core(emulation): always match host browser's version milestone #16677
Conversation
| */ | ||
| async function matchHostUAVersion(session, userAgent) { | ||
| const {milestone} = await getBrowserVersion(session); | ||
| const tweakedUA = userAgent.replace(/(Chrome\/)[\d.]+/, `$1${milestone}.0.0.0`); |
There was a problem hiding this comment.
Is there a reason to not include the full version number?
There was a problem hiding this comment.
chromium version number is MILESTONE.MINOR.BRANCH.PATCH.
- minor is always 0, afaik
- BUILD must get updated whenever a release candidate is built from the current trunk. The BUILD number is an ever-increasing number representing a point in time of the Chromium trunk.
- PATCH must get updated whenever a release candidate is built from the BUILD branch.
then there's UA reduction
https://www.chromium.org/updates/ua-reduction/
https://privacysandbox.google.com/blog/user-agent-reduction-android-model-and-version
so now the useragent (in navigator and request headers) gets milestone.0.0.0 now.
however if you request UA client hints you can get the non-reduced minor.branch.patch. (apparently)
It's actually correct for us to ensure the UA we emulate (which ends up in navigator and requestheaders) has .0.0.0 because regular chrome does. so any more data would be a LH fingerprint.
i'm indirectly pitching here that we give reduced version numbers to clienthints. if we didn't, we'd either 1) be creating "invalid" version numbers or 2) we'd have to make them legit which requires a bunch of chromium version number data.. seems like a pain.
There was a problem hiding this comment.
t's actually correct for us to ensure the UA we emulate (which ends up in navigator and requestheaders) has .0.0.0 because regular chrome does. so any more data would be a LH fingerprint.
sg
i'm indirectly pitching here that we give reduced version numbers to clienthints
I don't think we need to do anything. Chrome will decide what level of detail to give when users request client hints (see https://developer.mozilla.org/en-US/docs/Web/API/NavigatorUAData/getHighEntropyValues).
This means we don't need to update the UA every few months. It'll always reflect the milestone of the host browser you're using.
If you supply a custom UA via configuration, we'll still use it BUT tweaked to use the matching milestone. After landing this PR, there's no way to force a specific chrome version in the emulated UA.
ref #14917. This has been an idea for a long while now.