1845940 - Window objects realms for initial about:blank are created with wrong RFP flags

Status: RESOLVED FIXED

(Core :: DOM: Core & HTML, defect)

Description

[Tom Schuster]

It seems like the very first document and some other initial about:blank documents end up in a situation where CreateNativeGlobalForInner is called without Document::mShouldResistFingerprinting being correctly initialized. This means that with privacy.resistFingerprinting enabled we will force UTC and fdlibm even though it's unnecessary. (We never set either of those with just privacy.fingerprintingProtection). We seem to call Document::RecomputeResistFingerprinting on these documents too early or maybe not often enough.

It seems like this can be solved by calling RecomputeResistFingerprinting in Document::ResetToURI or maybe we just doing it in Document::SetPrincipals.

This ends up affecting chrome://browser/content/browser.xhtml, which means this is also noticeable in the browser console.

Comment 1

[Tom Schuster]

Attachment: Bug 1845940 - Call RecomputeResistFingerprinting in Document::SetPrincipals. r?emilio

Comment 2

[Masayuki Nakano [:masayuki] (he/him)(JST, +0900)]

Not a bug of a feature enabled by default.

-> S3

Comment 3

[Pulsebot]

Pushed by tschuster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/38262976d922
Call RecomputeResistFingerprinting in Document::SetPrincipals. r=emilio

Comment 4

[Iulian Moraru]

Backed out for causing spidermonkey build bustages on TestingUtility.cpp.

• Push with failures

• Failure log

• Backout link

[task 2023-09-08T13:52:32.914Z] gmake[4]: Entering directory '/builds/worker/workspace/obj-spider/js/src'
[task 2023-09-08T13:52:32.914Z] /builds/worker/fetches/clang/bin/clang++ --sysroot /builds/worker/fetches/sysroot-x86_64-linux-gnu -o TestingUtility.o -c  -I/builds/worker/workspace/obj-spider/dist/system_wrappers -include /builds/worker/checkouts/gecko/config/gcc_hidden.h -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -fstack-clash-protection -ftrivial-auto-var-init=pattern -DDEBUG=1 -DWASM_SUPPORTS_HUGE_MEMORY -DJS_CACHEIR_SPEW -DJS_STRUCTURED_SPEW -DEXPORT_JS_API -DMOZ_HAS_MOZGLUE -I/builds/worker/checkouts/gecko/js/src -I/builds/worker/workspace/obj-spider/js/src -I/builds/worker/workspace/obj-spider/dist/include -I/builds/worker/workspace/obj-spider/dist/include/nspr -I/builds/worker/fetches/sysroot-x86_64-linux-gnu/usr/include -DMOZILLA_CLIENT -include /builds/worker/workspace/obj-spider/js/src/js-confdefs.h -D_GLIBCXX_USE_CXX11_ABI=0 -fno-sized-deallocation -fno-aligned-new -fPIC -fno-rtti -ffunction-sections -fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -gdwarf-4 -Xclang -load -Xclang /builds/worker/workspace/obj-spider/build/clang-plugin/libclang-plugin.so -Xclang -add-plugin -Xclang moz-check -O3 -fno-omit-frame-pointer -funwind-tables -Werror -Wall -Wbitfield-enum-conversion -Wdeprecated-this-capture -Wempty-body -Wformat-type-confusion -Wignored-qualifiers -Wpointer-arith -Wshadow-field-in-constructor-modified -Wsign-compare -Wtautological-constant-in-range-compare -Wtype-limits -Wno-error=tautological-type-limit-compare -Wunreachable-code -Wunreachable-code-return -Wunused-but-set-parameter -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt -Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis -Wno-range-loop-analysis -Wc++2a-compat -Wenum-compare-conditional -Wenum-float-conversion -Wno-error=deprecated -Wno-error=deprecated-anon-enum-enum-conversion -Wno-error=deprecated-enum-enum-conversion -Wno-error=deprecated-pragma -Wno-error=deprecated-this-capture -Wcomma -Wimplicit-fallthrough -Wstring-conversion -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wformat -Wformat-security -Wno-psabi -Wthread-safety -Wno-error=builtin-macro-redefined -Wno-unknown-warning-option -Werror=format -fstandalone-debug -fno-strict-aliasing -ffp-contract=off  -MD -MP -MF .deps/TestingUtility.o.pp   /builds/worker/checkouts/gecko/js/src/builtin/TestingUtility.cpp
[task 2023-09-08T13:52:32.914Z] /builds/worker/checkouts/gecko/js/src/builtin/TestingUtility.cpp:267:5: error: use of undeclared identifier 'ReportUsageErrorASCII'
[task 2023-09-08T13:52:32.914Z]     ReportUsageErrorASCII(cx, callee,
[task 2023-09-08T13:52:32.914Z]     ^
[task 2023-09-08T13:52:32.914Z] /builds/worker/checkouts/gecko/js/src/builtin/TestingUtility.cpp:284:5: error: use of undeclared identifier 'ReportUsageErrorASCII'
[task 2023-09-08T13:52:32.914Z]     ReportUsageErrorASCII(cx, callee,
[task 2023-09-08T13:52:32.914Z]     ^
[task 2023-09-08T13:52:32.914Z] 2 errors generated.
[task 2023-09-08T13:52:32.914Z] gmake[4]: *** [/builds/worker/checkouts/gecko/config/rules.mk:660: TestingUtility.o] Error 1
[task 2023-09-08T13:52:32.914Z] gmake[4]: Leaving directory '/builds/worker/workspace/obj-spider/js/src'
[task 2023-09-08T13:52:32.914Z] gmake[4]: Entering directory '/builds/worker/workspace/obj-spider/js/src'
[task 2023-09-08T13:52:32.914Z] js/src/WeakSetObject.o
[task 2023-09-08T13:52:32.914Z] gmake[4]: Leaving directory '/builds/worker/workspace/obj-spider/js/src'

LATER EDIT: it seems that this does not affect only spidermonkey builds because later this Bp-nu build failed

Comment 5

[Pulsebot]

Pushed by tschuster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/102e68533359
Call RecomputeResistFingerprinting in Document::SetPrincipals. r=emilio

Comment 6

[Narcis Beleuzu [:NarcisB]]

https://hg.mozilla.org/mozilla-central/rev/102e68533359