Check fonts leak

[uazo]

see https://browserleaks.com/fonts https://www.deviceinfo.me/ https://abrahamjuliot.github.io/creepjs/tests/fonts.html

[uazo]

it seems that only windows is interested. I have not found a way to install (and thus modify) the fonts list in android in windows, however, it is possible to narrow down the list of available fonts using the one in https://learn.microsoft.com/en-us/typography/fonts/windows_11_font_list

[uazo]

// Allows Blink to request fonts from the Android Downloadable Fonts API through
// the service implemented on the Java side.
BASE_FEATURE(kAndroidDownloadableFontsMatching,
             "AndroidDownloadableFontsMatching",
             base::FEATURE_ENABLED_BY_DEFAULT);

for android check https://bugs.chromium.org/p/chromium/issues/detail?id=1115064 https://chromium-review.googlesource.com/c/chromium/src/+/2347916 https://chromium-review.googlesource.com/c/chromium/src/+/2375329

[uazo]

~why didn't brave fix it?~ https://github.com/brave/brave-browser/issues/816

[uazo]

it seems that brave has changed the logic regarding the fallback list of fonts: font_fallback_list.cc and third_party-blink-renderer-platform-fonts-font_fallback_list.cc.patch source: Implement "reduce language fingerprinting" my approach is different and more radical because I act directly in skia. I need to understand the implications, is it better to add a flag. same thing in android as well, while I limit the list directly in skia.

[uazo]

ok, it seems that the problem is fonts related to the user's language. ie: we are in Japan, a browser with Japanese fonts is no different from others, in Europe it would be (and vice versa). how can i test this?

[uazo]

I need to understand the implications

https://bugs.chromium.org/p/chromium/issues/detail?id=366983#c9 Unfortunately, these are exactly it!

so it is not possible for me to act directly in skia, since some non-standard fonts such as 'Arial Narrow' are considered by DirectWrite (active by default) as font-family 'Arial' variant_stretch = 'Narrow' (Condensed = 7). in fact, for windows, chromium checks a number of terms in the family as attributes: TypefacesHasWeightSuffix and TypefacesHasStretchSuffix.

a possible alternative is to filter the list of fonts when loading the (custom) collection in DWriteFontCollectionProxy::CreateEnumeratorFromKey, but I would have to wire the ttf file name and that might not be the best solution. so no good, I'll try the change to blink

[uazo]

I'll try the change to blink

nooo, for the same reason blink doesn't work either! Brave itself suffers from this bug.... i will be good and report it.

a possible alternative is to filter the list of fonts when loading the (custom) collection

meanwhile, i guess only that is the correct solution.

[uazo]

definitively found the solution, which is to retrieve the gdi name of the font via directwrite. in any case, it is not possible for me to directly patch skia, as it is on a repo that is not a subrepo of chromium and therefore not directly editable with the patch system. fortunately there is a subset of skia functions under the //skia directory of chromium that allowed me to add them there. Now I have the problem of sitesettings, it seems that the executioncontext is not available because the fonts are retrieved from a singleton not connected to the contexts. I think it was simpler!

[uazo]

new patch in https://github.com/uazo/bromite/blob/beade82b64cc6ded6a7efd7722bd86a3a4faffc0/build/patches/00Fonts-fingerprinting-mitigation.patch

For now, I have decided to only insert the flag

[uazo]

@GY8VSdYYzvL8-K6T

How to verify font mitigation? Browserleaks.com font test shows identical fingerprint each time.

what that patch does is to inhibit the use of fonts that do not appear in the list of standard fonts in the respective platforms (by default user language), to mitigate the possibility of fonts being detected in the device, installed due to user activity (e.g. in windows, some apps also install certain fonts, see office for example). in windows the list is available while I could not find anything official for android, but chromium has a minimum set of fonts that MUST be present, so in android I opted for the more restrictive list.

[uazo]

for those who want to check, these are the data from my browser (viewport size protection off), which should be the same for everyone in my area (eu) regardless of the fonts installed on a windows machine

source https://browserleaks.com/fonts

the first column should be a value indicating the size of the rectangle containing a given constant string

FINGERPRINT: C8351AF6107A75C94C96273BE120C9D7

4397,143    default, sans-serif
4325,142    serif
3588,150    monospace
4393,178    cursive
3984,156    fantasy
5189,181    Arial Black
4446,128    Bahnschrift, Bahnschrift Light, Bahnschrift SemiBold
4151,156    Calibri
4104,156    Calibri Light
4429,150    Cambria
4429,128    Cambria Math
4265,156    Candara
4203,156    Candara Light
4551,156    Constantia
4239,156    Corbel
4148,156    Corbel Light
3928,145    Courier, Courier 10 Pitch, Courier New
4425,170    Ebrima, Gadugi, Leelawadee UI, Segoe UI Emoji, Segoe UI Historic
3379,129    Gabriola
4717,145    Georgia
4308,128    HoloLens MDL2 Assets
4181,158    Ink Free
4472,291    Javanese Text
3894,128    Lucida Console
4676,196    Lucida Sans Unicode
3373,128    MS Gothic
3962,128    MS PGothic, MS UI Gothic
4337,145    MS Sans Serif, Microsoft Sans Serif
4544,206    MV Boli
4506,170    Malgun Gothic
5569,128    Marlett
3084,128    Microsoft Himalaya
4705,171    Microsoft JhengHei
4508,171    Microsoft JhengHei Light
4705,163    Microsoft JhengHei UI
4508,163    Microsoft JhengHei UI Light
4425,168    Microsoft New Tai Lue
4443,164    Microsoft PhagsPa
4425,163    Microsoft Tai Le
4761,169    Microsoft YaHei
4490,164    Microsoft YaHei Light
4761,163    Microsoft YaHei UI
4490,168    Microsoft YaHei UI Light
3394,128    Microsoft Yi Baiti, SimSun-ExtB
3394,129    MingLiU-ExtB, MingLiU_HKSCS-ExtB
4308,136    Mongolian Baiti
4425,239    Myanmar Text
3437,128    NSimSun, SimSun
4430,170    Nirmala UI
4134,129    PMingLiU-ExtB
4674,172    Palatino Linotype
4353,128    Segoe MDL2 Assets
5079,223    Segoe Print
5248,202    Segoe Script
4431,170    Segoe UI
4926,170    Segoe UI Black
4207,170    Segoe UI Light
4579,170    Segoe UI Semibold
4460,170    Segoe UI Symbol
3996,128    Sitka Banner
4117,128    Sitka Display
4268,128    Sitka Heading
4999,128    Sitka Small
4478,128    Sitka Subheading
4691,128    Sitka Text
4455,169    Sylfaen
3831,157    Symbol
4428,154    Tahoma
4277,148    Trebuchet MS
4957,156    Verdana
4653,128    Webdings
5380,142    Wingdings, Wingdings 2, Wingdings 3
4560,169    Yu Gothic, Yu Gothic Regular
4408,165    Yu Gothic Light
4645,165    Yu Gothic Medium
4542,170    Yu Gothic UI, Yu Gothic UI Regular
4316,170    Yu Gothic UI Light
4694,170    Yu Gothic UI Semibold