This patch adds a new service for fingerprinting resistance, which is called
nsRFPService. This service will be put in /toolkit/components/resistfingerprinting.
This service is responsible for observing the change of pref 'privacy.resistfingerprinting'
and doing underlying jobs. And it also in charge of caching pref setting of
'privacy.resistfingerprinting' and changing environment value 'TZ'.
This service will be initialized within nsContentUtils::Init(). During initialization,
it will store the original TZ value and set the value according to 'privacy.resistfingerprinting'.
It also changes environment value 'TZ' and calls nsJSUtils::ResetTimeZone() in
response to the change of the pref.
This service is only a nsIObserver for now. In the future, however, it will be
responsible for more fingerprinting resistance jobs, like changing prefs after
'privacy.resistfingerprinting' is changed.
The environment variable 'TZ' will be set to 'UTC' when 'privacy.resistFingerprinting'
is true. By doing so, Firefox will use UTC as its local time zone instead of the
default local time zone. This prevents a browser be fingerprinted through the local time zone.
After the 'privacy.resistFingerprinting' is turned off, the service will restore
'TZ' back to the original TZ setting, the user's setting or the default system timezone.
MozReview-Commit-ID: 8V47ZATgrKE
Currently, we only correctly support remote layer trees for frameloaders that
use the same layer manager as their document. Since we need to be able to host
remote <browser> content in popup widgets for remote WebExtensions, we need to
tie the frameloaders to the layer manager of their host element, rather than
the root layer manager for the document.
MozReview-Commit-ID: 4RCsamFBiQw
We need to use this API in the front-end code, and in the off-chance
that we end up turning it off for the Web for whatever reason, or if
someone has turned off the pref, we should make sure our UI code does
not break.
Discussion at <https://github.com/whatwg/dom/issues/319>. In short, the
specification used to say to throw sometimes InvalidCharacterError and
sometimes NamespaceError, but browsers disagreed on which to throw in
corner cases, and everyone agreed it wasn't worth the effort to spec the
distinction, so we just changed it to InvalidCharacterError across the
board.
The test changes are already upstream.
MozReview-Commit-ID: AWSZBznQprG
In the next patch in this series we would like to use this functionality in
nsSMILController as well so this patch moves it to somewhere we can share it.
MozReview-Commit-ID: 1IzWoCCw4aD
Remove sync protocol AllocateTabId. Instead we generate tabId in
each process with nsContentUtils::GenerateTabId, and register
RemoteFrameInfo in parent process. If the tab id was generated from
a content process, it's sent parent through either PBrowserConstructor
or PContent::CreateChildProcess.
MozReview-Commit-ID: D3W2fK9eCNH
Other browsers do not support any of these (IIRC), telemetry reports
essentially zero usage, and supporting them is contrary to the DOM spec.
Notes on specific events:
CommandEvent and SimpleGestureEvent: These are not supposed to be
web-exposed APIs, so I hid the interfaces from web content too
(necessary to avoid test_all_synthetic_events.html failures).
DataContainerEvent: This was a non-standard substitute for CustomEvent
that seemed to have only one user, so I removed it entirely and switched
the user (MozillaFileLogger.js) to CustomEvent.
ScrollAreaEvent: This is entirely non-standard, but we apparently expose
it deliberately to web content, so I didn't see any reason to remove it
from createEvent.
SimpleGestureEvent and XULCommandEvent: Can still be created from
createEvent(), but not by content.
TimeEvent: This is still in because it has no constructor, so there's no
other way to create it. Ideally we'd update the SMIL spec to add a
constructor. I did remove TimeEvents.
MozReview-Commit-ID: 7Yi2oCl9SM2
IsLocalRefURL is originally designed to be used by URLValue only. Since we need
this function in SVGUseElement::LookupHref too, move it to nsContentUtils as a
util function.
MozReview-Commit-ID: FDjWVbTfB0V
I looked at the wrong try push before pushing this change to inbound. Backing it
out hopefully before it turns too many pushes orange.
MozReview-Commit-ID: 5cREsyfWrmb
Permissions should fully override the default behavior from preferences for
lifetimePolicy and cookie behavior. This is consistent with the previous
behaviour from before this bug was implemented.
MozReview-Commit-ID: 9FfOrN6XV6q
Since the Shumway project is dead, we no longer register a stream converter for flash files. We can remove this check, as it will always return false.
MozReview-Commit-ID: CzC7wYmWEFp
This patch makes the size of inner windows will be automatically rounded for
either window.open() with window features or setting window size through
innerWidth/Height and outerWidth/Height when fingerprinting resistance is
enabled. If the given value is greater the maximum available rounded size, then
it will be set to the maximum value. Otherwise, the size will be set to the
nearest upper 200x100.
This patch also adds one helper function in nsContentUtils for calculating the
rounded window dimensions.
MozReview-Commit-ID: J2r3951vuNN
Merge "DOMServiceWorkerFocusClient" & "DOMWebNotificationClicked"
to "DOMWindowFocus" event. Utilize the event to switch tab when
loading links to an existing target tab.
MozReview-Commit-ID: Hd1NkVkrJA1
