[tor-bugs] #17790 [Tor Browser]: unit tests for keyboard defenses

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jan 12 11:10:54 UTC 2016

#17790: unit tests for keyboard defenses
 Reporter:  arthuredelstein        |          Owner:  tbb-team
     Type:  defect                 |         Status:  needs_revision
 Priority:  Medium                 |      Milestone:
Component:  Tor Browser            |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  TorBrowserTeam201601R  |  Actual Points:
Parent ID:                         |         Points:
  Sponsor:                         |
Changes (by gk):

 * status:  needs_review => needs_revision



 +        // We should only see the modifier key in content if suppression
 +        // active; otherwise we expect to see the "x" key instead.
 +        let expectedContentKey = suppressModifiers ? "x" : modifierKey;
 It seems the comment does not match the code? We get "x" if the modifiers
 are suppressed and the modifier key otherwise (which is intended). So,
 s/active/not active/ ?

 More importantly, the behavior of `privacy.suppressModifierKeyEvents` is
 dependent on the value for `privacy.resistFingerprinting` but the test
 does not take that into account. I think we should at least assume
 explicitly that the latter is `true`. It might be good, though, to test as
 well with the latter being `false` to make sure the code for #17009 is not
 kicking in even if `privacy.suppressModifierKeyEvents` is `true`.


 +  // Return a promise that resolves to the event when]

 #15646 takes care of more things than `keyCode` and `shiftKey`, e.g:
 `code` and `loaction` as well and Alt-key handling. What is with those?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17790#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list