New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable reduced-referrer-granularity and prefetch-privacy-changes by default #659
Comments
@Peacock365 as you used the issue template for Brave, the same should have been done here. |
I add the issue template now, although I must say that I have consciously foregone it, since it adds no valuable info in this case at all. But anyway, here it is: I did search the issue tracker, FAQ, and ReadMe. ### Is your feature request related to privacy? Yes. ### Is there a patch available for this feature somewhere? Brave patched this, but the exact patch can‘t be reused for Bromite. ### Describe the solution you would like Enable chrome://flags/#reduced-referrer-granularity and chrome://flags/#prefetch-privacy-changes by default. ### Describe alternatives you have considered Leaving them at default / disabled, at a privacy loss. Not really an alternative considering the goal here is to improve privacy, however. Not enabling them also means that this issue is RESOLVED WONTFIX automatically. |
It seems to me that the compatibility risk here is low, as the Brave developers pointed out. However, the privacy gain here is considerable, since enabling these two flags will introduce a better referer header policy, and prevent leakage of arbitrary amounts of information in case the cache is targeted. |
The templates are needed to keep the issue tracker organized; the template you used for Brave is for a bug report while here we also have a template for a feature request. I will consider enabling these two for next release. |
Fixed in |
Please consider enabling chrome://flags/#reduced-referrer-granularity and chrome://flags/#prefetch-privacy-changes by default. The former is purely privacy-related, I don't know if you are already doing something similar. The latter prevents data leakage as described here:
https://terjanq.github.io/Bug-Bounty/Google/cache-attack-06jd2d2mz2r0/index.html
Here is the "Intent to implement" in Chromium:
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/bSMOY-evrV4
I have raised the same issue in the Brave browser repo, with the result that the flags got enabled by default:
brave/brave-browser#8319
I have also raised this issue in the Vanadium and Ungoogled Chromium repos (still under review):
ungoogled-software/ungoogled-chromium#1117
GrapheneOS/Vanadium#71
Thank you for your attention.
The text was updated successfully, but these errors were encountered: