Open Bug 1652393 Opened 5 years ago Updated 3 hours ago

Using Firefox to open files from disk shows those files under "Recent Items" on the Taskbar, despite browser.taskbar.lists.enabled being false

Categories

(Core :: Widget: Win32, defect, P3)

Product:
Core
Component:
Widget: Win32
Version:
78 Branch
Platform:
Desktop
Windows 10
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: nigelh747, Unassigned)

Details

Attachments

(1 obsolete file)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0

Steps to reproduce:

Open a PDF File with Firefox when Firefox is closed and the settings are set in about Config for Firefox (browser.taskbar.lists.enabled=false) not to put any items on the recent items shown in Windows 10 when you highlight the Firefox icon

Actual results:

All PDF files opened with Firefox (apart from those directly downloaded) showed in the Windows 10 recent items for Firefox when Firefox was restarted

Expected results:

Nothing should appear as the settings browser.taskbar.lists.enabled = false

User Privacy is broken by this and so raising as security flag

Component: Untriaged → PDF Viewer
OS: Unspecified → Windows 10
Hardware: Unspecified → Desktop

There's no way to exploit this remotely so this isn't a sensitive bug that needs to stay hidden.

I must admit I also don't quite see the privacy impact - the pref disables all of Firefox's own taskbar list code (via pref reads in browser/modules/WindowsJumpLists.jsm ), and thereby disables caching remote website favicons to disk (clearing any that were there for jumplist purposes), but for files you open locally that obviously isn't a risk factor (the pdf is already on disk, and there's no separate per-pdf favicon).

I expect the entry into the list of items is done by Windows (which obviously knows you opened the file from file explorer or similar). The pref turns off Firefox's code to manage the list itself, and so it's a bit of a catch 22: we shouldn't run any of the list code (and, given your complaint is solely with local PDFs, one assumes that we do not, or other items would show up, too!), but you also expect us to run separate taskbar-list code and delete the items Windows adds in there? Not quite sure what the best solution is.

Anyway, over to widget where people hopefully know the C++/Win32 side of the jumplist code (in https://searchfox.org/mozilla-central/source/widget/windows/JumpListBuilder.cpp ) better.

Group: firefox-core-security
Component: PDF Viewer → Widget: Win32
Product: Firefox → Core

(In reply to :Gijs (he/him) from comment #1)

There's no way to exploit this remotely so this isn't a sensitive bug that needs to stay hidden.

I must admit I also don't quite see the privacy impact - the pref disables all of Firefox's own taskbar list code (via pref reads in browser/modules/WindowsJumpLists.jsm ), and thereby disables caching remote website favicons to disk (clearing any that were there for jumplist purposes), but for files you open locally that obviously isn't a risk factor (the pdf is already on disk, and there's no separate per-pdf favicon).

  • The privacy impact is on a shared computer other users will be able to see what files you last opened - even though the setting in Firefox is set to never remember history on closing or in the jumplist of the taskbar

I expect the entry into the list of items is done by Windows (which obviously knows you opened the file from file explorer or similar). The pref turns off Firefox's code to manage the list itself, and so it's a bit of a catch 22: we shouldn't run any of the list code (and, given your complaint is solely with local PDFs, one assumes that we do not, or other items would show up, too!), but you also expect us to run separate taskbar-list code and delete the items Windows adds in there? Not quite sure what the best solution is.

You manage to remove the entries for pages that people have visited and so if you have the setting set you should also remove the pdfs opened by Firefox as a standalone app. It removes the pdfs opened within Firefox when browsing or downloading and opening in a session, so its a different behaviour when you open a PDF and it opens in Firefox.

Anyway, over to widget where people hopefully know the C++/Win32 side of the jumplist code (in https://searchfox.org/mozilla-central/source/widget/windows/JumpListBuilder.cpp ) better.

(In reply to Nigel from comment #2)

You manage to remove the entries for pages that people have visited

No, for web requests made inside the browser, Windows has no way of knowing you opened them. We use our own http stack, too, so it doesn't go through anything Windows-related from where Windows could deduce that you opened something. We don't add items when the pref is disabled, that's the point. If the pref was enabled before and is then disabled, we remove all the items we've added ourselves, but that's a one time operation.

The behaviour from comment #0 also happens if I pick an image, or a .html file, right click it in Windows explorer, then pick "Open with..." and pick Firefox (or, if Firefox is the default app for that filetype, if I just doubleclick the file). It shows up in the recent items list because Windows puts it there, because it's a local file and Windows knows you opened it with the app in question.

The privacy impact is on a shared computer other users will be able to see what files you last opened - even though the setting in Firefox is set to never remember history on closing or in the jumplist of the taskbar

On a shared computer, if entries from the list of user 1 show when user 2 is logged in, that's a Windows issue that I would encourage you to raise with Microsoft.

If you're sharing a single user account for multiple people, you have bigger issues than this list...

Either way, it seems to me you want to follow steps like the ones in this article: https://www.howtogeek.com/236711/how-to-turn-off-recent-items-and-frequent-places-in-windows-10/ to turn these lists off at the Windows level.

Summary: Using Firefox to open saved PDF enters results in Windows Recent Items on Taskbar, ignoring Firefox settings → Using Firefox to open files from disk shows those files under "Recent Items" on the Taskbar, despite browser.taskbar.lists.enabled being false

On a shared computer, if entries from the list of user 1 show when user 2 is logged in, that's a Windows issue that I would encourage you to raise with Microsoft.

If you're sharing a single user account for multiple people, you have bigger issues than this list...

The issue is if you are using a Public computer sometimes the file name is too obvious. Agreed that I would have bigger issues with a home computer. However if the preference is set it would be ideal if Firefox ensured that Windows did not remember which PDF you opened with Firefox.

Either way, it seems to me you want to follow steps like the ones in this article: https://www.howtogeek.com/236711/how-to-turn-off-recent-items-and-frequent-places-in-windows-10/ to turn these lists off at the Windows level.

  • Thanks - unfortunately for things such as Excel and Word I like the recent items... But not anything associated with Firefox

The severity field is not set for this bug.
:jimm, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(jmathies)

Have you tried setting 'browser.download.manager.addToRecentDocs' to false? We might be adding these through the download code somehow.

Severity: -- → S4
Flags: needinfo?(jmathies)
Priority: -- → P3

(In reply to Jim Mathies [:jimm] from comment #6)

Have you tried setting 'browser.download.manager.addToRecentDocs' to false? We might be adding these through the download code somehow.

The setting is false in my profile, so did not change it

I ran some tests with version 80.0.1 and for some sites you are able to view and edit PDF documents, however for others such as for a Malaysian Bank, with the Firefox version 80.0.x you are unable to download any PDF files successfully, they end at around 21kb and thus are corrupt. Using Chrome Edge, the files all download and are accessible without any issues. Thus for me, version 80.0.x is unreliable as one is unable to simply download a PDF file. The PDF version is 1.4.

(In reply to Nigel from comment #8)

I ran some tests with version 80.0.1 and for some sites you are able to view and edit PDF documents, however for others such as for a Malaysian Bank, with the Firefox version 80.0.x you are unable to download any PDF files successfully, they end at around 21kb and thus are corrupt. Using Chrome Edge, the files all download and are accessible without any issues. Thus for me, version 80.0.x is unreliable as one is unable to simply download a PDF file. The PDF version is 1.4.

That sounds really bad - can you file a separate bug? It doesn't seem related to this issue, but we'd like to get to the bottom of it.

Flags: needinfo?(nigelh747)

Sorry - added the comment to the wrong bug. The bug that it should have been added to is 1661808

Flags: needinfo?(nigelh747)
Attachment #9384712 - Attachment is obsolete: true

The "recent" list only appears when settings browser.taskbar.lists.frequent.enabled to false and then it appears no matter whether browser.taskbar.lists.recent.enabled remains at its default value of false or is set to true - so this bug (1652393) can be considered a duplicate of https://bugzilla.mozilla.org/show_bug.cgi?id=1602942 I think.

Reproducable on both Windows 10 and Windows 11 with the current Firefox version.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: