Closed Bug 1821131 Opened 1 year ago Closed 1 year ago

Exempt a document from more restrictive font visibility rules if it has been exempted from tracking protection

Categories

(Core :: Privacy: Anti-Tracking, enhancement)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
113 Branch
Tracking Flags:
Tracking Status
firefox112 --- fixed
firefox113 --- fixed

People

(Reporter: tjr, Assigned: tjr)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fpp:m1])

Attachments

(2 files, 3 obsolete files)

Bug 1821131: Exempt a document from stricter font-visibility rules with the ETP toggle r?jfkthame,timhuang
48 bytes, text/x-phabricator-request
diannaS
: approval-mozilla-beta+
Details | Review
Bug 1821131 - Make font visibility part of the fontconfig substitution cache key. r=jfkthame
48 bytes, text/x-phabricator-request
diannaS
: approval-mozilla-beta+
Details | Review

We would like to wire up the ETP permission (the one found in the shield icon, where you can disable ETP for a given site) to the font visibility mechanics. This is to allow a restrictive font visibility to be in place by default, but then allow a user to un-break the page and opt in to a more permissive visibility. This will also apply when the RFP pref is enabled.

I tested this patch manually and it mostly works. The problem is that when I exempt a document and it reloads, it doesn't update the value. It's required for you to close the tab and then open it again. I believe we need to call nsPresContext::UpdateFontVisibility() in the reload flow unconditionally, or call it somewhere in the RTP reload command. The latter seems particularly ugly, but I also couldn't find a good spot in the reload flow where I might insert this call...

It doesn't seem like we have any tests for font visibility, presumably because it's very difficult to test because it requires custom configuration on the machines the test run on.

Obviously this comment is incorrect, as
LOAD_FLAGS_IS_REDIRECT exists. Additionally, nothing
uses this constant, so just remove it.

Depends on D172041

Attached file WIP: Bug 1821131: A bunch of logging (obsolete) —

Depends on D172305

Attachment #9322463 - Attachment is obsolete: true

So that doesn't work. I've attached patches that plumb everything, but they're actually not necessary to repro the problem, you can repro a variant of it with a clean tree (the second set of steps).

STR:

  1. Apply patches
  2. Install the JetBrains font
  3. Go to https://ritter.vg/misc/ff/font-jetbrains.html and confirm all three are using different fonts. (If they're not, you're going to need to reset prefs or reload the browser or reinstall the font or something)
  4. Set layout.css.font-visibility.trackingprotection to 1 and probably restart the browser to be safe
  5. Confirm that in regular browser window, you see all three different fonts, and in PBM the middle font matches the bottom.
  6. Exempt the page from ETP, it reloads. Same behavior.
  7. Copy the URL, open a new tab, paste it, and you should see the middle font in JetBrains now.

That's a page reload. Here's another way to reproduce this where a page should be restyled in-place without a reload, and this happens on a clean tree:

  1. Do steps 2-5
  2. Edit the pref layout.css.font-visibility.trackingprotection to 3 which should cause UpdateFontVisbility() to be called and a restyle to happen.
  3. Observe nothing changed
Flags: needinfo?(emilio)

This is one possible option, the other one is to just cache the
substitute results.

Flags: needinfo?(emilio)

(In reply to Emilio Cobos Álvarez (:emilio) from comment #7)

Created attachment 9323007 [details]
Bug 1821131 - Make font visibility part of the fontconfig substitution cache key. r=jfkthame

Whoo! I can confirm this fixes the issue (both the ETP opt-out and pref change one). I'm not sure what the Ubuntu/Fedora comment is about though...?

(In reply to Tom Ritter [:tjr] from comment #9)

Whoo! I can confirm this fixes the issue (both the ETP opt-out and pref change one). I'm not sure what the Ubuntu/Fedora comment is about though...?

I'm just saying that your STR don't work if you're not in Ubuntu or Fedora. I'm on Arch, and I had to hack up that line of code to be able to reproduce the issue since we don't have a "standard font list".

Pushed by ealvarez@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/13a7475298b2
Make font visibility part of the fontconfig substitution cache key. r=jfkthame
Attachment #9322464 - Attachment description: WIP: Bug 1821131: Plumb UpdateFontVisibility into the Reload Path with LOAD_FLAGS → Bug 1821131: Plumb UpdateFontVisibility into the Reload Path with LOAD_FLAGS r?farre
Attachment #9322464 - Attachment is obsolete: true
Attachment #9322465 - Attachment is obsolete: true
Pushed by tritter@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/7b02c229d8cb
Exempt a document from stricter font-visibility rules with the ETP toggle r=timhuang

https://hg.mozilla.org/mozilla-central/rev/13a7475298b2

Status: NEW → RESOLVED
Closed: 1 year ago
status-firefox113: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 113 Branch

Comment on attachment 9321955 [details]
Bug 1821131: Exempt a document from stricter font-visibility rules with the ETP toggle r?jfkthame,timhuang

Beta/Release Uplift Approval Request

  • User impact if declined: We will not be able to run experiments in Release
  • Is this code covered by automated tests?: No
  • Has the fix been verified in Nightly?: Yes
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Both patches are quite small and unlikely to cause issues. They only affect font visibility which is not restricted right now except with RFP enabled.
  • String changes made/needed:
  • Is Android affected?: No
Attachment #9321955 - Flags: approval-mozilla-beta?
Attachment #9323007 - Flags: approval-mozilla-beta?

Comment on attachment 9321955 [details]
Bug 1821131: Exempt a document from stricter font-visibility rules with the ETP toggle r?jfkthame,timhuang

Approved for 112.0b6

Attachment #9321955 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Attachment #9323007 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Flags: qe-verify+
QA Whiteboard: [qa-triaged]
QA Whiteboard: [qa-triaged]
Flags: qe-verify+
Whiteboard: [fpp:m1]
Depends on: 1829160
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: