Re: [w3c/permissions] A new permission for canvas data (#165) from Isis Agora Lovecruft on 2017-12-18 (public-webapps-github@w3.org from December 2017)

From: Isis Agora Lovecruft <notifications@github.com>
Date: Mon, 18 Dec 2017 23:49:46 +0000 (UTC)
To: w3c/permissions <permissions@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/permissions/issues/165/352594652@github.com>

Hi! I [worked on](https://trac.torproject.org/projects/tor/ticket/12684) the phrasing/UI of the canvas fingerprinting prompt a tiny bit in Tor Browser. Also caveat lector: I'm not a UX person or a web person _at all_, so my apologies for jumping in, and also if I misunderstand anything.

@jyasskin System/platform independent ways would be an excellent eventual goal! It would be amazing if this were something we could all collectively aim for. However, (afaik, but I've not kept up on the last couple years of research) it's not even entirely understood if we _can_ attain system independent rendering. In any case, it would be a long way away (and not to mention continually dependent upon several vendors _continuing_ to work together to maintain mutual conformity).

Part of the problem that @tomrittervg has described, and which would be great to fix on a sooner timeline, boils down to this: when a site attempts to render a canvas, it doesn't check first (it doesn't currently have any way to!) whether it's allowed to do so. Our solution at The Tor Project was, upon detecting a render attempt, to simply return a blank, white canvas and notify the user that the attempt had occurred, along with asking their permission for the future. (@tomrittervg can probably clarify/correct, but I believe Mozilla is using the same strategy.) However, the first attempt will fail. This causes users to get confused and frustrated: for example, someone is trying to set their Twitter profile picture (they spend some time getting the framing/size just right, etc.), but they get an error message from Twitter due to Twitter receiving a blank canvas in return. (After they did all that work to get it just right too!) They then need to 1) allow the permission and then 2) try setting their picture again. If we had the "ask for permission" mechanism that @tomrittervg is describing, the flow would hopefully be something more like 1) the site wishes to render a canvas 2) it asks the user's permission 3) the user gives permission 4) the canvas is rendered and sent.

--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/permissions/issues/165#issuecomment-352594652

Received on Monday, 18 December 2017 23:50:10 UTC