Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The custom header list should be hard-coded #16455

Closed
fmarier opened this issue Jun 16, 2021 · 3 comments · Fixed by brave/brave-core#9157
Closed

The custom header list should be hard-coded #16455

fmarier opened this issue Jun 16, 2021 · 3 comments · Fixed by brave/brave-core#9157
Assignees
@kkuehlz
Labels
custom headers feature/referral-promo network/startup requests OS/Android Fixes related to Android browser functionality OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass - Android ARM QA Pass - Android Tab QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/include
Milestone
1.28.x - Release

Comments

@fmarier
Copy link
Member

fmarier commented Jun 16, 2021

Right now, custom headers rely on a list that's provided on startup by the following endpoint: https://laptop-updates.brave.com/promo/custom-headers

Since this is a deprecated mechanism to tell websites that a visitor is using Brave, there is no need for this list to be updatable more often than what can be provided via the normal release cycle.

@diracdeltas had the idea of taking another step towards removal of this legacy feature by moving the dynamic list to be hard-coded in a C++ constant. That way, we can deprecate the laptop-updates endpoint (combined with the work in #16374) and eventually turn it off.
@fmarier fmarier added OS/Android Fixes related to Android browser functionality OS/Desktop privacy/connect This requires making a network connection to a third-party service. network/startup requests custom headers and removed privacy/connect This requires making a network connection to a third-party service. labels Jun 16, 2021
This was referenced Jun 16, 2021
Open
Closed
@kkuehlz kkuehlz self-assigned this Jun 16, 2021
@kkuehlz kkuehlz added feature/referral-promo priority/P3 The next thing for us to work on. It'll ride the trains. release-notes/include labels Jun 17, 2021
kkuehlz pushed a commit to brave/brave-core that referenced this issue Jun 17, 2021
brave_referrals: Hardcode custom headers list
b8dbdaa 
Minimize network requests by hardcoding the referral headers as opposed
to fetching them from the network. These headers are deprecated and
won't change anymore.

Resolves brave/brave-browser#16455
@kkuehlz kkuehlz mentioned this issue Jun 17, 2021
Merged
24 tasks
@kkuehlz kkuehlz added the QA/Yes label Jun 17, 2021
@kkuehlz
Copy link
Contributor

kkuehlz commented Jun 17, 2021
edited
Loading

Test Plan

Ensure the brave partners receive the custom headers the same as they would on earlier versions of browsers (e.g. 1.26.x), although new headers won't contain cookieNames. Can be cross-compared using Wireshark. Ensure no network request is made to https://laptop-updates.com/promo/custom-headers for 1.28

Sites to check:

kkuehlz pushed a commit to brave/brave-core that referenced this issue Jun 17, 2021
brave_referrals: Hardcode custom headers list
3730843 
Minimize network requests by hardcoding the referral headers as opposed
to fetching them from the network. These headers are deprecated and
won't change anymore.

Resolves brave/brave-browser#16455
kkuehlz pushed a commit to brave/brave-core that referenced this issue Jun 17, 2021
brave_referrals: Hardcode custom headers list
065aa29 
Minimize network requests by hardcoding the referral headers as opposed
to fetching them from the network. These headers are deprecated and
won't change anymore.

Resolves brave/brave-browser#16455
kkuehlz pushed a commit to brave/brave-core that referenced this issue Jun 18, 2021
brave_referrals: Hardcode custom headers list
2f920b0 
Minimize network requests by hardcoding the referral headers as opposed
to fetching them from the network. These headers are deprecated and
won't change anymore.

Resolves brave/brave-browser#16455
kkuehlz pushed a commit to brave/brave-core that referenced this issue Jun 23, 2021
brave_referrals: Hardcode custom headers list
6983876 
Minimize network requests by hardcoding the referral headers as opposed
to fetching them from the network. These headers are deprecated and
won't change anymore.

