[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #7265 [Firefox Patch Issues]: Only display Canvas message for first parties; simply log third parties (was: Canvas extraction message should provide path to full url)
#7265: Only display Canvas message for first parties; simply log third parties
--------------------------------------------+-------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Firefox Patch Issues | Version:
Keywords: tbb-fingerprinting, tbb-bounty | Parent:
Points: | Actualpoints:
--------------------------------------------+-------------------------------
Comment(by mikeperry):
In #7084, proper points out this message is frequent and annoying. He's
right. Perhaps only displaying it for first party URLs would be an
improvement. We can then just silently block and log third parties to the
error console.
It might also be that we have a false positive in this patch and that one
of these APIs that cause this prompting isn't actually being used to
extract image data. It does seem weird that it is so prevalent. For
example, why does github trigger this message?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7265#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs