[tbb-bugs] #21785 [Applications/Tor Browser]: Keep an eye on the Storage API

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 26 10:55:43 UTC 2017 

#21785: Keep an eye on the Storage API
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-fingerprinting,        |  Actual Points:
  tbb-7.0-must-alpha                             |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Description changed by gk:

Old description:

> The Storage API (https://developer.mozilla.org/en-
> US/docs/Web/API/Storage_API) is the API that
> {{{
> defines a common, shared storage system to be used by all APIs and
> technologies that store content-accessible data for individual Web sites.
> The Storage API gives sites' code the ability to find out how much space
> they can use, how much they are already using, and even control whether
> or not they need to be alerted before the user agent disposes of site
> data in order to make room for other things.
> }}}
> We should think about neutering its fingerprinting/linkability potential.
> For now it seems it is disabled by `dom.storageManager.enabled` set to
> `true`. We should verify that for ESR52, though.

New description:

 The Storage API (https://developer.mozilla.org/en-
 US/docs/Web/API/Storage_API) is the API that
 {{{
 defines a common, shared storage system to be used by all APIs and
 technologies that store content-accessible data for individual Web sites.
 The Storage API gives sites' code the ability to find out how much space
 they can use, how much they are already using, and even control whether or
 not they need to be alerted before the user agent disposes of site data in
 order to make room for other things.
 }}}
 We should think about neutering its fingerprinting/linkability potential.
 For now it seems it is disabled by `dom.storageManager.enabled` set to
 `false`. We should verify that for ESR52, though.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21785#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list