GitLab

at 2024-10-16T22:24:59+00:00

Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.

@@ -52,6 +52,8 @@ pref("network.http.connection-retry-timeout", 0);
  // be reduced to the strictly required time).
  pref("extensions.torbutton.use_nontor_proxy", false);
 +// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref
 +pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
  // Browser home page:
  pref("browser.startup.homepage", "about:tor");

@@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() {
      // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
+   }
 +  Preferences::AddWeakObserver(
 +      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
++
    MakeNewRequestTokenBucket();
    mWifiTickler = new Tickler();
    if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2064,6 +2067,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
      // Inform nsIOService that network is tearing down.
      gIOService->SetHttpHandlerAlreadyShutingDown();
 +    Preferences::RemoveObserver(
 +        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
++
      ShutdownConnectionManager();
      // need to reset the session start time since cache validation may
@@ -2189,6 +2195,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
      ShutdownConnectionManager();
      mConnMgr = nullptr;
      Unused << InitConnectionMgr();
 +  } else if (!strcmp(topic, "nsPref:changed") &&
 +             !NS_strcmp(
 +                 data,
 +                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
 +    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
+   }
    return NS_OK;

@@ -939,12 +939,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
    // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
 +  const bool spoofOs =
 +      isForHTTPHeader &&
 +      Preferences::GetBool(
 +          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
++
    // These magic numbers are the lengths of the UA string literals below.
    // Assume three-digit Firefox version numbers so we have room to grow.
    size_t preallocatedLength =
 +
 -      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
 -                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
 +      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
 +               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
 ;
    userAgent.SetCapacity(preallocatedLength);
@@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
    userAgent.AssignLiteral("Mozilla/5.0 (");
 -  if (isForHTTPHeader) {
 +  if (spoofOs) {
      userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
    } else {
      userAgent.AppendLiteral(SPOOFED_UA_OS);