- From: Marcos Cáceres <notifications@github.com>
- Date: Fri, 14 Oct 2022 01:05:38 -0700
- To: w3c/screen-orientation <screen-orientation@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 14 October 2022 08:05:50 UTC
@marcoscaceres commented on this pull request.
> - </p>
- </section>
+ <p>
+ A screen's [=current orientation type|type=] and [=current orientation
+ angle|angle=] are a potential fingerprinting vector. To resist
+ fingerprinting (e.g., in private browsing), user agents MAY:
+ </p>
+ <ol>
+ <li>Restrict the value return by the {{ScreenOrientation/type}}
+ attribute to {{OrientationType/"portrait-primary"}} or
+ {{OrientationType/"landscape-secondary"}} to match the screen's aspect
+ ratio.
+ </li>
+ <li>Always return `0` for the value of the {{ScreenOrientation/angle}}
+ attribute.
+ </li>
Yeah, I was chewing on this also... I like the idea of returning `90` for landscape-primary if it's obvious (potentially derived by UA string) that the device has a natural orientation of portrait. Otherwise, it could be used to detect if the user is in private browsing mode.
--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/screen-orientation/pull/215#discussion_r995471093
You are receiving this because you are subscribed to this thread.
Message ID: <w3c/screen-orientation/pull/215/review/1142000375@github.com>
Received on Friday, 14 October 2022 08:05:50 UTC