Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Studio's history (and so: all user datas) stored in the third-party cookies #240

Open
Tracked by #239
reggermont opened this issue Jun 1, 2023 · 0 comments
Open
Tracked by #239

Studio's history (and so: all user datas) stored in the third-party cookies #240

reggermont opened this issue Jun 1, 2023 · 0 comments

Comments

@reggermont
Copy link

Context

I'm curious to have Apollo's point of view on that, but at first sight, that's a big privacy issue.

In these cookies, Apollo Studio stores many informations that may be sensitive, like:

  • Headers with tokens
  • Queries and mutations schemas

And surely more I don't have in mind now. Is there a particular reason to do this, except to collect user and company datas?

Proof

image

How to test

  • Enable / Disable third-party cookies in your browser settings (for Chrome: Settings > Privacy and Security > Cookies and other site data
  • Refresh the page
  • Write some code in the editor
  • Refresh again
    • If you enabled all cookies, then you'll keep your historic as expected
    • If you disabled third-party cookies, Apollo Studio will start from fresh

Expected behaviour

Datas are stored in the first-party cookies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@reggermont