Hold on, Cloudflare building a tool that respects users?<p>Checking to see if that statement is secure.<p><i>refreshes</i><p>Checking to see if that statement is secure.<p><i>refreshes</i><p>Checking to see if that statement is secure.
Does cloudflare respect users? They don't even respect the intent of "do not track" enable it and you can do cloudflare captchas in an infinite loop which doesn't seem so respectful in my understanding of that word.
I would love an option that allows me to set defaults for <i>all</i> websites that I visit. Such as to reject marketing and tracking cookies and other mechanisms used for that purpose globally and to allow me to fine tune functional stuff on a per-site basis.
We are betting more on Cloudflare as a company lately. Our static website was just moved to Cloudflare Pages and it is working really well (we have over 200 Pages and counting). We were trying to figure out how to handle the Cookie/Consent stuff and this comes along. Would love to try and see how it works out.<p>Btw, if you haven't tried, give Cloudflare pages a shot if you are looking for a no nonsense static website tool. Combine it with Cloudflare workers, you can add dynamic features as needed. I don't work for them but just a happy customer.
Is anybody here monetizing their web projects with Google Adsense?<p>If so, how do you manage consent?<p>I tried to build a simple modal that asks the user if they agree to ads+cookies, with a link to a privacy policy which explains that I use Adsense and a link to their privacy policy. And only loaded Adsense if the user agreeed. But Google never accepted that. They never gave an explanation why.
Many folks here asking about ads, AdSense, etc…<p>The issue with this and all consent mangers is always ads.<p>It is impossible to know all the potential ad vendors, ad tech, and what other devices ads will load in advance.<p>Googled consent framework, the IAB framework, etc, all fail to address this.
Even though I'm wary of the centralization of the internet under cloudflare, I can't deny their products are <i>awesome</i><p>My rule of thumb is just never to use them as a proxy, CDN through R2, static pages etc are okay.
Unfortunately Zaraz requires your website to be behind CF proxy.<p>> And if you've ever clicked something other than Approve you'll have noticed that the list of choices about which services should or should not be allowed to use cookies can be very, very long.<p>There should be a reject all button, right?
How about just use cookies for strictly necessary purposes. Then you don't need to ask, and the Web will become better<p>It's only because sites are jam-packed with spyware that all these horrendous popups are everywhere.<p>If you need a complex consent manager, it's a signal that you're doing the wrong thing.<p>Ads are not strictly necessary, nor visitor tracking, btw.
Not supporting GPC (the DNT successor) directly contradicts the "respecting users" marketing fluff. I suspect the main reason why there is a "reject all" button is that Cloudflare folks rightly figured out that they are too big to get away with not providing one. Otherwise noyb.eu will say hello. OneTrust etc. are doing the same, there's nothing more user respecting about this solution.<p>If Cloudflare is serious about privacy here, they should at least respect GPC and not provide customers with an option to disable it.
That's nice, but Cloudflare seems to be missing the point.<p>No consumer is going to say "oh, now that you've provided me such a streamlined tracking consent experience, I'll give you consent to track me across sites to show me personalized ads". They'll just click the "reject all" option you're legally compelled to give them.<p>Also, the example includes a consent option for anonimized pageview counts data, which under GDPR you don't need consent for.<p>An approach that would <i>really</i> respect user would be to store traffic analytics anonymously (in a way that resists trivial de-anonimization, so with binning and stuff), and throw away the rest. There, no consent popup needed.
you're still proxying through servers/systems controlled by a US corporation<p>and the US is not considered to have adequate data protection laws under the GDPR