Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes leaking of full version via navigator.userAgentData.getHighEntropyValues #16177

Merged
merged 1 commit into from
Dec 1, 2022

Commits on Nov 30, 2022

  1. Fixes leaking of full version via navigator.userAgentData.getHighEntr…

    …opyValues
    
    Fixes brave/brave-browser#23491
    
    It seems uaFullVersion was always leaking but the fullVersionList
    started leaking because of the change in
    #14155 where brand was added
    to GetUserAgentBrandList function in
    components/embedder_support/user_agent_utils.cc which broke the
    BraveContentBrowserClient::GetUserAgentMetadata expectation that the
    brand list would only contain 2 items (instead of now 3).
    
    This fix adjusts the BraveContentBrowserClient::GetUserAgentMetadata
    expectations and removes adding the Brave brand to the lists because
    it's already there. Now we just need to zero out 3 last components of
    the full versions list and uaFullVersion string.
    
    Also, adds a browser test to check the sizes of the lists and versions
    values.
    mkarolin committed Nov 30, 2022
    Configuration menu
    Copy the full SHA
    964ee7b View commit details
    Browse the repository at this point in the history