Re: [csswg-drafts] [cssom-view] Add segments property to visual viewport (#9237) (#9285) from Aykut Bulut via GitHub on 2024-03-27 (public-css-archive@w3.org from March 2024)

From: Aykut Bulut via GitHub <sysbot+gh@w3.org>
Date: Wed, 27 Mar 2024 15:49:11 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-2023111466-1711554549-sysbot+gh@w3.org>

Privacy section in the [explainer](https://github.com/WICG/visual-viewport/blob/gh-pages/segments-explainer/SEGMENTS-EXPLAINER.md) indicates that segments will return null when called from within an iframe and explains how this prevents using the API as a fingerprinting vector from cross origin iframes.

A concern I have is accessing the segments through [CSS media queries](https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_media_queries/Using_media_queries#targeting_media_features). Having CSS API in iframes might enable this type of fingerprinting. Is disabling CSS media queries for the segments feasible?



-- 
GitHub Notification of comment by aykutbulut
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/pull/9285#issuecomment-2023111466 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Wednesday, 27 March 2024 15:49:12 UTC