[tbb-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-115.8.0esr-13.5-1] 3 commits: fixup! MB 38: Mullvad Browser configuration

Pier Angelo Vendrame (@pierov) git at gitlab.torproject.org
Thu Feb 29 13:10:53 UTC 2024 


Pier Angelo Vendrame pushed to branch mullvad-browser-115.8.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser


Commits:
ed66bd0f by Pier Angelo Vendrame at 2024-02-29T14:09:03+01:00
fixup! MB 38: Mullvad Browser configuration

s/privacy-browser/mullvad-browser/

- - - - -
b9146e90 by Pier Angelo Vendrame at 2024-02-29T14:09:08+01:00
fixup! MB 112: Updater customization for Mullvad Browser

s/privacy-browser/mullvad-browser/

- - - - -
e473a103 by Pier Angelo Vendrame at 2024-02-29T14:09:08+01:00
MB 234: Disable OS spoofing in HTTP User-Agent.

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.

- - - - -


3 changed files:

- browser/app/profile/000-mullvad-browser.js
- netwerk/protocol/http/nsHttpHandler.cpp
- toolkit/components/resistfingerprinting/nsRFPService.cpp


Changes:

=====================================
browser/app/profile/000-mullvad-browser.js
=====================================
@@ -7,23 +7,23 @@ pref("browser.startup.homepage", "about:mullvad-browser");
 // a result.
 pref("browser.toolbars.bookmarks.visibility", "never");
 
-// privacy-browser#19: Enable Mullvad's DOH
+// mullvad-browser#19: Enable Mullvad's DOH
 pref("network.trr.uri", "https://dns.mullvad.net/dns-query");
 pref("network.trr.default_provider_uri", "https://dns.mullvad.net/dns-query");
 pref("network.trr.mode", 3);
 pref("doh-rollout.provider-list", "[{\"UIName\":\"Mullvad\",\"autoDefault\":true,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://dns.mullvad.net/dns-query\"},{\"UIName\":\"Mullvad (Ad-blocking)\",\"autoDefault\":false,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://adblock.dns.mullvad.net/dns-query\"}]");
-// privacy-browser#122: Audit DoH heuristics
+// mullvad-browser#122: Audit DoH heuristics
 pref("doh-rollout.disable-heuristics", true);
 
-// privacy-browser#37: Customization for the about dialog
+// mullvad-browser#37: Customization for the about dialog
 pref("app.releaseNotesURL.aboutDialog", "about:blank");
 
-// privacy-browser#94: Disable legacy global microphone/webcam indicator
+// mullvad-browser#94: Disable legacy global microphone/webcam indicator
 // Disable the legacy Firefox Quantum-styled global webcam/microphone indicator in favor of each
 // platform's native indicator
 pref("privacy.webrtc.legacyGlobalIndicator", false);
 
-// privacy-browser#87: Windows and Linux need additional work to make the
+// mullvad-browser#87: Windows and Linux need additional work to make the
 // default browser choice working.
 // We are shipping only the portable versions for the initial release anyway, so
 // we leave this popup enabled only on macOS.
@@ -34,7 +34,7 @@ pref("browser.shell.checkDefaultBrowser", false);
 // mullvad-browser#228: default to spoof en-US and skip showing the dialog
 pref("privacy.spoof_english", 2);
 
-// privacy-browser#131: Review a few updater preferences
+// mullvad-browser#131: Review a few updater preferences
 pref("app.update.notifyDuringDownload", true);
 pref("app.update.url.manual", "https://mullvad.net/download/browser");
 pref("app.update.url.details", "https://mullvad.net/download/browser");
@@ -45,3 +45,6 @@ pref("app.releaseNotesURL", "https://github.com/mullvad/mullvad-browser/releases
 pref("app.releaseNotesURL.aboutDialog", "about:blank");
 // point to our feedback url rather than Mozilla's
 pref("app.feedback.baseURL", "https://mullvad.net/help/tag/browser/");
+
+// mullvad-browser#234: Do not spoof the OS in the User-Agent header
+pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false);


=====================================
netwerk/protocol/http/nsHttpHandler.cpp
=====================================
@@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() {
     // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
   }
 
+  Preferences::AddWeakObserver(
+      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
   MakeNewRequestTokenBucket();
   mWifiTickler = new Tickler();
   if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2071,6 +2074,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     // Inform nsIOService that network is tearing down.
     gIOService->SetHttpHandlerAlreadyShutingDown();
 
+    Preferences::RemoveObserver(
+        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
     ShutdownConnectionManager();
 
     // need to reset the session start time since cache validation may
@@ -2196,6 +2202,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     ShutdownConnectionManager();
     mConnMgr = nullptr;
     Unused << InitConnectionMgr();
+  } else if (!strcmp(topic, "nsPref:changed") &&
+             !NS_strcmp(
+                 data,
+                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
+    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
   }
 
   return NS_OK;


=====================================
toolkit/components/resistfingerprinting/nsRFPService.cpp
=====================================
@@ -939,12 +939,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
 
+  const bool spoofOs =
+      isForHTTPHeader &&
+      Preferences::GetBool(
+          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
+
   // These magic numbers are the lengths of the UA string literals below.
   // Assume three-digit Firefox version numbers so we have room to grow.
   size_t preallocatedLength =
       13 +
-      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
-                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
+      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
+               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
       1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
       2;
   userAgent.SetCapacity(preallocatedLength);
@@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
   userAgent.AssignLiteral("Mozilla/5.0 (");
 
-  if (isForHTTPHeader) {
+  if (spoofOs) {
     userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
   } else {
     userAgent.AppendLiteral(SPOOFED_UA_OS);



View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3b8bacb819d33a4eefcdb4246c84e016d108310b...e473a1033734e6b1d9ebbda2eedda36ff0e0fc27

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/3b8bacb819d33a4eefcdb4246c84e016d108310b...e473a1033734e6b1d9ebbda2eedda36ff0e0fc27
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20240229/7ec0de7c/attachment-0001.htm>

More information about the tbb-commits mailing list