It's important to know that the mentioned "resistFingerprinting" breaks a lot of the web.
Examples include the back button, uploading photos on some websites uploads random data instead of the photo, etc.
If it breaks uploading a photo, it’s because the page unnecessarily copies the image into a and then tries to upload the data from the instead of the original image.
> the page unnecessarily copies the image into a and then tries to upload the data from the instead of the original image.
Surely there could be valid reasons for doing so?
I imagine for example that:
1. It ensures the selected file is a valid image before uploading it
2. It strips meta data like GPS position from the image before uploading it
3. It could reduce the size of the image, by either scaling it down, or compressing it more, or both, before uploading it
These are valid use-cases I agree. However I don't see why should be leaky to support those use-cases.
Browsers should ensure all operations produce identical results across platforms and hardware, and anything in the spec that prevents this should be removed from the spec.
Now, I recognize some of that functionality is handy for certain apps. In that case do like Android and put it behind an opt-in API, so the user can deny.
Basically I think browsers need a "web app" mode and a "surf mode". Just using visiting my local news outlet shouldn't require all the fingerprinting stuff.
The real snag comes from putting text into a canvas. Nobody can agree on what fonts they have installed, and of course there are all kinds of subtle variations from one version of the “same” font to the next, and then everyone has different ideas about hinting, kerning, stem widths, etc, etc, etc. You can fingerprint basically everyone just from that information alone.
Sure fonts and text is hard. But none of that is needed for basic surfing of the web.
In that case you should use Firefox, and turn on “resistFingerprinting”. It’s not perfect, but it’s approaching real privacy.