ungoogled-chromium/patches/extra/bromite/fingerprinting-flags-client-rects-and-measuretext.patch

# Adds two flags:
# 1. --fingerprinting-client-rects-noise to enable fingerprinting deception for Range::getClientRects and Element::getBoundingClientRect
# 2. --fingerprinting-canvas-measuretext-noise to enable fingerprinting deception for Canvas::measureText
# Tweaks based on https://github.com/bromite/bromite/blob/b1bc96bbd9ec549cf496e87f487a0ac35c83df0a/patches/BRM052_getClientRects-getBoundingClientRect-measureText-add-fingerprinting-mitigation.patch
# Originally based on https://github.com/Eloston/ungoogled-chromium/pull/377/commits/4151259b3248f0fc5c42fa262a1d1dd43c39fb60
# chrome://flag setting added by ungoogled-chromium developers
#
# Unlike the latest Bromite patch, it was chosen to not regenerate the noise value each time the value is read to prevent potential efficiency issues with the load on the RNG.

--- a/chrome/browser/BUILD.gn
+++ b/chrome/browser/BUILD.gn
@@ -2272,6 +2272,7 @@ jumbo_static_library("browser") {
     "//third_party/libyuv",
     "//third_party/metrics_proto",
     "//third_party/re2",
+    "//components/ungoogled:switches",
     "//third_party/webrtc_overrides:webrtc_component",
     "//third_party/widevine/cdm:buildflags",
     "//third_party/zlib",
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -157,6 +157,7 @@
 #include "third_party/blink/public/common/features.h"
 #include "third_party/blink/public/common/forcedark/forcedark_switches.h"
 #include "third_party/leveldatabase/leveldb_features.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "ui/accessibility/accessibility_features.h"
 #include "ui/accessibility/accessibility_switches.h"
 #include "ui/base/ui_base_features.h"
@@ -1801,6 +1802,14 @@ const FeatureEntry kFeatureEntries[] = {
      "Force punycode hostnames",
      "Force punycode in hostnames instead of Unicode when displaying Internationalized Domain Names (IDNs).",
      kOsAll, SINGLE_VALUE_TYPE("force-punycode-hostnames")},
+    {"fingerprinting-client-rects-noise",
+     "Enable get*ClientRects() fingerprint deception",
+     "Scale the output values of Range::getClientRects() and Element::getBoundingClientRect() with a randomly selected factor in the range -0.0003% to 0.0003%, which are recomputed on every document initialization.",
+     kOsAll, SINGLE_VALUE_TYPE(switches::kFingerprintingClientRectsNoise)},
+    {"fingerprinting-canvas-measuretext-noise",
+     "Enable Canvas::measureText() fingerprint deception",
+     "Scale the output values of Canvas::measureText() with a randomly selected factor in the range -0.0003% to 0.0003%, which are recomputed on every document initialization.",
+     kOsAll, SINGLE_VALUE_TYPE(switches::kFingerprintingCanvasMeasureTextNoise)},
     {"ignore-gpu-blacklist", flag_descriptions::kIgnoreGpuBlacklistName,
      flag_descriptions::kIgnoreGpuBlacklistDescription, kOsAll,
      SINGLE_VALUE_TYPE(switches::kIgnoreGpuBlacklist)},
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn
@@ -208,6 +208,7 @@ jumbo_source_set("browser") {
     "//third_party/libyuv",
     "//third_party/re2",
     "//third_party/sqlite",
+    "//components/ungoogled:switches",
     "//third_party/webrtc_overrides:webrtc_component",
     "//third_party/zlib",
     "//third_party/zlib/google:zip",
--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -225,6 +225,7 @@
 #include "third_party/blink/public/common/page/launching_process_state.h"
 #include "third_party/blink/public/common/user_agent/user_agent_metadata.h"
 #include "third_party/blink/public/public_buildflags.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "third_party/skia/include/core/SkBitmap.h"
 #include "ui/accessibility/accessibility_switches.h"
 #include "ui/base/ui_base_switches.h"
@@ -3279,6 +3280,8 @@ void RenderProcessHostImpl::PropagateBro
     switches::kEnableWebGLDraftExtensions,
     switches::kEnableWebGLImageChromium,
     switches::kFileUrlPathAlias,
+    switches::kFingerprintingClientRectsNoise,
+    switches::kFingerprintingCanvasMeasureTextNoise,
     switches::kForceDeviceScaleFactor,
     switches::kForceDisableWebRtcApmInAudioService,
     switches::kForceDisplayColorProfile,
--- a/content/child/BUILD.gn
+++ b/content/child/BUILD.gn
@@ -123,6 +123,7 @@ target(link_target_type, "child") {
     "//third_party/blink/public/common",
     "//third_party/blink/public/strings",
     "//third_party/ced",
+    "//components/ungoogled:switches",
     "//third_party/zlib/google:compression_utils",
     "//ui/base",
     "//ui/events/blink",
--- a/content/child/runtime_features.cc
+++ b/content/child/runtime_features.cc
@@ -26,6 +26,7 @@
 #include "services/network/public/cpp/network_switches.h"
 #include "third_party/blink/public/common/features.h"
 #include "third_party/blink/public/platform/web_runtime_features.h"
+#include "components/ungoogled/ungoogled_switches.h"
 #include "ui/accessibility/accessibility_features.h"
 #include "ui/base/ui_base_features.h"
 #include "ui/events/blink/blink_features.h"
@@ -449,6 +450,10 @@ void SetRuntimeFeaturesFromCommandLine(c
        switches::kEnableAccessibilityObjectModel, true},
       {wrf::EnableAllowSyncXHRInPageDismissal,
        switches::kAllowSyncXHRInPageDismissal, true},
+      {wrf::EnableFingerprintingClientRectsNoise,
+       switches::kFingerprintingClientRectsNoise, true},
+      {wrf::EnableFingerprintingCanvasMeasureTextNoise,
+       switches::kFingerprintingCanvasMeasureTextNoise, true},
       {wrf::EnableShadowDOMV0, switches::kWebComponentsV0Enabled, true},
       {wrf::EnableCustomElementsV0, switches::kWebComponentsV0Enabled, true},
       {wrf::EnableHTMLImports, switches::kWebComponentsV0Enabled, true},
--- a/third_party/blink/public/platform/web_runtime_features.h
+++ b/third_party/blink/public/platform/web_runtime_features.h
@@ -220,6 +220,8 @@ class WebRuntimeFeatures {
   BLINK_PLATFORM_EXPORT static void EnableTranslateService(bool);
   BLINK_PLATFORM_EXPORT static void EnableGetDisplayMedia(bool);
   BLINK_PLATFORM_EXPORT static void EnableAllowSyncXHRInPageDismissal(bool);
+  BLINK_PLATFORM_EXPORT static void EnableFingerprintingClientRectsNoise(bool);
+  BLINK_PLATFORM_EXPORT static void EnableFingerprintingCanvasMeasureTextNoise(bool);
   BLINK_PLATFORM_EXPORT static void EnableShadowDOMV0(bool);
   BLINK_PLATFORM_EXPORT static void EnableCustomElementsV0(bool);
   BLINK_PLATFORM_EXPORT static void EnableHTMLImports(bool);
--- a/third_party/blink/renderer/core/dom/document.cc
+++ b/third_party/blink/renderer/core/dom/document.cc
@@ -35,6 +35,7 @@
 #include "base/auto_reset.h"
 #include "base/macros.h"
 #include "base/optional.h"
+#include "base/rand_util.h"
 #include "base/time/time.h"
 #include "cc/input/overscroll_behavior.h"
 #include "cc/input/scroll_snap_data.h"
@@ -883,6 +884,14 @@ Range* Document::CreateRangeAdjustedToTr
                                      Position::BeforeNode(*shadow_host));
 }
 
