Browse code
move manpages to docs, move torbutton to docs, update rewrite rules for new paths.
Andrew Lewman authored on 24/04/2014 16:39:20
Showing 1 changed files
| 1 | 1 |
deleted file mode 100644 |
| ... | ... |
@@ -1,50 +0,0 @@ |
| 1 |
-- Review of https://developer.mozilla.org/en/Firefox_4_for_developers |
|
| 2 |
- - Potential proxy issues |
|
| 3 |
- - DocShell and plugins inside createHTMLDocument? |
|
| 4 |
- - https://developer.mozilla.org/en/DOM/DOMImplementation.createHTMLDocument |
|
| 5 |
- - WebSockets? |
|
| 6 |
- - Media attributes? |
|
| 7 |
- - "buffered" |
|
| 8 |
- - "preload" |
|
| 9 |
- - new codecs? |
|
| 10 |
- - What the hell is a blob url? |
|
| 11 |
- - https://developer.mozilla.org/en/DOM/window.createBlobURL |
|
| 12 |
- - https://developer.mozilla.org/en/DOM/window.revokeBlobURL |
|
| 13 |
- - Seems only relevent to FS injection.. |
|
| 14 |
- - WebThreads are OK: |
|
| 15 |
- - https://developer.mozilla.org/En/Using_web_workers |
|
| 16 |
- - Network activity blocked by content policy |
|
| 17 |
- - Fingerprinting issues: |
|
| 18 |
- - New screen attributes |
|
| 19 |
- - https://developer.mozilla.org/en/DOM/window.mozInnerScreenX, Y |
|
| 20 |
- - High Res Animation Timers: |
|
| 21 |
- - https://developer.mozilla.org/en/DOM/window.mozAnimationStartTime |
|
| 22 |
- - https://developer.mozilla.org/en/DOM/Animations_using_MozBeforePaint |
|
| 23 |
- - 50-60hz max.. Can we leverage this? |
|
| 24 |
- - timeStamps on keystroke events |
|
| 25 |
- - https://developer.mozilla.org/en/DOM/event.timeStamp |
|
| 26 |
- - Bounding rectangles -> window sizes? |
|
| 27 |
- - Maybe not display sizes, but seems possible to fingerprint rendered |
|
| 28 |
- content size.. ugh. |
|
| 29 |
- - https://developer.mozilla.org/en/DOM/element.getBoundingClientRect |
|
| 30 |
- - https://developer.mozilla.org/en/dom:range |
|
| 31 |
- - CSS resize, media queries, etc.. |
|
| 32 |
- - WebGL may also expose screen properties and video card properties: |
|
| 33 |
- - https://developer.mozilla.org/en/WebGL |
|
| 34 |
- - https://www.khronos.org/registry/webgl/specs/1.0/#5.2 |
|
| 35 |
- - https://www.khronos.org/registry/webgl/specs/1.0/#5.11 |
|
| 36 |
- - SVG needs auditing. It may also expose absolute coords, but appears OK |
|
| 37 |
- - https://developer.mozilla.org/en/SVG/SVG_animation_with_SMIL |
|
| 38 |
- - Mouse events reveal desktop coordinates |
|
| 39 |
- - https://bugzilla.mozilla.org/show_bug.cgi?id=503943 |
|
| 40 |
- - https://developer.mozilla.org/en/DOM/Event/UIEvent/MouseEvent |
|
| 41 |
- - Actual screen dimensions not exposed |
|
| 42 |
- - Identifier Storage |
|
| 43 |
- - Content Secuity Properties may need clearing: |
|
| 44 |
- - https://developer.mozilla.org/en/Security/CSP |
|
| 45 |
- - STS cache needs clearing |
|
| 46 |
- - New window.history functions may allow state smuggling |
|
| 47 |
- - https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history |
|
| 48 |
- |
|
| 49 |
-- New Javascript hooking options may help improve Date() hooks: |
|
| 50 |
- - https://developer.mozilla.org/en/JavaScript/New_in_JavaScript/1.8.5 |
Browse code
Update design doc to reflect the planned shift from the Toggle Model to Tor Browser.
Mike Perry authored on 11/04/2011 06:55:29
Showing 1 changed files
| ... | ... |
@@ -17,6 +17,12 @@ |
| 17 | 17 |
- Fingerprinting issues: |
| 18 | 18 |
- New screen attributes |
| 19 | 19 |
- https://developer.mozilla.org/en/DOM/window.mozInnerScreenX, Y |
| 20 |
+ - High Res Animation Timers: |
|
| 21 |
+ - https://developer.mozilla.org/en/DOM/window.mozAnimationStartTime |
|
| 22 |
+ - https://developer.mozilla.org/en/DOM/Animations_using_MozBeforePaint |
|
| 23 |
+ - 50-60hz max.. Can we leverage this? |
|
| 24 |
+ - timeStamps on keystroke events |
|
| 25 |
+ - https://developer.mozilla.org/en/DOM/event.timeStamp |
|
| 20 | 26 |
- Bounding rectangles -> window sizes? |
| 21 | 27 |
- Maybe not display sizes, but seems possible to fingerprint rendered |
| 22 | 28 |
content size.. ugh. |
Browse code
Update Torbutton design doc.
Mike Perry authored on 05/04/2011 02:39:17
Showing 1 changed files
| ... | ... |
@@ -1,36 +1,44 @@ |
| 1 |
-- Major compatibility issues: |
|
| 2 |
- http://blog.mozilla.com/addons/2010/11/11/making-add-on-compatible-firefox-4/ |
|
| 3 |
- https://developer.mozilla.org/en/Extensions/Updating_extensions_for_Firefox_4 |
|
| 4 |
- https://developer.mozilla.org/en/XPCOM/XPCOM_changes_in_Gecko_2.0 |
|
| 5 |
- |
|
| 6 |
-- Key high level concerns: |
|
| 7 |
- - WebThreads |
|
| 8 |
- - https://developer.mozilla.org/En/Using_web_workers |
|
| 9 |
- - Network activity blocked by content policy |
|
| 10 |
- - What the hell is a blob url? |
|
| 11 |
- - https://developer.mozilla.org/en/DOM/window.createBlobURL |
|
| 12 |
- - https://developer.mozilla.org/en/DOM/window.revokeBlobURL |
|
| 13 |
- - Seems only relevent to FS injection.. |
|
| 14 |
- - WebSockets |
|
| 15 |
- - New window.history functions may allow state smuggling |
|
| 16 |
- - https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history |
|
| 17 |
- - New screen attributes |
|
| 18 |
- - https://developer.mozilla.org/en/DOM/window.mozInnerScreenX, Y |
|
| 19 |
- - Bounding rectangles -> window sizes? |
|
| 20 |
- - https://bugzilla.mozilla.org/show_bug.cgi?id=396392 |
|
| 21 |
- - Mouse events reveal desktop coordinates? |
|
| 22 |
- - https://bugzilla.mozilla.org/show_bug.cgi?id=503943 |
|
| 23 |
- - https://developer.mozilla.org/en/DOM/Event/UIEvent/MouseEvent |
|
| 24 |
- - DocShell and plugins inside createHTMLDocument? |
|
| 25 |
- - https://developer.mozilla.org/en/DOM/DOMImplementation.createHTMLDocument |
|
| 26 |
- - Media attributes |
|
| 27 |
- - "buffered" |
|
| 28 |
- - "preload" |
|
| 29 |
- - new codecs? |
|
| 30 |
- |
|
| 31 |
- |
|
| 32 |
- |
|
| 33 |
-- New fingerprinting threats: |
|
| 34 |
- - Lots of things are now available to CSS :( |
|
| 35 |
- |
|
| 1 |
+- Review of https://developer.mozilla.org/en/Firefox_4_for_developers |
|
| 2 |
+ - Potential proxy issues |
|
| 3 |
+ - DocShell and plugins inside createHTMLDocument? |
|
| 4 |
+ - https://developer.mozilla.org/en/DOM/DOMImplementation.createHTMLDocument |
|
| 5 |
+ - WebSockets? |
|
| 6 |
+ - Media attributes? |
|
| 7 |
+ - "buffered" |
|
| 8 |
+ - "preload" |
|
| 9 |
+ - new codecs? |
|
| 10 |
+ - What the hell is a blob url? |
|
| 11 |
+ - https://developer.mozilla.org/en/DOM/window.createBlobURL |
|
| 12 |
+ - https://developer.mozilla.org/en/DOM/window.revokeBlobURL |
|
| 13 |
+ - Seems only relevent to FS injection.. |
|
| 14 |
+ - WebThreads are OK: |
|
| 15 |
+ - https://developer.mozilla.org/En/Using_web_workers |
|
| 16 |
+ - Network activity blocked by content policy |
|
| 17 |
+ - Fingerprinting issues: |
|
| 18 |
+ - New screen attributes |
|
