[wp-trac] [WordPress Trac] #44247: The ability to extract HTML5 canvas image data should be disabled by default in WordPress-based websites
WordPress Trac
noreply at wordpress.org
Mon May 28 01:06:34 UTC 2018
#44247: The ability to extract HTML5 canvas image data should be disabled by
default in WordPress-based websites
--------------------------+------------------------
Reporter: nzflagmaven | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Privacy | Version:
Severity: trivial | Resolution: duplicate
Keywords: | Focuses:
--------------------------+------------------------
Changes (by pento):
* status: new => closed
* severity: major => trivial
* version: 4.9.6 =>
* milestone: Awaiting Review =>
* keywords: needs-patch =>
* resolution: => duplicate
Comment:
Per the discussion on #42428, WordPress is not using the canvas image data
for fingerprinting, it's simply used to detect whether the browser is able
to render emoji correctly. Unfortunately, there don't appear to be any
APIs available that can give us similarly useful information.
Should browsers implement an alternative API we can use for this purpose,
I'd be more than happy to switch to it. Until then, you should know that
conflating legitimate use of the canvas image data API with
fingerprinting, using overly hyperbolic language to describe the
behaviour, as well as fear-mongering over imaginary GDPR violations, don't
really make a convincing argument.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44247#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list