Skip to content
Snippets Groups Projects
Closed Fonts limit bypass with iframes
  • View options

    • Fonts limit bypass with iframes

    • View options
    • Closed created by Trac

    It is possible to bypass max font using iframe (also object/frame i guess),

    1st demo shows that each iframe instance has own max_font. If you create many iframes with less than max_fonts in each, it not reset window.parent fonts. http://pastebin.com/raw.php?i=MkqVQv8x

    2nd, full bruteforce script with 512 fonts array. It dynamically creates many iframes with N fonts in each. Each iframe separately executes typical js/css detection mmmmlliii script with a short given set of fonts, and sends offsetWidth/Heights to parent script via postMessage. Parent script collect all answers and then compare results. http://pastebin.com/raw.php?i=D8DWb47X

    Trac:
    Username: jaedo

    Attributes

    Assignees

    Labels

    component firefox patch issues owner mikeperry priority high reporter jaedo resolution duplicate status closed tbb-fingerprinting type defect

    Milestone

    None

    Dates

    Start: None

    Due: None

    Time tracking

    No estimate or time spent

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first