Opened 4 years ago

Closed 4 years ago

#18777 closed defect (fixed)

restore "black on black constrast fix" to ESR45

Reported by: arthuredelstein Owned by: mcs
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ff45-esr, tbb-6.0a5, TorBrowserTeam201604R
Cc: mcs, brade, gk Actual Points:
Parent ID: #15197 Points:
Reviewer: Sponsor:

Description

brade and mcs's patch to prevent exposing system colors to CSS and canvas was partially upstreamed, but there is another part that needs to be rebased to ESR45. Because this task is somewhat more complicated, I am creating this ticket.

It would also be good to have a unit test under Tor Project's control that ensures that the upstreamed part and the non-upstreamed part are providing complete protection.

The original patch in TBB/ESR38 is
8b3d00b982db7a1b3101dc9318c1301bf944b161

The part upstreamed to mozilla (and now in ESR45) is
61c6a3b38353835315f2d1b9761de9c95ba83c8d

Child Tickets

Attachments (1)

0001-Bug-6786-Do-not-expose-system-colors-to-CSS-or-canva.patch (7.0 KB) - added by mcs 4 years ago.
rebased patch

Download all attachments as: .zip

Change History (10)

comment:1 Changed 4 years ago by gk

Keywords: ff45-esr tbb-6.0a5 added

comment:2 Changed 4 years ago by arthuredelstein

Once we fix this, we should open a ticket on bugzilla.mozilla.org.

comment:3 Changed 4 years ago by mcs

Keywords: TorBrowserTeam201604 added
Owner: changed from tbb-team to mcs
Status: newassigned

comment:4 Changed 4 years ago by mcs

See #7920 for some details on why we need this patch (#7920 is a follow up ticket related to the #6786 work).

comment:5 Changed 4 years ago by mcs

Keywords: TorBrowserTeam201604R added; TorBrowserTeam201604 removed
Status: assignedneeds_review

I attached a rebased patch. Please review. Note that Kathy and I have not tested this on Windows yet (where the original problem was observed) but the patch was not difficult to rebase once we extracted it from the portion of #6786 that was upstreamed.

comment:6 Changed 4 years ago by gk

Looks good to me. Reading https://bugzilla.mozilla.org/show_bug.cgi?id=232227#c42 it seems upstreaming that one fell through the cracks, right?

comment:7 in reply to:  6 Changed 4 years ago by mcs

Replying to gk:

Looks good to me. Reading https://bugzilla.mozilla.org/show_bug.cgi?id=232227#c42 it seems upstreaming that one fell through the cracks, right?

Yes.

comment:8 Changed 4 years ago by arthuredelstein

Looks good to me as well. Applied to
https://github.com/arthuredelstein/tor-browser/commits/15197+11
Hash 3a1d2eb572da6c7fb441437a7ea4ae6e75c87e2d

comment:9 Changed 4 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Okay, closing this one then.

Note: See TracTickets for help on using tickets.