Bug 6253: Add canvas image extraction prompt.
(See also Bug #12684, Make "Not now" default for HTML5 canvas permission dialogue, patched by Isis Lovecruft.) This implements a `PopupNotification` [0] which notifies users that a website has attempted to access an HTML5 canvas. The default ordering for buttons is: Not Now Never for this site (recommended) Allow in the future * FIXES #12684 [1] by making "Not Now" the default in the HTML5 canvas fingerprinting permissions dialogue. * Palette icons included in HTML5 canvas permissions PopupNotification UI. The image is freely licensed and obtainable from: https://openclipart.org/image/300px/svg_to_png/21620/ben_palette.png * Includes a CSS whitespace hack from Pearl Crescent to the `CanvasPermissionPromptHelper_init()` function in `browser/base/content/browser.js` for causing the newlines in the `canvas.siteprompt` string (in torbutton.git, in `chrome/locale/en/torbutton.properties`) to render correctly in PopupNotification XUL <description> elements. [2] NOTE: Applying this patch requires an additional patch to TorButton, to store the additional UI strings before localisation. [3] [0]: https://mxr.mozilla.org/mozilla-esr24/source/toolkit/modules/PopupNotifications.jsm [1]: https://bugs.torproject.org/12684 [2]: https://trac.torproject.org/projects/tor/ticket/12684#comment:21 [3]: https://github.com/isislovecruft/torbutton/commit/368e74d62df349b27cf578525c3fa15da19ccdc2 Also includes: Bug 13021: Prompt before allowing Canvas isPointIn*() calls. Display our data extraction prompt and implement site-specific preferences for access to the isPointInPath() and isPointInStroke() methods. Bug 13439: No canvas prompt for content-callers. Both the Inspector and PDF.js raise canvas prompts although they are no danger as they are delivered with the browser itself and are no untrusted content. This patch exempts both of them from canvas prompts, too. If calling `DescribeScriptedCaller` fails neither `scriptFile` nor `scriptLine` are logged. Bug 15640: Place Canvas MediaStream behind site permission prompt. Bug 17446: Ensure that third parties are never able to extract canvas image data, even if the same domain has been given permission previously as a first party. Bug 23393: When processing the ShowCanvasPermissionPrompt message in the main (parent) process, avoid returning an error from the IPC handler if the browser element cannot be obtained. Prior to this change, canvas prompt requests that arrived as a tab was closing would generate an error, which in turn caused the main process to kill the content process. Also, refactor slightly to clarify logic of IsImageExtractionAllowed.
parent
789bad5f
Please register or sign in to comment