[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #19048 [Applications/Tor Browser]: Review Firefox Developer Docs and Undocumented bugs since FF45esr

Subject: Re: [tor-bugs] #19048 [Applications/Tor Browser]: Review Firefox Developer Docs and Undocumented bugs since FF45esr
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 25 Feb 2017 13:49:29 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 25 Feb 2017 08:49:43 -0500
In-reply-to: <042.a6f6f8e938f141cf53d70e38a242ec66@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.a6f6f8e938f141cf53d70e38a242ec66@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#19048: Review Firefox Developer Docs and Undocumented bugs since FF45esr
--------------------------------------------+--------------------------
 Reporter:  gk                              |          Owner:  tbb-team
     Type:  task                            |         Status:  new
 Priority:  Medium                          |      Milestone:
Component:  Applications/Tor Browser        |        Version:
 Severity:  Normal                          |     Resolution:
 Keywords:  ff52-esr, TorBrowserTeam201702  |  Actual Points:
Parent ID:                                  |         Points:
 Reviewer:                                  |        Sponsor:  Sponsor4
--------------------------------------------+--------------------------

Comment (by mcs):

 Finally, here our our notes for Firefox 51 (we did not look at the Firefox
 52 changes yet):

 a) We should verify that `TypedArray.toLocaleString()` does not leak
 locale information.
    https://developer.mozilla.org/en-
 US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray/toLocaleString

 b) We should verify that the new `<input>` types do not leak locale
 information, e.g., `<input type="time">`, `type="date"`, `type="week"`,
 etc.
  https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input

 c) WebGL2 is enabled by default which may enable new fingerprinting
 opportunities:
  https://developer.mozilla.org/en-US/docs/Web/API/WebGL_API

 d) HTTP Opportunistic Security may add some linkability risks, although it
 seems okay at a glance.
  http://httpwg.org/http-extensions/opsec.html
  https://bugzilla.mozilla.org/show_bug.cgi?id=1301117

 e) Do we want to disable Web Audio due to fingerprinting risks? Mozilla
 keeps adding more functionality. Maybe this is already covered by #13017.

 f) There are some new Storage APIs that we should look at, e.g.,
  https://developer.mozilla.org/en-US/docs/Web/API/StorageManager/estimate
  https://bugzilla.mozilla.org/show_bug.cgi?id=1267941

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19048#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #21411 [Internal Services/Service - git]: Commit access tpo.org for Linda
Next by Author: Re: [tor-bugs] #21334 [Core Tor/Tor]: prop224: Update prop224 HS desriptor generation code to produce the latest descriptor format
Previous by thread: Re: [tor-bugs] #19048 [Applications/Tor Browser]: Review Firefox Developer Docs and Undocumented bugs since FF45esr
Next by thread: Re: [tor-bugs] #21200 [Applications/Tor Browser]: Move all TB Mozilla service calls to .onions
Index(es):
- Author
- Thread