diff --git a/browser/farbling/brave_navigator_plugins_farbling_browsertest.cc b/browser/farbling/brave_navigator_plugins_farbling_browsertest.cc index a4e074476b84..9f080f148d2e 100644 --- a/browser/farbling/brave_navigator_plugins_farbling_browsertest.cc +++ b/browser/farbling/brave_navigator_plugins_farbling_browsertest.cc @@ -116,20 +116,23 @@ class BraveNavigatorPluginsFarblingBrowserTest : public InProcessBrowserTest { IN_PROC_BROWSER_TEST_F(BraveNavigatorPluginsFarblingBrowserTest, FarbleNavigatorPlugins) { // Farbling level: off - // get real length of navigator.plugins + // get real length of navigator.plugins, which should return an empty array + // from Chromium 90 on (see https://crrev.com/c/2629990 for reference). AllowFingerprinting(); NavigateToURLUntilLoadStop(farbling_url()); - int off_length = ExecScriptGetInt(kPluginsLengthScript, contents()); + int real_plugins_length = ExecScriptGetInt(kPluginsLengthScript, contents()); + EXPECT_EQ(real_plugins_length, 0); - // Farbling level: balanced (default) - // navigator.plugins should contain all real plugins + 2 fake ones + // Farbling level: balanced (default) navigator.plugins should contain 2 fake + // ones (we used to report 2 real plugins and 2 fake ones before Chromium 90, + // but there are no real ones now, see https://crrev.com/c/2629990). SetFingerprintingDefault(); NavigateToURLUntilLoadStop(farbling_url()); int balanced_length = ExecScriptGetInt(kPluginsLengthScript, contents()); - EXPECT_EQ(balanced_length, off_length + 2); + EXPECT_EQ(balanced_length, 2); // Farbling level: maximum - // navigator.plugins should contain no real plugins, only 2 fake ones + // navigator.plugins should contain no real plugins either, only 2 fake ones. BlockFingerprinting(); NavigateToURLUntilLoadStop(farbling_url()); int maximum_length = ExecScriptGetInt(kPluginsLengthScript, contents()); @@ -188,65 +191,48 @@ IN_PROC_BROWSER_TEST_F(BraveNavigatorPluginsFarblingBrowserTest, "qVKly58ePHDBgQoUqVKFix48.fvXLlSJ"); } -// Tests that names of built-in plugins get farbled by default -// https://github.com/brave/brave-browser/issues/10597 +// Tests that no built-in plugins returned even when fingerprinting is allowed, +// and that only fake ones are exposed when "balanced" behavior is selected. IN_PROC_BROWSER_TEST_F(BraveNavigatorPluginsFarblingBrowserTest, - FarbleNavigatorPluginsBuiltin) { + FarbleNavigatorPluginsNoBuiltinAvailable) { // Farbling level: off AllowFingerprinting(); NavigateToURLUntilLoadStop(farbling_url()); - int off_length = ExecScriptGetInt(kPluginsLengthScript, contents()); - EXPECT_EQ(off_length, 2); - EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[0].name);", - contents()), - "Chrome PDF Plugin"); - EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[1].name);", - contents()), - "Chrome PDF Viewer"); + int real_plugins_length = ExecScriptGetInt(kPluginsLengthScript, contents()); + EXPECT_EQ(real_plugins_length, 0); // Farbling level: balanced (default) SetFingerprintingDefault(); NavigateToURLUntilLoadStop(farbling_url()); EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[1].name);", + "domAutomationController.send(navigator.plugins[0].name);", contents()), - "Brave PDF plug in"); + "Xr1at27"); EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[2].name);", + "domAutomationController.send(navigator.plugins[1].name);", contents()), - "Chrome PDF and PS plug-in"); + "8.fPHDhw"); } -// Tests that names of built-in plugins that get farbled will reset to their -// original names when fingerprinting is turned off -// https://github.com/brave/brave-browser/issues/11278 +// Tests that the list of plugins returned by navigator.plugins will reset to +// being and empty one when fingerprinting is turned off. IN_PROC_BROWSER_TEST_F(BraveNavigatorPluginsFarblingBrowserTest, FarbleNavigatorPluginsReset) { // Farbling level: balanced (default) SetFingerprintingDefault(); NavigateToURLUntilLoadStop(farbling_url()); EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[1].name);", + "domAutomationController.send(navigator.plugins[0].name);", contents()), - "Brave PDF plug in"); + "Xr1at27"); EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[2].name);", + "domAutomationController.send(navigator.plugins[1].name);", contents()), - "Chrome PDF and PS plug-in"); + "8.fPHDhw"); // Farbling level: off AllowFingerprinting(); NavigateToURLUntilLoadStop(farbling_url()); - int off_length = ExecScriptGetInt(kPluginsLengthScript, contents()); - EXPECT_EQ(off_length, 2); - EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[0].name);", - contents()), - "Chrome PDF Plugin"); - EXPECT_EQ(ExecScriptGetStr( - "domAutomationController.send(navigator.plugins[1].name);", - contents()), - "Chrome PDF Viewer"); + int real_plugins_length = ExecScriptGetInt(kPluginsLengthScript, contents()); + EXPECT_EQ(real_plugins_length, 0); } diff --git a/chromium_src/third_party/blink/renderer/core/page/plugin_data.h b/chromium_src/third_party/blink/renderer/core/page/plugin_data.h deleted file mode 100644 index 5fc591ef49eb..000000000000 --- a/chromium_src/third_party/blink/renderer/core/page/plugin_data.h +++ /dev/null @@ -1,17 +0,0 @@ -/* Copyright (c) 2020 The Brave Authors. All rights reserved. - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_CORE_PAGE_PLUGIN_DATA_H_ -#define BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_CORE_PAGE_PLUGIN_DATA_H_ - -#define BRAVE_PLUGIN_DATA_H \ - void SetName(const String& new_name) { name_ = new_name; } \ - void SetFilename(const String& new_filename) { filename_ = new_filename; } - -#include "../../../../../../../third_party/blink/renderer/core/page/plugin_data.h" - -#undef BRAVE_PLUGIN_DATA_H - -#endif // BRAVE_CHROMIUM_SRC_THIRD_PARTY_BLINK_RENDERER_CORE_PAGE_PLUGIN_DATA_H_ diff --git a/chromium_src/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc b/chromium_src/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc index 04088e99edb7..a5569681e0a3 100644 --- a/chromium_src/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc +++ b/chromium_src/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc @@ -14,8 +14,6 @@ #include "third_party/blink/renderer/modules/plugins/dom_plugin.h" #include "third_party/blink/renderer/modules/plugins/dom_plugin_array.h" #include "third_party/blink/renderer/platform/heap/heap.h" -#include "third_party/blink/renderer/platform/wtf/text/string_builder.h" -#include "third_party/blink/renderer/platform/wtf/vector.h" using blink::DOMPlugin; using blink::DOMPluginArray; @@ -26,30 +24,9 @@ using blink::Member; using blink::MimeClassInfo; using blink::PluginInfo; using WTF::String; -using WTF::StringBuilder; namespace brave { -String PluginReplacementName(std::mt19937_64* prng) { - std::vector chrome{"Chrome ", "Chromium ", "Brave ", - "Web ", "Browser ", "OpenSource ", - "Online ", "JavaScript ", ""}; - std::vector pdf{"PDF ", - "Portable Document Format ", - "portable-document-format ", - "document ", - "doc ", - "PDF and PS ", - "com.adobe.pdf "}; - std::vector viewer{"Viewer", "Renderer", "Display", "Plugin", - "plug-in", "plug in", "extension", ""}; - StringBuilder result; - result.Append(chrome[(*prng)() % chrome.size()]); - result.Append(pdf[(*prng)() % pdf.size()]); - result.Append(viewer[(*prng)() % viewer.size()]); - return result.ToString(); -} - void FarblePlugins(DOMPluginArray* owner, HeapVector>* dom_plugins) { if (!owner->DomWindow()) @@ -61,36 +38,15 @@ void FarblePlugins(DOMPluginArray* owner, case BraveFarblingLevel::OFF: { break; } + case BraveFarblingLevel::BALANCED: case BraveFarblingLevel::MAXIMUM: { - dom_plugins->clear(); - // "Maximum" behavior is clear existing plugins + "balanced" behavior, - // so fall through here. - U_FALLTHROUGH; - } - case BraveFarblingLevel::BALANCED: { - std::mt19937_64 prng = BraveSessionCache::From(*(frame->DomWindow())) - .MakePseudoRandomGenerator(); - // The item() method will populate plugin info if any item of - // |dom_plugins_| is null, but when it tries, it assumes the - // length of |dom_plugins_| == the length of the underlying - // GetPluginData()->Plugins(). Once we add our fake plugins, that - // assumption will break and the item() method will crash with an - // out-of-bounds array access. Rather than patch the item() method, we - // ensure that the cache is fully populated now while the assumptions - // still hold, so the problematic code is never executed later. - for (unsigned index = 0; index < dom_plugins->size(); index++) { - auto plugin = frame->GetPluginData()->Plugins()[index]; - String name = plugin->Name(); - // Built-in plugins get their names and