WKWebView default UA doesn't freeze the build number
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 20 Dec 2018 18:27:46 +0000 (18:27 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 20 Dec 2018 18:27:46 +0000 (18:27 +0000)
https://bugs.webkit.org/show_bug.cgi?id=192809
<rdar://problem/44687185>

Reviewed by Andy Estes.

Always reports the frozen build number.

Source/WebKit:

* UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
(defaultApplicationNameForUserAgent): Do not expose the actual build number through this API.

Source/WebKitLegacy/mac:

* WebView/WebView.mm:
(-[WebView _setBrowserUserAgentProductVersion:buildVersion:bundleVersion:]): Do not report the
actual build number through this method call.
(-[WebView _setUIWebViewUserAgentWithBuildVersion:]): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239451 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/API/Cocoa/WKWebViewConfiguration.mm
Source/WebKitLegacy/mac/ChangeLog
Source/WebKitLegacy/mac/WebView/WebView.mm

index 47f383d..d1e7fe4 100644 (file)
@@ -1,3 +1,16 @@
+2018-12-20  Brent Fulgham  <bfulgham@apple.com>
+
+        WKWebView default UA doesn't freeze the build number
+        https://bugs.webkit.org/show_bug.cgi?id=192809
+        <rdar://problem/44687185>
+
+        Reviewed by Andy Estes.
+
+        Always reports the frozen build number.
+
+        * UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
+        (defaultApplicationNameForUserAgent): Do not expose the actual build number through this API.
+
 2018-12-20  Jer Noble  <jer.noble@apple.com>
 
         Enable MediaCapabilities by default.
index d287fd9..38c91a4 100644 (file)
@@ -456,7 +456,7 @@ static _WKDragLiftDelay toDragLiftDelay(NSUInteger value)
 static NSString *defaultApplicationNameForUserAgent()
 {
 #if PLATFORM(IOS_FAMILY)
-    return [@"Mobile/" stringByAppendingString:[UIDevice currentDevice].buildVersion];
+    return @"Mobile/15E148";
 #else
     return nil;
 #endif
index eb1d110..a7fed47 100644 (file)
@@ -1,3 +1,18 @@
+2018-12-20  Brent Fulgham  <bfulgham@apple.com>
+
+        WKWebView default UA doesn't freeze the build number
+        https://bugs.webkit.org/show_bug.cgi?id=192809
+        <rdar://problem/44687185>
+
+        Reviewed by Andy Estes.
+
+        Always reports the frozen build number.
+
+        * WebView/WebView.mm:
+        (-[WebView _setBrowserUserAgentProductVersion:buildVersion:bundleVersion:]): Do not report the
+        actual build number through this method call.
+        (-[WebView _setUIWebViewUserAgentWithBuildVersion:]): Ditto.
+
 2018-12-19  Chris Dumez  <cdumez@apple.com>
 
         wtf/Optional.h: move-constructor and move-assignment operator should disengage the value being moved from
index 17ea0ba..2f73283 100644 (file)
@@ -1158,12 +1158,15 @@ static CFMutableSetRef allWebViewsSet;
 #if PLATFORM(IOS_FAMILY)
 - (void)_setBrowserUserAgentProductVersion:(NSString *)productVersion buildVersion:(NSString *)buildVersion bundleVersion:(NSString *)bundleVersion
 {
-    [self setApplicationNameForUserAgent:[NSString stringWithFormat:@"Version/%@ Mobile/%@ Safari/%@", productVersion, buildVersion, bundleVersion]];
+    // The web-visible build and bundle versions are frozen to remove a fingerprinting surface
+    UNUSED_PARAM(buildVersion);
+    [self setApplicationNameForUserAgent:[NSString stringWithFormat:@"Version/%@ Mobile/15E148 Safari/%@", productVersion, bundleVersion]];
 }
 
 - (void)_setUIWebViewUserAgentWithBuildVersion:(NSString *)buildVersion
 {
-    [self setApplicationNameForUserAgent:[@"Mobile/" stringByAppendingString:buildVersion]];
+    UNUSED_PARAM(buildVersion);
+    [self setApplicationNameForUserAgent:@"Mobile/15E148"];
 }
 #endif // PLATFORM(IOS_FAMILY)