Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
76 final, save some bytes in RFP section
  • Loading branch information
@Thorin-Oakenpants
Thorin-Oakenpants committed May 24, 2020
1 parent 4bc5b89 commit ff9bf76
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions user.js
View file
@@ -1,7 +1,7 @@
/******
* name: ghacks user.js
* date: 7 May 2020
* version 76-beta
* date: 24 May 2020
* version 76
* authors: v52+ github | v51- www.ghacks.net
* url: https://github.com/ghacksuserjs/ghacks-user.js
* license: MIT: https://github.com/ghacksuserjs/ghacks-user.js/blob/master/LICENSE.txt
Expand Down Expand Up @@ -1412,13 +1412,13 @@ user_pref("privacy.firstparty.isolate", true);
This spoof *shouldn't* affect core chrome/Firefox performance
** 1217238 - reduce precision of time exposed by javascript (FF55+)
** 1369303 - spoof/disable performance API (see 2410-deprecated, 4602, 4603) (FF56+)
** 1333651 & 1383495 & 1396468 - spoof Navigator API (see section 4700) (FF56+)
FF56: The version number will be rounded down to the nearest multiple of 10
FF57: The version number will match current ESR (1393283, 1418672, 1418162, 1511763)
FF59: The OS will be reported as Windows, OSX, Android, or Linux (to reduce breakage) (1404608)
FF66: The OS in HTTP Headers will be reduced to Windows or Android (1509829)
FF68: Reported OS versions updated to Windows 10, OS 10.14, and Android 8.1 (1511434)
FF78: Reported OS versions updated to OS 10.15 and Android 9.0 (1635011)
** 1333651 & 1383495 & 1396468 - spoof User Agent & Navigator API (see section 4700) (FF56+)
FF56: Version: rounded down to the nearest multiple of 10
FF57: Version: match current ESR (1393283, 1418672, 1418162, 1511763)
FF59: OS: Windows, OSX, Android, or Linux (to reduce breakage) (1404608)

This comment has been minimized.

Sign in to view

Copy link
@geeknik

geeknik May 24, 2020

Re: 1404608, is there a note somewhere about how if you enable RFP on a Linux version of Firefox, it will send Windows via the User Agent, but leak your real OS via JavaScript? Mozilla doesn't care.
FF66: OS: HTTP Headers reduced to Windows or Android (1509829)
FF68: OS: updated to Windows 10, OS 10.14, and Android 8.1 (1511434)
FF78: OS: updated to OS 10.15 and Android 9.0 (1635011)
** 1369319 - disable device sensor API (see 4604) (FF56+)
** 1369357 - disable site specific zoom (see 4605) (FF56+)
** 1337161 - hide gamepads from content (see 4606) (FF56+)
Expand Down

4 comments on commit ff9bf76

@Thorin-Oakenpants
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

90 bytes saved. Enjoy

@crssi
Copy link

@crssi crssi commented on ff9bf76 May 24, 2020
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you Pants. Love you. ❤️

@Thorin-Oakenpants
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@geeknik : that's not true.

  • HTTP headers only reveal two OSes, and doesn't seem to break anything. Headers are always sent - passive FPing. This is good.
  • The reason JS reveals four OSes is to lessen breakage: less breakage = more uptake = a bigger pool to hide in. RFP on FF is not front facing yet
  • All Linux RFP users still look the same - (navigator: linux / header: windows)
  • You can't hide your OS. That said, anything that makes it harder is good, but since all Linux users look the same, it's not a priority
  • There is a ticket in to hopefully fix the bulk of the breakage and then the JS can hopefully fall back to two OSes - see this

As for bugzilla 1557620 that you linked to, comment 2 actually says its intended behavior and links to the bug that explains why. Comment 3 is so far off the beaten track, it's not funny. It doesn't increase FPing at all (see bullet point 3 above). And as for breaking standards (header doesn't match navigator) .. got some news .. RFP is all about breaking standards: it constantly lies

@rusty-snake
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even tor leaks your OS on https site in safer mode.

Please sign in to comment.