privacy.resistFingerprinting makes Google Spreadsheet text blur
Categories
(Core :: DOM: Security, defect, P3)
Tracking
()
People
(Reporter: lilydjwg, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1][tor][fingerprinting][fp-triaged])
Attachments
(4 files)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Steps to reproduce:
- set privacy.resistFingerprinting = true in about:config
- visit a Google Spreadsheet document, e.g. https://docs.google.com/spreadsheets/d/19vSPL6z2d50JlyzwxariaYD6EU2QQUQqIDOGbiGQC7Y/edit#gid=0
Actual results:
The text inside the spreadsheet is a little blur.
Expected results:
The text inside the spreadsheet should be as clear as outside (or with privacy.resistFingerprinting = false).
Hey it says Firefox/60.0 but I'm actually using nightly of 20190302. That option took effect when I submitted this bug.
I took screenshots with this option enabled and disabled using the builtin screenshot tool, and found that all text are clear in the screenshot but the two images have different size: the disabled one is 1.5x larger each dimension that the enabled. I've set my monitor to 120dpi, but that's 1.25x than the classic 96 dpi. I have a scaled-up monitor connected, setup with xrander --scale 0.75x0.75.
I'm attaching screenshots from the builtin screenshot tool and an OS tool.
Comment 6•5 years ago
|
||
I can reproduce this problem. Tim, do you have any idea why would this happen?
Updated•5 years ago
|
Comment 7•5 years ago
|
||
In the first two pictures it's clearly using a different font entirely. We may be disabling downloadable fonts, and the built-in default one is terrible?
Updated•5 years ago
|
I don't think it's a different font, and I don't have such a blurry one in the fonts the page uses. It seems the page incorrectly scales the rendered text, making it blurry. You can see in the second picture all text is blurry, which is not what I see (the last picture).
Updated•5 years ago
|
Comment 9•5 years ago
•
|
||
- Open a Google Spreadsheet in Firefox
- Open [Tools] > [Inspector] and search "canvas" element.
privacy.resistFingerprinting = false
<canvas style="position: absolute; top: 0px; left: 0px; z-index: 2; width: 1428px; height: 405px; padding-top: 0.183334px; padding-left: 0px;" moz-opaque="" width="2856" height="810" dir="ltr"></canvas>
privacy.resistFingerprinting = true
<canvas style="position: absolute; top: 0px; left: 0px; z-index: 2; width: 1428px; height: 405px; padding-top: 0px; padding-left: 0px;" moz-opaque="" width="1428" height="405" dir="ltr"></canvas>
When resistFingerprinting is turned on, the width and height values in the canvas element are reduced to half.
It seems this effect was caused by bug 418986 (window.screen and CSS media queries provide a large amount of identifiable information). But I am not 100% sure yet.
Comment 10•5 years ago
|
||
Sorry for the late response.
I believe this blur is caused by the spoofing of window.devicePixelRatio when RFP is on: we spoof this value into 1.0. I believe that Window.devicePixelRatio could affect the setting of canvas in Google Spreadsheet [1]. Given that the ratio of 'width' and 'height' between RFP is on and off in comment 9 is 2, could you check the real window.devicePixelRatio value of your testing device, Ethan? I think it should be 2.0.
[1] https://developer.mozilla.org/en-US/docs/Web/API/Window/devicePixelRatio
Reporter | ||
Comment 11•5 years ago
|
||
Hi Tim, I can confirm that my real window.devicePixelRatio corresponds to the ratio of the canvas size changes. (I don't know why it's 1.5 but it is.)
Comment 12•5 years ago
|
||
This seems similar to https://bugzilla.mozilla.org/show_bug.cgi?id=1428331.
Comment 13•5 years ago
|
||
(In reply to Tim Huang[:timhuang] from comment #10)
I believe this blur is caused by the spoofing of window.devicePixelRatio when RFP is on: we spoof this value into 1.0. I believe that Window.devicePixelRatio could affect the setting of canvas in Google Spreadsheet [1]. Given that the ratio of 'width' and 'height' between RFP is on and off in comment 9 is 2, could you check the real window.devicePixelRatio value of your testing device, Ethan? I think it should be 2.0.
Sorry for being super late for this response.
Yes, the real devicePixelRatio on my device is 2.
Comment 14•5 years ago
|
||
Several similar blur issues are caused by spoofing window.devicePixelRatio.
I filed bug 1554751 as a central place to track the investigation and decision-making.
Comment 15•3 years ago
|
||
I got the same problem on wetty which uses xterm.js.
Comment 16•2 years ago
|
||
Have the exact same problem with the ESR release 93. weird
Updated•2 years ago
|
Description
•