Remove CPU architecture detection for Linux #14012
Assignees
Labels
P2
Second level priority - Should have
Comments
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this issue
Jan 5, 2024
…x, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs mozilla/bedrock#12966 and mozilla/bedrock#14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like webcompat/web-bugs#130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395
ErichDonGubler
pushed a commit
to erichdongubler-mozilla/firefox
that referenced
this issue
Jan 6, 2024
…x, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs mozilla/bedrock#12966 and mozilla/bedrock#14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like webcompat/web-bugs#130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395
alexgibson
added
P2
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified-and-comments-removed
that referenced
this issue
Jan 16, 2024
…x, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs mozilla/bedrock#12966 and mozilla/bedrock#14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like webcompat/web-bugs#130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395 UltraBlame original commit: 8c2839bd6b4a48f0cff10be3a763cb8281a0a871
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-comments-removed
that referenced
this issue
Jan 16, 2024
…x, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs mozilla/bedrock#12966 and mozilla/bedrock#14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like webcompat/web-bugs#130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395 UltraBlame original commit: 8c2839bd6b4a48f0cff10be3a763cb8281a0a871
gecko-dev-updater
pushed a commit
to marco-c/gecko-dev-wordified
that referenced
this issue
Jan 16, 2024
…x, and other Unix-like platforms. r=necko-reviewers,kershaw Freeze the CPU architecture reported in Firefox's `User-Agent` HTTP header and `navigator.userAgent` and `navigator.platform` Web APIs as `Linux armv81` on Android and `Linux x86_64` on Linux and other Unix-like platforms. Temporarily guard this change behind a pref so it can be disabled quickly, if needed. Goals: 1. Reduce fingerprintable entropy exposed to web content. 2. Reduce risk of webcompat problems from unexpected CPU architectures. Chrome's UA reduction effort made the same change in Chrome 107 (2022-10-25): https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5. Firefox used to report the CPU architecture as "aarch64" on Android, but change to "armv81" to match Chrome and reduce the risk of future webcompat issues. For now, don't enable this pref for x86 Linux builds because Mozilla's Firefox download page checks the visitor's navigator.platform to determine whether to serve an x86 or x86_64 binary (or to direct users to a support page for other architectures, such as ARM64). If x86 and ARM64 Linux builds report they are "Linux x86_64", then the Firefox download pages will unknowingly serve those users an incompatible x86_64 binary. That issue will be resolved by Bedrock bugs mozilla/bedrock#12966 and mozilla/bedrock#14012. In the meantime, we can enable this pref in the meantime for ARM64 Linux (to fix YouTube bug 1869521 and webcompat issues like webcompat/web-bugs#130946) because Mozilla doesn't publish official ARM64 Linux builds of Firefox yet. These users are using unofficial or distro builds and presumably know not to attempt to download Firefox (using Firefox) from mozilla.org. Differential Revision: https://phabricator.services.mozilla.com/D197395 UltraBlame original commit: 8c2839bd6b4a48f0cff10be3a763cb8281a0a871
github-project-automation
bot
moved this from In Progress
to Done
in Bedrock Technical Roadmap (2024)
1 task
moz-v2v-gh
pushed a commit
to mozilla/gecko-dev
that referenced
this issue
Apr 16, 2024
…4" in Linux User-Agent. r=necko-reviewers,kershaw This will match the behavior of ARM64 Linux (bug 1861847) and Chrome reporting their CPU architecture as "Linux x86_64": https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5 Goals: 1. Reduce fingerprintable entropy exposed to web content. Few websites should need to distinguish 32-bit x86 Linux users from x86_64 Linux users. One of the few that did was Mozilla's own Firefox download page and it has now been updated to use distro packages instead of sniffing the UA string to offer Mozilla's architecture-specific installer binaries. (See bugs mozilla/bedrock#12966 and mozilla/bedrock#14012.) 2. Reduce risk of webcompat problems from websites not recognizing unexpected CPU architectures. (Example: in bug 1861847, YouTube treated ARM64 Linux as a mobile device) This "freezeCpu" pref controls this UA string code path: https://searchfox.org/mozilla-central/rev/1f27a4022f9f1269d897526c1c892a57743e650c/netwerk/protocol/http/nsHttpHandler.cpp#931-937 The UA string tests already check the "freezeCpu" pref to test for either "Linux x86_64" or the actual CPU architecture: https://searchfox.org/mozilla-central/rev/f602853ba8d55ba157e2a74d9b571615f6ed97b8/browser/components/resistfingerprinting/test/browser/browser_navigator.js#41-47,51 Differential Revision: https://phabricator.services.mozilla.com/D207238
ErichDonGubler
pushed a commit
to erichdongubler-mozilla/firefox
that referenced
this issue
Apr 17, 2024
…4" in Linux User-Agent. r=necko-reviewers,kershaw This will match the behavior of ARM64 Linux (bug 1861847) and Chrome reporting their CPU architecture as "Linux x86_64": https://www.chromium.org/updates/ua-reduction/#sample-ua-strings-phase-5 Goals: 1. Reduce fingerprintable entropy exposed to web content. Few websites should need to distinguish 32-bit x86 Linux users from x86_64 Linux users. One of the few that did was Mozilla's own Firefox download page and it has now been updated to use distro packages instead of sniffing the UA string to offer Mozilla's architecture-specific installer binaries. (See bugs mozilla/bedrock#12966 and mozilla/bedrock#14012.) 2. Reduce risk of webcompat problems from websites not recognizing unexpected CPU architectures. (Example: in bug 1861847, YouTube treated ARM64 Linux as a mobile device) This "freezeCpu" pref controls this UA string code path: https://searchfox.org/mozilla-central/rev/1f27a4022f9f1269d897526c1c892a57743e650c/netwerk/protocol/http/nsHttpHandler.cpp#931-937 The UA string tests already check the "freezeCpu" pref to test for either "Linux x86_64" or the actual CPU architecture: https://searchfox.org/mozilla-central/rev/f602853ba8d55ba157e2a74d9b571615f6ed97b8/browser/components/resistfingerprinting/test/browser/browser_navigator.js#41-47,51 Differential Revision: https://phabricator.services.mozilla.com/D207238
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
See https://bugzilla.mozilla.org/show_bug.cgi?id=1861847
The TL:DR is Firefox will soon freeze the Linux user agent string header (as well as
navigator.userAgentandnavigator.platform) to always includeLinux x86_64. This will break our Linux downloads, serving 64-bit binaries to visitors on 32-bit systems.Because Firefox does not also support Client Hints API, detecting CPU architecture on Linux will no longer be possible for serving the correct file download.
We need to remove our reliance on this for Linux, and offer people a choice of which file to download instead.
See also #12966 for related upcoming changes on Linux.
Success Criteria
The text was updated successfully, but these errors were encountered: