RISCI_ATOM
/
ungoogled-chromium
mirror of https://github.com/Eloston/ungoogled-chromium.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343
							# Adds two flags:
# 1. --fingerprinting-client-rects-noise to enable fingerprinting deception for Range::getClientRects and Element::getBoundingClientRect
# 2. --fingerprinting-canvas-measuretext-noise to enable fingerprinting deception for Canvas::measureText
# Tweaks based on https://github.com/bromite/bromite/blob/b1bc96bbd9ec549cf496e87f487a0ac35c83df0a/patches/BRM052_getClientRects-getBoundingClientRect-measureText-add-fingerprinting-mitigation.patch
# Originally based on https://github.com/ungoogled-software/ungoogled-chromium/pull/377/commits/4151259b3248f0fc5c42fa262a1d1dd43c39fb60
# chrome://flag setting added by ungoogled-chromium developers
#
# Unlike the latest Bromite patch, it was chosen to not regenerate the noise value each time the value is read to prevent potential efficiency issues with the load on the RNG.

--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -2575,6 +2575,7 @@ static_library("browser") {
     "//third_party/libyuv",
     "//third_party/metrics_proto",
     "//third_party/re2",
+    "//components/ungoogled:ungoogled_switches",
     "//third_party/webrtc_overrides:webrtc_component",
     "//third_party/widevine/cdm:buildflags",
     "//third_party/widevine/cdm:headers",
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -167,6 +167,7 @@
 #include "components/translate/core/common/translate_util.h"
 #include "components/trusted_vault/features.h"
 #include "components/ui_devtools/switches.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "components/variations/variations_switches.h"
 #include "components/version_info/version_info.h"
 #include "components/viz/common/features.h"
--- a/chrome/browser/bromite_flag_entries.h
+++ b/chrome/browser/bromite_flag_entries.h
@@ -4,4 +4,12 @@
 
 #ifndef CHROME_BROWSER_BROMITE_FLAG_ENTRIES_H_
 #define CHROME_BROWSER_BROMITE_FLAG_ENTRIES_H_
+    {"fingerprinting-client-rects-noise",
+     "Enable get*ClientRects() fingerprint deception",
+     "Scale the output values of Range::getClientRects() and Element::getBoundingClientRect() with a randomly selected factor in the range -0.0003% to 0.0003%, which are recomputed on every document initialization. ungoogled-chromium flag, Bromite feature.",
+     kOsAll, SINGLE_VALUE_TYPE(switches::kFingerprintingClientRectsNoise)},
+    {"fingerprinting-canvas-measuretext-noise",
+     "Enable Canvas::measureText() fingerprint deception",
+     "Scale the output values of Canvas::measureText() with a randomly selected factor in the range -0.0003% to 0.0003%, which are recomputed on every document initialization. ungoogled-chromium flag, Bromite feature.",
+     kOsAll, SINGLE_VALUE_TYPE(switches::kFingerprintingCanvasMeasureTextNoise)},
 #endif  // CHROME_BROWSER_BROMITE_FLAG_ENTRIES_H_
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn
@@ -247,6 +247,7 @@ source_set("browser") {
     "//third_party/libyuv",
     "//third_party/re2",
     "//third_party/sqlite",
+    "//components/ungoogled:ungoogled_switches",
     "//third_party/webrtc_overrides:webrtc_component",
     "//third_party/zlib",
     "//third_party/zlib/google:zip",
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -77,6 +77,7 @@
 #include "components/services/storage/public/cpp/quota_error_or.h"
 #include "components/services/storage/public/mojom/cache_storage_control.mojom.h"
 #include "components/tracing/common/tracing_switches.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "components/viz/common/switches.h"
 #include "components/viz/host/gpu_client.h"
 #include "content/browser/bad_message.h"
@@ -3420,6 +3421,8 @@ void RenderProcessHostImpl::PropagateBro
     switches::kEnableWebGLImageChromium,
     switches::kEnableWebGPUDeveloperFeatures,
     switches::kFileUrlPathAlias,
+    switches::kFingerprintingClientRectsNoise,
+    switches::kFingerprintingCanvasMeasureTextNoise,
     switches::kForceDeviceScaleFactor,
     switches::kForceDisplayColorProfile,
     switches::kForceGpuMemAvailableMb,
--- a/content/child/BUILD.gn
+++ b/content/child/BUILD.gn
@@ -103,6 +103,7 @@ target(link_target_type, "child") {
     "//third_party/blink/public/common:buildflags",
     "//third_party/blink/public/strings",
     "//third_party/ced",
+    "//components/ungoogled:ungoogled_switches",
     "//third_party/zlib/google:compression_utils",
     "//ui/base",
     "//ui/events/blink",
--- a/content/child/runtime_features.cc
+++ b/content/child/runtime_features.cc
@@ -40,6 +40,7 @@
 #include "third_party/blink/public/common/loader/referrer_utils.h"
 #include "third_party/blink/public/common/switches.h"
 #include "third_party/blink/public/platform/web_runtime_features.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "ui/accessibility/accessibility_features.h"
 #include "ui/base/ui_base_features.h"
 #include "ui/events/blink/blink_features.h"
@@ -475,6 +476,10 @@ void SetRuntimeFeaturesFromCommandLine(c
        switches::kEnableWebGPUDeveloperFeatures, true},
       {wrf::EnableDirectSockets, switches::kEnableIsolatedWebAppsInRenderer,
        true},
+      {wrf::EnableFingerprintingClientRectsNoise,
+       switches::kFingerprintingClientRectsNoise, true},
+      {wrf::EnableFingerprintingCanvasMeasureTextNoise,
+       switches::kFingerprintingCanvasMeasureTextNoise, true},
   };
 
