Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes leaking of full version via navigator.userAgentData.getHighEntropyValues #16177

Merged
merged 1 commit into from
Dec 1, 2022
Merged

Fixes leaking of full version via navigator.userAgentData.getHighEntropyValues #16177

merged 1 commit into from
Dec 1, 2022

Conversation

mkarolin
Copy link
Collaborator

Fixes brave/brave-browser#23491

It seems uaFullVersion was always leaking but the fullVersionList started leaking because of the change in
#14155 where brand was added to GetUserAgentBrandList function in
components/embedder_support/user_agent_utils.cc which broke the BraveContentBrowserClient::GetUserAgentMetadata expectation that the brand list would only contain 2 items (instead of now 3).

This fix adjusts the BraveContentBrowserClient::GetUserAgentMetadata expectations and removes adding the Brave brand to the lists because it's already there. Now we just zero out the 3 last components of the full versions list and uaFullVersion string.

Also, adds a browser test to check the sizes of the lists and versions values.

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

@mkarolin
Fixes leaking of full version via navigator.userAgentData.getHighEntr…
964ee7b 
…opyValues

Fixes brave/brave-browser#23491

It seems uaFullVersion was always leaking but the fullVersionList
started leaking because of the change in
#14155 where brand was added
to GetUserAgentBrandList function in
components/embedder_support/user_agent_utils.cc which broke the
BraveContentBrowserClient::GetUserAgentMetadata expectation that the
brand list would only contain 2 items (instead of now 3).

This fix adjusts the BraveContentBrowserClient::GetUserAgentMetadata
expectations and removes adding the Brave brand to the lists because
it's already there. Now we just need to zero out 3 last components of
the full versions list and uaFullVersion string.

Also, adds a browser test to check the sizes of the lists and versions
values.
@mkarolin mkarolin self-assigned this Nov 30, 2022
ShivanKaul
ShivanKaul approved these changes Nov 30, 2022
View reviewed changes
Copy link
Collaborator

@ShivanKaul ShivanKaul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for adding the tests too

@mkarolin mkarolin merged commit 330b2d7 into master Dec 1, 2022
@mkarolin mkarolin deleted the maxk-fix-ua-version-leaks branch December 1, 2022 19:49
@mkarolin mkarolin added this to the 1.48.x - Nightly milestone Dec 1, 2022
brave-builds pushed a commit that referenced this pull request Dec 1, 2022
@brave-browser-releases
Uplift of #16177 (squashed) to beta
86ab66c
@brave-builds brave-builds mentioned this pull request Dec 1, 2022
Merged
7 tasks
brave-builds pushed a commit that referenced this pull request Dec 1, 2022
@brave-browser-releases
Uplift of #16177 (squashed) to release
4eff449
@brave-builds brave-builds mentioned this pull request Dec 1, 2022
Merged
7 tasks
@kjozwiak
Copy link
Member

kjozwiak commented Dec 7, 2022

Verification PASSED on Win 11 x64 using the following build(s):

Brave | 1.48.34 Chromium: 108.0.5359.94 (Official Build) nightly (64-bit)
-- | --
Revision | 713576b895246504ccc6b92c2fb8ce2d60194074-refs/branch-heads/5359_71@{#3}
OS | Windows 11 Version 22H2 (Build 22621.819)

Using the information provided via brave/brave-browser#23491 (comment), went through the following and ensured that we're not leaking the full version via fullVersionList as per the following:

1.48.22 Chromium: 108.0.5359.71 1.48.34 Chromium: 108.0.5359.94
broken fixed

@ShivanKaul ShivanKaul mentioned this pull request Jul 25, 2024
Merged
24 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pilgrim-brave pilgrim-brave pilgrim-brave approved these changes

@ShivanKaul ShivanKaul ShivanKaul approved these changes

@fmarier fmarier Awaiting requested review from fmarier

Assignees

@mkarolin mkarolin

Labels
None yet
Projects
None yet
Milestone
1.48.x - Release
Development

Successfully merging this pull request may close these issues.

Leaking Chromium/Brave full version through navigator.userAgentData.getHighEntropyValues()
4 participants
@mkarolin @kjozwiak @ShivanKaul @pilgrim-brave