Dialog windows are incorrectly sized (fullscreen, or otherwise massive) after setting privacy.resistFingerprinting = true

RESOLVED FIXED in Firefox 55

Status

()

RESOLVED FIXED
2 years ago
10 months ago

People

(Reporter: u589863, Assigned: timhuang)

Tracking

(Blocks: 1 bug)

55 Branch
mozilla55
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox55 fixed)

Details

(Whiteboard: [tor 1352305])

Attachments

(5 attachments)

(Reporter)

Description

2 years ago
User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.111 Safari/537.36 Vivaldi/1.8.770.46

Steps to reproduce:

privacy.resistFingerprinting", true

restart, browser doesnot work properly even in safe mode.



Actual results:

Broken browser


Expected results:

Should have worked as normal except increasing privacy
(Reporter)

Comment 1

2 years ago
https://hg.mozilla.org/mozilla-central/rev/60d7a0496a3673450ddbc37ec387525148c32604

This started happening after this .
Summary: user_pref("privacy.resistFingerprinting", true); → Firefox 55(2017-03-29) completely broken even in safe mode after setting privacy.resistFingerprinting = true
(Reporter)

Updated

2 years ago
Flags: needinfo?(wkocher)
Flags: needinfo?(ryanvm)
Flags: needinfo?(moz-ian)
Flags: needinfo?(cdiehl)
Flags: needinfo?(cbook)
Flags: needinfo?(aryx.bugmail)
Flags: needinfo?(amarchesini)
(Reporter)

Updated

2 years ago
Severity: normal → critical
Component: Untriaged → Security
OS: Unspecified → Windows 10
Priority: -- → P1
Hardware: Unspecified → All
(Reporter)

Comment 2

2 years ago
[Tracking Requested - why for this release]:
Group: firefox-core-security
Has Regression Range: --- → yes
Has STR: --- → yes
status-firefox55: --- → ?
tracking-firefox55: --- → ?
Flags: needinfo?(bobowencode)
Sunil,

Thank you for your bug report.  In future please don't set tracking flags, needinfo, or priorities.

Clearing fields, making bug public, and moving into the Untraiged component so this bug can be given the appropriate level of attention.
Group: firefox-core-security
Severity: critical → normal
status-firefox55: ? → ---
tracking-firefox55: ? → ---
Component: Security → Untriaged
Flags: needinfo?(wkocher)
Flags: needinfo?(ryanvm)
Flags: needinfo?(moz-ian)
Flags: needinfo?(cdiehl)
Flags: needinfo?(cbook)
Flags: needinfo?(bobowencode)
Flags: needinfo?(aryx.bugmail)
Flags: needinfo?(amarchesini)
Priority: P1 → --
I cannot reproduce this with 55.0a1 (2017-03-30) (64-bit) on MacOS.

Sunil, it would help if you can describe what happens when the browser doesn't work - error messages, screenshots, etc.
(Reporter)

Comment 5

2 years ago
(In reply to Byron Jones ‹:glob› from comment #3)
> Sunil,
> 
> Thank you for your bug report.  In future please don't set tracking flags,
> needinfo, or priorities.
> 
> Clearing fields, making bug public, and moving into the Untraiged component
> so this bug can be given the appropriate level of attention.

Sorry new here,
was not to fill all those?

(In reply to Byron Jones ‹:glob› from comment #4)
> I cannot reproduce this with 55.0a1 (2017-03-30) (64-bit) on MacOS.
> 
> Sunil, it would help if you can describe what happens when the browser
> doesn't work - error messages, screenshots, etc.

Ok attaching images

1 & 2 on a new profile

3 on another laptop with windows

Only one setting changed as above in STR.

Sorry for bad english & any unintentional mistake.
Group: firefox-core-security
(Reporter)

Comment 6

2 years ago
Created attachment 8853275 [details]
1.jpg
(Reporter)

Comment 7

2 years ago
Created attachment 8853276 [details]
2.jpg
(Reporter)

Comment 8

2 years ago
Created attachment 8853277 [details]
3.jpg
(Reporter)

Updated

2 years ago
Flags: needinfo?(glob)
thanks for the screenshots.  please don't use needinfo or set this bug as security sensitive.
Group: firefox-core-security
Flags: needinfo?(glob)
Duplicate of this bug: 1352318
i see incorrect sizes on
- about firefox
- http authentication user/pass prompts
- library / all bookmarks
- page info

js alert() and prompt() look correct.
Summary: Firefox 55(2017-03-29) completely broken even in safe mode after setting privacy.resistFingerprinting = true → windows are incorrectly sized (fullscreen, or otherwise massive) after setting privacy.resistFingerprinting = true
(Reporter)

Comment 12

2 years ago
(In reply to Byron Jones ‹:glob› from comment #11)
> i see incorrect sizes on
> - about firefox
> - http authentication user/pass prompts
> - library / all bookmarks
> - page info
> 
> js alert() and prompt() look correct.