| 19 |
+ - https://developer.mozilla.org/en/DOM/window.mozInnerScreenX, Y |
|
| 20 |
+ - Bounding rectangles -> window sizes? |
|
| 21 |
+ - Maybe not display sizes, but seems possible to fingerprint rendered |
|
| 22 |
+ content size.. ugh. |
|
| 23 |
+ - https://developer.mozilla.org/en/DOM/element.getBoundingClientRect |
|
| 24 |
+ - https://developer.mozilla.org/en/dom:range |
|
| 25 |
+ - CSS resize, media queries, etc.. |
|
| 26 |
+ - WebGL may also expose screen properties and video card properties: |
|
| 27 |
+ - https://developer.mozilla.org/en/WebGL |
|
| 28 |
+ - https://www.khronos.org/registry/webgl/specs/1.0/#5.2 |
|
| 29 |
+ - https://www.khronos.org/registry/webgl/specs/1.0/#5.11 |
|
| 30 |
+ - SVG needs auditing. It may also expose absolute coords, but appears OK |
|
| 31 |
+ - https://developer.mozilla.org/en/SVG/SVG_animation_with_SMIL |
|
| 32 |
+ - Mouse events reveal desktop coordinates |
|
| 33 |
+ - https://bugzilla.mozilla.org/show_bug.cgi?id=503943 |
|
| 34 |
+ - https://developer.mozilla.org/en/DOM/Event/UIEvent/MouseEvent |
|
| 35 |
+ - Actual screen dimensions not exposed |
|
| 36 |
+ - Identifier Storage |
|
| 37 |
+ - Content Secuity Properties may need clearing: |
|
| 38 |
+ - https://developer.mozilla.org/en/Security/CSP |
|
| 39 |
+ - STS cache needs clearing |
|
| 40 |
+ - New window.history functions may allow state smuggling |
|
| 41 |
+ - https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history |
|
| 36 | 42 |
|
| 43 |
+- New Javascript hooking options may help improve Date() hooks: |
|
| 44 |
+ - https://developer.mozilla.org/en/JavaScript/New_in_JavaScript/1.8.5 |
Browse code
Update FF bugs in design doc and add FF4.0 notes.
Mike Perry authored on 26/03/2011 00:31:40
Showing 1 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,36 @@ |
| 1 |
+- Major compatibility issues: |
|
| 2 |
+ http://blog.mozilla.com/addons/2010/11/11/making-add-on-compatible-firefox-4/ |
|
| 3 |
+ https://developer.mozilla.org/en/Extensions/Updating_extensions_for_Firefox_4 |
|
| 4 |
+ https://developer.mozilla.org/en/XPCOM/XPCOM_changes_in_Gecko_2.0 |
|
| 5 |
+ |
|
| 6 |
+- Key high level concerns: |
|
| 7 |
+ - WebThreads |
|
| 8 |
+ - https://developer.mozilla.org/En/Using_web_workers |
|
| 9 |
+ - Network activity blocked by content policy |
|
| 10 |
+ - What the hell is a blob url? |
|
| 11 |
+ - https://developer.mozilla.org/en/DOM/window.createBlobURL |
|
| 12 |
+ - https://developer.mozilla.org/en/DOM/window.revokeBlobURL |
|
| 13 |
+ - Seems only relevent to FS injection.. |
|
| 14 |
+ - WebSockets |
|
| 15 |
+ - New window.history functions may allow state smuggling |
|
| 16 |
+ - https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history |
|
| 17 |
+ - New screen attributes |
|
| 18 |
+ - https://developer.mozilla.org/en/DOM/window.mozInnerScreenX, Y |
|
| 19 |
+ - Bounding rectangles -> window sizes? |
|
| 20 |
+ - https://bugzilla.mozilla.org/show_bug.cgi?id=396392 |
|
| 21 |
+ - Mouse events reveal desktop coordinates? |
|
| 22 |
+ - https://bugzilla.mozilla.org/show_bug.cgi?id=503943 |
|
| 23 |
+ - https://developer.mozilla.org/en/DOM/Event/UIEvent/MouseEvent |
|
| 24 |
+ - DocShell and plugins inside createHTMLDocument? |
|
| 25 |
+ - https://developer.mozilla.org/en/DOM/DOMImplementation.createHTMLDocument |
|
| 26 |
+ - Media attributes |
|
| 27 |
+ - "buffered" |
|
| 28 |
+ - "preload" |
|
| 29 |
+ - new codecs? |
|
| 30 |
+ |
|
| 31 |
+ |
|
| 32 |
+ |
|
| 33 |
+- New fingerprinting threats: |
|
| 34 |
+ - Lots of things are now available to CSS :( |
|
| 35 |
+ |
|
| 36 |
+ |