[tor-bugs] #17790 [Tor Browser]: unit tests for keyboard defenses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 12 11:10:54 UTC 2016
#17790: unit tests for keyboard defenses
-----------------------------------+--------------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: defect | Status: needs_revision
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201601R | Actual Points:
Parent ID: | Points:
Sponsor: |
-----------------------------------+--------------------------------
Changes (by gk):
* status: needs_review => needs_revision
Comment:
e58782ab2034cf30ea548b0f87de122ac4805118
{{{
+ // We should only see the modifier key in content if suppression
is
+ // active; otherwise we expect to see the "x" key instead.
+ let expectedContentKey = suppressModifiers ? "x" : modifierKey;
}}}
It seems the comment does not match the code? We get "x" if the modifiers
are suppressed and the modifier key otherwise (which is intended). So,
s/active/not active/ ?
More importantly, the behavior of `privacy.suppressModifierKeyEvents` is
dependent on the value for `privacy.resistFingerprinting` but the test
does not take that into account. I think we should at least assume
explicitly that the latter is `true`. It might be good, though, to test as
well with the latter being `false` to make sure the code for #17009 is not
kicking in even if `privacy.suppressModifierKeyEvents` is `true`.
d5481537329a7a77ab597f40892c7df83d0ffcc2
{{{
+ // Return a promise that resolves to the event when]
}}}
s/]//
#15646 takes care of more things than `keyCode` and `shiftKey`, e.g:
`code` and `loaction` as well and Alt-key handling. What is with those?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17790#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list