Counter-argument: When you buy a sandwich at the local deli, is it useful and actionable to know that 13 parties will have access to your sandwich purchase details (credit card, payment vendor, outsourced accountant, etc)
-
-
I’m assuming a script dynamically creating these image resource loads. I’m just going after a simple, technical restriction for particularly sensitive pages. Nothing more.
-
If the site owner wrote the script why wouldn't they share the same data via a server-side request? It will be stealthier, and it's the same amount of code for them (one line). If someone else wrote the script and the site owner doesn't want to run it, why is it on their page?
-
I totally think your goal is laudable, but it's very difficult to see how this would work without the developer opting their sensitive site into this mode. And such a developer already has enough control over their site to make it not do what you're worried about.
-
Conversely, a developer who wants to share your data with a third party can do so with a backend request and there is no way for your browser to know about this. Your U-A might tell you a nice story it cannot in any way verify.
-
This all comes down to liability, which is what it’s all about. I go to A’s website. A) They proxy stuff and leak my data. I go after A. B) They embed XYZ like everyone else and XYZ leak my data. I go after A. A says “We had no idea!” I have no play.
-
Two questions: 1) Would a site "have any idea" about sharing data if the same happened in a server-side module they installed? 2) How would you learn about this if it happens purely offline? Sadly, it seems difficult to have a constructive technical discussion about either one.
-
One other thing to note is that if offline sharing becomes more popular, users lose more control. Backend request may be over HTTP, data may be tied to your profile on the site, you can't reset your identifier, etc. I'd be wary of pushing developers in that direction.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.