关键词：需求政策；交互；网站；用户隐私；跨站点请求
摘 要：Modern websites perform many cross-site requests that can be detrimental to user privacy. Cross-site requests undermine privacy by allowing third-party websites——the websites that are the recipients of cross-site requests——to track a user's browsing behavior. As a result, some users turn to browser extensions that give them control over these requests. One such extension, RequestPolicy, implements a default-deny policy for cross-site requests and provides users an interface through which they manage a whitelist to allow blocked requests. This approach breaks many websites and requires frequent user interaction. We set out to gain insight into how RequestPolicy is used. We study RequestPolicy's usage through an opt-in telemetry study. Over a period of 24 weeks, we collected data from more than 2,500 RequestPolicy users about how they interact with RequestPolicy. We use this data, user feedback, and our own experiences to guide a redesign of RequestPolicy.