[Git][tpo/applications/tor-browser][base-browser-128.6.0esr-14.5-1] 2 commits: Revert "BB 42647: Make OS HTTP User-Agent OS spoofing configurable by pref"
Pier Angelo Vendrame pushed to branch base-browser-128.6.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits: f9fb6744 by Pier Angelo Vendrame at 2025-01-27T15:15:03+01:00 Revert "BB 42647: Make OS HTTP User-Agent OS spoofing configurable by pref"
This reverts commit 57c94a79410783c564187a9496d7a5403accf15e.
- - - - - efbb8c60 by Pier Angelo Vendrame at 2025-01-27T15:15:05+01:00 Bug 1840385 - Do not spoof the OS in HTTP User Agent. r=tjr
Differential Revision: https://phabricator.services.mozilla.com/D234835
- - - - -
6 changed files:
- browser/components/resistfingerprinting/test/browser/browser_navigator.js - browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js - dom/base/Navigator.cpp - netwerk/protocol/http/nsHttpHandler.cpp - toolkit/components/resistfingerprinting/nsRFPService.cpp - toolkit/components/resistfingerprinting/nsRFPService.h
Changes:
===================================== browser/components/resistfingerprinting/test/browser/browser_navigator.js ===================================== @@ -107,20 +107,13 @@ const DEFAULT_UA_OS = { other: `X11; Linux ${defaultLinuxCpu}`, };
-const SPOOFED_UA_NAVIGATOR_OS = { +const SPOOFED_UA_OS = { linux: "X11; Linux x86_64", win: "Windows NT 10.0; Win64; x64", macosx: "Macintosh; Intel Mac OS X 10.15", android: "Android 10; Mobile", other: "X11; Linux x86_64", }; -const SPOOFED_UA_HTTPHEADER_OS = { - linux: "Windows NT 10.0; Win64; x64", - win: "Windows NT 10.0; Win64; x64", - macosx: "Windows NT 10.0; Win64; x64", - android: "Android 10; Mobile", - other: "Windows NT 10.0; Win64; x64", -}; const SPOOFED_HW_CONCURRENCY = 2;
const CONST_APPCODENAME = "Mozilla"; @@ -169,7 +162,7 @@ async function testUserAgentHeader() {
is( result, - expectedResults.userAgentHeader, + expectedResults.userAgent, `Checking ${expectedResults.testDesc} User Agent HTTP Header.` );
@@ -203,7 +196,7 @@ async function testNavigator() { ); is( result.userAgent, - expectedResults.userAgentNavigator, + expectedResults.userAgent, `Checking ${testDesc} navigator.userAgent.` ); is( @@ -308,7 +301,7 @@ async function testWorkerNavigator() { ); is( result.userAgent, - expectedResults.userAgentNavigator, + expectedResults.userAgent, `Checking ${testDesc} worker navigator.userAgent.` ); is( @@ -364,8 +357,7 @@ add_task(async function setupDefaultUserAgent() { oscpu: DEFAULT_OSCPU[AppConstants.platform], platform: DEFAULT_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: defaultUserAgent, - userAgentHeader: defaultUserAgent, + userAgent: defaultUserAgent, };
await testNavigator(); @@ -397,8 +389,7 @@ add_task(async function setupRFPExemptions() { oscpu: DEFAULT_OSCPU[AppConstants.platform], platform: DEFAULT_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: defaultUserAgent, - userAgentHeader: defaultUserAgent, + userAgent: defaultUserAgent, };
await testNavigator(); @@ -447,8 +438,7 @@ add_task(async function setupETPToggleExemptions() { oscpu: DEFAULT_OSCPU[AppConstants.platform], platform: DEFAULT_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: defaultUserAgent, - userAgentHeader: defaultUserAgent, + userAgent: defaultUserAgent, };
await testNavigator(); @@ -482,12 +472,8 @@ add_task(async function setupResistFingerprinting() {
let spoofedGeckoTrail = SPOOFED_UA_GECKO_TRAIL[AppConstants.platform];
- let spoofedUserAgentNavigator = `Mozilla/5.0 (${ - SPOOFED_UA_NAVIGATOR_OS[AppConstants.platform] - }; rv:${appVersion}.0) Gecko/${spoofedGeckoTrail} Firefox/${appVersion}.0`; - - let spoofedUserAgentHeader = `Mozilla/5.0 (${ - SPOOFED_UA_HTTPHEADER_OS[AppConstants.platform] + let spoofedUserAgent = `Mozilla/5.0 (${ + SPOOFED_UA_OS[AppConstants.platform] }; rv:${appVersion}.0) Gecko/${spoofedGeckoTrail} Firefox/${appVersion}.0`;
expectedResults = { @@ -498,8 +484,7 @@ add_task(async function setupResistFingerprinting() { oscpu: SPOOFED_OSCPU[AppConstants.platform], platform: SPOOFED_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: spoofedUserAgentNavigator, - userAgentHeader: spoofedUserAgentHeader, + userAgent: spoofedUserAgent, };
await testNavigator();
===================================== browser/components/resistfingerprinting/test/browser/browser_navigator_iframes.js ===================================== @@ -122,20 +122,13 @@ const DEFAULT_UA_OS = { other: `X11; Linux ${defaultLinuxCpu}`, };
