Verified Commit db5a9f1e authored by Pier Angelo Vendrame's avatar Pier Angelo Vendrame 🎃
Browse files

MB 234: Disable OS spoofing in HTTP User-Agent. 

This commits makes it possible to disable OS spoofing in the HTTP
User-Agent header, to see if matching header and JS property improve
usability.
parent 60fdb61a

browser/app/profile/000-mullvad-browser.js

+3 −0
Original line number Diff line number Diff line
@@ -48,3 +48,6 @@ pref("app.releaseNotesURL", "https://github.com/mullvad/mullvad-browser/releases 
pref("app.releaseNotesURL.aboutDialog", "about:blank");

// point to our feedback url rather than Mozilla's

pref("app.feedback.baseURL", "https://mullvad.net/help/tag/browser/");



// mullvad-browser#234: Do not spoof the OS in the User-Agent header

pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false);

netwerk/protocol/http/nsHttpHandler.cpp

+11 −0
Original line number Diff line number Diff line
@@ -497,6 +497,9 @@ nsresult nsHttpHandler::Init() { 
    // obsService->AddObserver(this, "net:failed-to-process-uri-content", true);

  }



  Preferences::AddWeakObserver(

      this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);



  MakeNewRequestTokenBucket();

  mWifiTickler = new Tickler();

  if (NS_FAILED(mWifiTickler->Init())) mWifiTickler = nullptr;
@@ -2064,6 +2067,9 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, 
    // Inform nsIOService that network is tearing down.

    gIOService->SetHttpHandlerAlreadyShutingDown();



    Preferences::RemoveObserver(

        this, "privacy.resistFingerprinting.spoofOsInUserAgentHeader"_ns);



    ShutdownConnectionManager();



    // need to reset the session start time since cache validation may
@@ -2189,6 +2195,11 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, 
    ShutdownConnectionManager();

    mConnMgr = nullptr;

    Unused << InitConnectionMgr();

  } else if (!strcmp(topic, "nsPref:changed") &&

             !NS_strcmp(

                 data,

                 u"privacy.resistFingerprinting.spoofOsInUserAgentHeader")) {

    nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);

  }



  return NS_OK;

toolkit/components/resistfingerprinting/nsRFPService.cpp

+8 −3
Original line number Diff line number Diff line
@@ -939,11 +939,16 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, 
  // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent

  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent



  const bool spoofOs =

      isForHTTPHeader &&

      Preferences::GetBool(

          "privacy.resistFingerprinting.spoofOsInUserAgentHeader", true);



  // These magic numbers are the lengths of the UA string literals below.

  // Assume three-digit Firefox version numbers so we have room to grow.

  size_t preallocatedLength =

      13 +

      (isForHTTPHeader ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)

      (spoofOs ? mozilla::ArrayLength(SPOOFED_HTTP_UA_OS)

               : mozilla::ArrayLength(SPOOFED_UA_OS)) -

      1 + 5 + 3 + 10 + mozilla::ArrayLength(LEGACY_UA_GECKO_TRAIL) - 1 + 9 + 3 +

      2;
@@ -954,7 +959,7 @@ void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, 
  // "Mozilla/5.0 (%s; rv:%d.0) Gecko/%d Firefox/%d.0"

  userAgent.AssignLiteral("Mozilla/5.0 (");



  if (isForHTTPHeader) {

  if (spoofOs) {

    userAgent.AppendLiteral(SPOOFED_HTTP_UA_OS);

  } else {

    userAgent.AppendLiteral(SPOOFED_UA_OS);