Jump to content

Spoofing Firefox 53 (and newer versions) on Windows 2000 and XP


Recommended Posts

9 hours ago, Sampei.Nihira said:

try to verify if what is written below can be useful:

http://forums.mozillazine.org/viewtopic.php?f=38&t=3031074

Many thanks @Sampei.Nihira :cheerleader:

By slightly modifying the instructions in the last post of the mozillazine thread you linked to, I was able to restore SSUAO functionality in Firefox 52.9.0[1] 32-bit on my VistaSP2 x86 laptop and bring it on par with the UXP browsers (i.e. SSUAO are now possible natively, without the need for extra extension(s)) :thumbup 

Full Guide (tested only in FxESR52, should work in other Fx versions):

1. Load "about:config?filter=site_specific" in a tab and make sure

general.useragent.site_specific_overrides;true (should be by default)

2. Exit Firefox

3. Create the following text file

pref("general.config.obscure_value", 0);
pref("general.config.filename", "config.js");

rename it to "config-prefs.js" (make sure no hidden .txt extension is present) and place it inside

<FirefoxInstalDir>\defaults\pref\

(a file named "channel-prefs.js" should already be there by default)

4. Create the following text file

// needs to start with a comment line
Components.utils.import("resource://gre/modules/Services.jsm");
Services.obs.addObserver(function (aSubject, aTopic, aData) {
  var chromeWindow = aSubject;
  chromeWindow.setTimeout(function () {
    Components.utils.import("resource://gre/modules/UserAgentOverrides.jsm", chromeWindow);
    chromeWindow.UserAgentOverrides.init();
  }, 1000);
}, "browser-delayed-startup-finished", false);

rename it to "config.js" (make sure no hidden .txt extension is present) and place it inside <FirefoxInstalDir>\ (i.e. in the same directory as firefox.exe). 

5. Launch Firefox; now you are ready to create SSUAOs inside about:config as you would do in New Moon and/or Serpent 52. E.g. I created 

general.useragent.override.browserspy.dk;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0

and when visiting the test site with FxESR52 I get:

ZCauXYb.jpg

(to re-iterate, this is without any UA modifying extension... :P).

15 hours ago, Mathwiz said:

If there's some other preference or method required to make site-specific overrides work, please let us all in on the secret!

I think you'll find the above to your satisfaction... ;)

Edited by VistaLover
Link to comment
Share on other sites


1 hour ago, sdfox7 said:

I tried spoofing Firefox on Windows XP as Firefox 66 on Windows 7. The fact that Google Earth refuses to run (anyway) proves that Google is doing other sniffing below the surface of just the browser. Browser agent spoofing should be enough to make the page work

By spoofing a recent Google Chrome version (70/Win7x64) in FirefoxESR52 (see my previous post...)

general.useragent.override.google.com;Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36

I can get PAST the "... isn't supported by your browser, yet." message; however

1. Due to old gfx card driver (Toshiba modified, can't be updated to later version by vendor), some WebGL features are being disabled

2. I am met with Javascript errors; probably FxESR52 can't handle the recent JS code Google are feeding it... :angry:

uGLgvDm.jpg

Link to comment
Share on other sites

@VistaLover

I tried that UA string too, and I got past the first incompatibility error message, but then got a WebGL error message instead.
Switching over to my other graphics card, which is much better than the ancient one I normally use on XP, made that error apparently go away, but I've now just got a static picture which appears to have no embedded links, so I'm not sure what you're supposed to do with it to try and go any further.
:dubbio:
 

Link to comment
Share on other sites

10 hours ago, sdfox7 said:

So I tried spoofing Firefox on Windows XP as Firefox 66 on Windows 7. The fact that Google Earth refuses to run (anyway) proves that Google is doing other sniffing below the surface of just the browser. Browser agent spoofing should be enough to make the page work, just as it works in http://whatismybrowser.com 

The fact that the page knows I'm not actually running Windows 7/Firefox 66 proves that Google has deeper access to the fundamental internal characteristics of my system than my user agent is letting on. In terms of privacy and "Big Brother" that's NOT a good thing, and should concern anyone.

It's probably not that sophisticated. Most likely they're using JavaScript and/or CSS features (most likely JS, since it tells you it doesn't work; with bad CSS, it just wouldn't work, a la those Instagram videos) that aren't supported on older versions of FF. Even PM/NM/Basilisk/Serpent probably haven't caught up yet (but it wouldn't hurt to try).

Edit: Looks like @VistaLover inadvertently confirmed my guess:

Quote

I am met with Javascript errors; probably FxESR52 can't handle the recent JS code Google are feeding it...

If it works on Basilisk on Win 7, but not on Serpent on Win XP, despite a UA override, then I'd start to worry.

Edited by Mathwiz
Link to comment
Share on other sites

18 hours ago, Sampei.Nihira said:

I use FF 52ESR only to make comparisons with NM28.
but to answer your question try to verify if what is written below can be useful:

http://forums.mozillazine.org/viewtopic.php?f=38&t=3031074

Thanks. On reading that, though, I have to wonder what the heck Mozilla was thinking:

Quote

The UserAgentOverrides module has been stripped out.

UserAgentOverrides take ~9% of pageload time...
http://bugzilla.mozilla.org/show_bug.cgi?id=896114

For reading only as Bugzilla is not a forum.

dickvl

Posted June 16th, 2017, 4:29 pm

The module is still there, but only not initialized anymore.
resource://gre/modules/UserAgentOverrides.jsm

So they didn't remove the UAO module (obviously, because it can be made to work), but it was slowing down page loads (has anyone here even noticed?). Wouldn't the logical fix be simply to change the site-specific-overrides pref to default to false, instead of making us write JavaScript to turn the bloody thing back on?

Oh, well, be that as it may, thanks to @dickvl, @morat, and of course @VistaLover for coming up with a fix. @Dave-H's extension may still be useful in some situations, such as when you need a UAO for a specific page, rather than for an entire site, but this should cover most cases.

Link to comment
Share on other sites

On 3/23/2019 at 4:19 AM, Mathwiz said:
On 3/16/2019 at 10:29 AM, luweitest said:

I am using FF 52.9.1. User-agent spoof to FF64 do not work.

I just tested a spoof to FF60.9, as above, and GitHub does work with that spoof.

Yes I confirm spoofing to FF60.9 works for FF52. However this makes no sense, so Github page's javascript must have some bug. Anyway, thanks to RT's Serpent build of Basilisk I find it's most compatible with FF52 extensions I am using, so I am switching to Serpent.

p.s. For site-specific User-agent spoofing, I should mention HTTP Header Mangler: https://github.com/disptr/httpheadermangler

From it's sample rules:

example.com
.*regexp\d+
# This is a comment.
X-Forwarded-For=10.11.12.13

# Delete headers using "" or ''.
X-Forwarded-For=""
X-Forwarded-For=''

    # Indentation is allowed.
    foobar
# Formatting with whitespace is allowed.
X-Forwarded-For    =    100.101.102.103
User-Agent         =    Mozilla/3.0 (X11; I; AIX 2)

Link to comment
Share on other sites

26 minutes ago, luweitest said:

I confirm spoofing to FF60.9 works for FF52. However this makes no sense

I agree. The only thing the spoof should do is remove the "unsupported browser" warning banner. It shouldn't fix the "branches" drop-down, yet somehow it does....

27 minutes ago, luweitest said:

Github page's javascript must have some bug.

It's either a bug or a deliberate attempt to frustrate users of older browsers, by sending them faulty JavaScript! :crazy:

Link to comment
Share on other sites

18 minutes ago, Mathwiz said:

It's either a bug or a deliberate attempt to frustrate users of older browsers, by sending them faulty JavaScript!

This is where things get ridiculous. If they deliberately discourage the use of older browsers, they should make FF64 work.

Link to comment
Share on other sites

I go back & forth on what "global" spoof to use. Right now I've gone to spoofing FF 60.9 globally, but with a number of SSUAO's for sites (like Instagram) that send JS that's too new if you claim to be 60.9.

Link to comment
Share on other sites

On 3/25/2019 at 8:41 AM, Mathwiz said:

It's either a bug or a deliberate attempt to frustrate users of older browsers, by sending them faulty JavaScript! :crazy:

 

On 3/25/2019 at 9:03 AM, luweitest said:

This is where things get ridiculous. If they deliberately discourage the use of older browsers, they should make FF64 work.

