-
-
Notifications
You must be signed in to change notification settings - Fork 13.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
librewolf: remove with-app-basename flag that exposes LibreWolf in the user agent string when resistFingerprinting is disabled #321083
Conversation
Please fix commit title. It must start with package name. Then,
You can add additional description to the body of commit message. (But not the title.) |
ah, i apologize |
Commit message is still not right... |
9b0e5db
to
8eec91e
Compare
sorry, i had to go do some stuff |
No. Use:
(replace both) |
8eec91e
to
dc018d9
Compare
i apologize for all of that, i'm still kinda new to all this |
Read the docs. There are contribution guidelines. And they are helpful.
Then, you should add as reviewers the (I just added them as reviewers for you.) On commit message, I still think that commit message is far too long. And it's not fully in lowercase. I'd suggest removal of:
But still, as it is now, it is better still. I won't be reviewing your PR further because I'm not a maintainer of this package. |
…e user agent string when resistFingerprinting is disabled
dc018d9
to
d432fc3
Compare
thanks for the feedback, will try to read more into the docs next time |
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/prs-ready-for-review/3032/4266 |
@cinnamonpancake I suggest you to use git history for the files you are touching and find new reviewers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the mozconfig that upstream actually uses to build: https://codeberg.org/librewolf/source/src/branch/main/assets/mozconfig.new. The app-basename option is not present there. So I agree that the app-basename option should not be present in the Nix build.
- Tested a build without the app-basename flag on NixOS x86_64-linux
- Verified that setting app-basename produces the undesirable User-Agent behavior when resistFingerprinting is off
- Verified that removing app-basename fixes the undesirable User-Agent behavior when resistFingerprinting is off
The gentoo build has the same problem: https://codeberg.org/librewolf/gentoo/src/commit/c3d6a2e1eb59f5651b54782ef259b47b8b2c4847/www-client/librewolf/librewolf-128.0_p2.ebuild#L835
The arch build does not have the problem: https://codeberg.org/librewolf/arch/src/commit/88e990dbefccb277b40cd722962adcd92baca447/PKGBUILD#L129
Related:
- https://codeberg.org/librewolf/issues/issues/1896
- https://old.reddit.com/r/LibreWolf/comments/151q1mx/disabling_resistfingerprinting_breaks_audio_for/ (gentoo)
Thanks for the contribution and sorry for the review delay.
Fixes #260488 |
Description of changes
Due to a quirk in Firefox itself, the
--with-app-basename
flag causes its argument to replace Firefox in the user agent string (if resistFingerprinting is disabled, as it cloaks the UA string) which hurts privacy by making users much easier to fingerprint, as well as hurting website compatibility (even preventing users from being able to install extensions from the Mozilla add-ons store, as it thinks the user is not on a Firefox-based browser, as mentioned in #260488)The
general.useragent.compatMode.firefox
setting can be used to add Firefox to the user agent string, however it is still disabled by default, and it also doesn't remove LibreWolf from the string, which still severely hurts privacy.Removing the flag doesn't seem to have any other significant effect, and it is no longer included in upstream LibreWolf for similar reasons. https://codeberg.org/librewolf/source/src/commit/d766054b586a28b4ddb5ec69d344886397da1137/assets/mozconfig.new
Things done
nix.conf
? (See Nix manual)sandbox = relaxed
sandbox = true
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Add a 👍 reaction to pull requests you find important.