Firefox3.1/Media Queries Security Review: Difference between revisions

Jump to navigation Jump to search

Firefox3.1/Media Queries Security Review (view source)

Revision as of 23:58, 22 September 2008

674 bytes added ,  22 September 2008
→‎Review comments
 
Line 61: Line 61:


== Review comments ==
== Review comments ==
* Media queries can enable web sites to fingerprint users based on several attributes of their system (screen size, color depth, etc). Most of these, if not all, are already available to script, but CSS properties makes it possible without script.
* resolution might be new information, but David thought you could get close to that by figuring out the pixel height of some text at a specified point size.
* We believe the TorButton is concerned with this fingerprinting aspect enough to have overridden window.screen to return fake values. They will also be concerned about this and we need some sort of hook to override behavior based on fake values for these properties.
Dveditz
Bureaucrats, canmove, Confirmed users
642

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/109700"

Navigation menu