Open Bug 1865766 Opened 6 months ago Updated 26 days ago

Freeze the Android OS version in Firefox Android’s User-Agent string

Categories

(Core :: Networking: HTTP, task, P5)

Product:
Core
Component:
Networking: HTTP
Platform:
Unspecified
Android
Type:
task

Tracking

()

Status:
REOPENED
Tracking Flags:
Tracking Status
relnote-firefox --- 122+
firefox-esr115 --- wontfix
firefox120 --- wontfix
firefox121 --- wontfix
firefox122 --- disabled

People

(Reporter: cpeterson, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Attachments

(3 files)

Bug 1865766 - Replace osVersion with "Windows 10.0" in browser_navigator.js tests. r?#necko-reviewers
48 bytes, text/x-phabricator-request
Details | Review
Bug 1865766 - Freeze the Android OS version in Firefox Android’s User-Agent string at "Android 10". r?#geckoview-reviewers,#necko-reviewers
48 bytes, text/x-phabricator-request
Details | Review
Bug 1865766 - Android reftests should check the Android API level, not navgator.platform. r?jmaher
48 bytes, text/x-phabricator-request
Details | Review

Freeze (hard code) the Android OS version in Firefox’s UA string at "Android 10".

This will match Chrome Android's UA string. As part of Chrome’s UA reduction, Google froze the Android OS version exposed in Chrome’s UA string to "10". Google finished rolling out that change in Chrome 110 in May 2023: https://www.chromium.org/updates/ua-reduction

This change will affect the "User-Agent" HTTP header and navigator.userAgent Web API in Firefox, Focus, and any third-party apps using GeckoView.

Goals

  1. Reduce fingerprintable entropy passively exposed to the web.
  2. Reduce risk of webcompat breakage.

Firefox’s UA string currently exposes 14 different Android major and minor versions between Android 5.0 and 14. That’s about ~4 bits of fingerprintable entropy. Freezing the Android version would reduce that to 0 bits.

An example of webcompat breakage that could be avoid with a frozen Android version: when Google dropped the ".0" minor version in Android 9’s version, many websites broke because their UA string parsers assumed OS versions always included a "." and minor version, even if only ".0". Even Firefox’s DevTools had a bug parsing the Android 9 version (bug 1743334).

An important difference in Chrome’s UA reduction is that Chrome still exposes the actual Android OS version in the UA Client-Hints HTTP headers and navigator.userAgentData Web API. So sites that really want to know the user’s Android OS version can add new code to detect it. Sites would not have that option in Firefox unless we implement navigator.userAgentData in bug 1750143.

Example UA strings:

BEFORE: Mozilla/5.0 (Android 5.0; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
BEFORE: Mozilla/5.0 (Android 5.1; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
BEFORE: Mozilla/5.0 (Android 14; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
AFTER: Mozilla/5.0 (Android 10; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0

Risks

Some websites might report that Android 10 is out of date, but that risk is low because Chrome also froze its UA string at Android version 10. We can fix such websites using a Firefox’s site interventions to override the UA on those websites.

Some websites might attempt to use intent URIs to launch a native app that’s not available on Android < 10. I don’t know of any such examples, but those websites would not have worked on Android < 10 anyway… unless they would have launched a different native app for Android < 10?

Blocks: 1169772
Whiteboard: [necko-triaged]

The UA string's Windows OS version was frozen at version "10.0" in bug 1841425.

This will match Chrome Android's UA string. As part of Chrome’s UA reduction, Google froze the Android OS version exposed in Chrome’s UA string to "10". Google finished rolling out that change in Chrome 110 in May 2023: https://www.chromium.org/updates/ua-reduction

Goals:

  1. Reduce fingerprintable entropy passively exposed to the web.
  2. Reduce risk of webcompat breakage for new Android OS versions.

Depends on D194685

Pushed by cpeterson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/bf1bc5feca4e
Replace osVersion with "Windows 10.0" in browser_navigator.js tests. r=necko-reviewers,valentin
https://hg.mozilla.org/integration/autoland/rev/aa8eb5897329
Freeze the Android OS version in Firefox Android’s User-Agent string at "Android 10". r=geckoview-reviewers,necko-reviewers,valentin,owlish

Backed out for causing reftests failures in multiple-chunks-multiple-dx-different-anchor-rtl-ref.svg and on Android.

