From 947d9e0c59509af7608157968649c56590ff9351 Mon Sep 17 00:00:00 2001 From: kkapsner Date: Thu, 25 Oct 2018 13:42:18 +0200 Subject: [PATCH] added "share persistent randomness between domains" Fixes #290 --- _locales/de/messages.json | 20 ++++++++++++++++++++ _locales/en/messages.json | 23 ++++++++++++++++++++++- lib/randomSupplies.js | 3 +++ lib/settingDefinitions.js | 4 ++++ options/options.js | 26 ++++++++++++++++++++++++++ options/optionsGui.js | 26 +++++++++++++++++++++----- options/sanitationRules.js | 18 ++++++++++++++++++ options/settingsDisplay.js | 16 ++++++++++++++++ releaseNotes.txt | 1 + 9 files changed, 131 insertions(+), 6 deletions(-) diff --git a/_locales/de/messages.json b/_locales/de/messages.json index 71e0fb9..71eec46 100644 --- a/_locales/de/messages.json +++ b/_locales/de/messages.json @@ -455,6 +455,18 @@ "message": "Leeren", "description": "" }, + "sharePersistentRndBetweenDomains_title": { + "message": "Persistente Zufallszahlen zwischen Domains teilen", + "description": "" + }, + "sharePersistentRndBetweenDomains_description": { + "message": "ACHTUNG: diese Einstellung macht den Browser 100% eindeutig identifizierbar und ist damit eine Gefährdung Ihrer Privatsphäre.", + "description": "" + }, + "sharePersistentRndBetweenDomains_confirmMessage": { + "message": "Sind Sie sicher, dass sie die persistenten Zufallszahlen zwischen Domains teilen wollen?\nACHTUNG: dies macht den Browser 100% eindeutig identifizierbar und ist damit eine Gefährdung Ihrer Privatsphäre.", + "description": "" + }, "ignoreFrequentColors_title": { "message": "Ignoriere die häufigsten Farben", "description": "" @@ -1107,6 +1119,10 @@ "message": "Leistung", "description": "" }, + "sanitation_ruleset.privacy": { + "message": "Privatsphäre", + "description": "" + }, "sanitation_error.unnecessaryURLValue": { "message": "Der URL-Wert für \"{url}\" ist identisch zur globalen Einstellung für \"{setting-title}\".", "description": "" @@ -1182,5 +1198,9 @@ "sanitation_error.storeImage": { "message": "Bilder für Betrachtung zu speichern führt zu einem hohen RAM-Verbrauch.", "description": "" + }, + "sanitation_error.doNotSharePersistentRndBetweenDomains": { + "message": "Teilen Sie die persistenten Zufallszahlen nicht zwischen Domains, da dies den Browser 100% eindeutig identifizierbar macht.", + "description": "" } } \ No newline at end of file diff --git a/_locales/en/messages.json b/_locales/en/messages.json index 1667882..d25c3d7 100644 --- a/_locales/en/messages.json +++ b/_locales/en/messages.json @@ -339,7 +339,7 @@ "description": "" }, "protectedCanvasPart_description": { - "message": "readout: the readout features of the canvas API are protected.\n\ninput: the input features of the canvas API are protected. With blocking mode \"fake\" the drawn pixels get modified slightly when displaying text . This makes the detection of the add-on harder but is less secure. With WebGL canvases the behaviour is identical to \"readout\".\n\neverything: both the readout and input features are protected. It's not recommended to use this with \"fake\" block mode as it increases the probability to be detected.", + "message": "readout: the readout features of the canvas API are protected.\n\ninput: the input features of the canvas API are protected. With blocking mode \"fake\" the drawn pixels get modified slightly when displaying text. This makes the detection of the add-on harder but is less secure. With WebGL canvases the behaviour is identical to \"readout\".\n\neverything: both the readout and input features are protected. It's not recommended to use this with \"fake\" block mode as it increases the probability to be detected.", "description": "" }, "protectedCanvasPart_options.input": { @@ -480,6 +480,19 @@ "description": "" }, + "sharePersistentRndBetweenDomains_title": { + "message": "Share persistent randomness between domains", + "description": "" + }, + "sharePersistentRndBetweenDomains_description": { + "message": "CAUTION: this setting makes the browser 100% trackable and is therefore a threat to your privacy.", + "description": "" + }, + "sharePersistentRndBetweenDomains_confirmMessage": { + "message": "Are you really sure you want to share the persistent randomness between domains?\nCAUTION: this makes the browser 100% trackable and is therefore a threat to your privacy.", + "description": "" + }, + "ignoreFrequentColors_title": { "message": "Ignore the most frequent colors", "description": "" @@ -1159,6 +1172,10 @@ "message": "Performance", "description": "" }, + "sanitation_ruleset.privacy": { + "message": "Privacy", + "description": "" + }, "sanitation_error.unnecessaryURLValue": { "message": "URL value for \"{url}\" is the same as the global setting for \"{setting-title}\".", "description": "" @@ -1234,5 +1251,9 @@ "sanitation_error.storeImage": { "message": "Storing the image for inspection has a high RAM footprint.", "description": "" + }, + "sanitation_error.doNotSharePersistentRndBetweenDomains": { + "message": "Do not share persistent randomness between domains because this makes the browser 100% trackable.", + "description": "" } } diff --git a/lib/randomSupplies.js b/lib/randomSupplies.js index f581054..10dcfa6 100644 --- a/lib/randomSupplies.js +++ b/lib/randomSupplies.js @@ -66,6 +66,9 @@ const settings = require("./settings"); function getDomain(window){ + if (settings.sharePersistentRndBetweenDomains){ + return "shared://domain"; + } if (!window.location.href || window.location.href === "about:blank"){ if (window !== window.parent){ return getDomain(window.parent); diff --git a/lib/settingDefinitions.js b/lib/settingDefinitions.js index c63f14c..e41fc14 100644 --- a/lib/settingDefinitions.js +++ b/lib/settingDefinitions.js @@ -162,6 +162,10 @@ name: "lastPersistentRndClearing", defaultValue: 0 }, + { + name: "sharePersistentRndBetweenDomains", + defaultValue: false + }, { name: "askOnlyOnce", defaultValue: "individual", diff --git a/options/options.js b/options/options.js index e4a2844..91fa1fd 100644 --- a/options/options.js +++ b/options/options.js @@ -254,6 +254,8 @@ }; addSection(); + const beforeChangeEventListeners = {}; + const {hide: hideContainer, expand: expandContainer} = settings.getContainers(); settingsDisplay.forEach(function(display){ if (typeof display === "string"){ @@ -291,6 +293,22 @@ if (setting){ setting.display = display; + let originalSet = setting.set; + if (originalSet){ + const eventListeners = []; + beforeChangeEventListeners[setting.name] = eventListeners; + setting.set = function(...args){ + if (eventListeners.every(function(listener){ + return listener.call(setting, ...args); + })){ + return originalSet.apply(this, args); + } + else { + return false; + } + } + } + let hideChangeListeners = []; setting.setHide = function setHide(value){ if (hideContainer){ @@ -416,6 +434,14 @@ } } }); + beforeChangeEventListeners.sharePersistentRndBetweenDomains.push(function(value){ + if (value){ + if (!confirm(browser.i18n.getMessage("sharePersistentRndBetweenDomains_confirmMessage"))){ + return false; + } + } + return true; + }); }); searchInput.search(); diff --git a/options/optionsGui.js b/options/optionsGui.js index 415e720..1b34127 100644 --- a/options/optionsGui.js +++ b/options/optionsGui.js @@ -128,9 +128,13 @@ setting.on(function(){type.updateCallback(input, setting.get(url));}, url); input.addEventListener("change", function(){ var value = type.getValue(input); - setting.set(value, url); - logging.message("changed setting", setting.name, ":", value); - + if (setting.set(value, url)){ + logging.message("changed setting", setting.name, ":", value); + } + else { + type.updateCallback(input, setting.get(url)); + logging.message("setting", setting.name, "was not changed"); + } }); } else if (setting.keys){ @@ -189,8 +193,20 @@ container = setting.defaultValue; } container[key] = value; - setting.set(container, url); - logging.message("changed setting", setting.name, "(", key, "):", value); + if (setting.set(container, url)){ + logging.message("changed setting", setting.name, "(", key, "):", value); + } + else { + container = setting.get(url); + keyType.updateCallback( + keyInput, + container && container.hasOwnProperty(key)? + container[key]: + setting.defaultKeyValue, + url + ); + logging.message("setting", setting.name, "(", key, ") was not changed"); + } }); input.appendChild(row); }); diff --git a/options/sanitationRules.js b/options/sanitationRules.js index 2562914..844874b 100644 --- a/options/sanitationRules.js +++ b/options/sanitationRules.js @@ -279,5 +279,23 @@ } } }, + { + name: "privacy", + check: function(errorCallback){ + if (settings.sharePersistentRndBetweenDomains){ + errorCallback({ + message: browser.i18n.getMessage("sanitation_error.doNotSharePersistentRndBetweenDomains"), + severity: "high", + resolutions: [{ + label: browser.i18n.getMessage("sanitation_resolution.disableFlag") + .replace(/{flag}/g, browser.i18n.getMessage("sharePersistentRndBetweenDomains_title")), + callback: function(){ + settings.sharePersistentRndBetweenDomains = false; + } + }] + }); + } + } + }, ]; }()); \ No newline at end of file diff --git a/options/settingsDisplay.js b/options/settingsDisplay.js index ddb1a46..a88efb3 100644 --- a/options/settingsDisplay.js +++ b/options/settingsDisplay.js @@ -99,6 +99,22 @@ } ] }, + { + "name": "sharePersistentRndBetweenDomains", + "displayDependencies": [ + { + "blockMode": ["fake"], + "rng": ["persistent"], + "displayAdvancedSettings": [true] + }, + { + "blockMode": ["ask"], + "askDenyMode": ["fake"], + "rng": ["persistent"], + "displayAdvancedSettings": [true] + } + ] + }, "notifications", { "name": "showNotifications" diff --git a/releaseNotes.txt b/releaseNotes.txt index 04c2144..9d56e45 100644 --- a/releaseNotes.txt +++ b/releaseNotes.txt @@ -8,6 +8,7 @@ Version 0.5.6: - highlight "hide" icon when "tabing" to it - made url specific values manageable with "tabing" - added setting "protected canvas part" to decouple block mode from part + - added "share persistent randomness between domains" fixes: - constant rng did not work properly when protecting input