top | item 18503978

(no title)

Exactly this. Network connections won't fire without a visible link? Fine. Save up user data for when they navigate around the site and send it as a batched query.

Heck, even if browsers always showed you the data they were about to send, split out by field, just base64 encode what you don't want them to know you know and give it an innocuous field name like, "session_id". Even better, piggyback off of legitimate fields with zero-width-character encoded data. Where there is any signal at all, there is a way to hide extra information.

discuss

ashrk|7 years ago

Yeah, you'd have to prevent JS from catching a broad set of user events at all, and disallow modification of most of the DOM by it. Again, basically restrict it to tightly-context-constrained functions to do stuff like custom sorting. There'd still be security issues with it from time to time, but they'd be bugs rather than baked-in insecurity that's part of its feature set.