Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite r=timhuang

- Rename RFPLite to privacy.fingerprintingProtection (FPP)
 - Create two pbmode prefs that will enable RFP/FPP in PBMode
   only. The original prefs will enable it in both modes.
 - Make exempting Web Extensions the default behavior
 - If there are website exemptions in the exemptedDomains pref,
   exempt them unconditionally
 - Use the timezone testing pref to determine whether or not we
   call _tzset on Windows

Differential Revision: https://phabricator.services.mozilla.com/D174014

browser/base/content/test/permissions/browser_canvas_rfp_exclusion.js

@@ -46,7 +46,10 @@ function initTab(performReadbackTest) {
 
 function disableResistFingerprinting() {
   return SpecialPowers.pushPrefEnv({
-    set: [["privacy.resistFingerprinting", false]],
+    set: [
+      ["privacy.resistFingerprinting", false],
+      ["privacy.resistFingerprinting.pbmode", false],
+    ],
   });
 }
 
@@ -54,32 +57,24 @@ function enableResistFingerprinting(RfpNonPbmExclusion, RfpDomainExclusion) {
   if (RfpNonPbmExclusion && RfpDomainExclusion) {
     return SpecialPowers.pushPrefEnv({
       set: [
-        ["privacy.resistFingerprinting", true],
+        ["privacy.resistFingerprinting.pbmode", true],
-        ["privacy.resistFingerprinting.testGranularityMask", 6],
         ["privacy.resistFingerprinting.exemptedDomains", "example.com"],
       ],
     });
   } else if (RfpNonPbmExclusion) {
     return SpecialPowers.pushPrefEnv({
-      set: [
+      set: [["privacy.resistFingerprinting.pbmode", true]],
-        ["privacy.resistFingerprinting", true],
-        ["privacy.resistFingerprinting.testGranularityMask", 2],
-      ],
     });
   } else if (RfpDomainExclusion) {
     return SpecialPowers.pushPrefEnv({
       set: [
         ["privacy.resistFingerprinting", true],
-        ["privacy.resistFingerprinting.testGranularityMask", 4],
         ["privacy.resistFingerprinting.exemptedDomains", "example.com"],
       ],
     });
   }
   return SpecialPowers.pushPrefEnv({
-    set: [
+    set: [["privacy.resistFingerprinting", true]],
-      ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 0],
-    ],
   });
 }
 
@@ -138,6 +133,7 @@ async function populatePlacedData() {
     }
   );
   await BrowserTestUtils.closeWindow(win);
+  await SpecialPowers.popPrefEnv();
 }
 
 async function rfpExclusionTestOnCanvas(
@@ -184,6 +180,7 @@ async function testCanvasRfpExclusion(
     )
   );
   await BrowserTestUtils.closeWindow(win);
+  await SpecialPowers.popPrefEnv();
 }
 
 add_task(populatePlacedData.bind(null));

browser/components/resistfingerprinting/test/browser/browser_bug1369357_site_specific_zoom_level.js

@@ -56,7 +56,6 @@ add_task(async function exempt_domain() {
 
   await SpecialPowers.pushPrefEnv({
     set: [
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.net"],
       ["privacy.resistFingerprinting", true],
     ],

browser/components/resistfingerprinting/test/browser/browser_navigator.js

@@ -370,7 +370,6 @@ add_task(async function setupRFPExemptions() {
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       [
         "privacy.resistFingerprinting.exemptedDomains",
         "example.net, mochi.test",

browser/components/resistfingerprinting/test/browser/browser_timezone.js

@@ -86,7 +86,6 @@ add_task(async function test_timezone() {
 add_task(async function test_timezone_exempt() {
   await SpecialPowers.pushPrefEnv({
     set: [
-      ["privacy.resistFingerprinting.testGranularityMask", 0x4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.net"],
       ["privacy.resistFingerprinting", true],
     ],
@@ -135,7 +134,6 @@ add_task(async function test_timezone_exempt() {
 add_task(async function test_timezone_exempt_wrong_domain() {
   await SpecialPowers.pushPrefEnv({
     set: [
-      ["privacy.resistFingerprinting.testGranularityMask", 0x4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.net"],
       ["privacy.resistFingerprinting", true],
     ],

browser/components/resistfingerprinting/test/browser/head.js

@@ -701,7 +701,6 @@ async function testA(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       [
         "privacy.resistFingerprinting.exemptedDomains",
         "example.com, example.org, example.net",
@@ -739,7 +738,6 @@ async function testB(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       [
         "privacy.resistFingerprinting.exemptedDomains",
         "example.com, example.org",
@@ -777,7 +775,6 @@ async function testC(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       [
         "privacy.resistFingerprinting.exemptedDomains",
         "example.com, example.net",
@@ -815,7 +812,6 @@ async function testD(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.com"],
     ].concat(extraPrefs || []),
   });
@@ -850,7 +846,6 @@ async function testE(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.net"],
     ].concat(extraPrefs || []),
   });
@@ -885,7 +880,6 @@ async function testF(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       ["privacy.resistFingerprinting.exemptedDomains", ""],
     ].concat(extraPrefs || []),
   });
@@ -920,7 +914,6 @@ async function testG(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       [
         "privacy.resistFingerprinting.exemptedDomains",
         "example.org, example.net",
@@ -958,7 +951,6 @@ async function testH(
   await SpecialPowers.pushPrefEnv({
     set: [
       ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 4],
       ["privacy.resistFingerprinting.exemptedDomains", "example.org"],
     ].concat(extraPrefs || []),
   });

browser/components/resistfingerprinting/test/mochitest/test_bug1382499_touch_api.html

@@ -36,13 +36,13 @@ document.addEventListener("DOMContentLoaded", async () => {
     } else if (seq == 2) {
       resist = true;
       await SpecialPowers.pushPrefEnv({set: [
-        ["privacy.resistFingerprintingLite", true],
+        ["privacy.fingerprintingProtection", true],
-        ["privacy.resistFingerprintingLite.overrides", "+TouchEvents"]
+        ["privacy.fingerprintingProtection.overrides", "+TouchEvents"]
       ]});
     } else {
       await SpecialPowers.pushPrefEnv({set: [
-        ["privacy.resistFingerprintingLite", true],
+        ["privacy.fingerprintingProtection", true],
-        ["privacy.resistFingerprintingLite.overrides", "-TouchEvents"]
+        ["privacy.fingerprintingProtection.overrides", "-TouchEvents"]
       ]});
     }
 

dom/base/nsContentUtils.cpp

@@ -741,9 +741,10 @@ class nsContentUtils::UserInteractionObserver final
 
 static constexpr nsLiteralCString kRfpPrefs[] = {
     "privacy.resistFingerprinting"_ns,
-    "privacy.resistFingerprintingLite"_ns,
+    "privacy.resistFingerprinting.pbmode"_ns,
-    "privacy.resistFingerprintingLite.overrides"_ns,
+    "privacy.fingerprintingProtection"_ns,
-    "privacy.resistFingerprinting.testGranularityMask"_ns,
+    "privacy.fingerprintingProtection.pbmode"_ns,
+    "privacy.fingerprintingProtection.overrides"_ns,
 };
 
 static void RecomputeResistFingerprintingAllDocs(const char*, void*) {
@@ -2202,10 +2203,6 @@ inline bool CookieJarSettingsSaysShouldResistFingerprinting(
   return cookieJarSettings->GetShouldResistFingerprinting();
 }
 
-// These constants are used for privacy.resistFingerprinting.testGranularityMask
-const unsigned int sWebExtensionExemptMask = 0x01;
-const unsigned int sNonPBMExemptMask = 0x02;
-const unsigned int sSpecificDomainsExemptMask = 0x04;
 const char* kExemptedDomainsPrefName =
     "privacy.resistFingerprinting.exemptedDomains";
 
@@ -2331,41 +2328,34 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
     return false;
   }
 
