searching for reviewer(arthuredelstein)
d48ee9ed681900a565e85d5ada6a5630bdebc923: Bug 1492766 - Part 3: Update the test_pointer_event.html for test of pointer id spoofing r=masayuki,arthuredelstein
Tim Huang <tihuang@mozilla.com> - Wed, 14 Nov 2018 07:17:51 +0000 - rev 447207
Push 73350 by tihuang@mozilla.com at Tue, 20 Nov 2018 09:59:28 +0000
Bug 1492766 - Part 3: Update the test_pointer_event.html for test of pointer id spoofing r=masayuki,arthuredelstein This test add a check for pointer id to make sure it always reply the spoofed pointer id when resistfingerpritning is enabled. It also extend the original test of pointer capture events into a test which tests mouse and touch interfaces to make sure pointer capture events is correctly filed even with the spoofed interface id. In addition, it also adds test for that set/releasePointerCapture only accepts spoofed pointer id when fingerprinting resistance is enabled. Depends on D9532 Differential Revision: https://phabricator.services.mozilla.com/D9533
76017cad8320dfb8069838464dddfdf752873f0f: Bug 1492766 - Part 2: Makes the set/releasePointerCapture working properly when fingerprinting resistance is enabled r=masayuki,arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Mon, 19 Nov 2018 16:36:14 +0000 - rev 447206
Push 73350 by tihuang@mozilla.com at Tue, 20 Nov 2018 09:59:28 +0000
Bug 1492766 - Part 2: Makes the set/releasePointerCapture working properly when fingerprinting resistance is enabled r=masayuki,arthuredelstein,smaug When fingerprinting resistance is enabled, content should only view the pointer capture events from the spoofed interface. In order to do so, first, we need to restrict content to only set or release pointer capture for only the spoofed pointer id. Second, we have to map other interfaces into the spoofed one for pointer capture events. Depends on D9531 Differential Revision: https://phabricator.services.mozilla.com/D9532
a575162d9f5bce53f2cbf6aa0f9c817258df7ca9: Bug 1492766 - Part 1: Spoofing the pointer id of pointer events when resistfingerprinting is enabled r=masayuki,smaug,arthuredelstein
Tim Huang <tihuang@mozilla.com> - Tue, 20 Nov 2018 09:54:52 +0000 - rev 447205
Push 73350 by tihuang@mozilla.com at Tue, 20 Nov 2018 09:59:28 +0000
Bug 1492766 - Part 1: Spoofing the pointer id of pointer events when resistfingerprinting is enabled r=masayuki,smaug,arthuredelstein This patch makes it to spoof the pointer id into mouse pointer id when resistfingerprinting is enabled. And we will only spoof for content but not for chrome. Since we don't know the pointer id beforehand, we have to cache the pointer id of the mouse interface when it is activated. And use that pointer for the purpose of fingerprinting resistance. Differential Revision: https://phabricator.services.mozilla.com/D9531
0b4b3d826b3f5cacbf554d1da07408bca0660a07: Bug 1492607 - Part 2: Add a test case for assuring postMessage cannot post across OAs r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Thu, 25 Oct 2018 06:47:18 +0000 - rev 443111
Push 71799 by tihuang@mozilla.com at Fri, 26 Oct 2018 08:21:22 +0000
Bug 1492607 - Part 2: Add a test case for assuring postMessage cannot post across OAs r=arthuredelstein,baku This test case will turn on the first party isolation and try to open two tabs that the first tab is the opener of the second tab. It will test for different settings and making sure that postMessage cannot go across with the targetOrigin '*' for different FPDs when the pref 'privacy.firstparty.isolate.block_post_message' is enabled. Depends on D8521 Differential Revision: https://phabricator.services.mozilla.com/D8522
dfc3795ef568e5236301d0fb9e864c58fe5f63e6: Bug 1492607 - Part 1: Making postMessage to be aware of OAs when the targetOrigin is "*." r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Thu, 25 Oct 2018 06:47:08 +0000 - rev 443110
Push 71799 by tihuang@mozilla.com at Fri, 26 Oct 2018 08:21:22 +0000
Bug 1492607 - Part 1: Making postMessage to be aware of OAs when the targetOrigin is "*." r=arthuredelstein,baku This patch adds a MOZ_DIAGNOSTIC_ASSERT for assuring the OAs are matching when the targetOrigin is "*" for the postMessage(). But it ignores the FPD in OA since the FPDs are possible to be different. We also add a new pref 'privacy.firstparty.isolate.block_post_message' for allowing blocking postMessage across different FPDs. Differential Revision: https://phabricator.services.mozilla.com/D8521
7741c70c8bce8b4ec0309e70e5faa491ffeb8845: Bug 1363508 - Part 4: Add a test case for testing pointer event spoofing when fingerprinting resistance is on r=arthuredelstein,masayuki
Tim Huang <tihuang@mozilla.com> - Wed, 10 Oct 2018 06:42:16 +0000 - rev 440473
Push 70683 by tihuang@mozilla.com at Wed, 10 Oct 2018 12:37:20 +0000
Bug 1363508 - Part 4: Add a test case for testing pointer event spoofing when fingerprinting resistance is on r=arthuredelstein,masayuki This patch add a mochitest which tests all pointer events to assure touch and pen pointer events will be spoofed into mouse pointer events. However, we are not able to test the suppressing of the non-primary pointer events since we cannot generate a pointer event with isPrimary as false so far. Depends on D6005 Differential Revision: https://phabricator.services.mozilla.com/D6006
d56cf859abf7a9c638c7b436a6872a724574905f: Bug 1363508 - Part 3: Spoofing navigator.maxTouchPoints into 0 if fingerprinting resistance is enabled r=arthuredelstein,masayuki,smaug
Tim Huang <tihuang@mozilla.com> - Tue, 09 Oct 2018 11:50:03 +0000 - rev 440472
Push 70683 by tihuang@mozilla.com at Wed, 10 Oct 2018 12:37:20 +0000
Bug 1363508 - Part 3: Spoofing navigator.maxTouchPoints into 0 if fingerprinting resistance is enabled r=arthuredelstein,masayuki,smaug The maxTouchPoints is going to review the detail of users' hardware. So, we will spoof it into 0 if fingerprinting resistance is on. Depends on D6004 Differential Revision: https://phabricator.services.mozilla.com/D6005
24afd8e04316ca29c5906c3119a94cfec2cc2292: Bug 1363508 - Part 2: Suppressing the pointer events that have isPrimary as false for fingerprinting resistance r=arthuredelstein,masayuki
Tim Huang <tihuang@mozilla.com> - Tue, 09 Oct 2018 11:50:01 +0000 - rev 440471
Push 70683 by tihuang@mozilla.com at Wed, 10 Oct 2018 12:37:20 +0000
Bug 1363508 - Part 2: Suppressing the pointer events that have isPrimary as false for fingerprinting resistance r=arthuredelstein,masayuki Because of that the isPrimary of mouse pointer events will always be true. So, we suppress other events that have isPrimary as false when fingerprinting resistance is enabled. Depends on D6003 Differential Revision: https://phabricator.services.mozilla.com/D6004
3e9933f36e458a44212e316b554fbaaaacbfd72b: Bug 1363508 - Part 1: Spoofing pen/touch pointer events into mouse pointer events when fingerprinting resistance is on r=arthuredelstein,masayuki,smaug
Tim Huang <tihuang@mozilla.com> - Tue, 09 Oct 2018 11:55:43 +0000 - rev 440470
Push 70683 by tihuang@mozilla.com at Wed, 10 Oct 2018 12:37:20 +0000
Bug 1363508 - Part 1: Spoofing pen/touch pointer events into mouse pointer events when fingerprinting resistance is on r=arthuredelstein,masayuki,smaug The pointerType field in the pointer event will reveal the details of users' hardware; this is a fingerprinting vector. So, we would spoof all types of pointer events into mouse type pointer events for protecting users from browser fingerprinting when fingerprinting resistance is on. In this patch, we would spoof the pointerType as well as other fields that mouse pointer events don't support, like pressure, tiltX/Y and so on when fingerprinting resistance is on. Differential Revision: https://phabricator.services.mozilla.com/D6003
01f390f36d953e54ae4c17126ac7d9764a6e3470: Bug 1473247 - Part 2: Add a test case for making sure that IP addresses can work properly for the firstPartyDomain. r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Fri, 13 Jul 2018 19:55:02 +0000 - rev 426714
Push 66392 by tihuang@mozilla.com at Mon, 16 Jul 2018 07:31:32 +0000
Bug 1473247 - Part 2: Add a test case for making sure that IP addresses can work properly for the firstPartyDomain. r=arthuredelstein,baku Differential Revision: https://phabricator.services.mozilla.com/D1978
03e45d7472a01237858a1224fef4fae9066adecd: Bug 1473247 - Part 1: Fixing the issue that the IP addresses won't be set for first party domains. r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Fri, 13 Jul 2018 19:53:15 +0000 - rev 426713
Push 66391 by tihuang@mozilla.com at Mon, 16 Jul 2018 07:30:12 +0000
Bug 1473247 - Part 1: Fixing the issue that the IP addresses won't be set for first party domains. r=arthuredelstein,baku Right now, the firstPartyDomain won't be set when using IP addresses as first party domains. It is because of that the TLD service won't accept IP addresses as valid hosts. The patch fixes this problem by detecting that if the host is a IP address. If it is, we will still set the firstPartyDoamin with the IP address. Differential Revision: https://phabricator.services.mozilla.com/D1977
d83173f047563c621d133423ec14aed04d899316: Bug 1222285 - Part 3: Add test cases to check whether keyEvents been correctly spoofed and modifier keys been correctly suppressed. r=arthuredelstein,masayuki
Tim Huang <tihuang@mozilla.com> - Tue, 05 Sep 2017 16:01:02 +0800 - rev 399644
Push 58216 by nbeleuzu@mozilla.com at Wed, 17 Jan 2018 14:26:34 +0000
Bug 1222285 - Part 3: Add test cases to check whether keyEvents been correctly spoofed and modifier keys been correctly suppressed. r=arthuredelstein,masayuki This patch adds two test cases which generates Keyboard events for English content and test whether the keyboard events been spoofed as US English QWERTY keyboard events. In addition, it also tests that whether the modifier keys been suppressed. MozReview-Commit-ID: d6uZxJJayk
b2f55468b241f28678dc5e35e19eb3b5781a1c5c: Bug 1222285 - Part 2: Making the keyboard events of modifier keys been suppressed when 'privacy.resistFingerprinting' is true. r=arthuredelstein,masayuki
Tim Huang <tihuang@mozilla.com> - Thu, 31 Aug 2017 11:14:14 +0800 - rev 399643
Push 58216 by nbeleuzu@mozilla.com at Wed, 17 Jan 2018 14:26:34 +0000
Bug 1222285 - Part 2: Making the keyboard events of modifier keys been suppressed when 'privacy.resistFingerprinting' is true. r=arthuredelstein,masayuki This patch makes 'Shift', 'Alt', 'Contorl' and 'AltGraph' been suppressed for content when fingerprinting resistance is enabled. Chrome can still get these events. The reason behind this is that websites can still observe key combinations to tell which keyboard layout is using even we spoof the keyboardEvent.code, keyboardEvent.keyCode and modifier states. For example, the AZERTY France keyboard, the digit keys of it requires the user press the Shift key. So, it is easy to differentiate AZERTY and QWERTY keyboard by observing whether a Shift key generates its own before the digit keys. There are similar issues for 'Alt' and 'AltGraph' as well. MozReview-Commit-ID: 3CwCgvey4lK
7140b4a3c47adf5094187fbea6d321154033cbb1: Bug 1222285 - Part 1: Spoofing the keyboard event to mimc a certain keyboard layout according to the content-language of the document when 'privacy.resistFingerprinting' is true. r=arthuredelstein,masayuki,smaug
Tim Huang <tihuang@mozilla.com> - Tue, 29 Aug 2017 11:33:27 +0800 - rev 399642
Push 58216 by nbeleuzu@mozilla.com at Wed, 17 Jan 2018 14:26:34 +0000
Bug 1222285 - Part 1: Spoofing the keyboard event to mimc a certain keyboard layout according to the content-language of the document when 'privacy.resistFingerprinting' is true. r=arthuredelstein,masayuki,smaug This patch makes Firefox to spoof keyboardEvent.code, keyboardEvent.keycode and modifier states, for 'Shift', 'Alt', 'Control' and 'AltGraph', when 'privacy.resistFingerprinting' is true. Firefox will spoof keyboard events as a certain keyboard layout according to the content language of the document, for example, we use US English keyboard for English content. Right now, it only supports English contents, we will add more support for more languages later. The spoofing only affects content, chrome can still see real keyboard events. MozReview-Commit-ID: 40JPvwLmMMB
9c586454144b4eef9e9a8ab53e3d1a8c3f84ac3c: Bug 1404608 - Reveal the real operating system when fingerprinting resistance is enabled. r=arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Tue, 12 Dec 2017 15:25:49 -0600 - rev 398600
Push 57832 by ryanvm@gmail.com at Wed, 10 Jan 2018 18:47:24 +0000
Bug 1404608 - Reveal the real operating system when fingerprinting resistance is enabled. r=arthuredelstein,smaug This patch makes Firefox not to lie about the real operating system when pref 'privacy.resistFingerprinting' is true. This will also change the testcase as well. MozReview-Commit-ID: Gdnp2lMU3wr
4036881d8ab000ed945ec7d155a02e90a74e5e4e: Bug 1039069 - Provide a popup about English for international users. r=arthuredelstein,mconley
Chung-Sheng Fu <cfu@mozilla.com> - Tue, 12 Sep 2017 17:32:07 +0800 - rev 394599
Push 56382 by ncsoregi@mozilla.com at Fri, 01 Dec 2017 15:42:12 +0000
Bug 1039069 - Provide a popup about English for international users. r=arthuredelstein,mconley MozReview-Commit-ID: IL8i4vzjWQd
4fce39a1463034085d85c52db02df597d40831a8: Bug 1039069 - Provide a popup about English for international users. r=arthuredelstein,mconley
Chung-Sheng Fu <cfu@mozilla.com> - Tue, 12 Sep 2017 17:32:07 +0800 - rev 394401
Push 56332 by ryanvm@gmail.com at Thu, 30 Nov 2017 21:03:13 +0000
Bug 1039069 - Provide a popup about English for international users. r=arthuredelstein,mconley MozReview-Commit-ID: IL8i4vzjWQd
3f811aa66cdbc37b799c132c15d33562a97d8c03: Bug 1372073 - Add tests for Media Capture and Streams fingerprinting resistance. r=arthuredelstein,jib
Chung-Sheng Fu <cfu@mozilla.com> - Tue, 19 Sep 2017 15:12:52 +0800 - rev 391527
Push 55233 by nbeleuzu@mozilla.com at Mon, 13 Nov 2017 10:08:40 +0000
Bug 1372073 - Add tests for Media Capture and Streams fingerprinting resistance. r=arthuredelstein,jib MozReview-Commit-ID: DY9JpwJevkS
e04a7ec9c152777566405216ecfa79840b317c56: Bug 1372073 - Spoof MediaStreamTrack. r=arthuredelstein,jib,smaug
Chung-Sheng Fu <cfu@mozilla.com> - Fri, 13 Oct 2017 11:57:25 +0800 - rev 391526
Push 55233 by nbeleuzu@mozilla.com at Mon, 13 Nov 2017 10:08:40 +0000
Bug 1372073 - Spoof MediaStreamTrack. r=arthuredelstein,jib,smaug MozReview-Commit-ID: 71UOGrJ9cgm
2133a8484ef07a58bcdcd8cae0b60f9eb819b035: Bug 1372073 - Suppress devicechange event. r=arthuredelstein,mchiang
Chung-Sheng Fu <cfu@mozilla.com> - Tue, 19 Sep 2017 09:56:48 +0800 - rev 391525
Push 55233 by nbeleuzu@mozilla.com at Mon, 13 Nov 2017 10:08:40 +0000
Bug 1372073 - Suppress devicechange event. r=arthuredelstein,mchiang MozReview-Commit-ID: JxxFbOMBQvY
f995ab0441e92a820d19015d8c31a927749761c8: Bug 1372073 - Ignore constraints in getUserMedia. r=arthuredelstein,jib
Chung-Sheng Fu <cfu@mozilla.com> - Mon, 18 Sep 2017 17:51:51 +0800 - rev 391524
Push 55233 by nbeleuzu@mozilla.com at Mon, 13 Nov 2017 10:08:40 +0000
Bug 1372073 - Ignore constraints in getUserMedia. r=arthuredelstein,jib MozReview-Commit-ID: KdA9abmg3UA
018f84af573b1df08a10fbf8f63859c5def4d385: Bug 1372073 - Spoof navigator.mediaDevices.enumerateDevices. r=arthuredelstein,jib,smaug
Chung-Sheng Fu <cfu@mozilla.com> - Mon, 18 Sep 2017 09:52:06 +0800 - rev 391523
Push 55233 by nbeleuzu@mozilla.com at Mon, 13 Nov 2017 10:08:40 +0000
Bug 1372073 - Spoof navigator.mediaDevices.enumerateDevices. r=arthuredelstein,jib,smaug MozReview-Commit-ID: HubfB6M4UM0
786495fe83ada0424641d7c56f207e0e6f3f83cc: Bug 1376973 - Part 2: Add test cases for making sure that favicons of allTabs popup menu is using correct originAttributes. r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Fri, 20 Oct 2017 09:19:58 +0800 - rev 387393
Push 53740 by ryanvm@gmail.com at Fri, 20 Oct 2017 12:44:13 +0000
Bug 1376973 - Part 2: Add test cases for making sure that favicons of allTabs popup menu is using correct originAttributes. r=arthuredelstein,baku This patch adds test cases for testing favicons of allTabs menu in terms of originAttributes. It adds tests in existing tests, browser_favicon_userContextId.js and browser_favicon_firstParty.js. The test will open tabs with different originAttributes and trigger the popup of allTabs menu. Then it will verify that whether the network requests of favicon have correct originAttributes. MozReview-Commit-ID: 4Aa7RDFdosA
cb3d7a0ae189bcadbe086caa80f2eb4806b884cd: Bug 1376973 - Part 1: Making the favicon of the allTabs menu obeys originAttributes and rename attribute 'iconLoadingPrincipal' to 'iconloadingprincipal'. r=arthuredelstein,dao
Tim Huang <tihuang@mozilla.com> - Fri, 20 Oct 2017 09:19:57 +0800 - rev 387392
Push 53740 by ryanvm@gmail.com at Fri, 20 Oct 2017 12:44:13 +0000
Bug 1376973 - Part 1: Making the favicon of the allTabs menu obeys originAttributes and rename attribute 'iconLoadingPrincipal' to 'iconloadingprincipal'. r=arthuredelstein,dao MozReview-Commit-ID: AqjIr7xkXs9
c058687eb20461d801d9e2a6ad2e0c28a9eb6d39: Bug 1376973 - Part 2: Add test cases for making sure that favicons of allTabs popup menu is using correct originAttributes. r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Tue, 17 Oct 2017 20:55:21 +0800 - rev 387159
Push 53656 by ryanvm@gmail.com at Thu, 19 Oct 2017 13:05:15 +0000
Bug 1376973 - Part 2: Add test cases for making sure that favicons of allTabs popup menu is using correct originAttributes. r=arthuredelstein,baku This patch adds test cases for testing favicons of allTabs menu in terms of originAttributes. It adds tests in existing tests, browser_favicon_userContextId.js and browser_favicon_firstParty.js. The test will open tabs with different originAttributes and trigger the popup of allTabs menu. Then it will verify that whether the network requests of favicon have correct originAttributes. MozReview-Commit-ID: 4Aa7RDFdosA
0f393e8b236da0db7063d5b933f74cef20d84824: Bug 1376973 - Part 1: Making the favicon of the allTabs menu obeys originAttributes and rename attribute 'iconLoadingPrincipal' to 'iconloadingprincipal'. r=arthuredelstein,dao
Tim Huang <tihuang@mozilla.com> - Tue, 17 Oct 2017 20:55:20 +0800 - rev 387158
Push 53656 by ryanvm@gmail.com at Thu, 19 Oct 2017 13:05:15 +0000
Bug 1376973 - Part 1: Making the favicon of the allTabs menu obeys originAttributes and rename attribute 'iconLoadingPrincipal' to 'iconloadingprincipal'. r=arthuredelstein,dao MozReview-Commit-ID: AqjIr7xkXs9
2189a968511ee8f51eb2deb046bd7914a76a693b: Bug 1384330 - Part 2: Add a test case for testing that navigator.mozAddonManager is correctly blocked when pref 'privacy.resistFingerprinting.block_mozAddonManager' is true. r=arthuredelstein,mossop
Tim Huang <tihuang@mozilla.com> - Thu, 14 Sep 2017 16:49:33 +0800 - rev 381376
Push 51406 by ryanvm@gmail.com at Sun, 17 Sep 2017 11:46:50 +0000
Bug 1384330 - Part 2: Add a test case for testing that navigator.mozAddonManager is correctly blocked when pref 'privacy.resistFingerprinting.block_mozAddonManager' is true. r=arthuredelstein,mossop The patch adds a test case which will first test with the pref off to see that navigator.mozAddonManager can be accessed successfully. And then turn the pref on to see that whether navigator.mozAddonManager is blocked. MozReview-Commit-ID: 3nptUqdg7p7
bb14bbb30c4150b69d541d4c9f32762721a9ccc2: Bug 1384330 - Part 1: Blocking the mozAddonManager when pref 'privacy.resistFingerprinting.block_mozAddonManager' is true. r=arthuredelstein,mossop
Tim Huang <tihuang@mozilla.com> - Thu, 14 Sep 2017 15:11:21 +0800 - rev 381375
Push 51406 by ryanvm@gmail.com at Sun, 17 Sep 2017 11:46:50 +0000
Bug 1384330 - Part 1: Blocking the mozAddonManager when pref 'privacy.resistFingerprinting.block_mozAddonManager' is true. r=arthuredelstein,mossop This patch adds a hidden pref 'privacy.resistFingerprinting.block_mozAddonManager', which is false by default. When this is true, the navigator.mozAddonManager will be blocked even the website is AMO. The purpose of this pref is for Tor browser can disable navigator.mozAddonManager through this. MozReview-Commit-ID: Lf37gHXETCz
aad2ab1d510cf39ebb0684aa9e9b15572c6cd73c: Bug 1382533 - Disable Presentation API when privacy.resistFingerprinting = true r=arthuredelstein,smaug
Chung-Sheng Fu <cfu@mozilla.com> - Wed, 09 Aug 2017 17:38:30 +0800 - rev 379474
Push 50652 by ryanvm@gmail.com at Thu, 07 Sep 2017 13:22:23 +0000
Bug 1382533 - Disable Presentation API when privacy.resistFingerprinting = true r=arthuredelstein,smaug MozReview-Commit-ID: IDKEqSqm9Ug
bdd7fa60afcf91bd67e10ce16d14a753c70b7fa9: Bug 1354633 - Add test cases r=arthuredelstein,jwwang
Chung-Sheng Fu <cfu@mozilla.com> - Thu, 17 Aug 2017 18:08:39 +0800 - rev 378266
Push 50247 by ryanvm@gmail.com at Fri, 01 Sep 2017 19:29:09 +0000
Bug 1354633 - Add test cases r=arthuredelstein,jwwang MozReview-Commit-ID: 28FprGa4JEe
120bb4c9f8aaf17fbb50d21573d778a705fe303a: Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang
Chung-Sheng Fu <cfu@mozilla.com> - Fri, 04 Aug 2017 18:46:26 +0800 - rev 378265
Push 50247 by ryanvm@gmail.com at Fri, 01 Sep 2017 19:29:09 +0000
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang MozReview-Commit-ID: mYBftzcZT5
84021c7d6b3924cfc907c75bdf3608c3e2980a04: Bug 1354633 - Add test cases r=arthuredelstein,jwwang
Chung-Sheng Fu <cfu@mozilla.com> - Thu, 17 Aug 2017 18:08:39 +0800 - rev 377987
Push 50133 by ryanvm@gmail.com at Thu, 31 Aug 2017 15:33:41 +0000
Bug 1354633 - Add test cases r=arthuredelstein,jwwang MozReview-Commit-ID: 28FprGa4JEe
8f7d662de26620884fd0240a6ff76a9dfb65c083: Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang
Chung-Sheng Fu <cfu@mozilla.com> - Fri, 04 Aug 2017 18:46:26 +0800 - rev 377986
Push 50133 by ryanvm@gmail.com at Thu, 31 Aug 2017 15:33:41 +0000
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang MozReview-Commit-ID: mYBftzcZT5
ad3bc2177e896fcf5d8c919043797cbbf711525e: Bug 1382545 - Part 2: Add a test case for making sure that Animation API doesn't expose a high resolution time when 'privacy.resistFingerprinting' is true. r=arthuredelstein,birtles
Tim Huang <tihuang@mozilla.com> - Fri, 18 Aug 2017 13:55:05 +0800 - rev 376859
Push 49660 by ryanvm@gmail.com at Fri, 25 Aug 2017 12:29:30 +0000
Bug 1382545 - Part 2: Add a test case for making sure that Animation API doesn't expose a high resolution time when 'privacy.resistFingerprinting' is true. r=arthuredelstein,birtles Adopt from Tor #16337 This patch adds a test case for testing that Animation API doesn't expose a high resolution time when 'privacy.resistFingerprinting' is true. The test case will play an animation and wait a certain amount of time, one second, and then verify the animation.startTime, animation.currentTime, animation.timeline.currentTime and document.timeline.currentTime are all rounded with 100ms. MozReview-Commit-ID: KiMYySYaQ7V
e2213726a3d34e5b211d242ff9663b5c95864fe8: Bug 1382545 - Part 1: Rounding the time of Animation API to 100ms when 'privacy.resistFingerprinting'is true. r=arthuredelstein,birtles
Tim Huang <tihuang@mozilla.com> - Thu, 17 Aug 2017 22:37:29 +0800 - rev 376858
Push 49660 by ryanvm@gmail.com at Fri, 25 Aug 2017 12:29:30 +0000
Bug 1382545 - Part 1: Rounding the time of Animation API to 100ms when 'privacy.resistFingerprinting'is true. r=arthuredelstein,birtles Adopt from Tor #16337. This patch makes Animation API to report a rounded time when 'privacy.resistFingerprinting' is true. The Animation API uses AnimationUtils::TimeDurationToDouble() to convert its time duration into a double value and reports it when someone tries to query time through Animation API. So, we use nsRFPService::ReduceTimePrecisionAsMSecs() inside this method to round the time in the scope of the millisecond. MozReview-Commit-ID: 8o01G6AlAu9
61d074cfdeafd13395c089dcd4b2c47fb5d80204: Bug 1217290 - Refactor WebGL max & min attribute constants for WebGL fingerprinting r=arthuredelstein,daoshengmu,jgilbert
Chung-Sheng Fu <cfu@mozilla.com> - Thu, 27 Jul 2017 15:49:46 +0800 - rev 376601
Push 49532 by ryanvm@gmail.com at Thu, 24 Aug 2017 12:53:08 +0000
Bug 1217290 - Refactor WebGL max & min attribute constants for WebGL fingerprinting r=arthuredelstein,daoshengmu,jgilbert MozReview-Commit-ID: 5fxOdV8euJ0
79d10d86477527c727de120c0c812c240a9d7356: Bug 1382499 - Add test cases r=arthuredelstein,smaug
Chung-Sheng Fu <cfu@mozilla.com> - Wed, 02 Aug 2017 14:04:34 +0800 - rev 374558
Push 48699 by ryanvm@gmail.com at Mon, 14 Aug 2017 12:44:36 +0000
Bug 1382499 - Add test cases r=arthuredelstein,smaug MozReview-Commit-ID: 1aZVzVO9D6x
0175751964b59799e3e5df53e7e902d1a49733f1: Bug 1382499 - Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz
Chung-Sheng Fu <cfu@mozilla.com> - Mon, 31 Jul 2017 17:30:38 +0800 - rev 374556
Push 48699 by ryanvm@gmail.com at Mon, 14 Aug 2017 12:44:36 +0000
Bug 1382499 - Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz MozReview-Commit-ID: 8nzOkvIvwrD
0ebb9924affaa4dc16687986d57dda7c773d8a25: Bug 1382499 - Add test cases r=arthuredelstein,smaug
Chung-Sheng Fu <cfu@mozilla.com> - Wed, 02 Aug 2017 14:04:34 +0800 - rev 374167
Push 48586 by ryanvm@gmail.com at Fri, 11 Aug 2017 19:48:21 +0000
Bug 1382499 - Add test cases r=arthuredelstein,smaug MozReview-Commit-ID: 1aZVzVO9D6x
1dcdc22d4919cca28f1b83ace94d4b476deb4c88: Bug 1382499 - Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz
Chung-Sheng Fu <cfu@mozilla.com> - Mon, 31 Jul 2017 17:30:38 +0800 - rev 374165
Push 48586 by ryanvm@gmail.com at Fri, 11 Aug 2017 19:48:21 +0000
Bug 1382499 - Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz MozReview-Commit-ID: 8nzOkvIvwrD
45ec9d0af14b0be23316c7d74f6d3df5e12b84eb: Bug 1369309 - Part 4: Modify the test case 'test_video_stats_resistfingerprinting.html'. r=cpearce, r=arthuredelstein
Tim Huang <tihuang@mozilla.com> - Mon, 17 Jul 2017 17:30:08 +0800 - rev 373907
Push 48490 by ryanvm@gmail.com at Thu, 10 Aug 2017 20:10:41 +0000
Bug 1369309 - Part 4: Modify the test case 'test_video_stats_resistfingerprinting.html'. r=cpearce, r=arthuredelstein This patch modifies the test case 'test_video_stats_resistfingerprinting.html' to check media statistics report spoofed values when fingerprinting resistance is enabled. This test will play a video and test the media statistics when the video is finished. It will make sure all media statistics report correct spoofed values corresponding to the play time of the video. MozReview-Commit-ID: GpYewu7cIbY
9afd71d7438c5b7bbd01a317cf7490529b50fdc5: Bug 1369309 - Part 3: Making the media statistics reports a spoofed value when fingerprinting resistance is enabled. r=cpearce, r=arthuredelstein
Tim Huang <tihuang@mozilla.com> - Mon, 17 Jul 2017 15:13:55 +0800 - rev 373906
Push 48490 by ryanvm@gmail.com at Thu, 10 Aug 2017 20:10:41 +0000
Bug 1369309 - Part 3: Making the media statistics reports a spoofed value when fingerprinting resistance is enabled. r=cpearce, r=arthuredelstein This patch makes the media statistics report values with a fixed frames per second and a dynamic dropped ratio when resistance fingerprinting is enabled. The dropped rate is decided by the video resolution that it will report a fixed dropped rate when the video resolution is greater than 480p. And It will report a zero dropped rate if the video is below or equal to 480p. In addition, it adds three new prefs that allow us to change the value of frames per second, the dropped ratio and the threshold of target video resolution. The three prefs are 'privacy.resistFingerprinting.video_frames_per_sec', 'privacy.resistFingerprinting.video_dropped_ratio' and 'privacy.resistFingerprinting.target_video_res'. The default values of them are 30, 5 and 480, which means 30 frames per second, 5 percent dropped ratio and 480p. This also adds a new helper function 'nsContentUtils::ShouldResistFingerprinting(nsIDocument* aDoc)' for checking whether fingerprinting resistance is enabled for a given docuemnt. If it is a chrome document, this function will indicate that fingerprinting resistance is not enabled regardless of the pref 'privacy.resistFingerprinting'. If it is a content document, the result will depend on the pref. MozReview-Commit-ID: FbSuRq6Zdnn
23efa91adf8a33e8e516b15db1a1031d8e997c18: Bug 1369309 - Part 2: Add a test case to check whether media statistics has been spoofed correctly when 'privacy.resistFingerprinting' is true. r=jwwang, r=arthuredelstein
Tim Huang <tihuang@mozilla.com> - Mon, 19 Jun 2017 14:43:27 +0800 - rev 373905
Push 48490 by ryanvm@gmail.com at Thu, 10 Aug 2017 20:10:41 +0000
Bug 1369309 - Part 2: Add a test case to check whether media statistics has been spoofed correctly when 'privacy.resistFingerprinting' is true. r=jwwang, r=arthuredelstein MozReview-Commit-ID: F6jNk58z7bH
81f871657e18ded2d101f3e36c1bac23ea61ad89: Bug 1369309 - Part 1: Spoofing media statistics to 0 when 'privacy.resistFingerprinting' is true. r=jwwang, r=arthuredelstein
Tim Huang <tihuang@mozilla.com> - Mon, 19 Jun 2017 14:43:26 +0800 - rev 373904
Push 48490 by ryanvm@gmail.com at Thu, 10 Aug 2017 20:10:41 +0000
Bug 1369309 - Part 1: Spoofing media statistics to 0 when 'privacy.resistFingerprinting' is true. r=jwwang, r=arthuredelstein MozReview-Commit-ID: FNALpUGFDTQ
3b4442aa9040dd915b73dd7ef3639f822208675e: Bug 1333641 - Part 2: Add a test case to verify the behavior of speechSynthesis API when 'privacy.resistfingerprinting' is true. r=arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Thu, 20 Jul 2017 16:57:03 +0800 - rev 370987
Push 47257 by cbook@mozilla.com at Wed, 26 Jul 2017 08:33:43 +0000
Bug 1333641 - Part 2: Add a test case to verify the behavior of speechSynthesis API when 'privacy.resistfingerprinting' is true. r=arthuredelstein,smaug This patch adds a test case to verify the speechSynthesis API when fingerprinting resistance is enabled. This test will first make sure the speechSynthesis has been setup correctly and then flip the pref 'privacy.resistFingerprinting'. Then, it will test speechSynthesis.getVoices(), onvoiceschanged event and speechSynthesis.speak(). MozReview-Commit-ID: 33BcZcHPgat
543ace8b7216f5cb3e6dd5a85ef1efe3eca97811: Bug 1333641 - Part 1: Making the speechSynthesis API unfingerprintable when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Thu, 20 Jul 2017 16:07:32 +0800 - rev 370986
Push 47257 by cbook@mozilla.com at Wed, 26 Jul 2017 08:33:43 +0000
Bug 1333641 - Part 1: Making the speechSynthesis API unfingerprintable when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug The patch will change the behavior of speechSynthesis API when fingerprinting resistance is enabled. First, the speechSynthesis.getVoices() will always report an empty list and the speechSynthesis.onvoiceschanged event will be blocked. And it will immediately fail when using the speechSynthesis.speak() to speak an utterance. By doing so, websites can no longer fingerprint users through this speechSynthesis API. In addition, this only affect contents, so the chrome can still use this API even the fingerprinting resistance is enabled. MozReview-Commit-ID: KxJX8fo30WS
5cc6976b59ced0d54773e4417f5e2d5ca6d5c137: Bug 1372069 - Part 2: Add a test case for making sure geolocation API has been disabled correctly when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Thu, 13 Jul 2017 15:23:47 +0800 - rev 368889
Push 46483 by ryanvm@gmail.com at Fri, 14 Jul 2017 12:25:51 +0000
Bug 1372069 - Part 2: Add a test case for making sure geolocation API has been disabled correctly when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug This patch adds a test case to check whether geolocation API is disabled when fingerprinting resistance is enabled. The test will check that the successCallback of geolocation API is not called, but the errorCallback is called with a PERMISSION_DENIED error when 'privacy.resistFingerprinting' is true. MozReview-Commit-ID: IyoEMyX5yNP
a450b50c2222664f6f2e6bfff09b81274bc242a2: Bug 1372069 - Part 1: Disable Geolocation when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug
Tim Huang <tihuang@mozilla.com> - Thu, 13 Jul 2017 14:11:08 +0800 - rev 368888
Push 46483 by ryanvm@gmail.com at Fri, 14 Jul 2017 12:25:51 +0000
Bug 1372069 - Part 1: Disable Geolocation when 'privacy.resistFingerprinting' is true. r=arthuredelstein,smaug This patch disables Geolocation API when fingerprinting resistance is enabled. The way we disable it is the same as how we disable this API for non-secure origins that we will reject the request from this API and still keep this API around. MozReview-Commit-ID: 5D7Bf6Rplm8
2dbe15749c1b6a564ce7e963826e9a16855daf78: Bug 1361500 - Don't call _tzset on startup r=arthuredelstein,Ehsan
Doug Thayer <dothayer@mozilla.com> - Fri, 23 Jun 2017 12:56:03 -0400 - rev 367802
Push 46110 by dothayer@mozilla.com at Fri, 07 Jul 2017 15:32:29 +0000
Bug 1361500 - Don't call _tzset on startup r=arthuredelstein,Ehsan The reason we call _tzset inside DateTime.cpp is to allow the privacy.resistFingerprinting pref to mask our timezone by setting the TZ environment variable. Without _tzset, the changes to the environment variable won't actually change anything. However, if a process is started with the TZ environment variable set to something (like "UTC"), then those changes will be active in that process. Since we're only masking timezone to JS running in the content process, and since those content processes will be started by the parent process which has already set its TZ to UTC, and will copy that variable to its children, we only need to call _tzset() when the pref changes, and only in the content process, provided we are on e10s. MozReview-Commit-ID: CPU99BGDUPj
12f8c79dabb4b267f5f033c644295544ed82ad0c: Bug 1372072 - Part 2: Add a test case for check whether network information API has been spoofed correctly when 'privacy.resistFingerprinting' is true. r=arthuredelstein,baku
Tim Huang <tihuang@mozilla.com> - Tue, 13 Jun 2017 14:10:18 +0800 - rev 366732
Push 45705 by ryanvm@gmail.com at Thu, 29 Jun 2017 19:01:38 +0000
Bug 1372072 - Part 2: Add a test case for check whether network information API has been spoofed correctly when 'privacy.resistFingerprinting' is true. r=arthuredelstein,baku This adds a test case to test that network information is correctly spoofed when 'privacy.resistFingerprinting' is true. This tests not only windows, but also workers. MozReview-Commit-ID: Lt6HZlFrcja