Outdated Chrome/Edge version in user agent

TheNetsky / Microsoft-Rewards-Script

Automated Microsoft Rewards script, using TypeScript, Cheerio and Playwright.

231 stars 51 forks source link

Outdated Chrome/Edge version in user agent #149

Closed kianfotovat closed 1 month ago

kianfotovat commented 2 months ago

The root of this issue is fingerprint-generator not using the correct versions so please feel free to close this if you think its irrelevant/doesn't belong here. Oh and also thanks for the awesome script!

The user agent provided by fingerprint-generator's getFingerprint() is showing 124.0.0.0 instead of 128.0.0.0 for the Chrome/Edge versions. I looked at fingerprint-generator's documentation which led me to try replacing browsers: ['edge'] with browsers: [ { name: 'edge', minVersion: 128 } ] but this gave me a user agent for a macOS device using Safari. I messed with it a bit more and found that 126 is the highest I could set the minVersion before getting weird behavior.

TheNetsky commented 1 month ago

Fixed with 1.4.11

kianfotovat commented 1 month ago

In case anyone runs into this problem in the future:

In Browser.ts, modify the browserListQuery: 'last 2 edge version' line of the

const fingerPrintData = new FingerprintGenerator().getFingerprint({
    devices: this.bot.isMobile ? ['mobile'] : ['desktop'],
    operatingSystems: this.bot.isMobile ? ['android'] : ['windows'],
    browsers: ['edge']
    browserListQuery: 'last 2 edge version'
})

block so it reads browserListQuery: 'last 1 edge version' instead. Based on my 10 seconds of reading the browserlist documentation, I believe that should always return the latest version of Edge.

TheNetsky commented 1 month ago

I've specifically made it the last 2 versions so it differentiates a bit more between versions, it's not uncommon to not be on the latest version of a browser. Once again don't think it matters all that much, but you can still save the fingerprint in case you want it to return the same one.

kianfotovat commented 1 month ago

Saving the fingerprint means it wouldn't update when a new browser version is available though, correct? That's why I assumed that option wouldn't work for me.

And I agree, I don't think it matters that much, if at all. If Microsoft wants to ban script users, they can do much more than just sniff the user agent. I just wanted the information to be in this issue in the (unlikely) event it might be useful to someone in the future.

Thanks again for your work on this script :)

TheNetsky commented 1 month ago

It indeed would not update the user agent, however would make all request consistent and maybe "less suspicious", although so far I've not really heard of anyone getting banned because of this script (maybe some using proxies/multi accounts) however that's always a extra risk factor.