fune/browser/components/resistfingerprinting at 6accc1036c746ff88b5241d8045d670b27277bb9 - nagai/fune

nagai/fune

History

Chris Peterson 46594b94f3 Bug 1861847 - Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs https://github.com/mozilla/bedrock/issues/12966 and https://github.com/mozilla/bedrock/issues/14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like https://github.com/webcompat/web-bugs/issues/130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395	2024-01-05 07:05:38 +00:00
..
test	Bug 1861847 - Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r=necko-reviewers,kershaw	2024-01-05 07:05:38 +00:00
moz.build	Bug 1855295 convert .ini manifests to .toml: batch 8 dom/[a-l]**/mochitest.ini r=jmaher,jgilbert,extension-reviewers,credential-management-reviewers,robwu,sgalich	2023-10-02 17:18:28 +00:00

Chris Peterson 46594b94f3 Bug 1861847 - Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r=necko-reviewers,kershaw

Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed.

Goals:

1. Reduce fingerprintable entropy exposed to web content.
2. Reduce risk of webcompat problems from unexpected CPU architectures.

Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues.

For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs https://github.com/mozilla/bedrock/issues/12966 and https://github.com/mozilla/bedrock/issues/14012.

In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like https://github.com/webcompat/web-bugs/issues/130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org.

Differential Revision: https://phabricator.services.mozilla.com/D197395

2024-01-05 07:05:38 +00:00

test

Bug 1861847 - Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r=necko-reviewers,kershaw

2024-01-05 07:05:38 +00:00

moz.build

Bug 1855295 convert .ini manifests to .toml: batch 8 dom/[a-l]**/mochitest.ini r=jmaher,jgilbert,extension-reviewers,credential-management-reviewers,robwu,sgalich

2023-10-02 17:18:28 +00:00