Project

General

Profile

Actions

Feature #270

open

Fine graned JavaScript controls

Added by Soren Stoutner over 4 years ago. Updated 6 days ago.

Status:
New
Priority:
4.x
Start date:
04/12/2018
Due date:
% Done:

0%

Estimated time:

Description

This will allow enabling and disabling individual JavaScript commands, allowing simple layout commands to function while disabling more dangerous ones.

Actions #1

Updated by Prince Cooper 6 days ago

But we donno which one's dangerous & which aren't. Instead it's better to focus on content blocker support such as uBlock Origin integration, which does a great job at that.

Actions #2

Updated by Soren Stoutner 6 days ago

Implementing this feature will require a lot of work. Each JavaScript function will have to be classifies as to the worst possible damage it can do to the security and privacy of the user.

One of the interesting aspects of this is that, once you start thinking about it deeply, JavaScript functions that originally appear to be benign can be abused in unexpected ways to compromise the privacy of users. As an example, consider all of the ways apparently innocuous JavaScript commands have been used to fingerprint users.

My guess is that the final list of safe JavaScript commands will end up being fairly small.

Actions

Also available in: Atom PDF