Google Ads enforces EU cookie legislation and demands we notify the visitor

[Pony99CA]

I disagree. First, we already have such a feature (with COPPA).

Yeah. We really shouldn't have that.

Maybe with officially-supported extensions, we could pull it out of the core. We'd still need a place to put the settings, though, so my Legal Settings Page would be a good home for that.

Steve

[Elsensee]

Things like these (that are required for legal reasons) belong to the core IMHO.
Extensions are there for admins who want to add new functions or to improve functions/behaviors. If an administrator decides to use no extensions because he is afraid of the possible vulnerabilities, he should have everything in the core which is absolutely needed for the board to run good and for him to not get sued or something like that.

[CHItA]

What we could do easily is what Spotify does on their website, which i'm not quite sure is actually satisfies the legal requirements, however, i don't see how we could implement this any better for custom BBCodes for example (if you have a youtube video on the page, or even an image from another website it will place coockies in your browser...).

[Pony99CA]

Things like these (that are required for legal reasons) belong to the core IMHO.
Extensions are there for admins who want to add new functions or to improve functions/behaviors. If an administrator decides to use no extensions because he is afraid of the possible vulnerabilities, he should have everything in the core which is absolutely needed for the board to run good and for him to not get sued or something like that.

I mostly agree, which is why I opened the RFC. However, some admins are worried about bloat and unnecessary ACP options, which is why I suggested officially-supported extensions. I presume that officially-supported extensions (as opposed to regular extensions) get the same scrutiny as core code, so they would be safe.

With an officially-supported extension, the admin would only need to add the extensions relevant to the regions the admin's board serves, so there would be less bloat.

Of course, this depends on my presumption about officially-supported extensions getting core-level checking and testing. If that's wrong, please correct me.

Steve

[Elsensee]

However, some admins are worried about bloat and unnecessary ACP options, which is why I suggested officially-supported extensions. I presume that officially-supported extensions (as opposed to regular extensions) get the same scrutiny as core code, so they would be safe.

[...]

Of course, this depends on my presumption about officially-supported extensions getting core-level checking and testing. If that's wrong, please correct me.

Official extensions get the same level of code scrutiny as any other validated extension. However, the official extensions are developed by knowledgable team members who are familiar with the coding guidelines of phpBB, and also subject their code to extensive code testing and metric analyses, just like phpBB's core, to ensure compatibility and cohesion.