Skip to content

Commit

Permalink
Implement navigator.userAgent farbling in workers
Browse files Browse the repository at this point in the history
  • Loading branch information
pilgrim-brave committed Oct 20, 2020
1 parent 4fa4b5d commit 3ceacd7
Show file tree
Hide file tree
Showing 7 changed files with 99 additions and 28 deletions.
16 changes: 16 additions & 0 deletions browser/farbling/brave_navigator_useragent_farbling_browsertest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,22 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorUserAgentFarblingBrowserTest,
std::string remote_iframe_ua = ExecScriptGetStr(kTitleScript, contents());
EXPECT_EQ(remote_iframe_ua, "pass");

// test that workers also inherit the farbled user agent
// (farbling level is still maximum)
NavigateToURLUntilLoadStop(embedded_test_server()->GetURL(
domain_b, "/navigator/workers-useragent.html"));
// NavigateToURLUntilLoadStop() will return before our Worker has a chance
// to run its code to completion, so we block here until document.title
// changes. This will happen relatively quickly if things are going well
// inside the Worker. If the browser crashes while executing the Worker
// code (which is what this test is really testing), then this will never
// unblock and the entire browser test will eventually time out. Timing
// out indicates a fatal error.
while (ExecScriptGetStr(kTitleScript, contents()) == "") {
}
std::string worker_ua_test = ExecScriptGetStr(kTitleScript, contents());
EXPECT_EQ(worker_ua_test, "pass");

// Farbling level: off
// verify that user agent is reset properly after having been farbled
AllowFingerprinting(domain_b);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
#include "third_party/blink/renderer/platform/heap/handle.h"
#include "third_party/blink/renderer/platform/network/network_utils.h"
#include "third_party/blink/renderer/platform/supplementable.h"
#include "third_party/blink/renderer/platform/wtf/text/string_builder.h"

namespace {

Expand Down Expand Up @@ -58,6 +59,7 @@ namespace brave {

const char kBraveSessionToken[] = "brave_session_token";
const char BraveSessionCache::kSupplementName[] = "BraveSessionCache";
const int kFarbledUserAgentMaxExtraSpaces = 5;

// acceptable letters for generating random strings
const char kLettersForRandomStrings[] =
Expand Down Expand Up @@ -233,6 +235,16 @@ WTF::String BraveSessionCache::GenerateRandomString(std::string seed,
return value;
}

WTF::String BraveSessionCache::FarbledUserAgent(WTF::String real_user_agent) {
std::mt19937_64 prng = MakePseudoRandomGenerator();
WTF::StringBuilder result;
result.Append(real_user_agent);
int extra = prng() % kFarbledUserAgentMaxExtraSpaces;
for (int i = 0; i < extra; i++)
result.Append(" ");
return result.ToString();
}

std::mt19937_64 BraveSessionCache::MakePseudoRandomGenerator() {
uint64_t seed = *reinterpret_cast<uint64_t*>(domain_key_);
return std::mt19937_64(seed);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ class CORE_EXPORT BraveSessionCache final
blink::WebContentSettingsClient* settings,
scoped_refptr<blink::StaticBitmapImage> image_bitmap);
WTF::String GenerateRandomString(std::string seed, wtf_size_t length);
WTF::String FarbledUserAgent(WTF::String real_user_agent);
std::mt19937_64 MakePseudoRandomGenerator();

private:
Expand Down
36 changes: 8 additions & 28 deletions chromium_src/third_party/blink/renderer/core/frame/navigator.cc
Original file line number Diff line number Diff line change
Expand Up @@ -5,38 +5,18 @@

#include <random>

#include "brave/components/content_settings/renderer/brave_content_settings_agent_impl_helper.h"
#include "third_party/blink/public/platform/web_content_settings_client.h"
#include "third_party/blink/renderer/core/dom/document.h"
#include "third_party/blink/renderer/core/frame/local_frame.h"
#include "third_party/blink/renderer/core/loader/frame_loader.h"
#include "third_party/blink/renderer/platform/wtf/text/string_builder.h"

using blink::LocalFrame;
using WTF::String;
using WTF::StringBuilder;

namespace brave {

const int kFarbledUserAgentMaxExtraSpaces = 5;

String FarbledUserAgent(LocalFrame* frame, std::mt19937_64 prng) {
StringBuilder result;
result.Append(frame->Loader().UserAgent());
int extra = prng() % kFarbledUserAgentMaxExtraSpaces;
for (int i = 0; i < extra; i++)
result.Append(" ");
return result.ToString();
}

} // namespace brave

#define BRAVE_NAVIGATOR_USERAGENT \
if (!AllowFingerprinting(GetFrame())) \
return brave::FarbledUserAgent( \
GetFrame(), \
brave::BraveSessionCache::From(*(GetFrame()->DomWindow())) \
.MakePseudoRandomGenerator());
#define BRAVE_NAVIGATOR_USERAGENT \
if (blink::WebContentSettingsClient* settings = \
brave::GetContentSettingsClientFor(GetExecutionContext())) { \
if (!settings->AllowFingerprinting(true)) { \
return brave::BraveSessionCache::From(*(GetExecutionContext())) \
.FarbledUserAgent(GetFrame()->Loader().UserAgent()); \
} \
}

#include "../../../../../../../third_party/blink/renderer/core/frame/navigator.cc"

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
/* Copyright (c) 2020 The Brave Authors. All rights reserved.
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

#include <random>

#include "third_party/blink/public/platform/web_content_settings_client.h"
#include "third_party/blink/renderer/core/execution_context/execution_context.h"

#define BRAVE_WORKERNAVIGATOR_USERAGENT \
if (blink::WebContentSettingsClient* settings = \
brave::GetContentSettingsClientFor(GetExecutionContext())) { \
if (!settings->AllowFingerprinting(true)) { \
return brave::BraveSessionCache::From(*(GetExecutionContext())) \
.FarbledUserAgent(user_agent_); \
} \
}

#include "../../../../../../../third_party/blink/renderer/core/workers/worker_navigator.cc"

#undef BRAVE_WORKERNAVIGATOR_USERAGENT
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
diff --git a/third_party/blink/renderer/core/workers/worker_navigator.cc b/third_party/blink/renderer/core/workers/worker_navigator.cc
index 2be0731c9f863f095f89f5d8f1888f4ee3c4cdff..5e60369a236757def5b6c5109983b7a9240fcdc9 100644
--- a/third_party/blink/renderer/core/workers/worker_navigator.cc
+++ b/third_party/blink/renderer/core/workers/worker_navigator.cc
@@ -47,6 +47,7 @@ WorkerNavigator::WorkerNavigator(const String& user_agent,
WorkerNavigator::~WorkerNavigator() = default;

String WorkerNavigator::userAgent() const {
+ BRAVE_WORKERNAVIGATOR_USERAGENT
return user_agent_;
}

28 changes: 28 additions & 0 deletions test/data/navigator/workers-useragent.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<!DOCTYPE html>
<!-- navigator.userAgent test from workers -->
<html>
<head>
<title></title>
<meta charset="utf-8">
</head>
<body>
<script>
var worker = function() {
postMessage(navigator.userAgent);
}

var workerBlob = new Blob(['(' + worker.toString() + ')()'], {
type: "text/javascript"
});

worker = new Worker(window.URL.createObjectURL(workerBlob));
worker.onmessage = function (e) {
if (navigator.userAgent == e.data) {
document.title = "pass";
} else {
document.title = "fail";
}
};
</script>
</body>
</html>

0 comments on commit 3ceacd7

Please sign in to comment.