Request for font "xxx" blocked at visibility level 2 (requires 3) in nightly
My browser could only display the standard system fonts (such as Microsoft YaHei and Consolas), but not the fonts I installed. I was getting 'Request for font "xxx" blocked at visibility level 2 (requires 3)' from the console on every website that tried to use my local fonts.
The problem appeared in obstacle removal mode, but didn't appear in the latest stable Firefox release.
Version: nightly 120.0a1(20231006152733) System: Windows 11 22H2 22621.2134
English is not my first language, so please forgive me if it doesn't make sense.
Chosen solution
This is fingerprint protection caused by Enhanced Tracking Protection set to Strict or Custom with "Suspected fingerprinters" enabled.
Read this answer in context 👍 11All Replies (4)
Chosen Solution
This is fingerprint protection caused by Enhanced Tracking Protection set to Strict or Custom with "Suspected fingerprinters" enabled.
Is there a way to exempt certain fonts from this?
For context, I have a userContent.css file which overrides the monospace font used in `code` and `pre` elements with a different font I have installed locally, which has now stopped working because I also have the enhanced tracking protection stuff enabled. Tbh I have no idea how this system works internally, but I feel like there should be a distinction between a website trying to access a local font (in which case it might be fingerprinting, and thus should be viewed with suspicion), and the userContent stylesheet trying to access a local font (in which case it clearly isn't fingerprinting, since the user intentionally created/edited the userContent file, and explitly put that font name in there).
Modified
Fingerprint protection is all about uniformity so creating exemptions for specific fonts would defeat any benefit. You should assume that font overrides or userContent.css can be detected by sites in some way, whether directly or indirectly.
You can disable font protection by going to about:config and changing privacy.fingerprintingProtection.overrides to -FontVisibilityBaseSystem,-FontVisibilityLangPack.
Would it not be possible for the browser to distinguish between the CSS requesting the font or some evil script asking for it?