Re: [mediacapture-main] deviceId and Clear-Site-Data (#836) from Harald Alvestrand via GitHub on 2022-02-24 (public-webrtc-logs@w3.org from February 2022)

From: Harald Alvestrand via GitHub <sysbot+gh@w3.org>
Date: Thu, 24 Feb 2022 15:42:06 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-1049988688-1645717325-sysbot+gh@w3.org>

We already have language on deviceId:

Since [deviceId](https://w3c.github.io/mediacapture-main/getusermedia.html#dom-mediadeviceinfo-deviceid) may persist across browsing sessions and to reduce its potential as a fingerprinting mechanism, [deviceId](https://w3c.github.io/mediacapture-main/getusermedia.html#dom-mediadeviceinfo-deviceid) is to be treated as other persistent storage mechanisms such as cookies [[COOKIES](https://w3c.github.io/mediacapture-main/getusermedia.html#bib-cookies)], in that User Agents MUST NOT persist device identifiers for sites that are blocked from using cookies, and User Agents MUST rotate per-origin device identifiers when other persistent storage are cleared.

So the question is if "other persistent storage are cleared" covers the Clear-Site-Data header.  If it does, it's an implementation bug.


-- 
GitHub Notification of comment by alvestrand
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/836#issuecomment-1049988688 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 24 February 2022 15:42:08 UTC