Brave 1.63.x does not apply certain(?) fonts listed in site's CSS. This is a regression from 1.62.x

[m0nkey-br4in]

Description

Brave 1.63.x does not apply certain(?) fonts listed in site's CSS. I regularly visit, say, https://www.old-games.ru/forum/. It has the following stanza in its main css:

body: {
    font-family: 'Trebuchet MS', Helvetica, Arial, sans-serif;
} 

I have Trebuchet MS installed locally. Despite this all, text is rendered with PT Sans (if Stylus extension is active) or Segoe UI (if it's inactive). Everything was correct in Brave 1.62.165

Disabling Brave Shields fixes the problem

Steps to Reproduce

1. Visit a site you frequent
2. Wonder why it looks somewhat off

Actual result:

On 1.63.162: Notice "font-family" and "rendered fonts" in the inspector panel

Expected result:

On 1.62.165:

Reproduces how often:

Reproduces always

Brave version (brave://version info)

Brave: 1.63.162 Chromium: 122.0.6261.69 (Official Build) (64-bit) Revision: 3098e6bd850eaf3aa13541d2ddd87af53908bc60 OS: Linux (specifically, Ubuntu 22.04)

Version/Channel Information:

Reproduces on current release channel. Did not check beta/nightly

Other Additional Information:

• Does the issue resolve itself when disabling Brave Shields? Yes, disabling Brave Shields fixes the problem
• Does the issue resolve itself when disabling Brave Rewards? Don't know how to enable/disable them. Probably have them disabled, right?
• Is the issue reproducible on the latest version of Chrome? Don't have Chrome, but in Chromium version 122.0.6261.69 (Official Build) snap (64-bit) works correctly

[flaudisio]

Same here. I've noticed the default font in Google Docs was broken, falling back to the default serif font. Fixed when I disabled Shield's Block fingerprinting option.

Before disabling Block fingerprinting:

After disabling it and reloading the page:

Brave version (brave://version info):

Brave: 1.63.162 Chromium: 122.0.6261.69 (Official Build) (64-bit) Revision: 3098e6bd850eaf3aa13541d2ddd87af53908bc60 OS: Linux (Xubuntu 22.04)

[rebron]

cc: @ShivanKaul

[ShivanKaul]

Hmm wonder if it's a Linux-only issue. Can you confirm if this happens with Fingeprinting set to be both Standard and Strict? Or is it only happening on Strict? 1.63.x still has Strict mode.

[flaudisio]

Hi, Shivan. I've tested again and it happens with Fingerprinting set to both Standard and Strict; only Disabled fixes it for now.

[ShivanKaul]

Gotcha. Another test: does it get fixed if you disable "Prevent sites from fingerprinting me based on my language preferences" global option in brave://settings/shields?

[flaudisio]

Yes! It's fixed after disabling it, even with Block fingerprinting changed back to Standard.

[ShivanKaul]

The interim fix is to disable "Prevent sites from fingerprinting me based on my language preferences" global option in brave://settings/shields but we'll address this soon.

[arthuredelstein]

I believe both cases reported here are expected behavior. To prevent font fingerprinting, we introduced a font allowlist for Ubuntu in Brave 1.63.x that prevents exposing custom local fonts installed by the user on their operating system. (This matches a previous font fingerprinting protection Brave already had for Windows and Mac.) Neither TrebuchetMS nor Arial are included by default in Ubuntu; see the full lists of allowed default fonts at https://sourcegraph.com/github.com/brave/brave-core/-/blob/third_party/blink/renderer/brave_font_whitelist.cc

That said, it would be good to be able to fix this on a single site instead of changing the global option. We're working on options that allow us to toggle specific fingerprinting protections (such as font restrictions) on a single site.

It is surprising, in the Google docs case, that the font called "Sans Serif" appears to have serifs. That's worth investigating more.

(Leaving this ticket open until we have a per-site solution.)

[jknockel]

There must be another issue at play though because Arial actually works just fine using Brave 1.62 in Google Docs on a default Ubuntu 22.04 install -- it is listed as an available font in the font drop-down selector and, when selected, looks the way we would expect it to.

