This CL moves the base::Feature from content_features.h to
a generated feature from runtime_enabled_features.json5.
This means that the base::Feature can be default-enabled
while the web API is co...
I don’t really understand how that’s possible. The browser gets a token from the third party, and passes that token to the server to “prove” it’s running the DRM. The server then passes code back to the browser. At that point, why can’t the browser just cut out the DOM elements which are ads?
I don’t understand how code I write on hardware I run locally can ever have it’s hands tied like this.
It won’t be your hardware in a few years if this goes through. The code will run in a secure enclave and you won’t be able to access your bank or log in to government websites if you control the hardware.
I see what you’re saying. I read it as implying the browser would fake the attestation token. I don’t know the answer, but if their (stated) goal is to stop bots and scrapers, I have to assume it wouldn’t be so simple. After all, a lot of bots and scrapers are literally running an instance of Chrome.
I don’t really understand how that’s possible. The browser gets a token from the third party, and passes that token to the server to “prove” it’s running the DRM. The server then passes code back to the browser. At that point, why can’t the browser just cut out the DOM elements which are ads?
I don’t understand how code I write on hardware I run locally can ever have it’s hands tied like this.
It won’t be your hardware in a few years if this goes through. The code will run in a secure enclave and you won’t be able to access your bank or log in to government websites if you control the hardware.
I see what you’re saying. I read it as implying the browser would fake the attestation token. I don’t know the answer, but if their (stated) goal is to stop bots and scrapers, I have to assume it wouldn’t be so simple. After all, a lot of bots and scrapers are literally running an instance of Chrome.