[tor-bugs] #9881 [Tor Browser]: Javascript can create/resize windows to consume the entire desktop

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Aug 5 10:55:31 UTC 2014 

#9881: Javascript can create/resize windows to consume the entire desktop
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mikeperry
  mikeperry              |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-fingerprinting, tbb-testcase,
  Browser                |  tbb-firefox-patch
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by faether):

 Replying to [comment:29 gk]:
 > Replying to [comment:28 cypherpunks]:
 > > After setting the three prefs, did the test not open in a new ''tab''?
 But its size was still unexpected?
 >
 > It opened in a new tab but running the test in comment:21 trying to get
 some information out of the user showed at least on one testing machine
 that it worked.

 Huh. That sounds interesting. Just so I really understand it right,

 1. You started Tor Browser on the test machine
 2. Its initial window had a correctly rounded size A
 3. You went to the test page from comment:21 and clicked "Open window"
 4. It did '''not''' open a new window, but a new tab in the initial window
 5. But the test still reported size B, with B != A?

 If that's the case, can you tell me the test machine's OS etc.? I'd like
 to reproduce it.

 Here (Linux, fresh TBB installation),
 `browser.link.open_newwindow.restriction = 0` causes the comment:21 test
 to open in a new tab in the main window and to show that main window's
 size, as it should.

 [However, even if `browser.link.open_newwindow.restriction = 0` does not
 work absolutely ''everywhere'', we could still set it to protect most
 users?]

 > This means, that the current code responsible for rounding the window
 dimensions does not cope with the use-case you have in mind.

 See, now I'm confused again. When `browser.link.open_newwindow.restriction
 = 0` is set and works, then the window-rounding code shouldn't even fire
 here because popups will never go to a ''new'' window.

 > > Replying to [comment:27 gk]:
 > > > And I still think we should not prohibit moving popup windows.
 > >
 > > With `browser.link.open_newwindow.restriction = 0` diverting all
 popups to tabs,  `dom.disable_window_move_resize = true` would just stop
 remote moving and remote resizing of the user-opened windows.
 >
 > And this still works even though
 https://bugzilla.mozilla.org/show_bug.cgi?id=565541 got fixed long ago?

 Oh you're right, with `browser.link.open_newwindow.restriction = 0` it's
 unnecessary to add `dom.disable_window_move_resize = true`. I've been
 using that latter pref for many, many years and hadn't even realized that
 things have improved. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9881#comment:30>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list