Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A Brave user agent is sent in Chromecast SSDP packets #18017

Closed
fmarier opened this issue Sep 11, 2021 · 8 comments · Fixed by brave/brave-core#22140
Closed

A Brave user agent is sent in Chromecast SSDP packets #18017

fmarier opened this issue Sep 11, 2021 · 8 comments · Fixed by brave/brave-core#22140
Assignees
@ShivanKaul
Labels
OS/Android Fixes related to Android browser functionality OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. privacy QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/include
Projects
Security & Privacy
Milestone
1.65.x - Release

Comments

@fmarier
Copy link
Member

fmarier commented Sep 11, 2021

Description

Instead of using the regular user agent (like we send to websites, i.e. the Chrome one), Chromecast SSDP packets create their own user agent manually: https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/media/router/discovery/dial/dial_service.cc;l=111-128;drc=46bbb9795fcc1934c6cfbec096764f888c4d400a

Steps to Reproduce

  1. Open Wireshark, filter for ssdp
  2. Start the browser
  3. Expand the "Simple Service Discovery Protocol" entry
  4. Look for USER-AGENT

Actual result:

Screenshot from 2021-09-10 17-33-29

Expected result:

We should either send our regular web user agent:

Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

or perhaps it would be better for compatibility with Chromecast devices to pretend to be a Chrome browser. This is what Chrome sends:

USER-AGENT: Google Chrome/93.0.4577.63 Linux
@fmarier fmarier added privacy OS/Android Fixes related to Android browser functionality OS/Desktop labels Sep 11, 2021
@fmarier fmarier changed the title A Brave user agent is sent in Chromecast SSDP packets as our web UI A Brave user agent is sent in Chromecast SSDP packets Sep 11, 2021
@ShivanKaul
Copy link
Collaborator

Thanks for filing @fmarier! Also noting here that on Mac the channel info is included for the user agent:

image

@kjozwiak kjozwiak added this to Untriaged Backlog in Security & Privacy via automation Sep 13, 2021
@ShivanKaul ShivanKaul added the priority/P3 The next thing for us to work on. It'll ride the trains. label Sep 15, 2021
@rebron rebron moved this from Untriaged Backlog to P3, P4 Backlog in Security & Privacy May 17, 2022
@LaurenWags
Copy link
Member

Issue still reproduces with

Brave | 1.64.43 Chromium: 121.0.6167.139 (Official Build) nightly (x86_64)
-- | --
Revision | 190a1d5dbad671a0994283b793d4e66e98b82371
OS | macOS Version 13.6.4 (Build 22G513)

Steps:

  1. Open Wireshark, filter for ssdp
  2. Launch Nightly
  3. Enable Media Router under brave://settings/extensions
  4. Relaunch as required
  5. Expand the "Simple Service Discovery Protocol" entry
  6. Look for USER-AGENT
Screenshot 2024-02-02 at 3 36 39 PM

@ShivanKaul ShivanKaul mentioned this issue Feb 18, 2024
Merged
24 tasks
Security & Privacy automation moved this from P3, P4 Backlog to Completed Feb 21, 2024
@brave-builds brave-builds added this to the 1.65.x - Nightly milestone Feb 21, 2024
@ShivanKaul ShivanKaul self-assigned this Feb 24, 2024
@stephendonner
Copy link
Collaborator

Verified PASSED using

Brave	1.65.77 Chromium: 123.0.6312.29 (Official Build) nightly (x86_64) 
Revision	031ef8c7876fbefaede9ac29292258fe299e06fc
OS	macOS Version 11.7.10 (Build 20G1427)

Steps:

  1. installed 1.65.77
  2. launched Brave
  3. launched Wireshark
  4. filtered to ssdp
  5. opened brave://settings/extensions
  6. set Media Router to Enabled
  7. clicked Relaunch
  8. examined the ssdp packets

