[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit dc35363a2dfc84536d6a03eec51749ed87835d07 Author: Translation commit bot Date: Sat Dec 12 07:45:09 2020 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+el.po | 19 +++ 1 file changed, 19 insertions(+) diff --git a/contents+el.po b/contents+el.po index cd4a7ccfd6..217c25fcc7 100644 --- a/contents+el.po +++ b/contents+el.po @@ -610,6 +610,10 @@ msgid "" "the community to make sure they're okay with you bringing in additional " "trainers." msgstr "" +"Îάν ÏÏειάζεÏÏε ÏεÏιÏÏÏÏεÏη βοήθεια, βεβαιÏθείÏε ÏÏι οι ÏÏ Î½ÎµÏγάÏÎµÏ ÏÎ±Ï ÎÏÎ¿Ï Î½ " +"εÏίγνÏÏη ÏÏν αναγκÏν αÏÏÎ¬Î»ÎµÎ¹Î±Ï ÏÎ·Ï ÎºÎ¿Î¹Î½ÏÏηÏÎ±Ï ÎºÎ±Î¹ ενημεÏÏÏÏε ÏÎ¿Ï Ï " +"ÏÏ Î¼Î¼ÎµÏÎÏονÏÎµÏ ÏÏην κοινÏÏηÏα για να βεβαιÏθείÏε ÏÏι ÏÏ Î¼ÏÏνοÏν με Ïη " +"ÏÏ Î¼Î¼ÎµÏοÏή εÏιÏλÎον εκÏÎ±Î¹Î´ÎµÏ ÏÏν." #: https//community.torproject.org/training/best-practices/ #: (content/training/best-practices/contents+en.lrpage.body) @@ -640,6 +644,9 @@ msgid "" "You can also start the training by asking participants to come up with their" " own community agreements for the space." msgstr "" +"ÎÏοÏείÏε εÏίÏÎ·Ï Î½Î± ξεκινήÏεÏε Ïην εκÏÎ±Î¯Î´ÎµÏ Ïη ζηÏÏνÏÎ±Ï Î±ÏÏ ÏÎ¿Ï Ï ÏÏ Î¼Î¼ÎµÏÎÏονÏεÏ" +" να ÏÎ±Ï ÎµÎ½Î·Î¼ÎµÏÏÏÎ¿Ï Î½ ÏÏεÏικά με ÏεÏιοÏιÏμοÏÏ ÏÎ¿Ï ÏÏ ÏÏν Ï ÏάÏÏÎ¿Ï Î½ αÏÏ Ïην " +"κοινÏÏηÏά ÏÎ¿Ï Ï." #: https//community.torproject.org/training/best-practices/ #: (content/training/best-practices/contents+en.lrpage.body) @@ -910,6 +917,9 @@ msgid "" "To our knowledge, no Tor trainer has ever faced consequences as a result of " "training others or speaking about Tor." msgstr "" +"ÎÏÏ ÏÏο γνÏÏÎ¯Î¶Î¿Ï Î¼Îµ, κανÎÎ½Î±Ï ÎµÎºÏÎ±Î¹Î´ÎµÏ ÏÎ®Ï Tor δεν ÎÏει ανÏιμεÏÏÏίÏει ÏοÏÎ " +"ÏÏ Î½ÎÏειεÏ, ÏÏ Î±ÏοÏÎλεÏμα ÏÎ·Ï ÎµÎºÏÎ±Î¯Î´ÎµÏ ÏÎ·Ï Î¬Î»Î»Ïν ή ÏÏν ÏÏ Î¶Î·ÏήÏεÏν ÏÏεÏικά με " +"Ïο Tor." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -919,6 +929,11 @@ msgid "" "even lead to imprisonment, physical assaults, large fines, threats, " "placement on government watch lists, and targeting for surveillance." msgstr "" +"ΩÏÏÏÏο, Ïε οÏιÏμÎÎ½ÎµÏ ÏÏÏÎµÏ ÎºÎ±Î¹ Ïε οÏιÏμÎÎ½ÎµÏ ÏεÏιÏÏάÏειÏ, είναι ÏÎ¹Î¸Î±Î½Ï Î±Ïλά " +"μια ÏÏ Î³ÎºÎνÏÏÏÏη ÏÏ Ï ÏεÏαÏÏιÏÏÏν ÏÏν ανθÏÏÏίνÏν δικαιÏμάÏÏν να είναι " +"εÏÎ¹ÎºÎ¯Î½Î´Ï Î½Î·, ÏαÏάνομη ή ακÏμη και να οδηγήÏει Ïε ÏÏ Î»Î¬ÎºÎ¹Ïη, ÏÏμαÏικÎÏ " +"εÏιθÎÏειÏ, μεγάλα ÏÏÏÏÏιμα, αÏειλÎÏ, ÏοÏοθÎÏηÏη Ïε ÎºÏ Î²ÎµÏνηÏικÎÏ Î»Î¯ÏÏÎµÏ " +"ÏαÏακολοÏθηÏÎ·Ï ÎºÎ±Î¹ ÏÏÏÏÎµÏ Ïη για ÏαÏακολοÏθηÏη." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) @@ -928,6 +943,10 @@ msgid "" "read this document and, in case of doubt, to reach out to the Tor Community " "Team privately." msgstr "" +"Îάν θÎλεÏε να οÏγανÏÏεÏε μια εκÏÎ±Î¯Î´ÎµÏ Ïη για Ïο Tor για ÏÏÏÏη ÏοÏά και δεν " +"ξÎÏεÏε ÏÏÏ Î½Î± αξιολογήÏεÏε Ïο ÏολιÏÎ¹ÎºÏ ÎºÎ±Î¹ κοινÏÎ½Î¹ÎºÏ ÏεÏιβάλλον, ÏÎ±Ï " +"ÏÏοÏÎµÎ¯Î½Î¿Ï Î¼Îµ να διαβάÏεÏε Î±Ï ÏÏ Ïο ÎγγÏαÏο και Ïε ÏεÏίÏÏÏÏη αμÏιβολίαÏ, να " +"εÏικοινÏνήÏεÏε ÏÏοÏÏÏικά με Ïην ομάδα ÏÎ·Ï ÎºÎ¿Î¹Î½ÏÏηÏÎ±Ï Tor." #: https//community.torproject.org/training/risks/ #: (content/training/risks/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit fc573c52603941600f47f873337c4b326777c6c5 Author: Translation commit bot Date: Sat Dec 12 01:16:28 2020 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- pt_BR.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pt_BR.po b/pt_BR.po index 771fa9d0cd..6ce5fa3215 100644 --- a/pt_BR.po +++ b/pt_BR.po @@ -36,8 +36,8 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2020-12-04 11:24+0100\n" -"PO-Revision-Date: 2020-12-11 09:16+\n" -"Last-Translator: Transifex Bot <>\n" +"PO-Revision-Date: 2020-12-12 01:02+\n" +"Last-Translator: Eduardo Addad de Oliveira \n" "Language-Team: Portuguese (Brazil) (http://www.transifex.com/otf/torproject/language/pt_BR/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit 373d7ad54507feab7c099bbe18fc9817fbdd3e94
Author: Translation commit bot
Date: Sat Dec 12 01:15:51 2020 +
https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
---
pt_BR.po | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pt_BR.po b/pt_BR.po
index 65851b9318..aa5b55deb1 100644
--- a/pt_BR.po
+++ b/pt_BR.po
@@ -36,8 +36,8 @@ msgstr ""
"Project-Id-Version: Tor Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-12-04 11:24+0100\n"
-"PO-Revision-Date: 2020-12-11 09:16+\n"
-"Last-Translator: Transifex Bot <>\n"
+"PO-Revision-Date: 2020-12-12 01:02+\n"
+"Last-Translator: Eduardo Addad de Oliveira \n"
"Language-Team: Portuguese (Brazil)
(http://www.transifex.com/otf/torproject/language/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -252,7 +252,7 @@ msgid ""
"It is not possible to automatically upgrade your device to this new version:
{explanation}.\n"
"\n"
"To learn how to do a manual upgrade, go to {manual_upgrade_url}"
-msgstr ""
+msgstr "Você deve fazer uma atualização manual para {name}
{version}.\n\nPara obter mais informações sobre esta nova versão, vá
para {details_url}\n\nNão é possÃvel atualizar automaticamente seu
dispositivo para esta nova versão: {explanation}.\n\nPara saber como fazer uma
atualização manual, vá para {manual_upgrade_url}"
#: config/chroot_local-includes/usr/src/iuk/lib/Tails/IUK/Frontend.pm:471
msgid "New version available"
@@ -1599,7 +1599,7 @@ msgid ""
"\n"
"Or do a manual upgrade.\n"
"See {manual_upgrade_url}"
-msgstr ""
+msgstr "Não há memória suficiente disponÃvel para verificar
atualizações.\n\nCertifique-se de que este sistema satisfaça os
requisitos para executar o Tails.\nVeja
file:///usr/share/doc/tails/website/doc/about/requirements.en.html\n\nTente
reiniciar o Tails para verificar se há atualizações novamente.\n\nOu faça
uma atualização manual.\nVeja {manual_upgrade_url}"
#: config/chroot_local-includes/usr/local/bin/tails-upgrade-frontend-wrapper:76
#: config/chroot_local-includes/usr/local/sbin/unsafe-browser:27
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Bug 40184: Update Fenix and deps to 84.1.0
commit 62e27c6b9856929d1f34d20a11b0fc0ac14623ea
Author: Matthew Finkel
Date: Fri Dec 11 15:52:22 2020 +
Bug 40184: Update Fenix and deps to 84.1.0
---
projects/android-components/config | 4 +-
.../gradle-dependencies-list.txt | 8 +-
projects/fenix/config | 8 +-
projects/fenix/gradle-dependencies-list.txt| 348 ++---
projects/geckoview/config | 6 +-
5 files changed, 187 insertions(+), 187 deletions(-)
diff --git a/projects/android-components/config
b/projects/android-components/config
index e0e9525..ca9748d 100644
--- a/projects/android-components/config
+++ b/projects/android-components/config
@@ -8,12 +8,12 @@ gpg_keyring: torbutton.gpg
variant: '[% IF c("var/release") %]Release[% ELSE %]Beta[% END %]'
var:
- android_components_version: 67.0.3
+ android_components_version: 67.0.11
torbrowser_branch: 10.5
container:
use_container: 1
# This should be updated when the list of gradle dependencies is changed.
- gradle_dependencies_version: 11
+ gradle_dependencies_version: 12
# Switch to make it easier to grab all dependencies during a dry-run.
# Note: Use the commit before support for new GeckoView interfaces gets
added.
