morgan pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser

Commits:

3 changed files:

Changes:

  • browser/app/profile/000-tor-browser.js
    ... ... @@ -52,6 +52,10 @@ pref("network.http.connection-retry-timeout", 0);
    52 52
     // be reduced to the strictly required time).
    
    53 53
     pref("extensions.torbutton.use_nontor_proxy", false);
    
    54 54
     
    
    55
    +// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref
    
    56
    +// TODO: flip to false when we're happy this is not a privacy issue
    
    57
    +pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
    
    58
    +
    
    55 59
     // Browser home page:
    
    56 60
     pref("browser.startup.homepage", "about:tor");
    
    57 61
     
    

  • netwerk/protocol/http/nsHttpHandler.cpp
    ... ... @@ -482,6 +482,9 @@ nsresult nsHttpHandler::Init() {
    482 482
         // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
    
    483 483
       }
    
    484 484
     
    
    485
    +  Preferences::AddWeakObserver(
    
    486
    +      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
    
    487
    +
    
    485 488
       MakeNewRequestTokenBucket();
    
    486 489
       mWifiTickler = new Tickler();
    
    487 490
       if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
    
    ... ... @@ -2105,6 +2108,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    2105 2108
         // Inform nsIOService that network is tearing down.
    
    2106 2109
         gIOService->SetHttpHandlerAlreadyShutingDown();
    
    2107 2110
     
    
    2111
    +    Preferences::RemoveObserver(
    
    2112
    +        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
    
    2113
    +
    
    2108 2114
         ShutdownConnectionManager();
    
    2109 2115
     
    
    2110 2116
         // need to reset the session start time since cache validation may
    
    ... ... @@ -2227,6 +2233,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    2227 2233
         ShutdownConnectionManager();
    
    2228 2234
         mConnMgr = nullptr;
    
    2229 2235
         Unused << InitConnectionMgr();
    
    2236
    +  } else if (!strcmp(topic, "nsPref:changed") &&
    
    2237
    +             !NS_strcmp(
    
    2238
    +                 data,
    
    2239
    +                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
    
    2240
    +    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
    
    2230 2241
       }
    
    2231 2242
     
    
    2232 2243
       return NS_OK;
    

  • toolkit/components/resistfingerprinting/nsRFPService.cpp
    ... ... @@ -904,12 +904,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    904 904
       // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
    
    905 905
       // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
    
    906 906
     
    
    907
    +  const bool spoofOs =
    
    908
    +      isForHTTPHeader &&
    
    909
    +      Preferences::GetBool(
    
    910
    +          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
    
    911
    +
    
    907 912
       // These magic numbers are the lengths of the UA string literals below.
    
    908 913
       // Assume three-digit Firefox version numbers so we have room to grow.
    
    909 914
       size_t preallocatedLength =
    
    910 915
           13 +
    
    911
    -      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
    
    912
    -                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
    
    916
    +      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
    
    917
    +               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
    
    913 918
           1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
    
    914 919
           2;
    
    915 920
       userAgent.SetCapacity(preallocatedLength);
    
    ... ... @@ -917,7 +922,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    917 922
       // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
    
    918 923
       userAgent.AssignLiteral("Mozilla/5.0 (");
    
    919 924
     
    
    920
    -  if (isForHTTPHeader) {
    
    925
    +  if (spoofOs) {
    
    921 926
         userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
    
    922 927
       } else {
    
    923 928
         userAgent.AppendLiteral(SPOOFED_UA_OS);