harden languages fingerprint: JS / accept headers [1746815]

@pierov Fingerprinting label please, TIA

about:preferences > language is not covered by RFP in any way (except when choosing to spoof english, after which it is no longer protected - spoof is a one off). Users can add additional languages and/or even just change the order of e.g. en-US,en to en,en-US (which has been revealed in another ticket that a user did)

With RFP, we can harden this to parse the preference intl.accept_languages (which reflects the contents of about:preferences > Language > Choose your preferred language for displaying pages > Choose) for the first value, and to use this to return hardcoded values for both navigator.language, navigator.languages, and language accept header

I am pretty sure Mozilla has these all listed somewhere as the default settings per app language

for example: if first item is

• en or en-US or en-GB or en-CA - use en-US,en
• de or de-DE or de-AT, or de-LI or de-LU or de-CH - use de, en-US, en
• ? various - use nb-no, nb, no-no, no, nn-no, nn, en-us, en (if bokmal)
  • IDK why en-us is not en-US, just reporting what the pref says in TB's nb-no build
  • there's two norwegians: nb bokmal, and nn nynorsk (and no norwegian), so I'm not 100% sure how you would reconcile e.g. no or no-no first

There's an open bugzilla on this 1746815, but only returning the first item is frought with compat issues. There's a reason there are additional language fallbacks.

This solution, detect the language (via pref or whatever) and use a hardcoded result (already listed somewhere) for navigator and accept headers would eliminate entropy here (and doesn't stop the user switching languages)

@tom FYI