Closed Bug 1428111 Opened 2 years ago Closed 2 years ago

privacy.resistFingerprinting version spoof & ESR60

Categories

(Core :: DOM: Security, defect, P1)

59 Branch
defect

Tracking

()

RESOLVED DUPLICATE of bug 1418162
Tracking Status
firefox-esr52 --- unaffected
firefox-esr60 - ---
firefox57 --- unaffected
firefox58 --- unaffected
firefox59 --- affected
firefox60 - affected

People

(Reporter: simon.mainey, Assigned: tjr)

References

()

Details

(Whiteboard: [domsecurity-active])

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0
Build ID: 20100101

Steps to reproduce:

> uint32_t spoofedVersion = firefoxVersion - ((firefoxVersion - 3) % 7);

Current spoofing uses the above formula to match ESR, however, the next ESR after 52 will be 60. After that, we'll have to wait to see what the next ESR actually is


Actual results:

59 currently spoofs to 59, it should spoof to 52 (this is notwithstanding Bug 1418672 which is about masking Aurora/Nightly users until ESR becomes stable)


Expected results:

Original ticket: Bug 1393283 (where version spoof was changed from multiples of 10 to ESR)
Flags: needinfo?(ettseng)
Sorry, the branch was auto-added as 52 (because of my current spoof) - it should be affects 59+
Component: Untriaged → DOM: Security
Product: Firefox → Core
Version: 52 Branch → 59 Branch
Assignee: nobody → ettseng
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: needinfo?(ettseng)
Priority: -- → P2
Whiteboard: [domsecurity-active]
Assignee: ethantseng → tom
Priority: P2 → P1
Current status:
- Firefox 59 -> 59 should be Firefox 59 -> 52
- Firefox 60 -> 59 should be Firefox 60 -> 60
For those following along at home...  Bug 1418672 (mentioned in comment 1) about Aurora/Nightly being able to spoof ESR ahead of time, was temporarily resolved with a hard code of v52 in FF59. Bug 1418162, I believe, is the ticket that will fix the Aurora/Nightly code **and** the ESR numbering

Tom will correct me if I'm mistaken :)
this probably needs to be done in time for 60esr.
We're tracking 1418162 which sounds like it covers this.
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1418162
You need to log in before you can comment on or make changes to this bug.