[jeroenhd]

Browsers do, it's the do-not-track header. It's on by default, as it should be. Websites just refuse to honour the header.

Not all, websites, though; I believe medium, of all websites, will actually not embed some content if you sent it a DNT header. Not sure if they still do that, though, because their UX for readers has become absolute trash.

[zeepzeep]

The do-not-track header is just another bit for fingerprinting you, I don't believe any ad-company actually honors it. Also, why trust that they do, when there's a solution that doesn't need trust?

[alkonaut]

I want the browser to not let any other party get more bits of entropy than I agree to. My ip is a few bits of entropy. Now I want my browser to give not-that-many-more bits of entropy to any remote server. If it allows a remote server to list my system fonts, render something on a canvas and read back the bytes,or do some audio mixing on my machine and read back low level results, then my browser has failed me. I want it to say "I'm not showing this webpage at all because it tried to read back a canvas".

[jefftk]

> it's the do-not-track header. It's on by default

The DNT header isn't on by default in any major browser.

(Additionally, the spec was abandoned for a bunch of reasons including not being able to agree what constitutes tracking)