You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Second, screen fold changes (either via onchange or polling) are an ephemeral fingerprinting vector. Given this API is meant for responsive design, we recommend limiting it to visible browsing contexts. I see section 7.2 does constrain onchange for UX reasons. It should also be listed under “Security and Privacy considerations”. The mitigation should also be applied to other ways to query the property, such as polling. (Perhaps defer all updates to the page’s copy of the state until visible, not just the onchange event, or leave the APIs and CSS queries unavailable to hidden pages altogether.)"
The text was updated successfully, but these errors were encountered:
From blink-dev thread: https://groups.google.com/a/chromium.org/g/blink-dev/c/prHGPxF62i4
"Second, screen fold changes (either via onchange or polling) are an ephemeral fingerprinting vector. Given this API is meant for responsive design, we recommend limiting it to visible browsing contexts. I see section 7.2 does constrain onchange for UX reasons. It should also be listed under “Security and Privacy considerations”. The mitigation should also be applied to other ways to query the property, such as polling. (Perhaps defer all updates to the page’s copy of the state until visible, not just the onchange event, or leave the APIs and CSS queries unavailable to hidden pages altogether.)"
The text was updated successfully, but these errors were encountered: