[tbb-dev] Canvas Breakage Ideas
Tom Ritter
tom at ritter.vg
Sat May 2 04:03:25 UTC 2020
> --[ Response to comments on (2)
>
> I really like the "fingerprinting-tainting" idea. Perhaps it would be worthwhile
> to implement this behind a default-off pref and conduct a study (and, of course,
> try to attack it.)
>
> Tom: What do you think?
I think the idea that the sites might be doing drawImage -> toDataURL
is worth investigating.
I think we should try to implement the most conservative choice that
fixes these instances we know of; so I think the next step is to dig
into what's happening on these sites: what's written to the canvas,
and why/how they're extracting it.
-tom
More information about the tbb-dev
mailing list