[tor-bugs] #9881 [Tor Browser]: Javascript can create/resize windows to consume the entire desktop

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Aug 7 09:33:46 UTC 2014 

#9881: Javascript can create/resize windows to consume the entire desktop
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mikeperry
  mikeperry              |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-fingerprinting, tbb-testcase,
  Browser                |  tbb-firefox-patch
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by gk):

 Replying to [comment:30 faether]:
 > Replying to [comment:29 gk]:
 > > Replying to [comment:28 cypherpunks]:
 > > > After setting the three prefs, did the test not open in a new
 ''tab''? But its size was still unexpected?
 > >
 > > It opened in a new tab but running the test in comment:21 trying to
 get some information out of the user showed at least on one testing
 machine that it worked.
 >
 > Huh. That sounds interesting. Just so I really understand it right,
 >
 > 1. You started a clean Tor Browser on the test machine,
 > 2. its initial window had a correctly rounded size A,
 > 3. you set `browser.link.open_newwindow.restriction = 0`,
 > 4. went to the test page from comment:21 and clicked "Open window",
 > 5. it did '''not''' open a new window, but a new tab in the initial
 window,
 > 6. but the test still reported size B, with B != A?

 Yes.

 > If that's the case, can you tell me the test machine's OS etc.? I'd like
 to reproduce it.

 It is an old netbook with two slow cores and 1GiB RAM running Debian
 testing. I did not see the issue on faster hardware. It is probably a race
 condition in our rounding-window-on-startup-nightmare. See #9268 for the
 remaining issues and why we need a Tor Browser patch.

 > [However, even if `browser.link.open_newwindow.restriction = 0` does not
 work absolutely ''everywhere'', we could still set it to protect most
 users?]

 Maybe. So what is your proposed patch for this bug then just doing a
 `browser.link.open_newwindow.restriction = 0`?

 > > This means, that the current code responsible for rounding the window
 dimensions does not cope with the use-case you have in mind.
 >
 > See, now I'm confused again. When
 `browser.link.open_newwindow.restriction = 0` is set and works, then the
 window-rounding code shouldn't even fire here because popups will never go
 to a ''new'' window.

 I'd need to dig up the code but I think the new-window-logic is running as
 usual (+ the window-rounding code) but is encountering the request to open
 the content in a new tab in its course. This happens before the user is
 seeing anything on its screen. The result is: no popup window but a new
 tab.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9881#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list