Resolves brave/brave-browser#16455
@kkuehlz kkuehlz added this to the 1.28.x - Nightly milestone Jun 24, 2021
@stephendonner
Copy link

stephendonner commented Jun 24, 2021
edited by btlechowski
Loading

Verified PASSED using

Brave 1.28.27 Chromium: 91.0.4472.120 (Official Build) nightly (x86_64)
Revision 12c5925972cffe578ca7ca7a295e98ee7e178a7a-refs/branch-heads/4472@{#1506}
OS macOS Version 11.4 (Build 20F71)

Steps:

  1. clean profile
  2. launched Wireshark, filtered for dns (and launched Charles Proxy, as backup verification)
  3. launched Brave
  4. opened Developer Tools' Network panel
  5. loaded eaff.com
  6. loaded uphold.com
  7. loaded grammarly.com

Confirmed via the Network panel (and clicking on a request) for eaff.com, uphold.com, and grammarly.com:

  • X-Brave-Partner: eaff, uphold, and grammarly were present, for their respective site
  • there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests - checked via both Wireshark and Charles Proxy
eaff.com uphold.com grammarly.com
Screen Shot 2021-06-24 at 3 12 43 PM Screen Shot 2021-06-24 at 3 12 56 PM Screen Shot 2021-06-24 at 3 13 40 PM
Wireshark Charles Proxy
Screen Shot 2021-06-24 at 3 14 58 PM Screen Shot 2021-06-24 at 3 13 49 PM

Verification passed on


Brave | 1.28.92 Chromium: 92.0.4515.107 (Official Build) beta (64-bit)
-- | --
Revision | 87a818b10553a07434ea9e2b6dccf3cbe7895134-refs/branch-heads/4515@{#1634}
OS | Windows 10 OS Version 2004 (Build 19041.1110)

Confirmed via the Network panel (and clicking on a request) for eaff.com, uphold.com, and grammarly.com:

  • X-Brave-Partner: eaff, uphold, and grammarly were present, for their respective site
  • there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests - checked via both Wireshark and Charles Proxy
eaff.com uphold.com grammarly.com
image image image
Wireshark Charles Proxy
image image

Verification passed on

Brave 1.28.92 Chromium: 92.0.4515.107 (Official Build) beta (64-bit)
Revision 87a818b10553a07434ea9e2b6dccf3cbe7895134-refs/branch-heads/4515@{#1634}
OS Ubuntu 18.04 LTS

Confirmed via the Network panel (and clicking on a request) for eaff.com, uphold.com, and grammarly.com:

  • X-Brave-Partner: eaff, uphold, and grammarly were present, for their respective site
  • there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests - checked via both Wireshark
eaff.com uphold.com grammarly.com
image image image

Wireshark
image

@srirambv
Copy link
Contributor

srirambv commented Aug 3, 2021

Verification passed on Oppo R5 with Android 11 running 1.28.99 x64 Beta Build

EAFF.com Uphold.com Grammarly.com
image image image
  • Verified there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests for Uphold.com
    image

Verification passed on Samsung Tab A with Android 10 running 1.28.99 x64 Beta Build

  • Verified the test plan from The custom header list should be hard-coded #16455 (comment)
  • Verified X-Brave-Partner: eaff, X-Brave-Partner: uphold, and X-Brave-Partner: grammarly were present, for their respective site via Network panel in dev tools
  • Verified there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests
EAFF.com Uphold.com Grammarly.com
image image image
  • Verified there were NO DNS lookups/connections made to the https://laptop-updates.com/promo/custom-headers endpoint, while running these tests for EAFF.com
  • image

@LaurenWags LaurenWags mentioned this issue Aug 10, 2021
Closed
@kjozwiak kjozwiak mentioned this issue Aug 12, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kkuehlz kkuehlz

Labels
custom headers feature/referral-promo network/startup requests OS/Android Fixes related to Android browser functionality OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass - Android ARM QA Pass - Android Tab QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/include
Projects
None yet
Milestone
1.28.x - Release
Development

Successfully merging a pull request may close this issue.

Hardcode custom headers brave/brave-core
7 participants
@fmarier @stephendonner @srirambv @LaurenWags @kkuehlz @btlechowski @GeetaSarvadnya