BB 43366: Do not use system accent color in inputs.
requested to merge pierov/tor-browser:bug_43366-widget-accent-color-leak into tor-browser-128.5.0esr-14.5-1
Merge Info
Issues
Resolves
- #43366
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
Related
- tor-browser#xxxxx
- mullvad-browser#xxxxx
- tor-browser-build#xxxxx
Merging
Target Branches
-
tor-browser
-!fixups
totor-browser
-specific commits, new features, security backports -
base-browser
andmullvad-browser
-!fixups
tobase-browser
-specific commits, new features to be shared withmullvad-browser
, and security backports-
⚠️ IMPORTANT: Please list thebase-browser
-specific commits which need to be cherry-picked to thebase-browser
andmullvad-browser
branches here
-
Target Channels
-
Alpha: esr128-14.5 -
Stable: esr128-14.0 -
Legacy: esr115-13.5
Backporting
Timeline
-
No Backport (preferred): patchset for the next major stable -
Immediate: patchset needed as soon as possible -
Next Minor Stable Release: patchset that needs to be verified in nightly before backport -
Eventually: patchset that needs to be verified in alpha before backport
(Optional) Justification
-
Emergency security update: patchset fixes CVEs, 0-days, etc -
Censorship event: patchset enables censorship circumvention -
Critical bug-fix: patchset fixes a bug in core-functionality -
Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc -
Sponsor required: patchset required for sponsor -
Localization: typos and other localization changes that should be also in the release branch -
Other: closes a fingerprinting vector. I don't have code to reliably exploit it (I managed to get my actual accent color only once!). The change is visible to the user, but should not change the behavior of pages.
Issue Tracking
-
Link resolved issues with appropriate Release Prep issue for changelog generation
Review
Request Reviewer
-
Request review from an applications developer depending on modified system: -
NOTE: if the MR modifies multiple areas, please
/cc
all the relevant reviewers (since Gitlab only allows 1 reviewer) - accessibility : @henry is this an a11y concern?
- android : clairehurst, dan
- build system : boklm
- extensions : ma1
- firefox internals (XUL/JS/XPCOM) : jwilde, ma1
- fonts : pierov
- frontend (implementation) : henry
- frontend (review) : donuts, morgan
- localization : henry, pierov
- macOS : clairehurst, dan
- nightly builds : boklm
- rebases/release-prep : dan, ma1, pierov, morgan
- security : jwilde, ma1
- signing : boklm, morgan
- updater : pierov
- windows : jwilde, morgan
- misc/other : pierov, morgan
-
NOTE: if the MR modifies multiple areas, please
Change Description
Widgets (such as <input>
) take your system accent color by default in some platforms (verified on Android, where there's a high chance you have a custom color, as recent enough versions of Android can offer you a custom theme based on your wallpaper).
getComputedStyle
was not enough for me to consistently reveal my custom color (luckily
How Tested
Flipped the pref in about:config, and noticed that my accent color was replaced with the same light blue we usually see on desktop.