fetch_gradle_dependencies: 0
diff --git a/projects/android-components/gradle-dependencies-list.txt
b/projects/android-components/gradle-dependencies-list.txt
index 40dec93..c0a3ea3 100644
--- a/projects/android-components/gradle-dependencies-list.txt
+++ b/projects/android-components/gradle-dependencies-list.txt
@@ -404,12 +404,12 @@
ea6cb3d94121d03fefd5329072c7b01d891b8bb25c2c303b28dfd6728eeaa72f | https://maven
ca3c96c281e314f07170bbfa766693ef0d2e4d865433a9622254088ee7e68363 |
https://maven.mozilla.org/maven2/org/mozilla/components/support-ktx/63.0.0/support-ktx-63.0.0.pom
93fd44998bfeeab9d7137cb34a50d510876ec8362e988b8a4ddf4e1629a69e71 |
https://maven.mozilla.org/maven2/org/mozilla/components/support-utils/63.0.0/support-utils-63.0.0.aar
b3836516ae7c9f1ca38ce636e24e3d10b2b421d94e344f14033daa5f20df3168 |
https://maven.mozilla.org/maven2/org/mozilla/components/support-utils/63.0.0/support-utils-63.0.0.pom
-890903424985d557db73823536a836a58773ed47a9c65dc775ca125eec3ede57 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/84.0.20201119195818/geckoview-beta-84.0.20201119195818.aar
-361a5ae1f624fed319ccfb2802957ffc4e8d1446d56e324e25016bea579be00a |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/84.0.20201119195818/geckoview-beta-84.0.20201119195818.pom
+344af38736e6f5ed28b1c24301f553a9060c3e09a4f2c40989bd59572ce601f9 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/84.0.20201206192040/geckoview-beta-84.0.20201206192040.aar
+17a1138b7366e606664909f85462a9496619d2e3c4cdf732238e3ca104678b6f |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/84.0.20201206192040/geckoview-beta-84.0.20201206192040.pom
1c31f1578080c35980d5b4b64bc19304f72de57c3b106390efa4e32e6a71b6f4 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-nightly/85.0.20201117094406/geckoview-nightly-85.0.20201117094406.aar
fe749823ecc6db346ce5b569c0f6db253389deb94388d401dbaf41b541397120 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-nightly/85.0.20201117094406/geckoview-nightly-85.0.20201117094406.pom
-28ceb55db8f63fa227796b145711518d4742572c65b769cd9f40e5d26c778f8b |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/83.0.20201112153044/geckoview-83.0.20201112153044.aar
-50ac68fbcf91585192eaafed5264e4c05860f3510052c60572d8cc2d5d182046 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/83.0.20201112153044/geckoview-83.0.20201112153044.pom
+4f1c693d09c087276a59a63f3a1482ad4be9101bdb0646d9ce151d187a6e0ac0 |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/84.0.20201210144358/geckoview-84.0.20201210144358.aar
+d2a4dca050e10480e9f98c8710542f3252dad61b61b0f5d2fdb1db6a2e9ac9fd |
https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/84.0.20201210144358/geckoview-84.0.20201210144358.pom
e3b779d5f79c8012d62d3e43bfc2d577ca65439bcf7181c8ec333d0f3fc76890 |
https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-forUnitTests/33.0.4/glean-forUnitTests-33.0.4.jar
6e0b82e4ed2fec26de9c9e68d6fa237d716177d9f9e7f6b1213699d7f55e73e6 |
https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-forUnitTests/33.0.4/glean-forUnitTests-33.0.4.pom
5eb5d86577ecf64ba66df368c07dde772d1e82da63f25d73e63118d261ca7a7c |
https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-gradle-plugin/33.0.4/glean-gradle-plugin-33.0.4.jar
diff --git a/projects/fenix/config b/projects/fenix/config
index 2625d20..592972b 100644
--- a/projects/fenix/config
+++ b/projects/fenix/config
@@ -1,27 +1,27 @@
# vim: filetype=yaml sw=2
version: '[% c("abbrev") %]'
filename: 'fenix-[% c("version") %]-[%
[tor-commits] [tor-browser-bundle-testsuite/master] Bug 40011: Update tests when switching to Fenix 84
commit b1d93a3c91c8e29ee3bca37f9c11d55e63a5c2b5
Author: Alex Catarineu
Date: Wed Nov 25 18:17:27 2020 +0100
Bug 40011: Update tests when switching to Fenix 84
---
marionette/tor_browser_tests/test_dom-objects-enumeration.py | 2 ++
marionette/tor_browser_tests/test_onion_alias.py | 9 +
marionette/tor_browser_tests/test_onion_location.py | 3 ++-
marionette/tor_browser_tests/test_onion_security_expectations.py | 4 ++--
marionette/tor_browser_tests/test_searchengines.py | 3 +++
marionette/tor_browser_tests/test_security_level_ui.py | 5 +++--
test-data/dom-objects-enumeration.js | 6 --
7 files changed, 21 insertions(+), 11 deletions(-)
diff --git a/marionette/tor_browser_tests/test_dom-objects-enumeration.py
b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
index 90458a6..c020fc0 100644
--- a/marionette/tor_browser_tests/test_dom-objects-enumeration.py
+++ b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
@@ -760,6 +760,8 @@ class Test(testsuite.TorBrowserTest):
expectedObjects =
expectedObjects.union({"MediaMetadata","MediaSession","Sanitizer"})
if self.get_version() >= 83 and self.is_early_beta_or_earlier():
expectedObjects = expectedObjects.union({"onbeforeinput"})
+if self.get_version() >= 84:
+expectedObjects =
expectedObjects.union({"PerformancePaintTiming"}).difference({"Sanitizer"})
with self.marionette.using_context('content'):
self.marionette.navigate(self.test_page_file_url)
diff --git a/marionette/tor_browser_tests/test_onion_alias.py
b/marionette/tor_browser_tests/test_onion_alias.py
index 8f1dc67..9480020 100644
--- a/marionette/tor_browser_tests/test_onion_alias.py
+++ b/marionette/tor_browser_tests/test_onion_alias.py
@@ -1,5 +1,4 @@
from marionette_driver import Wait
-from marionette_driver.legacy_actions import Actions
from marionette_harness import MarionetteTestCase, WindowManagerMixin
class Test(WindowManagerMixin, MarionetteTestCase):
@@ -39,9 +38,11 @@ class Test(WindowManagerMixin, MarionetteTestCase):
# Opening a same-origin link should keep the onion alias in the
urlbar
el = m.find_element('id', 'submit-documents-button')
-action = Actions(m)
-action.middle_click(el)
-action.perform()
+mouse_chain = self.marionette.actions.sequence(
+"pointer", "pointer_id", {"pointerType": "mouse"}
+)
+mouse_chain.click(element=el, button=1).perform()
+
Wait(m, timeout=m.timeout.page_load).until(
lambda _: len(m.window_handles) > 1)
m.switch_to_window(m.window_handles[1])
diff --git a/marionette/tor_browser_tests/test_onion_location.py
b/marionette/tor_browser_tests/test_onion_location.py
index 37acb2d..daa0b27 100644
--- a/marionette/tor_browser_tests/test_onion_location.py
+++ b/marionette/tor_browser_tests/test_onion_location.py
@@ -81,8 +81,9 @@ class Test(WindowManagerMixin, MarionetteTestCase):
with m.using_context('content'):
m.switch_to_window(m.window_handles[1])
+spotlight = m.find_element('class name', 'spotlight')
self.assertEqual(
-self.get_url(), 'about:preferences#privacy-onionservices')
+spotlight.get_attribute("data-subcategory"),
"onionservices")
m.close()
m.switch_to_window(self.start_tab)
diff --git a/marionette/tor_browser_tests/test_onion_security_expectations.py
b/marionette/tor_browser_tests/test_onion_security_expectations.py
index 7a0fd27..e95b29b 100644
--- a/marionette/tor_browser_tests/test_onion_security_expectations.py
+++ b/marionette/tor_browser_tests/test_onion_security_expectations.py
@@ -51,8 +51,8 @@ class Test(OnionFixturesMixin, WindowManagerMixin,
MarionetteTestCase):
'document.getElementById("identity-popup-more-info").click()')
m.switch_to_window(m.chrome_window_handles[1])
Wait(m, timeout=m.timeout.page_load).until(
-lambda _: m.find_element('id',
'security-technical-shortform').text != '')
-text = m.find_element('id', 'security-technical-shortform').text
+lambda _: m.find_element('id',
'security-technical-shortform').get_attribute('value') != '')
+text = m.find_element('id',
'security-technical-shortform').get_attribute('value')
m.close_chrome_window()
m.switch_to_window(self.start_window)
return text
diff --git a/marionette/tor_browser_tests/test_searchengines.py
b/marionette/tor_browser_tests/test_searchengines.py
index 9f394f7..4fb264f 100644
--- a/marionette/tor_browser_tests/test_searchengines.py
+++ b/marionette/tor_browser_tests/test_searchengines.py
@@ -7,6 +7,7 @@
# check the entries
[tor-commits] [tor-browser-bundle-testsuite/master] Fix dom_objects enumeration tests
commit f88d60d95120eb969fe1a149527a9d03bb252425
Author: Alex Catarineu
Date: Thu Dec 3 11:35:50 2020 +0100
Fix dom_objects enumeration tests
window.content is disabled in early betas since 77.
---
marionette/tor_browser_tests/test_dom-objects-enumeration.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/marionette/tor_browser_tests/test_dom-objects-enumeration.py
b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
index c020fc0..66fc8be 100644
--- a/marionette/tor_browser_tests/test_dom-objects-enumeration.py
+++ b/marionette/tor_browser_tests/test_dom-objects-enumeration.py
@@ -753,9 +753,11 @@ class Test(testsuite.TorBrowserTest):
def test_dom_objects_enumeration(self):
expectedObjects = self.expectedObjects
+if self.get_version() >= 77 and self.is_early_beta_or_earlier():
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1632143
+expectedObjects.remove("content")
if self.get_version() >= 80:
expectedObjects = expectedObjects.union({"AggregateError",
"FinalizationRegistry", "WeakRef"})
-expectedObjects.remove("content")
if self.get_version() >= 82:
expectedObjects =
expectedObjects.union({"MediaMetadata","MediaSession","Sanitizer"})
if self.get_version() >= 83 and self.is_early_beta_or_earlier():
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle-testsuite/master] Fix failing security level UI test
commit 97c7e5d01bd608c9b9dec8eb4b26b53e829e3631
Author: Alex Catarineu
Date: Fri Dec 11 10:15:58 2020 +0100
Fix failing security level UI test
---
marionette/tor_browser_tests/test_security_level_ui.py | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/marionette/tor_browser_tests/test_security_level_ui.py
b/marionette/tor_browser_tests/test_security_level_ui.py
index d856c21..eab4a8a 100644
--- a/marionette/tor_browser_tests/test_security_level_ui.py
+++ b/marionette/tor_browser_tests/test_security_level_ui.py
@@ -2,12 +2,21 @@ from marionette_driver import Wait, expected
from marionette_harness import MarionetteTestCase
class Test(MarionetteTestCase):
+# Starting 84, opening the security level panel by clicking the button
+# started to fail (the panel was not visible). Opening via JavaScript
+# seems to still work for 84 and 78.
+def open_security_level_panel(self):
+m = self.marionette
+with m.using_context('chrome'):
+self.marionette.execute_script(
+'document.getElementById("security-level-button").click();')
+
def test_security_level_ui(self):
custom_pref = 'javascript.options.wasm'
m = self.marionette
m.timeout.implicit = 5
with m.using_context('chrome'):
-m.find_element('id', 'security-level-button').click()
+self.open_security_level_panel()
m.find_element(
'id', 'securityLevel-advancedSecuritySettings').click()
with m.using_context('content'):
@@ -49,7 +58,7 @@ class Test(MarionetteTestCase):
m.get_url() in
["https://tb-manual.torproject.org/en-US/security-settings/;,
"https://tb-manual.torproject.org/security-settings/;])
# Test Learn More link from panel
-m.find_element('id', 'security-level-button').click()
+self.open_security_level_panel()
m.find_element('id', 'securityLevel-learnMore').click()
Wait(m, timeout=m.timeout.page_load).until(
lambda _: len(m.window_handles) > 2)
@@ -64,7 +73,7 @@ class Test(MarionetteTestCase):
m.set_pref(custom_pref, False)
elem = m.find_element('id', 'securityLevel-restoreDefaults')
self.assertEqual(elem.is_displayed(), False)
-m.find_element('id', 'security-level-button').click()
+self.open_security_level_panel()
self.assertEqual(elem.is_displayed(), True)
elem.click()
self.assertEqual(True, m.get_pref(custom_pref))
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Bug 40185: Disable torsocks before running static-update-component
commit 48d108777c118239b9a3ffe797930659f85a5a1f Author: Nicolas Vigier Date: Fri Dec 11 17:42:36 2020 +0100 Bug 40185: Disable torsocks before running static-update-component --- tools/signing/nightly/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/signing/nightly/config.yml b/tools/signing/nightly/config.yml index d80e1ab..04e26c9 100644 --- a/tools/signing/nightly/config.yml +++ b/tools/signing/nightly/config.yml @@ -15,4 +15,4 @@ nss_db_dir: nssdb nss_certname: nightly-marsigner gpg_keyring: keyring/torbrowser-nightly.gpg rsync_dest: /srv/tbb-nightlies-master.torproject.org/htdocs/nightly-updates/ -post_rsync_cmd: static-update-component nightlies.tbb.torproject.org +post_rsync_cmd: 'unset LD_PRELOAD && static-update-component nightlies.tbb.torproject.org' ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
commit 1f18b3c9727e5a664da125594e4b56e5c03a4aca
Author: Alex Catarineu
Date: Tue Oct 20 17:44:36 2020 +0200
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
---
.../mozilla/geckoview/GeckoRuntimeSettings.java| 26 +-
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index 662b34c476ae..bb992733937e 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -758,19 +758,25 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
private String computeAcceptLanguages() {
ArrayList locales = new ArrayList();
-// Explicitly-set app prefs come first:
-if (mRequestedLocales != null) {
-for (String locale : mRequestedLocales) {
-locales.add(locale.toLowerCase());
-}
-}
-// OS prefs come second:
-for (String locale : getDefaultLocales()) {
-locale = locale.toLowerCase();
-if (!locales.contains(locale)) {
+// In Desktop, these are defined in the `intl.accept_languages`
localized property.
+// At some point we should probably use the same values here, but for
now we use a simple
+// strategy which will hopefully result in reasonable acceptLanguage
values.
+if (mRequestedLocales != null && mRequestedLocales.length > 0) {
+String locale = mRequestedLocales[0].toLowerCase();
+// No need to include `en-us` twice.
+if (!locale.equals("en-us")) {
locales.add(locale);
+if (locale.contains("-")) {
+String lang = locale.split("-")[0];
+// No need to include `en` twice.
