[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26611 [Applications/Tor Browser]: verify no locale leaks in ESR60 `Intl` APIs
#26611: verify no locale leaks in ESR60 `Intl` APIs
-------------------------------------------------+-------------------------
Reporter: mcs | Owner: tbb-
| team
Type: defect | Status:
| needs_review
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-fingerprinting, ff60-esr, | Actual Points:
TorBrowserTeam201808R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by arthuredelstein):
* status: new => needs_review
* keywords: tbb-fingerprinting, ff60-esr, TorBrowserTeam201808 => tbb-
fingerprinting, ff60-esr, TorBrowserTeam201808R
Comment:
Replying to [ticket:26611 mcs]:
> Several new `Intl` APIs and enhancements to existing APIs were added
during the ESR60 development cycle. We should review the changes to make
sure locale info, etc. is not leaked when `privacy.resistFingerprinting`
is `true`.
In general, the `Intl` APIs use the apparent system locale.
"javascript.use_us_english" and "privacy.spoof_english" already cause the
system locale to be overridden for Firefox so that previous APIs correctly
behaved as though the locale were "en-US".
But I wanted to make sure that the new APIs also followed the same
mechanism. So I ran manual tests for each. I opened a blank page and
entered test inputs into the content console for two values of
"privacy.spoof_english":
> See:
> https://bugzilla.mozilla.org/show_bug.cgi?id=1403318
> https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Reference/Global_Objects/PluralRules
||= privacy.spoof_english =||= `new
Intl.PluralRules().resolvedOptions().locale` =||
|| 1 || `"de"` ||
|| 2 || `"en-US"` ||
> https://bugzilla.mozilla.org/show_bug.cgi?id=1403319
> https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Reference/Global_Objects/NumberFormat/formatToParts
||= privacy.spoof_english =||=
`Intl.NumberFormat().formatToParts(1000)[1]` =||
|| 1 || `Object { type: "group", value: "." }` ||
|| 2 || `Object { type: "group", value: "," }` ||
> https://bugzilla.mozilla.org/show_bug.cgi?id=1386146
> https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Reference/Global_Objects/DateTimeFormat
||= privacy.spoof_english =||= `new Intl.DateTimeFormat(undefined, {hour:
"numeric"}).resolvedOptions().hourCycle` =||
|| 1 || `"h23"` ||
|| 2 || `"h12"` ||
So the manual tests appear to confirm that these new APIs are correctly
spoofing the locale. I also a opened a bugzilla bug to propose the idea of
adding some regression tests: https://bugzilla.mozilla.org/1486258
Setting to "needs review" for a second opinion. :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26611#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs