Google has rolled out new deep linking support to Chrome, raises privacy concerns
Google has quietly enabled a new feature in its flagship Chrome web browser that allows anyone to link directly to any specific text or object in the context of a web page. Though this "ScrollToTextFragment" syntax provides new conveniences, it also raises concerns over the privacy implications by security experts.
A similar feature which is used throughout the web exists in HTML in the form of an "anchor" element that allows people to copy a link to a specific flagged section of an article. For example, a specific section of a Wikipedia article. The ScrollToTextFragment flag, on the other hand, does not require that the original anchor exist in the first place. This means that anyone, including individuals or search engines, can share a link to any web page and its specific section where certain words or parameters are contained.
As is brought up by Brave privacy researcher Peter Snyder, this feature could pose a significant privacy risk. He writes:
"Consider a situation where I can view DNS traffic (e.g. company network), and I send a link to the company health portal, with '#:~:text=cancer'. On certain page layouts, I might be able [to] tell if the employee has cancer by looking for lower-on-the-page resources being requested."
"We discussed this and other issues with our security team and, to summarize, we understand the issue but disagree on the severity so we're proceeding with allowing this without requiring opt-in (though we are still working on adding an opt in/out)."
All of the security issues that the development team has identified can be viewed in a public Google Doc. Google has not publicly announced a time table for implementing support for Chrome users to manually opt in or out of the "ScrollToTextFragment" syntax.
Further coverage: The Register