Bug 1492766 - Part 1: Spoofing the pointer id of pointer events when resistfingerprinting is enabled r=masayuki,smaug,arthuredelstein

This patch makes it to spoof the pointer id into mouse pointer id when resistfingerprinting is enabled. And we will only spoof for content but not for chrome. Since we don't know the pointer id beforehand, we have to cache the pointer id of the mouse interface when it is activated. And use that pointer for the purpose of fingerprinting resistance. Differential Revision: https://phabricator.services.mozilla.com/D9531 --HG-- extra : moz-landing-system : lando
2018-11-20 09:54:52 +00:00 · 2018-11-20 09:54:52 +00:00 · ea67c48602
--- a/dom/events/PointerEvent.cpp
+++ b/dom/events/PointerEvent.cpp
@ -158,9 +158,11 @@ PointerEvent::GetPointerType(nsAString& aPointerType, CallerType aCallerType)
 }

 int32_t
-PointerEvent::PointerId()
+PointerEvent::PointerId(CallerType aCallerType)
 {
-  return mEvent->AsPointerEvent()->pointerId;
+  return ShouldResistFingerprinting(aCallerType) ?
+           PointerEventHandler::GetSpoofedPointerIdForRFP() :
+           mEvent->AsPointerEvent()->pointerId;
 }

 int32_t
--- a/dom/events/PointerEvent.h
+++ b/dom/events/PointerEvent.h
@ -44,7 +44,7 @@ public:
              const nsAString& aType,
              const PointerEventInit& aParam);

-  int32_t PointerId();
+  int32_t PointerId(CallerType aCallerType);
  int32_t Width(CallerType aCallerType);
  int32_t Height(CallerType aCallerType);
  float Pressure(CallerType aCallerType);
--- a/dom/events/PointerEventHandler.cpp
+++ b/dom/events/PointerEventHandler.cpp
@ -17,6 +17,8 @@ using namespace dom;
 static bool sPointerEventEnabled = true;
 static bool sPointerEventImplicitCapture = false;

+Maybe<int32_t> PointerEventHandler::sSpoofedPointerId;
+
 class PointerInfo final
 {
 public:
@ -100,6 +102,8 @@ PointerEventHandler::UpdateActivePointerState(WidgetMouseEvent* aEvent)
    // In this case we have to know information about available mouse pointers
    sActivePointersIds->Put(aEvent->pointerId,
                            new PointerInfo(false, aEvent->inputSource, true));
+
+    MaybeCacheSpoofedPointerID(aEvent->inputSource, aEvent->pointerId);
    break;
  case ePointerDown:
    // In this case we switch pointer to active state
@ -107,6 +111,7 @@ PointerEventHandler::UpdateActivePointerState(WidgetMouseEvent* aEvent)
      sActivePointersIds->Put(pointerEvent->pointerId,
                              new PointerInfo(true, pointerEvent->inputSource,
                                              pointerEvent->mIsPrimary));
+      MaybeCacheSpoofedPointerID(pointerEvent->inputSource, pointerEvent->pointerId);
    }
    break;
  case ePointerCancel:
@ -664,4 +669,16 @@ PointerEventHandler::DispatchGotOrLostPointerCaptureEvent(
                       "DispatchGotOrLostPointerCaptureEvent failed");
 }

+/* static */ void
+PointerEventHandler::MaybeCacheSpoofedPointerID(uint16_t aInputSource,
+                                                uint32_t aPointerId)
+{
+  if (sSpoofedPointerId.isSome() ||
+      aInputSource != SPOOFED_POINTER_INTERFACE) {
+    return;
+  }
+
+  sSpoofedPointerId.emplace(aPointerId);
+}
+
 } // namespace mozilla
--- a/dom/events/PointerEventHandler.h
+++ b/dom/events/PointerEventHandler.h
@ -169,6 +169,11 @@ public:
           aEvent->mMessage == eTouchPointerCancel;
  }

+  static MOZ_ALWAYS_INLINE int32_t GetSpoofedPointerIdForRFP()
+  {
+    return sSpoofedPointerId.valueOr(0);
+  }
+
 private:
  // GetPointerType returns pointer type like mouse, pen or touch for pointer
  // event with pointerId. The return value must be one of
@ -183,6 +188,17 @@ private:
                bool aIsGotCapture,
                const WidgetPointerEvent* aPointerEvent,
                nsIContent* aCaptureTarget);
+
+  // The cached spoofed pointer ID for fingerprinting resistance. We will use a
+  // mouse pointer id for desktop. For mobile, we should use the touch pointer
+  // id as the spoofed one, and this work will be addressed in Bug 1492775.
+  static Maybe<int32_t> sSpoofedPointerId;
+
+  // A helper function to cache the pointer id of the spoofed interface, we
+  // would only cache the pointer id once. After that, we would always stick to
+  // that pointer id for fingerprinting resistance.
+  static void MaybeCacheSpoofedPointerID(uint16_t aInputSource,
+                                         uint32_t aPointerId);
 };

 } // namespace mozilla
--- a/dom/webidl/PointerEvent.webidl
+++ b/dom/webidl/PointerEvent.webidl
@ -13,6 +13,7 @@ interface WindowProxy;
 Constructor(DOMString type, optional PointerEventInit eventInitDict)]
 interface PointerEvent : MouseEvent
 {
+  [NeedsCallerType]
  readonly attribute long pointerId;

  [NeedsCallerType]
--- a/toolkit/components/resistfingerprinting/nsRFPService.h
+++ b/toolkit/components/resistfingerprinting/nsRFPService.h
@ -49,6 +49,8 @@
 #define LEGACY_BUILD_ID    "20181001000000"
 #define LEGACY_UA_GECKO_TRAIL "20100101"

+#define SPOOFED_POINTER_INTERFACE MouseEvent_Binding::MOZ_SOURCE_MOUSE
+
 // Forward declare LRUCache, defined in nsRFPService.cpp
 class LRUCache;