From 576887f4d2b7f354ac36a1c6b5db5da5c9a73767 Mon Sep 17 00:00:00 2001 From: Chris Peterson Date: Sun, 2 Dec 2018 21:24:16 -0800 Subject: [PATCH] Bug 1511763 - Part 2: Make GetSpoofedUserAgent() infallible. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D13658 --HG-- extra : rebase_source : 467a960f591f5e2043ca8fc504730ad38358dcde extra : intermediate-source : 08d3f83d23c553e44ba7be1cbc3d93cd2b0b1216 extra : source : c20507956e062eecf23f0856c8b5c372621891cf --- dom/base/Navigator.cpp | 5 +-- netwerk/protocol/http/nsHttpHandler.cpp | 9 ++--- .../resistfingerprinting/nsRFPService.cpp | 35 +++++++++++-------- .../resistfingerprinting/nsRFPService.h | 3 +- 4 files changed, 24 insertions(+), 28 deletions(-) diff --git a/dom/base/Navigator.cpp b/dom/base/Navigator.cpp index c82f24cf8f9b..e89cfb04d8ab 100644 --- a/dom/base/Navigator.cpp +++ b/dom/base/Navigator.cpp @@ -1688,10 +1688,7 @@ nsresult Navigator::GetUserAgent(nsPIDOMWindowInner* aWindow, // specific OS version, etc. if (!aIsCallerChrome && nsContentUtils::ShouldResistFingerprinting()) { nsAutoCString spoofedUA; - nsresult rv = nsRFPService::GetSpoofedUserAgent(spoofedUA, false); - if (NS_WARN_IF(NS_FAILED(rv))) { - return rv; - } + nsRFPService::GetSpoofedUserAgent(spoofedUA, false); CopyASCIItoUTF16(spoofedUA, aUserAgent); return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index fadf65a6666d..7a5ff55de832 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -497,13 +497,8 @@ nsresult nsHttpHandler::Init() { mAppVersion.AssignLiteral(MOZ_APP_UA_VERSION); } - // Generating the spoofed User Agent for fingerprinting resistance. - rv = nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true); - if (NS_FAILED(rv)) { - // Empty mSpoofedUserAgent to make sure the unsuccessful spoofed UA string - // will not be used anywhere. - mSpoofedUserAgent.Truncate(); - } + // Generate the spoofed User Agent for fingerprinting resistance. + nsRFPService::GetSpoofedUserAgent(mSpoofedUserAgent, true); mSessionStartTime = NowInSeconds(); mHandlerActive = true; diff --git a/toolkit/components/resistfingerprinting/nsRFPService.cpp b/toolkit/components/resistfingerprinting/nsRFPService.cpp index 8c1e4430d953..dabd01f1a320 100644 --- a/toolkit/components/resistfingerprinting/nsRFPService.cpp +++ b/toolkit/components/resistfingerprinting/nsRFPService.cpp @@ -652,30 +652,24 @@ uint32_t nsRFPService::GetSpoofedPresentedFrames(double aTime, uint32_t aWidth, ((100 - boundedDroppedRatio) / 100.0)); } -/* static */ -nsresult nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, - bool isForHTTPHeader) { - // This function generates the spoofed value of User Agent. - // We spoof the values of the platform and Firefox version, which could be - // used as fingerprinting sources to identify individuals. - // Reference of the format of User Agent: - // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent - // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent +static uint32_t GetSpoofedVersion() { + // If we can't get the current Firefox version, use a hard-coded ESR version. + const uint32_t kKnownEsrVersion = 60; nsresult rv; nsCOMPtr appInfo = do_GetService("@mozilla.org/xre/app-info;1", &rv); - NS_ENSURE_SUCCESS(rv, rv); + NS_ENSURE_SUCCESS(rv, kKnownEsrVersion); nsAutoCString appVersion; rv = appInfo->GetVersion(appVersion); - NS_ENSURE_SUCCESS(rv, rv); + NS_ENSURE_SUCCESS(rv, kKnownEsrVersion); // The browser version will be spoofed as the last ESR version. // By doing so, the anonymity group will cover more versions instead of one // version. uint32_t firefoxVersion = appVersion.ToInteger(&rv); - NS_ENSURE_SUCCESS(rv, rv); + NS_ENSURE_SUCCESS(rv, kKnownEsrVersion); #ifdef DEBUG // If we are running in Firefox ESR, determine whether the formula of ESR @@ -690,13 +684,24 @@ nsresult nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, // Starting with Firefox 52, a new ESR version will be released every // eight Firefox versions: 52, 60, 68, ... // We infer the last and closest ESR version based on this rule. - uint32_t spoofedVersion = firefoxVersion - ((firefoxVersion - 4) % 8); + return firefoxVersion - ((firefoxVersion - 4) % 8); +} + +/* static */ +void nsRFPService::GetSpoofedUserAgent(nsACString& userAgent, + bool isForHTTPHeader) { + // This function generates the spoofed value of User Agent. + // We spoof the values of the platform and Firefox version, which could be + // used as fingerprinting sources to identify individuals. + // Reference of the format of User Agent: + // https://developer.mozilla.org/en-US/docs/Web/API/NavigatorID/userAgent + // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent + + uint32_t spoofedVersion = GetSpoofedVersion(); const char* spoofedOS = isForHTTPHeader ? SPOOFED_HTTP_UA_OS : SPOOFED_UA_OS; userAgent.Assign(nsPrintfCString( "Mozilla/5.0 (%s; rv:%d.0) Gecko/%s Firefox/%d.0", spoofedOS, spoofedVersion, LEGACY_UA_GECKO_TRAIL, spoofedVersion)); - - return rv; } static const char* gCallbackPrefs[] = { diff --git a/toolkit/components/resistfingerprinting/nsRFPService.h b/toolkit/components/resistfingerprinting/nsRFPService.h index a18743bc0017..6fab9612ea90 100644 --- a/toolkit/components/resistfingerprinting/nsRFPService.h +++ b/toolkit/components/resistfingerprinting/nsRFPService.h @@ -185,8 +185,7 @@ class nsRFPService final : public nsIObserver { uint32_t aHeight); // This method generates the spoofed value of User Agent. - static nsresult GetSpoofedUserAgent(nsACString& userAgent, - bool isForHTTPHeader); + static void GetSpoofedUserAgent(nsACString& userAgent, bool isForHTTPHeader); /** * This method for getting spoofed modifier states for the given keyboard