alt Hacker News> fonts should be provided by the website
Yeah, because I love it when every website I go to downloads 10 megs of fonts to my computer before it starts rendering the page. Fonts should be suggested by the website, and a bog-standard "every computer has this" font should be listed as the fallback.
> Timezone and other obviously private metadata should never be shared without the user explicitly granting permission on a case by case basis
100% agree.
> Size of the physical screen should never be exposed under any circumstances
I mostly agree, but with the understanding that this would cause issues with "modern" web pages having very difficult to format layouts. Responsive design requires a response, after all.
> Video formats should be provided by the website as a list of offerings and the browser should respond with a choice
You're still getting the same feedback with this, that the browser chose to use X format, so you're not increasing privacy with this, only difficulty.
> Querying the current time should be gated behind an explicit permission
100% agree. If there is no active local processing of information that the server relies on, in the format of a game or some other interactivity, then there is no reason why the server needs to know your local time.
> fonts
That's why I said that a spec mechanism should also be provided. The issue is that sites can perform measurements regarding the layout that change based on the font used. So the browser should only ever provide a few fallbacks, nothing more, and anything else needs to come from the site itself.
> screen size
I think maybe you're confusing the physical screen with the current size of the browser window?
> video formats
The issue at present is that a site can programatically test a long list of formats against your setup to see what happens. What I'm describing increases privacy because the site can no longer directly query for the entire list of supported formats and the user can optionally control the process. Obviously it's still possible to botch the implementation on the browser's end but the point is to make it possible to do the right thing.