This repository has been archived by the owner on May 6, 2020. It is now read-only.
Riot's User-Agent leaks a lot of metadata. #295
Comments
|
This should be easy to fix, where is the code, that sets the user-agent in riot? |
|
Indeed, Riot version information should only be sent to the server if analytics has been opted into. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The User-Agent of every Riot version sent is unnecessary detailed. What's the use of that? I don't think there's any. It's an obvious privacy issue.
Examples:
riot-googleplay: Riot.im/0.9.1 (Linux; U; Android 5.1; Phone Model Build/precise build number incl. security patch level; Flavour GooglePlay; MatrixAndroidSDK 0.9.23)
riot-linuxdesktop: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Riot/1.2.1 Chrome/69.0.3497.128 Electron/4.2.2 Safari/537.36
riot-fdroid: Riot.im/0.8.28a (Linux; U; Android 9; Phone Model and ROM Build/precise build number incl. security patch level; Flavour FDroid; MatrixAndroidSDK 0.9.19)
riot-ios: Riot/0.8.6 (iPhone; iOS 12.2; Scale/3.00)
How to fix?
Make the User-Agent in every Riot flavour
Riot.imor something even more generic like Matrix Client or make it an empty field.The text was updated successfully, but these errors were encountered: