Opened 3 years ago

Closed 3 years ago

#13016 closed defect (fixed)

Remove access to all Mozilla-prefixed media queries

Reported by: mikeperry Owned by: mcs
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: tbb-fingerprinting, ff31-esr, TorBrowserTeam201410Easy, MikePerry201410R
Cc: brade, mikeperry, arthuredelstein Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In Firefox25, Mozilla added a couple scary media queries (-moz-os-version and -moz-osx-font-smoothing).

I think we should get rid of these, as well as most/all of the prefixed media queries in https://developer.mozilla.org/en-US/docs/Web/Guide/CSS/Media_queries#-moz-os-version.

Either just disable them, or make them lie.

Child Tickets

Change History (7)

comment:1 Changed 3 years ago by mikeperry

Keywords: TorBrowserTeam201410 added; TorBrowserTeam201409 removed

comment:2 Changed 3 years ago by mikeperry

Keywords: TorBrowserTeam201410Easy added; TorBrowserTeam201410 removed

comment:3 Changed 3 years ago by mcs

Cc: brade added
Owner: changed from tbb-team to mcs
Status: newassigned

comment:4 Changed 3 years ago by arthuredelstein

FWIW, I think the -moz-os-version media query has already been blanked out:
https://gitweb.torproject.org/tor-browser.git/blob/8d554bf700a1d3eceeabbdb1078d5e20806e1baa:/layout/style/nsMediaFeatures.cpp#l362

I haven't tested this on Windows, however.

comment:5 in reply to:  4 Changed 3 years ago by mcs

Cc: mikeperry arthuredelstein added
Keywords: MikePerry201410R added

Replying to arthuredelstein:

FWIW, I think the -moz-os-version media query has already been blanked out:
https://gitweb.torproject.org/tor-browser.git/blob/8d554bf700a1d3eceeabbdb1078d5e20806e1baa:/layout/style/nsMediaFeatures.cpp#l362

Thanks for the pointer. Most of the media queries that are prefixed with -moz have already been disabled for non-Chrome callers by 8d554bf700a1d3eceeabbdb1078d5e20806e1baa (see ticket:2875#comment:17). The only one that is not disabled is -moz-is-resource-document, but brade and I do not see how that can be used for fingerprinting (it can be used to detect whether a document has been loaded indirectly, e.g., you can do <img src="test.svg"> and then use -moz-is-resource-document within test.svg). It seems like it can only be used to learn about document structure that a site has created themselves.

-moz-osx-font-smoothing is more interesting. It is a CSS property, and it can be used to detect whether the preference layout.css.osx-font-smoothing.enabled = true, which is the default on Mac OS. brade and I think we should prevent non-Chrome callers from retrieving the computed value for this CSS property, and we created a patch to block them:

https://gitweb.torproject.org/user/brade/tor-browser.git/commit/bbc88abb9221a0126668a3d1150a805418c019a7

Please review our reasoning and this patch. Thanks!

comment:6 Changed 3 years ago by mcs

Status: assignedneeds_review

comment:7 Changed 3 years ago by mikeperry

Resolution: fixed
Status: needs_reviewclosed

Yes, this looks good. Merged. Thanks!

Note: See TracTickets for help on using tickets.