Persistent storage gets the global quota. We also expose the local quota (that of the origin). That means that by filling up space you can determine how much space all other origins take up together.
Persistent storage for an origin is user opt-in through a dialog (and maybe "add to homescreen/new tab" at some point in the future). Presumably we already have this leak with a proprietary extension to IndexedDB that enables persistent storage (though slightly different in nature; it's not bound by the global quota but by disk space). This data could be used for fingerprinting. Is this acceptable or should we seek to actively avoid it somehow? E.g., by limiting persistent storage to an amount less than the global quota. -- https://annevankesteren.nl/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