   for (const auto& mapping : switchToFeatureMapping) {
--- a/third_party/blink/public/platform/web_runtime_features.h
+++ b/third_party/blink/public/platform/web_runtime_features.h
@@ -69,6 +69,9 @@ class BLINK_PLATFORM_EXPORT WebRuntimeFe
   static void EnableFluentScrollbars(bool);
   static void EnableFluentOverlayScrollbars(bool);
 
+  static void EnableFingerprintingClientRectsNoise(bool);
+  static void EnableFingerprintingCanvasMeasureTextNoise(bool);
+
   WebRuntimeFeatures() = delete;
 };
 
--- a/third_party/blink/renderer/core/dom/document.cc
+++ b/third_party/blink/renderer/core/dom/document.cc
@@ -39,6 +39,7 @@
 #include "base/i18n/time_formatting.h"
 #include "base/metrics/histogram_functions.h"
 #include "base/notreached.h"
+#include "base/rand_util.h"
 #include "base/ranges/algorithm.h"
 #include "base/task/single_thread_task_runner.h"
 #include "base/time/time.h"
@@ -943,6 +944,14 @@ Range* Document::CreateRangeAdjustedToTr
                                      Position::BeforeNode(*shadow_host));
 }
 
+double Document::GetNoiseFactorX() {
+  return noise_factor_x_;
+}
+
+double Document::GetNoiseFactorY() {
+  return noise_factor_y_;
+}
+
 SelectorQueryCache& Document::GetSelectorQueryCache() {
   if (!selector_query_cache_)
     selector_query_cache_ = std::make_unique<SelectorQueryCache>();
@@ -2318,6 +2327,15 @@ void Document::UpdateStyleAndLayoutTreeF
 #if DCHECK_IS_ON()
   AssertLayoutTreeUpdated(*this, true /* allow_dirty_container_subtrees */);
 #endif
+
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    // Precompute -0.0003% to 0.0003% noise factor for get*ClientRect*() fingerprinting
+    noise_factor_x_ = 1 + (base::RandDouble() - 0.5) * 0.000003;
+    noise_factor_y_ = 1 + (base::RandDouble() - 0.5) * 0.000003;
+  } else {
+    noise_factor_x_ = 1;
+    noise_factor_y_ = 1;
+  }
 }
 
 void Document::InvalidateStyleAndLayoutForFontUpdates() {
--- a/third_party/blink/renderer/core/dom/document.h
+++ b/third_party/blink/renderer/core/dom/document.h
@@ -511,6 +511,10 @@ class CORE_EXPORT Document : public Cont
     has_xml_declaration_ = has_xml_declaration ? 1 : 0;
   }
 
+  // Values for get*ClientRect fingerprint deception
+  double GetNoiseFactorX();
+  double GetNoiseFactorY();
+
   AtomicString visibilityState() const;
   bool IsPageVisible() const;
   bool hidden() const;
@@ -2413,6 +2417,9 @@ class CORE_EXPORT Document : public Cont
 
   base::ElapsedTimer start_time_;
 
+  double noise_factor_x_;
+  double noise_factor_y_;
+
   Member<ScriptRunner> script_runner_;
   Member<ScriptRunnerDelayer> script_runner_delayer_;
 
--- a/third_party/blink/renderer/core/dom/element.cc
+++ b/third_party/blink/renderer/core/dom/element.cc
@@ -2123,6 +2123,11 @@ DOMRectList* Element::getClientRects() {
   DCHECK(element_layout_object);
   GetDocument().AdjustQuadsForScrollAndAbsoluteZoom(quads,
                                                     *element_layout_object);
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    for (gfx::QuadF& quad : quads) {
+      quad.Scale(GetDocument().GetNoiseFactorX(), GetDocument().GetNoiseFactorY());
+    }
+  }
   return MakeGarbageCollected<DOMRectList>(quads);
 }
 
@@ -2150,6 +2155,9 @@ gfx::RectF Element::GetBoundingClientRec
   DCHECK(element_layout_object);
   GetDocument().AdjustRectForScrollAndAbsoluteZoom(result,
                                                    *element_layout_object);
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    result.Scale(GetDocument().GetNoiseFactorX(), GetDocument().GetNoiseFactorY());
+  }
   return result;
 }
 
--- a/third_party/blink/renderer/core/dom/range.cc
+++ b/third_party/blink/renderer/core/dom/range.cc
@@ -1618,11 +1618,21 @@ DOMRectList* Range::getClientRects() con
   Vector<gfx::QuadF> quads;
   GetBorderAndTextQuads(quads);
 
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    for (gfx::QuadF& quad : quads) {
+      quad.Scale(owner_document_->GetNoiseFactorX(), owner_document_->GetNoiseFactorY());
+    }
+  }
+
   return MakeGarbageCollected<DOMRectList>(quads);
 }
 
 DOMRect* Range::getBoundingClientRect() const {
-  return DOMRect::FromRectF(BoundingRect());
+  auto rect = BoundingRect();
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    rect.Scale(owner_document_->GetNoiseFactorX(), owner_document_->GetNoiseFactorY());
+  }
+  return DOMRect::FromRectF(rect);
 }
 
 // TODO(editing-dev): We should make
--- a/third_party/blink/renderer/core/html/canvas/text_metrics.cc
+++ b/third_party/blink/renderer/core/html/canvas/text_metrics.cc
@@ -69,6 +69,24 @@ TextMetrics::TextMetrics(const Font& fon
   Update(font, direction, baseline, align, text);
 }
 
+void TextMetrics::Shuffle(const double factor) {
+  // x-direction
+  width_ *= factor;
+  actual_bounding_box_left_ *= factor;
+  actual_bounding_box_right_ *= factor;
+
+  // y-direction
+  font_bounding_box_ascent_ *= factor;
+  font_bounding_box_descent_ *= factor;
+  actual_bounding_box_ascent_ *= factor;
+  actual_bounding_box_descent_ *= factor;
+  em_height_ascent_ *= factor;
+  em_height_descent_ *= factor;
+  baselines_->setAlphabetic(baselines_->alphabetic() * factor);
+  baselines_->setHanging(baselines_->hanging() * factor);
+  baselines_->setIdeographic(baselines_->ideographic() * factor);
+}
+
 void TextMetrics::Update(const Font& font,
                          const TextDirection& direction,
                          const TextBaseline& baseline,
--- a/third_party/blink/renderer/core/html/canvas/text_metrics.h
+++ b/third_party/blink/renderer/core/html/canvas/text_metrics.h
@@ -66,6 +66,8 @@ class CORE_EXPORT TextMetrics final : pu
 
   void Trace(Visitor*) const override;
 
+  void Shuffle(const double factor);
+
  private:
   void Update(const Font&,
               const TextDirection&,
--- a/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc
+++ b/third_party/blink/renderer/modules/canvas/canvas2d/base_rendering_context_2d.cc
@@ -56,6 +56,9 @@
 #include "ui/gfx/geometry/quad_f.h"
 #include "ui/gfx/geometry/skia_conversions.h"
 
+#include "third_party/blink/renderer/core/offscreencanvas/offscreen_canvas.h"
+#include "third_party/blink/renderer/core/frame/local_dom_window.h"
+
 namespace blink {
 
 BASE_FEATURE(kDisableCanvasOverdrawOptimization,
@@ -2892,9 +2895,22 @@ TextMetrics* BaseRenderingContext2D::mea
 
   TextDirection direction = ToTextDirection(GetState().GetDirection(), canvas);
 
-  return MakeGarbageCollected<TextMetrics>(font, direction,
+  TextMetrics* text_metrics = MakeGarbageCollected<TextMetrics>(font, direction,
                                            GetState().GetTextBaseline(),
                                            GetState().GetTextAlign(), text);
+
+  // Scale text metrics if enabled
+  if (RuntimeEnabledFeatures::FingerprintingCanvasMeasureTextNoiseEnabled()) {
+    if (HostAsOffscreenCanvas()) {
+      if (auto* window = DynamicTo<LocalDOMWindow>(GetTopExecutionContext())) {
+        if (window->GetFrame() && window->GetFrame()->GetDocument())
+          text_metrics->Shuffle(window->GetFrame()->GetDocument()->GetNoiseFactorX());
+      }
+    } else if (canvas) {
+      text_metrics->Shuffle(canvas->GetDocument().GetNoiseFactorX());
+    }
+  }
+  return text_metrics;
 }
 
 void BaseRenderingContext2D::SnapshotStateForFilter() {
--- a/third_party/blink/renderer/platform/BUILD.gn
+++ b/third_party/blink/renderer/platform/BUILD.gn
@@ -1702,6 +1702,7 @@ component("platform") {
     "//cc/mojo_embedder",
     "//components/paint_preview/common",
     "//components/search_engines:search_engine_utils",
+    "//components/ungoogled:ungoogled_switches",
     "//components/viz/client",
     "//components/viz/common",
     "//components/webrtc:net_address_utils",
--- a/third_party/blink/renderer/platform/exported/web_runtime_features.cc
+++ b/third_party/blink/renderer/platform/exported/web_runtime_features.cc
@@ -68,4 +68,12 @@ void WebRuntimeFeatures::EnableFluentScr
 void WebRuntimeFeatures::EnableFluentOverlayScrollbars(bool enable) {
   RuntimeEnabledFeatures::SetFluentOverlayScrollbarsEnabled(enable);
 }
+void WebRuntimeFeatures::EnableFingerprintingClientRectsNoise(bool enable) {
+  RuntimeEnabledFeatures::SetFingerprintingClientRectsNoiseEnabled(enable);
+}
+
+void WebRuntimeFeatures::EnableFingerprintingCanvasMeasureTextNoise(bool enable) {
+  RuntimeEnabledFeatures::SetFingerprintingCanvasMeasureTextNoiseEnabled(enable);
+}
+
 }  // namespace blink
--- a/third_party/blink/renderer/platform/runtime_enabled_features.json5
+++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5
@@ -1887,6 +1887,12 @@
       origin_trial_feature_name: "Focusgroup",
     },
     {
+      name: "FingerprintingClientRectsNoise",
+    },
+    {
+      name: "FingerprintingCanvasMeasureTextNoise",
+    },
+    {
       name: "FocuslessSpatialNavigation",
       base_feature: "none",
       settable_from_internals: true,