[tbb-commits] [tor-browser/tor-browser-60.7.0esr-9.0-1] Bug 30541: Disable WebGL readPixel() for web content

gk at torproject.org gk at torproject.org
Wed May 29 12:30:55 UTC 2019


commit e462f9d9eb505b5e724ec64a52280c70210cf5eb
Author: Georg Koppen <gk at torproject.org>
Date:   Wed May 29 12:29:19 2019 +0000

    Bug 30541: Disable WebGL readPixel() for web content
---
 dom/canvas/WebGLContextGL.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/dom/canvas/WebGLContextGL.cpp b/dom/canvas/WebGLContextGL.cpp
index cab33ba626f2..2d4d9d8d16a4 100644
--- a/dom/canvas/WebGLContextGL.cpp
+++ b/dom/canvas/WebGLContextGL.cpp
@@ -1137,6 +1137,14 @@ bool WebGLContext::ReadPixels_SharedPrecheck(CallerType aCallerType,
     return false;
   }
 
+  // Security check passed, but don't let content readPixel calls through for
+  // now, if Resist Fingerprinting Mode is enabled.
+  if (nsContentUtils::ResistFingerprinting(aCallerType)) {
+    GenerateWarning("readPixels: Not allowed in Resist Fingerprinting Mode");
+    out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
+    return false;
+  }
+
   return true;
 }
 



More information about the tbb-commits mailing list