Open Bug 1631301 Opened 1 year ago Updated 11 months ago

privacy.resistFingerprinting breaks entering Shift+number keycodes on noVNC console

Categories

(Core :: DOM: Security, defect, P3)

75 Branch
defect

Tracking

()

UNCONFIRMED

People

(Reporter: dominik, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0

Steps to reproduce:

  1. In about:config, I set privacy.resistFingerprinting to true.
  2. I connected to my virtual private server console using NoVNC provided by the hosting service
  3. I rebooted the server and entered grub console
  4. I tried to enter some special characters that can be typed using Shift+number, e.g. ~!@#$%^&*()_+

Actual results:

The characters were typed as if I didn't have Shift pressed, i.e.
`1234567890-=

Expected results:

The expected characters should have appeared:
~!@#$%^&*()_+

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → DOM: Security
Product: Firefox → Core

This looks like the keyboard layout protection is causing problems. Although I haven't see this issue before, this looks like it should work.

Could you provide your operating system, locale, and keyboard layout?

Flags: needinfo?(dominik)
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]

OS: Fedora 31

$ locale
LANG=en_GB.UTF-8
LC_CTYPE=pl_PL.UTF-8
LC_NUMERIC=en_GB.UTF-8
LC_TIME=en_GB.UTF-8
LC_COLLATE=pl_PL.UTF-8
LC_MONETARY=pl_PL.UTF-8
LC_MESSAGES=en_GB.UTF-8
LC_PAPER=pl_PL.UTF-8
LC_NAME=pl_PL.UTF-8
LC_ADDRESS=pl_PL.UTF-8
LC_TELEPHONE=pl_PL.UTF-8
LC_MEASUREMENT=pl_PL.UTF-8
LC_IDENTIFICATION=pl_PL.UTF-8
LC_ALL=
$ localectl status
   System Locale: LANG=en_GB.UTF-8
       VC Keymap: pl
      X11 Layout: pl
Flags: needinfo?(dominik)

Because this bug's Severity has not been changed from the default since it was filed, and it's Priority is P3 (Backlog,) indicating it has been triaged, the bug's Severity is being updated to S3 (normal.)

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.