Open Bug 1377744 Opened 3 years ago Updated 7 months ago
.resistfingerprinting's UTC timezone should not affect extensions
Installed Grandfather Fox WebExtension and noticed it had the wrong time and was using UTC. https://addons.mozilla.org/en-US/firefox/addon/grandfather-fox/ This particular extension gets the time in a background script. Extensions should not be affected by anti-fingerprinting measures.
Component: General → Add-ons Manager
Product: Core → Toolkit
(In reply to Kestrel from comment #0) > Installed Grandfather Fox WebExtension and noticed it had the wrong time and > was using UTC. > https://addons.mozilla.org/en-US/firefox/addon/grandfather-fox/ > This particular extension gets the time in a background script. > Extensions should not be affected by anti-fingerprinting measures. Hi Kestrel, The pref privacy.resistfingerprinting is off by default. Did you turn on this pref manually? Add Tim to CC. He did the timezone fingerprinting patch in bug 1330890.
Priority: -- → P3
Whiteboard: [fingerprinting] → [fingerprinting][alarms]
Yes I enabled privacy.resistfingerprinting manually and I expected it to break websites but not extensions. Another more notable example is the Snooze Tabs Test Pilot Experiment which fails to restore tabs at the expected time.
Assignee: nobody → tihuang
3 years ago
Whiteboard: [fingerprinting][alarms] → [fingerprinting-breakage][alarms]
3 years ago
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Whiteboard: [fingerprinting-breakage][alarms] → [alarms]
2 years ago
Whiteboard: [alarms][fingerprinting] → [fp-triaged][alarms][fingerprinting]
2 years ago
Assignee: tihuang → nobody
Status: ASSIGNED → NEW
Have folks thought about how this interacts with extensions such as Change Timezone (Time Shift) and Spoof Timezone? (I'm thinking about trade-offs, as being on UCT time certainly was very confusing before I figured out (by googling) why webmail and such were showing confusing times, but I understand the benefit, and maybe it'll be far less confusing now that I can expect it!)
(In reply to Matthew Elvey from comment #4) > Have folks thought about how this interacts with extensions such as > Change Timezone (Time Shift) > and Spoof Timezone? Good question. I think, just like UA spoofing extensions can be used to override RFP, Time Spoofing extensions do the same, because they are the last to modify the data going out? Maybe you could do a test? If this was the case, then an extension with whitelisting would allow users to not get confused with various sites such as venue/concert/show times, gmail timestamps etc. Or maybe at some stage RFP will build in a site permission same as they did with Canvas, see Bug 1426232 But that's all to do with websites. This ticket is about RFP features not impacting extensions themselves, see Bug 1450398
You need to log in before you can comment on or make changes to this bug.