|
|
|
|
|
|
by ksarw
1622 days ago
|
|
|
I see, thanks for following up! We did try to reduce the permissions as much as possible, but I believe at this time every permission is required by some feature. I get your point though, and I'll try to see what else we can do in this regard. As mentioned elsewhere in this thread, just to be clear we don't log every visited site (or log browsing in general); the only time data is added to the database is when the user actively adds a comment/creates content. Currently we send the URL as is; its only stored though if you are writing a comment or sharing the site with friends. I do like the hashing idea but ultimately when someone does leave a comment or share it, we do store it without hashing so later users can filer it and so on. Please let me know if I misunderstood your question! |
|
|
I appreciate that. And I guess it is partly the fault of the browser that you can't ask for just permissions that the user wants to use. From my point of view the set of features you chose isn't worth giving you the permissions. However I can see that for other users they do want these features. It seems that there isn't a perfect option with one extension here.
> but ultimately when someone does leave a comment or share it...
Yes, but there is a huge difference from "site I left a comment on" and "every page I visit". For example if I have a secret document that is protected by an unguessable URL I am not going to leave comments on it, so it would be great if it wasn't sent to your service. Of course once I do leave a comment it makes sense to send it to your service so that you can fetch metadata and other features. (Although it would be cool if there was an option to never reveal the URL as well.)