I noticed for a long time that full screen blocking has not worked, has anyone been experiencing this?
It works for me. Maybe you disabled the blocking in the General configuration GUI?
Hi 
, IDK if this is what you are looking for
qvm-features VM gui-override-redirect-protection true (replace VM with your qube name)
Regards
It is set to the default disallow 
Could you describe what behaviour are you seeing exactly?
Well If if I play a YT video for example, trying to go fullscreen is successful.
I also wonder if there is a way to prevent the qube borders itself from going full screen, as sometimes when one opens an application, like say a web application sometime they default open full screen which is something I also want to prevent.
I even see with the qubes I test this on that their window options per qube setting is set default, likewise setting the qube itself specific to disallow regardless of global still fails.
Just to clarify: If you go fullscreen in YT there is no window border visible anymore and your task bar is overdrawn?
This would be a security problem.
Or is it just fullscreen in the sense of “the window fills the whole screen but window decoration and task bar are still visible”?
The latter would not be considered a security risk as it is insufficient to fake your whole desktop environment.
Also could you tell us some info about your system? Is it a default QubesOS 4.2 with xfce?
Yes it goes absolute fullscreen.
I recall in the past even with running games it would immediately prevent full screen and border it off, now these days it doesn’t. I further recall the Qubes used to prevent the option to fullscreen even if its bordered?
It is the default & up to date.
Also even if it doesn’t go absolute full-screen would it still not provide sufficient fingerprinting data to guesstimate the screen resolution? Even if in full screen to extent of Qubes when it works although it cant render all available, true resolution could still be determined, especially if you aren’t using something that has active measures to prevent this point of fingerprinting such as Tor & Mullvad browser(which one shouldn’t preferable adjust the size from its opening default) & especially if qubes is determined to be used or considered, if the resolution gotten supports probable use of qubes in full screen.
So then even with the GUI aspects of Qubes, absolute full screen as a whole as well as full screen with Qubes related GUI for browser & web-based application should be discouraged. No?
Do you use GPU passthrough and discrete rendering or anything special? (although you use the default environment)
I use my my CPUs internal graphics for dom0, I do have my GPU to passthrough however I have had no success in getting it to work with any qube.
Can you just confirm:
You can make YT go full screen just by clicking on the “Full screen”
button?
I do not see this behavior.
Does this apply to both Fedora and Debian based qubes?
Have you made any configuration changes to the templates or the system
as a whole?
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
I am able to make it go full screen yes, same with any streaming service, via browser or application.
I have previously morphed a copy of my debian template to kick-secure long ago.
I can confirm I have this with a qube based on my debian 12 template & kicksecure-17 template. I don’t use the fedora template, only really fedora minimal for other things.
Non to the system as a whole besides the GPU passthrough which the only issue Ive been getting regarding is that I cant get my RX 7800 XT to work with any Qube interms of the rendering(uses software only)although attached, and followed all associated posts but that another topic of pain.
Did you maybe accidentally set “Fullscreen mode” to “allow” for all VMs in Qubes Global Config (General Settings tab), or “Allow fullscreen” to “allow” in the specific VM’s Settings (Advanced tab)?
Qubes OS does not attempt to hide the screen resolution from the VM (check e.g. via the xrandr utility in a VM terminal), so this kind of anti-fingerprinting in relation to a website would have to be the browser’s duty.
Thanks for that added information.
I cant duplicate with a debian 12 template.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
Hi, no as mentioned it is set to the default disallow. and qubes are by default all set to follow global. I have checked all configs regarding.
Yes, that why I stated that any web based application or browser should not be set to full screen option(s), even when using Qubes as the additional gui surrounding it makes little difference in preventing that specific point of fingerprinting to my knowledge.
Why I further asked if there is a prevention mechanism from even an application making the qube border go full screen.