Opened 4 years ago

Last modified 2 years ago

#16739 new enhancement

Whitelist fonts by filename rather than font name

Reported by: arthuredelstein Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-fingerprinting-fonts
Cc: dcf, gk Actual Points:
Parent ID: #18097 Points:
Reviewer: Sponsor:

Description

In #13313 we whitelisted fonts by file name. But as dcf points out, it would be ideal to whitelist bundled fonts only, using the font file path. As far as I can tell this will need to be implemented separately for Windows, Mac, and Linux.

Child Tickets

Change History (5)

comment:1 Changed 4 years ago by dcf

So I tried a simple and dumb thing to disable system fonts with Fontconfig, and it mostly works! All I did was comment out FcSetSystem leaving only FcSetApplication. I tested this patch on top of tbb-5.0a4-build2; i.e., with the Noto fonts installed but without the font whitelisting patch of #13313.

  • gfx/thebes/gfxFontconfigUtils.cpp

    a b gfxFontconfigUtils::UpdateFontListInternal(bool aForce) 
    589589
    590590    // These FcFontSets are owned by fontconfig
    591591    FcFontSet *fontSets[] = {
    592         FcConfigGetFonts(currentConfig, FcSetSystem)
     592        // FcConfigGetFonts(currentConfig, FcSetSystem),
    593593#ifdef MOZ_BUNDLED_FONTS
    594         , FcConfigGetFonts(currentConfig, FcSetApplication)
     594        FcConfigGetFonts(currentConfig, FcSetApplication),
    595595#endif
    596596    };
    597597
    gfxFontconfigUtils::AddFullnameEntries() 
    809809{
    810810    // These FcFontSets are owned by fontconfig
    811811    FcFontSet *fontSets[] = {
    812         FcConfigGetFonts(nullptr, FcSetSystem)
     812        // FcConfigGetFonts(nullptr, FcSetSystem),
    813813#ifdef MOZ_BUNDLED_FONTS
    814         , FcConfigGetFonts(nullptr, FcSetApplication)
     814        FcConfigGetFonts(nullptr, FcSetApplication),
    815815#endif
    816816    };
    817817
    gfxFontconfigUtils::GetLangSupportEntry(const FcChar8 *aLang, bool aWithFonts) 
    979979
    980980    // These FcFontSets are owned by fontconfig
    981981    FcFontSet *fontSets[] = {
    982         FcConfigGetFonts(nullptr, FcSetSystem)
     982        // FcConfigGetFonts(nullptr, FcSetSystem),
    983983#ifdef MOZ_BUNDLED_FONTS
    984         , FcConfigGetFonts(nullptr, FcSetApplication)
     984        FcConfigGetFonts(nullptr, FcSetApplication),
    985985#endif
    986986    };
    987987

It seems like the only negative side effect of the patch is an extension of the monospace font thing in comment:6:ticket:16672. Not only is it monospace in the tab titles and URL bar, but also Latin text in web pages is rendered using the monospace Cousine font. This might just be because the branch I built did not have the font prefs that came along with the whitelisting patch.

(BTW we already know that you can whitelist a directory in Fontconfig using fonts.conf; this is another way.)

comment:2 Changed 4 years ago by gk

Cc: gk added

comment:3 Changed 4 years ago by arthuredelstein

Parent ID: 18097

comment:4 Changed 4 years ago by arthuredelstein

Parent ID: 18097#18097

comment:5 Changed 2 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.