Re: [w3ctag/design-reviews] Call stacks in crash reports from unresponsive web pages (Issue #981) from Jeffrey Yasskin on 2024-09-18 (public-webapps-github@w3.org from September 2024)

From: Jeffrey Yasskin <notifications@github.com>
Date: Wed, 18 Sep 2024 14:35:51 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/981/2359447073@github.com>

This looks like a worthwhile piece of information to show to developers. We agree with the privacy worries that these uploads might expose what extensions a user is running. We suspect this privacy risk is avoidable in two ways: First, you could automatically omit stacks if any extensions have injected content scripts. Second, you could prompt the user about whether they want to send the report, with a user-comprehensible explanation of what sensitive information's likely to be sent: for example the list of extensions that injected script.
  
Please continue discussing this in the WebPerf working group and the PING.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/981#issuecomment-2359447073
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/981/2359447073@github.com>

Received on Wednesday, 18 September 2024 21:35:55 UTC