Expose sanitized UNMASKED_RENDERER as RENDERER
Categories
(Core :: Graphics: CanvasWebGL, enhancement)
Tracking
()
Tracking | Status | |
---|---|---|
firefox92 | --- | fixed |
People
(Reporter: jgilbert, Assigned: jgilbert)
References
Details
Attachments
(1 file)
Currently, Firefox (and Chrome, Edge, and Safari) all unconditionally expose the WEBGL_debug_renderer_info extension to enable UNMASKED_RENDERER queries. Safari always claims "Apple GPU" instead of the actual GPU info, but the rest of us return some possibly-sanitized GPU description here.
After bug 1715690 (in Firefox 91), we've bucketed UNMASKED_RENDERER into broad buckets, such that there should be practically zero additional fingerprinting bits as compared to other bits leaked from extensions/limits/rendering artifacts.
Ideally I'd like us to be in a place where we expose a generic-but-useful RENDERER string universally, but reserve UNMASKED_RENDERER for authentic unfiltered driver RENDERER strings, perhaps as gated by user interaction or permission.
So, what I'd like to try is to expose the sanitized UNMASKED_RENDERER as RENDERER, and disable WEBGL_debug_renderer_info in Nightly.
about:support RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0)
Currently:
- RENDERER: Mozilla
- VENDOR: Mozilla
- WEBGL_debug_renderer_info Enabled by pref default: (disabled with ResistFingerPrinting)
- UNMASKED_RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0)
- UNMASKED_VENDOR: Google Inc.
Proposed:
- RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0)
- VENDOR: Mozilla
- WEBGL_debug_renderer_info Disabled by pref default: (additionally disabled with RFP)
- UNMASKED_RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0)
- UNMASKED_VENDOR: Google Inc.
I could do similarly for VENDOR and UNMASKED_VENDOR, but VENDOR just isn't as useful as RENDERER, and can be easier to abuse. (e.g. works best on nvidia)
Assignee | ||
Comment 1•3 years ago
|
||
Add prefs:
- webgl.enable-renderer-query: true
- webgl.sanitize-unmasked-renderer: false
Rename prefs: - webgl.renderer-string-override => webgl.override-unmasked-renderer
- webgl.vendor-string-override => webgl.override-unmasked-vendor
webgl.enable-renderer-query is treated as false if RFP is enabled.
webgl.override-unmasked-renderer overrides UNMASKED_RENDERER and
is then sanitized for RENDERER if enabled.
Assignee | ||
Comment 2•3 years ago
|
||
This has the potential to be a webcompat issue, though sites are supposed to deal with this elegantly.
We will be able to revert to current behavior with:
- webgl.enable-renderer-query: false
- webgl.sanitize-unmasked-renderer: true
Comment 4•3 years ago
|
||
bugherder |
Description
•