Does HTML5 track/report user web surfing ? If so, how do I block tracking/reporting in HTML5 ?
I use Privacy Choice Tracker Block 2.2
Okulungisiwe
Isisombululo esikhethiwe
Is this local storage the same as DOM storage? If so, you can control that in about:config.
- dom.storage.default_quota = 0
- dom.storage.enabled = false
All Replies (16)
Sorry, but what is "Hotmail 5"? Is that related to Windows Live Hotmail?
Aha, not sure how HTML got expanded to "Hotmail" in your original post. Can you edit it to clarify what you meant for other readers?
Sites can use HTML5 storage for tracking the same way they use cookies and Flash local storage for tracking. In other words, it's site specific. Because some sites know information about context -- e.g., an ad network knows what page called the ad -- all of these storage methods can be used to compile tracking information. Nevertheless, only the site that stored the information is allowed to access it.
In Firefox, at least as of last year, a site's permission to use local storage is linked to its permission to set cookies. If you Block a site from setting cookies, then it also is blocked from using local storage. I'm not aware of a convenient way to allow cookies but block local storage on a site-by-site basis. Maybe there's an add-on for that? Or maybe you don't need it because any site you don't want to use local storage is also one you don't want to set cookies.
Okulungisiwe
Interesting. Direct access authority is one thing. Sharing that information is an other.
I refused cookies for cbs.com . Nevertheless, HTML5 storage related to CBS was permitted. This is happening for other 'sites I've denied cookies for as well.
What do you mean by "sharing"?
What did you find in your local storage for cbs.com?
To verify you have Block set for cbs.com and related domain cookies, you can use the following page: type or paste about:permissions in the URL bar and press Enter, then type cbs in the search/filter box on the left side.
Re: Sharing
You said " all of these storage methods can be used to compile tracking information. Nevertheless, only the site that stored the information is allowed to access it ".
What's to stop advertisers from sharing info. amongst themselves ?
Re:CBS permissions
Passwords: Block / Share Location: Always ask / Set Cookies: Block / Open Pop-up Windows: Block / Maintain offline storage: Always ask / Fullscreen: Always ask
Okulungisiwe
What's to stop advertisers from sharing info. amongst themselves ?
The ad network stores the data and it is accessible to pages (scripts) on their domain, or more specifically, their server host name. What the network does with the data, i.e., which clients can see/use the data, is up to the ad network. Advertisers can't independently access local storage from pages or scripts on other sites.
Regarding your cbs data, which host name(s) is/are it stored under, and what cookie permissions do you have for that/those host name(s)?
www.cbs.com / ops.cbs.com / can.cbs.com . The permissions are the same.
Passwords: Block / Share Location: Always ask / Set Cookies: Block / Open Pop-up Windows: Block / Maintain offline storage: Always ask / Fullscreen: Always ask
Can you see the data changing, or if you clear the data, does it come back?
By the way, how are you viewing the localStorage data? I installed the Foundstone HTML5 Local Storage Explorer extension but it's pretty clunky and I imagine there's probably something better.
Edit: Just realized it is displayed in the TrackerBlock extension you mentioned. Also not alphabetized or filterable by site. :-(
Okulungisiwe
When the page is refreshed after deletion, the data is again stored.
I found these additional references on HTML5:
http://webdesign.about.com/od/html5/f/what-is-local-storage.htm
I conducted an experiment.
(1) New Firefox profile
This bypasses all of my previous customizations and my extensions. This article has more information on creating a new profile. To avoid data loss, accept the default folder location for your new profile, and make backups before removing any profiles. Profile Manager - Create, remove or switch Firefox profiles
(I actually used a profile I created last week which hadn't yet been customized.)
(2) Created blocks for cbs.com cookies
When the Firefox home page displayed, I opened this dialog:
orange Firefox button (or Tools menu) > Options > Privacy
I changed the drop-down from Remember history to Use custom settings for history, then clicked the Exceptions button. I added blocks for cbs.com, www.cbs.com and *.cbs.com (not sure that third one actually works, but just in case). See first attached screen shot.
I OK'd to save the change.
(3) I visited a few pages on cbs.com
(4) I installed the TrackerBlock extension, restarted Firefox, and checked its list of sites that had stored data. The built-in home page and the Add-ons site were listed, but not CBS. See second attached screen shot.
I might not have visited the relevant page, but so far, blocking cookies seems to work in my test.
Isisombululo Esikhethiwe
Is this local storage the same as DOM storage? If so, you can control that in about:config.
- dom.storage.default_quota = 0
- dom.storage.enabled = false
@ jscher2000 : As a long time Firefox user, I've used "custom settings for history" for many years.
@ finitarry : I knew about changing DOM storage permissions in I.E. For some reason, it didn't occur to me to do so in Firefox. Thanks. It seems this has done the trick.
Hi Kojak1958, I wasn't questioning your knowledge of settings, just showing the steps I used to to demonstrate how to block a site from using local storage.
Yes, you can completely disable all sites from using local storage, but this may affect functionality on sites you trust.
@ jscher2000 : I didn't take it that way. I know a little bit about a lot. I also know a whole lot about nothing. ;)
Thus far, it appears changing Dom storage permissions isn't having any adverse effects.
It seems the format here only allows me to designate one reply as having solved the problem. Both of you contributed to the solution. Insofar as solving this particular problem is more a matter of trying to stay one step ahead of the spymasters . ;)