+double Document::GetNoiseFactorX() {
+  return noise_factor_x_;
+}
+
+double Document::GetNoiseFactorY() {
+  return noise_factor_y_;
+}
+
 SelectorQueryCache& Document::GetSelectorQueryCache() {
   if (!selector_query_cache_)
     selector_query_cache_ = std::make_unique<SelectorQueryCache>();
@@ -2628,6 +2637,15 @@ void Document::UpdateStyleAndLayoutTree(
 #if DCHECK_IS_ON()
   AssertLayoutTreeUpdated(*this);
 #endif
+
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    // Precompute -0.0003% to 0.0003% noise factor for get*ClientRect*() fingerprinting
+    noise_factor_x_ = 1 + (base::RandDouble() - 0.5) * 0.000003;
+    noise_factor_y_ = 1 + (base::RandDouble() - 0.5) * 0.000003;
+  } else {
+    noise_factor_x_ = 1;
+    noise_factor_y_ = 1;
+  }
 }
 
 void Document::UpdateActiveStyle() {
--- a/third_party/blink/renderer/core/dom/document.h
+++ b/third_party/blink/renderer/core/dom/document.h
@@ -534,6 +534,10 @@ class CORE_EXPORT Document : public Cont
     has_xml_declaration_ = has_xml_declaration ? 1 : 0;
   }
 
+  // Values for get*ClientRect fingerprint deception
+  double GetNoiseFactorX();
+  double GetNoiseFactorY();
+
   String visibilityState() const;
   bool IsPageVisible() const;
   bool hidden() const;
@@ -2106,6 +2110,9 @@ class CORE_EXPORT Document : public Cont
 
   base::ElapsedTimer start_time_;
 
+  double noise_factor_x_;
+  double noise_factor_y_;
+
   Member<ScriptRunner> script_runner_;
 
   HeapVector<Member<ScriptElementBase>> current_script_stack_;
--- a/third_party/blink/renderer/core/dom/element.cc
+++ b/third_party/blink/renderer/core/dom/element.cc
@@ -1985,6 +1985,11 @@ DOMRectList* Element::getClientRects() {
   DCHECK(element_layout_object);
   GetDocument().AdjustFloatQuadsForScrollAndAbsoluteZoom(
       quads, *element_layout_object);
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    for (FloatQuad& quad : quads) {
+      quad.Scale(GetDocument().GetNoiseFactorX(), GetDocument().GetNoiseFactorY());
+    }
+  }
   return MakeGarbageCollected<DOMRectList>(quads);
 }
 
@@ -2002,6 +2007,9 @@ DOMRect* Element::getBoundingClientRect(
   DCHECK(element_layout_object);
   GetDocument().AdjustFloatRectForScrollAndAbsoluteZoom(result,
                                                         *element_layout_object);
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    result.Scale(GetDocument().GetNoiseFactorX(), GetDocument().GetNoiseFactorY());
+  }
   return DOMRect::FromFloatRect(result);
 }
 
--- a/third_party/blink/renderer/core/dom/range.cc
+++ b/third_party/blink/renderer/core/dom/range.cc
@@ -1614,11 +1614,21 @@ DOMRectList* Range::getClientRects() con
   Vector<FloatQuad> quads;
   GetBorderAndTextQuads(quads);
 
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    for (FloatQuad& quad : quads) {
+      quad.Scale(owner_document_->GetNoiseFactorX(), owner_document_->GetNoiseFactorY());
+    }
+  }
+
   return MakeGarbageCollected<DOMRectList>(quads);
 }
 
 DOMRect* Range::getBoundingClientRect() const {
-  return DOMRect::FromFloatRect(BoundingRect());
+  auto rect = BoundingRect();
+  if (RuntimeEnabledFeatures::FingerprintingClientRectsNoiseEnabled()) {
+    rect.Scale(owner_document_->GetNoiseFactorX(), owner_document_->GetNoiseFactorY());
+  }
+  return DOMRect::FromFloatRect(rect);
 }
 
 // TODO(editing-dev): We should make
--- a/third_party/blink/renderer/core/html/canvas/text_metrics.cc
+++ b/third_party/blink/renderer/core/html/canvas/text_metrics.cc
@@ -54,6 +54,24 @@ TextMetrics::TextMetrics(const Font& fon
   Update(font, direction, baseline, align, text);
 }
 
