Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Uplift Remove UA farbling on all platforms and unconditionally exclude Android model to 1.23.x #8600

Merged
merged 2 commits into from
Apr 22, 2021
Merged

Uplift Remove UA farbling on all platforms and unconditionally exclude Android model to 1.23.x #8600

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3dc3cb4
Merge pull request #8320 from brave/mpilgrim_ua_mobile
pilgrim-brave Mar 31, 2021
d8d8077
Merge pull request #8562 from brave/mpilgrim_remove_ua_farbling
pilgrim-brave Apr 21, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 0 additions & 102 deletions browser/brave_content_browser_client.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,6 @@
#include "content/public/browser/navigation_handle.h"
#include "content/public/common/content_client.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/user_agent.h"
#include "extensions/buildflags/buildflags.h"
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
Expand Down Expand Up @@ -136,77 +135,6 @@ using extensions::ChromeContentBrowserClientExtensionsPart;

namespace {

#if defined(OS_MAC)
int32_t GetMinimumBugfixVersion(int32_t os_major_version,
int32_t os_minor_version) {
if (os_major_version == 10) {
switch (os_minor_version) {
case 9:
case 10:
return 5;
case 11:
case 12:
case 13:
case 14:
return 6;
case 15:
return 7;
}
} else if (os_major_version == 11) {
switch (os_minor_version) {
case 0:
return 1;
case 1:
return 0;
}
}
return 0;
}
#endif

std::string GetUserAgentPlatform() {
#if defined(OS_WIN)
return "";
#elif defined(OS_MAC)
return "Macintosh; ";
#elif defined(USE_X11)
return "X11; ";
#elif defined(OS_ANDROID)
return "Linux; ";
#elif defined(OS_POSIX)
return "Unknown; ";
#endif
}

std::string GetMinimalProduct() {
return version_info::GetProductNameAndVersionForUserAgent();
}

std::string GetMinimalOSVersion() {
std::string os_version;

#if defined(OS_MAC)
int32_t os_major_version = 0;
int32_t os_minor_version = 0;
int32_t os_bugfix_version = 0;
base::SysInfo::OperatingSystemVersionNumbers(
&os_major_version, &os_minor_version, &os_bugfix_version);
// change from upstream: compute bugfix version
os_bugfix_version =
std::max(os_bugfix_version,
GetMinimumBugfixVersion(os_major_version, os_minor_version));
base::StringAppendF(&os_version, "%d_%d_%d", os_major_version,
os_minor_version, os_bugfix_version);
#else
// change from upstream: exclude Android model
os_version =
content::GetOSVersion(content::IncludeAndroidBuildNumber::Exclude,
content::IncludeAndroidModel::Exclude);
#endif

return os_version;
}

bool HandleURLReverseOverrideRewrite(GURL* url,
content::BrowserContext* browser_context) {
if (BraveContentBrowserClient::HandleURLOverrideRewrite(url, browser_context))
Expand Down Expand Up @@ -503,36 +431,6 @@ void BraveContentBrowserClient::MaybeHideReferrer(
}
}

std::string BraveContentBrowserClient::GetEffectiveUserAgent(
content::BrowserContext* browser_context,
const GURL& url) {
std::string ua = GetUserAgent();
if (Profile* profile = Profile::FromBrowserContext(browser_context)) {
auto* map = HostContentSettingsMapFactory::GetForProfile(profile);
// If shields is off or farbling is off, do not override.
// Also, we construct real user agent two different ways, through the
// browser client's higher level utility function and through direct
// functions. If they differ, there's some sort of override happening. Maybe
// the end user is forcing the user agent via command line flags. Or maybe
// they turned on the "freeze user agent" flag. Whatever it is, we want to
// respect it.
if (GetBraveShieldsEnabled(map, url) &&
(GetFingerprintingControlType(map, url) != ControlType::ALLOW) &&
(ua == content::BuildUserAgentFromProduct(
version_info::GetProductNameAndVersionForUserAgent()))) {
std::string minimal_os_info;
base::StringAppendF(&minimal_os_info, "%s%s",
GetUserAgentPlatform().c_str(),
content::BuildOSCpuInfoFromOSVersionAndCpuType(
GetMinimalOSVersion(), content::BuildCpuInfo())
.c_str());
ua = content::BuildUserAgentFromOSAndProduct(minimal_os_info,
GetMinimalProduct());
}
}
return ua;
}

GURL BraveContentBrowserClient::GetEffectiveURL(
content::BrowserContext* browser_context,
const GURL& url) {
Expand Down
7 changes: 3 additions & 4 deletions browser/brave_content_browser_client.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,13 +102,12 @@ class BraveContentBrowserClient : public ChromeContentBrowserClient {

GURL GetEffectiveURL(content::BrowserContext* browser_context,
const GURL& url) override;
static bool HandleURLOverrideRewrite(GURL* url,
static bool HandleURLOverrideRewrite(
GURL* url,
content::BrowserContext* browser_context);
std::vector<std::unique_ptr<content::NavigationThrottle>>
CreateThrottlesForNavigation(content::NavigationHandle* handle) override;
CreateThrottlesForNavigation(content::NavigationHandle* handle) override;

std::string GetEffectiveUserAgent(content::BrowserContext* browser_context,
const GURL& url) override;
void ExposeInterfacesToRenderer(
service_manager::BinderRegistry* registry,
blink::AssociatedInterfaceRegistry* associated_registry,
Expand Down
66 changes: 25 additions & 41 deletions browser/farbling/brave_navigator_useragent_farbling_browsertest.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,7 @@
using brave_shields::ControlType;
using content::TitleWatcher;

const char kUserAgentScript[] =
"domAutomationController.send(navigator.userAgent);";
const char kUserAgentScript[] = "navigator.userAgent";

class BraveNavigatorUserAgentFarblingBrowserTest : public InProcessBrowserTest {
public:
Expand Down Expand Up @@ -78,11 +77,6 @@ class BraveNavigatorUserAgentFarblingBrowserTest : public InProcessBrowserTest {
return user_agents_[user_agents_.size() - 1];
}

std::string effective_user_agent() {
return browser_content_client_->GetEffectiveUserAgent(
browser()->profile(), contents()->GetLastCommittedURL());
}

HostContentSettingsMap* content_settings() {
return HostContentSettingsMapFactory::GetForProfile(browser()->profile());
}
Expand All @@ -105,20 +99,6 @@ class BraveNavigatorUserAgentFarblingBrowserTest : public InProcessBrowserTest {
embedded_test_server()->GetURL(domain, "/"));
}

template <typename T>
int ExecScriptGetInt(const std::string& script, T* frame) {
int value;
EXPECT_TRUE(ExecuteScriptAndExtractInt(frame, script, &value));
return value;
}

template <typename T>
std::string ExecScriptGetStr(const std::string& script, T* frame) {
std::string value;
EXPECT_TRUE(ExecuteScriptAndExtractString(frame, script, &value));
return value;
}

content::WebContents* contents() {
return browser()->tab_strip_model()->GetActiveWebContents();
}
Expand All @@ -143,32 +123,36 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorUserAgentFarblingBrowserTest,
GURL url_b = embedded_test_server()->GetURL(domain_b, "/simple.html");
GURL url_z = embedded_test_server()->GetURL(domain_z, "/simple.html");
// get real navigator.userAgent
std::string real_ua = embedder_support::GetUserAgent();
std::string unfarbled_ua = embedder_support::GetUserAgent();
// Farbling level: off
AllowFingerprinting(domain_b);
NavigateToURLUntilLoadStop(url_b);
EXPECT_EQ(last_requested_http_user_agent(), real_ua);
std::string off_ua_b = ExecScriptGetStr(kUserAgentScript, contents());
// user agent should be the same as the real user agent
EXPECT_EQ(off_ua_b, real_ua);
// HTTP User-Agent header we just sent in that request should be the same as
// the unfarbled user agent
EXPECT_EQ(last_requested_http_user_agent(), unfarbled_ua);
auto off_ua_b = EvalJs(contents(), kUserAgentScript);
// user agent should be the same as the unfarbled user agent
EXPECT_EQ(unfarbled_ua, off_ua_b);
AllowFingerprinting(domain_z);
NavigateToURLUntilLoadStop(url_z);
// HTTP User-Agent header we just sent in that request should be the same as
// the real user agent
EXPECT_EQ(last_requested_http_user_agent(), real_ua);
std::string off_ua_z = ExecScriptGetStr(kUserAgentScript, contents());
// the unfarbled user agent
EXPECT_EQ(last_requested_http_user_agent(), unfarbled_ua);
auto off_ua_z = EvalJs(contents(), kUserAgentScript);
// user agent should be the same on every domain if farbling is off
EXPECT_EQ(off_ua_z, real_ua);
EXPECT_EQ(unfarbled_ua, off_ua_z);

// Farbling level: default
// navigator.userAgent may be farbled, but the farbling is not
// domain-specific
SetFingerprintingDefault(domain_b);
NavigateToURLUntilLoadStop(url_b);
std::string default_ua_b = ExecScriptGetStr(kUserAgentScript, contents());
std::string default_ua_b =
EvalJs(contents(), kUserAgentScript).ExtractString();
SetFingerprintingDefault(domain_z);
NavigateToURLUntilLoadStop(url_z);
std::string default_ua_z = ExecScriptGetStr(kUserAgentScript, contents());
std::string default_ua_z =
EvalJs(contents(), kUserAgentScript).ExtractString();
// user agent should be the same on every domain if farbling is default
EXPECT_EQ(default_ua_b, default_ua_z);

Expand All @@ -179,12 +163,12 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorUserAgentFarblingBrowserTest,
BlockFingerprinting(domain_b);
// test known values
NavigateToURLUntilLoadStop(url_b);
std::string max_ua_b = ExecScriptGetStr(kUserAgentScript, contents());
EXPECT_EQ(max_ua_b, default_ua_b + " ");
auto max_ua_b = EvalJs(contents(), kUserAgentScript);
EXPECT_EQ(default_ua_b + " ", max_ua_b);
BlockFingerprinting(domain_z);
NavigateToURLUntilLoadStop(url_z);
std::string max_ua_z = ExecScriptGetStr(kUserAgentScript, contents());
EXPECT_EQ(max_ua_z, default_ua_z + " ");
auto max_ua_z = EvalJs(contents(), kUserAgentScript);
EXPECT_EQ(default_ua_z + " ", max_ua_z);

// test that iframes also inherit the farbled user agent
// (farbling level is still maximum)
Expand All @@ -202,16 +186,16 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorUserAgentFarblingBrowserTest,
NavigateToURLUntilLoadStop(embedded_test_server()->GetURL(
domain_b, "/navigator/workers-useragent.html"));
// HTTP User-Agent header we just sent in that request should be the same as
// the real user agent
EXPECT_EQ(last_requested_http_user_agent(), effective_user_agent());
// the unfarbled user agent
EXPECT_EQ(last_requested_http_user_agent(), unfarbled_ua);
TitleWatcher watcher3(contents(), expected_title);
EXPECT_EQ(expected_title, watcher3.WaitAndGetTitle());

// Farbling level: off
// verify that user agent is reset properly after having been farbled
AllowFingerprinting(domain_b);
NavigateToURLUntilLoadStop(url_b);
EXPECT_EQ(last_requested_http_user_agent(), real_ua);
std::string off_ua_b2 = ExecScriptGetStr(kUserAgentScript, contents());
EXPECT_EQ(off_ua_b, off_ua_b2);
EXPECT_EQ(last_requested_http_user_agent(), unfarbled_ua);
auto off_ua_b2 = EvalJs(contents(), kUserAgentScript);
EXPECT_EQ(off_ua_b.ExtractString(), off_ua_b2);
}
8 changes: 0 additions & 8 deletions chromium_src/content/browser/renderer_host/navigation_request.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,6 @@ GURL GetTopDocumentGURL(content::FrameTreeNode* frame_tree_node) {
browser_context, common_params_->url, \
GetTopDocumentGURL(frame_tree_node_), &common_params_->referrer);

#define BRAVE_NAVIGATION_REQUEST_ADD_ADDITIONAL_REQUEST_HEADERS \
? GetContentClient()->browser()->GetEffectiveUserAgent(browser_context, url)

#define BRAVE_NAVIGATION_REQUEST_SET_IS_OVERRIDING_USERAGENT \
? GetContentClient()->browser()->GetEffectiveUserAgent( \
frame_tree_node_->navigator().controller().GetBrowserContext(), \
GetURL())

#include "../../../../../content/browser/renderer_host/navigation_request.cc"

#undef BRAVE_ONSTARTCHECKSCOMPLETE_MAYBEHIDEREFERRER
4 changes: 4 additions & 0 deletions chromium_src/content/common/DEPS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
include_rules = [
"+../../../../content/common",
"+content/public/common",
]
10 changes: 6 additions & 4 deletions ...browser/worker_host/shared_worker_host.cc → chromium_src/content/common/user_agent.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,11 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "content/browser/worker_host/shared_worker_host.h"
#include "content/public/common/user_agent.h"

#define GetUserAgent() \
GetEffectiveUserAgent(GetProcessHost()->GetBrowserContext(), instance_.url())
#define BRAVE_GET_ANDROID_OS_INFO \
include_android_model = IncludeAndroidModel::Exclude;

#include "../../../../../content/browser/worker_host/shared_worker_host.cc"
#include "../../../../content/common/user_agent.cc"

#undef BRAVE_GET_ANDROID_OS_INFO
20 changes: 1 addition & 19 deletions patches/content-browser-renderer_host-navigation_request.cc.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,7 @@
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
index dae1c91d2d720f09b9a0840d829d4cc8600232ba..7e987915f766bd320cb1db2924047931f4adf4df 100644
index dae1c91d2d720f09b9a0840d829d4cc8600232ba..0f19c1307b05eb1fb4aab124c992c2f6474598a7 100644
--- a/content/browser/renderer_host/navigation_request.cc
+++ b/content/browser/renderer_host/navigation_request.cc
@@ -302,7 +302,7 @@ void AddAdditionalRequestHeaders(
headers->SetHeaderIfMissing(
net::HttpRequestHeaders::kUserAgent,
user_agent_override.empty()
- ? GetContentClient()->browser()->GetUserAgent()
+ BRAVE_NAVIGATION_REQUEST_ADD_ADDITIONAL_REQUEST_HEADERS
: user_agent_override);

if (!render_prefs.enable_referrers) {
@@ -2041,6 +2041,7 @@ void NavigationRequest::OnRequestRedirected(
common_params_->url = redirect_info.new_url;
common_params_->method = redirect_info.new_method;
Expand All @@ -27,12 +18,3 @@ index dae1c91d2d720f09b9a0840d829d4cc8600232ba..7e987915f766bd320cb1db2924047931
// TODO(clamy): Avoid cloning the navigation params and create the
// ResourceRequest directly here.
std::vector<std::unique_ptr<NavigationLoaderInterceptor>> interceptor;
@@ -5413,7 +5415,7 @@ void NavigationRequest::SetIsOverridingUserAgent(bool override_ua) {
auto user_agent_override = GetUserAgentOverride();
headers.SetHeader(net::HttpRequestHeaders::kUserAgent,
user_agent_override.empty()
- ? GetContentClient()->browser()->GetUserAgent()
+ BRAVE_NAVIGATION_REQUEST_SET_IS_OVERRIDING_USERAGENT
: user_agent_override);
BrowserContext* browser_context =
frame_tree_node_->navigator().controller().GetBrowserContext();
12 changes: 12 additions & 0 deletions patches/content-common-user_agent.cc.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
diff --git a/content/common/user_agent.cc b/content/common/user_agent.cc
index 104986360e1c593fe9db99b9cb54fa2385c0731d..7a9e6990d16a46734fe42f5081b5dfaeccd4292f 100644
--- a/content/common/user_agent.cc
+++ b/content/common/user_agent.cc
@@ -280,6 +280,7 @@ std::string GetAndroidOSInfo(

// Send information about the device.
bool semicolon_inserted = false;
+ BRAVE_GET_ANDROID_OS_INFO
if (include_android_model == IncludeAndroidModel::Include) {
std::string android_device_name = BuildModelInfo();
if (!android_device_name.empty()) {