Bug 1511763 - Part 2: Make GetSpoofedUserAgent() infallible. r=tjr

Differential Revision: https://phabricator.services.mozilla.com/D13658

--HG--
extra : rebase_source : 467a960f591f5e2043ca8fc504730ad38358dcde
extra : intermediate-source : 08d3f83d23c553e44ba7be1cbc3d93cd2b0b1216
extra : source : c20507956e062eecf23f0856c8b5c372621891cf
This commit is contained in:
Chris Peterson 2018-12-02 21:24:16 -08:00
parent 7ffa0dca04
commit 576887f4d2
4 changed files with 24 additions and 28 deletions

View File

@ -1688,10 +1688,7 @@ nsresult Navigator::GetUserAgent(nsPIDOMWindowInner* aWindow,
// specific OS version, etc.
if (!aIsCallerChrome && nsContentUtils::ShouldResistFingerprinting()) {
nsAutoCString spoofedUA;
nsresult rv = nsRFPService::GetSpoofedUserAgent(spoofedUA, false);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
nsRFPService::GetSpoofedUserAgent(spoofedUA, false);
CopyASCIItoUTF16(spoofedUA, aUserAgent);
return NS_OK;
}

View File

@ -497,13 +497,8 @@ nsresult nsHttpHandler::Init() {
mAppVersion.AssignLiteral(MOZ_APP_UA_VERSION);
}
// Generating the spoofed User Agent for fingerprinting resistance.
rv = nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
if (NS_FAILED(rv)) {
// Empty mSpoofedUserAgent to make sure the unsuccessful spoofed UA string
// will not be used anywhere.
mSpoofedUserAgent.Truncate();
}
// Generate the spoofed User Agent for fingerprinting resistance.
nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true);
mSessionStartTime = NowInSeconds();
mHandlerActive = true;

View File

@ -652,30 +652,24 @@ uint32_t nsRFPService::GetSpoofedPresentedFrames(double aTime, uint32_t aWidth,
((100 - boundedDroppedRatio) / 100.0));
}
/* static */
nsresult nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
bool isForHTTPHeader) {
// This function generates the spoofed value of User Agent.
// We spoof the values of the platform and Firefox version, which could be
// used as fingerprinting sources to identify individuals.
// Reference of the format of User Agent:
// https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
static uint32_t GetSpoofedVersion() {
// If we can't get the current Firefox version, use a hard-coded ESR version.
const uint32_t kKnownEsrVersion = 60;
nsresult rv;
nsCOMPtr<nsIXULAppInfo> appInfo =
do_GetService("@mozilla.org/xre/app-info;1", &rv);
NS_ENSURE_SUCCESS(rv, rv);
NS_ENSURE_SUCCESS(rv, kKnownEsrVersion);
nsAutoCString appVersion;
rv = appInfo->GetVersion(appVersion);
NS_ENSURE_SUCCESS(rv, rv);
NS_ENSURE_SUCCESS(rv, kKnownEsrVersion);
// The browser version will be spoofed as the last ESR version.
// By doing so, the anonymity group will cover more versions instead of one
// version.
uint32_t firefoxVersion = appVersion.ToInteger(&rv);
NS_ENSURE_SUCCESS(rv, rv);
NS_ENSURE_SUCCESS(rv, kKnownEsrVersion);
#ifdef DEBUG
// If we are running in Firefox ESR, determine whether the formula of ESR
@ -690,13 +684,24 @@ nsresult nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
// Starting with Firefox 52, a new ESR version will be released every
// eight Firefox versions: 52, 60, 68, ...
// We infer the last and closest ESR version based on this rule.
uint32_t spoofedVersion = firefoxVersion - ((firefoxVersion - 4) % 8);
return firefoxVersion - ((firefoxVersion - 4) % 8);
}
/* static */
void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent,
bool isForHTTPHeader) {
// This function generates the spoofed value of User Agent.
// We spoof the values of the platform and Firefox version, which could be
// used as fingerprinting sources to identify individuals.
// Reference of the format of User Agent:
// https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent
uint32_t spoofedVersion = GetSpoofedVersion();
const char* spoofedOS = isForHTTPHeader ? SPOOFED_HTTP_UA_OS : SPOOFED_UA_OS;
userAgent.Assign(nsPrintfCString(
"Mozilla/5.0 (%s; rv:%d.0) Gecko/%s Firefox/%d.0", spoofedOS,
spoofedVersion, LEGACY_UA_GECKO_TRAIL, spoofedVersion));
return rv;
}
static const char* gCallbackPrefs[] = {

View File

@ -185,8 +185,7 @@ class nsRFPService final : public nsIObserver {
uint32_t aHeight);
// This method generates the spoofed value of User Agent.
static nsresult GetSpoofedUserAgent(nsACString& userAgent,
bool isForHTTPHeader);
static void GetSpoofedUserAgent(nsACString& userAgent, bool isForHTTPHeader);
/**
* This method for getting spoofed modifier states for the given keyboard