Pier Angelo Vendrame pushed to branch base-browser-140.5.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: aefedb35 by Pier Angelo Vendrame at 2025-11-24T10:31:55+01:00 fixup! BB 43615: Add Gitlab Issue and Merge Request templates Update GitLab templates. Avoid mentioning existing issues/MRs, and update the channels. - - - - - 6c7f3377 by Tom Ritter at 2025-11-24T10:31:58+01:00 Bug 1999126: Hide the value of the pdfjs pref from being disabled when RFP is enabled r=timhuang Differential Revision: https://phabricator.services.mozilla.com/D272930 - - - - - 8 changed files: - .gitlab/issue_templates/040 Feature.md - .gitlab/issue_templates/050 Backport.md - .gitlab/merge_request_templates/Default.md - browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js - dom/base/Navigator.cpp - dom/base/nsMimeTypeArray.cpp - dom/base/nsPluginArray.cpp - toolkit/components/resistfingerprinting/RFPTargets.inc Changes: ===================================== .gitlab/issue_templates/040 Feature.md ===================================== @@ -18,11 +18,11 @@ Provide an overview of the technical/implementation aspects of this feature ### Proposal <!-- Add links to associated proposal issues (or delete block) --> -- tor-browser#12345 +- tor-browser#xxxxx ### Design <!-- Add links to associated design issues (or delete block) --> -- tpo/UX/Design#123 +- tpo/UX/Design#xyz <!-- Do not edit beneath this line <3 --> ===================================== .gitlab/issue_templates/050 Backport.md ===================================== @@ -13,12 +13,12 @@ please ensure the title has the following format: ## Bookkeeping ### Issue(s) -- tor-browser#12345 -- mullvad-browser#123 -- https://bugzilla.mozilla.org/show_bug.cgi?id=1234567 +- tor-browser#xxxxx +- mullvad-browser#xyz +- https://bugzilla.mozilla.org/show_bug.cgi?id=xxxxxxx ### Merge Request(s) -- tor-browser!123 +- tor-browser!xxxx ### Target Channels ===================================== .gitlab/merge_request_templates/Default.md ===================================== @@ -27,8 +27,8 @@ #### Target Channels -- [ ] **Alpha**: esr140-15.0 -- [ ] **Stable**: esr128-14.5 +- [ ] **Alpha**: rapid release, 16.0 +- [ ] **Stable**: esr140-15.0 - [ ] **Legacy**: esr115-13.5 ### Backporting ===================================== browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js ===================================== @@ -331,6 +331,13 @@ add_task(async () => { await simpleRFPTest(uri, testNavigator, expectedResults); }); +add_task(async () => { + expectedResults = structuredClone(allSpoofed); + await simpleRFPTest(uri, testNavigator, expectedResults, {}, [ + ["pdfjs.disabled", true], + ]); +}); + // In the below tests, we use the cross-origin domain as the base URI of a resource we fetch (on both the framer and framee) // so we can check that the HTTP header is as expected. ===================================== dom/base/Navigator.cpp ===================================== @@ -510,7 +510,11 @@ nsPluginArray* Navigator::GetPlugins(ErrorResult& aRv) { return mPlugins; } -bool Navigator::PdfViewerEnabled() { return !StaticPrefs::pdfjs_disabled(); } +bool Navigator::PdfViewerEnabled() { + return !StaticPrefs::pdfjs_disabled() || + nsContentUtils::ShouldResistFingerprinting(GetDocShell(), + RFPTarget::PdfjsSpoof); +} Permissions* Navigator::GetPermissions(ErrorResult& aRv) { if (!mWindow) { ===================================== dom/base/nsMimeTypeArray.cpp ===================================== @@ -79,7 +79,11 @@ void nsMimeTypeArray::GetSupportedNames(nsTArray<nsString>& retval) { } } -bool nsMimeTypeArray::ForceNoPlugins() { return StaticPrefs::pdfjs_disabled(); } +bool nsMimeTypeArray::ForceNoPlugins() { + return StaticPrefs::pdfjs_disabled() && + !nsContentUtils::ShouldResistFingerprinting( + mWindow ? mWindow->GetDocShell() : nullptr, RFPTarget::PdfjsSpoof); +} NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(nsMimeType, mPluginElement) ===================================== dom/base/nsPluginArray.cpp ===================================== @@ -97,7 +97,11 @@ void nsPluginArray::GetSupportedNames(nsTArray<nsString>& aRetval) { } } -bool nsPluginArray::ForceNoPlugins() { return StaticPrefs::pdfjs_disabled(); } +bool nsPluginArray::ForceNoPlugins() { + return StaticPrefs::pdfjs_disabled() && + !nsContentUtils::ShouldResistFingerprinting( + mWindow ? mWindow->GetDocShell() : nullptr, RFPTarget::PdfjsSpoof); +} NS_IMPL_CYCLE_COLLECTING_ADDREF(nsPluginArray) NS_IMPL_CYCLE_COLLECTING_RELEASE(nsPluginArray) ===================================== toolkit/components/resistfingerprinting/RFPTargets.inc ===================================== @@ -34,7 +34,8 @@ ITEM_VALUE(NavigatorHWConcurrency, 16) ITEM_VALUE(NavigatorOscpu, 17) ITEM_VALUE(NavigatorPlatform, 18) ITEM_VALUE(NavigatorUserAgent, 19) -// We no longer use PointerId, it can renamed and reused +// If the user disables PDFJS via a pref, we do not expose that to the web +ITEM_VALUE(PdfjsSpoof, 20) ITEM_VALUE(StreamVideoFacingMode, 21) ITEM_VALUE(JSDateTimeUTC, 22) ITEM_VALUE(JSMathFdlibm, 23) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0dd4682... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/0dd4682... You're receiving this email because of your account on gitlab.torproject.org.