Forgot to mention that try downloading any file the popup dialog saving cancel jumps around and screen flickers. sorry but which bug could have caused this?

Comment 13

2 years ago
seems duplication of Bug 1352141
(In reply to Alice0775 White from comment #13)
> seems duplication of Bug 1352141

agreed.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1352141
(Reporter)

Comment 15

2 years ago
(In reply to Byron Jones ‹:glob› from comment #14)
> (In reply to Alice0775 White from comment #13)
> > seems duplication of Bug 1352141
> 
> agreed.
> 
> *** This bug has been marked as a duplicate of bug 1352141 ***

So do i need to post there all the steps?
(In reply to Sunil Kumar from comment #15)
> (In reply to Byron Jones ‹:glob› from comment #14)
> > (In reply to Alice0775 White from comment #13)
> > > seems duplication of Bug 1352141
> > 
> > agreed.
> > 
> > *** This bug has been marked as a duplicate of bug 1352141 ***
> 
> So do i need to post there all the steps?

sorry i wasn't clear.
no need for you to do anything else - we've got all the info we need.

i've also made a developer working on the resistFingerprinting feature aware of this issue.
(Reporter)

Comment 17

2 years ago
(In reply to Byron Jones ‹:glob› from comment #16)
> (In reply to Sunil Kumar from comment #15)
> > (In reply to Byron Jones ‹:glob› from comment #14)
> > > (In reply to Alice0775 White from comment #13)
> > > > seems duplication of Bug 1352141
> > > 
> > > agreed.
> > > 
> > > *** This bug has been marked as a duplicate of bug 1352141 ***
> > 
> > So do i need to post there all the steps?
> 
> sorry i wasn't clear.
> no need for you to do anything else - we've got all the info we need.
> 
> i've also made a developer working on the resistFingerprinting feature aware
> of this issue.

Ok thanks for the quick resolution  :)

Comment 18

2 years ago
sorry, this is not a dupe.
Blocks: 1330882
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: DUPLICATE → ---

Updated

2 years ago
Summary: windows are incorrectly sized (fullscreen, or otherwise massive) after setting privacy.resistFingerprinting = true → Dialog windows are incorrectly sized (fullscreen, or otherwise massive) after setting privacy.resistFingerprinting = true

Updated

2 years ago
Status: REOPENED → NEW
(Assignee)

Updated

2 years ago
Assignee: nobody → tihuang
I can reproduce this on Linux. Here is the output of my mozregression. Feel free to needinfo me for testing etc.

> 21:06.73 INFO: Pushlog:
> https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=a2e19d3262c674403f6622b9336dabd4dd00a1b9&tochange=937027c942ae59e37c976af05ba5d41dafb0bcef
> 
> 21:08.75 INFO: Looks like the following bug has the  changes which introduced the regression:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1330882
OS: Windows 10 → All
Bug 1330882 added a zero-argument flavor of ShouldResistFingerprinting function. That is, even chrome-privileged documents cannot set new window sizes. Why?
Flags: needinfo?(tihuang)
Flags: needinfo?(arthuredelstein)
Comment hidden (mozreview-request)
Comment hidden (mozreview-request)
(Assignee)

Comment 23

2 years ago
(In reply to Masatoshi Kimura [:emk] from comment #20)
> Bug 1330882 added a zero-argument flavor of ShouldResistFingerprinting
> function. That is, even chrome-privileged documents cannot set new window
> sizes. Why?

This newly added function is for checking "privacy.resistFingerprinting" directly without going through prefs service. And the chrome-privileged documents should have the capability to change new window sizes, this will be fixed in this bug. Thanks.
Flags: needinfo?(tihuang)
Flags: needinfo?(arthuredelstein)

Comment 24

2 years ago
Also update window opens full screen instead of small window.
And notifications have correct width, but occupy 100% of the screen size.
I'm also on Linux.
Component: Untriaged → XUL
Product: Firefox → Core
Comment hidden (mozreview-request)
Comment hidden (mozreview-request)
Duplicate of this bug: 1357426

Comment 28

2 years ago
mozreview-review
Comment on attachment 8853631 [details]
Bug 1352305 - Part 1:  Making the XULWindow will not be enforecd to be rounded dimensions if it is a window without a primary content when fingerprinting resistance is enabled.

https://reviewboard.mozilla.org/r/125390/#review135892

So sorry for my long delay here...
Attachment #8853631 - Flags: review?(ehsan) → review+

Comment 29

2 years ago
mozreview-review
Comment on attachment 8853632 [details]
Bug 1352305 - Part2: Add a test case for making sure dialog windows will not be enforced to rounded sizes when fingerprinting resistance is enabled.

https://reviewboard.mozilla.org/r/125712/#review135894

::: browser/components/resistfingerprinting/test/browser/browser_roundedWindow_dialogWindow.js:27
(Diff revision 2)
> +      resolve();
> +    }, {once: true});
> +  });
> +
> +  is(diagWin.innerWidth, 250, "The dialog window doesn't have a rounded size.");
> +  is(diagWin.innerHeight, 350, "The dialog window doesn't have a rounded size.");

Can you please also add a test to the path which would check what would happen if privacy.resistFilterpinting would be set to false?
Attachment #8853632 - Flags: review?(ehsan) → review+
Comment hidden (mozreview-request)
Comment hidden (mozreview-request)
Comment hidden (mozreview-request)
Comment hidden (mozreview-request)
(Assignee)

Comment 34

2 years ago
Try looks OK, but there are a bunch of testing failures for windows 10, and I don't think they are related to my patches.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=5c469c71b152

I have run a test without my patches shows lots of failures for window 10 as well.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=66b74878dbe60f00c150495ed7accb53241cf7ef
Keywords: checkin-needed

Comment 35

2 years ago
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/c8ccbff7c112
Part 1:  Making the XULWindow will not be enforecd to be rounded dimensions if it is a window without a primary content when fingerprinting resistance is enabled. r=Ehsan
https://hg.mozilla.org/integration/autoland/rev/8c277e5c0021
Part2: Add a test case for making sure dialog windows will not be enforced to rounded sizes when fingerprinting resistance is enabled. r=Ehsan
Keywords: checkin-needed

Comment 36

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/c8ccbff7c112
https://hg.mozilla.org/mozilla-central/rev/8c277e5c0021
Status: NEW → RESOLVED
Last Resolved: 2 years ago2 years ago
status-firefox55: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
Depends on: 1361889
The dialog windows are OK in Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0 ID:20170504100357 CSet: 33b92d9c40562dab3d7b602368c75619f1d793f7, but the main Firefox window still opens as some squared size and does not remember the size, when I have closed it the last time.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Or any new windows you open via Ctrl+N or Ctrl+Shift+P.
(Assignee)

Comment 39

2 years ago
(In reply to Michal Stanke (Mozilla.cz) [:MikkCZ] (off until 05/2017, use needinfo) from comment #37)
> The dialog windows are OK in Mozilla/5.0 (X11; Linux x86_64; rv:55.0)
> Gecko/20100101 Firefox/55.0 ID:20170504100357 CSet:
> 33b92d9c40562dab3d7b602368c75619f1d793f7, but the main Firefox window still
> opens as some squared size and does not remember the size, when I have
> closed it the last time.

I'd like to thank you for pointing this out. However, this is the desired behavior when 'privacy.resistFingerprinting' is true. The windows, or more precisely windows with a content, will be opened as a squared size, so it will ignore the size that you had when you closed browser at the last time.

This squared size, or rounded size, will prevent you from browser fingerprinting since the window dimensions are one of the key factors for browser fingerprinting. See comments from Bug 1330882 for more details.
Status: REOPENED → RESOLVED
Last Resolved: 2 years ago2 years ago
Resolution: --- → WORKSFORME
God job!  Thanks, Tim and Ehsan!
It doesn't work correctly under Windows 10. window.screen.height returns 998
(In reply to Stoyan Dimitrov [:stoyan] from comment #42)
> It doesn't work correctly under Windows 10. window.screen.height returns 998

Not with the default theme but with the compact (light in my case). On my monitor with default theme the screen is reported 1000x900 with the compact (after browser restart) 1000x996.
Whiteboard: [tor] → [tor 1352305]
You need to log in before you can comment on or make changes to this bug.