[tbb-commits] [tor-browser] branch tor-browser-102.2.0esr-12.0-3 updated: Bug 41116: Normalize system fonts.

gitolite role git at cupani.torproject.org
Mon Sep 19 23:09:53 UTC 2022


This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-102.2.0esr-12.0-3
in repository tor-browser.

The following commit(s) were added to refs/heads/tor-browser-102.2.0esr-12.0-3 by this push:
     new 582fab63ef3b9 Bug 41116: Normalize system fonts.
582fab63ef3b9 is described below

commit 582fab63ef3b94801cc9f53fefc5e4e25988e29e
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Mon Sep 19 12:57:40 2022 +0200

    Bug 41116: Normalize system fonts.
    
    System fonts are an enormous fingerprinting vector.
    Even with font allow lists and with our custom configuration on Linux,
    which counter metrics measurements, getComputedStyle leaks several
    details.
    This patch counters both these kinds of attacks.
---
 widget/nsXPLookAndFeel.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/widget/nsXPLookAndFeel.cpp b/widget/nsXPLookAndFeel.cpp
index 3cc2c561dbc54..8791038a2a3f0 100644
--- a/widget/nsXPLookAndFeel.cpp
+++ b/widget/nsXPLookAndFeel.cpp
@@ -1000,6 +1000,17 @@ widget::LookAndFeelFont nsXPLookAndFeel::StyleToLookAndFeelFont(
 
 bool nsXPLookAndFeel::GetFontValue(FontID aID, nsString& aName,
                                    gfxFontStyle& aStyle) {
+  if (nsContentUtils::ShouldResistFingerprinting()) {
+#ifdef XP_MACOSX
+    aName = u"-apple-system"_ns;
+#else
+    aName = u"sans-serif"_ns;
+#endif
+    aStyle = gfxFontStyle();
+    aStyle.size = 12;
+    return true;
+  }
+
   if (const LookAndFeelFont* cached = sFontCache.Get(aID)) {
     return LookAndFeelFontToStyle(*cached, aName, aStyle);
   }

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tbb-commits mailing list