Re: [csswg-drafts] [selectors] Solve :visited once and for all

This is an interesting idea building on the 20 years of problems of history stealing. But so far what has taught us is that there are quite a lot of ways to exfiltrate this kind of information, some even quite unexpected.

GDPR-wise it's about intent to a large degree (to simplify). So try boiling down to simple rules: just because you technically can, does not mean you should. But on the other hand: deploy tech in a way there are no leaks (state of the art). Still that would be in hands of end users. I would suggest not getting regulations here in the first place, but to focus on a security/privacy model to solve the problem, then see the implications.

And the general starting point ought to be that sites should be unable to allow the detection of (other) sites the user has visited. 

-- 
GitHub Notification of comment by lknik
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/3012#issuecomment-412662576 using your GitHub account

Received on Monday, 13 August 2018 21:00:45 UTC