2024 (UTC)

Starting review RoySmith (talk) 01:27, 16 September 2024 (UTC)

  • With the proviso that Earwig is running in degraded mode now due to Too Many Requests, no problems found with copyvios.
  • None of the items under WP:GAFAIL apply.
  • Per MOS:LEAD, the lead section should summarize the rest of the article, not introduce new material.
    • "application programming interface (API)" is not mentioned in the article (at least not by that name)
    • The lead is heavy on material from History and almost completely ignores the Background, "Mechanism, and Privacy concerns sections, so the most important points from those sections should be added.
  • Prose:
    • became an official Internet Engineering Task Force (IETF) draft no need to say "official"
    • The header was meant ... User-Agents became ... this information is used The change of tense here is jarring.
    • In 2020, Google announced their intention to deprecate user-agent (UA) strings ... This is a statement about what happened in 2020 cited to a paper published in 2023. Are you sure that's the right reference?
    • Brave also raised concerns about the initial proposal ... Likewise, this is a source published in 2019 talking ostensibly talking about events that happened in 2020.
    • As of May 2024, over 75% of all traffic on the internet supports client hints It's now September; are there any more recent sources for this?
    • Since the adoption of Client Hints by major browsers you should say which browsers support it.
    • overall adoption of Client Hints across the internet was low this seems at odds with earlier statements like over 75% of all traffic on the internet supports client hints

MediaWiki supports use of Client Hints as a counter-abuse tool. It would be disingenuous to not mention this. See https://www.mediawiki.org/Extension:CheckUser/Client_Hints.

  • You might want to include an infobox, as HTTP and many of the HTTP-related articles do.
  • Spot-check per WP:GAN/I#R3:
    • Since the early days of the internet, there has been a desire to identify what kind of client a user was using to connect to a server. In 1992, an extension to the HTTP protocol was introduced adding a User-Agent HTTP Header which was sent from the client to the server and contained a simple string identifying the name of the client and its version. The header was meant purely for statistical purposes and for tracking down clients that violated the protocol. Since then, with the evolution of the internet, User-Agents became increasingly more complex, and started containing significant granular information about the user. Often, this information is used in browser fingerprinting , allowing sites to track users across sites passively without having to load any JavaScript for the user.
      • Since the early days of the internet, there has been a desire to identify what kind of client a user was using to connect to a server. The source doesn't say this.
      • with the evolution of the internet, User-Agents became increasingly more complex The first part (with the evolution of the internet) isn't stated in the source. It also doesn't add anything useful, so I'd just drop it.
      • Other than those two nits, this claim is verified.
    • Brave also raised concerns about the initial proposal, citing ways in which it could be used to track users on the internet.
      • Verified.
    • Since their initial opposition, Mozilla and Apple have updated their stance to neutral, and Brave has synchronized its implementation of client hints with that of Chrome. As of May 2024, over 75% of all traffic on the internet supports client hints.
      • I don't see where the source says these things. The only mention I see of "over 75%" is "Nevertheless, popular web browsers like Chrome and Edge already support HTTP CHs, which affects more than 75% of web users worldwide ." 75% of web users is not quite the same as 75% of the traffic. And I don't see anything that talks about Mozilla and Apple updating their stance to neutral.
    • ]This ensures that caching mechanisms understand that responses can vary based on different client hint values.
      • Verified.
    • the server can then use the information in the Viewport-Width header to make a decision about the kind of content to serve the user-agent. For example, if the server has a particular image that is extremely large, the server can be configured to return smaller image if the image does not fit the viewport .
      • Verified.
    • ] Additionally, concerns were also raised that the Client-Hint proposal was too permissive and explicitly allowed for new privacy compromising information that could not be obtained by simply parsing HTTP Headers to be leaked to servers.
      • Some of this verifies, but I don't see where the source talks about "information that could not be obtained by simply parsing HTTP Headers".

Just as a note, Dreamy Jazz knows more about Client Hints than I do, so he may be willing to leave some comments. RoySmith (talk) 15:43, 17 September 2024 (UTC)