commit 84d91075904f789517a20b252068295bc86cb5fb
parent df0b1573deb3d0ccf5d304bb77c35d66750f452b
Author: Tim Huang <tihuang@mozilla.com>
Date: Tue, 6 Jan 2026 14:37:19 +0000
Bug 2007566 - Don't report fingerprinters for resource and chrome URIs. r=emz
Differential Revision: https://phabricator.services.mozilla.com/D277868
Diffstat:
3 files changed, 32 insertions(+), 16 deletions(-)
diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp
@@ -17700,13 +17700,13 @@ void Document::RecordCanvasUsage(CanvasUsage& aUsage) {
uint64_t now = PR_Now();
nsCString originNoSuffix;
- nsCString uri;
if (NS_FAILED(NodePrincipal()->GetOriginNoSuffix(originNoSuffix))) {
MOZ_LOG(gFingerprinterDetection, LogLevel::Error,
("Document:: %p Could not get originsuffix", this));
return;
}
- if (NS_FAILED(NodePrincipal()->GetSpec(uri))) {
+ nsCOMPtr<nsIURI> uri = NodePrincipal()->GetURI();
+ if (!uri) {
MOZ_LOG(gFingerprinterDetection, LogLevel::Error,
("Document:: %p Could not get uri", this));
return;
@@ -17727,11 +17727,14 @@ void Document::RecordCanvasUsage(CanvasUsage& aUsage) {
}
}
+ nsAutoCString uriString;
+ (void)uri->GetSpec(uriString);
+
MOZ_LOG(gFingerprinterDetection, LogLevel::Debug,
("Document:: %p %s recording canvas usage of type %s on %s in %s",
this, originNoSuffix.get(),
- CanvasUsageSourceToString(aUsage.mUsageSource).get(), uri.get(),
- filename.get()));
+ CanvasUsageSourceToString(aUsage.mUsageSource).get(),
+ uriString.get(), filename.get()));
}
// Check if we need to clear the usage data for this source.
@@ -17809,12 +17812,12 @@ void Document::RecordCanvasUsage(CanvasUsage& aUsage) {
}
void Document::RecordFontFingerprinting() {
- nsCString uri;
nsCString originNoSuffix;
if (NS_FAILED(NodePrincipal()->GetOriginNoSuffix(originNoSuffix))) {
return;
}
- if (NS_FAILED(NodePrincipal()->GetSpec(uri))) {
+ nsCOMPtr<nsIURI> uri = NodePrincipal()->GetURI();
+ if (!uri) {
return;
}
diff --git a/toolkit/components/resistfingerprinting/nsRFPService.cpp b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@@ -2401,12 +2401,19 @@ static void MaybeCurrentCaller(nsACString& aFilename, uint32_t& aLineNum,
}
/* static */ void nsRFPService::MaybeReportCanvasFingerprinter(
- nsTArray<CanvasUsage>& aUses, nsIChannel* aChannel, const nsACString& aURI,
+ nsTArray<CanvasUsage>& aUses, nsIChannel* aChannel, nsIURI* aURI,
const nsACString& aOriginNoSuffix) {
if (!aChannel) {
return;
}
+ nsAutoCString scheme;
+ (void)aURI->GetScheme(scheme);
+ // We exclude reporting for chrome and resource URIs.
+ if (scheme.EqualsLiteral("chrome") || scheme.EqualsLiteral("resource")) {
+ return;
+ }
+
bool extractedWebGL = false;
bool seenExtractedWebGL_300x150 = false;
bool seenExtractedWebGL_2000x200 = false;
@@ -2514,7 +2521,8 @@ static void MaybeCurrentCaller(nsACString& aFilename, uint32_t& aLineNum,
fingerprinter = CanvasFingerprinterAlias::eVariant2;
}
- nsAutoCString uri(aURI);
+ nsAutoCString uri;
+ (void)aURI->GetSpec(uri);
nsAutoCString origin(aOriginNoSuffix);
nsAutoCString filename;
if (MOZ_LOG_TEST(gFingerprinterDetection, LogLevel::Info)) {
@@ -2553,12 +2561,18 @@ static void MaybeCurrentCaller(nsACString& aFilename, uint32_t& aLineNum,
}
/* static */ void nsRFPService::MaybeReportFontFingerprinter(
- nsIChannel* aChannel, const nsACString& aURI,
- const nsACString& aOriginNoSuffix) {
+ nsIChannel* aChannel, nsIURI* aURI, const nsACString& aOriginNoSuffix) {
if (!aChannel) {
return;
}
+ nsAutoCString scheme;
+ (void)aURI->GetScheme(scheme);
+ // We exclude reporting for chrome and resource URIs.
+ if (scheme.EqualsLiteral("chrome") || scheme.EqualsLiteral("resource")) {
+ return;
+ }
+
// The logging of the event will access nsLoadGroup which is main-thread only.
// So we need to dispatch the task to the main thread if we are reporting
// the event off-main-thread.
@@ -2566,7 +2580,7 @@ static void MaybeCurrentCaller(nsACString& aFilename, uint32_t& aLineNum,
NS_DispatchToMainThread(NS_NewRunnableFunction(
"nsRFPService::MaybeReportFontFingerprinter",
[channel = nsCOMPtr{aChannel},
- originNoSuffix = nsCString(aOriginNoSuffix), uri = nsCString(aURI)]() {
+ originNoSuffix = nsCString(aOriginNoSuffix), uri = nsCOMPtr{aURI}]() {
nsRFPService::MaybeReportFontFingerprinter(channel, uri,
originNoSuffix);
}));
@@ -2574,7 +2588,8 @@ static void MaybeCurrentCaller(nsACString& aFilename, uint32_t& aLineNum,
return;
}
- nsAutoCString uri(aURI);
+ nsAutoCString uri;
+ (void)aURI->GetSpec(uri);
nsAutoCString origin(aOriginNoSuffix);
if (MOZ_LOG_TEST(gFingerprinterDetection, LogLevel::Info)) {
diff --git a/toolkit/components/resistfingerprinting/nsRFPService.h b/toolkit/components/resistfingerprinting/nsRFPService.h
@@ -568,12 +568,10 @@ class nsRFPService final : public nsIObserver, public nsIRFPService {
// --------------------------------------------------------------------------
static void MaybeReportCanvasFingerprinter(nsTArray<CanvasUsage>& aUses,
- nsIChannel* aChannel,
- const nsACString& aURI,
+ nsIChannel* aChannel, nsIURI* aURI,
const nsACString& aOriginNoSuffix);
- static void MaybeReportFontFingerprinter(nsIChannel* aChannel,
- const nsACString& aURI,
+ static void MaybeReportFontFingerprinter(nsIChannel* aChannel, nsIURI* aURI,
const nsACString& aOriginNoSuffix);
// --------------------------------------------------------------------------
