Investigate fingerprinting capability of viewport API

I am not sure if this is an issue for TB. I do not have a touch device on which to install TB8. But since Tor Uplift's RFP underlines this protection, it might be prudent for someone to check it out.

My Android has a low screen res, the web content loads at a higher res - when I pinch to zoom and re-run/refresh: the viewport shows entropy. Ignore the css media measurements. Just focus on the five JS results: screen, available screen, outer, inner and viewport

Control

device should not be hidpi/retina/whatever-you-call-it
load test page [1]
all the widths/heights (except viewport: e.g 17px less width) should be the same (i.e 1000 x 1000)
zoom in to 133%
refresh or rerun button
all the widths/heights (except viewport e.g 13px less width) should be the same (e.g 750 x 750)

STR

device should be hidpi
load the test page
all the widths/heights (except viewport) should be the same (e.g 980 x 1522)
zoom in (fingers on a touch device)
scroll to the left and hit re-run tests
scroll back to the right and viewport is still based on the old value
also, in the pic in [2] css media still shows it's using the old values (980) (ignore that it's missing the height values: not sure why it does that: I think it's because it hits a fraction, I see the same thing on desktop)

Is this just a quirk? Or is the viewport not properly spoofed in all situations?

[1] https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html#screen [2] https://github.com/ghacksuserjs/TorZillaPrint/issues/34

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information