Skip to content

Address privacy review feedback #266

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Oct 21, 2025
Merged

Address privacy review feedback #266

merged 14 commits into from
Oct 21, 2025

Conversation

@marcoscaceres
Copy link
Member

@marcoscaceres marcoscaceres commented Oct 16, 2025
edited by pr-preview bot
Loading

Closes #262
Closes #261
Closes #260
Closes #259
Closes #252

This pull request updates the screen orientation specification to strengthen privacy protections and clarify requirements for event delivery and locking behavior. The changes focus on restricting orientation events and locking to documents that are both visible and have user attention, and introduce new anti-fingerprinting mitigations.

Privacy and Fingerprinting Mitigations

  • Added explicit warnings that differences in user preferences or platform capabilities affecting orientation lock failures may be used for fingerprinting. (index.html, index.htmlL727-R730)
  • Revised fingerprinting mitigation language to clarify that both orientation type and angle are potential vectors, and introduced a new section detailing event delivery restrictions and anti-fingerprinting strategies. (index.html, index.htmlL914-R956)

Event Delivery and Locking Behavior

  • Updated multiple algorithms and developer notes to require that orientation events and locking only occur for documents that are "fully active descendants of a top-level traversable with user attention," replacing previous checks based solely on visibility state. (index.html, [1] [2] [3]
  • Changed the requirement for using ScreenOrientation.lock() in fullscreen contexts from "SHOULD" to "MUST", emphasizing that this restriction helps prevent fingerprinting via user agent behavior. (index.html, index.htmlL868-R876)

Preview | Diff

@marcoscaceres marcoscaceres mentioned this pull request Oct 16, 2025
Closed
@marcoscaceres
Copy link
Member Author

@bvandersloot-mozilla, would you mind having a look and let me know if you are satisfied?

@marcoscaceres
Address additional fingerprinting concerns
e315467 
- Add fingerprinting warning to note about lock failures due to user preferences/platform limitations
- Upgrade fullscreen requirement from SHOULD to MUST to prevent fingerprinting through differences in user agent behavior

Addresses follow-up Privacy WG feedback.
@marcoscaceres marcoscaceres mentioned this pull request Oct 16, 2025
Closed
@marcoscaceres
Strengthen anti-fingerprinting protections
88c1106 
Change from MAY to SHOULD for natural orientation obscuring protections, particularly in privacy-conscious contexts like private browsing modes. This addresses Privacy WG feedback about making natural orientation fingerprinting protection closer to standard behavior.

Addresses: Privacy WG review feedback on natural orientation obscuring
@marcoscaceres marcoscaceres mentioned this pull request Oct 16, 2025
Closed
@marcoscaceres marcoscaceres requested a review from Copilot October 16, 2025 16:57
Copilot
Copilot AI reviewed Oct 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Strengthens privacy protections and clarifies event delivery/locking by requiring orientation behavior only for documents that are fully active descendants of a top-level traversable with user attention, and by adding explicit anti-fingerprinting guidance.

  • Replace visibility-only checks with a stronger “fully active descendant of a top-level traversable with user attention” gate for events and locking
  • Elevate fullscreen pre-lock requirement from SHOULD to MUST to mitigate fingerprinting
  • Add new privacy sections detailing event delivery restrictions and anti-fingerprinting mitigations

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

marcoscaceres
marcoscaceres commented Oct 17, 2025
View reviewed changes
marcoscaceres
marcoscaceres commented Oct 17, 2025
View reviewed changes
marcoscaceres
marcoscaceres commented Oct 17, 2025
View reviewed changes
marcoscaceres
marcoscaceres commented Oct 17, 2025
View reviewed changes
@marcoscaceres marcoscaceres changed the title Switch to using fully active descendant of a top-level traversable with user attention Address privacy review feedback Oct 17, 2025
@marcoscaceres marcoscaceres requested a review from Copilot October 17, 2025 03:59
Copilot
Copilot AI reviewed Oct 17, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 6 comments.

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@marcoscaceres marcoscaceres mentioned this pull request Oct 17, 2025
Open
bvandersloot-mozilla
bvandersloot-mozilla approved these changes Oct 17, 2025
View reviewed changes
Copy link

@bvandersloot-mozilla bvandersloot-mozilla left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes address the issues I filed! Thank you!

@marcoscaceres marcoscaceres requested a review from Copilot October 21, 2025 02:50
Copilot
Copilot AI reviewed Oct 21, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@marcoscaceres @Copilot
Update index.html
b6b3eb3 
Co-authored-by: Copilot <[email protected]>
This was referenced Oct 21, 2025
Closed
Open
@marcoscaceres marcoscaceres merged commit 3e5af26 into gh-pages Oct 21, 2025
2 checks passed
@marcoscaceres marcoscaceres deleted the privacy branch October 21, 2025 04:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@bvandersloot-mozilla bvandersloot-mozilla bvandersloot-mozilla approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

2 participants

@marcoscaceres @bvandersloot-mozilla