Bug 190195

Summary:

User installed fonts are not always disabled when they should be

Product:

WebKit

Reporter:

Antti Koivisto <koivisto>

Component:

Text

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ap, commit-queue, ggaren, mmaxfield, webkit-bug-importer, zalan

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
patch	none
patch	mmaxfield: review-

Antti Koivisto

Reported 2018-10-02 04:58:06 PDT

SVG images and some theme cases fail to respect the setting.

Attachments
patch (3.42 KB, patch) 2018-10-02 05:24 PDT, Antti Koivisto	no flags	Details Formatted Diff Diff
patch (3.42 KB, patch) 2018-10-02 05:27 PDT, Antti Koivisto	mmaxfield: review-	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Antti Koivisto

Comment 1 2018-10-02 05:24:49 PDT

Created attachment 351372 [details] patch

Antti Koivisto

Comment 2 2018-10-02 05:27:14 PDT

Created attachment 351373 [details] patch

Geoffrey Garen

Comment 3 2018-10-02 10:24:54 PDT

Comment on attachment 351373 [details] patch r=me

WebKit Commit Bot

Comment 4 2018-10-02 10:57:50 PDT

Comment on attachment 351373 [details] patch Clearing flags on attachment: 351373 Committed r236753: <https://trac.webkit.org/changeset/236753>

WebKit Commit Bot

Comment 5 2018-10-02 10:57:51 PDT

All reviewed patches have been landed. Closing bug.

Radar WebKit Bug Importer

Comment 6 2018-10-02 10:58:26 PDT

<rdar://problem/44944369>

Myles C. Maxfield

Comment 7 2018-10-02 11:31:45 PDT

Comment on attachment 351373 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=351373&action=review > Source/WebCore/platform/graphics/FontDescription.cpp:83 > - , m_shouldAllowUserInstalledFonts(static_cast<unsigned>(AllowUserInstalledFonts::Yes)) > + , m_shouldAllowUserInstalledFonts(static_cast<unsigned>(AllowUserInstalledFonts::No)) The default setting for WKWebViews (and regular WebViews) is that user-installed fonts are allowed. Changing the default will cause tons of native apps to break.

Antti Koivisto

Comment 8 2018-10-02 11:39:07 PDT

> The default setting for WKWebViews (and regular WebViews) is that > user-installed fonts are allowed. Changing the default will cause tons of > native apps to break. This doesn't change any default settings. It only changes what happens when you construct a FontDescription and don't initialize allowUserInstalledFonts bit. All cases where this happens seemed to be places where enabling it was wrong.

Antti Koivisto

Comment 9 2018-10-02 11:59:04 PDT

Also all cases where we get this wrong is a potential fingerprinting vector so safe initialization is important here.

Myles C. Maxfield

Comment 10 2018-10-02 12:16:15 PDT

(In reply to Antti Koivisto from comment #9) > Also all cases where we get this wrong is a potential fingerprinting vector > so safe initialization is important here. False positives allow fingerprinting, but false negatives break native apps (which people have paid money for). We need to be sure this patch is correct.

Note You need to log in before you can comment on or make changes to this bug.