Skip to content

BB 43386: Use Firefox in the UA in RFP-exempt request.

Merge Info

Issues

Resolves

Related

  • mullvad-browser#xxxxx
  • tor-browser#xxxxx
  • tor-browser-build#xxxxx

Merging

Target Branches

  • mullvad-browser - !fixups to mullvad-browser-specific commits, new features, security backports
  • base-browser and tor-browser - !fixups to base-browser-specific commits or new features to be shared with tor-browser
    • ⚠️ IMPORTANT: Please list the base-browser-specific commits which need to be cherry-picked to the base-browser and tor-browser branches here

Target Channels

  • Alpha: esr128-14.5
  • Stable: esr128-14.0

Backporting

Timeline

  • No Backport (preferred): patchset for the next major stable
  • Immediate: patchset needed as soon as possible
  • Next Minor Stable Release: patchset that needs to be verified in nightly before backport
  • Eventually: patchset that needs to be verified in alpha before backport

(Optional) Justification

  • Emergency security update: patchset fixes CVEs, 0-days, etc
  • Critical bug-fix: patchset fixes a bug in core-functionality
  • Consistency: patchset which would make development easier if it were in both the alpha and release branches; developer tools, build system changes, etc
  • Sponsor required: patchset required for sponsor
  • Localization: typos and other localization changes that should be also in the release branch
  • Other: please explain
    • Annoying leak in requests originated from extensions. Hopefully shouldn't be too much of a deal thanks to FPI, but still something to patch.

Issue Tracking

Review

Request Reviewer

  • Request review from an applications developer depending on modified system:
    • NOTE: if the MR modifies multiple areas, please /cc all the relevant reviewers (since Gitlab only allows 1 reviewer)
    • accessibility : henry
    • android : clairehurst, dan
    • build system : boklm
    • extensions : ma1
    • firefox internals (XUL/JS/XPCOM) : jwilde, ma1
    • fonts : pierov
    • frontend (implementation) : henry
    • frontend (review) : donuts, morgan
    • localization : henry, pierov
    • macOS : clairehurst, dan
    • nightly builds : boklm
    • rebases/release-prep : dan, ma1, pierov, morgan
    • security : jwilde, ma1
    • signing : boklm, morgan
    • updater : pierov
    • windows : jwilde, morgan
    • misc/other : pierov, morgan

Change Description

Hardcode an isFirefox variable to true. It'll be used to decide the product name to append to the UA string of RFP-exempt requests.

Requests originated by extensions are an example of RFP-exempt ones, but there might be more.

This patch affects Mullvad Browser, as we customize the app name there, but it makes sense to move it to BB to me, even though we don't customize it on Tor Browser for legacy reasons.

How Tested

Testing is a bit involved, as extensions are half-broken when the built-in ones (NoScript, uBlock Origin) are missing.

They should be copied before ./mach run with a command like this:

mkdir -p obj-x86_64-pc-linux-gnu/dist/bin/distribution
# .../mb-alpha is an existing alpha; other channels can be used as well, or you can download NoScript and uBO from AMO
cp -r .../mb-alpha/Browser/distribution/extensions/ obj-x86_64-pc-linux-gnu/dist/bin/distribution/
Screenshot

Screenshot_from_2025-01-08_10-53-19

Merge request reports

Loading