I bet GitHub actually works on "real" FF 64. They probably send the FF64-compatible JS to any FF browser except 60.x and maybe a few other recent versions in that range. FF 52, NM, & Serpent can't use the FF 64 code, but if the browser is "too old" for GitHub's taste, it just sends the FF 64 code anyway (along with the out-of-date browser banner). So you have to use a spoof that's "old enough," but not "too old" :rolleyes:

Link to comment
Share on other sites

Mathwiz said:


I bet GitHub actually works on "real" FF 64. They probably send the FF64-compatible JS to any FF browser except 60.x and maybe a few other recent versions in that range. FF 52, NM, & Serpent can't use the FF 64 code, but if the browser is "too old" for GitHub's taste, it just sends the FF 64 code anyway (along with the out-of-date browser banner). So you have to use a spoof that's "old enough," but not "too old"


That makes perfect sense:
The coders use some if-rules for certain defined alternative browsers, and all the "unknown" rest gets the "default" value - for current modern code.

In my old KM-version I've also noticed that spoofing as IE7 gives very often better results as spoofing as FF3.5, matching the real engine. For example on amazon spoofing IE7 makes the article's main image show up, otherwise it's invisible. My theory is that quite some website-devs still just keep inherited ancient if-rules for IE7 from old times, when it was the most important browser, by simply not touching those lines, and despite some rendering quirks the result in old gecko browsers is now a lot better as the modern "default" code for newer Firefoxes. Who would have thought that one day it would be a good thing that old IE wasn't strictly standard :-) For old Firefox-versions such if-rules were not necessary at the time, so today they land in the big pot who gets just modern default code. Edited by siria
Link to comment
Share on other sites

Mathwiz said:


It's either a bug or a deliberate attempt to frustrate users of older browsers, by sending them faulty JavaScript!


Yeah, it's definitely fully intentional. Microsoft is known for trying all sorts of tricks to enforce the newest browser and OS versions (with maximized spying tools) on all people, if any possible. So the first thing they did after getting their hands on github was to enforce a newer TLS version, even for simply *reading* public pages. In one scoop kicking out all users of really old browsers knowing max TLS1.0 (perhaps 1.1 too, don't know), and even worse, also making it impossible for them to download anything from github anymore. Countless useful apps developed for OLD browsers now inaccessible, and updates to those, and even Linux builds.

And shortly after people here reported that Microsoft now also blocked access to a few of the advanced github-features for members, by enforcing really latest greatest javascript and the most modern browsers on them, if I got that right.

That fits also perfectly to this discovery that Microsoft-Github now only allows full access for the current Firefox ESR 60 version too, by intentionally using most modern JS code, and even the previous FF-esr is already ignored!

They clearly do this by design. Trying to enforce as much as they can their latest systems and browsers with maximized spying build-in and minimized customizing possibilities for users. Like others too of course (e.g. Mozilla deleting ALL xul-addons which makes no other sense at all, instead of simply keeping a frozen archive, and Opera deleted all Presto-addons long since too)

Regarding really old browsers again, luckily one of them could already handle some TLS1.2 and html5: Opera Presto 12.02. The prob is, that's not widely known, sadly I learned this only last year. And meanwhile, what hardly anyone knows, there's also retrozilla (FF2) and a few old gecko builds with added TLS1.2 by roytam1, working miracles in modern web, even on 98se with kernelex: you wouldn't believe how many sites become at least readable again simply by being allowed access. Without frills and only limited functions of course, but blocking css sometimes works the next miracle, revealing input boxes, text content, many images, making some broken links clickable. BTW also making some too heavy css-overloaded pages scrollable again, fast. For miracle step #3 fiddling with userstyles+scripts often helps (for this forum too) All that stuff doesn't help always, but well enough in most cases.

Point being:
Yes they are fully intentionally trying to kick out users of even slightly older browsers versions, for their own hidden agendas, without real need. Edited by siria
Link to comment
Share on other sites

  • 5 weeks later...

can someone help I have this string ggeneral.useragent.overridepreference;

Mozilla/5.0 (Windows NT 6.1; rv:70.0) Gecko/20100101 Firefox/70.0

yet on what is my browser it says it is out ouf date, have I got it wrong

i tried Mozilla/5.0 (Windows NT 6.1; WOW64;rv:60.0) Gecko/20100101 Firefox/60.0

no go

is there another change I need to make to make it report 53 or 54

it did seem to report ok upto date until I did a FF reset, now it doesn't

this is what I have

general.useragent.overide;Mozilla/5.0 (Windows NT 6.1; rv:53.0) Gecko/20100101 Firefox/53. 0

general.useragent.overridepreference;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0

firefox browser.JPG

Edited by DrWho3000
edit
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...