1861847 - Freeze UA string and navigator.platform on Android and Linux to match Chrome's frozen navigator.platform

Status: RESOLVED FIXED

(Core :: Networking: HTTP, enhancement, P3)

Description

[Chris Peterson [:cpeterson]]

Freeze the CPU architecture reported in Firefox's User-Agent HTTP header and navigator.userAgent and navigator.platform Web APIs as Linux armv81 on Android and Linux x86_64 on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed.

Goals:

1. Reduce fingerprintable entropy exposed to web content.
2. Reduce risk of webcompat problems from unexpected CPU architectures.

Chrome's "UA reduction" effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5

Firefox Android's RFP mode currently spoofs navigator.platform as Linux aarch64, but let's return the same value as Chrome, Linux armv81 to reduce browser differences that might cause webcompat problems.

Comment 1

[Chris Peterson [:cpeterson]]

On further thought, we probably shouldn't freeze RFP's spoofed navigator.platform at a different value from the regular navigator.platform, so I'm expanding the scope of this bug to include both changes at the same time. So this bug is no longer a good first bug.

I have a WIP patch.

Comment 2

[Dennis Schubert [:denschub]]

According to bug 1869521 and this social media post, exposing the CPU architecture is a WebCompat issue that manifests in YouTube delivering a lower resolution, and some sites always delivering a mobile layout.

Comment 3

[Ksenia Berezina [:ksenia]]

We should investigate freezing the UA string, but from webcompat point of view it affects a small number of users, so setting Webcompat Priority as P3 for now.

Comment 4

[Chris Peterson [:cpeterson]]

One site compat issue is Mozilla's own Firefox download pages check the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds are reporting they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary.

That issue will be resolved for Debian-derived distro users by https://github.com/mozilla/bedrock/issues/12966 when Bedrock starts redirecting Linux users to use a .deb package instead of tarballs.

Bedrock will remove the Linux architecture detection for users of other distros in https://github.com/mozilla/bedrock/issues/14012.

Comment 5

[Chris Peterson [:cpeterson]]

Attachment: Bug 1861847 - Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r?#necko-reviewers,#geckoview-reviewers

Freeze the CPU architecture reported in Firefox's User-Agent HTTP header and navigator.userAgent and navigator.platform Web APIs as Linux armv81 on Android and Linux x86_64 on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed.

Goals:

1. Reduce fingerprintable entropy exposed to web content.
2. Reduce risk of webcompat problems from unexpected CPU architectures.

Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues.

For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs https://github.com/mozilla/bedrock/issues/12966 and https://github.com/mozilla/bedrock/issues/14012.

In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like https://github.com/webcompat/web-bugs/issues/130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org.

Comment 6

[Pulsebot]

Pushed by cpeterson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/8c2839bd6b4a
Hard code User-Agent string's CPU arch on Android, Linux, and other Unix-like platforms. r=necko-reviewers,kershaw

Comment 7

[Atila Butkovits]

https://hg.mozilla.org/mozilla-central/rev/8c2839bd6b4a

Comment 8

[Chris Peterson [:cpeterson]]

Release Note Request (optional, but appreciated)
[Why is this notable]: This change is a small improvement in Linux and Android user privacy and might fix some webcompat issues, but it also has a risk of introducing new webcompat issues.
[Affects Firefox for Android]: Yes
[Suggested wording]: To reduce user fingerprinting information and the risk of some website compatibility issues, report ARM64 Linux's CPU architecture as "x86_64" and ARM and x86 Android's as "armv81" in Firefox's User-Agent string and navigator.platform and navigator.oscpu Web APIs.
[Links (documentation, blog post, etc)]: