This patch is going to neutralize the threat of fingerprinting of performance API
by spoofing the value of performance timing into 0, making getEntries* functions
always returns an empty list and making mark() and measure() into NOP methods.
In addition, this patch changes nsContentUtils::ShouldResistFingerprinting() to
allow it can be called in both main thread and worker threads.
MozReview-Commit-ID: C8Jt7KEMe5e
--HG--
extra : rebase_source : 85cbf66881c868ca5109022ffd4af81e3ab0a049
With nsIDocument::IsScriptTracking, we know that whether a script is a tracking script. If the XHR is created by a tracking script, we want to lower the priority of the http channel.
--HG--
extra : rebase_source : 7c9d2a545968a50c8ec34a3395132f0d99087058
Currently, we only correctly support remote layer trees for frameloaders that
use the same layer manager as their document. Since we need to be able to host
remote <browser> content in popup widgets for remote WebExtensions, we need to
tie the frameloaders to the layer manager of their host element, rather than
the root layer manager for the document.
MozReview-Commit-ID: 4RCsamFBiQw
This part is mainly to mark the channel as urgent-start if src related
attributes in HTMLImageElement and HTMLInputElement is set and the channel is
open due to user interaction. Unfortunately, we cannot just check the event
state just after creating channel since some loading image tasks will be queue
and execute in stable state. Thus, I store the event state in elements and
pass it to the place where create the channel.
MozReview-Commit-ID: GBdAkPfVzsn
--HG--
extra : rebase_source : 715352317b4b600f8a7f78b7bc22b894bb272d27
This patch adds a new service for fingerprinting resistance, which is called
nsRFPService. This service will be put in /toolkit/components/resistfingerprinting.
This service is responsible for observing the change of pref 'privacy.resistfingerprinting'
and doing underlying jobs. And it also in charge of caching pref setting of
'privacy.resistfingerprinting' and changing environment value 'TZ'.
This service will be initialized within nsContentUtils::Init(). During initialization,
it will store the original TZ value and set the value according to 'privacy.resistfingerprinting'.
It also changes environment value 'TZ' and calls nsJSUtils::ResetTimeZone() in
response to the change of the pref.
This service is only a nsIObserver for now. In the future, however, it will be
responsible for more fingerprinting resistance jobs, like changing prefs after
'privacy.resistfingerprinting' is changed.
The environment variable 'TZ' will be set to 'UTC' when 'privacy.resistFingerprinting'
is true. By doing so, Firefox will use UTC as its local time zone instead of the
default local time zone. This prevents a browser be fingerprinted through the local time zone.
After the 'privacy.resistFingerprinting' is turned off, the service will restore
'TZ' back to the original TZ setting, the user's setting or the default system timezone.
MozReview-Commit-ID: 8V47ZATgrKE
--HG--
extra : rebase_source : a35d35e8f8bbf5f5015271d3df3c32420702506c
Currently, we only correctly support remote layer trees for frameloaders that
use the same layer manager as their document. Since we need to be able to host
remote <browser> content in popup widgets for remote WebExtensions, we need to
tie the frameloaders to the layer manager of their host element, rather than
the root layer manager for the document.
MozReview-Commit-ID: 4RCsamFBiQw
--HG--
extra : rebase_source : 86bca4ae1c012ff1bb84a9ad796be311cfe580f6
extra : histedit_source : 19577d69430adc8cb38c195f13db2c6de6605c4c
We need to use this API in the front-end code, and in the off-chance
that we end up turning it off for the Web for whatever reason, or if
someone has turned off the pref, we should make sure our UI code does
not break.
In the next patch in this series we would like to use this functionality in
nsSMILController as well so this patch moves it to somewhere we can share it.
MozReview-Commit-ID: 1IzWoCCw4aD
--HG--
extra : rebase_source : 9f2b230f774135c0c5bf60ebdff358ce0a6bc087
Remove sync protocol AllocateTabId. Instead we generate tabId in
each process with nsContentUtils::GenerateTabId, and register
RemoteFrameInfo in parent process. If the tab id was generated from
a content process, it's sent parent through either PBrowserConstructor
or PContent::CreateChildProcess.
MozReview-Commit-ID: D3W2fK9eCNH
--HG--
extra : rebase_source : 1913f8f586537be1c82a70a19cc8c6351671d0df
IsLocalRefURL is originally designed to be used by URLValue only. Since we need
this function in SVGUseElement::LookupHref too, move it to nsContentUtils as a
util function.
MozReview-Commit-ID: FDjWVbTfB0V
--HG--
extra : rebase_source : a3e1133f08ffad59a05c6e829f4ff416b897b917
I looked at the wrong try push before pushing this change to inbound. Backing it
out hopefully before it turns too many pushes orange.
MozReview-Commit-ID: 5cREsyfWrmb
This patch makes the size of inner windows will be automatically rounded for
either window.open() with window features or setting window size through
innerWidth/Height and outerWidth/Height when fingerprinting resistance is
enabled. If the given value is greater the maximum available rounded size, then
it will be set to the maximum value. Otherwise, the size will be set to the
nearest upper 200x100.
This patch also adds one helper function in nsContentUtils for calculating the
rounded window dimensions.
MozReview-Commit-ID: J2r3951vuNN
--HG--
extra : rebase_source : a44b19bdf2ce7e90fc831ddc2b85a86d594cb0c3
Merge "DOMServiceWorkerFocusClient" & "DOMWebNotificationClicked"
to "DOMWindowFocus" event. Utilize the event to switch tab when
loading links to an existing target tab.
MozReview-Commit-ID: Hd1NkVkrJA1
--HG--
extra : rebase_source : 745c0d66c3afd8e487c616891c0f10bd820da1fe
These prefs have been added close to two years ago:
dom.url.encode_decode_hash and dom.url.getters_decode_hash
The main reason for their existence was in case we encounter any web-compat issues. At this point the extra code is mostly useless, and flipping the pref may lead to crashes.
MozReview-Commit-ID: LhAHkYmv0TR
--HG--
extra : rebase_source : 8f2d50d5633496cf165b3925d952bb6475bce3e0
Masatoshi Kimura
Tim Huang
Henri Sivonen
Eric Rahm
Nicolas B. Pierron
Michael Layzell
Xidorn Quan
John Schoenick
Kershaw Chang
Ehsan Akhgari
Aryeh Gregor
Nicolas Silva
Kris Maglione
johndai1984
Carsten "Tomcat" Book
Kartikaya Gupta
Tom Tung
Iris Hsiao
btian
Wes Kocher
Emilio Cobos Álvarez
Ehsan Akhgari
Boris Zbarsky
Brian Birtles
Samael Wang
Edgar Chen
cku
Bill McCloskey
Andrea Marchesini
Cameron McCormack
Valentin Gosu