Skip to content
This repository has been archived by the owner. It is now read-only.

block access to fingerprinting methods pulled from child frames issue #11683 #11708

Merged
merged 1 commit into from Oct 31, 2017

Conversation

@pes10k
Copy link
Contributor

pes10k commented Oct 27, 2017

@diracdeltas

This PR fixes #11683. The fix is a little funky, since it requires injecting JS into child pages (the chrome.webFrame.setGlobal method wont work here, since we need to call to Object.definePropery) but it should be good.

Added a blocking access to fingerprinting methods on iframe.contentWindow test to test that things are actually getting blocked

return proxyObject()
}
}

This comment has been minimized.

@diracdeltas

diracdeltas Oct 30, 2017 Member

minor: line ends in whitespace

@pes10k pes10k force-pushed the pes10k:11683-block-iframe-content-window branch from 2e8e339 to 5c62739 Oct 30, 2017
@codecov-io
Copy link

codecov-io commented Oct 30, 2017

Codecov Report

Merging #11708 into master will decrease coverage by 0.03%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master   #11708      +/-   ##
==========================================
- Coverage   52.01%   51.98%   -0.04%     
==========================================
  Files         269      269              
  Lines       25534    25534              
  Branches     4069     4069              
==========================================
- Hits        13282    13273       -9     
- Misses      12252    12261       +9
Flag Coverage Δ
#unittest 51.98% <ø> (-0.04%) ⬇️
Impacted Files Coverage Δ
js/stores/appStoreRenderer.js 91.17% <0%> (-8.83%) ⬇️
app/renderer/components/reduxComponent.js 84.37% <0%> (-6.25%) ⬇️
js/stores/windowStore.js 27.27% <0%> (-0.31%) ⬇️
@pes10k
Copy link
Contributor Author

pes10k commented Oct 30, 2017

@diracdeltas fixed the white space issue (and removed the semicolons, I know you all don't use them), and re-squashed. I think this should be good, as far as I know

@bbondy bbondy merged commit d1b6b52 into brave:master Oct 31, 2017
1 of 3 checks passed
1 of 3 checks passed
codecov/project 51.98% (-0.04%) compared to 41a0523
Details
continuous-integration/travis-ci/pr The Travis CI build failed
Details
codecov/patch Coverage not affected when comparing 41a0523...5c62739
Details
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
@bbondy
Copy link
Member

bbondy commented Oct 31, 2017

master: d1b6b52
0.21.x: 1b5a5c1
0.20.x: 50c2b8d
0.19.x: bd39b78

@bbondy
Copy link
Member

bbondy commented Nov 2, 2017

Sorry but I had to revert this because of #11751
Please do a new pull request for this when that one is addressed. I moved it into 0.19.x hotfix 4.

@pes10k
Copy link
Contributor Author

pes10k commented Nov 2, 2017

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

6 participants
You can’t perform that action at this time.