[html5] r8738 - [e] (0) Be more explicit about the fingerprinting risk for <input type=submit> F [...]

whatwg at whatwg.org whatwg at whatwg.org
Tue Sep 2 15:35:03 PDT 2014 

Author: ianh
Date: 2014-09-02 15:34:58 -0700 (Tue, 02 Sep 2014)
New Revision: 8738

Modified:
   complete.html
   index
   source
Log:
[e] (0) Be more explicit about the fingerprinting risk for <input type=submit>
Fixing https://www.w3.org/Bugs/Public/show_bug.cgi?id=26209
Affected topics: HTML

Modified: complete.html
===================================================================
--- complete.html	2014-09-02 22:30:40 UTC (rev 8737)
+++ complete.html	2014-09-02 22:34:58 UTC (rev 8738)
@@ -35613,6 +35613,11 @@
   <a href=#fingerprinting-vector id="submit-button-state-(type=submit):fingerprinting-vector" class=fingerprint title="There is a potential fingerprinting vector here."><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png width=46 height=64></a>
   </p>
 
+  <p class=note>Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   
 
   <p>If the element is <i id="submit-button-state-(type=submit):concept-fe-mutable"><a href=#concept-fe-mutable>mutable</a></i>, then the element's
@@ -35930,6 +35935,11 @@
   <a href=#fingerprinting-vector id="reset-button-state-(type=reset):fingerprinting-vector" class=fingerprint title="There is a potential fingerprinting vector here."><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png width=46 height=64></a>
   </p>
 
+  <p class=note>Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   
 
   <p>If the element is <i id="reset-button-state-(type=reset):concept-fe-mutable"><a href=#concept-fe-mutable>mutable</a></i>, then the element's

Modified: index
===================================================================
--- index	2014-09-02 22:30:40 UTC (rev 8737)
+++ index	2014-09-02 22:34:58 UTC (rev 8738)
@@ -35613,6 +35613,11 @@
   <a href=#fingerprinting-vector id="submit-button-state-(type=submit):fingerprinting-vector" class=fingerprint title="There is a potential fingerprinting vector here."><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png width=46 height=64></a>
   </p>
 
+  <p class=note>Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   
 
   <p>If the element is <i id="submit-button-state-(type=submit):concept-fe-mutable"><a href=#concept-fe-mutable>mutable</a></i>, then the element's
@@ -35930,6 +35935,11 @@
   <a href=#fingerprinting-vector id="reset-button-state-(type=reset):fingerprinting-vector" class=fingerprint title="There is a potential fingerprinting vector here."><img alt="(This is a fingerprinting vector.)" src=http://images.whatwg.org/fingerprint.png width=46 height=64></a>
   </p>
 
+  <p class=note>Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   
 
   <p>If the element is <i id="reset-button-state-(type=reset):concept-fe-mutable"><a href=#concept-fe-mutable>mutable</a></i>, then the element's

Modified: source
===================================================================
--- source	2014-09-02 22:30:40 UTC (rev 8737)
+++ source	2014-09-02 22:34:58 UTC (rev 8738)
@@ -45770,6 +45770,11 @@
   <!--INSERT FINGERPRINT-->
   </p>
 
+  <p class="note">Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   <div w-nodev>
 
   <p>If the element is <i data-x="concept-fe-mutable">mutable</i>, then the element's
@@ -46138,6 +46143,11 @@
   <!--INSERT FINGERPRINT-->
   </p>
 
+  <p class="note">Since the default label is implementation-defined, and the width of the button
+  typically depends on the button's label, the button's width can leak a few bits of fingerprintable
+  information. These bits are likely to be strongly correlated to the identity of the user agent and
+  the user's locale.</p>
+
   <div w-nodev>
 
   <p>If the element is <i data-x="concept-fe-mutable">mutable</i>, then the element's

More information about the Commit-Watchers mailing list