Issue #88: Think about reimplementation of `CanvasRenderingContext2D.isPointInStroke` and `CanvasRenderingContext2D.isPointInPath` - webextension

JShelter / webextension

#88 Think about reimplementation of `CanvasRenderingContext2D.isPointInStroke` and `CanvasRenderingContext2D.isPointInPath`

Opened 2 months ago by polcak. Modified 2 months ago

Summary

CanvasRenderingContext2D.isPointInStrokeandCanvasRenderingContext2D.isPointInPath` return either:

Always False
Randomly False or the correct answer

That means that repeated calls with the same parameters can return True. That means that the correct value can be quite precisely guessed by repeated calls. Additionally, the repeated calls reveal inconsistencies. The behaviour can possibly break innocent code that expect constant results.

An option to consider is to farble the results according to x and y coordinates, the current color (possibly farbled) and the session hash of the domain. That will make the calls pure functions as expected.

A possible downside is the risk of leaking the session hash as the attacker can control, x, y, and the color.

Setup

JShelter Version: 0.11.1

Metadata

Assignee

None

Tags

Blocking

None

Depending on

None

Priority

Normal

Milestone

None

JShelter / webextension

Source Code

#88 Think about reimplementation of `CanvasRenderingContext2D.isPointInStroke` and `CanvasRenderingContext2D.isPointInPath` Opened 2 months ago by polcak. Modified 2 months ago

Close issue as:

Summary

Setup

Metadata

enhancement

#88 Think about reimplementation of `CanvasRenderingContext2D.isPointInStroke` and `CanvasRenderingContext2D.isPointInPath`

Opened 2 months ago by polcak. Modified 2 months ago