[tor-bugs] #13016 [Tor Browser]: Remove access to all Mozilla-prefixed media queries

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Oct 8 21:19:41 UTC 2014 

#13016: Remove access to all Mozilla-prefixed media queries
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mcs
  mikeperry              |     Status:  assigned
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-fingerprinting, ff31-esr,
  Browser                |  TorBrowserTeam201410Easy,MikePerry201410R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------
Changes (by mcs):

 * keywords:  tbb-fingerprinting, ff31-esr, TorBrowserTeam201410Easy =>
     tbb-fingerprinting, ff31-esr,
     TorBrowserTeam201410Easy,MikePerry201410R
 * cc: mikeperry, arthuredelstein (added)


Comment:

 Replying to [comment:4 arthuredelstein]:
 > FWIW, I think the -moz-os-version media query has already been blanked
 out:
 > https://gitweb.torproject.org/tor-
 browser.git/blob/8d554bf700a1d3eceeabbdb1078d5e20806e1baa:/layout/style/nsMediaFeatures.cpp#l362

 Thanks for the pointer.  Most of the media queries that are prefixed with
 -moz have already been disabled for non-Chrome callers by
 8d554bf700a1d3eceeabbdb1078d5e20806e1baa (see ticket:2875#comment:17).
 The only one that is not disabled is -moz-is-resource-document, but brade
 and I do not see how that can be used for fingerprinting (it can be used
 to detect whether a document has been loaded indirectly, e.g., you can do
 <img src="test.svg"> and then use -moz-is-resource-document within
 test.svg).  It seems like it can only be used to learn about document
 structure that a site has created themselves.

 -moz-osx-font-smoothing is more interesting.  It is a CSS property, and it
 can be used to detect whether the preference layout.css.osx-font-
 smoothing.enabled = true, which is the default on Mac OS.  brade and I
 think we should prevent non-Chrome callers from retrieving the computed
 value for this CSS property, and we created a patch to block them:

 https://gitweb.torproject.org/user/brade/tor-
 browser.git/commit/bbc88abb9221a0126668a3d1150a805418c019a7

 Please review our reasoning and this patch.  Thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13016#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list