Re: Re: Keyboard events for accessible RIAs and Games

On Thu, Jan 31, 2013 at 12:54 PM, Hallvord Reiar Michaelsen Steen <> wrote:

> Well yes, implicitly you did. If a random website can figure out where
> keys are on your keyboard (i.e. what layout you are using) it is an extra
> data point for fingerprinting / tracking users. So Björn has a good point:
> for privacy reasons, access to this API should probably be limited to
> sites/apps that are trusted or privileged in some way.
I strongly disagree with that we should sacrifice accessability and i18n on
the altar of fingerprinting concerns. There are situations when that may
be necessary, I don't think this is one of them.

The HTTP header "accept-language" defined by HTTP 1.1 section 1.4.4 already provides the
users locale. A users locale has a strong correlation to a users keyboard
layout. If the intent is to avoid adding identifyable bits by preventing
locale sniffing that train is gone with accept-language. The additional
keyboard layout information is mostly superfluous for fingerprinting.
However without some way to query the layout for a users key symbol,
usability of shortcut mapping dialogs is extremely crippled.

Received on Thursday, 31 January 2013 12:01:16 UTC