[tor-bugs] #13496 [Applications/Tor Browser]: Write test for spoofed navigator* values in workers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 30 08:38:23 UTC 2020
#13496: Write test for spoofed navigator* values in workers
--------------------------------------+--------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: assigned
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff38-esr, tbb-testcase | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by Thorin):
@gk: tests you say... ok then (RFP passes every single test I can think
of: excluding feature detection)
- Firefox (use a non-68 release)
- flip RFP on
- while I'm still in the process of finishing building these into TZP, you
can use kkapsner's test [1]
- this tests open.window(), iframe, nested iframe, "sneaky" iframe, some
other iframe, web worker, shared worker, service worker, nested workers,
worker from blob ... etc
- I've tested kkapsner's test with RFP off and UA spoofing extensions that
fail to cover iframes etc
- for those following along at home: ignore the red line that says headers
is different to navigator (that's by design)
[1] https://canvasblocker.kkapsner.de/test/navigatorTest.php
As for what tests are upstream, it seems limited
- https://dxr.mozilla.org/mozilla-
central/source/browser/components/resistfingerprinting/test/browser/browser_navigator.js
- ^^ includes a worker test
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13496#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list