I'm excited about this. The UA string is a mess, somewhat fingerprintable, and legitimate use cases can be better and more clearly served by moving the information to an HTTPS-only client hint (a la https://wicg.github.io/ua-client-hints/ …).https://twitter.com/intenttoship/status/1217052813081161728 …
Would a partial UA freeze accomplish the same thing without the ecosystem churn? And what are plans to address the "first visit" problem? "Client Hints Preload List"?
-
-
A partial freeze wouldn't flip UA information from on-by-default to opt-in. I think the client hint infrastructure is the right way to make this data available to servers. Likewise, the first visit problem is one that CH needs to address generally.
@yoavweiss has ideas. -
Can you explain the threat model for fingerprinting a partially frozen UA?
- Još 9 drugih odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.