Hacker News new | past | comments | ask | show | jobs | submit login

Wikipedia has a list of websites known to use this technique already: https://en.wikipedia.org/wiki/HTTP_ETag#Tracking_using_ETags

Looks like KISSmetrics are getting sued with a class action lawsuit over using this technique.

There are a lot of very cool things that have been in or allowed by the HTTP and HTML specs that have had to go because people can't be trusted to play nice.

ETags are one of the biggest disappointments that way.

I wonder if there's a potential to fix this by suggesting a deterministic version of ETags, that's based off of information the User Agent can see. Like the Vary information, response headers and payload.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact