[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-128.2.0esr-14.0-1] 2 commits: Bug 42647: Make OS HTTP User-Agent OS spoofing configurable by pref

morgan (@morgan) git at gitlab.torproject.org
Tue Sep 3 18:26:17 UTC 2024 


morgan pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser


Commits:
7212e70e by Pier Angelo Vendrame at 2024-09-03T17:37:00+00:00
Bug 42647: Make OS HTTP User-Agent OS spoofing configurable by pref

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.

- - - - -
fd5b26f4 by Morgan at 2024-09-03T17:38:32+00:00
fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js

set privacy.resistFingerprinting.spoofOsInUserAgentHeader to true for now

- - - - -


3 changed files:

- browser/app/profile/000-tor-browser.js
- netwerk/protocol/http/nsHttpHandler.cpp
- toolkit/components/resistfingerprinting/nsRFPService.cpp


Changes:

=====================================
browser/app/profile/000-tor-browser.js
=====================================
@@ -52,6 +52,10 @@ pref("network.http.connection-retry-timeout", 0);
 // be reduced to the strictly required time).
 pref("extensions.torbutton.use_nontor_proxy", false);
 
+// tor-browser#42647: Make OS HTTP User-Agent OS spoofing configurable by pref
+// TODO: flip to false when we're happy this is not a privacy issue
+pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
+
 // Browser home page:
 pref("browser.startup.homepage", "about:tor");
 


=====================================
netwerk/protocol/http/nsHttpHandler.cpp
=====================================
@@ -482,6 +482,9 @@ nsresult nsHttpHandler::Init() {
     // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
   }
 
+  Preferences::AddWeakObserver(
+      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
   MakeNewRequestTokenBucket();
   mWifiTickler = new Tickler();
   if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2105,6 +2108,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     // Inform nsIOService that network is tearing down.
     gIOService->SetHttpHandlerAlreadyShutingDown();
 
+    Preferences::RemoveObserver(
+        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
     ShutdownConnectionManager();
 
     // need to reset the session start time since cache validation may
@@ -2227,6 +2233,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
     ShutdownConnectionManager();
     mConnMgr = nullptr;
     Unused << InitConnectionMgr();
+  } else if (!strcmp(topic, "nsPref:changed") &&
+             !NS_strcmp(
+                 data,
+                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
+    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
   }
 
   return NS_OK;


=====================================
toolkit/components/resistfingerprinting/nsRFPService.cpp
=====================================
@@ -904,12 +904,17 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
 
+  const bool spoofOs =
+      isForHTTPHeader &&
+      Preferences::GetBool(
+          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
+
   // These magic numbers are the lengths of the UA string literals below.
   // Assume three-digit Firefox version numbers so we have room to grow.
   size_t preallocatedLength =
       13 +
-      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
-                       : mozilla::ArrayLength(SPOOFED_UA_OS)) -
+      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
+               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
       1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
       2;
   userAgent.SetCapacity(preallocatedLength);
@@ -917,7 +922,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
   // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
   userAgent.AssignLiteral("Mozilla/5.0 (");
 
-  if (isForHTTPHeader) {
+  if (spoofOs) {
     userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
   } else {
     userAgent.AppendLiteral(SPOOFED_UA_OS);



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/7ec83a573ab3f6ec4ee5def8e086acef7275729c...fd5b26f4882b9898b7777ed80f079dfef592e77d

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/7ec83a573ab3f6ec4ee5def8e086acef7275729c...fd5b26f4882b9898b7777ed80f079dfef592e77d
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20240903/fbfca002/attachment-0001.htm>

More information about the tor-commits mailing list