From 7c4c5837fb8a042cb3f652bebbfc4a55837a9a63 Mon Sep 17 00:00:00 2001 From: Karem Date: Sun, 28 Jun 2026 04:24:25 +0300 Subject: [PATCH] fix(calls/capability): return a complete Chrome high-entropy client-hints set The navigator.userAgentData shim's getHighEntropyValues() returned only a partial set (platform, platformVersion="", architecture, model, uaFullVersion). A strict Chrome capability/calling-eligibility check reads bitness, fullVersionList and wow64, and an empty platformVersion plus those missing keys can read as "not a real Chrome UA-CH implementation". Return the full, internally-consistent set matching the spoofed Chrome 131 UA: architecture "x86", bitness "64", brands (major) + fullVersionList (full versions), mobile false, model "", platform "Linux", platformVersion "6.0.0", uaFullVersion "131.0.0.0", wow64 false. The hints argument is intentionally ignored (the shim is the whole implementation); returning unrequested keys is harmless. Top-level brands/mobile/platform are unchanged. Verified in a real WebKitGTK engine (origin spoofed to web.whatsapp.com): getHighEntropyValues resolves with bitness "64", wow64 false, fullVersionList length 3 (Chrome "131.0.0.0"), platformVersion "6.0.0"; the top-level shim still reports 3 brands, mobile false, platform "Linux". Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_016o9cWBaPy4zU4BAurUVoTp --- src-tauri/resources/bridge.js | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/src-tauri/resources/bridge.js b/src-tauri/resources/bridge.js index 924a019..1dd9fcd 100644 --- a/src-tauri/resources/bridge.js +++ b/src-tauri/resources/bridge.js @@ -24,13 +24,31 @@ ], mobile: false, platform: "Linux", + // Real Chrome returns the requested hints (and these fields are what WhatsApp's + // capability/calling check reads). The previous shim omitted bitness, + // fullVersionList and wow64 and left platformVersion empty, which a strict check + // can treat as "not Chrome". Return the full, internally-consistent set; returning + // hints that weren't asked for is harmless. getHighEntropyValues: function () { return Promise.resolve({ - platform: "Linux", - platformVersion: "", architecture: "x86", + bitness: "64", + brands: [ + { brand: "Chromium", version: "131" }, + { brand: "Google Chrome", version: "131" }, + { brand: "Not_A Brand", version: "24" }, + ], + fullVersionList: [ + { brand: "Chromium", version: "131.0.0.0" }, + { brand: "Google Chrome", version: "131.0.0.0" }, + { brand: "Not_A Brand", version: "24.0.0.0" }, + ], + mobile: false, model: "", + platform: "Linux", + platformVersion: "6.0.0", uaFullVersion: "131.0.0.0", + wow64: false, }); }, },