Farbled HTTP Accept-Language header does not have a q value

[pilgrim-brave]

The initial design of Accept-Language farbling specified that, in aggressive anti-fingerprinting mode, the value should always be "en-US,en". However, webcompat testing has since revealed that some frameworks react poorly to the lack of a q value.

Suggest we change the aggressive value to "en-US,en;q=0.9" which matches a Chromium's default behavior for en-US users.

[kjozwiak]

The above requires 1.42.81 or higher for 1.42.x verification 👍

[GeetaSarvadnya]

Verification PASSED on

Brave | 1.42.81 Chromium: 104.0.5112.69 (Official Build) (64-bit)
-- | --
Revision | 7ce2902023c722af8564068e6b26e934b83fd774-refs/branch-heads/5112@{#1213}
OS | Windows 10 Version 21H2 (Build 19044.1826)

Verified test plan from brave/brave-core#14235 (comment). See this comment for note re: Navigation and Sub-resource columns not matching.

Went through the STR/Cases outlined via brave/brave-core#14235 (comment) and ensured that all the cases via https://dev-pages.brave.software/fingerprinting/headers.html were working as per the following:

Before running through the cases, ensured that Brave was restarted so it pulls/starts using the studies from Griffin. Ensured that DisableReduceLanguage:Enabled via brave://version as per the following:

brave://version	brave://settings

Went through the following once DisableReduceLanguage:Enabled via brave://version:

Language FP enabled & Block fingerprinting (Default)

• ensured that the value under Headers matches the first language set via brave://settings/languages

English

Example	Example	Example

Kannada

Example	Example	Example

Language FP enabled & Allow fingerprinting (Disabled)

English

• ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Hindi

• ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Language FP enabled & Aggressively block fingerprinting (Aggressive)

• ensured that the value under Headers always displays en despite the languages listed under brave://settings/languages

Example	Example	Example

Also went through the following cases once Prevent sites from fingerprinting me based on my language preferences was disabled via brave://settings/shields

Language FP disabled & Block fingerprinting (Default)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Allow fingerprinting (Disabled)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Aggressively block fingerprinting (Aggressive)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

[LaurenWags]

Verified with

Brave | 1.42.81 Chromium: 104.0.5112.69 (Official Build) (x86_64)
-- | --
Revision | 7ce2902023c722af8564068e6b26e934b83fd774-refs/branch-heads/5112@{#1213}
OS | macOS Version 12.5 (Build 21G72)

Verified test plan from brave/brave-core#14235 (comment). See this comment for note re: Navigation and Sub-resource columns not matching.

Went through the STR/Cases outlined via brave/brave-core#14235 (comment) and ensured that all the cases via https://dev-pages.brave.software/fingerprinting/headers.html were working as per the following:

Before running through the cases, ensured that Brave was restarted so it pulls/starts using the studies from Griffin. Ensured that DisableReduceLanguage:Enabled via brave://version as per the following:

brave://version	brave://settings

Went through the following once DisableReduceLanguage:Enabled via brave://version:

Language FP enabled & Block fingerprinting (Default)

• ensured that the value under Headers matches the first language set via brave://settings/languages

English

Example	Example	Example

French

Example	Example	Example

Language FP enabled & Allow fingerprinting (Disabled)

• ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Language FP enabled & Aggressively block fingerprinting (Aggressive)

• ensured that the value under Headers always displays en despite the languages listed under brave://settings/languages

Example	Example	Example

Also went through the following cases once Prevent sites from fingerprinting me based on my language preferences was manually disabled via brave://settings/shields:

Language FP disabled & Block fingerprinting (Default)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Allow fingerprinting (Disabled)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Aggressively block fingerprinting (Aggressive)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

[Uni-verse]

Verification PASSED on Samsung Galaxy S21 using

Brave	1.42.81 Chromium: 104.0.5112.69 (Official Build) (64-bit) 
Revision	7ce2902023c722af8564068e6b26e934b83fd774-refs/branch-heads/5112@{#1213}
OS	Android 12; Build/SP1A.210812.016

Refered to Testing Plan in brave/brave-core#14235 (comment)

Quick Note: As per @pes10k, both of the Navigation and Sub-resource columns don't match which is a bug and expected. This will be fixed in a follow up issue via brave/brave-core#14338 as per @pes10k.

Went through the STR/Cases outlined via brave/brave-core#14235 (comment) and ensured that all the cases via https://dev-pages.brave.software/fingerprinting/headers.html were working as per the following:

brave://version

Language FP enabled & Block fingerprinting (Default)

ensured that the value under Headers matches the first language set via brave://settings/languages

Example	Example	Example

Language FP enabled & Allow fingerprint (Disabled)

ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Language FP enabled & Block fingerprinting (Aggressive)

ensured that the value under Headers always displays en despite the languages listed under brave://settings/languages

Example	Example	Example

---

Because Android doesn't have the Prevent sites from fingerprinting me based on my language preferences toggle implemented like desktop, went through the below after disabling brave://flags#brave-reduce-language.

Language FP disabled & Block fingerprinting (Default)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

Language FP disabled & Allow fingerprint (Disabled)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

Language FP disabled & Block fingerprinting (Aggressive)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

[Uni-verse]

Verification PASSED on Samsung Galaxy Tab S7 using

Brave	1.42.81 Chromium: 104.0.5112.69 (Official Build) (64-bit) 
Revision	7ce2902023c722af8564068e6b26e934b83fd774-refs/branch-heads/5112@{#1213}
OS	Android 12; Build/SP1A.210812.016

Refered to Testing Plan in brave/brave-core#14235 (comment)

Went through the STR/Cases outlined via brave/brave-core#14235 (comment) and ensured that all the cases via https://dev-pages.brave.software/fingerprinting/headers.html were working as per the following:

brave://version

Language FP enabled & Block fingerprinting (Default)

ensured that the value under Headers matches the first language set via brave://settings/languages

Example	Example	Example

Language FP enabled & Allow fingerprint (Disabled)

ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Language FP enabled & Block fingerprinting (Aggressive)

ensured that the value under Headers always displays en despite the languages listed under brave://settings/languages

Example	Example	Example

---

Because Android doesn't have the Prevent sites from fingerprinting me based on my language preferences toggle implemented like desktop, went through the below after disabling brave://flags#brave-reduce-language.

Language FP disabled & Block fingerprinting (Default)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

Language FP disabled & Allow fingerprint (Disabled)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

Language FP disabled & Block fingerprinting (Aggressive)

ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example	Example

[LaurenWags]

Verified with

Brave	1.42.84 Chromium: 104.0.5112.69 (Official Build) (64-bit) 
Revision	7ce2902023c722af8564068e6b26e934b83fd774-refs/branch-heads/5112@{#1213}
OS	Linux

Verified test plan from brave/brave-core#14235 (comment). See this comment for note re: Navigation and Sub-resource columns not matching.

Went through the STR/Cases outlined via brave/brave-core#14235 (comment) and ensured that all the cases via https://dev-pages.brave.software/fingerprinting/headers.html were working as per the following:

Before running through the cases, ensured that Brave was restarted so it pulls/starts using the studies from Griffin. Ensured that DisableReduceLanguage:Enabled via brave://version as per the following:

brave://version	brave://settings

Went through the following once DisableReduceLanguage:Enabled via brave://version:

Language FP enabled & Block fingerprinting (Default)

• ensured that the value under Headers matches the first language set via brave://settings/languages

English

Example	Example	Example

Spanish

Example	Example	Example

Language FP enabled & Allow fingerprinting (Disabled)

• ensured that the value under Headers displays all the languages listed via brave://settings/languages

Example	Example	Example

Language FP enabled & Aggressively block fingerprinting (Aggressive)

• ensured that the value under Headers always displays en despite the languages listed under brave://settings/languages

Example	Example	Example

Also went through the following cases once Prevent sites from fingerprinting me based on my language preferences was manually disabled via brave://settings/shields:

Language FP disabled & Block fingerprinting (Default)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Allow fingerprinting (Disabled)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`

Language FP disabled & Aggressively block fingerprinting (Aggressive)

• ensured that all the languages are being displayed via the Header as Accept-Language has been disabled

Example	Example`