Commit 33139ca4 authored by Kathleen Brade's avatar Kathleen Brade Committed by Mike Perry
Browse files

Do not expose physical screen info via window & window.screen. 

Non-chrome callers get zero for x and y position and the window's
inner width and height for dimensions.
parent b8067345

dom/base/nsGlobalWindow.cpp

+46 −0
Original line number Diff line number Diff line
@@ -4268,6 +4268,10 @@ nsGlobalWindow::GetOuterWidth(int32_t* aOuterWidth) 
{

  FORWARD_TO_OUTER(GetOuterWidth, (aOuterWidth), NS_ERROR_NOT_INITIALIZED);



  // For non-chrome callers, return inner width to prevent fingerprinting.

  if (!IsChrome())

    return GetInnerWidth(aOuterWidth);



  nsIntSize sizeCSSPixels;

  nsresult rv = GetOuterSize(&sizeCSSPixels);

  NS_ENSURE_SUCCESS(rv, rv);
@@ -4281,6 +4285,10 @@ nsGlobalWindow::GetOuterHeight(int32_t* aOuterHeight) 
{

  FORWARD_TO_OUTER(GetOuterHeight, (aOuterHeight), NS_ERROR_NOT_INITIALIZED);



  // For non-chrome callers, return inner height to prevent fingerprinting.

  if (!IsChrome())

    return GetInnerHeight(aOuterHeight);



  nsIntSize sizeCSSPixels;

  nsresult rv = GetOuterSize(&sizeCSSPixels);

  NS_ENSURE_SUCCESS(rv, rv);
@@ -4340,6 +4348,12 @@ nsGlobalWindow::GetScreenX(int32_t* aScreenX) 
{

  FORWARD_TO_OUTER(GetScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED);



   // For non-chrome callers, always return 0 to prevent fingerprinting.

   if (!IsChrome()) {

     *aScreenX = 0;

     return NS_OK;

   }



  nsCOMPtr<nsIBaseWindow> treeOwnerAsWin = GetTreeOwnerWindow();

  NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE);
@@ -4386,6 +4400,12 @@ nsGlobalWindow::GetMozInnerScreenX(float* aScreenX) 
{

  FORWARD_TO_OUTER(GetMozInnerScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED);



  // For non-chrome callers, always return 0 to prevent fingerprinting.

  if (!IsChrome()) {

    *aScreenX = 0;

    return NS_OK;

  }



  nsRect r = GetInnerScreenRect();

  *aScreenX = nsPresContext::AppUnitsToFloatCSSPixels(r.x);

  return NS_OK;
@@ -4396,6 +4416,12 @@ nsGlobalWindow::GetMozInnerScreenY(float* aScreenY) 
{

  FORWARD_TO_OUTER(GetMozInnerScreenY, (aScreenY), NS_ERROR_NOT_INITIALIZED);



  // For non-chrome callers, always return 0 to prevent fingerprinting.

  if (!IsChrome()) {

    *aScreenY = 0;

    return NS_OK;

  }



  nsRect r = GetInnerScreenRect();

  *aScreenY = nsPresContext::AppUnitsToFloatCSSPixels(r.y);

  return NS_OK;
@@ -4611,6 +4637,12 @@ nsGlobalWindow::GetScreenY(int32_t* aScreenY) 
  nsCOMPtr<nsIBaseWindow> treeOwnerAsWin = GetTreeOwnerWindow();

  NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE);



   // For non-chrome callers, always return 0 to prevent fingerprinting.

  if (!IsChrome()) {

    *aScreenY = 0;

    return NS_OK; 

  }



  int32_t x, y;



  NS_ENSURE_SUCCESS(treeOwnerAsWin->GetPosition(&x, &y),
@@ -4651,6 +4683,20 @@ nsGlobalWindow::SetScreenY(int32_t aScreenY) 
  return NS_OK;

}



bool

nsGlobalWindow::IsChrome()

{

  bool isChrome = false;



  if (mDocShell) {

    nsRefPtr<nsPresContext> presContext;

    mDocShell->GetPresContext(getter_AddRefs(presContext));

    isChrome = (presContext && presContext->IsChrome());

  }



  return isChrome;

}



// NOTE: Arguments to this function should have values scaled to

// CSS pixels, not device pixels.

void

dom/base/nsGlobalWindow.h

+2 −0
Original line number Diff line number Diff line
@@ -999,6 +999,8 @@ protected: 
  nsresult SetOuterSize(int32_t aLengthCSSPixels, bool aIsWidth);

  nsRect GetInnerScreenRect();



  bool IsChrome();



  bool IsFrame()

  {

    return GetParentInternal() != nullptr;

dom/base/nsScreen.cpp

+55 −0
Original line number Diff line number Diff line
@@ -92,6 +92,10 @@ nsScreen::GetPixelDepth(ErrorResult& aRv) 
    return -1;

  }



  // For non-chrome callers, always return 24 to prevent fingerprinting.

  if (!IsChrome())

    return 24;



  uint32_t depth;

  context->GetDepth(depth);

  return depth;
@@ -128,6 +132,11 @@ nsScreen::GetDeviceContext() 
nsresult

nsScreen::GetRect(nsRect& aRect)

{

  // For non-chrome callers, return window inner rect to prevent fingerprinting.

  if (!IsChrome()) {

    return GetWindowInnerRect(aRect);

  }



  nsDeviceContext *context = GetDeviceContext();



  if (!context) {
@@ -147,6 +156,11 @@ nsScreen::GetRect(nsRect& aRect) 
nsresult

nsScreen::GetAvailRect(nsRect& aRect)

{

  // For non-chrome callers, return window inner rect to prevent fingerprinting.

  if (!IsChrome()) {

    return GetWindowInnerRect(aRect);

  }



  nsDeviceContext *context = GetDeviceContext();



  if (!context) {
@@ -427,3 +441,44 @@ nsScreen::FullScreenEventListener::HandleEvent(nsIDOMEvent* aEvent) 


  return NS_OK;

}



bool

nsScreen::IsChrome()

{

  bool isChrome = false;

  nsCOMPtr<nsPIDOMWindow> owner = GetOwner();

  if (owner)

    isChrome = IsChromeType(owner->GetDocShell());



  return isChrome;

}



nsresult

nsScreen::GetDOMWindow(nsIDOMWindow **aResult)

{

  NS_ENSURE_ARG_POINTER(aResult);

  *aResult = NULL;



  nsCOMPtr<nsPIDOMWindow> owner = GetOwner();

  if (!owner)

    return NS_ERROR_FAILURE;



  nsCOMPtr<nsIDOMWindow> win = do_QueryInterface(owner);

  NS_ENSURE_STATE(win);

  win.swap(*aResult);



  return NS_OK;

}



nsresult

nsScreen::GetWindowInnerRect(nsRect& aRect)

{

  aRect.x = 0;

  aRect.y = 0;

  nsCOMPtr<nsIDOMWindow> win;

  nsresult rv = GetDOMWindow(getter_AddRefs(win));

  NS_ENSURE_SUCCESS(rv, rv);

  rv = win->GetInnerWidth(&aRect.width);

  NS_ENSURE_SUCCESS(rv, rv);

  return win->GetInnerHeight(&aRect.height);

}

dom/base/nsScreen.h

+4 −0
Original line number Diff line number Diff line
@@ -20,6 +20,7 @@ 


class nsIDocShell;

class nsDeviceContext;

class nsIDOMWindow;



// Script "screen" object

class nsScreen : public nsDOMEventTargetHelper
@@ -121,6 +122,9 @@ protected: 
  nsDeviceContext* GetDeviceContext();

  nsresult GetRect(nsRect& aRect);

  nsresult GetAvailRect(nsRect& aRect);

  bool IsChrome();

  nsresult GetDOMWindow(nsIDOMWindow **aResult);

  nsresult GetWindowInnerRect(nsRect& aRect);



  mozilla::dom::ScreenOrientation mOrientation;