[tbb-bugs] #16739 [Tor Browser]: Whitelist fonts by filename rather than font name
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 6 23:43:24 UTC 2015
#16739: Whitelist fonts by filename rather than font name
---------------------------------+--------------------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords: tbb-fingerprinting-fonts
Actual Points: | Parent ID:
Points: |
---------------------------------+--------------------------------------
Comment (by dcf):
So I tried a simple and dumb thing to disable system fonts with
Fontconfig, and it mostly works! All I did was comment out `FcSetSystem`
leaving only `FcSetApplication`. I tested this patch on top of
[https://gitweb.torproject.org/builders/tor-browser-
bundle.git/log/?id=tbb-5.0a4-build2 tbb-5.0a4-build2]; i.e., with the Noto
fonts installed but without the font whitelisting patch of #13313.
{{{
#!diff
--- a/gfx/thebes/gfxFontconfigUtils.cpp
+++ b/gfx/thebes/gfxFontconfigUtils.cpp
@@ -589,9 +589,9 @@ gfxFontconfigUtils::UpdateFontListInternal(bool
aForce)
// These FcFontSets are owned by fontconfig
FcFontSet *fontSets[] = {
- FcConfigGetFonts(currentConfig, FcSetSystem)
+ // FcConfigGetFonts(currentConfig, FcSetSystem),
#ifdef MOZ_BUNDLED_FONTS
- , FcConfigGetFonts(currentConfig, FcSetApplication)
+ FcConfigGetFonts(currentConfig, FcSetApplication),
#endif
};
@@ -809,9 +809,9 @@ gfxFontconfigUtils::AddFullnameEntries()
{
// These FcFontSets are owned by fontconfig
FcFontSet *fontSets[] = {
- FcConfigGetFonts(nullptr, FcSetSystem)
+ // FcConfigGetFonts(nullptr, FcSetSystem),
#ifdef MOZ_BUNDLED_FONTS
- , FcConfigGetFonts(nullptr, FcSetApplication)
+ FcConfigGetFonts(nullptr, FcSetApplication),
#endif
};
@@ -979,9 +979,9 @@ gfxFontconfigUtils::GetLangSupportEntry(const FcChar8
*aLang, bool aWithFonts)
// These FcFontSets are owned by fontconfig
FcFontSet *fontSets[] = {
- FcConfigGetFonts(nullptr, FcSetSystem)
+ // FcConfigGetFonts(nullptr, FcSetSystem),
#ifdef MOZ_BUNDLED_FONTS
- , FcConfigGetFonts(nullptr, FcSetApplication)
+ FcConfigGetFonts(nullptr, FcSetApplication),
#endif
};
}}}
It seems like the only negative side effect of the patch is an extension
of the monospace font thing in comment:6:ticket:16672. Not only is it
monospace in the tab titles and URL bar, but also Latin text in web pages
is rendered using the monospace Cousine font. This might just be because
the branch I built did not have the font prefs that came along with the
whitelisting patch.
(BTW we [[comment:1:ticket:13313|already know]] that you can whitelist a
directory in Fontconfig using fonts.conf; this is another way.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16739#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list