[tor-bugs] #18601 [Applications/Tor Browser]: User Timing API in workers might expose high resolution time to content
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 11 21:13:01 UTC 2016
#18601: User Timing API in workers might expose high resolution time to content
--------------------------------------------+--------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff45-esr, TorBrowserTeam201605 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------------+--------------------------
Comment (by arthuredelstein):
I manually confirmed that the User Timing API (performance marks and
performance measures) are removed when the `dom.enable_user_timing` pref
is disabled (as was already done in #16336).
Here is what I did:
1. Enable `dom.enable_user_timing`:
{{{
> new
Worker("data:text/javascript,postMessage(Object.getOwnPropertyNames(performance.__proto__).sort().join(',
'));").onmessage = msg => console.log(msg.data);
< clearMarks, clearMeasures, constructor, getEntries, getEntriesByName,
getEntriesByType, mark, measure, now
}}}
2. Disable `dom.enable_user_timing`:
{{{
> new
Worker("data:text/javascript,postMessage(Object.getOwnPropertyNames(performance.__proto__).sort().join(',
'));").onmessage = msg => console.log(msg.data);
< constructor, now
}}}
We should be able to pretty easily automate such tests in #18597.
I also checked the performance object in a non-Worker context:
1. Enabling `dom.enable_user_timing`:
{{{
> Object.getOwnPropertyNames(performance.__proto__).sort().join(", ")
< "clearMarks, clearMeasures, clearResourceTimings, constructor,
getEntries, getEntriesByName, getEntriesByType, mark, measure, navigation,
now, onresourcetimingbufferfull, setResourceTimingBufferSize, timing,
toJSON"
}}}
2. Disabling `dom.enable_user_timing`:
{{{
> Object.getOwnPropertyNames(performance.__proto__).sort().join(", ")
< "constructor, navigation, now, timing, toJSON"
}}}
So the only leftover things in the main-thread `performance` object are
`performance.now()` and `performance.timing` and `performance.toJSON()`
which all look clean to me.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18601#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list