[ovirt-devel] Re: Gerrit trying to set 3rd party cookies

On 1 July 2018 at 15:41, Nir Soffer <nsoffer(a)redhat.com&gt; wrote: We don't "allow" 3rd parties. For a 3rd party to be able to set cookies on your site you need have some elements on your page that make the browser pull content from them. In the case of Gravatar what we have are <img> tags with "src" attributes that contain URLs that point to Gravatar and contain one-way hashes of user email addresses. Those URLs resolve to the users avatars if they registered their emails with Gravatar. This is just how Gravater works - its very simple and reliable, to have it work differently would require complex and fragile server-side code on our side and would probably be prone to more security issues then the current system. The only 3rd-party we engage currently is Gravatar, I've no reason to believe the engage in any sort of tracking. The maintainers of Gravatar are also the maintainers of Wordpress, one of the bigger open-source poster-child projects, which is all about people hosting their own stuff rather then catering to the requirements of proprietary gate-keepers like Facebook and GitHub (Now Microsoft...)... Bottom line, I've strong reason to belive this is false alarm. This looks like a simple session cookie, try to log out of your acocunt on Gravatar and see if it vanishes... -- Barak Korren RHV DevOps team , RHCE, RHCi Red Hat EMEA redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted