Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Useragent spoof for navigator.userAgent #340

Closed
1 of 3 tasks
h6a8ke1k opened this issue May 3, 2020 · 7 comments
Closed
1 of 3 tasks

Useragent spoof for navigator.userAgent #340

h6a8ke1k opened this issue May 3, 2020 · 7 comments

Comments

@h6a8ke1k
Copy link

h6a8ke1k commented May 3, 2020

Prerequisites

Please use issues for bugs only! Answer the following questions for yourself before submitting an issue: YOU MAY DELETE THE PREREQUISITES SECTION.

  • I am running the latest version
  • I checked the documentation and found no answer
  • I checked to make sure that this issue has not already been filed

Expected Behavior

The useragent changed both in HTTP headers and navigator object through JavaScript after UA spoof.

Current Behavior

The navigator object contains real useragent through navigator.userAgent.

Relevant settings

Context (Environment)

Firefox 68 ESR
@h6a8ke1k
Copy link
Author

h6a8ke1k commented May 3, 2020

The link explains a way to modify the UA in the navigator object.

navigator.__defineGetter__('userAgent', function(){
    return 'foo' // customized user agent
});

navigator.userAgent; // 'foo'

Moreover, the original Firefox browser seems to return different values in HTTP headers and the navigator object.
For example, Firefox 68 ESR HTTP header UA:
Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
Compared to the navigator object:
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0

Maybe return different values in the spoof as well to make the spoof more effective?

@sereneblue
Copy link
Owner

@h6a8ke1k The userAgent property should automatically be spoofed by Firefox based on the headers. I can manually overwrite this property but I'm not sure why there are two different user agents present. Both values are the same for me on Linux + FF75 & FF76 and Windows 7 + FF 68.

@h6a8ke1k
Copy link
Author

h6a8ke1k commented May 3, 2020
edited
Loading

Sorry for the inaccurate information.
I tested again, and found the reason.

For a clean firefox browser, the UA in HTTP headers and navigator object is the same, which is the following value:
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0.

However, if I enable Chameleon and select "Real Profile", the navigator object UA does not change, but the HTTP header changes to:
Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0.
So maybe it is because the "Real Profile" is not using the original UA of the browser?

Also, I confirmed that changing to a different profile only changes the UA in HTTP headers, the navigator object always contains the real UA, at least in Firefox 68 ESR with Win10 x64. So I think overriding navigator.userAgent is necessary.

However, there are many ways to change the userAgent property in the navigator object (in the link I provided), and __defineGetter__ seems to be deprecated? Maybe you want to try and find a most appropriate way to rewrite.

Thank you!

@Iquaridys
Copy link

Support needs to be added for the following User Agent detection methods if possible:

  1. navigator.userAgent (onload)
  2. iframe navigator.userAgent
  3. iframe navigator.appVersion

@sereneblue
Copy link
Owner

@Iquaridys, those properties are already spoofed. You can verify that by checking https://browserleaks.com/javascript.

@h6a8ke1k I believe this bug is actually caused by the resist fingerprinting option. Can you check your settings to see if that's enabled?

When it's enabled and you're using your real profile, Firefox spoofs the user agent in the header to Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0 but it doesn't change the navigator properties.

There's also another issue. When resist fingerprint is enabled and spoofing a browser profile, the navigator properties are spoofed but the userAgent property persists when resist fingerprint is enabled. Overwriting that property should fix this.

@h6a8ke1k
Copy link
Author

h6a8ke1k commented May 3, 2020

@sereneblue Thank you for your solution! That is exactly the reason. If I disable Chameleon and enable "resist fingerprinting" alone in about:config, the useragent in HTTP headers and the navigator object is different. So I guess if I enable "resist fingerprinting", I should not spoof my profile.

However, I think the resist fingerprinting option by Firefox is very useful. It can effectively prevent canvas fingerprinting and lower the timer precision slightly. I will leave it on.

I am not sure if there are better solutions. But thank you anyway for finding the reason!

@sereneblue
Copy link
Owner

sereneblue commented May 3, 2020
edited
Loading

@h6a8ke1k I agree, resist fingerprint is useful to have. v0.20.3 will overwrite the navigator userAgent property when a browser profile is spoofed so you can still use profiles. However, if the real profile is selected, it's probably best to leave it alone so that it can mimic Firefox original behavior.

sereneblue added a commit that referenced this issue May 5, 2020
@sereneblue
fix(injection): overwrite navigator.userAgent if profile is used whil…
3d46292 
…e RFP is enabled; #340
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sereneblue @Iquaridys @h6a8ke1k