- From: Mounir Lamouri <notifications@github.com>
- Date: Tue, 25 Aug 2015 02:17:04 -0700
- To: w3c/manifest <manifest@noreply.github.com>
Received on Tuesday, 25 August 2015 09:17:31 UTC
To summarize @npdoty comments in https://lists.w3.org/Archives/Public/public-privacy/2015JanMar/0117.html there are concerns about ```start_url``` containing special ids or simply something that hints that the user is coming from a homescreen application. This is fingerprinting/privacy sensitive information that the user might not be aware of. I think the issue of people doing ```start_url: 'index.html?from_homescreen'``` is something we might want to mention in the spec but I don't think we should encourage browsers to prevent this because it is clearly something websites want for various reasons (mostly statistics). However, I am concerned about having ```start_url: 'index.html?$GUUID'``` because it is a way to track the user without them being aware of it. I'm not sure what the spec should say or the browsers could do. Maybe we could recommend showing the ```start_url``` to the user and allow them to edit it? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/399
Received on Tuesday, 25 August 2015 09:17:31 UTC