Closed Bug 1431909 Opened 8 years ago Closed 8 years ago

Separate canvas fingerprinting protection from `privacy.resistFingerprinting` pref

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1401440

People

(Reporter: ntim, Unassigned)

References

Details

A lot of people are excited about this feature and turn on the pref without knowing the other side effects of this pref. This is why it may be better to separate the feature from that pref.
There are extensions for this, but users have to know about, find, install, and configure them. CanvasBlocker for example, has a whitelist, but you need to manually edit this in the extensions options page. The upside of exposing this separately, is it built into Firefox (and exposed in options no doubt), stored in site permissions, and more UI friendly (and it can still be used with an extension such as CanvasBlocker - i.e Firefox can allow for sites that need it, but CanvasBlocker can fake, which Firefox can't) The only downside IMO is that the canvas prompt **must** be enforced with privacy.resistFingerprinting (RFP). It's the same as the argument for separating the time zone spoof (Bug 1364261). RFP is an all or nothing [1]. I do not know how feasible or hard it is to achieve this: see Bug 1333933 re flipping prefs which was abandoned. I guess you could run two pref checks at all the right places and as long as one of them was true, you would prompt etc. But any future UI would still need to reflect the changes to a stand-alone canvas checkbox vs RFP=true (if that makes sense). [1] see Arthur
Flags: needinfo?(arthuredelstein)
I agree that RFP is an all-or-nothing. It's always annoying (and in this case deceiving) when people need a tutorial on how to enable a certain feature, like when WebRender still required 3-4 different prefs to turn on. Doing this would set a precedence for splitting up RFP into more granular prefs. There is bug 1429865 which suggests allowing the user to set a default canvas permission (maybe with the same UI as the existing permissions in about:preferences). I'd prefer to look into that.
Component: General → Security
See Also: → 1429865
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Yes, my view is we should not separate out the Canvas pref because fingerprinting resistance is all-or-nothing. Better to improve its behavior such as by bug 1376865.
Flags: needinfo?(arthuredelstein)
You need to log in before you can comment on or make changes to this bug.