#33479: PDF fullscreen Presentation Mode doesn't letterbox
-------------------------+------------------------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+------------------------------------------
1. Open a PDF file in a new tab so it opens in the browser's internal PDF
viewer. Here's one.
https://gitweb.torproject.org/company/policies.git/plain/corpdocs/IRS-
Determination-Letter.pdf
2. Click the 4-outward-arrows (fullscreen?) icon on the PDF toolbar. Its
tooltip when you hover on it says, "Switch to Presentation Mode"
3. Observe that Presentation Mode is not letterboxed.
PDF Presentation Mode is distinct from browser full screen (F11 key) and
from maximize.
Is this exploitable at all? Is the internal PDF API fingerprintable? Tor
Browser warns when downloading to not open files in external viewers that
could circumvent Tor.
Similar vectors:
* #32713, Letterboxing doesn't work when fullscreening videos
* #12609, HTML5 fullscreen API makes TB fingerprintable
Inspired by:
* https://blog.torproject.org/comment/286752#comment-286752
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33479>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
