#13496: Write test for spoofed navigator* values in workers --------------------------------------+-------------------------- Reporter: gk | Owner: tbb-team Type: task | Status: assigned Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: ff38-esr, tbb-testcase | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+--------------------------
Comment (by Thorin): @gk: tests you say... ok then (RFP passes every single test I can think of: excluding feature detection) - Firefox (use a non-68 release) - flip RFP on - while I'm still in the process of finishing building these into TZP, you can use kkapsner's test [1] - this tests open.window(), iframe, nested iframe, "sneaky" iframe, some other iframe, web worker, shared worker, service worker, nested workers, worker from blob ... etc - I've tested kkapsner's test with RFP off and UA spoofing extensions that fail to cover iframes etc - for those following along at home: ignore the red line that says headers is different to navigator (that's by design) [1] https://canvasblocker.kkapsner.de/test/navigatorTest.php As for what tests are upstream, it seems limited - https://dxr.mozilla.org/mozilla- central/source/browser/components/resistfingerprinting/test/browser/browser_navigator.js - ^^ includes a worker test -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13496#comment:6> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs