Bug 41135: disable allowing ofsccreen buffer access for specific domains (!397) · Merge requests · The Tor Project / Applications / Tor Browser

Dan Ballard requested to merge dan/tor-browser:bug_41135 into tor-browser-102.3.0esr-12.0-2 Oct 14, 2022

disable the new settings introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1749323 so that we don't allow certain domains access to offscreen buffers.

Overrides defaults in StaticPrefList.yaml of

# Enable OffscreenCanvas based on the domain allowlist.
- name: gfx.offscreencanvas.domain-enabled
  type: RelaxedAtomicBool
  value: true
  mirror: always

# Domains included in the allowlist.
- name: gfx.offscreencanvas.domain-allowlist
  type: String
  value: "*.zoom.us,zoom.us"
  mirror: never

which are unsafe

Edited Oct 14, 2022 by Dan Ballard

Bug 41135: disable allowing ofsccreen buffer access for specific domains

Merge request reports