Opened 3 years ago

Last modified 3 years ago

#23216 new defect

The `languagechange` event is noticeable on all open tabs

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-linkability
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


It turns out that there is the languagechange event which is noticeable on all open tabs allowing to correlate activity of a user cross-domain and bypassing our unlinkability requirement.

Now, triggering that one can't be done remotely and is probably not done very often. But still we should find a way to make it much less obvious to third party scripts that a particular user made language related changes and has been on website A, B, and C.

Reported on HackerOne by tomvg.

Child Tickets

Change History (2)

comment:1 Changed 3 years ago by mcs

There is some documentation here:

I assume that the only way to trigger this is to change intl.accept_languages (either via about:config or via the preferences UI). I wonder how many pages listen for this event? It might be okay to just suppress it.

Last edited 3 years ago by mcs (previous) (diff)

comment:2 Changed 3 years ago by gk

Yes, I think suppressing it could work. Not sure if Mozilla would be happy with such a kind of patch, though.

Note: See TracTickets for help on using tickets.