+if (!lang.equals("en")) {
+locales.add(lang);
+}
+}
}
}
+locales.add("en-us");
+locales.add("en");
return TextUtils.join(",", locales);
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
commit 2a348d5a3859ee0b4cd2237f670109f37ee44601
Author: Alex Catarineu
Date: Fri Oct 9 12:55:35 2020 +0200
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
---
browser/app/profile/000-tor-browser.js | 3 +++
browser/components/BrowserGlue.jsm | 14 ++
2 files changed, 17 insertions(+)
diff --git a/browser/app/profile/000-tor-browser.js
b/browser/app/profile/000-tor-browser.js
index d7c7d366b24d..19991a801fcd 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -313,6 +313,9 @@ pref("security.enterprise_roots.enabled", false);
// Don't ping Mozilla for MitM detection, see bug 32321
pref("security.certerrors.mitm.priming.enabled", false);
+// Don't automatically enable enterprise roots, see bug 40166
+pref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
+
// Disable the language pack signing check for now on macOS, see #31942
#ifdef XP_MACOSX
pref("extensions.langpacks.signatures.required", false);
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index f8cb7c664578..0bbc0e54c740 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -1401,6 +1401,20 @@ BrowserGlue.prototype = {
// handle any UI migration
this._migrateUI();
+// Clear possibly auto enabled enterprise_roots prefs (see bug 40166)
+if (
+ !Services.prefs.getBoolPref(
+"security.certerrors.mitm.auto_enable_enterprise_roots"
+ ) &&
+ Services.prefs.getBoolPref(
+"security.enterprise_roots.auto-enabled",
+false
+ )
+) {
+ Services.prefs.clearUserPref("security.enterprise_roots.enabled");
+ Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled");
+}
+
if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) {
PdfJs.checkIsDefault(this._isNewProfile);
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40198: Expose privacy.spoof_english pref in GeckoView
commit 3ccea085dd87b723d65b9f130c55d26241c3e238
Author: Alex Catarineu
Date: Sun Oct 18 17:06:04 2020 +0200
Bug 40198: Expose privacy.spoof_english pref in GeckoView
---
mobile/android/geckoview/api.txt | 3 ++
.../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
2 files changed, 36 insertions(+)
diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index 946446a97f30..2b394bca70b3 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -632,6 +632,7 @@ package org.mozilla.geckoview {
method public boolean getRemoteDebuggingEnabled();
method @Nullable public GeckoRuntime getRuntime();
method @Nullable public Rect getScreenSizeOverride();
+method public boolean getSpoofEnglish();
method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
method public int getTorSecurityLevel();
method public boolean getUseMaxScreenDepth();
@@ -651,6 +652,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings
setLoginAutofillEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setSpoofEnglish(boolean);
method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
@@ -686,6 +688,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings.Builder
preferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings.Builder
remoteDebuggingEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
screenSizeOverride(int, int);
+method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings.Builder
useMaxScreenDepth(boolean);
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index bb992733937e..e6493f8cddb3 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -457,6 +457,17 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
getSettings().mTorSecurityLevel.set(level);
return this;
}
+
+/**
+ * Sets whether we should spoof locale to English for webpages.
+ *
+ * @param flag True if we should spoof locale to English for webpages,
false otherwise.
+ * @return This Builder instance.
+ */
+public @NonNull Builder spoofEnglish(final boolean flag) {
+getSettings().mSpoofEnglish.set(flag ? 2 : 1);
+return this;
+}
}
private GeckoRuntime mRuntime;
@@ -507,6 +518,8 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
"signon.autofillForms", true);
/* package */ final Pref mTorSecurityLevel = new Pref<>(
"extensions.torbutton.security_slider", 4);
+/* package */ final Pref mSpoofEnglish = new Pref<>(
+"privacy.spoof_english", 0);
/* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
@@ -1171,6 +1184,26 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
return this;
}
+/**
+ * Get whether we should spoof locale to English for webpages.
+ *
+ * @return Whether we should spoof locale to English for webpages.
+ */
+public boolean getSpoofEnglish() {
+return mSpoofEnglish.get() == 2;
+}
+
+/**
+ * Set whether we should spoof locale to English for webpages.
+ *
+ * @param flag A flag determining whether we should locale to English for
webpages.
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setSpoofEnglish(final boolean flag) {
+mSpoofEnglish.commit(flag ? 2 : 1);
+return this;
+}
+
@Override // Parcelable
public void writeToParcel(final Parcel out, final int flags) {
super.writeToParcel(out, flags);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 30605: Honor privacy.spoof_english in Android
commit 707b234fb43545a12064aae4eea8eba767b3e326
Author: Alex Catarineu
Date: Fri Oct 16 10:45:17 2020 +0200
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
---
mobile/android/components/geckoview/GeckoViewStartup.jsm | 5 +
1 file changed, 5 insertions(+)
diff --git a/mobile/android/components/geckoview/GeckoViewStartup.jsm
b/mobile/android/components/geckoview/GeckoViewStartup.jsm
index 83558ff558a9..432d27f86f8a 100644
--- a/mobile/android/components/geckoview/GeckoViewStartup.jsm
+++ b/mobile/android/components/geckoview/GeckoViewStartup.jsm
@@ -18,6 +18,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
Preferences: "resource://gre/modules/Preferences.jsm",
SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
Services: "resource://gre/modules/Services.jsm",
+ RFPHelper: "resource://gre/modules/RFPHelper.jsm",
});
const { debug, warn } = GeckoViewUtils.initLogging("Startup");
@@ -251,6 +252,10 @@ class GeckoViewStartup {
if (aData.requestedLocales) {
Services.locale.requestedLocales = aData.requestedLocales;
}
+RFPHelper._handleSpoofEnglishChanged();
+if (Services.prefs.getIntPref("privacy.spoof_english", 0) === 2) {
+ break;
+}
const pls = Cc["@mozilla.org/pref-localizedstring;1"].createInstance(
Ci.nsIPrefLocalizedString
);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
commit 9596f1afea07d1f3023876b5882b2522d720d6f3
Author: Kathy Brade
Date: Thu Apr 16 17:07:09 2020 -0400
Bug 32418: Allow updates to be disabled via an enterprise policy.
Restrict the Enterprise Policies mechanism to only consult a
policies.json file (avoiding the Windows Registry and macOS's
file system attributes).
Add a few disabledByPolicy() checks to the update service to
avoid extraneous (and potentially confusing) log messages when
updates are disabled by policy.
Sample content for distribution/policies.json:
{
"policies": {
"DisableAppUpdate": true
}
}
On Linux, avoid reading policies from /etc/firefox/policies/policies.json
---
.../enterprisepolicies/EnterprisePoliciesParent.jsm | 14 --
toolkit/components/enterprisepolicies/moz.build | 3 +++
toolkit/mozapps/update/UpdateService.jsm | 20
3 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
index 8b0a5170cbdd..38e2c2b36a24 100644
--- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
+++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
@@ -4,6 +4,10 @@
var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"];
+// To ensure that policies intended for Firefox or another browser will not
+// be used, Tor Browser only looks for policies in ${InstallDir}/distribution
+#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION
+
const { XPCOMUtils } = ChromeUtils.import(
"resource://gre/modules/XPCOMUtils.jsm"
);
@@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import(
);
XPCOMUtils.defineLazyModuleGetters(this, {
+#ifndef AVOID_SYSTEM_POLICIES
WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm",
macOSPoliciesParser:
"resource://gre/modules/policies/macOSPoliciesParser.jsm",
+#endif
Policies: "resource:///modules/policies/Policies.jsm",
JsonSchemaValidator:
"resource://gre/modules/components-utils/JsonSchemaValidator.jsm",
@@ -137,6 +143,7 @@ EnterprisePoliciesManager.prototype = {
_chooseProvider() {
let provider = null;
+#ifndef AVOID_SYSTEM_POLICIES
if (AppConstants.platform == "win") {
provider = new WindowsGPOPoliciesProvider();
} else if (AppConstants.platform == "macosx") {
@@ -145,6 +152,7 @@ EnterprisePoliciesManager.prototype = {
if (provider && provider.hasPolicies) {
return provider;
}
+#endif
provider = new JSONPoliciesProvider();
if (provider.hasPolicies) {
@@ -495,7 +503,7 @@ class JSONPoliciesProvider {
_getConfigurationFile() {
let configFile = null;
-
+#ifndef AVOID_SYSTEM_POLICIES
if (AppConstants.platform == "linux") {
let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance(
Ci.nsIFile
@@ -508,7 +516,7 @@ class JSONPoliciesProvider {
return systemConfigFile;
}
}
-
+#endif
try {
let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false);
if (perUserPath) {
@@ -589,6 +597,7 @@ class JSONPoliciesProvider {
}
}
+#ifndef AVOID_SYSTEM_POLICIES
class WindowsGPOPoliciesProvider {
constructor() {
this._policies = null;
@@ -654,3 +663,4 @@ class macOSPoliciesProvider {
return this._failed;
}
}
+#endif
diff --git a/toolkit/components/enterprisepolicies/moz.build
b/toolkit/components/enterprisepolicies/moz.build
index 09d2046e1bd7..3f685d3fbbd6 100644
--- a/toolkit/components/enterprisepolicies/moz.build
+++ b/toolkit/components/enterprisepolicies/moz.build
@@ -19,6 +19,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android":
EXTRA_JS_MODULES += [
"EnterprisePolicies.jsm",
"EnterprisePoliciesContent.jsm",
+]
+
+EXTRA_PP_JS_MODULES += [
"EnterprisePoliciesParent.jsm",
]
diff --git a/toolkit/mozapps/update/UpdateService.jsm
b/toolkit/mozapps/update/UpdateService.jsm
index 01da9f2b7292..c6f34df9163b 100644
--- a/toolkit/mozapps/update/UpdateService.jsm
+++ b/toolkit/mozapps/update/UpdateService.jsm
@@ -2843,6 +2843,10 @@ UpdateService.prototype = {
_checkForBackgroundUpdates: function AUS__checkForBackgroundUpdates(
isNotify
) {
+if (this.disabledByPolicy) {
+ return;
+}
+
this._isNotify = isNotify;
// Histogram IDs:
@@ -3345,6 +3349,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
get canApplyUpdates() {
+if (this.disabledByPolicy) {
+ LOG(
+"UpdateService.canApplyUpdates - unable to apply updates, " +
+ "the option has been disabled by the administrator."
+ );
+ return false;
+}
+
return getCanApplyUpdates() && hasUpdateMutex();
},
@@ -3352,6 +3364,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
get
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40125: Expose Security Level pref in GeckoView
commit 2f7dcf9487c7f8eb8c908f1f339e6f84879598f0
Author: Matthew Finkel
Date: Mon Sep 14 02:52:28 2020 +
Bug 40125: Expose Security Level pref in GeckoView
---
mobile/android/geckoview/api.txt | 3 ++
.../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
2 files changed, 36 insertions(+)
diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index 1c01a3f6731b..946446a97f30 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -633,6 +633,7 @@ package org.mozilla.geckoview {
method @Nullable public GeckoRuntime getRuntime();
method @Nullable public Rect getScreenSizeOverride();
method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
+method public int getTorSecurityLevel();
method public boolean getUseMaxScreenDepth();
method public boolean getWebFontsEnabled();
method public boolean getWebManifestEnabled();
@@ -650,6 +651,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings
setLoginAutofillEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
field public static final int COLOR_SCHEME_DARK = 1;
@@ -685,6 +687,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings.Builder
remoteDebuggingEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
screenSizeOverride(int, int);
method @NonNull public GeckoRuntimeSettings.Builder
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
+method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings.Builder
useMaxScreenDepth(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
webFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder webManifest(boolean);
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index 97c33665fc18..662b34c476ae 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -446,6 +446,17 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
getSettings().mForceUserScalable.set(flag);
return this;
}
+
+/**
+ * Set security level.
+ *
+ * @param level A value determining the security level. Default is 0.
+ * @return This Builder instance.
+ */
+public @NonNull Builder torSecurityLevel(final int level) {
+getSettings().mTorSecurityLevel.set(level);
+return this;
+}
}
private GeckoRuntime mRuntime;
@@ -494,6 +505,8 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
"browser.ui.zoom.force-user-scalable", false);
/* package */ final Pref mAutofillLogins = new Pref(
"signon.autofillForms", true);
+/* package */ final Pref mTorSecurityLevel = new Pref<>(
+"extensions.torbutton.security_slider", 4);
/* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
@@ -1132,6 +1145,26 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
return this;
}
+/**
+ * Gets the current security level.
+ *
+ * @return current security protection level
+ */
+public int getTorSecurityLevel() {
+return mTorSecurityLevel.get();
+}
+
+/**
+ * Sets the Tor Security Level.
