GNU bug report logs -
#58011
Jitsi, Bowser, and IceCat's user agent string
Previous Next
To reply to this bug, email your comments to 58011 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Thu, 22 Sep 2022 18:51:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Michael McMahon <michael <at> fsf.org>
:
New bug report received and forwarded. Copy sent to
bug-gnuzilla <at> gnu.org
.
(Thu, 22 Sep 2022 18:51:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
I received a report that an IceCat user was not able to use Jitsi with
IceCat 102. They reported that changing the user agent string to
Firefox fixed their issue.
IceCat 102 should work with Jitsi, but the way that bowser reads the
user agent string returns that the browser is IceCat which it is not
familiar with. Rather than submitting patches to to every browser check
to correctly identify IceCat as a Firefox fork, I would recommend
changing the user agent string back to Firefox as it once was [1] to
correct this issue as well as others that have not been reported.
[1] https://lists.gnu.org/archive/html/bug-gnuzilla/2015-01/msg00019.html
Abrowser uses Firefox in the user agent string and this problem does not
occur with Jitsi or bowser.
IceCat 102's user agent string looks like this:
Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 IceCat/102.0
Abrowser 104's user agent string looks like this:
Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Firefox/104.0
Best,
Michael McMahon | Web Developer, Free Software Foundation
GPG Key: 4337 2794 C8AD D5CA 8FCF FA6C D037 59DA B600 E3C0
https://fsf.org
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 00:37:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 58011 <at> debbugs.gnu.org (full text, mbox):
this bug prevents icecat from accessing many websites (any which
guard traffic via cloudflare, for example) - gitlab is perhaps
the most popular example - it was a long-standing bug in
iceweasel also; but i eventually identified and solved the
problem; and i made a patch for gnuzila also
https://lists.gnu.org/archive/html/bug-gnuzilla/2021-05/msg00005.html
please consider applying both this patch, and the one i sent a
few weeks ago - icecat has had both of these bugs for years
https://lists.gnu.org/archive/html/gnuzilla-dev/2022-09/msg00000.html
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 00:43:02 GMT)
Full text and
rfc822 format available.
Message #11 received at 58011 <at> debbugs.gnu.org (full text, mbox):
just to nit-pick, that web-based conference tool is named
'jitsi-meet' - 'jitsi' is a java-based SIP client, also from the
jitsi team - 'jitsi' is significantly older - the more recent
popularity of web conferencing, combined with the decrease in
popularity of SIP, has people generally confused about the names
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 00:53:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 58011 <at> debbugs.gnu.org (full text, mbox):
Hi Michael,
Michael McMahon <michael <at> fsf.org> writes:
> I received a report that an IceCat user was not able to use Jitsi with
> IceCat 102. They reported that changing the user agent string to
> Firefox fixed their issue.
[...]
> IceCat 102's user agent string looks like this:
>
> Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 IceCat/102.0
That's not what I'm seeing with IceCat 102.3.0-guix0-preview1 as built
by GNU Guix. Using a freshly created profile, I visited a website
served by my own web server, and then looked at its logs, which revealed
that my Guix-built IceCat 102 sent the following user agent string:
"Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"
Can you tell me more about how you built or acquired the IceCat 102 that
produced the user agent string ending with "IceCat/102.0"?
Thanks,
Mark
--
Disinformation flourishes because many people care deeply about injustice
but very few check the facts. Ask me about <https://stallmansupport.org>.
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 01:16:02 GMT)
Full text and
rfc822 format available.
Message #17 received at 58011 <at> debbugs.gnu.org (full text, mbox):
On Thu, 22 Sep 2022 20:51:38 -0400 Mark wrote:
> that my Guix-built IceCat 102 sent the following user agent string:
>
> "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"
mark, would you try the "sign in" button on gitlab.com - you
dont need to sign in - if you see the login form at all, that
would demonstrate that the problem is resolved - with the
"icecat" user-agent, it gets stuck on a cloudflare "browser
check" page instead
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 02:45:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 58011 <at> debbugs.gnu.org (full text, mbox):
Hi Bill,
bill-auger <bill-auger <at> peers.community> writes:
> On Thu, 22 Sep 2022 20:51:38 -0400 Mark wrote:
>> that my Guix-built IceCat 102 sent the following user agent string:
>>
>> "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"
>
> mark, would you try the "sign in" button on gitlab.com - you
> dont need to sign in - if you see the login form at all, that
> would demonstrate that the problem is resolved - with the
> "icecat" user-agent, it gets stuck on a cloudflare "browser
> check" page instead
I only spent a few minutes on it, but wasn't able to easily get the
gitlab.com sign-in page to work with IceCat 102. It gets stuck in the
browser check page, as you said. I tried disabling all of IceCat's
bundled add-ons, as well as the obvious IceCat-specific preferences, and
also the "privacy.resistFingerprinting" setting in <about:config>, but
it still doesn't work.
It's not immediately obvious to me what the gitlab.com sign-in page has
to do with the bug report that we're discussing here. Have you found
that changing the user agent string fixes that problem? If so, what
precise user-agent string have you found that works?
I'm open to the possibility that our default user agent string should be
changed to something else. However, it would also be good to understand
why there seems to be at least one IceCat 102 build out there that sends
a different user-agent string than the one sent by the IceCat 102 built
by GNU Guix.
