Bug 1894958: Let's name this page more accurately r=timhuang

The purpose of this page is to improve the fingerprinting protections
in Firefox.

Differential Revision: https://phabricator.services.mozilla.com/D209599

docshell/base/nsAboutRedirector.cpp

@@ -108,7 +108,7 @@ static const RedirEntry kRedirMap[] = {
     {"credits", "https://www.mozilla.org/credits/",
      nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::URI_MUST_LOAD_IN_CHILD},
-    {"fingerprinting",
+    {"fingerprintingprotection",
      "chrome://global/content/usercharacteristics/usercharacteristics.html",
      nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
          nsIAboutModule::HIDE_FROM_ABOUTABOUT | nsIAboutModule::ALLOW_SCRIPT |

docshell/build/components.conf

@@ -16,7 +16,7 @@ about_pages = [
     'crashgpu',
     'crashextensions',
     'credits',
-    'fingerprinting',
+    'fingerprintingprotection',
     'httpsonlyerror',
     'license',
     'logging',

dom/security/nsContentSecurityUtils.cpp

@@ -1363,20 +1363,20 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) {
              "about: page must contain a CSP denying object-src");
 
   // preferences and downloads allow legacy inline scripts through hash src.
-  MOZ_ASSERT(!foundScriptSrc ||
-                 StringBeginsWith(aboutSpec, "about:preferences"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:settings"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:downloads"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:fingerprinting"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:asrouter"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:newtab"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:logins"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:compat"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:welcome"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:profiling"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:studies"_ns) ||
-                 StringBeginsWith(aboutSpec, "about:home"_ns),
-             "about: page must not contain a CSP including script-src");
+  MOZ_ASSERT(
+      !foundScriptSrc || StringBeginsWith(aboutSpec, "about:preferences"_ns) ||
+          StringBeginsWith(aboutSpec, "about:settings"_ns) ||
+          StringBeginsWith(aboutSpec, "about:downloads"_ns) ||
+          StringBeginsWith(aboutSpec, "about:fingerprintingprotection"_ns) ||
+          StringBeginsWith(aboutSpec, "about:asrouter"_ns) ||
+          StringBeginsWith(aboutSpec, "about:newtab"_ns) ||
+          StringBeginsWith(aboutSpec, "about:logins"_ns) ||
+          StringBeginsWith(aboutSpec, "about:compat"_ns) ||
+          StringBeginsWith(aboutSpec, "about:welcome"_ns) ||
+          StringBeginsWith(aboutSpec, "about:profiling"_ns) ||
+          StringBeginsWith(aboutSpec, "about:studies"_ns) ||
+          StringBeginsWith(aboutSpec, "about:home"_ns),
+      "about: page must not contain a CSP including script-src");
 
   MOZ_ASSERT(!foundWorkerSrc,
              "about: page must not contain a CSP including worker-src");

toolkit/components/resistfingerprinting/RFPHelper.sys.mjs

@@ -118,7 +118,7 @@ class _RFPHelper {
           UserCharacteristicsDataDone: { wantUntrusted: true },
         },
       },
-      matches: ["about:fingerprinting"],
+      matches: ["about:fingerprintingprotection"],
       remoteTypes: ["privilegedabout"],
     });
   }
@@ -324,6 +324,11 @@ class _RFPHelper {
   }
 
   _registerLetterboxingActor() {
+    /*
+     * It turns out that this triggers a warning that we're registering a Desktop-only actor
+     * in toolkit (which will also run on mobile.)  It just happens this actor only handles
+     * letterboxing, which isn't used on mobile, but we should resolve this.
+     */
     ChromeUtils.registerWindowActor("RFPHelper", {
       parent: {
         esModuleURI: "resource:///actors/RFPHelperParent.sys.mjs",

toolkit/components/resistfingerprinting/UserCharacteristicsPageService.sys.mjs

@@ -169,7 +169,7 @@ export class UserCharacteristicsPageService {
         };
 
         let userCharacteristicsPageURI = Services.io.newURI(
-          "about:fingerprinting"
+          "about:fingerprintingprotection"
         );
 
         browser.loadURI(userCharacteristicsPageURI, loadURIOptions);

toolkit/components/resistfingerprinting/content/usercharacteristics.html

@@ -10,7 +10,7 @@
       http-equiv="Content-Security-Policy"
       content="default-src data: resource:; style-src-elem chrome:; object-src 'none'; script-src chrome:"
     />
-    <title>about:fingerprinting</title>
+    <title>about:fingerprintingprotection</title>
 
     <link
       href="chrome://global/content/usercharacteristics/usercharacteristics.css"

toolkit/components/resistfingerprinting/tests/browser/browser_usercharacteristics.js

@@ -16,7 +16,7 @@ function promiseObserverNotification() {
       GleanPings.userCharacteristics.testBeforeNextSubmit(_ => {
         submitted = true;
 
-        // Did we assign a value we got out of about:fingerprinting?
+        // Did we assign a value we got out of about:fingerprintingprotection?
         Assert.notEqual("", Glean.characteristics.canvasdata1.testGetValue());
       });
       GleanPings.userCharacteristics.submit();