LibreWolf 'leaking' info about visited URLs to systemd journal (logs) - privacy concerns

LibreWolf is 'leaking' info about visited URLs to systemd journal (logs), in case the visited website is containing JavaScript errors. Note: This applies also for 'Private browsing' (incognito) mode. Furthermore: This issue can't be reproduced for vanilla Firefox.

Versions tested:

LibreWolf 109.0.1-2 (Fedora - https://rpm.librewolf.net/librewolf-repo.repo)
LibreWolf 109.0.1 (Flatpak from flathub.org)

Systems tested:

Fedora 37 Workstation / GNOME 43.0
Debian 11.6 / GNOME 3.38.5

Website example:

https://www.heise.de/

Steps to reproduce:

Open a terminal and enter: journalctl -f to follow the systemd logs
Start LibreWolf
Navigate to: 'heise.de'
Accept cookie banner
Open any post
Check journalctl output for JavaScript errors containing the domain and path to the faulty .js

Conclusion:

Please consider to prevent logging JavaScript errors to journal or any log-file. Since the logrotation interval of systemd journal is rather large, this could imply privacy concerns.

systemd journal excerpt:

Feb 15 15:22:15 localhost-live systemd[1469]: Started app-gnome-librewolf-4192.scope - Application launched by gnome-shell.
Feb 15 15:22:15 localhost-live librewolf.desktop[4192]: JavaScript warning: resource://services-settings/Utils.jsm, line 65: unreachable code after return statement
Feb 15 15:22:16 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:17 localhost-live rtkit-daemon[1175]: Successfully made thread 4301 of process 4192 (/usr/share/librewolf/librewolf) owned by '1000' RT at priority 10.
Feb 15 15:22:17 localhost-live librewolf.desktop[4192]: console.warn: SearchSettings: "get: No settings file exists, new profile?" (new NotFoundError("Could not open the file at /home/liveuser/.librewolf/uyi11hcq.default-default/search.json.mozlz4", (void 0)))
Feb 15 15:22:17 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:17 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:17 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:17 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:18 localhost-live librewolf.desktop[4282]: JavaScript error: resource://gre/modules/XULStore.jsm, line 58: Error: Can't find profile directory.
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: JavaScript error: resource://gre/modules/PromiseWorker.jsm, line 106: Error: Could not get children of file(/home/liveuser/.librewolf/uyi11hcq.default-default/thumbnails) because it does not exist
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:18 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:20 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:26 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:39 localhost-live librewolf.desktop[4192]: console.error: (new SyntaxError("The URI is malformed.", (void 0), 133))
Feb 15 15:22:39 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/, line 85: TypeError: ls is null
Feb 15 15:22:42 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:22:43 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:22:46 localhost-live librewolf.desktop[4347]: JavaScript warning: resource://services-settings/Utils.jsm, line 65: unreachable code after return statement
Feb 15 15:22:46 localhost-live librewolf.desktop[4347]: JavaScript warning: resource://services-settings/Utils.jsm, line 65: unreachable code after return statement
Feb 15 15:22:46 localhost-live librewolf.desktop[4347]: console.error: (new TypeError("lazy.AsyncShutdown.profileBeforeChange is undefined", "resource://services-settings/Database.jsm", 510))
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:52 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:22:53 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:22:53 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:23:38 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:23:38 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:23:38 localhost-live librewolf.desktop[4347]: JavaScript error: https://www.heise.de/assets/akwa/v24/js/akwa.js?.ltc.6f01a0b89e88ac50ab00, line 66: TypeError: n.setForceSafeFrame is not a function
Feb 15 15:23:38 localhost-live librewolf.desktop[4347]: JavaScript error: , line 0: uncaught exception: Object
Feb 15 15:23:54 localhost-live systemd[1469]: app-gnome-librewolf-4192.scope: Consumed 35.769s CPU time.

Kind regards

Edited Feb 15, 2023 by White Chestnut