+void TextMetrics::Shuffle(const double factor) {
+  // x-direction
+  width_ *= factor;
+  actual_bounding_box_left_ *= factor;
+  actual_bounding_box_right_ *= factor;
+
+  // y-direction
+  font_bounding_box_ascent_ *= factor;
+  font_bounding_box_descent_ *= factor;
+  actual_bounding_box_ascent_ *= factor;
+  actual_bounding_box_descent_ *= factor;
+  em_height_ascent_ *= factor;
+  em_height_descent_ *= factor;
+  baselines_->setAlphabetic(baselines_->alphabetic() * factor);
+  baselines_->setHanging(baselines_->hanging() * factor);
+  baselines_->setIdeographic(baselines_->ideographic() * factor);
+}
+
 void TextMetrics::Update(const Font& font,
                          const TextDirection& direction,
                          const TextBaseline& baseline,
--- a/third_party/blink/renderer/core/html/canvas/text_metrics.h
+++ b/third_party/blink/renderer/core/html/canvas/text_metrics.h
@@ -64,6 +64,8 @@ class CORE_EXPORT TextMetrics final : pu
 
   void Trace(Visitor*) override;
 
+  void Shuffle(const double factor);
+
  private:
   void Update(const Font&,
               const TextDirection&,
--- a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc
+++ b/third_party/blink/renderer/modules/canvas/canvas2d/canvas_rendering_context_2d.cc
@@ -815,9 +815,15 @@ TextMetrics* CanvasRenderingContext2D::m
   else
     direction = ToTextDirection(GetState().GetDirection(), canvas());
 
-  return MakeGarbageCollected<TextMetrics>(font, direction,
+  TextMetrics* text_metrics = MakeGarbageCollected<TextMetrics>(font, direction,
                                            GetState().GetTextBaseline(),
                                            GetState().GetTextAlign(), text);
+
+  // Scale text metrics if enabled
+  if (RuntimeEnabledFeatures::FingerprintingCanvasMeasureTextNoiseEnabled()) {
+    text_metrics->Shuffle(canvas()->GetDocument().GetNoiseFactorX());
+  }
+  return text_metrics;
 }
 
 void CanvasRenderingContext2D::DrawTextInternal(
--- a/third_party/blink/renderer/platform/BUILD.gn
+++ b/third_party/blink/renderer/platform/BUILD.gn
@@ -1543,6 +1543,7 @@ jumbo_component("platform") {
     "//third_party/harfbuzz-ng:hb_scoped_util",
     "//third_party/icu",
     "//third_party/libyuv",
+    "//components/ungoogled:switches",
     "//third_party/webrtc_overrides:webrtc_component",
     "//third_party/zlib/google:compression_utils",
     "//ui/base/cursor",
--- a/third_party/blink/renderer/platform/exported/web_runtime_features.cc
+++ b/third_party/blink/renderer/platform/exported/web_runtime_features.cc
@@ -667,4 +667,12 @@ void WebRuntimeFeatures::EnableTrustToke
   RuntimeEnabledFeatures::SetTrustTokensEnabled(enable);
 }
 
+void WebRuntimeFeatures::EnableFingerprintingClientRectsNoise(bool enable) {
+  RuntimeEnabledFeatures::SetFingerprintingClientRectsNoiseEnabled(enable);
+}
+
+void WebRuntimeFeatures::EnableFingerprintingCanvasMeasureTextNoise(bool enable) {
+  RuntimeEnabledFeatures::SetFingerprintingCanvasMeasureTextNoiseEnabled(enable);
+}
+
 }  // namespace blink
--- a/third_party/blink/renderer/platform/runtime_enabled_features.json5
+++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5
@@ -747,6 +747,12 @@
       name: "FileSystem",
       status: "stable",
     },
+    {
+      name: "FingerprintingClientRectsNoise",
+    },
+    {
+      name: "FingerprintingCanvasMeasureTextNoise",
+    },
     // Perform style recalc traversal in the flat tree order, including marking
     // flat-tree instead of shadow-including ancestors for child dirtiness.
     {