+ *
+ * @param level security protection level
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setTorSecurityLevel(final int level) {
+mTorSecurityLevel.commit(level);
+return this;
+}
+
@Override // Parcelable
public void writeToParcel(final Parcel out, final int flags) {
super.writeToParcel(out, flags);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40073: Disable remote Public Suffix List fetching
commit 9644dcbaf645dcf6876cd522059c1eb68543d3a1
Author: Alex Catarineu
Date: Thu Aug 13 11:05:03 2020 +0200
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
---
browser/components/BrowserGlue.jsm | 5 -
1 file changed, 5 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index d760f38d2e3e..5b05cf48dd0f 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -837,7 +837,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
PluralForm: "resource://gre/modules/PluralForm.jsm",
PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm",
ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm",
- PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm",
RemoteSettings: "resource://services-settings/remote-settings.js",
RemoteSecuritySettings:
"resource://gre/modules/psm/RemoteSecuritySettings.jsm",
@@ -2802,10 +2801,6 @@ BrowserGlue.prototype = {
this._addBreachesSyncHandler();
},
- () => {
-PublicSuffixList.init();
- },
-
() => {
RemoteSecuritySettings.init();
},
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
commit 2abb5248905331c041f3a013595e649b98a8c84f
Author: Alex Catarineu
Date: Fri Sep 4 12:34:35 2020 +0200
Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
This loads HTTPS Everywhere as a builtin addon from a hardcoded
resource:// URI in desktop. It also ensures that the non-builtin
HTTPS Everywhere addon is always uninstalled on browser startup.
The reason of making this desktop-only is that there are some issues
when installing a builtin extension from geckoview side, making
the extension not available on first startup. So, at least for
now we handle the Fenix case separately. See #40118 for a followup
for investigating these.
---
browser/components/BrowserGlue.jsm | 37 ++
toolkit/components/extensions/Extension.jsm| 10 --
.../mozapps/extensions/internal/XPIProvider.jsm| 13
3 files changed, 57 insertions(+), 3 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index 5b05cf48dd0f..f8cb7c664578 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -71,6 +71,13 @@ XPCOMUtils.defineLazyServiceGetter(
"nsIPushService"
);
+XPCOMUtils.defineLazyServiceGetters(this, {
+ resProto: [
+"@mozilla.org/network/protocol;1?name=resource",
+"nsISubstitutingProtocolHandler",
+ ],
+});
+
const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state";
/**
@@ -817,6 +824,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
DoHController: "resource:///modules/DoHController.jsm",
DownloadsViewableInternally:
"resource:///modules/DownloadsViewableInternally.jsm",
+ ExtensionData: "resource://gre/modules/Extension.jsm",
ExtensionsUI: "resource:///modules/ExtensionsUI.jsm",
FirefoxMonitor: "resource:///modules/FirefoxMonitor.jsm",
FxAccounts: "resource://gre/modules/FxAccounts.jsm",
@@ -1417,6 +1425,35 @@ BrowserGlue.prototype = {
"resource://builtin-themes/alpenglow/"
);
+// Install https-everywhere builtin addon if needed.
+(async () => {
+ const HTTPS_EVERYWHERE_ID = "https-everywhere-...@eff.org";
+ const HTTPS_EVERYWHERE_BUILTIN_URL =
+"resource://torbutton/content/extensions/https-everywhere/";
+ // This does something similar as GeckoViewWebExtension.jsm: it tries
+ // to load the manifest to retrieve the version of the builtin and
+ // compares it to the currently installed one to see whether we need
+ // to install or not. Here we delegate that to
+ // AddonManager.maybeInstallBuiltinAddon.
+ try {
+const resolvedURI = Services.io.newURI(
+ resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL))
+);
+const extensionData = new ExtensionData(resolvedURI);
+const manifest = await extensionData.loadManifest();
+
+await AddonManager.maybeInstallBuiltinAddon(
+ HTTPS_EVERYWHERE_ID,
+ manifest.version,
+ HTTPS_EVERYWHERE_BUILTIN_URL
+);
+ } catch (e) {
+const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader");
+log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter()));
+log.error("Could not install https-everywhere extension", e);
+ }
+})();
+
if (AppConstants.MOZ_NORMANDY) {
Normandy.init();
}
diff --git a/toolkit/components/extensions/Extension.jsm
b/toolkit/components/extensions/Extension.jsm
index 302bb32a3b2e..1942031a1f63 100644
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@@ -212,6 +212,7 @@ const LOGGER_ID_BASE = "addons.webextension.";
const UUID_MAP_PREF = "extensions.webextensions.uuids";
const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall";
const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall";
+const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-...@eff.org"]);
const COMMENT_REGEXP = new RegExp(
String.raw`
@@ -358,7 +359,8 @@ var ExtensionAddonObserver = {
);
}
-if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) &&
+ !PERSISTENT_EXTENSIONS.has(addon.id)) {
// Clear browser.storage.local backends.
AsyncShutdown.profileChangeTeardown.addBlocker(
`Clear Extension Storage ${addon.id} (File Backend)`,
@@ -406,7 +408,8 @@ var ExtensionAddonObserver = {
ExtensionPermissions.removeAll(addon.id);
-if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) &&
+ !PERSISTENT_EXTENSIONS.has(addon.id)) {
// Clear the entry in the UUID map
UUIDMap.remove(addon.id);
}
@@ -2584,7 +2587,8 @@ class Extension extends ExtensionData {
);
} else if (
this.startupReason === "ADDON_INSTALL"
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 33342: Avoid disconnect search addon error after removal.
commit 5406c8eb7ccbecb7b3e273967ad9a6991abf879e
Author: Alex Catarineu
Date: Fri Mar 13 18:19:30 2020 +0100
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
---
toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 4c0ffd7f8896..c0fd26e34b7c 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -976,6 +976,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends
XPIStateLocation {
isLinkedAddon(/* aId */) {
return false;
}
+
+ restore(saved) {
+super.restore(saved);
+// Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4.
+this.removeAddon("disconn...@search.mozilla.org");
+ }
})();
/**
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 25741 - TBA: Disable GeckoNetworkManager
commit dbd208b33973107b0b0efb4921034df24ea0cb3d
Author: Matthew Finkel
Date: Thu Apr 26 22:22:51 2018 +
Bug 25741 - TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
---
.../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
index 8fca9c9240c1..f20549991840 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
@@ -122,7 +122,9 @@ public final class GeckoRuntime implements Parcelable {
mPaused = false;
// Monitor network status and send change notifications to Gecko
// while active.
-
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+}
}
@OnLifecycleEvent(Lifecycle.Event.ON_PAUSE)
@@ -130,7 +132,9 @@ public final class GeckoRuntime implements Parcelable {
Log.d(LOGTAG, "Lifecycle: onPause");
mPaused = true;
// Stop monitoring network status while inactive.
-GeckoNetworkManager.getInstance().stop();
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+GeckoNetworkManager.getInstance().stop();
+}
GeckoThread.onPause();
}
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 21952: Implement Onion-Location
commit 772d720212aed19be6d1ed3a675156acdc323901
Author: Alex Catarineu
Date: Thu Mar 5 22:16:39 2020 +0100
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
---
browser/base/content/browser.js| 12 ++
browser/base/content/browser.xhtml | 3 +
browser/components/BrowserGlue.jsm | 13 ++
.../onionservices/OnionLocationChild.jsm | 39 +
.../onionservices/OnionLocationParent.jsm | 168 +
.../content/onionlocation-notification-icons.css | 5 +
.../onionservices/content/onionlocation-urlbar.css | 27
.../content/onionlocation-urlbar.inc.xhtml | 10 ++
.../onionservices/content/onionlocation.svg| 3 +
.../content/onionlocationPreferences.inc.xhtml | 11 ++
.../content/onionlocationPreferences.js| 31
browser/components/onionservices/jar.mn| 2 +
browser/components/onionservices/moz.build | 2 +
browser/components/preferences/privacy.inc.xhtml | 2 +
browser/components/preferences/privacy.js | 17 +++
browser/themes/shared/notification-icons.inc.css | 2 +
browser/themes/shared/urlbar-searchbar.inc.css | 2 +
dom/base/Document.cpp | 34 -
dom/base/Document.h| 2 +
dom/webidl/Document.webidl | 9 ++
modules/libpref/init/StaticPrefList.yaml | 5 +
xpcom/ds/StaticAtoms.py| 1 +
22 files changed, 399 insertions(+), 1 deletion(-)
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index b1d6193120dd..383307116064 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
NetUtil: "resource://gre/modules/NetUtil.jsm",
NewTabUtils: "resource://gre/modules/NewTabUtils.jsm",
OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm",
+ OnionLocationParent: "resource:///modules/OnionLocationParent.jsm",
PageActions: "resource:///modules/PageActions.jsm",
PageThumbs: "resource://gre/modules/PageThumbs.jsm",
PanelMultiView: "resource:///modules/PanelMultiView.jsm",
@@ -5494,6 +5495,7 @@ var XULBrowserWindow = {
Services.obs.notifyObservers(null, "touchbar-location-change", location);
UpdateBackForwardCommands(gBrowser.webNavigation);
AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser);
+OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser);
if (!gMultiProcessBrowser) {
// Bug 1108553 - Cannot rotate images with e10s
@@ -5986,6 +5988,16 @@ var CombinedStopReload = {
var TabsProgressListener = {
onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
+// Clear OnionLocation UI
+if (
+ aStateFlags & Ci.nsIWebProgressListener.STATE_START &&
+ aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK &&
+ aRequest &&
+ aWebProgress.isTopLevel
+) {
+ OnionLocationParent.onStateChange(aBrowser);
+}
+
// Collect telemetry data about tab load times.
if (
aWebProgress.isTopLevel &&
diff --git a/browser/base/content/browser.xhtml
b/browser/base/content/browser.xhtml
index a80707bb2cc4..1d8dd28e983a 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -1922,6 +1922,9 @@
onclick="FullZoom.reset(); FullZoom.resetScalingZoom();"
tooltip="dynamic-shortcut-tooltip"
hidden="true"/>
+
+#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml
+
{},
+};
+
+const options = {
+ autofocus: true,
+ persistent: true,
+ removeOnDismissal: false,
+ eventCallback(aTopic) {
+if (aTopic === "removed") {
+ delete browser._onionLocationPrompt;
+ delete browser.onionpopupnotificationanchor;
+}
+ },
+ learnMoreURL: NOTIFICATION_LEARN_MORE_URL,
+ displayURI: {
+hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have
a title without extra markup/css.
+ },
+ hideClose: true,
+ popupIconClass: "onionlocation-notification-icon",
+};
+
+// A hacky way of setting the popup anchor outside the usual url bar icon
box
+// onionlocationpopupnotificationanchor comes from
`${ANCHOR_ID}popupnotificationanchor`
+// From
https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c44301a/browser/components/newtab/lib/CFRPageActions.jsm#488
+browser.onionlocationpopupnotificationanchor =
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40025: Remove Mozilla add-on install permissions
commit af0a1aefdb03dbb29f69265fd6711442e3d3b541 Author: Alex Catarineu Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 5 - 1 file changed, 5 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index 4938bd1e22e5..5c4c302f5ba5 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -11,11 +11,6 @@ origin uitour 1 https://3g2upl4pq6kufc4m.onion origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://fpn.firefox.com ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 28005: Implement .onion alias urlbar rewrites
commit 2b9717ff02060a6d7c952ced0f1d9abe3f6e725c
Author: Alex Catarineu
Date: Thu Feb 13 13:24:33 2020 +0100
Bug 28005: Implement .onion alias urlbar rewrites
A custom HTTPS Everywhere update channel is installed,
which provides rules for locally redirecting some memorable
.tor.onion URLs to non-memorable .onion URLs.
When these redirects occur, we also rewrite the URL in the urlbar
to display the human-memorable hostname instead of the actual
.onion.
Bug 34196: Update site info URL with the onion name
---
browser/actors/ClickHandlerChild.jsm | 20 ++
browser/actors/ClickHandlerParent.jsm | 1 +
browser/actors/ContextMenuChild.jsm| 4 +
browser/base/content/browser-places.js | 12 +-
browser/base/content/browser-siteIdentity.js | 12 +-
browser/base/content/browser.js| 43 -
browser/base/content/nsContextMenu.js | 18 ++
browser/base/content/pageinfo/pageInfo.js | 2 +-
browser/base/content/pageinfo/pageInfo.xhtml | 10 +
browser/base/content/pageinfo/security.js | 17 +-
browser/base/content/tabbrowser.js | 7 +
browser/base/content/utilityOverlay.js | 12 ++
browser/components/BrowserGlue.jsm | 8 +
.../onionservices/ExtensionMessaging.jsm | 77
.../onionservices/HttpsEverywhereControl.jsm | 119
.../components/onionservices/OnionAliasStore.jsm | 201 +
browser/components/onionservices/moz.build | 6 +
browser/components/urlbar/UrlbarInput.jsm | 13 +-
docshell/base/nsDocShell.cpp | 52 ++
docshell/base/nsDocShell.h | 6 +
docshell/base/nsDocShellLoadState.cpp | 4 +
docshell/base/nsIDocShell.idl | 5 +
docshell/base/nsIWebNavigation.idl | 5 +
docshell/shistory/SessionHistoryEntry.cpp | 14 ++
docshell/shistory/SessionHistoryEntry.h| 1 +
docshell/shistory/nsISHEntry.idl | 5 +
docshell/shistory/nsSHEntry.cpp| 22 ++-
docshell/shistory/nsSHEntry.h | 1 +
dom/interfaces/base/nsIBrowser.idl | 3 +-
dom/ipc/BrowserChild.cpp | 2 +
dom/ipc/BrowserParent.cpp | 3 +-
dom/ipc/PBrowser.ipdl | 1 +
modules/libpref/init/StaticPrefList.yaml | 6 +
netwerk/dns/effective_tld_names.dat| 2 +
netwerk/ipc/DocumentLoadListener.cpp | 10 +
toolkit/content/widgets/browser-custom-element.js | 13 +-
toolkit/modules/sessionstore/SessionHistory.jsm| 5 +
xpcom/reflect/xptinfo/xptinfo.h| 3 +-
38 files changed, 722 insertions(+), 23 deletions(-)
diff --git a/browser/actors/ClickHandlerChild.jsm
b/browser/actors/ClickHandlerChild.jsm
index d5f7f31f3280..1d147bb274f2 100644
--- a/browser/actors/ClickHandlerChild.jsm
+++ b/browser/actors/ClickHandlerChild.jsm
@@ -136,6 +136,26 @@ class ClickHandlerChild extends JSWindowActorChild {
json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal;
json.triggeringPrincipal = ownerDoc.nodePrincipal;
+ // Check if the link needs to be opened with .tor.onion urlbar rewrites
+ // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true
+ // and the same origin we should allow this.
