Package: iceweasel
Version: 2.0+dfsg-1
Hi,
please set dom.storage.enabled to false.
On 14 Dec the Web Hypertext Application Technology Working Group[1]
submitted the Web Applications 1.0 Standard Working Draft[2]. This
standard enables a cookie-like system for storing and retrieving
private data through JavaScript ("client-side session and persistent
storage"). Since firefox2 this function is implemented and enabled at
default[4].
Since
- this is providing a huge (!) privacy hole[3]
- this is just an inofficial working draft
- there is no way to change this behaviour in the iceweasel GUI
- There is no way to en- or disable this setting for particular
websites
please set the default in iceweasel to false or remove this function
from iceweasel.
Cheers,
Alexander
[1] http://www.whatwg.org
[2] http://www.whatwg.org/specs/web-apps/current-work/
[3] http://www.whatwg.org/specs/web-apps/current-work/#security0
[4] http://kb.mozillazine.org/Dom.storage.enabled
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
