[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.16.0esr-13.5-1] 2 commits: Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref

Wed Oct 16 22:25:30 UTC 2024


morgan pushed to branch tor-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser


Commits:
8ae4a172 by Pier Angelo Vendrame at 2024-10-16T22:24:59+00:00
Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.

- - - - -
39263a40 by Morgan at 2024-10-16T22:25:12+00:00
fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js

Bug 43170: Disable user-agent spoofing in HTTP header

- - - - -


3 changed files:

- browser/app/profile/000-tor-browser.js
- netwerk/protocol/http/nsHttpHandler.cpp
- toolkit/components/resistfingerprinting/nsRFPService.cpp


Changes:

=====================================
browser/app/profile/000-tor-browser.js
=====================================
@@ -52,6 +52,8 @@ pref("network.http.connection-retry-timeout", 0);
 // be reduced to the strictly required time).
 pref("extensions.torbutton.use_nontor_proxy", false);
 
+// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref
+pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
 // Browser home page:
 pref("browser.startup.homepage", "about:tor");
 


=====================================
netwerk/protocol/http/nsHttpHandler.cpp
=====================================
@@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() {
     // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
   }
 
+  Preferences::AddWeakObserver(
+      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
   MakeNewRequestTokenBucket();
   mWifiTickler = new Tickler();
   if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2064,6 +2067,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     // Inform nsIOService that network is tearing down.
     gIOService->SetHttpHandlerAlreadyShutingDown();
 
+    Preferences::RemoveObserver(
+        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
     ShutdownConnectionManager();
 
     // need to reset the session start time since cache validation may
@@ -2189,6 +2195,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     ShutdownConnectionManager();
     mConnMgr = nullptr;
     Unused << InitConnectionMgr();
+  } else if (!strcmp(topic, "nsPref:changed") &&
+             !NS_strcmp(
+                 data,
+                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
+    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
   }
 
   return NS_OK;


=====================================
toolkit/components/resistfingerprinting/nsRFPService.cpp
=====================================
@@ -939,12 +939,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
 
+  const bool spoofOs =
+      isForHTTPHeader &&
+      Preferences::GetBool(
+          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
+
   // These magic numbers are the lengths of the UA string literals below.
   // Assume three-digit Firefox version numbers so we have room to grow.
   size_t preallocatedLength =
       13 +
-      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
-                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
+      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
+               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
       1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
       2;
   userAgent.SetCapacity(preallocatedLength);
@@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
   userAgent.AssignLiteral("Mozilla/5.0 (");
 
-  if (isForHTTPHeader) {
+  if (spoofOs) {
     userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
   } else {
     userAgent.AppendLiteral(SPOOFED_UA_OS);



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10897e7173f799863ee5481b6a2b6c313174a548...39263a4000c5756cb63844a1bebe2b827a892511

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/10897e7173f799863ee5481b6a2b6c313174a548...39263a4000c5756cb63844a1bebe2b827a892511
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20241016/819e7ff7/attachment-0001.htm>