Confirmed USER-AGENT: Google Chrome/124.0.6355.0 Mac OS X\r\n

example example example
Screen Shot 2024-03-13 at 11 43 57 AM Screen Shot 2024-03-13 at 11 44 39 AM Screen Shot 2024-03-13 at 11 44 36 AM

@MadhaviSeelam
Copy link
Collaborator

Verification PASSED using

Brave | 1.65.93 Chromium: 123.0.6312.58 (Official Build) beta (64-bit)
-- | --
Revision | a6eee503125f9441360861f96cfdcccf43b6fee0
OS | Windows 11 Version 23H2 (Build 22631.3296)

Steps:

  1. installed 1.65.93
  2. launched Brave
  3. launched Wireshark
  4. filtered to ssdp
  5. opened brave://settings/extensions
  6. set Media Router to Enabled
  7. clicked Relaunch
  8. examined the ssdp packets

Confirmed USER-AGENT: Google Chrome/123.0.6312.58 Windows

example example example
image image image

@ShivanKaul ShivanKaul mentioned this issue Mar 26, 2024
Closed
@hffvld
Copy link
Collaborator

hffvld commented Mar 28, 2024

Hi @fmarier does it apply to Android? I don't think we can cast with a mobile browser.

@fmarier
Copy link
Member Author

fmarier commented Mar 28, 2024

Hi @fmarier does it apply to Android? I don't think we can cast with a mobile browser.

Good question. I may have filed this as Desktop & Android by mistake. I don't remember ever testing this on Android.

@MadhaviSeelam MadhaviSeelam added the QA/In-Progress Indicates that QA is currently in progress for that particular issue label Apr 2, 2024
@MadhaviSeelam
Copy link
Collaborator

MadhaviSeelam commented Apr 2, 2024
edited

Verification PASSED using

Brave	1.65.96 Chromium: 123.0.6312.86 (Official Build) beta (64-bit) 
Revision	5d9143e1a0812c53bdc27fd5384591254306a88c
OS	Linux

Steps:

  1. installed 1.65.96
  2. launched Brave
  3. launched Wireshark
  4. selected ens33 for ...using this filter
  5. filtered to ssdp
  6. opened brave://settings/extensions
  7. set Media Router to Enabled
  8. clicked Relaunch
  9. examined the ssdp packets

Confirmed USER-AGENT: Google Chrome/123.0.6312.86 Linux

example example example
image image image

@MadhaviSeelam MadhaviSeelam added QA Pass-Linux and removed QA/In-Progress Indicates that QA is currently in progress for that particular issue labels Apr 2, 2024
@hffvld
Copy link
Collaborator

hffvld commented Apr 6, 2024

Hi @fmarier, @SergeyZhukovsky and @kjozwiak I spent some time trying to connect Android to Wireshark and capture traffic data. I couldn't figure out how to get SSDP protocol info, I only see MDNS protocol running on the device. I'm not sure if we must use rooted device to see all traffic info or if my setup is incorrect. So, any help is appreciated.

Verified on Pixel 7 using version(s):

Device/OS: Pixel 7 / panther_beta-user 14 AP21.240305.005 release-keys
Brave build: 1.65.103
Chromium: 123.0.6312.105 (Official Build) beta (64-bit)
Android MacOS
1 2

@LaurenWags LaurenWags mentioned this issue Apr 15, 2024
Closed
@kjozwiak kjozwiak mentioned this issue Apr 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ShivanKaul ShivanKaul

Labels
OS/Android Fixes related to Android browser functionality OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. privacy QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Test-All-Platforms QA/Yes release-notes/include
Projects
Security & Privacy
  
Completed
Milestone
1.65.x - Release
Development

Successfully merging a pull request may close this issue.

Match Chrome User Agent in M-SEARCH SSDP packets brave/brave-core
7 participants
@fmarier @stephendonner @ShivanKaul @LaurenWags @brave-builds @MadhaviSeelam @hffvld