Thanks,
Mark
--
Disinformation flourishes because many people care deeply about injustice
but very few check the facts. Ask me about <https://stallmansupport.org>.
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 02:51:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 58011 <at> debbugs.gnu.org (full text, mbox):
Hi, Mark!
I have not used IceCat 102 myself, but the user that reported this
claimed they were using 102.3esr. I pulled the user agent string from
nginx logs from a jitsi-meet instance so some people are using it in the
wild.
I made a server-side change to correct IceCat to Firefox on the server
side and asked them to try again [1]. The single change did not fix the
issue, but after the user claims that the page worked after they
disabling privacy.resistFingerprinting.
[1]
https://github.com/jitsi/js-utils/blob/master/browser-detection/BrowserDetection.js#L19
Best,
Michael McMahon | Web Developer, Free Software Foundation
GPG Key: 4337 2794 C8AD D5CA 8FCF FA6C D037 59DA B600 E3C0
https://fsf.org
On 9/22/22 20:51, Mark H Weaver wrote:
> Hi Michael,
>
> Michael McMahon <michael <at> fsf.org> writes:
>
>> I received a report that an IceCat user was not able to use Jitsi with
>> IceCat 102. They reported that changing the user agent string to
>> Firefox fixed their issue.
> [...]
>> IceCat 102's user agent string looks like this:
>>
>> Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 IceCat/102.0
>
> That's not what I'm seeing with IceCat 102.3.0-guix0-preview1 as built
> by GNU Guix. Using a freshly created profile, I visited a website
> served by my own web server, and then looked at its logs, which revealed
> that my Guix-built IceCat 102 sent the following user agent string:
>
> "Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"
>
> Can you tell me more about how you built or acquired the IceCat 102 that
> produced the user agent string ending with "IceCat/102.0"?
>
> Thanks,
> Mark
>
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 03:52:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 58011 <at> debbugs.gnu.org (full text, mbox):
there is more to it than the user-agent string - there are
several associated config vars which affect that cloudflare
browser check - i have been patching icecat like so, since 2021,
specifically to fix this problem
https://git.parabola.nu/~bill-auger/icecat.git/commit/?h=do-not-spoof-useragent&id=1351954b2fba37cec9262e970a84ce0d7b62df1d
in short, the solution is to "do nothing" - do not attempt to
override the defaults - parabola used to do the same for
iceweasel, until this problem appeared and the cause was
identified - after some discussion, we agreed that the generic
configuration is the most desirable anyways; because as you
noted regarding the tor button, the best way to thwart
fingerprinting is to appear to be as generic as possible
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 03:59:01 GMT)
Full text and
rfc822 format available.
Message #29 received at 58011 <at> debbugs.gnu.org (full text, mbox):
On Thu, 22 Sep 2022 23:49:16 -0400 bill-auger wrote:
> there is more to it than the user-agent string
i could have explained that better - especially if you want to
continue spoofing the user-agent, this is what youd need to mind
the likely cause of the rejection, is because the user-agent
string specifies "Linux", while these config vars specify
Windows; so cloudflare considers the browser to be bogus or
otherwise insane
> -pref("general.oscpu.override", "Windows NT 6.1");
> -pref("general.platform.override", "Win32");
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 05:28:01 GMT)
Full text and
rfc822 format available.
Message #32 received at 58011 <at> debbugs.gnu.org (full text, mbox):
On Thu, 22 Sep 2022 22:50:06 -0400 Michael wrote:
> the user claims that the page worked after they
> disabling privacy.resistFingerprinting.
i looked into jitsi-meet specifically - with parabola's icecat
102 (with the patch to avoid spoofing the user-agent) -
jitsi-meet does not work
> "It looks like you're using a browser we don't fully support."
setting 'privacy.resistFingerprinting' to 'false' makes it work
- so this may be a different issue than gitlab.com and the
cloudflare browser check, or a combination of both
Information forwarded
to
bug-gnuzilla <at> gnu.org
:
bug#58011
; Package
gnuzilla
.
(Fri, 23 Sep 2022 12:59:03 GMT)
Full text and
rfc822 format available.
Message #35 received at 58011 <at> debbugs.gnu.org (full text, mbox):
Hello, I am the one who reported the issue to Mr. McMahon. I didn't
write here because I thought it isn't a GNU IceCat issue, rather it is
FSF's Jitsi instance issue. Sorry about the inconvenience.
Mark H Weaver <mhw <at> netris.org> writes:
> However, it would also be good to understand why there seems to be at
> least one IceCat 102 build out there that sends a different user-agent
> string than the one sent by the IceCat 102 built by GNU Guix.
In the beginning, I thought it is related to the browser's user-agent
string. Because I installed `User-Agent Switcher and Manager' add-on and
then I could access the `jitsi.member.fsf.org' website. After that, I
noticed that useragent string doesn't include "IceCat" as you said. I
started to spoof Navigator API with CanvasBlocker add-on, which helped
me to bypass the issue. I didn't want to mess with IceCat's defaults in
the first place but disabling privacy.resistFingerprinting seems to work
with Jitsi. Ironically, it seems like enabling fingerprinting makes my
browser more recognizable, if I understood correctly.
Thank you for maintaining this browser both for installation scripts and
Guix package definition.
Also, this is the first time I'm writing to a mailing list with Gnus, so
please let me know if I didn't follow some conventions.
This bug report was last modified 2 years and 97 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.