[tbb-bugs] #17446 [Tor Browser]: Canvas image extraction prompt logic
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Oct 29 00:20:39 UTC 2015
#17446: Canvas image extraction prompt logic
---------------------------------+--------------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Keywords: tbb-fingerprinting
Actual Points: | Parent ID:
Points: | Sponsor:
---------------------------------+--------------------------------
For our canvas image extraction patch (#6253), I think the following
describes the logic in
`bool IsImageExtractionAllowed(nsIDocument *aDocument, JSContext *aCx)`
in [https://gitweb.torproject.org/tor-
browser.git/diff/dom/canvas/CanvasUtils.cpp?h=tor-
browser-38.3.0esr-5.5-2&id=65a1a301e584d28f84879625f0dd0e8cd708e5a4
CanvasUtils.cpp]:
1. Get the first party URI of the aDocument
2. Check Permission Manager to see if that first party URI has permission
to access canvas data; return "true" if so.
3. Otherwise, check if aDocument is "third party" (meaning, presumably, an
iframe or similar)
4. If aDocument is not "third party", then show a prompt allowing user to
give permission (to the first party) to access canvas data.
5. If the user gives permission ("always"), then add the first-party URI
to the Permissions database
Is there a reason we are preventing third parties from requesting
permission on behalf of the first party?
My feeling is we should either (a) allow third parties to request
permission to extract canvas data, but assign that permission to the first
party, or (b) prevent third parties from extracting canvas data at all. I
might be confused about this, though.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17446>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list