- From: Marcos Cáceres <notifications@github.com>
- Date: Mon, 08 Jun 2020 17:36:32 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 9 June 2020 00:36:44 UTC
@marcoscaceres commented on this pull request.
> @@ -2686,6 +2686,27 @@ <h3>
<a>Navigate</a> <var>browsing context</var> to <var>url</var>.
</li>
</ol>
+ </section>
+ <section>
+ <h3>
+ Privacy consideration: <a>ShortcutItem.url</a> tracking
+ </h3>
+ <p>
+ It's conceivable that any <a>ShortcutItem.url</a> could be crafted to
+ indicate that the application was launched from outside the browser
+ (e.g., <code>"url": "/task/?from=homescreen"</code>).
+ This can be useful for analytics and possibly other customizations.
+ However, it is also conceivable that developers could encode
Maybe we should drop everything before this sentence and just focus on the privacy attack.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/pull/896#pullrequestreview-426712116
Received on Tuesday, 9 June 2020 00:36:44 UTC