Feature request: make WebGL a user granted permission
Categories
(Core :: Graphics: CanvasWebGL, enhancement)
Tracking
()
People
(Reporter: tom, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0
Steps to reproduce:
Firefox contains a lot of privacy features but Fingerprinting is still an issue.
Actual results:
If I visit https://coveryourtracks.eff.org/ it can fingerprint me. It also knows the make and model of my graphics card without any input from me by using the WebGL API.
Expected results:
Not many sites make use of WebGL. I would like it if the browser blocked the API by default and gave a permission popup like it does for access to the camera/microphone/location.
This could be an option, but it would offer more protection to users if trackers saw that the majority of firefox users had no WebGL fingerprint. If it was an option and disabled by default, they would be able to fingerprint the small minority who turn it off.
For those sites that genuinely use WebGL users would just be able to click "Allow" like they do with microphone access.
At minimum I would like an about:config option that blocks sites form seeing the vendor and renderer. Mine is:
AMD~AMD Radeon VII (VEGA20, DRM 3.40.0, 5.10.16-arch1-1, LLVM 11.1.0)
Which is going to be fairly rare.
|
||
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::Canvas: WebGL' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.
Description
•