[tbb-commits] [tor-browser/tor-browser-24.7.0esr-3.x-1] fixup! Add canvas image extraction prompt.
mikeperry at torproject.org
mikeperry at torproject.org
Wed Aug 20 04:24:43 UTC 2014
commit e3d04fb74ac49a2e3f4d074d0e3ea6edec77b8c3
Author: Isis Lovecruft <isis at torproject.org>
Date: Sun Aug 17 01:31:03 2014 +0000
fixup! Add canvas image extraction prompt.
Modify Pearl Crescent's #7265 patch to log all HTML5 canvas access attempts.
---
content/canvas/src/CanvasUtils.cpp | 42 ++++++++++++++++++++++++++++++------
1 file changed, 35 insertions(+), 7 deletions(-)
diff --git a/content/canvas/src/CanvasUtils.cpp b/content/canvas/src/CanvasUtils.cpp
index 203dd92..f2f4536 100644
--- a/content/canvas/src/CanvasUtils.cpp
+++ b/content/canvas/src/CanvasUtils.cpp
@@ -33,6 +33,8 @@ using namespace mozilla::gfx;
#include "mozIThirdPartyUtil.h"
#include "nsContentUtils.h"
#include "nsUnicharUtils.h"
+#include "nsPrintfCString.h"
+#include "nsIConsoleService.h"
#define TOPIC_CANVAS_PERMISSIONS_PROMPT "canvas-permissions-prompt"
#define PERMISSION_CANVAS_EXTRACT_DATA "canvas/extractData"
@@ -79,14 +81,40 @@ IsImageExtractionAllowed(nsIDocument *aDocument)
isAllowed = (permission == nsIPermissionManager::ALLOW_ACTION);
if (!isAllowed && (permission != nsIPermissionManager::DENY_ACTION)) {
- // Send notification so that a prompt is displayed.
- nsCString spec;
- rv = uri->GetSpec(spec);
+ // Log all attempted canvas access and block access by third parties.
+ bool isThirdParty = true;
+ nsIURI *docURI = aDocument->GetDocumentURI();
+ rv = thirdPartyUtil->IsThirdPartyURI(uri, docURI, &isThirdParty);
+ NS_ENSURE_SUCCESS(rv, false);
+
+ nsCString firstPartySpec;
+ rv = uri->GetSpec(firstPartySpec);
+ nsCString docSpec;
+ docURI->GetSpec(docSpec);
+ nsPrintfCString msg("On %s: blocked access to canvas image data"
+ " from %s ", // L10n
+ firstPartySpec.get(), docSpec.get());
+
+ nsCOMPtr<nsIConsoleService> console
+ (do_GetService(NS_CONSOLESERVICE_CONTRACTID));
+ if (console)
+ console->LogStringMessage(NS_ConvertUTF8toUTF16(msg).get());
+
+ // Log every canvas access attempt to stdout if debugging:
+#ifdef DEBUG
+ printf("%s\n", msg.get());
+#endif
+ // Ensure URI is valid after logging, but before trying to notify the
+ // user:
NS_ENSURE_SUCCESS(rv, false);
- nsCOMPtr<nsIObserverService> obs =
- mozilla::services::GetObserverService();
- obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT,
- NS_ConvertUTF8toUTF16(spec).get());
+
+ if (!isThirdParty) {
+ // Send notification so that a prompt is displayed.
+ nsCOMPtr<nsIObserverService> obs =
+ mozilla::services::GetObserverService();
+ obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT,
+ NS_ConvertUTF8toUTF16(firstPartySpec).get());
+ }
}
}
}
More information about the tbb-commits
mailing list