9

I was looking through some Google articles and some Firefox developer areas and found that there was an option you can set to not let some sites track your information.

I looked into this and did some google searches for Developers and couldn't manage to find any information on how to detect whether or not a user has set this in their browser.

Is it sent in a POST request or in any type of request? Does it come in the User agent? I just wanted to know how to manage this and not store their ips for login as an example.

miken32
  • 42,008
  • 16
  • 111
  • 154
Jack Hales
  • 1,574
  • 23
  • 51

3 Answers3

13

It's sent as an HTTP header:

function dnt_enabled()
{
   return (isset($_SERVER['HTTP_DNT']) && $_SERVER['HTTP_DNT'] == 1);
}

if dnt_enabled() {
    // do stuff...
}

Or, if you're using PHP 7:

function dnt_enabled(): bool
{
   return (bool)$_SERVER['HTTP_DNT'] ?? false;
}
miken32
  • 42,008
  • 16
  • 111
  • 154
2

Navigator.doNotTrack

If you want to use client-side JavaScript to check whether or not a user has the dnt request header set, you can use navigator.doNotTrack.

This property returns the value of the dnt HTTP header (i.e., "1", "0", or "unspecified").

You can access this value via PHP by POSTing this value via AJAX.

const is_not_trackable = navigator.doNotTrack === '1';

console.log(is_not_trackable); // True if user has requested privacy via DNT
console.log(navigator.doNotTrack); // Current value of DNT header

Note: At the time of posting, navigator.doNotTrack is still considered experimental technology. Expect behavior to change in the future, and proceed with caution before using it in your application. See Browser Compatibility.

Grant Miller
  • 27,532
  • 16
  • 147
  • 165
1
$do_not_track_requested = ! empty( $_SERVER[ 'HTTP_DNT' ] );

All HTTP headers are present in $_SERVER, prefixed with HTTP_.

https://www.php.net/manual/en/reserved.variables.server.php#89567

Val Kornea
  • 4,469
  • 3
  • 40
  • 41