GitLab

We currently have Javascript hooks in Torbutton to spoof our desktop resolution, but this information is now available due to CSS3 media queries. We need to patch Firefox at a deeper level to prevent any pieces of it from obtaining valid desktop resolution information.

This could work as an about:config approach that tells the patch to either spoof the next largest common desktop size that is bigger than the window, or to a specific fixed size, or to the size of the content window (as if the content window only was the entire desktop).

We'll also want to try to remap mouse event coordinates back to this spoofed desktop: https://developer.mozilla.org/en/DOM/Event/UIEvent/MouseEvent

Spoofing the content window to the desktop size is the cleanest approach that leaks the least information, but the Panopticlick test makes people believe that they are always unique because this is such a rare thing to do relative to the rest of the web, so people are always wrongly complaining we don't defend against Panopticlick :/