Leaking Chromium/Brave full version through navigator.userAgentData.getHighEntropyValues() #23491
Assignees
Labels
OS/Android
Fixes related to Android browser functionality
OS/Desktop
priority/P3
The next thing for us to work on. It'll ride the trains.
privacy/chromium-redqueen
Work to remove or improve privacy-harming "features" added in Chromium.
privacy/tracking
Preventing sites from tracking users across the web
QA Pass - Android ARM
QA Pass - Android Tab
QA Pass-Linux
QA Pass-macOS
QA Pass-Win64
QA/Test-All-Platforms
QA/Test-Plan-Specified
QA/Yes
regression
release-notes/exclude
Milestone
Comments
ShivanKaul
added
OS/Android
ShivanKaul
added
priority/P3
ShivanKaul
changed the title
mkarolin
added a commit
to brave/brave-core
that referenced
this issue
Nov 30, 2022
…opyValues Fixes brave/brave-browser#23491 It seems uaFullVersion was always leaking but the fullVersionList started leaking because of the change in #14155 where brand was added to GetUserAgentBrandList function in components/embedder_support/user_agent_utils.cc which broke the BraveContentBrowserClient::GetUserAgentMetadata expectation that the brand list would only contain 2 items (instead of now 3). This fix adjusts the BraveContentBrowserClient::GetUserAgentMetadata expectations and removes adding the Brave brand to the lists because it's already there. Now we just need to zero out 3 last components of the full versions list and uaFullVersion string. Also, adds a browser test to check the sizes of the lists and versions values.
25 tasks
|
The above requires |
Verified
|
| Brave | 1.46.141 Chromium: 108.0.5359.99 (Official Build) (x86_64) |
|---|---|
| Revision | 410951fc34bb4b2cbf182231f9f779efaafaf682-refs/branch-heads/5359_71@{#9} |
| OS | macOS Version 13.1 (Build 22C65) |
Steps:
- installed
1.46.141 - launched Brave
- opened
Developer Tools - clicked on the
Consoletab - entered
await navigator.userAgentData.getHighEntropyValues(["fullVersionList", "uaFullVersion"]); - expanded the
fullVersionList
Confirmed we only show the first digit of the version
Verification PASSED on
Brave | 1.46.141 Chromium: 108.0.5359.99 (Official Build) (64-bit)
-- | --
Revision | 410951fc34bb4b2cbf182231f9f779efaafaf682-refs/branch-heads/5359_71@{#9}
OS | Windows 10 Version 21H2 (Build 19044.2251)
Steps:
- installed
1.46.141 - launched Brave and open https://browserleaks.com/client-hints
- opened
Developer Tools - clicked on the
Consoletab - entered
await navigator.userAgentData.getHighEntropyValues(["fullVersionList", "uaFullVersion"]); - expanded the
fullVersionList
|
Verification PASSED on
Steps:
Confirmed we only show the first digit of the version
|
|
Verified on Acceptance Criteria:
Test Steps:
|
Uni-verse
added
QA/In-Progress
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
This is what I get in dev console or by going to https://browserleaks.com/client-hints (scroll down for the JS API):
We should not leak the full version in
fullVersionListanduaFullVersionand instead clamp it to the major version, same as inbrands(108 in this case).There's a separate webcompat question of what to do about high entropy values for
"platformVersion, "architecture", "platform", "bitness"but for UA versions it's clear that we should just match what we have in the UA.The text was updated successfully, but these errors were encountered: