MB 234: Disable OS spoofing in HTTP User-Agent.

This commits makes it possible to disable OS spoofing in the HTTP User-Agent header, to see if matching header and JS property improve usability.

MB 234: Disable OS spoofing in HTTP User-Agent.
23907fef · Pier Angelo Vendrame · 1cea288e · 23907fef · 23907fef · 23907fef
Commit 23907fef authored Feb 28, 2024 by Pier Angelo Vendrame
--- a/browser/app/profile/000-mullvad-browser.js
+++ b/browser/app/profile/000-mullvad-browser.js
@@ -45,3 +45,6 @@ pref("app.releaseNotesURL", "https://github.com/mullvad/mullvad-browser/releases
 pref("app.releaseNotesURL.aboutDialog", "about:blank");
 // point to our feedback url rather than Mozilla's
 pref("app.feedback.baseURL", "https://mullvad.net/help/tag/browser/");
+
+// mullvad-browser#234: Do not spoof the OS in the User-Agent header
+pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false);
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() {
    // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);
  }

+  Preferences::AddWeakObserver(
+      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
  MakeNewRequestTokenBucket();
  mWifiTickler = new Tickler();
  if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2064,6 +2067,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    // Inform nsIOService that network is tearing down.
    gIOService->SetHttpHandlerAlreadyShutingDown();

+    Preferences::RemoveObserver(
+        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);
+
    ShutdownConnectionManager();

    // need to reset the session start time since cache validation may
@@ -2189,6 +2195,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic,
    ShutdownConnectionManager();
    mConnMgr = nullptr;
    Unused << InitConnectionMgr();
+  } else if (!strcmp(topic, "nsPref:changed") &&
+             !NS_strcmp(
+                 data,
+                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {
+    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
  }

  return NS_OK;


--- a/toolkit/components/resistfingerprinting/nsRFPService.cpp
+++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp
@@ -939,11 +939,16 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
  // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent

+  const bool spoofOs =
+      isForHTTPHeader &&
+      Preferences::GetBool(
+          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);
+
  // These magic numbers are the lengths of the UA string literals below.
  // Assume three-digit Firefox version numbers so we have room to grow.
  size_t preallocatedLength =
      13 +
-      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
+      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)
               : mozilla::ArrayLength(SPOOFED_UA_OS)) -
      1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +
      2;
@@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
  // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"
  userAgent.AssignLiteral("Mozilla/5.0 (");

-  if (isForHTTPHeader) {
+  if (spoofOs) {
    userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);
  } else {
    userAgent.AppendLiteral(SPOOFED_UA_OS);