Client Hints
The User-Agent HTTP header has been used to carry information from a requesting client, like its operating system and browser application branding. Websites and media can use this data to customize the experience for the individual end user. Unfortunately, it's not an ideal mechanism because it can carry too much information about the client that can be used for targeted fingerprinting. To move away from the User-Agent HTTP header, Google Chrome has introduced the Client Hints method. It offers a means to only request specific client information.
How it works
We offer a combination of behaviors you can add to your Object Delivery property for this support:
- Request Client Hints. Chromium-based browsers support a set of client-related data, or "client hints data objects." You select the ones you want a browser to include in requests from a client for your content. If the browser agrees, it sends the data in future requests from the client. Browser agreement depends on how the end user has configured their browser.
- Permissions-Policy. By default, a browser limits access to the client hints data objects to the specific host that requested it. Using your Object Delivery property as an example, this would be the domain for a downloadable asset, that you've included in an edge hostname. However, any host that receives hints can delegate access to them to other documents that the host has embedded inside of an
<iframe>
element. This is done by including the desired client hints and the domains to these documents in thePermissions-Policy
header.
Implementation
Client Hints isn't unique to Object Delivery. See the Property Manager documentation for more information on setting it up.
Updated 10 months ago