So what's going on here? I believe it has to do with Ubuntu's default font aliases. For instance, take a look at /etc/fonts/conf.d/30-metric-aliases.conf, which configures and documents them:

PostScript fonts:       URW fonts:           GUST fonts:        Windows fonts:
======================  ==================  =================  ==================
Helvetica               Nimbus Sans         TeX Gyre Heros
Helvetica Narrow        Nimbus Sans Narrow  TeX Gyre Heros Cn
Times                   Nimbus Roman        TeX Gyre Termes
Courier                 Nimbus Mono PS      TeX Gyre Cursor
ITC Avant Garde Gothic  URW Gothic          TeX Gyre Adventor
ITC Bookman             URW Bookman         TeX Gyre Bonum     Bookman Old Style
ITC Zapf Chancery       Z003                TeX Gyre Chorus
Palatino                P052                TeX Gyre Pagella   Palatino Linotype
New Century Schoolbook  C059                TeX Gyre Schola    Century Schoolbook

Microsoft fonts:  Liberation fonts:       Google CrOS core fonts:  StarOffice fonts:  AMT fonts:
================  ======================  =======================  =================  ==============
Arial             Liberation Sans         Arimo                    Albany             Albany AMT
Arial Narrow      Liberation Sans Narrow
Times New Roman   Liberation Serif        Tinos                    Thorndale          Thorndale AMT
Courier New       Liberation Mono         Cousine                  Cumberland         Cumberland AMT
Cambria                                   Caladea
Calibri                                   Carlito
Symbol                                    SymbolNeu

Microsoft fonts:  Other fonts:
================  ============
Georgia           Gelasio

Since 'Liberation Sans' is installed by default and since it is configured as an alias of 'Arial', Ubuntu in effect has Arial preinstalled. To test this hypothesis, I, on a stock Ubuntu 22.04 install, fully quit Brave 1.62 and ran:

sudo mv /usr/share/fonts/truetype/liberation* /opt/
fc-cache -rv

Then I launched Brave 1.62 again and browsed to a document on Google Docs. Arial was no longer listed in the font drop-down selector. Quitting the browser, moving the Liberation fonts back, re-running fc-cache, and launching the browser again restored the availability of Arial.

Since brave_font_whitelist.cc already includes the Liberation fonts and because the fonts-liberation package is dependency of the brave-browser on Ubuntu, it may make sense to add 'Arial', 'Courier New', and all of the other default font aliases of the Liberation fonts to the brave_font_whitelist.cc list as well.

[arthuredelstein]

Hi @jknockel -- great analysis, thank you! Sounds like have a couple of possible options:

1. Add the font aliases to the allowlist, as you suggest, or
2. Make sure aliases are applied before we filter fonts through the allowlist.

[doebi]

Same here. I've noticed the default font in Google Docs was broken, falling back to the default serif font. Fixed when I disabled Shield's Block fingerprinting option.

Before disabling Block fingerprinting:

After disabling it and reloading the page:

Brave version (brave://version info):

Brave: 1.63.162 Chromium: 122.0.6261.69 (Official Build) (64-bit) Revision: 3098e6bd850eaf3aa13541d2ddd87af53908bc60 OS: Linux (Xubuntu 22.04)

I want to raise awareness to this circumstance again, as this is affecting essentially any website without an explicitly set font. When will this eventually be fixed?

[jknockel]

Hi @jknockel -- great analysis, thank you! Sounds like have a couple of possible options:

1. Add the font aliases to the allowlist, as you suggest, or

2. Make sure aliases are applied _before_ we filter fonts through the allowlist.

Thinking about this, my concern with option 2 is that, if we want the allowlist to be static for every (e.g.) Ubuntu 22.04 machine, then hardcoding the default aliases for Ubuntu 22.04 would definitely achieve that. On the other hand, if we somehow dynamically expand the allowlist at runtime to include all aliases, then I am worried that different Ubuntu 22.04 machines could effectively have different allowlists depending on their fontconfig configs.