TabTracker leaks information about existence of private tabs/windows despite lack of private browsing permission
Categories
(WebExtensions :: General, defect, P3)
Tracking
(Not tracked)
People
(Reporter: robwu, Assigned: mixedpuppy)
References
(Blocks 1 open bug)
Details
Attachments
(1 file, 1 obsolete file)
(deleted),
text/x-phabricator-request
|
Details |
There are several APIs that use the TabTracker
to map a tabId to a native tab. Since the TabTracker
is a singleton and unaware of the extension that is associated with the call, it's possible for an extension to learn whether private browsing mode is being used.
STR:
- Visit
about:debugging
and use "Debug" on any extension with a page action.
Make sure that the extension does not have access to private browsing mode (feature from bug ). - Run the following snippet to learn the current tab ID.
browser.tabs.create({}, tab => console.log(window.lastTabId = tab.id));
- Open a private browsing mode. The ID of that the tab in the new window is the result of step 2, plus one.
- Run the following snippet:
// lastTabId from step 2.
browser.tabs.get(lastTabId + 1).then(console.log, console.error);
browser.pageAction.hide(lastTabId + 1).then(() => console.log("tabId is valid"), console.error);
Expected:
Error: "Invalid tab ID: 9"
Error: "Invalid tab ID: 9"
Actual:
Error: "Invalid tab ID: 9"
tabId is valid
This difference in output can be used to detect whether there is a private browsing window.
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Comment 1•6 years ago
|
||
I reviewed all the use of tabTracker.getTab, outside of the example for determining that there is a private window, I don't see any way for data to leak. If data were to leak from the private window, this would be a high concern.
Comment hidden (obsolete) |
Comment hidden (obsolete) |
Assignee | ||
Comment 4•5 years ago
|
||
Assignee | ||
Updated•5 years ago
|
Comment 5•5 years ago
|
||
this issue seems to already have a patch in work, is something you may pick it up again?
Assignee | ||
Comment 6•5 years ago
|
||
probably at some point, the patch bitrotted and would have to be reworked. I don't see this as a big problem, but the patch does offer a bit of cleanup.
Updated•2 years ago
|
Reporter | ||
Updated•2 years ago
|
Description
•