Thread: [Vimprobable-users] Web Storage Patch
Vimprobable is a lean web browser optimised for full keyboard control
Brought to you by:
hanness
Menu
▾
▴
vimprobable-users
|
From: Jan N. <ma...@ja...> - 2014-08-20 15:26:28
Attachments:
Localstorage.diff
|
Hi, I recently became interested in DOM or Web Storage and how vimprobable and webkitgtk handles it. It turned out to be on by default. Looking into ~/.local/share/webkit/databases I found it to be full of supercookies. Being a privacy-aware user, I tried to find a workaround for this. Attached is a small patch that switches Web Storage off by default. However, it can be turned on with ":set localstorage true" per session or permanently in config.h. I can't tell if that's a sensible or even working solution, as I've only got a basic understanding on these issues. So I'd like to hear your comments. Jan |
|
From: Hannes S. <ha...@yl...> - 2014-08-20 16:28:13
|
Hi Jan, (putting you in copy since you don't seem to be subscribed) Jan Niemeyer <ma...@ja...> wrote: > I recently became interested in DOM or Web Storage and how > vimprobable and webkitgtk handles it. It turned out to be on by > default. Looking into ~/.local/share/webkit/databases I found it to > be full of supercookies. Being a privacy-aware user, I tried to find > a workaround for this. > > Attached is a small patch that switches Web Storage off by default. > However, it can be turned on with ":set localstorage true" per > session or permanently in config.h. Providing a switch for this is definitely a great idea! However, I'm also not really proficient as to what this is actually used for. Can we be confident that it's all spyware and tracking so that we should have it off by default? Or are there actually non-evil uses of the function out there in the wild? Hannes |
|
From: Matt C. <je...@gm...> - 2014-08-20 16:49:28
|
A lot of html5 games use it I believe. On Aug 20, 2014 12:28 PM, "Hannes Schüller" <ha...@yl...> wrote: > > Hi Jan, > > (putting you in copy since you don't seem to be subscribed) > > Jan Niemeyer <ma...@ja...> wrote: > > I recently became interested in DOM or Web Storage and how > > vimprobable and webkitgtk handles it. It turned out to be on by > > default. Looking into ~/.local/share/webkit/databases I found it to > > be full of supercookies. Being a privacy-aware user, I tried to find > > a workaround for this. > > > > Attached is a small patch that switches Web Storage off by default. > > However, it can be turned on with ":set localstorage true" per > > session or permanently in config.h. > > Providing a switch for this is definitely a great idea! However, I'm > also not really proficient as to what this is actually used for. Can we > be confident that it's all spyware and tracking so that we should have > it off by default? Or are there actually non-evil uses of the function > out there in the wild? > > Hannes > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Vimprobable-users mailing list > Vim...@li... > https://lists.sourceforge.net/lists/listinfo/vimprobable-users |
|
From: Hannes S. <ha...@yl...> - 2014-08-20 20:25:33
|
Hi! Jan Niemeyer <ma...@ja...> wrote: > > Providing a switch for this is definitely a great idea! However, I'm > > also not really proficient as to what this is actually used for. > > Can we be confident that it's all spyware and tracking so that we > > should have it off by default? Or are there actually non-evil uses > > of the function out there in the wild? > > I guess there are non-evil uses for Web Storage. Matt named a good > example. And I like the idea. But can you name a website you > regularly visit, that relies on it? I can't. That's my point - I can't, either. But then, I don't play online games, I don't visit any "social networks" or virtually any website considered "modern". Hence my question to the list :) > As these are stored without time limits and Webkit doesn't provide > any means to control their storage, I went for turning off Web > Storage per default. But I only tried it for some days, so I wouldn't > recommend it for now. Then we should just see how it develops. I will also switch it off by default and we'll see if we run into any problems. > Besides, I doubt it makes it much harder to track you, when you use a > useragent that's, let's say, not very common ;) Well, yes, but that's only a valid concern if you're worried about somebody targetting you specifically. I wouldn't expect this to be a huge issue for most users as opposed to the regular, untargeted mass tracking. Hannes |
|
From: Marcos C. <vim...@pr...> - 2014-08-24 11:32:23
|
