So, this patch makes all caller of it safe including its arguments unless
they come from other methods.
Differential Revision: https://phabricator.services.mozilla.com/D27225
--HG--
extra : moz-landing-system : lando
When user middle clicks a link, most users must not expect to expose clipboard
content to the web application. Therefore, we should stop firing paste event
when user click a link with middle button.
This patch makes ClickHandlerChild.handleEvent() prevent multiple action
when it posts middle click event on a link. Note that even if middle click
event is consumed, default event handler will dispatch paste event.
Unfortunately, this is compatible behavior with the other browsers.
Therefore, we cannot change this behavior with calling preventDefault() and
this is the reason why this patch adds Event.preventMultipleActions().
Out of scope of this bug though, if there is an element which looks like a
link but implemented with JS, web apps can steal clipboard content if user
enables middle click event and user just wants to open the link in new tab.
It might be better to stop dispatching paste event in any browsers and request
to change each web apps.
Differential Revision: https://phabricator.services.mozilla.com/D17209
--HG--
extra : moz-landing-system : lando
Summary: Really sorry for the size of the patch. It's mostly automatic
s/nsIDocument/Document/ but I had to fix up in a bunch of places manually to
add the right namespacing and such.
Overall it's not a very interesting patch I think.
nsDocument.cpp turns into Document.cpp, nsIDocument.h into Document.h and
nsIDocumentInlines.h into DocumentInlines.h.
I also changed a bunch of nsCOMPtr usage to RefPtr, but not all of it.
While fixing up some of the bits I also removed some unneeded OwnerDoc() null
checks and such, but I didn't do anything riskier than that.
The pointerType field in the pointer event will reveal the details of
users' hardware; this is a fingerprinting vector. So, we would spoof all
types of pointer events into mouse type pointer events for protecting
users from browser fingerprinting when fingerprinting resistance is on.
In this patch, we would spoof the pointerType as well as other fields
that mouse pointer events don't support, like pressure, tiltX/Y and so
on when fingerprinting resistance is on.
Differential Revision: https://phabricator.services.mozilla.com/D6003
--HG--
extra : moz-landing-system : lando
AsyncEventDispatcher(dom::EventTarget* aTarget, dom::Event* aEvent) just stores
aEvent with RefPtr. So, this constructor assumes that aEvent->mEvent is always
allocated by dom::Event or its subclasses. For avoiding some callers use
dom::Event instances which are created with Widget*Event or Internal*Event
in the stack and its DuplicatePrivateData() has never been called, this patch
add MOZ_ASSERT to check if aEvent->mEventIsInternal is true.
MozReview-Commit-ID: FrmUK2pVasu
--HG--
extra : rebase_source : d9918e171add3cd2e7eceff7b7283754f90ff4f9
These are not needed, and they were removed by bug 1452981, but then that was
backed out. They obviously don't compile as written with nsIDOMEvent removed,
leading to a CLOSED TREE
MozReview-Commit-ID: FH5QqKEgalP
Prevent default on pointerdown will stop firing the subsequent mouse events. Ignore the case that preventDefault by WebExtensions to avoid breaking some websites.
MozReview-Commit-ID: 9ztW1WfEg9a
This patch is adapted from Tor bug 1517.
To offer some protection against timing attacks by JS content pages, in this
patch we round the various time-exposing APIs (such as Date and
Event.timeStamps) to the nearest 100 ms when the pref "privacy.resistFingerprinting" is on.
MozReview-Commit-ID: eGucM9nGTn
--HG--
extra : rebase_source : 3ee600b07943f3954e9a2a9561391f2f7821bb86
Boris Zbarsky
Masayuki Nakano
Emilio Cobos Álvarez
Andrea Marchesini
Sylvestre Ledru
Tim Huang
Xidorn Quan
Alphan Chen
Cosmin Sabou
Dorel Luca
Peter Van der Beken
Tom Ritter
Chris Peterson
Olli Pettay
Cameron McCormack
Ben Kelly
Stone Shih
Jonathan Hao
Thinker K.F. Li