commit 2bcb7e64b8d05b8449df9a5e4ad09c125f0af6f4 Author: Georg Koppen gk@torproject.org Date: Wed May 29 12:29:19 2019 +0000
Bug 30541: Disable WebGL readPixel() for web content --- dom/canvas/ClientWebGLContext.cpp | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp index e399b5e66de0..4becf41b4e62 100644 --- a/dom/canvas/ClientWebGLContext.cpp +++ b/dom/canvas/ClientWebGLContext.cpp @@ -4636,6 +4636,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck( return false; }
+ // Security check passed, but don't let content readPixel calls through for + // now, if Resist Fingerprinting Mode is enabled. + if (nsContentUtils::ResistFingerprinting(aCallerType)) { + JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode"); + out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); + return false; + } + return true; }
tbb-commits@lists.torproject.org