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  if (!StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() &&
-      sNonPBMExemptMask) {
+      !StaticPrefs::privacy_fingerprintingProtection_DoNotUseDirectly()) {
-    // if non-PBM exempt mask is true, exempt non-PBM channels.
+    // If neither of the 'regular' RFP prefs are set, then one (or both)
+    // of the PBM-Only prefs are set (or we would have failed the
+    // Positive return check.)  Therefore, if we are not in PBM, return false
     if (aOriginAttributes.mPrivateBrowsingId == 0) {
       return false;
     }
   }
 
   bool isExemptDomain = false;
-  // Exclude internal schemes
+  // Exclude internal schemes and web extensions
   if (aURI->SchemeIs("about") || aURI->SchemeIs("chrome") ||
-      aURI->SchemeIs("resource") || aURI->SchemeIs("view-source")) {
+      aURI->SchemeIs("resource") || aURI->SchemeIs("view-source") ||
+      aURI->SchemeIs("moz-extension")) {
     return false;
   }
 
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  nsAutoCString list;
-      sWebExtensionExemptMask) {
+  Preferences::GetCString(kExemptedDomainsPrefName, list);
-    if (aURI->SchemeIs("moz-extension")) {
+  ToLowerCase(list);
-      return false;
+  isExemptDomain = IsURIInList(aURI, list);
-    }
-  }
 
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
-      sSpecificDomainsExemptMask) {
+                   mozilla::LogLevel::Debug)) {
-    nsAutoCString list;
+    nsAutoCString url;
-    Preferences::GetCString(kExemptedDomainsPrefName, list);
+    aURI->GetHost(url);
-    ToLowerCase(list);
+    LogDomainAndPrefList(kExemptedDomainsPrefName, url, isExemptDomain);
-    isExemptDomain = IsURIInList(aURI, list);
-
-    if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
-                     mozilla::LogLevel::Debug)) {
-      nsAutoCString url;
-      aURI->GetHost(url);
-      LogDomainAndPrefList(kExemptedDomainsPrefName, url, isExemptDomain);
-    }
   }
 
   return !isExemptDomain;
@@ -2419,9 +2409,11 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
 
   auto originAttributes =
       BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  if (!StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() &&
-      sNonPBMExemptMask) {
+      !StaticPrefs::privacy_fingerprintingProtection_DoNotUseDirectly()) {
-    // if non-PBM exempt mask is true, exempt non-PBM channels.
+    // If neither of the 'regular' RFP prefs are set, then one (or both)
+    // of the PBM-Only prefs are set (or we would have failed the
+    // Positive return check.)  Therefore, if we are not in PBM, return false
     if (originAttributes.mPrivateBrowsingId == 0) {
       return false;
     }
@@ -2433,24 +2425,19 @@ bool nsContentUtils::ShouldResistFingerprinting_dangerous(
     return false;
   }
 
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  // Web extension principals are also excluded
-      sWebExtensionExemptMask) {
+  if (BasePrincipal::Cast(aPrincipal)->AddonPolicy()) {
-    if (BasePrincipal::Cast(aPrincipal)->AddonPolicy()) {
+    return false;
-      return false;
-    }
   }
 
   bool isExemptDomain = false;
-  if (StaticPrefs::privacy_resistFingerprinting_testGranularityMask() &
+  aPrincipal->IsURIInPrefList(kExemptedDomainsPrefName, &isExemptDomain);
-      sSpecificDomainsExemptMask) {
-    aPrincipal->IsURIInPrefList(kExemptedDomainsPrefName, &isExemptDomain);
 
-    if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
+  if (MOZ_LOG_TEST(nsContentUtils::ResistFingerprintingLog(),
-                     mozilla::LogLevel::Debug)) {
+                   mozilla::LogLevel::Debug)) {
-      nsAutoCString origin;
+    nsAutoCString origin;
-      aPrincipal->GetAsciiOrigin(origin);
+    aPrincipal->GetAsciiOrigin(origin);
-      LogDomainAndPrefList(kExemptedDomainsPrefName, origin, isExemptDomain);
+    LogDomainAndPrefList(kExemptedDomainsPrefName, origin, isExemptDomain);
-    }
   }
 