descriptions farbled as well. - if ((name == "Chrome PDF Plugin") || (name == "Chrome PDF Viewer")) { - plugin->SetName(PluginReplacementName(&prng)); - plugin->SetFilename( - BraveSessionCache::From(*(frame->DomWindow())) - .GenerateRandomString(plugin->Filename().Ascii(), 32)); - } - (*dom_plugins)[index] = - MakeGarbageCollected(frame->DomWindow(), *plugin); - } + // Both "balanced" and "maximum" behaviors will return a list with 2 fake + // plugins only since Chromium 90, which changed the navigator.plugins + // array to always be an empty one unless features::kNavigatorPluginsEmpty + // is disabled with --disable-features (see https://crrev.com/c/2629990), + // which is a scenario not supported by Brave. + DCHECK(dom_plugins->IsEmpty()); + // Add fake plugin #1. auto* fake_plugin_info_1 = MakeGarbageCollected( BraveSessionCache::From(*(frame->DomWindow())) @@ -109,6 +65,7 @@ void FarblePlugins(DOMPluginArray* owner, auto* fake_dom_plugin_1 = MakeGarbageCollected( frame->DomWindow(), *fake_plugin_info_1); dom_plugins->push_back(fake_dom_plugin_1); + // Add fake plugin #2. auto* fake_plugin_info_2 = MakeGarbageCollected( BraveSessionCache::From(*(frame->DomWindow())) @@ -127,7 +84,10 @@ void FarblePlugins(DOMPluginArray* owner, auto* fake_dom_plugin_2 = MakeGarbageCollected( frame->DomWindow(), *fake_plugin_info_2); dom_plugins->push_back(fake_dom_plugin_2); + // Shuffle the list of plugins pseudo-randomly, based on the domain key. + std::mt19937_64 prng = BraveSessionCache::From(*(frame->DomWindow())) + .MakePseudoRandomGenerator(); std::shuffle(dom_plugins->begin(), dom_plugins->end(), prng); break; } @@ -139,7 +99,7 @@ void FarblePlugins(DOMPluginArray* owner, } // namespace brave #define BRAVE_DOM_PLUGINS_UPDATE_PLUGIN_DATA \ - data->ResetPluginData(); \ + GetPluginData()->ResetPluginData(); \ brave::FarblePlugins(this, &dom_plugins_); #include "../../../../../../../third_party/blink/renderer/modules/plugins/dom_plugin_array.cc" diff --git a/patches/third_party-blink-renderer-core-page-plugin_data.h.patch b/patches/third_party-blink-renderer-core-page-plugin_data.h.patch deleted file mode 100644 index e5e1d862a772..000000000000 --- a/patches/third_party-blink-renderer-core-page-plugin_data.h.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git a/third_party/blink/renderer/core/page/plugin_data.h b/third_party/blink/renderer/core/page/plugin_data.h -index fe5aa20243d89ea6a0f1cecb5ea00846607c6d39..7363a4dab1c30ab26fc57b2d546b77564b359e0b 100644 ---- a/third_party/blink/renderer/core/page/plugin_data.h -+++ b/third_party/blink/renderer/core/page/plugin_data.h -@@ -1,4 +1,3 @@ -- - /* - Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) - -@@ -76,6 +75,7 @@ class CORE_EXPORT PluginInfo final : public GarbageCollected { - Color BackgroundColor() const { return background_color_; } - bool MayUseExternalHandler() const { return may_use_external_handler_; } - -+ BRAVE_PLUGIN_DATA_H - private: - friend class MimeClassInfo; - friend class PluginData; diff --git a/patches/third_party-blink-renderer-modules-plugins-dom_plugin_array.cc.patch b/patches/third_party-blink-renderer-modules-plugins-dom_plugin_array.cc.patch index c3b5496ecb48..8246b98f2199 100644 --- a/patches/third_party-blink-renderer-modules-plugins-dom_plugin_array.cc.patch +++ b/patches/third_party-blink-renderer-modules-plugins-dom_plugin_array.cc.patch @@ -1,12 +1,12 @@ diff --git a/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc b/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc -index d75bf82ee420aa67fed211284da20934a6ace39a..c81fac42874465155847109cf629d4e28824ef0a 100644 +index d75bf82ee420aa67fed211284da20934a6ace39a..f32822e36cbdd3ffea1d847df2c9effbfb394928 100644 --- a/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc +++ b/third_party/blink/renderer/modules/plugins/dom_plugin_array.cc -@@ -154,6 +154,7 @@ void DOMPluginArray::UpdatePluginData() { - } - } +@@ -131,6 +131,7 @@ PluginData* DOMPluginArray::GetPluginData() const { + void DOMPluginArray::UpdatePluginData() { + if (base::FeatureList::IsEnabled(features::kNavigatorPluginsEmpty)) { + dom_plugins_.clear(); ++ BRAVE_DOM_PLUGINS_UPDATE_PLUGIN_DATA + return; } -+ BRAVE_DOM_PLUGINS_UPDATE_PLUGIN_DATA - } - - void DOMPluginArray::ContextDestroyed() { + PluginData* data = GetPluginData();