Closed Bug 1449294 Opened 3 years ago Closed 3 years ago

Capture thumbnails with tracking protection always enabled

Categories

(Firefox :: New Tab Page, enhancement, P1)

Product:
Firefox
Component:
New Tab Page
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 61
Iteration:
61.2 - Apr 9
Tracking Flags:
Tracking Status
firefox61 --- fixed

People

(Reporter: Mardak, Assigned: Mardak)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

before / after
541.64 KB, image/png
Details
Bug 1449294 - Capture thumbnails with tracking protection always enabled.
59 bytes, text/x-review-board-request
adw
: review+
Details 
No description provided.
Forgot to comment ;)

There's concerns of the thumbnail service potentially leaking data leading to bugs like bug 1435432.

There's also issues of thumbnails taking a while to show up.

Turning on tracking protection should speed up thumbnails by reducing the number of connections needed!
See Also: → 1435432
Attached image before / after 
These 4 pages do have content removed with tracking protection. It's most noticeable in the 2nd thumbnail where the top empty whitespace is gone and one of the page's image shows a broken image indicator.
Blocks: 1410920
Comment on attachment 8962841 [details]
Bug 1449294 - Capture thumbnails with tracking protection always enabled.

https://reviewboard.mozilla.org/r/231666/#review237688
Attachment #8962841 - Flags: review?(adw) → review+
Pushed by edilee@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/1504ecb0dc31
Capture thumbnails with tracking protection always enabled. r=adw
https://hg.mozilla.org/mozilla-central/rev/1504ecb0dc31
Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox61: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 61
Comment on attachment 8962841 [details]
Bug 1449294 - Capture thumbnails with tracking protection always enabled.

https://reviewboard.mozilla.org/r/231666/#review241550

::: toolkit/components/thumbnails/content/backgroundPageThumbsContent.js:43
(Diff revision 1)
>        priority = Ci.nsISupportsPriority.PRIORITY_LOWEST;
>  
>      docShell.allowMedia = false;
>      docShell.allowPlugins = false;
>      docShell.allowContentRetargeting = false;
>      let defaultFlags = Ci.nsIRequest.LOAD_ANONYMOUS |

You should also add `nsIChannel::LOAD_CLASSIFY_URI` to that list so that Activity Stream thumbnails are automatically run through Safe Browsing.

This will avoid taking screenshots of phishing or malware sites.
See Also: → 1453448
Duplicate of this bug: 1410920
Component: Activity Streams: Newtab → New Tab Page
You need to log in before you can comment on or make changes to this bug.