+ json.onionUrlbarRewritesAllowed = false;
+ if (this.docShell.onionUrlbarRewritesAllowed) {
+const sm = Services.scriptSecurityManager;
+try {
+ let targetURI = Services.io.newURI(href);
+ let isPrivateWin =
+ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0;
+ sm.checkSameOriginURI(
+docshell.currentDocumentChannel.URI,
+targetURI,
+false,
+isPrivateWin
+ );
+ json.onionUrlbarRewritesAllowed = true;
+} catch (e) {}
+ }
+
// If a link element is clicked with middle button, user wants to open
// the link somewhere rather than pasting clipboard content. Therefore,
// when it's clicked with middle button, we should prevent multiple
diff --git a/browser/actors/ClickHandlerParent.jsm
b/browser/actors/ClickHandlerParent.jsm
index 75509b95ce7f..06d56624e316 100644
--- a/browser/actors/ClickHandlerParent.jsm
+++ b/browser/actors/ClickHandlerParent.jsm
@@ -99,6 +99,7 @@ class ClickHandlerParent extends JSWindowActorParent {
charset: browser.characterSet,
referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo),
allowMixedContent: data.allowMixedContent,
+ onionUrlbarRewritesAllowed: data.onionUrlbarRewritesAllowed,
isContentWindowPrivate: data.isContentWindowPrivate,
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
commit 1c5e590073ce6eaa137451601f57c0ceb9d295a1
Author: Kathy Brade
Date: Tue Jul 14 11:15:07 2020 -0400
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
---
browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++
browser/components/aboutlogins/content/aboutLogins.css | 8 +++-
browser/components/aboutlogins/content/aboutLogins.js | 6 ++
.../aboutlogins/content/components/fxaccounts-button.css | 5 +
.../components/aboutlogins/content/components/menu-button.css | 10 ++
5 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm
b/browser/components/aboutlogins/AboutLoginsParent.jsm
index 8e617fced951..c7e3aef6547b 100644
--- a/browser/components/aboutlogins/AboutLoginsParent.jsm
+++ b/browser/components/aboutlogins/AboutLoginsParent.jsm
@@ -62,6 +62,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync";
const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF =
"signon.management.page.showPasswordSyncNotification";
+const NOCERTDB_PREF = "security.nocertdb";
// about:logins will always use the privileged content process,
// even if it is disabled for other consumers such as about:newtab.
@@ -265,6 +266,7 @@ class AboutLoginsParent extends JSWindowActorParent {
importVisible:
Services.policies.isAllowed("profileImport") &&
AppConstants.platform != "linux",
+canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false),
});
await AboutLogins._sendAllLoginRelatedObjects(
diff --git a/browser/components/aboutlogins/content/aboutLogins.css
b/browser/components/aboutlogins/content/aboutLogins.css
index 7ed29bda8297..dca63da2e649 100644
--- a/browser/components/aboutlogins/content/aboutLogins.css
+++ b/browser/components/aboutlogins/content/aboutLogins.css
@@ -69,6 +69,11 @@ login-item {
grid-area: login;
}
+/* Do not promote Mozilla Sync in Tor Browser. */
+login-intro {
+ display: none !important;
+}
+
#branding-logo {
flex-basis: var(--sidebar-width);
flex-shrink: 0;
@@ -83,7 +88,8 @@ login-item {
}
}
-:root:not(.official-branding) #branding-logo {
+/* Hide "Firefox LockWise" branding in Tor Browser. */
+#branding-logo {
visibility: hidden;
}
diff --git a/browser/components/aboutlogins/content/aboutLogins.js
b/browser/components/aboutlogins/content/aboutLogins.js
index d23c3567f89e..5a6424c5eb41 100644
--- a/browser/components/aboutlogins/content/aboutLogins.js
+++ b/browser/components/aboutlogins/content/aboutLogins.js
@@ -15,6 +15,9 @@ const gElements = {
loginIntro: document.querySelector("login-intro"),
loginItem: document.querySelector("login-item"),
loginFilter: document.querySelector("login-filter"),
+ get createNewLoginButton() {
+return this.loginList.shadowRoot.querySelector(".create-login-button");
+ },
};
let numberOfLogins = 0;
@@ -92,6 +95,9 @@ window.addEventListener("AboutLoginsChromeToContent", event
=> {
gElements.loginList.setSortDirection(event.detail.value.selectedSort);
document.documentElement.classList.add("initialized");
gElements.loginList.classList.add("initialized");
+ if (!event.detail.value.canCreateLogins) {
+gElements.createNewLoginButton.disabled = true;
+ }
break;
}
case "ShowLoginItemError": {
diff --git
a/browser/components/aboutlogins/content/components/fxaccounts-button.css
b/browser/components/aboutlogins/content/components/fxaccounts-button.css
index e63192a98e3a..c59eda2dec56 100644
--- a/browser/components/aboutlogins/content/components/fxaccounts-button.css
+++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css
@@ -8,6 +8,11 @@
align-items: center;
}
+/* Do not promote Mozilla Sync in Tor Browser. */
+.logged-out-view {
+ display: none !important;
+}
+
.fxaccounts-extra-text {
/* Only show at most 3 lines of text to limit the
text from overflowing the header. */
diff --git a/browser/components/aboutlogins/content/components/menu-button.css
b/browser/components/aboutlogins/content/components/menu-button.css
index db902c4da60a..55d2d28f4280 100644
--- a/browser/components/aboutlogins/content/components/menu-button.css
+++ b/browser/components/aboutlogins/content/components/menu-button.css
@@ -81,3 +81,13 @@
.menuitem-preferences {
background-image: url("chrome://global/skin/icons/settings.svg");
}
+
+/*
+ * Do not promote LockWise mobile apps in Tor Browser: hide the menu items
+ * and the separator line that precedes them.
+ */
+.menuitem-mobile-android,
+.menuitem-mobile-ios,
+button[data-event-name="AboutLoginsGetHelp"] + hr {
+ display: none !important;
+}
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
commit 601aca4e7e33dd59fa7fd01d13ae3edeac0d4b3b
Author: Amogh Pradeep
Date: Fri Jun 12 02:07:45 2015 -0400
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
---
.../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++---
.../java/org/mozilla/gecko/util/BitmapUtils.java | 7 ---
.../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++-
3 files changed, 59 insertions(+), 41 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
index 38a055de4a3d..aa263caf869d 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
@@ -1764,39 +1764,41 @@ public class GeckoAppShell {
@WrapForJNI
private static URLConnection getConnection(final String url) {
-try {
-String spec;
-if (url.startsWith("android://")) {
-spec = url.substring(10);
-} else {
-spec = url.substring(8);
-}
-
-// Check if we are loading a package icon.
-try {
-if (spec.startsWith("icon/")) {
-String[] splits = spec.split("/");
-if (splits.length != 2) {
-return null;
-}
-final String pkg = splits[1];
-final PackageManager pm =
getApplicationContext().getPackageManager();
-final Drawable d = pm.getApplicationIcon(pkg);
-final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d);
-return new BitmapConnection(bitmap);
-}
-} catch (Exception ex) {
-Log.e(LOGTAG, "error", ex);
-}
-
-// if the colon got stripped, put it back
-int colon = spec.indexOf(':');
-if (colon == -1 || colon > spec.indexOf('/')) {
-spec = spec.replaceFirst("/", ":/");
-}
-} catch (Exception ex) {
-return null;
-}
+// Bug 31144 - Prevent potential proxy-bypass
+
+//try {
+//String spec;
+//if (url.startsWith("android://")) {
+//spec = url.substring(10);
+//} else {
+//spec = url.substring(8);
+//}
+
+//// Check if we are loading a package icon.
+//try {
+//if (spec.startsWith("icon/")) {
+//String[] splits = spec.split("/");
+//if (splits.length != 2) {
+//return null;
+//}
+//final String pkg = splits[1];
+//final PackageManager pm =
getApplicationContext().getPackageManager();
+//final Drawable d = pm.getApplicationIcon(pkg);
+//final Bitmap bitmap =
BitmapUtils.getBitmapFromDrawable(d);
+//return new BitmapConnection(bitmap);
+//}
+//} catch (Exception ex) {
+//Log.e(LOGTAG, "error", ex);
+//}
+
+//// if the colon got stripped, put it back
+//int colon = spec.indexOf(':');
+//if (colon == -1 || colon > spec.indexOf('/')) {
+//spec = spec.replaceFirst("/", ":/");
+//}
+//} catch (Exception ex) {
+//return null;
+//}
return null;
}
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
index f8af8561ff1d..2f5501f0965a 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
@@ -101,13 +101,6 @@ public final class BitmapUtils {
public static Bitmap decodeUrl(final URL url) {
InputStream stream = null;
-try {
-stream = url.openStream();
-} catch (IOException e) {
-Log.w(LOGTAG, "decodeUrl: IOException downloading " + url);
-return null;
-}
-
if (stream == null) {
Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url);
return null;
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
index 636586b23102..552bf951b51b 100644
---
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 30237: Add v3 onion services client authentication prompt
commit 997de51abd93753f125d3d9789620a1f9edc0833
Author: Kathy Brade
Date: Tue Nov 12 16:11:05 2019 -0500
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
---
browser/actors/NetErrorChild.jsm | 7 +
browser/base/content/aboutNetError.js | 10 +-
browser/base/content/aboutNetError.xhtml | 1 +
browser/base/content/browser.js| 10 +
browser/base/content/browser.xhtml | 3 +
browser/base/content/tab-content.js| 5 +
browser/components/moz.build | 1 +
.../content/authNotificationIcon.inc.xhtml | 6 +
.../onionservices/content/authPopup.inc.xhtml | 16 ++
.../onionservices/content/authPreferences.css | 20 ++
.../content/authPreferences.inc.xhtml | 19 ++
.../onionservices/content/authPreferences.js | 66 +
.../components/onionservices/content/authPrompt.js | 316 +
.../components/onionservices/content/authUtil.jsm | 47 +++
.../onionservices/content/netError/browser.svg | 3 +
.../onionservices/content/netError/network.svg | 3 +
.../content/netError/onionNetError.css | 65 +
.../content/netError/onionNetError.js | 244
.../onionservices/content/netError/onionsite.svg | 7 +
.../onionservices/content/onionservices.css| 69 +
.../onionservices/content/savedKeysDialog.js | 259 +
.../onionservices/content/savedKeysDialog.xhtml| 42 +++
browser/components/onionservices/jar.mn| 9 +
browser/components/onionservices/moz.build | 1 +
browser/components/preferences/preferences.xhtml | 1 +
browser/components/preferences/privacy.inc.xhtml | 2 +
browser/components/preferences/privacy.js | 7 +
browser/themes/shared/notification-icons.inc.css | 3 +
docshell/base/nsDocShell.cpp | 81 +-
dom/ipc/BrowserParent.cpp | 21 ++
dom/ipc/BrowserParent.h| 3 +
dom/ipc/PBrowser.ipdl | 9 +
js/xpconnect/src/xpc.msg | 10 +
netwerk/base/nsSocketTransport2.cpp| 6 +
netwerk/socket/nsSOCKSIOLayer.cpp | 49
toolkit/modules/PopupNotifications.jsm | 6 +
toolkit/modules/RemotePageAccessManager.jsm| 1 +
.../lib/environments/frame-script.js | 1 +
xpcom/base/ErrorList.py| 22 ++
39 files changed, 1449 insertions(+), 2 deletions(-)
diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm
index 82978412fe24..164fb7c95cd1 100644
--- a/browser/actors/NetErrorChild.jsm
+++ b/browser/actors/NetErrorChild.jsm
@@ -13,6 +13,8 @@ const { RemotePageChild } = ChromeUtils.import(
"resource://gre/actors/RemotePageChild.jsm"
);
+const { TorStrings } =
ChromeUtils.import("resource:///modules/TorStrings.jsm");
+
XPCOMUtils.defineLazyServiceGetter(
this,
"gSerializationHelper",
@@ -33,6 +35,7 @@ class NetErrorChild extends RemotePageChild {
"RPMAddToHistogram",
"RPMRecordTelemetryEvent",
"RPMGetHttpResponseHeader",
+ "RPMGetTorStrings",
];
this.exportFunctions(exportableFunctions);
}
@@
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40002: Remove about:ion
commit 1bed9300fec1750e24df83eecce0e53a651bb633
Author: Kathy Brade
Date: Fri Aug 14 09:06:33 2020 -0400
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which
people
volunteer to participate in studies that collect detailed, sensitive data
about
how they use their browser.
