Add new scriptlet — 'no-protected-audience' #395
Description
Why do we need this?
The rationale behind this rule is to provide an option that safely disables "Protected Audience API". Disabling it may be required by privacy filter lists.
Protected Audience API is supposed to be a "private" alternative to third-party cookies tracking for showing targeted ads. While this is indeed a more private alternative, the downside is that it transforms the browser itself into an ad auction tool.
Moreover, the browser will in the background (without user knowing about it) contact configured URLs to update the "interest group" or reload the bidding logic: https://developers.google.com/privacy-sandbox/relevance/protected-audience-api/interest-groups
I honestly cannot see how this design is more private.
What should be implemented
This scriptlet is similar to #214 and the purpose is to suppress "Protected Audience API" functions.
The scriptlet should work in a similar fashion to no-topics: check if the specified properties exist and replace them with noop stubs.
The full list of functions can be found here: https://wicg.github.io/turtledove/
Please check the functions signature and replace it with a stub that has the same signature.
Here's a list of functions that we need to override:
Navigator.prototype.joinAdInterestGroupNavigator.prototype.runAdAuctionNavigator.prototype.leaveAdInterestGroupNavigator.prototype.clearOriginJoinedAdInterestGroupsNavigator.prototype.createAuctionNonceNavigator.prototype.updateAdInterestGroups