[Webkit-unassigned] [Bug 41802] New: window.screen object can be used to track users

Wed Jul 7 14:34:30 PDT 2010

https://bugs.webkit.org/show_bug.cgi?id=41802

           Summary: window.screen object can be used to track users
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: robert at webkit.org

>From https://bugzilla.mozilla.org/show_bug.cgi?id=418986
"The window.screen object can be used to build an identifier that can be used to
track users independent of IP. Based on my rough calculations, there should be
at least 29 bits of extractable state from desktop geometry, toolbar geometry,
window size, etc.

Currently, there is no way to obscure this information without injecting
javascript into the contentWindow to hook the screen object. It would be nice
if the browser provided a pref to say "only report my content window dimensions
as inner and outer height." This pref would cause the screen object to behave
as if the contentWindow was the size of the entire desktop, with no chrome or
desktop toolbar size information."

What he says!

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.