W3C home > Mailing lists > Public > whatwg@whatwg.org > December 2010

[whatwg] Exposing spelling/grammar suggestions in contentEditable

From: Benjamin Hawkes-Lewis <bhawkeslewis@googlemail.com>
Date: Fri, 3 Dec 2010 08:38:00 +0000
Message-ID: <AANLkTin8LbmGFZO6S7bSQo+Rd6Z9UWmhBSUSi1DJcrg9@mail.gmail.com>
On Thu, Dec 2, 2010 at 9:53 PM, Benjamin Hawkes-Lewis
<bhawkeslewis at googlemail.com> wrote:
> Allowing UAs explicitly to provide information via dedicated optional
> fields is different to requiring UAs them to leak it in the course of
> providing another service (such as spelling).

It's worth noting that in practice UAs have identifying traits that
can leak through feature/bug detection (e.g. "typeof opera", testing
if vendor-prefixed styles are applied, conditional comments and
compilation, and so forth). In the case of UAs like Konqueror and
Internet Explorer, UA identification is a good proxy for OS detection
too. Other than helping and encouraging privacy-conscious users to
disable untrusted JS, I don't think UAs can do much about that.

To a lesser extent, such traits are also an issue at the HTTP level.

--
Benjamin Hawkes-Lewis
Received on Friday, 3 December 2010 00:38:00 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:09:02 UTC