[webkit-changes] [WebKit/WebKit] 8e854f: Refactor some logic for applying noise injection t...

Wenson Hsieh noreply at github.com
Fri Sep 20 09:00:52 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 8e854f3eec7d4e639e016f021ee88cea21bf3575
      https://github.com/WebKit/WebKit/commit/8e854f3eec7d4e639e016f021ee88cea21bf3575
  Author: Wenson Hsieh <wenson_hsieh at apple.com>
  Date:   2024-09-20 (Fri, 20 Sep 2024)

  Changed paths:
    M Source/WebCore/Modules/webaudio/BaseAudioContext.cpp
    M Source/WebCore/Modules/webaudio/RealtimeAnalyser.cpp
    M Source/WebCore/html/CanvasBase.cpp
    M Source/WebCore/html/CanvasBase.h
    M Source/WebCore/html/HTMLCanvasElement.cpp
    M Source/WebCore/html/OffscreenCanvas.cpp
    M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
    M Source/WebCore/loader/DocumentLoader.cpp
    M Source/WebCore/loader/DocumentLoader.h
    M Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp
    M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
    M Tools/TestWebKitAPI/Tests/WebKit/AdvancedPrivacyProtections.mm
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/audio-fingerprinting.html
    A Tools/TestWebKitAPI/Tests/WebKitCocoa/audio-fingerprinting.js
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/canvas-fingerprinting.html
    A Tools/TestWebKitAPI/Tests/WebKitCocoa/canvas-fingerprinting.js

  Log Message:
  -----------
  Refactor some logic for applying noise injection to canvas and web audio in Private Browsing
https://bugs.webkit.org/show_bug.cgi?id=280010

Reviewed by Abrar Rahman Protyasha.

Adjust codepaths for injecting noise into canvas and web-audio-related APIs.

* Source/WebCore/Modules/webaudio/BaseAudioContext.cpp:
(WebCore::effectiveNoiseInjectionPolicies):
(WebCore::BaseAudioContext::BaseAudioContext):

Set `m_noiseInjectionPolicies`, based on the current script telemetry state.

* Source/WebCore/Modules/webaudio/RealtimeAnalyser.cpp:
(WebCore::RealtimeAnalyser::doFFTAnalysisIfNecessary):

Honor `NoiseInjectionPolicy::Enhanced`.

* Source/WebCore/html/CanvasBase.cpp:

Set `m_canvasNoiseHashSalt`, based on the current script telemetry state.

(WebCore::CanvasBase::createImageForNoiseInjection const):
* Source/WebCore/html/CanvasBase.h:
* Source/WebCore/html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::toDataURL):
(WebCore::HTMLCanvasElement::toBlob):

Apply additional mitigations to a subset of APIs, to make it impossible to use side channels (e.g.
timing attacks) to infer further details about the underlying OS or hardware.

* Source/WebCore/html/OffscreenCanvas.cpp:
(WebCore::OffscreenCanvas::convertToBlob):
* Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::getImageData const):
* Source/WebCore/loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::fingerprintingProtectionsEnabled const): Deleted.
* Source/WebCore/loader/DocumentLoader.h:

Drive-by fix: delete an unused method.

* Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp:
(WebCore::WorkerOrWorkletGlobalScope::noiseInjectionPolicies const):
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKit/AdvancedPrivacyProtections.mm:
(TestWebKitAPI::TEST(AdvancedPrivacyProtections, VerifyHashFromNoisyCanvas2DAPI)):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm:
(TestWebKitAPI::TEST(SiteIsolation, AdvancedPrivacyProtectionsHideScreenMetricsFromBindings)):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/audio-fingerprinting.html:

Pull the JavaScript utility functions for computing web audio hashes out into a new file,
`audio-fingerprinting.js`, so that we can use it for another test suite.

* Tools/TestWebKitAPI/Tests/WebKitCocoa/audio-fingerprinting.js: Copied from Tools/TestWebKitAPI/Tests/WebKitCocoa/audio-fingerprinting.html.
(combineSamples):
(waitForAudioProcess):
(async testOscillatorCompressor):
(testOscillatorCompressorWorklet):
(async testOscillatorCompressorAnalyzer):
(async testLoopingOscillatorCompressorBiquadFilter.extractFingerprint):
(async testLoopingOscillatorCompressorBiquadFilter.getMean):
(async testLoopingOscillatorCompressorBiquadFilter.stabilize):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/canvas-fingerprinting.html:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/canvas-fingerprinting.js: Copied from Tools/TestWebKitAPI/Tests/WebKitCocoa/canvas-fingerprinting.html.

Pull the JavaScript utility functions for computing web audio hashes out into a new file,
`canvas-fingerprinting.js`, so that we can use it for another test suite.

(async digestMessage):
(fullHorizontalLinearGradientCanvasImageData):
(fullVerticalLinearGradientCanvasImageData):
(fullRadialGradientCanvasImageData):
(webGLGradientCanvasDataURL):
(fullTextCanvasImageData):
(initialCanvasImageDataAsObject):
(isHorizontalLinearGradientCanvasGradient):
(isVerticalLinearGradientCanvasGradient):
(initialTextCanvasImageDataAsObject):
(initialHorizontalLinearGradientCanvasImageDataAsObject):
(initialVerticalLinearGradientCanvasImageDataAsObject):
(initialRadialGradientCanvasImageDataAsObject):
(async fullCanvasHash):

Canonical link: https://commits.webkit.org/283985@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list