Opened 9 months ago
Last modified 9 months ago
#27258 new defect
font whitelist means we don't have to set gfx.downloadable_fonts.fallback_delay
| Reported by: | arthuredelstein | Owned by: | tbb-team |
|---|---|---|---|
| Priority: | Medium | Milestone: | |
| Component: | Applications/Tor Browser | Version: | |
| Severity: | Normal | Keywords: | tbb-fingerprinting-font, ff60-esr |
| Cc: | Actual Points: | ||
| Parent ID: | Points: | ||
| Reviewer: | Sponsor: |
Description
In 8455, "gfx.downloadable_fonts.fallback_delay" was set to -1 to avoid temporarily rendering a local font, which would allow its characters to be measured. But now that we whitelist fonts, it is probably OK to stop setting this pref. We should confirm that the fallback mechanism doesn't provide a whitelist bypass.
Child Tickets
Note: See
TracTickets for help on using
tickets.
#8455,
tbb-fingerprinting-fonts.For fingerprinting purposes
gfx.downloadable_fonts.fallback_delay_shortis available ;)