Freeze the Android OS version in Firefox Android’s User-Agent string
Categories
(Core :: Networking: HTTP, task, P5)
Tracking
()
People
(Reporter: cpeterson, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged])
Attachments
(3 files)
Freeze (hard code) the Android OS version in Firefox’s UA string at "Android 10".
This will match Chrome Android's UA string. As part of Chrome’s UA reduction, Google froze the Android OS version exposed in Chrome’s UA string to "10". Google finished rolling out that change in Chrome 110 in May 2023: https://www.chromium.org/updates/ua-reduction
This change will affect the "User-Agent" HTTP header and navigator.userAgent
Web API in Firefox, Focus, and any third-party apps using GeckoView.
Goals
- Reduce fingerprintable entropy passively exposed to the web.
- Reduce risk of webcompat breakage.
Firefox’s UA string currently exposes 14 different Android major and minor versions between Android 5.0 and 14. That’s about ~4 bits of fingerprintable entropy. Freezing the Android version would reduce that to 0 bits.
An example of webcompat breakage that could be avoid with a frozen Android version: when Google dropped the ".0" minor version in Android 9’s version, many websites broke because their UA string parsers assumed OS versions always included a "." and minor version, even if only ".0". Even Firefox’s DevTools had a bug parsing the Android 9 version (bug 1743334).
An important difference in Chrome’s UA reduction is that Chrome still exposes the actual Android OS version in the UA Client-Hints HTTP headers and navigator.userAgentData
Web API. So sites that really want to know the user’s Android OS version can add new code to detect it. Sites would not have that option in Firefox unless we implement navigator.userAgentData
in bug 1750143.
Example UA strings:
BEFORE: Mozilla/5.0 (Android 5.0; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
BEFORE: Mozilla/5.0 (Android 5.1; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
BEFORE: Mozilla/5.0 (Android 14; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
AFTER: Mozilla/5.0 (Android 10; Mobile; rv:123.0) Gecko/123.0 Firefox/123.0
Risks
Some websites might report that Android 10 is out of date, but that risk is low because Chrome also froze its UA string at Android version 10. We can fix such websites using a Firefox’s site interventions to override the UA on those websites.
Some websites might attempt to use intent URIs to launch a native app that’s not available on Android < 10. I don’t know of any such examples, but those websites would not have worked on Android < 10 anyway… unless they would have launched a different native app for Android < 10?
Updated•11 months ago
|
Reporter | ||
Comment 1•11 months ago
|
||
The UA string's Windows OS version was frozen at version "10.0" in bug 1841425.
Reporter | ||
Comment 2•11 months ago
|
||
This will match Chrome Android's UA string. As part of Chrome’s UA reduction, Google froze the Android OS version exposed in Chrome’s UA string to "10". Google finished rolling out that change in Chrome 110 in May 2023: https://www.chromium.org/updates/ua-reduction
Goals:
- Reduce fingerprintable entropy passively exposed to the web.
- Reduce risk of webcompat breakage for new Android OS versions.
Depends on D194685
Comment 4•10 months ago
|
||
Backed out for causing reftests failures in multiple-chunks-multiple-dx-different-anchor-rtl-ref.svg and on Android.
- Backout link
- Push with failures
- Failure Log
- Failure line: REFTEST TEST-UNEXPECTED-FAIL | layout/reftests/svg/text/multiple-chunks-multiple-dx-different-anchor-rtl.svg == layout/reftests/svg/text/multiple-chunks-multiple-dx-different-anchor-rtl-ref.svg | image comparison, max difference: 192, number of differing pixels: 56
Reporter | ||
Comment 5•10 months ago
•
|
||
My UA string change broke the reftest fuzz checks added in bug 1794897 for the Google Pixel 5 devices. navigator.platform
is now hard coded to return "Android 10" and thus tests need another way to check the real Android OS version.
https://searchfox.org/mozilla-central/search?q=Android13&path=reftest&case=true
Reporter | ||
Comment 6•10 months ago
|
||
Hardcoding the Android UA string to always report "Android 10" broke the reftest fuzz checks added in bug 1794897 for the Google Pixel 5 devices. navigator.platform
is now returns "Android 10" and thus tests need another way to check the real Android OS version.
There might be a more reliable way to detect the Google Pixel 5 devices in automation than checking the Android OS version, but I don't know what that might be or to be responsible for breaking other tests.
Comment 8•10 months ago
|
||
Backed out for causing reftests failures.
- Backout link
- Push with failures
- Failure Log
- Failure line: REFTEST ERROR | EXCEPTION: ReferenceError: Android13 is not defined
Reporter | ||
Comment 9•10 months ago
|
||
(In reply to Serban Stanca [:SerbanS] from comment #8)
- Failure line: REFTEST ERROR | EXCEPTION: ReferenceError: Android13 is not defined
reftest.list assumes Android13 is defined, even on non-Android platforms, if false.
Comment 10•10 months ago
|
||
Comment 11•10 months ago
|
||
bugherder |
Comment 12•10 months ago
|
||
Comment 13•10 months ago
|
||
bugherder |
Reporter | ||
Comment 14•10 months ago
|
||
Release Note Request (optional, but appreciated)
[Why is this notable]: This change is a small improvement in Android user privacy and might fix some webcompat issues, but it also has a risk of introducing new webcompat issues.
[Affects Firefox for Android]: Yes, only Android is affected.
[Suggested wording]: To reduce user fingerprinting information and the risk of some website compatibility issues, always report OS version "Android 10" in Firefox Android's User-Agent string.
[Links (documentation, blog post, etc)]:
Updated•10 months ago
|
Reporter | ||
Updated•8 months ago
|
Comment 15•8 months ago
|
||
https://hg.mozilla.org/releases/mozilla-release/rev/94baf6c37065dcf65070f50d10472d9dd6108c4c
Partial backout from release for causing Bug 1876742
Comment 16•8 months ago
|
||
https://hg.mozilla.org/releases/mozilla-beta/rev/bb9a936c0644ab6ea6d8e6b8f62fa7787b809a5e
Partial backout from beta for causing Bug 1876742
Comment 17•8 months ago
|
||
https://hg.mozilla.org/mozilla-central/rev/3eba1c7082aa5d2e1198ff02e055c8ea1eb302fa
Partial backout from central for causing bug 1876742
Comment 18•5 months ago
|
||
(In reply to Sandor Molnar[:smolnar] from comment #17)
https://hg.mozilla.org/mozilla-central/rev/3eba1c7082aa5d2e1198ff02e055c8ea1eb302fa
Partial backout from central for causing bug 1876742
Since the main change got backed out, I think this bug should be reopened. The commits that weren't reverted were tests only.
Updated•5 months ago
|
Reporter | ||
Comment 20•5 months ago
|
||
Unassigning myself because I don't think freezing the Android OS version in Firefox Android's User-Agent string is possible at this time (due to webcompat issues like bug 1876742). Freezing the User-Agent string's OS version number might be practical if we implement User-Agent Client Hints (bug 1750143), so JavaScript can access the real OS version (using the new navigator.userAgentData
) API, but web servers will only see "Android 10" in the User-Agent HTTP header.
In the meantime, in bug 1894429 I will be proposing to spoof "Android 10" on devices with Android OS version < 10.
Description
•