Skip to content

Commit

Permalink
Set reduce-lang origin correctly in service workers (#18756)
Browse files Browse the repository at this point in the history 
* Set reduce-lang origin correctly in service workers

* tests
  • Loading branch information
@pilgrim-brave
pilgrim-brave authored Jun 15, 2023
1 parent 8dd2be1 commit af5bef0
Show file tree
Hide file tree
Showing 4 changed files with 80 additions and 8 deletions.
19 changes: 19 additions & 0 deletions browser/farbling/brave_navigator_languages_farbling_browsertest.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -329,3 +329,22 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorLanguagesFarblingBrowserTest,
BlockFingerprinting(domain_y);
ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), url_y));
}

// Tests results of farbling HTTP Accept-Language header
IN_PROC_BROWSER_TEST_F(BraveNavigatorLanguagesFarblingBrowserTest,
FarbleHTTPAcceptLanguageFromServiceWorker) {
std::string domain_b = "b.test";
GURL url_b_sw = https_server_.GetURL(
domain_b, "/reduce-language/service-workers-accept-language.html");

// Farbling level: maximum
// HTTP Accept-Language header should be farbled by the same across domains,
// even if fetch originated from a service worker.
SetFingerprintingDefault(domain_b);
SetAcceptLanguages("zh-HK,zh,la");
SetExpectedHTTPAcceptLanguage("zh-HK,zh;q=0.7");
ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), url_b_sw));
std::u16string expected_title(u"LOADED");
TitleWatcher watcher(web_contents(), expected_title);
EXPECT_EQ(expected_title, watcher.WaitAndGetTitle());
}
23 changes: 15 additions & 8 deletions browser/net/brave_reduce_language_network_delegate_helper.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ static constexpr auto kFarbleAcceptLanguageExceptions =
} // namespace

std::string FarbleAcceptLanguageHeader(
const GURL& tab_origin,
const GURL& origin_url,
Profile* profile,
HostContentSettingsMap* content_settings) {
std::string languages = profile->GetPrefs()
Expand All @@ -58,7 +58,7 @@ std::string FarbleAcceptLanguageHeader(
brave::FarblingPRNG prng;
if (g_brave_browser_process->brave_farbling_service()
->MakePseudoRandomGeneratorForURL(
tab_origin, profile && profile->IsOffTheRecord(), &prng)) {
origin_url, profile && profile->IsOffTheRecord(), &prng)) {
accept_language_string += kFakeQValues[prng() % kFakeQValues.size()];
}
return accept_language_string;
Expand All @@ -73,12 +73,19 @@ int OnBeforeStartTransaction_ReduceLanguageWork(
HostContentSettingsMap* content_settings =
HostContentSettingsMapFactory::GetForProfile(profile);
DCHECK(content_settings);
if (!brave_shields::ShouldDoReduceLanguage(content_settings, ctx->tab_origin,
GURL origin_url(ctx->tab_origin);
if (origin_url.is_empty()) {
origin_url = ctx->initiator_url;
}
if (origin_url.is_empty()) {
return net::OK;
}
if (!brave_shields::ShouldDoReduceLanguage(content_settings, origin_url,
profile->GetPrefs())) {
return net::OK;
}
base::StringPiece tab_origin_host(ctx->tab_origin.host_piece());
if (kFarbleAcceptLanguageExceptions.contains(tab_origin_host)) {
base::StringPiece origin_host(origin_url.host_piece());
if (kFarbleAcceptLanguageExceptions.contains(origin_host)) {
return net::OK;
}

Expand All @@ -96,7 +103,7 @@ int OnBeforeStartTransaction_ReduceLanguageWork(

std::string accept_language_string;
switch (brave_shields::GetFingerprintingControlType(content_settings,
ctx->tab_origin)) {
origin_url)) {
case ControlType::BLOCK: {
// If fingerprint blocking is maximum, set Accept-Language header to
// static value regardless of other preferences.
Expand All @@ -106,8 +113,8 @@ int OnBeforeStartTransaction_ReduceLanguageWork(
case ControlType::DEFAULT: {
// If fingerprint blocking is default, compute Accept-Language header
// based on user preferences and some randomization.
accept_language_string = FarbleAcceptLanguageHeader(
ctx->tab_origin, profile, content_settings);
accept_language_string =
FarbleAcceptLanguageHeader(origin_url, profile, content_settings);
break;
}
default:
Expand Down
21 changes: 21 additions & 0 deletions test/data/reduce-language/service-workers-accept-language.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
<!DOCTYPE html>
<!-- Accept-Language HTTP header test from service worker -->
<html>
<head>
<title></title>
<meta charset="utf-8">
</head>
<body>
<script>
navigator.serviceWorker.register('service-workers-accept-language.js')
navigator.serviceWorker.onmessage = function (e) {
document.title = e.data; // 'LOADED' or 'FAILED'
};
navigator.serviceWorker.ready.then(function(registration) {
if (!navigator.serviceWorker.controller)
window.location.reload();
navigator.serviceWorker.controller.postMessage("fetch");
});
</script>
</body>
</html>
25 changes: 25 additions & 0 deletions test/data/reduce-language/service-workers-accept-language.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
// Copyright (c) 2023 The Brave Authors. All rights reserved.
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
// You can obtain one at https://mozilla.org/MPL/2.0/.

addEventListener('install', function(event) {
event.waitUntil(self.skipWaiting()); // Activate worker immediately
});

addEventListener('activate', function(event) {
event.waitUntil(self.clients.claim()); // Become available to all pages
});

addEventListener('message', (event) => {
if (event.data == 'fetch') {
fetch('/reduce-language/empty.json')
.then(r => r.text())
.then(data => {
event.source.postMessage('LOADED');
})
.catch((e) => {
event.source.postMessage('FAILED');
});
}
});

0 comments on commit af5bef0

Please sign in to comment.