Open arthuredelstein opened 2 years ago
These are the latest test results.
For background: the favicon test loads from the same URL under different first-party domains. If the favicon is cached and the cache is not partitioned, then the favicon is not loaded under the second party domain. Lack of loading reveals that the favicon at the specified URL has been loaded before and cached, which is effectively a tracking vector.
Problem Description
Test results from PrivacyTests.org indicate that the Brave iOS favicon cache can allow cross-site tracking: https://privacytests.org/ios.html
Feature Overview
By partitioning the favicon cache, Brave can prevent favicons from being used as a "supercookie" to track users across websites.
Design
Typically, cache partitioning is keyed to eTLD+1.
User Experience
There should be essentially no UX impact, expect a very small performance for loading of a favicon.