morgan pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
-
7212e70e
by Pier Angelo Vendrame at 2024-09-03T17:37:00+00:00
-
fd5b26f4
by Morgan at 2024-09-03T17:38:32+00:00
3 changed files:
- browser/app/profile/000-tor-browser.js
- netwerk/protocol/http/nsHttpHandler.cpp
- toolkit/components/resistfingerprinting/nsRFPService.cpp
Changes:
... | ... | @@ -52,6 +52,10 @@ pref("network.http.connection-retry-timeout", 0); |
52 | 52 | // be reduced to the strictly required time).
|
53 | 53 | pref("extensions.torbutton.use_nontor_proxy", false);
|
54 | 54 | |
55 | +// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref
|
|
56 | +// TODO: flip to false when we're happy this is not a privacy issue
|
|
57 | +pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
|
|
58 | + |
|
55 | 59 | // Browser home page:
|
56 | 60 | pref("browser.startup.homepage", "about:tor");
|
57 | 61 |
... | ... | @@ -482,6 +482,9 @@ nsresult nsHttpHandler::Init() { |
482 | 482 | // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
|
483 | 483 | }
|
484 | 484 | |
485 | + Preferences::AddWeakObserver(
|
|
486 | + this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
|
|
487 | + |
|
485 | 488 | MakeNewRequestTokenBucket();
|
486 | 489 | mWifiTickler = new Tickler();
|
487 | 490 | if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
|
... | ... | @@ -2105,6 +2108,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, |
2105 | 2108 | // Inform nsIOService that network is tearing down.
|
2106 | 2109 | gIOService->SetHttpHandlerAlreadyShutingDown();
|
2107 | 2110 | |
2111 | + Preferences::RemoveObserver(
|
|
2112 | + this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
|
|
2113 | + |
|
2108 | 2114 | ShutdownConnectionManager();
|
2109 | 2115 | |
2110 | 2116 | // need to reset the session start time since cache validation may
|
... | ... | @@ -2227,6 +2233,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, |
2227 | 2233 | ShutdownConnectionManager();
|
2228 | 2234 | mConnMgr = nullptr;
|
2229 | 2235 | Unused << InitConnectionMgr();
|
2236 | + } else if (!strcmp(topic, "nsPref:changed") &&
|
|
2237 | + !NS_strcmp(
|
|
2238 | + data,
|
|
2239 | + u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
|
|
2240 | + nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
|
|
2230 | 2241 | }
|
2231 | 2242 | |
2232 | 2243 | return NS_OK;
|
... | ... | @@ -904,12 +904,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, |
904 | 904 | // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
|
905 | 905 | // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
|
906 | 906 | |
907 | + const bool spoofOs =
|
|
908 | + isForHTTPHeader &&
|
|
909 | + Preferences::GetBool(
|
|
910 | + "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
|
|
911 | + |
|
907 | 912 | // These magic numbers are the lengths of the UA string literals below.
|
908 | 913 | // Assume three-digit Firefox version numbers so we have room to grow.
|
909 | 914 | size_t preallocatedLength =
|
910 | 915 | 13 +
|
911 | - (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
|
|
912 | - : mozilla::ArrayLength(SPOOFED_UA_OS)) -
|
|
916 | + (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
|
|
917 | + : mozilla::ArrayLength(SPOOFED_UA_OS)) -
|
|
913 | 918 | 1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
|
914 | 919 | 2;
|
915 | 920 | userAgent.SetCapacity(preallocatedLength);
|
... | ... | @@ -917,7 +922,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, |
917 | 922 | // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
|
918 | 923 | userAgent.AssignLiteral("Mozilla/5.0 (");
|
919 | 924 | |
920 | - if (isForHTTPHeader) {
|
|
925 | + if (spoofOs) {
|
|
921 | 926 | userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
|
922 | 927 | } else {
|
923 | 928 | userAgent.AppendLiteral(SPOOFED_UA_OS);
|