Opened 11 months ago

Closed 11 months ago

Last modified 11 months ago

#29051 closed defect (worksforme)

backport 1446472 - privacy.resistFingerprinting is true blocks QR code (canvas) on web.whatsapp.com without any notice

Reported by: pospeselr Owned by: pospeselr
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: tbb-team Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

related: #29028

Child Tickets

Change History (3)

comment:1 Changed 11 months ago by gk

Resolution: worksforme
Status: assignedclosed

Sorry that I did not catch this earlier on IRC but that work is not needed as the backport done by tom already landed on esr60:

https://hg.mozilla.org/releases/mozilla-esr60/rev/91e3866c2649
https://hg.mozilla.org/releases/mozilla-esr60/rev/a578196b1fe0

comment:2 Changed 11 months ago by tom

To answer your question from irc, pospeselr: If the canvas extraction isn't trigger by user input, you should see an icon in the url bar but no doorhanger. Once it's triggered from user input - doorhanger appears. I made https://ritter.vg/misc/ff/canvas.html for simple testing.

This assumes privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts is 'true' (in Tor Browser currently it is false).

This ticket is probably still valid, I hope that this improvement is enough for Tor to consider flipping it back to 'true'. (Which I think is a better overall experience, even if it does make WhatsApp more confusing?)

comment:3 in reply to:  2 Changed 11 months ago by gk

Replying to tom:

This ticket is probably still valid, I hope that this improvement is enough for Tor to consider flipping it back to 'true'. (Which I think is a better overall experience, even if it does make WhatsApp more confusing?)

Not sure in which sense it is still valid but the flip back should be handled by #29028.

Note: See TracTickets for help on using tickets.