Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Use data-sha1 attribute to compare scripts, css, etc. avoiding the need for CDNs that track

  • 2 antwoorden
  • 1 heeft dit probleem
  • 3 weergaven
  • Laatste antwoord van AliceWonder

more options

Hi, I would like to see an attribute added to FireFox (and every browser) to decrease tracking.

When webmasters use a public CDN (e.g. scripts.google.com or wherever) for things like jQuery etc., they are potentially opening up their users to tracking by those CDNs.

If we had a data-sha1 attribute that could contain the sha1sum of the script we are referencing, it could improve security and privacy in two ways:

A) Prevent cases where the CDN has been compromised altering the resource being referenced, because then the checksum won't match.

B) If the browser already has a script cached with a matching checksum, then it doesn't need to fetch it from any CDN or server etc. or even ask if the version it has is current. If the checksum of a resource in cache matches, then it is the same file regardless of where it came from and the browser does not need to send any headers to anyone.

Okay, the possibility of collisions exist even though the odds are astronomically low, so maybe verify the filename matches too.

Hi, I would like to see an attribute added to FireFox (and every browser) to decrease tracking. When webmasters use a public CDN (e.g. scripts.google.com or wherever) for things like jQuery etc., they are potentially opening up their users to tracking by those CDNs. If we had a data-sha1 attribute that could contain the sha1sum of the script we are referencing, it could improve security and privacy in two ways: A) Prevent cases where the CDN has been compromised altering the resource being referenced, because then the checksum won't match. B) If the browser already has a script cached with a matching checksum, then it doesn't need to fetch it from any CDN or server etc. or even ask if the version it has is current. If the checksum of a resource in cache matches, then it is the same file regardless of where it came from and the browser does not need to send any headers to anyone. Okay, the possibility of collisions exist even though the odds are astronomically low, so maybe verify the filename matches too.

Alle antwoorden (2)

more options

Suggestions to improve Firefox can be submitted here: https://input.mozilla.org/en-US/feedback

Or a Bug report can be filed. https://bugzilla.mozilla.org/

https://developer.mozilla.org/en/Bug_writing_guidelines

more options

Their feedback seems to be about existing features as the interface wants to know what made me happy or sad, and this is a request - not feedback on what made me happy or sad.

It's also not a bug.