-const SPOOFED_UA_NAVIGATOR_OS = { +const SPOOFED_UA_OS = { linux: "X11; Linux x86_64", win: "Windows NT 10.0; Win64; x64", macosx: "Macintosh; Intel Mac OS X 10.15", android: "Android 10; Mobile", other: "X11; Linux x86_64", }; -const SPOOFED_UA_HTTPHEADER_OS = { - linux: "Windows NT 10.0; Win64; x64", - win: "Windows NT 10.0; Win64; x64", - macosx: "Windows NT 10.0; Win64; x64", - android: "Android 10; Mobile", - other: "Windows NT 10.0; Win64; x64", -}; const SPOOFED_HW_CONCURRENCY = 2;
const CONST_APPCODENAME = "Mozilla"; @@ -186,12 +179,12 @@ async function testNavigator(result, expectedResults, extraData) { ); is( result.userAgent, - expectedResults.userAgentNavigator, + expectedResults.userAgent, `Checking ${testDesc} navigator.userAgent.` ); is( result.userAgentHTTPHeader, - expectedResults.userAgentHTTPHeader, + expectedResults.userAgent, `Checking ${testDesc} userAgentHTTPHeader.` ); is( @@ -268,7 +261,7 @@ async function testNavigator(result, expectedResults, extraData) { ); is( result.worker_userAgent, - expectedResults.userAgentNavigator, + expectedResults.userAgent, `Checking ${testDesc} worker navigator.userAgent.` ); is( @@ -295,8 +288,7 @@ async function testNavigator(result, expectedResults, extraData) { }
let defaultUserAgent; -let spoofedUserAgentNavigator; -let spoofedUserAgentHeader; +let spoofedUserAgent; let allNotSpoofed; let allSpoofed;
@@ -308,14 +300,8 @@ add_setup(async () => { DEFAULT_UA_GECKO_TRAIL[AppConstants.platform] } Firefox/${appVersion}.0`;
- spoofedUserAgentNavigator = `Mozilla/5.0 (${ - SPOOFED_UA_NAVIGATOR_OS[AppConstants.platform] - }; rv:${appVersion}.0) Gecko/${ - SPOOFED_UA_GECKO_TRAIL[AppConstants.platform] - } Firefox/${appVersion}.0`; - - spoofedUserAgentHeader = `Mozilla/5.0 (${ - SPOOFED_UA_HTTPHEADER_OS[AppConstants.platform] + spoofedUserAgent = `Mozilla/5.0 (${ + SPOOFED_UA_OS[AppConstants.platform] }; rv:${appVersion}.0) Gecko/${ SPOOFED_UA_GECKO_TRAIL[AppConstants.platform] } Firefox/${appVersion}.0`; @@ -331,8 +317,7 @@ add_setup(async () => { oscpu: DEFAULT_OSCPU[AppConstants.platform], platform: DEFAULT_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: defaultUserAgent, - userAgentHTTPHeader: defaultUserAgent, + userAgent: defaultUserAgent, framer_crossOrigin_userAgentHTTPHeader: defaultUserAgent, framee_crossOrigin_userAgentHTTPHeader: defaultUserAgent, }; @@ -343,10 +328,9 @@ add_setup(async () => { oscpu: SPOOFED_OSCPU[AppConstants.platform], platform: SPOOFED_PLATFORM[AppConstants.platform], pluginsLength: 5, - userAgentNavigator: spoofedUserAgentNavigator, - userAgentHTTPHeader: spoofedUserAgentHeader, - framer_crossOrigin_userAgentHTTPHeader: spoofedUserAgentHeader, - framee_crossOrigin_userAgentHTTPHeader: spoofedUserAgentHeader, + userAgent: spoofedUserAgent, + framer_crossOrigin_userAgentHTTPHeader: spoofedUserAgent, + framee_crossOrigin_userAgentHTTPHeader: spoofedUserAgent, }; });
@@ -385,8 +369,7 @@ add_task(async () => { add_task(async () => { expectedResults = structuredClone(allSpoofed); expectedResults.framer_crossOrigin_userAgentHTTPHeader = defaultUserAgent; - expectedResults.framee_crossOrigin_userAgentHTTPHeader = - spoofedUserAgentHeader; + expectedResults.framee_crossOrigin_userAgentHTTPHeader = spoofedUserAgent; await testC(uri, testNavigator, expectedResults); });
@@ -394,8 +377,7 @@ add_task(async () => { add_task(async () => { expectedResults = structuredClone(allSpoofed); expectedResults.framer_crossOrigin_userAgentHTTPHeader = defaultUserAgent; - expectedResults.framee_crossOrigin_userAgentHTTPHeader = - spoofedUserAgentHeader; + expectedResults.framee_crossOrigin_userAgentHTTPHeader = spoofedUserAgent; await testD(uri, testNavigator, expectedResults); });
===================================== dom/base/Navigator.cpp ===================================== @@ -2118,7 +2118,7 @@ nsresult Navigator::GetUserAgent(nsPIDOMWindowInner* aWindow, // specific OS version, etc. if (shouldResistFingerprinting) { nsAutoCString spoofedUA; - nsRFPService::GetSpoofedUserAgent(spoofedUA, false); + nsRFPService::GetSpoofedUserAgent(spoofedUA); CopyASCIItoUTF16(spoofedUA, aUserAgent); return NS_OK; }
===================================== netwerk/protocol/http/nsHttpHandler.cpp ===================================== @@ -409,7 +409,7 @@ nsresult nsHttpHandler::Init() { mMisc.AssignLiteral("rv:" MOZILLA_UAVERSION);
