privacy.resistFingerprinting makes Google Spreadsheet text blur

NEW
Unassigned

Status

()

defect
P3
normal
6 months ago
3 months ago

People

(Reporter: lilydjwg, Unassigned)

Tracking

(Depends on 1 bug, Blocks 1 bug)

Trunk
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox65 affected, firefox66 affected, firefox67 affected)

Details

(Whiteboard: [domsecurity-backlog1][tor][fingerprinting][fp-triaged])

Attachments

(4 attachments)

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

Steps to reproduce:

Actual results:

The text inside the spreadsheet is a little blur.

Expected results:

The text inside the spreadsheet should be as clear as outside (or with privacy.resistFingerprinting = false).

Hey it says Firefox/60.0 but I'm actually using nightly of 20190302. That option took effect when I submitted this bug.

Version: 60 Branch → Trunk

I took screenshots with this option enabled and disabled using the builtin screenshot tool, and found that all text are clear in the screenshot but the two images have different size: the disabled one is 1.5x larger each dimension that the enabled. I've set my monitor to 120dpi, but that's 1.25x than the classic 96 dpi. I have a scaled-up monitor connected, setup with xrander --scale 0.75x0.75.

I'm attaching screenshots from the builtin screenshot tool and an OS tool.

I can reproduce this problem. Tim, do you have any idea why would this happen?

Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(tihuang)
Priority: -- → P2
Component: Untriaged → DOM: Security
Product: Firefox → Core

In the first two pictures it's clearly using a different font entirely. We may be disabling downloadable fonts, and the built-in default one is terrible?

Priority: P2 → P3
Whiteboard: [domsecurity-backlog1]

I don't think it's a different font, and I don't have such a blurry one in the fonts the page uses. It seems the page incorrectly scales the rendered text, making it blurry. You can see in the second picture all text is blurry, which is not what I see (the last picture).

Whiteboard: [domsecurity-backlog1] → [domsecurity-backlog1][tor][fingerprinting][fp-triaged]
  1. Open a Google Spreadsheet in Firefox
  2. Open [Tools] > [Inspector] and search "canvas" element.

privacy.resistFingerprinting = false

<canvas style="position: absolute; top: 0px; left: 0px; z-index: 2; width: 1428px; height: 405px; padding-top: 0.183334px; padding-left: 0px;" moz-opaque="" width="2856" height="810" dir="ltr"></canvas>

privacy.resistFingerprinting = true

<canvas style="position: absolute; top: 0px; left: 0px; z-index: 2; width: 1428px; height: 405px; padding-top: 0px; padding-left: 0px;" moz-opaque="" width="1428" height="405" dir="ltr"></canvas>

When resistFingerprinting is turned on, the width and height values in the canvas element are reduced to half.

It seems this effect was caused by bug 418986 (window.screen and CSS media queries provide a large amount of identifiable information). But I am not 100% sure yet.

See Also: → 418986

Sorry for the late response.

I believe this blur is caused by the spoofing of window.devicePixelRatio when RFP is on: we spoof this value into 1.0. I believe that Window.devicePixelRatio could affect the setting of canvas in Google Spreadsheet [1]. Given that the ratio of 'width' and 'height' between RFP is on and off in comment 9 is 2, could you check the real window.devicePixelRatio value of your testing device, Ethan? I think it should be 2.0.

[1] https://developer.mozilla.org/en-US/docs/Web/API/Window/devicePixelRatio

Flags: needinfo?(tihuang) → needinfo?(ettseng)

Hi Tim, I can confirm that my real window.devicePixelRatio corresponds to the ratio of the canvas size changes. (I don't know why it's 1.5 but it is.)

(In reply to Tim Huang[:timhuang] from comment #10)

I believe this blur is caused by the spoofing of window.devicePixelRatio when RFP is on: we spoof this value into 1.0. I believe that Window.devicePixelRatio could affect the setting of canvas in Google Spreadsheet [1]. Given that the ratio of 'width' and 'height' between RFP is on and off in comment 9 is 2, could you check the real window.devicePixelRatio value of your testing device, Ethan? I think it should be 2.0.

Sorry for being super late for this response.
Yes, the real devicePixelRatio on my device is 2.

Flags: needinfo?(ettseng)

Several similar blur issues are caused by spoofing window.devicePixelRatio.
I filed bug 1554751 as a central place to track the investigation and decision-making.

Depends on: 1554751
You need to log in before you can comment on or make changes to this bug.