From 11aba46024fcb7b335c7576ec2bc5c8e655626fd Mon Sep 17 00:00:00 2001
From: Abhyudaya Sharma <sharmaabhyudaya@gmail.com>
Date: Fri, 16 Apr 2021 15:45:14 +0530
Subject: [PATCH] Opt out of Google's FLoC

See:

* https://github.com/WICG/floc#opting-out-of-computation
* https://github.com/WICG/floc/issues/103
* https://github.com/WICG/floc/issues/100

FLoC can allow Google (and presumably other parties) to track users across the web. Anyone visiting my website would have his cohort change, making them more easily identifiable across the web. I do not track my users and neither should Google, or any one for that matter.
---
 nginx.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nginx.conf b/nginx.conf
index 658a6e33..7c81cd22 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -26,6 +26,10 @@ http {
 
   # HTTP Strict Transport Security (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)
   add_header Strict-Transport-Security 'max-age=31536000; includeSubdomains; preload';
+  
+  # Dear Google: please do not track users visiting my website
+  # https://github.com/WICG/floc#opting-out-of-computation
+  add_header Permissions-Policy 'interest-cohort=()';
 
   # We're only serving static files so using sendfile() avoids copying
   # data between userspace and kernelspace.