---
browser/components/about/AboutRedirector.cpp | 2 --
browser/components/about/components.conf | 1 -
2 files changed, 3 deletions(-)
diff --git a/browser/components/about/AboutRedirector.cpp
b/browser/components/about/AboutRedirector.cpp
index cdb84d4ed9cd..27c5b687c0d2 100644
--- a/browser/components/about/AboutRedirector.cpp
+++ b/browser/components/about/AboutRedirector.cpp
@@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = {
nsIAboutModule::URI_MUST_LOAD_IN_CHILD |
nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
-{"ion", "chrome://browser/content/ion.html",
- nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
#ifdef TOR_BROWSER_UPDATE
{"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml",
nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
diff --git a/browser/components/about/components.conf
b/browser/components/about/components.conf
index 290fce3feed9..8e04467c05da 100644
--- a/browser/components/about/components.conf
+++ b/browser/components/about/components.conf
@@ -14,7 +14,6 @@ pages = [
'logins',
'newinstall',
'newtab',
-'ion',
'pocket-saved',
'pocket-signup',
'policies',
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 28125 - Prevent non-Necko network connections
commit 2a2df0ca71963108be279532e7210d4f7a550f0c
Author: Matthew Finkel
Date: Thu Oct 25 19:17:09 2018 +
Bug 28125 - Prevent non-Necko network connections
---
.../gecko/media/GeckoMediaDrmBridgeV21.java| 49 +-
.../exoplayer2/upstream/DefaultHttpDataSource.java | 47 ++---
2 files changed, 4 insertions(+), 92 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
index 3ba59bfd6776..eb57b1013642 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
@@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements
GeckoMediaDrm {
@Override
protected Void doInBackground(final Void... params) {
-HttpURLConnection urlConnection = null;
-BufferedReader in = null;
-try {
-URI finalURI = new URI(mURL + "=" +
URLEncoder.encode(new String(mDrmRequest), "UTF-8"));
-urlConnection = (HttpURLConnection)
ProxySelector.openConnectionWithProxy(finalURI);
-urlConnection.setRequestMethod("POST");
-if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" +
finalURI.toString());
-
-// Add data
-urlConnection.setRequestProperty("Accept", "*/*");
-urlConnection.setRequestProperty("User-Agent",
getCDMUserAgent());
-urlConnection.setRequestProperty("Content-Type",
"application/json");
-
-// Execute HTTP Post Request
-urlConnection.connect();
-
-int responseCode = urlConnection.getResponseCode();
-if (responseCode == HttpURLConnection.HTTP_OK) {
-in = new BufferedReader(new
InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8));
-String inputLine;
-StringBuffer response = new StringBuffer();
-
-while ((inputLine = in.readLine()) != null) {
-response.append(inputLine);
-}
-in.close();
-mResponseBody =
String.valueOf(response).getBytes(StringUtils.UTF_8);
-if (DEBUG) Log.d(LOGTAG, "Provisioning, response
received.");
-if (mResponseBody != null) Log.d(LOGTAG, "response
length=" + mResponseBody.length);
-} else {
-Log.d(LOGTAG, "Provisioning, server returned HTTP error
code :" + responseCode);
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Got exception during posting provisioning
request ...", e);
-} catch (URISyntaxException e) {
-Log.e(LOGTAG, "Got exception during creating uri ...", e);
-} finally {
-if (urlConnection != null) {
-urlConnection.disconnect();
-}
-try {
-if (in != null) {
-in.close();
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Exception during closing in ...", e);
-}
-}
+Log.i(LOGTAG, "This is Tor Browser. Skipping.");
return null;
}
diff --git
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
index 6e5095b0a4c9..a585e283ed4e 100644
---
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
+++
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
@@ -46,6 +46,7 @@ import java.util.regex.Pattern;
import java.util.zip.GZIPInputStream;
import org.mozilla.gecko.util.ProxySelector;
+
/**
* An {@link HttpDataSource} that uses Android's {@link HttpURLConnection}.
*
@@ -516,50 +517,8 @@ public class DefaultHttpDataSource extends BaseDataSource
implements HttpDataSou
boolean followRedirects,
Map requestParameters)
throws IOException, URISyntaxException {
-/**
- * Tor Project modified the way the connection object was created. For the
sake of
- * simplicity, instead of duplicating the whole file we changed the
connection object
- * to use the ProxySelector.
- */
-HttpURLConnection connection = (HttpURLConnection)
ProxySelector.openConnectionWithProxy(url.toURI());
-
-
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 27604: Fix addon issues when moving TB directory
commit 0be3145fd5440a33ddbbe2ded8ac06a6027c73ab
Author: Alex Catarineu
Date: Wed Oct 30 10:44:48 2019 +0100
Bug 27604: Fix addon issues when moving TB directory
---
toolkit/mozapps/extensions/internal/XPIProvider.jsm | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 29714cc86115..4c0ffd7f8896 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -485,7 +485,7 @@ class XPIState {
// Builds prior to be 1512436 did not include the rootURI property.
// If we're updating from such a build, add that property now.
-if (!("rootURI" in this) && this.file) {
+if (this.file) {
this.rootURI = getURIForResourceInFile(this.file, "").spec;
}
@@ -498,7 +498,10 @@ class XPIState {
saved.currentModifiedTime != this.lastModifiedTime
) {
this.lastModifiedTime = saved.currentModifiedTime;
-} else if (saved.currentModifiedTime === null) {
+} else if (
+ saved.currentModifiedTime === null &&
+ (!this.file || !this.file.exists())
+) {
this.missing = true;
}
}
@@ -1448,6 +1451,7 @@ var XPIStates = {
if (shouldRestoreLocationData && oldState[loc.name]) {
loc.restore(oldState[loc.name]);
+changed = changed || loc.path != oldState[loc.name].path;
}
changed = changed || loc.changed;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor
commit 9c692c7392a389bb62ca5ecb48fc6d2d8a4589b9
Author: Richard Pospesel
Date: Mon Sep 16 15:25:39 2019 -0700
Bug 31286: Implementation of bridge, proxy, and firewall settings in
about:preferences#tor
This patch adds a new about:preferences#tor page which allows modifying
bridge, proxy, and firewall settings from within Tor Browser. All of the
functionality present in tor-launcher's Network Configuration panel is
present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
---
browser/components/moz.build | 1 +
browser/components/preferences/main.inc.xhtml | 55 --
browser/components/preferences/main.js | 14 -
browser/components/preferences/preferences.js | 9 +
browser/components/preferences/preferences.xhtml | 5 +
browser/components/preferences/privacy.js | 1 +
.../torpreferences/content/parseFunctions.jsm | 89 +++
.../torpreferences/content/requestBridgeDialog.jsm | 204 +
.../content/requestBridgeDialog.xhtml | 35 +
.../torpreferences/content/torBridgeSettings.jsm | 325
.../torpreferences/content/torCategory.inc.xhtml | 9 +
.../torpreferences/content/torFirewallSettings.jsm | 72 ++
.../torpreferences/content/torLogDialog.jsm| 66 ++
.../torpreferences/content/torLogDialog.xhtml | 23 +
.../components/torpreferences/content/torPane.js | 857 +
.../torpreferences/content/torPane.xhtml | 123 +++
.../torpreferences/content/torPreferences.css | 77 ++
.../torpreferences/content/torPreferencesIcon.svg | 5 +
.../torpreferences/content/torProxySettings.jsm| 245 ++
browser/components/torpreferences/jar.mn | 14 +
browser/components/torpreferences/moz.build| 1 +
browser/modules/BridgeDB.jsm | 110 +++
browser/modules/TorProtocolService.jsm | 212 +
browser/modules/moz.build | 2 +
24 files changed, 2485 insertions(+), 69 deletions(-)
diff --git a/browser/components/moz.build b/browser/components/moz.build
index 8107ddca2dd2..c2ef3b17dd3e 100644
--- a/browser/components/moz.build
+++ b/browser/components/moz.build
@@ -57,6 +57,7 @@ DIRS += [
"syncedtabs",
"uitour",
"urlbar",
+"torpreferences",
"translation",
]
diff --git a/browser/components/preferences/main.inc.xhtml
b/browser/components/preferences/main.inc.xhtml
index ec30d31cde49..16c1880e1320 100644
--- a/browser/components/preferences/main.inc.xhtml
+++ b/browser/components/preferences/main.inc.xhtml
@@ -665,59 +665,4 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/browser/components/preferences/main.js
b/browser/components/preferences/main.js
index 3e101f93295a..3f562a2cd5f0 100644
--- a/browser/components/preferences/main.js
+++ b/browser/components/preferences/main.js
@@ -373,15 +373,6 @@ var gMainPane = {
});
this.updatePerformanceSettingsBox({ duringChangeEvent: false });
this.displayUseSystemLocale();
-let connectionSettingsLink = document.getElementById(
- "connectionSettingsLearnMore"
-);
-let connectionSettingsUrl =
- Services.urlFormatter.formatURLPref("app.support.baseURL") +
- "prefs-connection-settings";
-connectionSettingsLink.setAttribute("href", connectionSettingsUrl);
-this.updateProxySettingsUI();
-initializeProxyUI(gMainPane);
if (Services.prefs.getBoolPref("intl.multilingual.enabled")) {
gMainPane.initBrowserLocale();
@@ -515,11 +506,6 @@ var gMainPane = {
"change",
gMainPane.updateHardwareAcceleration.bind(gMainPane)
);
-setEventListener(
- "connectionSettings",
- "command",
- gMainPane.showConnections
-);
setEventListener(
"browserContainersCheckbox",
"command",
diff --git a/browser/components/preferences/preferences.js
b/browser/components/preferences/preferences.js
index 91e9e469cea2..a89fddd0306d 100644
--- a/browser/components/preferences/preferences.js
+++ b/browser/components/preferences/preferences.js
@@ -13,6 +13,7 @@
/* import-globals-from findInPage.js */
/* import-globals-from ../../base/content/utilityOverlay.js */
/* import-globals-from ../../../toolkit/content/preferencesBindings.js */
+/* import-globals-from ../torpreferences/content/torPane.js */
"use strict";
@@ -136,6 +137,14 @@ function init_all() {
register_module("paneSync", gSyncPane);
}
register_module("paneSearchResults", gSearchResultsPane);
+ if (gTorPane.enabled) {
+document.getElementById("category-tor").hidden = false;
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 31740: Remove some unnecessary RemoteSettings instances
commit db7dab4cd3c48f5a69a509392eb762a1be8df24c
Author: Alex Catarineu
Date: Wed Oct 16 23:01:12 2019 +0200
Bug 31740: Remove some unnecessary RemoteSettings instances
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
Avoid creating instance for 'anti-tracking-url-decoration'.
If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.
Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.
We also clear the collections database on the v2 -> v3 migration.
