Commit b6666d1f authored by Chris Peterson's avatar Chris Peterson
Browse files

Bug 1894429 - Spoof "Android 10" OS version in Firefox Android’s User-Agent... 

Bug 1894429 - Spoof "Android 10" OS version in Firefox Android’s User-Agent string on Android versions < 10. r=necko-reviewers,geckoview-reviewers,valentin,owlish

In bug 1865766, I tried to freeze the Android OS version exposed in Firefox Android's UA string at "Android 10", to reduce fingerprintable user information exposed to the web and to match Chrome. However, we ran into a webcompat problem (bug 1876742) where Firefox users couldn't log into at least one work website because the website's admin configured Duo authentication's "Trusted Endpoint" OS version checks to block users with Android versions < 11.

To work around that problem, spoof "Android 10" only for Android versions < 10. Duo's "Trusted Endpoint" OS version checks should still work because websites will see real version numbers for Android versions >= 10, whereas Firefox on Android versions < 10 will pretend to be "Android 10" and benefit from reduced fingerprintable user information.

Differential Revision: https://phabricator.services.mozilla.com/D209627
parent 776e2e73

mobile/android/geckoview/build.gradle

+1 −0
Original line number Diff line number Diff line
@@ -52,6 +52,7 @@ android { 


        // Keep in sync with actual user agent in nsHttpHandler::BuildUserAgent

        buildConfigField 'String', "USER_AGENT_GECKOVIEW_MOBILE", "\"Mozilla/5.0 (Android \" + android.os.Build.VERSION.RELEASE + \"; Mobile; rv:\" + ${mozconfig.defines.MOZILLA_UAVERSION} + \") Gecko/\" + ${mozconfig.defines.MOZILLA_UAVERSION} + \" Firefox/\" + ${mozconfig.defines.MOZILLA_UAVERSION}";

        buildConfigField 'String', "USER_AGENT_GECKOVIEW_MOBILE_ANDROID_10", "\"Mozilla/5.0 (Android 10; Mobile; rv:\" + ${mozconfig.defines.MOZILLA_UAVERSION} + \") Gecko/\" + ${mozconfig.defines.MOZILLA_UAVERSION} + \" Firefox/\" + ${mozconfig.defines.MOZILLA_UAVERSION}";



        buildConfigField 'int', 'MIN_SDK_VERSION', mozconfig.substs.MOZ_ANDROID_MIN_SDK_VERSION;

mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoHlsPlayer.java

+2 −1
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ import java.util.concurrent.atomic.AtomicInteger; 
import org.mozilla.gecko.GeckoAppShell;

import org.mozilla.gecko.annotation.ReflectionTarget;

import org.mozilla.geckoview.BuildConfig;

import org.mozilla.geckoview.GeckoSession;

import org.mozilla.thirdparty.com.google.android.exoplayer2.C;

import org.mozilla.thirdparty.com.google.android.exoplayer2.DefaultLoadControl;

import org.mozilla.thirdparty.com.google.android.exoplayer2.ExoPlaybackException;
@@ -355,7 +356,7 @@ public class GeckoHlsPlayer implements BaseHlsPlayer, ExoPlayer.EventListener { 
  private HttpDataSource.Factory buildHttpDataSourceFactory(

      final DefaultBandwidthMeter bandwidthMeter) {

    return new DefaultHttpDataSourceFactory(

        BuildConfig.USER_AGENT_GECKOVIEW_MOBILE,

        GeckoSession.getDefaultUserAgent(),

        bandwidthMeter /* listener */,

        DefaultHttpDataSource.DEFAULT_CONNECT_TIMEOUT_MILLIS,

        DefaultHttpDataSource.DEFAULT_READ_TIMEOUT_MILLIS,

mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoSession.java

+7 −1
Original line number Diff line number Diff line
@@ -1327,7 +1327,13 @@ public class GeckoSession { 
   */

  @AnyThread

  public static @NonNull String getDefaultUserAgent() {

    return BuildConfig.USER_AGENT_GECKOVIEW_MOBILE;

    // Spoof version "Android 10" for Android OS versions < 10 (Q) to reduce

    // their fingerprintable user information. For Android OS versions >= 10,

    // report the real OS version because some enterprise websites only want to

    // permit clients with recent OS version (like bug 1876742).

    return Build.VERSION.SDK_INT < Build.VERSION_CODES.Q

        ? BuildConfig.USER_AGENT_GECKOVIEW_MOBILE_ANDROID_10

        : BuildConfig.USER_AGENT_GECKOVIEW_MOBILE;

  }



  /**

netwerk/protocol/http/nsHttpHandler.cpp

+19 −2
Original line number Diff line number Diff line
@@ -878,12 +878,29 @@ void nsHttpHandler::InitUserAgentComponents() { 
      do_GetService("@mozilla.org/system-info;1");

  MOZ_ASSERT(infoService, "Could not find a system info service");

  nsresult rv;



  // Add the Android version number to the Fennec platform identifier.

  nsAutoString androidVersion;

  rv = infoService->GetPropertyAsAString(u"release_version"_ns, androidVersion);

  if (NS_SUCCEEDED(rv)) {

  MOZ_ASSERT_IF(

      NS_SUCCEEDED(rv),

      // Like version "9"

      (androidVersion.Length() == 1 && std::isdigit(androidVersion[0])) ||

          // Or like version "8.1", "10", or "12.1"

          (androidVersion.Length() >= 2 && std::isdigit(androidVersion[0]) &&

           (androidVersion[1] == u'.' || std::isdigit(androidVersion[1]))));



  // Spoof version "Android 10" for Android OS versions < 10 to reduce their

  // fingerprintable user information. For Android OS versions >= 10, report

  // the real OS version because some enterprise websites only want to permit

  // clients with recent OS version (like bug 1876742). Two leading digits

  // in the version string means the version number is >= 10.

  mPlatform += " ";

  if (NS_SUCCEEDED(rv) && androidVersion.Length() >= 2 &&

      std::isdigit(androidVersion[0]) && std::isdigit(androidVersion[1])) {

    mPlatform += NS_LossyConvertUTF16toASCII(androidVersion);

  } else {

    mPlatform.AppendLiteral("10");

  }



  // Add the `Mobile` or `TV` token when running on device.