Web: Clarify that OS.get_unique_id is not supported
#82441
Conversation
Remove the base error message in `OS`, we no longer really error out this way for not implemented methods. Instead, each platform should override them to provide the context they want. Fixes godotengine#82439.
akien-mga
added
enhancement
platform:web
topic:porting
cherrypick:3.x
| @@ -449,7 +449,7 @@ | |||
| <description> | |||
| Returns a string that is unique to the device. | |||
| [b]Note:[/b] This string may change without notice if the user reinstalls/upgrades their operating system or changes their hardware. This means it should generally not be used to encrypt persistent data as the data saved before an unexpected ID change would become inaccessible. The returned string may also be falsified using external programs, so do not rely on the string returned by [method get_unique_id] for security purposes. | |||
| [b]Note:[/b] Returns an empty string on Web, as this method isn't implemented on this platform yet. | |||
| [b]Note:[/b] Returns an empty string and prints an error on Web, as this method cannot be implemented on this platform. | |||
There was a problem hiding this comment.
That's my understanding at least, please confirm @Faless.
There was a problem hiding this comment.
Indeed, or at least, no intended way to do this.
User/Device fingerprinting is detrimental for privacy, so web browsers actively fight against it.
There a bunch of known fingerprinting techniques (see e.g. Canvas fingerprinting), but none of those are there on purpose, and might be mitigated by browsers in the future (to the point of breaking your app).
The way I see it, the only "proper" way to implement this, would be to randomly generate an ID, and store it in local storage / cookie / etc.
The ID will change if the user delete local storage and will be always different when using a private window.
There was a problem hiding this comment.
The way I see it, the only "proper" way to implement this, would be to randomly generate an ID, and store it in local storage / cookie / etc.
The ID will change if the user delete local storage and will be always different when using a private window.
That seems like an interesting compromise. I guess it would also mean have a different unique ID for each game, which might also be desired for privacy reason? You'll only be recognized by the game when you play that same game.
|
Cherry-picked for 3.6. |
akien-mga
removed
the
cherrypick:3.x
Remove the base error message in
OS, we no longer really error out this way for not implemented methods. Instead, each platform should override them to provide the context they want.Fixes #82439.