- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 20 Apr 2011 22:27:14 -0400
- To: public-webapps@w3.org
On 4/20/11 6:57 PM, Tab Atkins Jr. wrote: > True, you need some side-channel to link the two iframes for a > particular client. You can use something simple like one of the > *other* within-domain communication mediums (cookies, localStorage, > etc.) Which is why there are options to restrict third-party cookies; I believe there are proposals to apply those to localStorage and the like as well. > We already know that you can fingerprint a larger > percentage of users Which is why some UA vendors are actively trying to reduce the fingerprintable bits of their UAs that they expose to page JS. In other words, these are problems we're trying to solve. Adding to the list of problems seems counterproductive here. -Boris
Received on Thursday, 21 April 2011 02:27:42 UTC