---
browser/app/profile/000-tor-browser.js | 3 +++
browser/components/search/SearchTelemetry.jsm | 6 --
.../url-classifier/UrlClassifierFeatureBase.cpp| 2 +-
netwerk/url-classifier/components.conf | 6 --
security/manager/ssl/RemoteSecuritySettings.jsm| 23 ++
services/settings/IDBHelpers.jsm | 4
services/settings/dumps/blocklists/moz.build | 1 -
services/settings/dumps/main/moz.build | 7 ---
services/settings/dumps/security-state/moz.build | 1 -
.../components/antitracking/antitracking.manifest | 2 +-
toolkit/components/antitracking/components.conf| 7 ---
toolkit/components/search/SearchService.jsm| 2 --
12 files changed, 32 insertions(+), 32 deletions(-)
diff --git a/browser/app/profile/000-tor-browser.js
b/browser/app/profile/000-tor-browser.js
index 241fb152b013..d7c7d366b24d 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -149,6 +149,9 @@ pref("extensions.fxmonitor.enabled", false);
pref("signon.management.page.mobileAndroidURL", "");
pref("signon.management.page.mobileAppleURL", "");
+// Disable remote "password recipes"
+pref("signon.recipes.remoteRecipesEnabled", false);
+
// Disable ServiceWorkers and push notifications by default
pref("dom.serviceWorkers.enabled", false);
pref("dom.push.enabled", false);
diff --git a/browser/components/search/SearchTelemetry.jsm
b/browser/components/search/SearchTelemetry.jsm
index deb76de6fc41..f07b5f974bd0 100644
--- a/browser/components/search/SearchTelemetry.jsm
+++ b/browser/components/search/SearchTelemetry.jsm
@@ -88,13 +88,7 @@ class TelemetryHandler {
return;
}
-this._telemetrySettings = RemoteSettings(TELEMETRY_SETTINGS_KEY);
let rawProviderInfo = [];
-try {
- rawProviderInfo = await this._telemetrySettings.get();
-} catch (ex) {
- logConsole.error("Could not get settings:", ex);
-}
// Send the provider info to the child handler.
this._contentHandler.init(rawProviderInfo);
diff --git a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
index 07da1fd07374..48bcc7d10af9 100644
--- a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
+++ b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
@@ -78,7 +78,7 @@ void UrlClassifierFeatureBase::InitializePreferences() {
nsCOMPtr exceptionListService =
do_GetService("@mozilla.org/url-classifier/exception-list-service;1");
- if (NS_WARN_IF(!exceptionListService)) {
+ if (!exceptionListService) {
return;
}
diff --git a/netwerk/url-classifier/components.conf
b/netwerk/url-classifier/components.conf
index 03a02f0ebeab..b2e667247317 100644
--- a/netwerk/url-classifier/components.conf
+++ b/netwerk/url-classifier/components.conf
@@ -13,10 +13,4 @@ Classes = [
'constructor': 'mozilla::net::ChannelClassifierService::GetSingleton',
'headers': ['mozilla/net/ChannelClassifierService.h'],
},
-{
-'cid': '{b9f4fd03-9d87-4bfd-9958-85a821750ddc}',
-'contract_ids':
['@mozilla.org/url-classifier/exception-list-service;1'],
-'jsm': 'resource://gre/modules/UrlClassifierExceptionListService.jsm',
-'constructor': 'UrlClassifierExceptionListService',
-},
]
diff --git a/security/manager/ssl/RemoteSecuritySettings.jsm
b/security/manager/ssl/RemoteSecuritySettings.jsm
index 40a1d8238cdf..47e7054816a3 100644
--- a/security/manager/ssl/RemoteSecuritySettings.jsm
+++ b/security/manager/ssl/RemoteSecuritySettings.jsm
@@ -366,6 +366,16 @@ var RemoteSecuritySettings = {
class IntermediatePreloads {
constructor() {
+this.maybeInit();
+ }
+
+ maybeInit() {
+if (
+ this.client ||
+ !Services.prefs.getBoolPref(INTERMEDIATES_ENABLED_PREF, true)
+) {
+ return;
+}
this.client = RemoteSettings(
Services.prefs.getCharPref(INTERMEDIATES_COLLECTION_PREF),
{
@@ -395,6 +405,7 @@ class
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 32092: Fix Tor Browser Support link in preferences
commit 1fd341bd4d690c0dd9b8ea9cf42e5c82f6b8800a
Author: Alex Catarineu
Date: Tue Oct 15 22:54:10 2019 +0200
Bug 32092: Fix Tor Browser Support link in preferences
---
browser/components/preferences/preferences.js | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/browser/components/preferences/preferences.js
b/browser/components/preferences/preferences.js
index a89fddd0306d..ce338584142e 100644
--- a/browser/components/preferences/preferences.js
+++ b/browser/components/preferences/preferences.js
@@ -166,10 +166,7 @@ function init_all() {
gotoPref().then(() => {
let helpButton = document.getElementById("helpButton");
-let helpUrl =
- Services.urlFormatter.formatURLPref("app.support.baseURL") +
- "preferences";
-helpButton.setAttribute("href", helpUrl);
+helpButton.setAttribute("href", "https://support.torproject.org/tbb;);
document.getElementById("addonsButton").addEventListener("click", e => {
if (e.button >= 2) {
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 32220: Improve the letterboxing experience
commit 5dacf121237508c8be196b166050877a058c5226
Author: Richard Pospesel
Date: Mon Oct 28 17:42:17 2019 -0700
Bug 32220: Improve the letterboxing experience
CSS and JS changes to alter the UX surrounding letterboxing. The
browser element containing page content is now anchored to the bottom
of the toolbar, and the remaining letterbox margin is the same color
as the firefox chrome. The letterbox margin and border are tied to
the currently selected theme.
Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race
condition present when using the 'isEmpty' property. Using 'isEmpty'
as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary
letterboxing of about:blank tabs.
---
browser/base/content/browser.css | 8 ++
browser/base/content/tabbrowser-tab.js | 9 +++
browser/themes/shared/tabs.inc.css | 6 ++
.../components/resistfingerprinting/RFPHelper.jsm | 94 +++---
4 files changed, 105 insertions(+), 12 deletions(-)
diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css
index 3a13f17f7108..bc255207db15 100644
--- a/browser/base/content/browser.css
+++ b/browser/base/content/browser.css
@@ -85,6 +85,14 @@ body {
display: none;
}
+
+.browserStack > browser.letterboxing {
+ border-color: var(--chrome-content-separator-color);
+ border-style: solid;
+ border-width : 1px;
+ border-top: none;
+}
+
%ifdef MENUBAR_CAN_AUTOHIDE
#toolbar-menubar[autohide="true"] {
overflow: hidden;
diff --git a/browser/base/content/tabbrowser-tab.js
b/browser/base/content/tabbrowser-tab.js
index 2bc18e4d7320..10e678bb1950 100644
--- a/browser/base/content/tabbrowser-tab.js
+++ b/browser/base/content/tabbrowser-tab.js
@@ -225,6 +225,15 @@
return true;
}
+get needsLetterbox() {
+ let browser = this.linkedBrowser;
+ if (isBlankPageURL(browser.currentURI.spec)) {
+return false;
+ }
+
+ return true;
+}
+
get lastAccessed() {
return this._lastAccessed == Infinity ? Date.now() : this._lastAccessed;
}
diff --git a/browser/themes/shared/tabs.inc.css
b/browser/themes/shared/tabs.inc.css
index 47697d24cfb3..8025dd34a43a 100644
--- a/browser/themes/shared/tabs.inc.css
+++ b/browser/themes/shared/tabs.inc.css
@@ -33,6 +33,12 @@
background-color: #f9f9fa;
}
+/* extend down the toolbar's colors when letterboxing is enabled*/
+#tabbrowser-tabpanels.letterboxing {
+ background-color: var(--toolbar-bgcolor);
+ background-image: var(--toolbar-bgimage);
+}
+
:root[privatebrowsingmode=temporary] #tabbrowser-tabpanels {
/* Value for --in-content-page-background in aboutPrivateBrowsing.css */
background-color: #25003e;
diff --git a/toolkit/components/resistfingerprinting/RFPHelper.jsm
b/toolkit/components/resistfingerprinting/RFPHelper.jsm
index 166ad21e9013..9520d8720631 100644
--- a/toolkit/components/resistfingerprinting/RFPHelper.jsm
+++ b/toolkit/components/resistfingerprinting/RFPHelper.jsm
@@ -40,6 +40,7 @@ class _RFPHelper {
//
constructor() {
this._initialized = false;
+this._borderDimensions = null;
}
init() {
@@ -361,6 +362,24 @@ class _RFPHelper {
});
}
+ getBorderDimensions(aBrowser) {
+if (this._borderDimensions) {
+ return this._borderDimensions;
+}
+
+const win = aBrowser.ownerGlobal;
+const browserStyle = win.getComputedStyle(aBrowser);
+
+this._borderDimensions = {
+ top : parseInt(browserStyle.borderTopWidth),
+ right: parseInt(browserStyle.borderRightWidth),
+ bottom : parseInt(browserStyle.borderBottomWidth),
+ left : parseInt(browserStyle.borderLeftWidth),
+};
+
+return this._borderDimensions;
+ }
+
_addOrClearContentMargin(aBrowser) {
let tab = aBrowser.getTabBrowser().getTabForBrowser(aBrowser);
@@ -369,9 +388,13 @@ class _RFPHelper {
return;
}
+// we add the letterboxing class even if the content does not need
letterboxing
+// in which case margins are set such that the borders are hidden
+aBrowser.classList.add("letterboxing");
+
// We should apply no margin around an empty tab or a tab with system
// principal.
-if (tab.isEmpty || aBrowser.contentPrincipal.isSystemPrincipal) {
+if (!tab.needsLetterbox || aBrowser.contentPrincipal.isSystemPrincipal) {
this._clearContentViewMargin(aBrowser);
} else {
this._roundContentView(aBrowser);
@@ -539,10 +562,29 @@ class _RFPHelper {
// Calculating the margins around the browser element in order to round the
// content viewport. We will use a 200x100 stepping if the dimension set
// is not given.
-let margins = calcMargins(containerWidth, containerHeight);
+
+const borderDimensions = this.getBorderDimensions(aBrowser);
+const marginDims =
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 24796 - Comment out excess permissions from GeckoView
commit ce66624b27216976fa6d255abb9868fcdf9ad117 Author: Matthew Finkel Date: Wed Apr 11 17:52:59 2018 + Bug 24796 - Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. --- .../android/geckoview/src/main/AndroidManifest.xml | 20 +--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml b/mobile/android/geckoview/src/main/AndroidManifest.xml index 3a1dde16a9f4..223cd19a814d 100644 --- a/mobile/android/geckoview/src/main/AndroidManifest.xml +++ b/mobile/android/geckoview/src/main/AndroidManifest.xml @@ -6,20 +6,32 @@ http://schemas.android.com/apk/res/android; package="org.mozilla.geckoview"> + + + + + + + + + + https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 31575: Replace Firefox Home (newtab) with about:tor
commit 1907f9017a0ef5faf8ffc518d88b36cebc75a2b5
Author: Alex Catarineu
Date: Mon Sep 9 13:04:34 2019 +0200
Bug 31575: Replace Firefox Home (newtab) with about:tor
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
---
browser/components/BrowserGlue.jsm | 34 ++--
browser/components/newtab/AboutNewTabService.jsm | 15 +--
browser/components/preferences/home.inc.xhtml| 4 +--
browser/components/preferences/preferences.xhtml | 5 +++-
browser/modules/HomePage.jsm | 2 +-
5 files changed, 10 insertions(+), 50 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index 869317142bb2..e56a94b96860 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -32,12 +32,6 @@ ChromeUtils.defineModuleGetter(
"resource://gre/modules/ActorManagerParent.jsm"
);
-ChromeUtils.defineModuleGetter(
- this,
- "AboutNewTab",
- "resource:///modules/AboutNewTab.jsm"
-);
-
ChromeUtils.defineModuleGetter(
this,
"E10SUtils",
@@ -180,24 +174,6 @@ let JSWINDOWACTORS = {
matches: ["about:newinstall"],
},
- AboutNewTab: {
-parent: {
- moduleURI: "resource:///actors/AboutNewTabParent.jsm",
-},
-child: {
- moduleURI: "resource:///actors/AboutNewTabChild.jsm",
- events: {
-DOMContentLoaded: {},
-pageshow: {},
-visibilitychange: {},
- },
-},
-// The wildcard on about:newtab is for the ?endpoint query parameter
-// that is used for snippets debugging.
-matches: ["about:home", "about:welcome", "about:newtab*"],
-remoteTypes: ["privilegedabout"],
- },
-
AboutPlugins: {
parent: {
moduleURI: "resource:///actors/AboutPluginsParent.jsm",
@@ -1830,8 +1806,6 @@ BrowserGlue.prototype = {
// the first browser window has finished initializing
_onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) {
-AboutNewTab.init();
-
TabCrashHandler.init();
ProcessHangMonitor.init();
@@ -5411,12 +5385,8 @@ var AboutHomeStartupCache = {
return { pageInputStream: null, scriptInputStream: null };
}
-let state = AboutNewTab.activityStream.store.getState();
-return new Promise(resolve => {
- this._cacheDeferred = resolve;
- this.log.trace("Parent is requesting cache streams.");
- this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state
});
-});
+this.log.error("Activity Stream is disabled in Tor Browser.");
+return { pageInputStream: null, scriptInputStream: null };
},
/**
diff --git a/browser/components/newtab/AboutNewTabService.jsm
b/browser/components/newtab/AboutNewTabService.jsm
index a11f69cf1680..a6a1f5271048 100644
--- a/browser/components/newtab/AboutNewTabService.jsm
+++ b/browser/components/newtab/AboutNewTabService.jsm
@@ -350,20 +350,7 @@ class BaseAboutNewTabService {
* the newtab page has no effect on the result of this function.