// Generate the spoofed User Agent for fingerprinting resistance. - nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true); + nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent);
mSessionStartTime = NowInSeconds(); mHandlerActive = true; @@ -482,9 +482,6 @@ nsresult nsHttpHandler::Init() { // obsService->AddObserver(this, "net:failed-to-process-uri-content", true); }
- Preferences::AddWeakObserver( - this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns); - MakeNewRequestTokenBucket(); mWifiTickler = new Tickler(); if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr; @@ -2143,9 +2140,6 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, // Inform nsIOService that network is tearing down. gIOService->SetHttpHandlerAlreadyShutingDown();
- Preferences::RemoveObserver( - this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns); - ShutdownConnectionManager();
// need to reset the session start time since cache validation may @@ -2268,11 +2262,6 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, ShutdownConnectionManager(); mConnMgr = nullptr; Unused << InitConnectionMgr(); - } else if (!strcmp(topic, "nsPref:changed") && - !NS_strcmp( - data, - u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) { - nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true); }
return NS_OK;
===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -895,8 +895,7 @@ uint32_t nsRFPService::GetSpoofedPresentedFrames(double aTime, uint32_t aWidth, // User-Agent/Version Stuff
/* static */ -void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, - bool isForHTTPHeader) { +void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent) { // This function generates the spoofed value of User Agent. // We spoof the values of the platform and Firefox version, which could be // used as fingerprinting sources to identify individuals. @@ -904,38 +903,22 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
- const bool spoofOs = - isForHTTPHeader && - Preferences::GetBool( - "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true); - // These magic numbers are the lengths of the UA string literals below. // Assume three-digit Firefox version numbers so we have room to grow. size_t preallocatedLength = - 13 + - (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS) - : mozilla::ArrayLength(SPOOFED_UA_OS)) - - 1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 + - 2; + 13 + mozilla::ArrayLength(SPOOFED_UA_OS) - 1 + 5 + 3 + 10 + + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 + 2; userAgent.SetCapacity(preallocatedLength);
// "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0" userAgent.AssignLiteral("Mozilla/5.0 ("); - - if (spoofOs) { - userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS); - } else { - userAgent.AppendLiteral(SPOOFED_UA_OS); - } - + userAgent.AppendLiteral(SPOOFED_UA_OS); userAgent.AppendLiteral("; rv:" MOZILLA_UAVERSION ") Gecko/"); - #if defined(ANDROID) userAgent.AppendLiteral(MOZILLA_UAVERSION); #else userAgent.AppendLiteral(LEGACY_UA_GECKO_TRAIL); #endif - userAgent.AppendLiteral(" Firefox/" MOZILLA_UAVERSION);
MOZ_ASSERT(userAgent.Length() <= preallocatedLength);
===================================== toolkit/components/resistfingerprinting/nsRFPService.h ===================================== @@ -59,14 +59,6 @@
#define SPOOFED_POINTER_INTERFACE MouseEvent_Binding::MOZ_SOURCE_MOUSE
-// For the HTTP User-Agent header, we use a simpler set of spoofed values -// that do not reveal the specific desktop platform. -#if defined(MOZ_WIDGET_ANDROID) -# define SPOOFED_HTTP_UA_OS "Android 10; Mobile" -#else -# define SPOOFED_HTTP_UA_OS "Windows NT 10.0; Win64; x64" -#endif - struct JSContext;
class nsIChannel; @@ -267,7 +259,7 @@ class nsRFPService final : public nsIObserver, public nsIRFPService { // --------------------------------------------------------------------------
// This method generates the spoofed value of User Agent. - static void GetSpoofedUserAgent(nsACString& userAgent, bool isForHTTPHeader); + static void GetSpoofedUserAgent(nsACString& userAgent);
// --------------------------------------------------------------------------
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f1e7068...
tbb-commits@lists.torproject.org
-
Pier Angelo Vendrame (@pierov)