  • Backout link
  • Push with failures
  • Failure Log
  • Failure line: REFTEST TEST-UNEXPECTED-FAIL | layout/reftests/svg/text/multiple-chunks-multiple-dx-different-anchor-rtl.svg == layout/reftests/svg/text/multiple-chunks-multiple-dx-different-anchor-rtl-ref.svg | image comparison, max difference: 192, number of differing pixels: 56
Flags: needinfo?(cpeterson)

My UA string change broke the reftest fuzz checks added in bug 1794897 for the Google Pixel 5 devices. navigator.platform is now hard coded to return "Android 10" and thus tests need another way to check the real Android OS version.

https://searchfox.org/mozilla-central/search?q=Android13&path=reftest&case=true

Flags: needinfo?(cpeterson)
See Also: → 1794897

Hardcoding the Android UA string to always report "Android 10" broke the reftest fuzz checks added in bug 1794897 for the Google Pixel 5 devices. navigator.platform is now returns "Android 10" and thus tests need another way to check the real Android OS version.

There might be a more reliable way to detect the Google Pixel 5 devices in automation than checking the Android OS version, but I don't know what that might be or to be responsible for breaking other tests.

Pushed by cpeterson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4ed0a5b3a833
Android reftests should check the Android API level, not navgator.platform. r=jmaher

Backed out for causing reftests failures.

Flags: needinfo?(cpeterson)

(In reply to Serban Stanca [:SerbanS] from comment #8)

  • Failure line: REFTEST ERROR | EXCEPTION: ReferenceError: Android13 is not defined

reftest.list assumes Android13 is defined, even on non-Android platforms, if false.

Flags: needinfo?(cpeterson)
Pushed by cpeterson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d6acfd8fed1d
Android reftests should check the Android API level, not navgator.platform. r=jmaher

https://hg.mozilla.org/mozilla-central/rev/d6acfd8fed1d

Status: NEW → RESOLVED
Closed: 6 months ago
status-firefox122: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 122 Branch
Pushed by cpeterson@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/623588e12095
Replace osVersion with "Windows 10.0" in browser_navigator.js tests. r=necko-reviewers,valentin
https://hg.mozilla.org/integration/autoland/rev/963b7e553ef0
Freeze the Android OS version in Firefox Android’s User-Agent string at "Android 10". r=geckoview-reviewers,necko-reviewers,valentin,owlish

Release Note Request (optional, but appreciated)
[Why is this notable]: This change is a small improvement in Android user privacy and might fix some webcompat issues, but it also has a risk of introducing new webcompat issues.
[Affects Firefox for Android]: Yes, only Android is affected.
[Suggested wording]: To reduce user fingerprinting information and the risk of some website compatibility issues, always report OS version "Android 10" in Firefox Android's User-Agent string.
[Links (documentation, blog post, etc)]:

relnote-firefox: --- → ?
See Also: → 1876742
Regressions: 1876742
See Also: 1876742
Blocks: 1868415
See Also: → 1868415
See Also: 1868415
Blocks: 1609304
Depends on: 1894429

(In reply to Sandor Molnar[:smolnar] from comment #17)

https://hg.mozilla.org/mozilla-central/rev/3eba1c7082aa5d2e1198ff02e055c8ea1eb302fa

Partial backout from central for causing bug 1876742

Since the main change got backed out, I think this bug should be reopened. The commits that weren't reverted were tests only.

Status: RESOLVED → REOPENED
status-firefox122: fixedwontfix
Resolution: FIXED → ---
Target Milestone: 122 Branch → ---
Duplicate of this bug: 1868415
No longer blocks: 1868415

Unassigning myself because I don't think freezing the Android OS version in Firefox Android's User-Agent string is possible at this time (due to webcompat issues like bug 1876742). Freezing the User-Agent string's OS version number might be practical if we implement User-Agent Client Hints (bug 1750143), so JavaScript can access the real OS version (using the new navigator.userAgentData) API, but web servers will only see "Android 10" in the User-Agent HTTP header.

In the meantime, in bug 1894429 I will be proposing to spoof "Android 10" on devices with Android OS version < 10.

Assignee: cpeterson → nobody
Depends on: 1750143
Priority: P3 → P5
See Also: 1750143
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: