Whitelist fonts by filename rather than font name

In #13313 (moved) we whitelisted fonts by file name. But as dcf points out, it would be ideal to whitelist bundled fonts only, using the font file path. As far as I can tell this will need to be implemented separately for Windows, Mac, and Linux.

added component::applications/tor browser owner::tbb-team parent::18097 priority::medium severity::normal status::new tbb-fingerprinting-fonts type::enhancement labels

So I tried a simple and dumb thing to disable system fonts with Fontconfig, and it mostly works! All I did was comment out FcSetSystem leaving only FcSetApplication. I tested this patch on top of tbb-5.0a4-build2; i.e., with the Noto fonts installed but without the font whitelisting patch of #13313 (moved).

--- a/gfx/thebes/gfxFontconfigUtils.cpp
+++ b/gfx/thebes/gfxFontconfigUtils.cpp
@@ -589,9 +589,9 @@ gfxFontconfigUtils::UpdateFontListInternal(bool aForce)
 
     // These FcFontSets are owned by fontconfig
     FcFontSet *fontSets[] = {
-        FcConfigGetFonts(currentConfig, FcSetSystem)
+        // FcConfigGetFonts(currentConfig, FcSetSystem),
 #ifdef MOZ_BUNDLED_FONTS
-        , FcConfigGetFonts(currentConfig, FcSetApplication)
+        FcConfigGetFonts(currentConfig, FcSetApplication),
 #endif
     };
 
@@ -809,9 +809,9 @@ gfxFontconfigUtils::AddFullnameEntries()
 {
     // These FcFontSets are owned by fontconfig
     FcFontSet *fontSets[] = {
-        FcConfigGetFonts(nullptr, FcSetSystem)
+        // FcConfigGetFonts(nullptr, FcSetSystem),
 #ifdef MOZ_BUNDLED_FONTS
-        , FcConfigGetFonts(nullptr, FcSetApplication)
+        FcConfigGetFonts(nullptr, FcSetApplication),
 #endif
     };
 
@@ -979,9 +979,9 @@ gfxFontconfigUtils::GetLangSupportEntry(const FcChar8 *aLang, bool aWithFonts)
 
     // These FcFontSets are owned by fontconfig
     FcFontSet *fontSets[] = {
-        FcConfigGetFonts(nullptr, FcSetSystem)
+        // FcConfigGetFonts(nullptr, FcSetSystem),
 #ifdef MOZ_BUNDLED_FONTS
-        , FcConfigGetFonts(nullptr, FcSetApplication)
+        FcConfigGetFonts(nullptr, FcSetApplication),
 #endif
     };
 

It seems like the only negative side effect of the patch is an extension of the monospace font thing in comment:6:ticket:16672. Not only is it monospace in the tab titles and URL bar, but also Latin text in web pages is rendered using the monospace Cousine font. This might just be because the branch I built did not have the font prefs that came along with the whitelisting patch.

(BTW we [[comment:1:ticket:13313|already know]] that you can whitelist a directory in Fontconfig using fonts.conf; this is another way.)

Trac:
Cc: dcf to dcf, gk

Trac:
Parent: N/A to 18097

Trac:
Parent: 18097 to #18097 (moved)

Set all open tickets without a severity to "Normal"

Trac:
Severity: N/A to Normal

mentioned in issue #17250 (moved)

mentioned in issue #18097 (moved)

mentioned in issue #18097 (moved)

moved to tpo/applications/tor-browser#16739 (closed)

mentioned in issue tpo/applications/tor-browser#18097 (closed)