tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit 3c75fa7e4427c47b2af3625677daba309d06ce12
parent 0287eb9eabe55748dd12a8c33d6b3f50d8020276
Author: Tom Ritter <tom@mozilla.com>
Date:   Thu, 20 Nov 2025 14:43:06 +0000

Bug 1999126: Hide the value of the pdfjs pref from being disabled when RFP is enabled r=timhuang

Differential Revision: https://phabricator.services.mozilla.com/D272930

Diffstat:

Mbrowser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js | 7+++++++


Mdom/base/Navigator.cpp | 6+++++-


Mdom/base/nsMimeTypeArray.cpp | 6+++++-


Mdom/base/nsPluginArray.cpp | 6+++++-


Mtoolkit/components/resistfingerprinting/RFPTargets.inc | 3++-


5 files changed, 24 insertions(+), 4 deletions(-)

diff --git a/browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js b/browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js
@@ -331,6 +331,13 @@ add_task(async () => {
   await simpleRFPTest(uri, testNavigator, expectedResults);
 });
 
+add_task(async () => {
+  expectedResults = structuredClone(allSpoofed);
+  await simpleRFPTest(uri, testNavigator, expectedResults, {}, [
+    ["pdfjs.disabled", true],
+  ]);
+});
+
 // In the below tests, we use the cross-origin domain as the base URI of a resource we fetch (on both the framer and framee)
 // so we can check that the HTTP header is as expected.
 
diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp
@@ -517,7 +517,11 @@ nsPluginArray* Navigator::GetPlugins(ErrorResult& aRv) {
   return mPlugins;
 }
 
-bool Navigator::PdfViewerEnabled() { return !StaticPrefs::pdfjs_disabled(); }
+bool Navigator::PdfViewerEnabled() {
+  return !StaticPrefs::pdfjs_disabled() ||
+         nsContentUtils::ShouldResistFingerprinting(GetDocShell(),
+                                                    RFPTarget::PdfjsSpoof);
+}
 
 Permissions* Navigator::GetPermissions(ErrorResult& aRv) {
   if (!mWindow) {
diff --git a/dom/base/nsMimeTypeArray.cpp b/dom/base/nsMimeTypeArray.cpp
@@ -79,7 +79,11 @@ void nsMimeTypeArray::GetSupportedNames(nsTArray<nsString>& retval) {
   }
 }
 
-bool nsMimeTypeArray::ForceNoPlugins() { return StaticPrefs::pdfjs_disabled(); }
+bool nsMimeTypeArray::ForceNoPlugins() {
+  return StaticPrefs::pdfjs_disabled() &&
+         !nsContentUtils::ShouldResistFingerprinting(
+             mWindow ? mWindow->GetDocShell() : nullptr, RFPTarget::PdfjsSpoof);
+}
 
 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(nsMimeType, mPluginElement)
 
diff --git a/dom/base/nsPluginArray.cpp b/dom/base/nsPluginArray.cpp
@@ -96,7 +96,11 @@ void nsPluginArray::GetSupportedNames(nsTArray<nsString>& aRetval) {
   }
 }
 
-bool nsPluginArray::ForceNoPlugins() { return StaticPrefs::pdfjs_disabled(); }
+bool nsPluginArray::ForceNoPlugins() {
+  return StaticPrefs::pdfjs_disabled() &&
+         !nsContentUtils::ShouldResistFingerprinting(
+             mWindow ? mWindow->GetDocShell() : nullptr, RFPTarget::PdfjsSpoof);
+}
 
 NS_IMPL_CYCLE_COLLECTING_ADDREF(nsPluginArray)
 NS_IMPL_CYCLE_COLLECTING_RELEASE(nsPluginArray)
diff --git a/toolkit/components/resistfingerprinting/RFPTargets.inc b/toolkit/components/resistfingerprinting/RFPTargets.inc
@@ -35,7 +35,8 @@ ITEM_VALUE(NavigatorHWConcurrency,      16)
 ITEM_VALUE(NavigatorOscpu,              17)
 ITEM_VALUE(NavigatorPlatform,           18)
 ITEM_VALUE(NavigatorUserAgent,          19)
-// We no longer use PointerId, it can renamed and reused
+// If the user disables PDFJS via a pref, we do not expose that to the web
+ITEM_VALUE(PdfjsSpoof,                  20)
 ITEM_VALUE(StreamVideoFacingMode,       21)
 ITEM_VALUE(JSDateTimeUTC,               22)
 ITEM_VALUE(JSMathFdlibm,                23)