So how do I disable this infuriating feature?

[amicus-veritatis]

I assume there would be browser built-in option for opt-out, But how would users choose to opt-out via console?

I already wrote a sample code for detecting one, but I believe users should be allowed to opt-out via both console and browser extension.

const topics: String = "browsingTopics"
export function isTopicsApiSupported() {
    // Check whether or not Google Topics API is enabled
    // https://github.com/patcg-individual-drafts/topics
    const topicsApiSupported = topics in Document.prototype
    return topicsApiSupported 
}

[dmarti]

For sites where you can set HTTP headers, you can opt out with a Permissions-Policy (covered in the README)

It would probably not work to opt out in the JS console, because by the time you get the console open some script on the page would already have called it. Twitter thread about this, for the previous, related proposal (FLoC): https://twitter.com/footePGH/status/1380567463952285707

An extension should be able to assign to documents.browingTopics before scripts try to run it, or if you control the page HTML but not the headers you should be able to set it from the first script in the page head. See #60.

[amicus-veritatis]

So would something like this example work as you described?

manifest.json

{
        ...
        "content_scripts": [ {
            ...
            "run_at": "document_start",
            ...
        }]
        ...
}

sample.ts

function onDeleteAll() {
  console.log("Deleted all browser history");
}

function deleteAllHistory() {
  var deletingAll = browser.history.deleteAll();
  deletingAll.then(onDeleteAll);
}

function disableTopicsApi() {
    const target = document.head || document.documentElement
    const scriptInjected = document.createElement("script")
    scriptInjected.setAttribute('type', 'text/javascript')
    scriptInjected.textContent =  "document.browsingTopics = ()=>{console.warn('Topics API warning: This website tracks previous user activities')}"
    target.prepend(scriptInjected)
    deleteAllHistory()
}

disableTopicsApi()

[dmarti]

@amicus-veritatis That looks roughly right, but needs to be tested.

The alert in #60 is there to let the web site administrator know to check 3rd-party scripts. For extension purposes where you won't be able to change the site, it might be better to have your injected script simply return a few unobjectionable topics such as 345 (/Travel & Transportation/Tourist Destinations/Beaches & Islands) 274 (/Real Estate/Timeshares & Vacation Properties) or 201 (/Hobbies & Leisure/Outdoors). That way if advertisers look at the return value from the promise, you're less likely to get the ads for ointment and predatory finance that tend to show up in the absence of targeting data.

(Probably best to do extension development in a new repository and link back to here)

[dmarti]

Injecting a script will work differently in WebExtensions ManifestV3. Some examples and links at https://stackoverflow.com/questions/9515704/use-a-content-script-to-access-the-page-context-variables-and-functions (@amicus-veritatis if you are doing an extension to filter or optimize topics, please post a link.)

[michaelkleber]

If you're trying to control Privacy Sandbox features in a Chrome Extension, take a look at the privacySandboxEnabled setting in the chrome.privacy API.

Documentation here: https://developer.chrome.com/docs/extensions/reference/privacy/#:~:text=privacySandboxEnabled

[amicus-veritatis]

@michaelkleber I don't think relying on chrome.privacy API and its privacySandboxEnabled setting is a good idea at all considering advertisement revenue accounts for over 80% of the Google's total revenue, and I'd also like to point out that the term "privacy sandbox" is oxymoron and the concept itself is nothing more than privacy gaslighting.

I'm pretty sure that users will keep getting a message saying please enable Topics API to continue uWu from websites if they just turn off Topics API and Google apparently is aware of this.

@dmarti I guess it's a feature, not a bug. I'm currently considering using chrome.scripting or similar chrome API for chrome and MV3-based chromium browsers.

[michaelkleber]

If a person or an extension has turned off Topics using browser controls, then the Topics API will return an empty topics list. That's also what the API will return if the user hasn't browsed much, or is in incognito mode, or has their topics filtered out due to the visibility rules, etc. So please enable Topics API to continue uWu seems pretty unlikely to me — it would end up shutting out plenty of perfectly normal website visitors who haven't done Topics-blocking at all.

If you want to accuse people of gaslighting or acting in bad faith, you will need to do so elsewhere. Interactions in the PATCG repositories are covered by the W3C Code of Conduct.