-
Notifications
You must be signed in to change notification settings - Fork 790
[css-color-4][css-color-adjust-1] Shielding system colors to avoid fingerprinting? #5710
Copy link
Copy link
Closed
Labels
Closed as RetractedWhen the person who raised the issue thinks that there's no issue after all.When the person who raised the issue thinks that there's no issue after all.Commenter SatisfiedCommenter has indicated satisfaction with the resolution / edits.Commenter has indicated satisfaction with the resolution / edits.a11y-trackerGroup bringing to attention of a11y, or tracked by the a11y Group but not needing response.Group bringing to attention of a11y, or tracked by the a11y Group but not needing response.css-color-4Current WorkCurrent Workcss-color-adjust-1Current WorkCurrent Workprivacy-needs-resolutionIssue the Privacy Group has raised and looks for a response on.Issue the Privacy Group has raised and looks for a response on.
Description
Metadata
Metadata
Assignees
Labels
Closed as RetractedWhen the person who raised the issue thinks that there's no issue after all.When the person who raised the issue thinks that there's no issue after all.Commenter SatisfiedCommenter has indicated satisfaction with the resolution / edits.Commenter has indicated satisfaction with the resolution / edits.a11y-trackerGroup bringing to attention of a11y, or tracked by the a11y Group but not needing response.Group bringing to attention of a11y, or tracked by the a11y Group but not needing response.css-color-4Current WorkCurrent Workcss-color-adjust-1Current WorkCurrent Workprivacy-needs-resolutionIssue the Privacy Group has raised and looks for a response on.Issue the Privacy Group has raised and looks for a response on.
The main privacy-related leak from css-color-4/css-color-adjust-1 is the way that the used value of the system colors are exposed. One way to mitigate this would be to define that the system colors always return a fixed set of values via CSSOM APIs, and that forcing colors does not affect getComptuedStyle(). That way the real used color is not Web-exposed. Do we want to do that?
The upside is that we shield the system colors from the Web: all browsers return the same values via getComputedStyle() all the time. The downside is that if the author was trying to do any interesting calculations to choose additional colors based on the user's preferred color palette, we're giving them bogus answers. (Also it's probably a bit more complicated to implement.)