   // If we've gotten here we have (probably) passed the CookieJarSettings

modules/libpref/init/StaticPrefList.yaml

@@ -13013,7 +13013,23 @@
   mirror: always
   do_not_use_directly: true
 
-- name: privacy.resistFingerprintingLite
+# When the .pbmode pref is on, RFP or FPP will be enabled in PBM
+# When the non-pbm pref is on, they will be enabled in PBM and non-PBM
+- name: privacy.resistFingerprinting.pbmode
+  type: RelaxedAtomicBool
+  value: false
+  mirror: always
+  do_not_use_directly: true
+
+# privacy.fingerprintingProtection enables a set of fingerprinting protections
+# designed to minimize breakage while maximizing protection.
+- name: privacy.fingerprintingProtection
+  type: RelaxedAtomicBool
+  value: false
+  mirror: always
+  do_not_use_directly: true
+
+- name: privacy.fingerprintingProtection.pbmode
   type: RelaxedAtomicBool
   value: false
   mirror: always

modules/libpref/init/all.js

@@ -908,9 +908,9 @@ pref("privacy.popups.disable_from_plugins", 3);
 // domains exempted from RFP.
 pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
 
-// If privacy.resistFingerprintingLite is enabled, this pref can be used to add
+// If privacy.fingerprintingProtection is enabled, this pref can be used to add
 // or remove features from its effects
-pref("privacy.resistFingerprintingLite.overrides", "");
+pref("privacy.fingerprintingProtection.overrides", "");
 
 // Fix cookie blocking breakage by providing ephemeral Paritioned LocalStorage
 // for a list of hosts when detected as trackers.

toolkit/components/extensions/test/xpcshell/test_resistfingerprinting_exempt.js

@@ -34,22 +34,6 @@ add_task(
     ],
   },
   async function test_appName_resistFingerprinting() {
-    const SPOOFED_APPNAME = "Netscape";
-
-    let appName = await queryAppName();
-    Assert.equal(appName, SPOOFED_APPNAME);
-  }
-);
-
-add_task(
-  {
-    pref_set: [
-      ["general.appname.override", APPNAME_OVERRIDE],
-      ["privacy.resistFingerprinting", true],
-      ["privacy.resistFingerprinting.testGranularityMask", 0x1],
-    ],
-  },
-  async function test_appName_resistFingerprinting_exempt() {
     let appName = await queryAppName();
     Assert.equal(appName, APPNAME_OVERRIDE);
   }

toolkit/components/resistfingerprinting/nsRFPService.cpp

@@ -84,9 +84,12 @@ static mozilla::LazyLogModule gResistFingerprintingLog(
     "nsResistFingerprinting");
 
 #define RESIST_FINGERPRINTING_PREF "privacy.resistFingerprinting"
-#define RESIST_FINGERPRINTINGLITE_PREF "privacy.resistFingerprintingLite"
+#define RESIST_FINGERPRINTING_PBMODE_PREF "privacy.resistFingerprinting.pbmode"
-#define RESIST_FINGERPRINTINGLITE_OVERRIDE_PREF \
+#define RESIST_FINGERPRINTINGPROTECTION_PREF "privacy.fingerprintingProtection"
-  "privacy.resistFingerprintingLite.overrides"
+#define RESIST_FINGERPRINTINGPROTECTION_PBMODE_PREF \
+  "privacy.fingerprintingProtection.pbmode"
+#define RESIST_FINGERPRINTINGPROTECTION_OVERRIDE_PREF \
+  "privacy.fingerprintingProtection.overrides"
 #define RFP_TIMER_UNCONDITIONAL_VALUE 20
 #define PROFILE_INITIALIZED_TOPIC "profile-initial-state"
 #define LAST_PB_SESSION_EXITED_TOPIC "last-pb-context-exited"
@@ -97,7 +100,7 @@ static constexpr uint32_t kVideoDroppedRatio = 5;
 #define RFP_DEFAULT_SPOOFING_KEYBOARD_LANG KeyboardLang::EN
 #define RFP_DEFAULT_SPOOFING_KEYBOARD_REGION KeyboardRegion::US
 
-static nsTArray<mozilla::RFPTarget> sRFPLiteTargets = {
+static nsTArray<mozilla::RFPTarget> sFPPTargets = {
     RFPTarget::IsAlwaysEnabledForPrecompute, RFPTarget::Unknown};
 
 // ============================================================================
@@ -132,8 +135,10 @@ nsRFPService* nsRFPService::GetOrCreate() {
 
 static const char* gCallbackPrefs[] = {
     RESIST_FINGERPRINTING_PREF,
-    RESIST_FINGERPRINTINGLITE_PREF,
+    RESIST_FINGERPRINTING_PBMODE_PREF,
-    RESIST_FINGERPRINTINGLITE_OVERRIDE_PREF,
+    RESIST_FINGERPRINTINGPROTECTION_PREF,
+    RESIST_FINGERPRINTINGPROTECTION_PBMODE_PREF,
+    RESIST_FINGERPRINTINGPROTECTION_OVERRIDE_PREF,
     nullptr,
 };
 
@@ -171,25 +176,27 @@ nsresult nsRFPService::Init() {
 
   // Call Update here to cache the values of the prefs and set the timezone.
   UpdateRFPPref();
-  UpdateRFPLiteOverrideList();
+  UpdateFPPOverrideList();
 
   return rv;
 }
 
 /* static */
 bool nsRFPService::IsRFPEnabledFor(RFPTarget aTarget) {
-  if (StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly()) {
+  if (StaticPrefs::privacy_resistFingerprinting_DoNotUseDirectly() ||
+      StaticPrefs::privacy_resistFingerprinting_pbmode_DoNotUseDirectly()) {
     return true;
   }
 
-  if (StaticPrefs::privacy_resistFingerprintingLite_DoNotUseDirectly()) {
+  if (StaticPrefs::privacy_fingerprintingProtection_DoNotUseDirectly() ||
+      StaticPrefs::privacy_fingerprintingProtection_pbmode_DoNotUseDirectly()) {
     if (sTargetOverrideAdditions.Contains(aTarget)) {
       return true;
     }
     if (sTargetOverrideSubtractions.Contains(aTarget)) {
       return false;
     }
-    if (sRFPLiteTargets.Contains(aTarget)) {
+    if (sFPPTargets.Contains(aTarget)) {
       return true;
     }
     return false;
@@ -263,10 +270,10 @@ void nsRFPService::UpdateRFPPref() {
   }
 }
 
-void nsRFPService::UpdateRFPLiteOverrideList() {
+void nsRFPService::UpdateFPPOverrideList() {
   nsAutoString targetOverrides;
-  nsresult rv = Preferences::GetString(RESIST_FINGERPRINTINGLITE_OVERRIDE_PREF,
+  nsresult rv = Preferences::GetString(
-                                       targetOverrides);
+      RESIST_FINGERPRINTINGPROTECTION_OVERRIDE_PREF, targetOverrides);
   if (!NS_SUCCEEDED(rv) || targetOverrides.IsEmpty()) {
     MOZ_LOG(gResistFingerprintingLog, LogLevel::Warning,
             ("Could not map any values"));
@@ -346,19 +353,20 @@ void nsRFPService::PrefChanged(const char* aPref, void* aSelf) {
 void nsRFPService::PrefChanged(const char* aPref) {
   nsDependentCString pref(aPref);
 
-  if (pref.EqualsLiteral(RESIST_FINGERPRINTING_PREF)) {
+  if (pref.EqualsLiteral(RESIST_FINGERPRINTINGPROTECTION_OVERRIDE_PREF)) {
+    UpdateFPPOverrideList();
+  } else {
     UpdateRFPPref();
 
 #if defined(XP_WIN)
-    if (!XRE_IsE10sParentProcess()) {
+    if (StaticPrefs::privacy_resistFingerprinting_testing_setTZtoUTC() &&
+        !XRE_IsE10sParentProcess()) {
       // Windows does not follow POSIX. Updates to the TZ environment variable
       // are not reflected immediately on that platform as they are on UNIX
       // systems without this call.
       _tzset();
     }
 #endif
-  } else if (pref.EqualsLiteral(RESIST_FINGERPRINTINGLITE_OVERRIDE_PREF)) {
-    UpdateRFPLiteOverrideList();
   }
 }
 

toolkit/components/resistfingerprinting/nsRFPService.h

@@ -277,7 +277,7 @@ class nsRFPService final : public nsIObserver {
   nsCString mInitialTZValue;
 
   void UpdateRFPPref();
-  void UpdateRFPLiteOverrideList();
+  void UpdateFPPOverrideList();
   void StartShutdown();
 
   void PrefChanged(const char* aPref);