- From: <bugzilla@jessica.w3.org>
- Date: Fri, 08 Oct 2010 12:02:18 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=10994 Summary: accessKeyLabel can expose new information about the user and possibly also other origins Product: HTML WG Version: unspecified Platform: PC OS/Version: All Status: NEW Severity: normal Priority: P2 Component: HTML5 spec (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: simonp@opera.com QAContact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-wg-issue-tracking@w3.org, public-html@w3.org Since accesskeys are chosen depending on the user's platform and available keys and available key bindings in the browser/OS, accesskeyLabel exposes that information about the user which was not possible before, i.e. it increases the fingerprinting. Moreover, if a browser considers accesskeys from cross-origin iframes when assigning a key, accessKeyLabel exposes information about the cross-origin iframed document (if it uses accesskeys) which was not possible before, e.g. it might be possible to tell if the user is logged in on the other site. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Friday, 8 October 2010 12:02:19 UTC