Skip to content

renderSizeHint fingerprinting concerns with "hardware" hint #2659

New issue
New issue
Open
Open
renderSizeHint fingerprinting concerns with "hardware" hint#2659
Labels
Agenda+Should be discussed at the next WG meeting. https://speced.github.io/spec-maintenance/about/Needs DiscussionThe issue needs more discussion before it can be fixed.category: enhancementSubstantive changes that do not add new features. https://www.w3.org/policies/process/#class-3
@mjwilson-google

Description

@mjwilson-google
mjwilson-google
opened on Dec 18, 2025

There is concern from Chrome Privacy that the "hardware" hint presents a drive-by fingerprinting risk, by exposing information about the user's default audio hardware buffer size.

Proposed mitigation:

  • Do not allow reading the actual value until the AudioContext transitions to "running" (potentially returning 0 in the meantime)
  • Reject "hardware" hint if the microphone permission is not granted

I think it may also be better to move retrieving the "hardware" buffer size to a different API that can be called (with appropriate privacy mitigation) before the AudioContext is constructed. This would also simplify the AudioContextOptions and OfflineAudioContextOptions: renderSizeHint could be a simple number similar to sample rate.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Agenda+Should be discussed at the next WG meeting. https://speced.github.io/spec-maintenance/about/Needs DiscussionThe issue needs more discussion before it can be fixed.category: enhancementSubstantive changes that do not add new features. https://www.w3.org/policies/process/#class-3

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions