Closed Bug 1588548 Opened 5 years ago Closed 4 years ago

Resist Fingerprinting (RFP) breaks dark mode in about:logins (*pages)

Categories

(Firefox :: about:logins, defect, P3)

x86_64
Windows 10
defect

Tracking

()

RESOLVED DUPLICATE of bug 1701691
Tracking Status
firefox71 --- fix-optional
firefox72 --- fix-optional

People

(Reporter: vtol, Unassigned)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: regression)

currently Lockwise's about:logins is not adhering to OS/browser dark theme (browser.in-content.dark-mode)

Hmm, it should be adhering to the OS dark mode. Are you sure you have app dark mode enabled on your machine ?

https://uk.pcmag.com/news-analysis/122487/how-to-enable-dark-mode-in-windows-10

Flags: needinfo?(vtol)

Indeed, it does work with a maiden profile, what breaks it though is

  • user_pref("privacy.resistFingerprinting", true)

which I suspect related to bug 1588540 and thus closing this bug in favour of bug 1588540

Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Flags: needinfo?(vtol)
Resolution: --- → DUPLICATE

Thanks for figuring this out! Makes sense as the in-content dark mode uses prefers-color-scheme.

No longer depends on: dark-incontent-pages

Been sort of an epiphany to reckon that setting being the culrpit. The matter apparently been discussed already in bug 1535189 but prior it started to break the theme coherency of internal about:pages.

reopening in light of bug 1535189comment #12

Cause being RFP not responding to any media@ queries.

Also not knowing whether other about:pages will be coded with CSS Media Queries Level 5 code prefers-color-scheme this should probably be sorted in general.

Status: RESOLVED → UNCONFIRMED
Keywords: regression
Resolution: DUPLICATE → ---
Summary: about:logins - support dark mode → RFP breaks dark mode in about:login (*pages)

Presumably here we check IsSystemPrincipal and that's false.

The answer is probably a comprehensive fix in Bug 1450398 for these types of exceptions....

See Also: → finegrained-rfp
Type: enhancement → defect
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(tom)
Priority: -- → P3
Summary: RFP breaks dark mode in about:login (*pages) → Resist Fingerprinting (RFP) breaks dark mode in about:logins (*pages)
Flags: needinfo?(tom)
Regressed by: 1535189

Bug 1535189 could not have regressed this. There was no change in that bug.

Flags: needinfo?(tom)

My thinking is that here we should check if the scheme is about: and exempt from RFP then. This will affect a lot more than just the color scheme of about:logins, so it needs a bit of thought, but I don't think we should be allowing anything that could result in about: pages making people fingerprintable from the web so probably safe?

I filed Bug 1642679 looking at how to check the scheme of the Document.

We may want to apply the same scheme check to the DocShell and Principal functions....

This would be a much smaller/tighter fix than Bug 1450398, but Bug 1450398 still contains the comprehensive answer.

Flags: needinfo?(tom)

Maybe we could use the URI_DANGEROUS_TO_LOAD flag? That way moz-extension pages that are not exposed to the web would also be immune RFP.

Depends on: 1634602

I don't think this is a regression. The resist finger printing pref has set the preferred color scheme to light is it was first implemented in https://hg.mozilla.org/mozilla-central/rev/4739353088fcad81bc126deab56e8de0fad7a88a#l10.13

Bug 1701691 fixed this in another way by using the color of the theme instead of prefers-color-scheme.

Status: NEW → RESOLVED
Closed: 5 years ago4 years ago
Resolution: --- → DUPLICATE
Has Regression Range: --- → yes
You need to log in before you can comment on or make changes to this bug.