[webkit-dev] Implementing OffscreenCanvas

John Wilander wilander at apple.com
Thu Oct 10 10:18:26 PDT 2019


> On Oct 10, 2019, at 9:42 AM, Maciej Stachowiak <mjs at apple.com> wrote:
> 
> For clarity, it’s already possible to render to a regular canvas offscreen. The <canvas> can be hidden using any of the techniques that can make any other canvas invisible. Name notwithstanding, OffscreenCanvas is mainly about being able to render from a Worker, not about enabling rendering offscreen.
> 
> Thus, I would not expect it to make it easier to invisibly fingerprint using canvas.

My thinking here is that viable mitigations for device fingerprinting could be requiring a Canvas to be visible on screen or even for it to get user interaction before it’ll get access to hardware acceleration. Such restrictions would make it harder for tracking scripts to get away with GPU fingerprinting that the site owner never wanted or accepted. If we allow offscreen Canvas in workers, site owners will stay in the dark and we can’t tie user interaction to it.

   Regards, John

>> On Oct 10, 2019, at 9:32 AM, Chris Lord <clord at igalia.com> wrote:
>> 
>> Hi John,
>> 
>> I don't know what the current state is of counter-measures for such an
>> attack, but I don't immediately imagine OffscreenCanvas would make them
>> more effective. The patch series doesn't add any new rendering paths, so
>> whatever was possible before will likely still be possible and whatever
>> wasn't will hopefully still not be possible. That said, I'll look into
>> this and discuss it with some people that will know better than me and
>> try to get a better picture.
>> 
>> Thanks,
>> 
>> Chris
>> 
>> On 2019-10-10 17:32, John Wilander wrote:
>>> Hi Chris!
>>> 
>>> Canvas is a very popular GPU fingerprinting vector and allowing it
>>> offscreen sounds like a more convenient way to perform such an attack
>>> on user privacy. Do you know if Blink or Gecko have elaborated on
>>> this? What is your assessment?
>>> 
>>> Given the cross-engine effort to fight device fingerprinting and
>>> WebKit and Gecko’s recently published tracking prevention policies, we
>>> should do a threat analysis of this feature.
>>> 
>>>  Regards, John
>>> 
>>>> On Oct 10, 2019, at 4:24 AM, Chris Lord <clord at igalia.com> wrote:
>>>> 
>>>> Hi all,
>>>> 
>>>> I've spent the last month or so 'finishing' the implementation of
>>>> OffscreenCanvas[1], based on Žan Doberšek's work from a year ago[2].
>>>> OffscreenCanvas is an API for being able to use canvas drawing without a
>>>> visible canvas, and from within Workers. It's supported by Blink and has
>>>> partial support in Gecko.
>>>> 
>>>> It's at the point now where I'd consider it a finished draft - it is
>>>> almost fully implemented and passes the majority of relevant tests in a
>>>> debug build without crashing, but has some areas that need completion on
>>>> other platforms (async drawing on non-Linux) and some missing parts (Web
>>>> Inspector, ImageBitmapRenderingContext). It almost certainly needs
>>>> reworking in places.
>>>> 
>>>> My work is on GitHub[3] - I'd like to solicit reviews and comment. Some
>>>> of the bugs hanging off [2] have patches that need review and I think
>>>> are near ready to being landable as the foundation of this work. It is
>>>> broadly split up like so:
>>>> 
>>>> - Refactor to move functionality from HTMLCanvasElement to CanvasBase
>>>> - Refactor to not unnecessarily require HTMLCanvasElement in places
>>>> - Implement OffscreenCanvas functionality
>>>> - Make font loading/styling usable from a Worker and without a Document
>>>> - Implement AnimationFrameProvider on DedicatedWorkerGlobalScope
>>>> - Implement asynchronous drawing updates on placeholder canvases
>>>> 
>>>> I expect the font-related stuff to be the most contentious, and my
>>>> AnimationFrameProvider implementation may be too trivial (but might be
>>>> ok for a first go?)
>>>> 
>>>> All feedback appreciated. Best regards,
>>>> 
>>>> Chris
>>>> 
>>>> [1]
>>>> https://html.spec.whatwg.org/multipage/canvas.html#the-offscreencanvas-interface
>>>> [2] https://bugs.webkit.org/show_bug.cgi?id=183720
>>>> [3] https://github.com/Cwiiis/webkit/tree/offscreen-canvas
>>>> _______________________________________________
>>>> webkit-dev mailing list
>>>> webkit-dev at lists.webkit.org
>>>> https://lists.webkit.org/mailman/listinfo/webkit-dev
>> _______________________________________________
>> webkit-dev mailing list
>> webkit-dev at lists.webkit.org
>> https://lists.webkit.org/mailman/listinfo/webkit-dev
> 



More information about the webkit-dev mailing list