- From: Photopea <notifications@github.com>
- Date: Mon, 25 Jun 2018 16:33:19 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/permissions/issues/165/400128051@github.com>
I understand, that you can do fillText() / measureText() on Canvas, get pixel data and detect, which fonts are available in the device, and use these fonts as a fingerprint. But I don't understand, why are you talking specifically about Canvas (you even have it in the title of this issue). The "attacker" can make a <span>Hello</span> element, set various fonts with CSS, and measure the result using Element.getClientBoundingRect(), and get the list of fonts this way. I wonder, why so much effort is put into Canvas "protection", while nobody cares about getClientBoundingRect() . Using this logic, the website should ask for premissions, when a webpage wants to use the Arial font for its text. I propose the following solution: Render the text (HTML, Canvas, SVG, ...) **only** when the webpage provides the necessary fonts. I.e. don't render any text, when a webpage provides no fonts. In addition, the w3c can define a list of standard fonts, that have to be present in every web browser (to be used by websites, which don't provide their own fonts). E.g. we can use ["14 PDF fonts"](http://www.enfocus.com/manuals/ReferenceGuide/PP/10/enUS/en-us/concept/c_aa1140975.html) (fonts, that must be present in every PDF renderer). Restricting browsers in this way would guarantee the same look of a website on every device, and would remove all "fingerprint vulnerabilities". -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/165#issuecomment-400128051
Received on Monday, 25 June 2018 23:33:42 UTC