I'm excited about this. The UA string is a mess, somewhat fingerprintable, and legitimate use cases can be better and more clearly served by moving the information to an HTTPS-only client hint (a la https://wicg.github.io/ua-client-hints/ …).https://twitter.com/intenttoship/status/1217052813081161728 …
A partial freeze wouldn't flip UA information from on-by-default to opt-in. I think the client hint infrastructure is the right way to make this data available to servers. Likewise, the first visit problem is one that CH needs to address generally. @yoavweiss has ideas.
-
-
Can you explain the threat model for fingerprinting a partially frozen UA?
-
I don’t understand the question, but I’m also traveling with pretty spotty internet; drop an issue on the GitHub repo and we can discuss there when I’m back on a keyboard?
- Još 8 drugih odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.