Skip to content
This repository has been archived by the owner on Dec 11, 2019. It is now read-only.

block access to fingerprinting methods pulled from child frames issue #11683 #11708

Merged
merged 1 commit into from Oct 31, 2017
Merged

block access to fingerprinting methods pulled from child frames issue #11683 #11708

merged 1 commit into from Oct 31, 2017

Conversation

pes10k
Copy link
Contributor

@pes10k pes10k commented Oct 27, 2017

@diracdeltas

This PR fixes #11683. The fix is a little funky, since it requires injecting JS into child pages (the chrome.webFrame.setGlobal method wont work here, since we need to call to Object.definePropery) but it should be good.

Added a blocking access to fingerprinting methods on iframe.contentWindow test to test that things are actually getting blocked

return proxyObject()
}
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor: line ends in whitespace

@codecov-io
Copy link

codecov-io commented Oct 30, 2017

Codecov Report

Merging #11708 into master will decrease coverage by 0.03%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master   #11708      +/-   ##
==========================================
- Coverage   52.01%   51.98%   -0.04%     
==========================================
  Files         269      269              
  Lines       25534    25534              
  Branches     4069     4069              
==========================================
- Hits        13282    13273       -9     
- Misses      12252    12261       +9
Flag Coverage Δ
#unittest 51.98% <ø> (-0.04%) ⬇️
Impacted Files Coverage Δ
js/stores/appStoreRenderer.js 91.17% <0%> (-8.83%) ⬇️
app/renderer/components/reduxComponent.js 84.37% <0%> (-6.25%) ⬇️
js/stores/windowStore.js 27.27% <0%> (-0.31%) ⬇️

@pes10k
Copy link
Contributor Author

pes10k commented Oct 30, 2017

@diracdeltas fixed the white space issue (and removed the semicolons, I know you all don't use them), and re-squashed. I think this should be good, as far as I know

@bbondy bbondy merged commit d1b6b52 into brave:master Oct 31, 2017
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
bbondy added a commit that referenced this pull request Oct 31, 2017
block access to fingerprinting methods pulled from child frames issue #11683
@bbondy
Copy link
Member

bbondy commented Oct 31, 2017

master: d1b6b52
0.21.x: 1b5a5c1
0.20.x: 50c2b8d
0.19.x: bd39b78

@bbondy
Copy link
Member

bbondy commented Nov 2, 2017

Sorry but I had to revert this because of #11751
Please do a new pull request for this when that one is addressed. I moved it into 0.19.x hotfix 4.

@pes10k
Copy link
Contributor Author

pes10k commented Nov 2, 2017 via email

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fingerprinting protections bypassable
6 participants