Pier Angelo Vendrame pushed to branch mullvad-browser-115.8.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser

Commits:

3 changed files:

Changes:

  • browser/app/profile/000-mullvad-browser.js
    ... ... @@ -7,23 +7,23 @@ pref("browser.startup.homepage", "about:mullvad-browser");
    7 7
     // a result.
    
    8 8
     pref("browser.toolbars.bookmarks.visibility", "never");
    
    9 9
     
    
    10
    -// privacy-browser#19: Enable Mullvad's DOH
    
    10
    +// mullvad-browser#19: Enable Mullvad's DOH
    
    11 11
     pref("network.trr.uri", "https://dns.mullvad.net/dns-query");
    
    12 12
     pref("network.trr.default_provider_uri", "https://dns.mullvad.net/dns-query");
    
    13 13
     pref("network.trr.mode", 3);
    
    14 14
     pref("doh-rollout.provider-list", "[{\"UIName\":\"Mullvad\",\"autoDefault\":true,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://dns.mullvad.net/dns-query\"},{\"UIName\":\"Mullvad (Ad-blocking)\",\"autoDefault\":false,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://adblock.dns.mullvad.net/dns-query\"}]");
    
    15
    -// privacy-browser#122: Audit DoH heuristics
    
    15
    +// mullvad-browser#122: Audit DoH heuristics
    
    16 16
     pref("doh-rollout.disable-heuristics", true);
    
    17 17
     
    
    18
    -// privacy-browser#37: Customization for the about dialog
    
    18
    +// mullvad-browser#37: Customization for the about dialog
    
    19 19
     pref("app.releaseNotesURL.aboutDialog", "about:blank");
    
    20 20
     
    
    21
    -// privacy-browser#94: Disable legacy global microphone/webcam indicator
    
    21
    +// mullvad-browser#94: Disable legacy global microphone/webcam indicator
    
    22 22
     // Disable the legacy Firefox Quantum-styled global webcam/microphone indicator in favor of each
    
    23 23
     // platform's native indicator
    
    24 24
     pref("privacy.webrtc.legacyGlobalIndicator", false);
    
    25 25
     
    
    26
    -// privacy-browser#87: Windows and Linux need additional work to make the
    
    26
    +// mullvad-browser#87: Windows and Linux need additional work to make the
    
    27 27
     // default browser choice working.
    
    28 28
     // We are shipping only the portable versions for the initial release anyway, so
    
    29 29
     // we leave this popup enabled only on macOS.
    
    ... ... @@ -34,7 +34,7 @@ pref("browser.shell.checkDefaultBrowser", false);
    34 34
     // mullvad-browser#228: default to spoof en-US and skip showing the dialog
    
    35 35
     pref("privacy.spoof_english", 2);
    
    36 36
     
    
    37
    -// privacy-browser#131: Review a few updater preferences
    
    37
    +// mullvad-browser#131: Review a few updater preferences
    
    38 38
     pref("app.update.notifyDuringDownload", true);
    
    39 39
     pref("app.update.url.manual", "https://mullvad.net/download/browser");
    
    40 40
     pref("app.update.url.details", "https://mullvad.net/download/browser");
    
    ... ... @@ -45,3 +45,6 @@ pref("app.releaseNotesURL", "https://github.com/mullvad/mullvad-browser/releases
    45 45
     pref("app.releaseNotesURL.aboutDialog", "about:blank");
    
    46 46
     // point to our feedback url rather than Mozilla's
    
    47 47
     pref("app.feedback.baseURL", "https://mullvad.net/help/tag/browser/");
    
    48
    +
    
    49
    +// mullvad-browser#234: Do not spoof the OS in the User-Agent header
    
    50
    +pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false);

  • netwerk/protocol/http/nsHttpHandler.cpp
    ... ... @@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() {
    497 497
         // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
    
    498 498
       }
    
    499 499
     
    
    500
    +  Preferences::AddWeakObserver(
    
    501
    +      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
    
    502
    +
    
    500 503
       MakeNewRequestTokenBucket();
    
    501 504
       mWifiTickler = new Tickler();
    
    502 505
       if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
    
    ... ... @@ -2071,6 +2074,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    2071 2074
         // Inform nsIOService that network is tearing down.
    
    2072 2075
         gIOService->SetHttpHandlerAlreadyShutingDown();
    
    2073 2076
     
    
    2077
    +    Preferences::RemoveObserver(
    
    2078
    +        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
    
    2079
    +
    
    2074 2080
         ShutdownConnectionManager();
    
    2075 2081
     
    
    2076 2082
         // need to reset the session start time since cache validation may
    
    ... ... @@ -2196,6 +2202,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    2196 2202
         ShutdownConnectionManager();
    
    2197 2203
         mConnMgr = nullptr;
    
    2198 2204
         Unused << InitConnectionMgr();
    
    2205
    +  } else if (!strcmp(topic, "nsPref:changed") &&
    
    2206
    +             !NS_strcmp(
    
    2207
    +                 data,
    
    2208
    +                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
    
    2209
    +    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
    
    2199 2210
       }
    
    2200 2211
     
    
    2201 2212
       return NS_OK;
    

  • toolkit/components/resistfingerprinting/nsRFPService.cpp
    ... ... @@ -939,12 +939,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    939 939
       // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
    
    940 940
       // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
    
    941 941
     
    
    942
    +  const bool spoofOs =
    
    943
    +      isForHTTPHeader &&
    
    944
    +      Preferences::GetBool(
    
    945
    +          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
    
    946
    +
    
    942 947
       // These magic numbers are the lengths of the UA string literals below.
    
    943 948
       // Assume three-digit Firefox version numbers so we have room to grow.
    
    944 949
       size_t preallocatedLength =
    
    945 950
           13 +
    
    946
    -      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
    
    947
    -                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
    
    951
    +      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
    
    952
    +               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
    
    948 953
           1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
    
    949 954
           2;
    
    950 955
       userAgent.SetCapacity(preallocatedLength);
    
    ... ... @@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
    954 959
       // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
    
    955 960
       userAgent.AssignLiteral("Mozilla/5.0 (");
    
    956 961
     
    
    957
    -  if (isForHTTPHeader) {
    
    962
    +  if (spoofOs) {
    
    958 963
         userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
    
    959 964
       } else {
    
    960 965
         userAgent.AppendLiteral(SPOOFED_UA_OS);