You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The read speed setting being stored/recovered from an external call to the API hosted on Heroku, this has for consequence that the URL of the web page being scrolled is accessible from the API by the referer header, which might causes privacy concerns.
What can be done ?
have some kind of referer removal in the bookmarklet code
make it "opt-in" to save the setting (usability issue)
The text was updated successfully, but these errors were encountered:
The simple click on the bookmark leaks that. No easy fix for that. CORS is there for that, should a website wish to protects its visitors against that.
The read speed setting being stored/recovered from an external call to the API hosted on Heroku, this has for consequence that the URL of the web page being scrolled is accessible from the API by the referer header, which might causes privacy concerns.
What can be done ?
The text was updated successfully, but these errors were encountered: