Safari Share Menu Now Violates Privacy

Jeff Johnson:

Looking at the packet trace, the share menu attempts to fetch the icon files favicon.ico, apple-touch-icon.png, and apple-touch-icon-precomposed.png from the site.

[…]

And of course your IP address is leaked.

My belief is that a website should not be notified and given your IP address and other information such as hardware device type and web browser version when you share the URL of the website.

[…]

The only purpose of the HTTP requests in Safari’s share menu appears to be to display the link’s icon and title in the share menu. Crucially, that information is not passed along to the other apps!

In most cases, I think people would be sharing the page that Safari is currently showing, so the data would have already been loaded. But it’s not expected that essentially copying a link within that page would send additional network requests.

Previously:

• Why the macOS Ventura Share Menu Is Bad

Esoteric Preferences Favicons Mac macOS 14 Sonoma Privacy Safari

1 Comment RSS · Twitter · Mastodon

Leave a Comment

Name

E-mail (will not be published)

Web site

Δ