The site https://player.onleihe.de/player/player?token=eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJodHRwczovL2RybXRvZGF5Lm9ubGVpaGUuZGUiLCJzdWIiOiIwMDliMDdlMWUyOTk0Mjk1OThlYWE0YmJjZjJhM2MxZiIsImV4cCI6MTc3NDU2NjAwMCwidWlkIjoiNzMxNkQzMTY4NzQ4RTY2RThBMjU0RUQzQkQ3NzlBQjAiLCJsaWQiOiI3OWY4ZTQ4YjcxMzdhNjM4YTg5ZDQ4MTk2NzVmMzg2NCJ9.MwqVNXghRCQ985tpafLc-5GsCAPaW1MZfvT5tpOyDBXxu-gTEhZ_OeBPHbZHO0r8MCIHfBrAHSOANJekehIe2w
uses "bowser" library to identify the browser.
It does not simlpy check navigator useragent but instead does some stuff with "Performance" api:
// find user-agent data
for (const entry of performance.getEntriesByType('navigation')) {
for (const timing of entry.serverTiming || []) {
if (timing.name === 'uasw-json-data') {
port.dataset.str = timing.description;
}
}
}
and this description leaks the true browser identification: "%7B%22userAgent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A148.0)%20Gecko%2F20100101%20Firefox%2F148.0%22%2C%22appVersion%22%3A%225.0%20(X11)%22%2C%22platform%22%3A%22Linux%20amd64%22%2C%22vendor%22%3A%22%22%2C%22product%22%3A%22Gecko%22%2C%22userAgentData%22%3A%22%5Bdelete%5D%22%2C%22oscpu%22%3A%22Linux%22%2C%22productSub%22%3A%2220100101%22%2C%22buildID%22%3A%2220181001000000%22%2C%22type%22%3A%22per-tab%22%7D"
Can this extension spoof this value as well?
The site https://player.onleihe.de/player/player?token=eyJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJodHRwczovL2RybXRvZGF5Lm9ubGVpaGUuZGUiLCJzdWIiOiIwMDliMDdlMWUyOTk0Mjk1OThlYWE0YmJjZjJhM2MxZiIsImV4cCI6MTc3NDU2NjAwMCwidWlkIjoiNzMxNkQzMTY4NzQ4RTY2RThBMjU0RUQzQkQ3NzlBQjAiLCJsaWQiOiI3OWY4ZTQ4YjcxMzdhNjM4YTg5ZDQ4MTk2NzVmMzg2NCJ9.MwqVNXghRCQ985tpafLc-5GsCAPaW1MZfvT5tpOyDBXxu-gTEhZ_OeBPHbZHO0r8MCIHfBrAHSOANJekehIe2w
uses "bowser" library to identify the browser.
It does not simlpy check navigator useragent but instead does some stuff with "Performance" api:
and this description leaks the true browser identification:
"%7B%22userAgent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A148.0)%20Gecko%2F20100101%20Firefox%2F148.0%22%2C%22appVersion%22%3A%225.0%20(X11)%22%2C%22platform%22%3A%22Linux%20amd64%22%2C%22vendor%22%3A%22%22%2C%22product%22%3A%22Gecko%22%2C%22userAgentData%22%3A%22%5Bdelete%5D%22%2C%22oscpu%22%3A%22Linux%22%2C%22productSub%22%3A%2220100101%22%2C%22buildID%22%3A%2220181001000000%22%2C%22type%22%3A%22per-tab%22%7D"Can this extension spoof this value as well?