If I'm allowed to query the position and/or size of anything else in the DOM I can figure out window size by aligning elements at the edges or making one 100vw x 100vh and querying the position/size of those, so you really can't let me access the position or size of anything. I might have elements styled based on media queries, or old-fashioned DOM queries, so if I'm allowed to change how a button looks based on window size I can then check something about this element that isn't directly related to size or position. For example it doesn't make since to have a "download the app" button on desktop, but if you let me make it invisible then you can't let me query the visibility of it. This is true of all styling, if you let me derive it from vh/vw then you can never let me query it after that, which makes a lot of things tricky. Trading functionality that relies on DOM/media queries for privacy is totally valid, I'm just saying that it will make some non-obvious things impossible for a developer to do, and there are sites today that people enjoy using that will have their core functionality broken if this is the future. Browser-based CAD tools were recently discussed on HN, and those are right out. Really, I think the future is both, but I'm not quite sure how they'll coexist.

> Trading functionality that relies on DOM/media queries for privacy is totally valid

Perhaps it should be a site-specific permission like the microphone or camera. Your generic news site doesn't need that functionality (and shouldn't ask for the permission - you'd know something shady was going on) but your browser-based CAD tool would and you'd grant it there.

This will cause a permissions fatigue. Only the most sensitive things should have permission. The usage of these capabilities is large enough that it should not be behind a permission.

If we went down this path, I think that the any permissions dialog would come at the end of a very long PR campaign and feature ratcheting to get developers to update their sites to not need the permission unless absolutely necessary. Sort of like what's happened with the deprecation of Flash.

Are you also going to download every resource listed in every @media section of the CSS regardless of screen size?

That part doesn't seem too unreasonable to me, but you could also just go with the largest available size and then scale it as necessary on the client.

Scaling down the largest size isn't always appropriate (though would probably work in most cases).

One example might be a set of images where the smaller images wrap text more agressively to work better on a screen that's not as wide.

Good point, I've seen comparable use cases in the wild but it slipped my mind!

The browser could pick a fake screen size, and behave in a way that is consistent with that fake screen size. This would probably break many sites, but it would mitigate fingerprinting if a common size was used.

This solution is just begging for side-channel attacks.

Firefox had better make sure its timing is not affected by such shenanigans, for instance.

I doubt that is avoidable, as the browser would still probably need to render at the false viewport dimensions. For a common adversary, fingerprinting based on timing would be more involved and less useful.