- From: David Woolley <forums@david-woolley.me.uk>
- Date: Wed, 1 Mar 2023 13:57:25 +0000
- To: w3c-wai-ig@w3.org
On 01/03/2023 13:38, Kelly Childs wrote: > This is how I understand it. However, I am still getting push-back about > the security of it so I wanted to be sure that I was not missing anything > here. This seems to me to be browser dependent. I suspect the only way to be completely safe is to reset the browser's persistent data files between users and restart the browser. For Firefox, these will include the user's profile directory tree and the cache, if held elsewhere. (I'm not sure whether browsers typically degrade gracefully if you make the relevant resources read only.) Browsers may have some options to help, but looking at Firefox, kiosk mode means forced full screen, not an isolation level, and, although you can force it into private mode, which should stop field values being captured, I don't think it will prevent a user storing a bookmark, which may reveal information. I'm also not sure whether privacy mode prevents caching, as the existence of cached pages may give an indication as to whether particular parameters were used in the past.
Received on Wednesday, 1 March 2023 13:58:27 UTC