tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit dd4df1a566428146f8b9fed53506c65cc6bb1f56
parent 71a010b51286e87aa62b63d0bfca4cdfc01224de
Author: Tom Ritter <tom@mozilla.com>
Date:   Tue,  9 Dec 2025 16:35:00 +0000

Bug 1873716: Handle about:blank iframes that do fingerprinting r=timhuang

We encountered a fingerprinter that created an about:blank iframe
and did fingerprinting there. This iframe had no channel, so it
did not get a ContentBlockingEvent on it.  Traverse the document
tree upwards to find a document we can log it on.

SKIP_BMO_CHECK

Differential Revision: https://phabricator.services.mozilla.com/D274380

Diffstat:

Mdom/base/Document.cpp | 45++++++++++++++++++++++++++++++++++++++++++++-


1 file changed, 44 insertions(+), 1 deletion(-)

diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp
@@ -17571,7 +17571,6 @@ void Document::RecordCanvasUsage(CanvasUsage& aUsage) {
 
   uint64_t now = PR_Now();
 
-
   nsCString originNoSuffix;
   nsCString uri;
   if (NS_FAILED(NodePrincipal()->GetOriginNoSuffix(originNoSuffix))) {
@@ -17633,6 +17632,50 @@ void Document::RecordCanvasUsage(CanvasUsage& aUsage) {
   mCanvasUsageLastTimestamp = now;
   mCanvasUsageData.AppendElement(aUsage);
 
+  nsIChannel* channel = GetChannel();
+  if (!channel) {
+    MOZ_LOG(
+        gFingerprinterDetection, LogLevel::Warning,
+        ("Document:: %p %s no channel available", this, originNoSuffix.get()));
+
+    // Borrowed from ReComputeResistFingerprinting
+    // which tells me this is probably a common problem...
+    auto shouldInheritFrom = [this](Document* aDoc) {
+      return aDoc && this->NodePrincipal() &&
+             (this->NodePrincipal()->Equals(aDoc->NodePrincipal()) ||
+              this->NodePrincipal()->GetIsNullPrincipal());
+    };
+
+    // Climb parent documents until we find a channel.
+    Document* docToCheck = this;
+    while (docToCheck && !channel) {
+      if (docToCheck->mParentDocument &&
+          shouldInheritFrom(docToCheck->mParentDocument)) {
+        channel = docToCheck->mParentDocument->GetChannel();
+      }
+      docToCheck = docToCheck->mParentDocument;
+    }
+
+    docToCheck = this;
+    while (docToCheck && !channel) {
+      RefPtr<BrowsingContext> opener =
+          docToCheck->GetBrowsingContext()
+              ? docToCheck->GetBrowsingContext()->GetOpener()
+              : nullptr;
+      docToCheck = opener ? opener->GetDocument() : nullptr;
+
+      if (docToCheck && shouldInheritFrom(docToCheck)) {
+        channel = docToCheck->GetChannel();
+      }
+    }
+
+    if (!channel) {
+      MOZ_LOG(gFingerprinterDetection, LogLevel::Warning,
+              ("Document:: %p %s still could not find a channel", this,
+               originNoSuffix.get()));
+    }
+  }
+
   nsRFPService::MaybeReportCanvasFingerprinter(mCanvasUsageData, channel, uri,
                                                originNoSuffix);
 }