commit 7db15759a31a7381d0a43b1a40373cd9f970210a Author: Richard Pospesel richard@torproject.org Date: Thu Jan 18 19:15:55 2018 -0800

Bug 15599: Range requests used by pdfjs are not isolated to URL bar domain

After much debugging and investigation, it seems that the required information needed to drive the first-party domain cannot be accessed in the XmlHttpRequest creation path. The JS context the part of pdf.js making the range requests runs with does not have a reference to parent window and associated LoadInfo information (which includes the requesting first-party domain).

To fix the issue, we can easily disable support for range-based requests via the pdfjs.disableRange property. However, the side-effect here is that pages can not be read as they load; the entire pdf must be downloaded before it can be read and interacted with.

This patch updates each platforms extension-overrides.js to change this pref. --- .../Data/Browser/profile.default/preferences/extension-overrides.js | 4 ++++ .../Data/Browser/profile.default/preferences/extension-overrides.js | 4 ++++ .../Data/Browser/profile.default/preferences/extension-overrides.js | 4 ++++ 3 files changed, 12 insertions(+)

diff --git a/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js index 54dcf91..9476edc 100644 --- a/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js +++ b/projects/tor-browser/Bundle-Data/linux/Data/Browser/profile.default/preferences/extension-overrides.js @@ -56,3 +56,7 @@ pref("noscript.restrictSubdocScripting", true); pref("noscript.showVolatilePrivatePermissionsToggle", false); pref("noscript.volatilePrivatePermissions", true); pref("noscript.clearClick", 0); + +# PDF.js +// needs to be a user_pref because pdf.js blows away non-user prefs with it's own defaults each time +user_pref("pdfjs.disableRange", true); diff --git a/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js index 54dcf91..9476edc 100644 --- a/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js +++ b/projects/tor-browser/Bundle-Data/mac/TorBrowser/Data/Browser/profile.default/preferences/extension-overrides.js @@ -56,3 +56,7 @@ pref("noscript.restrictSubdocScripting", true); pref("noscript.showVolatilePrivatePermissionsToggle", false); pref("noscript.volatilePrivatePermissions", true); pref("noscript.clearClick", 0); + +# PDF.js +// needs to be a user_pref because pdf.js blows away non-user prefs with it's own defaults each time +user_pref("pdfjs.disableRange", true); diff --git a/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js b/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js index 54dcf91..9476edc 100644 --- a/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js +++ b/projects/tor-browser/Bundle-Data/windows/Data/Browser/profile.default/preferences/extension-overrides.js @@ -56,3 +56,7 @@ pref("noscript.restrictSubdocScripting", true); pref("noscript.showVolatilePrivatePermissionsToggle", false); pref("noscript.volatilePrivatePermissions", true); pref("noscript.clearClick", 0); + +# PDF.js +// needs to be a user_pref because pdf.js blows away non-user prefs with it's own defaults each time +user_pref("pdfjs.disableRange", true);