En/Je/On 2014-08-20 22:28, Hannes Schüller escribió / skribis / wrote : >I don't play online games, I don't visit any "social networks" or >virtually any website considered "modern". I belong to that rare species too :) -- Marcos Cruz http://programandala.net |
|
From: Jan N. <ma...@ja...> - 2014-08-20 20:13:04
|
Hi, > (putting you in copy since you don't seem to be subscribed) I am. Picked the wrong address. Sorry. > Providing a switch for this is definitely a great idea! However, I'm > also not really proficient as to what this is actually used for. Can we > be confident that it's all spyware and tracking so that we should have > it off by default? Or are there actually non-evil uses of the function > out there in the wild? I guess there are non-evil uses for Web Storage. Matt named a good example. And I like the idea. But can you name a website you regularly visit, that relies on it? I can't. My local WebStorage-directory was about 30M large when I looked into it. Most of the files only contained a single string, often named UniqueID or something. Youtube, faz.net or the usual trackers like Doubleclick just stored cookies. So far I didn't find a website that stored more than that. As these are stored without time limits and Webkit doesn't provide any means to control their storage, I went for turning off Web Storage per default. But I only tried it for some days, so I wouldn't recommend it for now. Besides, I doubt it makes it much harder to track you, when you use a useragent that's, let's say, not very common ;) Jan |
|
From: Daniel C. <dan...@gm...> - 2014-08-24 16:38:22
|
Jan Niemeyer <ma...@ja...> wrote: > I guess there are non-evil uses for Web Storage. Matt named a good example. > And I like the idea. But can you name a website you regularly visit, that > relies on it? I can't. I don't use any website that would not work if the local storage and html5 database are disabled. And I assume that every serious website or online shop will pay attention to allow also useragent that don't support all htm5 features, accept of google. > As these are stored without time limits and Webkit doesn't provide any means > to control their storage, I went for turning off Web Storage per default. > But I only tried it for some days, so I wouldn't recommend it for now. Personally I'd prefer to keep the default that also webkit uses and let the user decide if these storages are useful or not. > Besides, I doubt it makes it much harder to track you, when you use a > useragent that's, let's say, not very common ;) I think if you use a useragen that's no very common or that only you use, makes it easier to track you, event if cookies, JavaScript, and the html5 storages are disabled, only by your useragent. It's a hard way to keep anonymous in the web, even if html5 storages are disabled. If you are interested in this you can test what's trackable of you on http://samy.pl/evercookie/. Daniel |
|
From: Hannes S. <ha...@yl...> - 2014-09-15 15:18:05
|
Hannes Schüller <ha...@yl...> wrote: > > As these are stored without time limits and Webkit doesn't provide > > any means to control their storage, I went for turning off Web > > Storage per default. But I only tried it for some days, so I > > wouldn't recommend it for now. > > Then we should just see how it develops. I will also switch it off by > default and we'll see if we run into any problems. So, my experience is that switching this off had absolutely *no* negative repercussions for me. There were no functional limitations on any websites I've visited. What happened to everybody else? Please post your experiences! For me, the question now is what to make the default setting. On or off? Hannes |
|
From: Jason R. <jas...@gm...> - 2014-09-15 18:06:33
|
On 15/09/14 at 05:21pm, Hannes Schüller wrote: >Hannes Schüller <ha...@yl...> wrote: >> > As these are stored without time limits and Webkit doesn't provide >> > any means to control their storage, I went for turning off Web >> > Storage per default. But I only tried it for some days, so I >> > wouldn't recommend it for now. >> >> Then we should just see how it develops. I will also switch it off by >> default and we'll see if we run into any problems. > >So, my experience is that switching this off had absolutely *no* >negative repercussions for me. There were no functional limitations on >any websites I've visited. What happened to everybody else? Please post >your experiences! > >For me, the question now is what to make the default setting. On or off? > Given the philosophy of the project: off. Cheers, /J -- http://jasonwryan.com/ [GnuPG Key: B1BD4E40] |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X