[tbb-dev] jshooks?

Mike Perry mikeperry at torproject.org
Mon Jun 2 16:24:30 UTC 2014


Arthur D. Edelstein:
> Hi All,
> 
> I'm developing a patch for https://trac.torproject.org/5926, to stop
> the JavaScript Date object from leaking locale information. I was
> patching tor-browser.git C++ code, but then I noticed two files in
> torbutton, jshooks.js and jshooks4.js:
> https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/chrome/content/jshooks.js
> https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/chrome/content/jshooks4.js
> 
> These files seem to be relevant to the patch, and I have some
> questions about them:
> 
> 1. In jshooks.js, the series of lines that re-define the window.Date
> prototype, as controlled by line 72, `if(window.__tb_hook_date ==
> true)`,  is never called, as far as I can tell, because __tb_hook_date
> is never defined. Indeed, if that code were called, then the bug I'm
> working on would already be mostly fixed. Is there a reason this
> section of jshooks.js is being retained? Should it be re-activated or
> is it better for me to continue with a C++ patch?

Right, we abandoned the old Javascript hooking code and disabled it. It
proved fragile, difficult to keep up to date, and difficult to protect
against various ways of bypassing the hooks. We've opted for direct
Firefox patches instead.

> 2. jshooks4.js doesn't seem to be in use at all. Is that correct?
> Would it make sense to remove this file from the master branch?

Probably to avoid confusion, yes.

> 3. In general, what's the approach for deciding whether to patch
> Mozilla C++ code vs torbutton JS code for anti-fingerprinting and
> similar bugs? I understand there is a desire to move more toward C++,
> but I'm not sure what the overall plan is.

Long-term, we want to move all of the privacy features of Torbutton into
either C++ patches for Mozilla to merge, or failing that, into a
separate addon for dealing specifically with privacy.

In this particular case (locale leaking in Date()), I think we
definitely want a C++ patch.

The only thing that might change this is if there were a lot of such
locale leaks, and they turned to likely to be both extremely tedious to
fix with C++ patches, as well as unlikely to ever be merged by Mozilla.


-- 
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20140602/b13a47e4/attachment.sig>


More information about the tbb-dev mailing list