*/
get defaultURL() {
-// Generate the desired activity stream resource depending on state, e.g.,
-// "resource://activity-stream/prerendered/activity-stream.html"
-// "resource://activity-stream/prerendered/activity-stream-debug.html"
-// "resource://activity-stream/prerendered/activity-stream-noscripts.html"
-return [
- "resource://activity-stream/prerendered/",
- "activity-stream",
- // Debug version loads dev scripts but noscripts separately loads scripts
- this.activityStreamDebug && !this.privilegedAboutProcessEnabled
-? "-debug"
-: "",
- this.privilegedAboutProcessEnabled ? "-noscripts" : "",
- ".html",
-].join("");
+return "about:tor";
}
get welcomeURL() {
diff --git a/browser/components/preferences/home.inc.xhtml
b/browser/components/preferences/home.inc.xhtml
index 2e900ccd296c..2a7412944d73 100644
--- a/browser/components/preferences/home.inc.xhtml
+++ b/browser/components/preferences/home.inc.xhtml
@@ -37,7 +37,7 @@
class="check-home-page-controlled"
data-preference-related="browser.startup.homepage">
-
+
@@ -97,7 +97,7 @@
flex="1"
preference="browser.newtabpage.enabled">
-
+
diff --git a/browser/components/preferences/preferences.xhtml
b/browser/components/preferences/preferences.xhtml
index b1e08364e1cc..3996cc964ae8 100644
--- a/browser/components/preferences/preferences.xhtml
+++ b/browser/components/preferences/preferences.xhtml
@@ -14,7 +14,10 @@
-
+
+ %aboutTorDTD;
+]>
http://www.w3.org/1999/xhtml;
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 32658: Create a new MAR signing key
commit 1bf45b2875eebec0b47fb0b3d242f7eba86944ef Author: Georg Koppen Date: Fri Jan 17 12:54:31 2020 + Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. --- toolkit/mozapps/update/updater/release_primary.der | Bin 1225 -> 1229 bytes toolkit/mozapps/update/updater/release_secondary.der | Bin 1225 -> 1229 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/toolkit/mozapps/update/updater/release_primary.der b/toolkit/mozapps/update/updater/release_primary.der index 1d94f88ad73b..0103a171de88 100644 Binary files a/toolkit/mozapps/update/updater/release_primary.der and b/toolkit/mozapps/update/updater/release_primary.der differ diff --git a/toolkit/mozapps/update/updater/release_secondary.der b/toolkit/mozapps/update/updater/release_secondary.der index 474706c4b73c..fcee3944e9b7 100644 Binary files a/toolkit/mozapps/update/updater/release_secondary.der and b/toolkit/mozapps/update/updater/release_secondary.der differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 30541: Disable WebGL readPixel() for web content
commit 512ecc10d1f723485f7e3a326aa911f20236f09e
Author: Georg Koppen
Date: Wed May 29 12:29:19 2019 +
Bug 30541: Disable WebGL readPixel() for web content
---
dom/canvas/ClientWebGLContext.cpp | 8
1 file changed, 8 insertions(+)
diff --git a/dom/canvas/ClientWebGLContext.cpp
b/dom/canvas/ClientWebGLContext.cpp
index 8a5e58e22d7a..8edd94336863 100644
--- a/dom/canvas/ClientWebGLContext.cpp
+++ b/dom/canvas/ClientWebGLContext.cpp
@@ -4615,6 +4615,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck(
return false;
}
+ // Security check passed, but don't let content readPixel calls through for
+ // now, if Resist Fingerprinting Mode is enabled.
+ if (nsContentUtils::ResistFingerprinting(aCallerType)) {
+JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode");
+out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
+return false;
+ }
+
return true;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 31607: App menu items stop working on macOS
commit a273125761cc322dc8ee0e40a4408d44467550d0
Author: Kathy Brade
Date: Thu Oct 3 10:53:43 2019 -0400
Bug 31607: App menu items stop working on macOS
Avoid re-creating the hidden window, since this causes the nsMenuBarX
object that is associated with the app menu to be freed (which in
turn causes all of the app menu items to stop working).
More detail: There should only be one hidden window.
XREMain::XRE_mainRun() contains an explicit call to create the
hidden window and that is the normal path by which it is created.
However, when Tor Launcher's wizard/progress window is opened during
startup, a hidden window is created earlier as a side effect of
calls to nsAppShellService::GetHiddenWindow(). Then, when
XREMain::XRE_mainRun() creates its hidden window, the original one
is freed which also causes the app menu's nsMenuBarX object which
is associated with that window to be destroyed. When that happens,
the menuGroupOwner property within each Cocoa menu items's MenuItemInfo
object is cleared. This breaks the link that is necessary for
NativeMenuItemTarget's menuItemHit method to dispatch a menu item
event.
---
xpfe/appshell/nsAppShellService.cpp | 4
1 file changed, 4 insertions(+)
diff --git a/xpfe/appshell/nsAppShellService.cpp
b/xpfe/appshell/nsAppShellService.cpp
index 2f834508afa8..1983f27d4c8c 100644
--- a/xpfe/appshell/nsAppShellService.cpp
+++ b/xpfe/appshell/nsAppShellService.cpp
@@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() {
NS_IMETHODIMP
nsAppShellService::CreateHiddenWindow() {
+ if (mHiddenWindow) {
+return NS_OK;
+ }
+
if (!XRE_IsParentProcess()) {
return NS_ERROR_NOT_IMPLEMENTED;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 26353: Prevent speculative connect that violated FPI.
commit 37720b8c68ce2fa2cf4a39bdb3ecda72bf2bebaf
Author: Arthur Edelstein
Date: Sat Jul 14 08:50:55 2018 -0700
Bug 26353: Prevent speculative connect that violated FPI.
Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
---
toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4
1 file changed, 4 insertions(+)
diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
index ae551496509a..81b5ceaa78fe 100644
--- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
+++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
@@ -93,6 +93,9 @@ class RemoteWebNavigation {
}
uri = Services.uriFixup.getFixupURIInfo(aURI, fixupFlags).preferredURI;
+/***
+ TOR BROWSER: Disable the following speculative connect until
+ we can make it properly obey first-party isolation.
// We know the url is going to be loaded, let's start requesting network
// connection before the content process asks.
@@ -116,6 +119,7 @@ class RemoteWebNavigation {
}
Services.io.speculativeConnect(uri, principal, null);
}
+***/
} catch (ex) {
// Can't setup speculative connection for this uri string for some
// reason (such as failing to parse the URI), just ignore it.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 16940: After update, load local change notes.
commit 2ff33bad5af0a957acccac9cd690f4c4571b0572
Author: Kathy Brade
Date: Wed Nov 25 11:36:20 2015 -0500
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
---
browser/actors/AboutTBUpdateChild.jsm | 12 +++
browser/actors/AboutTBUpdateParent.jsm | 120 +
browser/actors/moz.build | 6 ++
.../base/content/abouttbupdate/aboutTBUpdate.css | 74 +
.../base/content/abouttbupdate/aboutTBUpdate.js| 27 +
.../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 +++
browser/base/content/browser-siteIdentity.js | 2 +-
browser/base/content/browser.js| 4 +
browser/base/jar.mn| 5 +
browser/components/BrowserContentHandler.jsm | 55 +++---
browser/components/BrowserGlue.jsm | 15 +++
browser/components/about/AboutRedirector.cpp | 6 ++
browser/components/about/components.conf | 3 +
browser/components/moz.build | 5 +-
.../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++
browser/locales/jar.mn | 3 +
toolkit/modules/RemotePageAccessManager.jsm| 5 +
17 files changed, 373 insertions(+), 16 deletions(-)
diff --git a/browser/actors/AboutTBUpdateChild.jsm
b/browser/actors/AboutTBUpdateChild.jsm
new file mode 100644
index ..4670da19b3db
--- /dev/null
+++ b/browser/actors/AboutTBUpdateChild.jsm
@@ -0,0 +1,12 @@
+// Copyright (c) 2020, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"];
+
+const { RemotePageChild } = ChromeUtils.import(
+ "resource://gre/actors/RemotePageChild.jsm"
+);
+
+class AboutTBUpdateChild extends RemotePageChild {}
diff --git a/browser/actors/AboutTBUpdateParent.jsm
b/browser/actors/AboutTBUpdateParent.jsm
new file mode 100644
index ..56a10394565a
--- /dev/null
+++ b/browser/actors/AboutTBUpdateParent.jsm
@@ -0,0 +1,120 @@
+// Copyright (c) 2020, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+"use strict";
+
+this.EXPORTED_SYMBOLS = ["AboutTBUpdateParent"];
+
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
+const { AppConstants } = ChromeUtils.import(
+ "resource://gre/modules/AppConstants.jsm"
+);
+
+const kRequestUpdateMessageName = "FetchUpdateData";
+
+/**
+ * This code provides services to the about:tbupdate page. Whenever
+ * about:tbupdate needs to do something chrome-privileged, it sends a
+ * message that's handled here. It is modeled after Mozilla's about:home
+ * implementation.
+ */
+class AboutTBUpdateParent extends JSWindowActorParent {
+ receiveMessage(aMessage) {
+if (aMessage.name == kRequestUpdateMessageName) {
+ return this.releaseNoteInfo;
+}
+return undefined;
+ }
+
+ get moreInfoURL() {
+try {
+ return Services.prefs.getCharPref("torbrowser.post_update.url");
+} catch (e) {}
+
+// Use the default URL as a fallback.
+return
Services.urlFormatter.formatURLPref("startup.homepage_override_url");
+ }
+
+ // Read the text from the beginning of the changelog file that is located
+ // at TorBrowser/Docs/ChangeLog.txt and return an object that contains
+ // the following properties:
+ // versione.g., Tor Browser 8.5
+ // releaseDatee.g., March 31 2019
+ // releaseNotes details of changes (lines 2 - end of ChangeLog.txt)
+ // We attempt to parse the first line of ChangeLog.txt to extract the
+ // version and releaseDate. If parsing fails, we return the entire first
+ // line in version and omit releaseDate.
+ //
+ // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir
+ // to support Gatekeeper signing, the ChangeLog.txt file is located in
+ // TorBrowser.app/Contents/Resources/TorBrowser/Docs/.
+ get releaseNoteInfo() {
+let info = { moreInfoURL: this.moreInfoURL };
+
+try {
+ let f;
+ if (AppConstants.TOR_BROWSER_DATA_OUTSIDE_APP_DIR) {
+// "XREExeF".parent is the directory that contains firefox, i.e.,
+// Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/.
+f =
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 23247: Communicating security expectations for .onion
commit 2830a61050c6f5750fc6d26300703a3637b5b0ac
Author: Richard Pospesel
Date: Fri Jun 8 13:38:40 2018 -0700
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
---
browser/base/content/browser-siteIdentity.js | 39 -
browser/base/content/pageinfo/security.js | 64 ++
.../shared/identity-block/identity-block.inc.css | 19 +++
.../themes/shared/identity-block/onion-slash.svg | 5 ++
.../themes/shared/identity-block/onion-warning.svg | 6 ++
browser/themes/shared/identity-block/onion.svg | 3 +
browser/themes/shared/jar.inc.mn | 3 +
dom/base/nsContentUtils.cpp| 19 +++
dom/base/nsContentUtils.h | 5 ++
dom/base/nsGlobalWindowOuter.cpp | 3 +-
dom/ipc/WindowGlobalActor.cpp | 5 +-
dom/ipc/WindowGlobalChild.cpp | 6 +-
dom/presentation/PresentationRequest.cpp | 3 +-
dom/security/nsMixedContentBlocker.cpp | 16 +-
.../modules/geckoview/GeckoViewProgress.jsm| 4 ++
security/manager/ssl/nsSecureBrowserUI.cpp | 12
16 files changed, 180 insertions(+), 32 deletions(-)
diff --git a/browser/base/content/browser-siteIdentity.js
b/browser/base/content/browser-siteIdentity.js
index a936b7f4826b..0eb2124477f9 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -144,6 +144,10 @@ var gIdentityHandler = {
);
},
+ get _uriIsOnionHost() {
+return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion")
: false;
+ },
+
get _isAboutNetErrorPage() {
return (
gBrowser.selectedBrowser.documentURI &&
@@ -839,9 +843,9 @@ var gIdentityHandler = {
get pointerlockFsWarningClassName() {
// Note that the fullscreen warning does not handle _isSecureInternalUI.
if (this._uriHasHost && this._isSecureConnection) {
- return "verifiedDomain";
+ return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain";
}
-return "unknownIdentity";
+return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity";
},
/**
@@ -849,6 +853,10 @@ var gIdentityHandler = {
* built-in (returns false) or imported (returns true).
*/
_hasCustomRoot() {
+if (!this._secInfo) {
+ return false;
+}
+
let issuerCert = null;
issuerCert = this._secInfo.succeededCertChain[
this._secInfo.succeededCertChain.length - 1
@@ -891,11 +899,13 @@ var gIdentityHandler = {
"identity.extension.label",
[extensionName]
);
-} else if (this._uriHasHost && this._isSecureConnection) {
+} else if (this._uriHasHost && this._isSecureConnection && this._secInfo) {
// This is a secure connection.
- this._identityBox.className = "verifiedDomain";
+ // _isSecureConnection implicitly includes onion services, which may not
have an SSL certificate
+ const uriIsOnionHost = this._uriIsOnionHost;
+ this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" :
"verifiedDomain";
if (this._isMixedActiveContentBlocked) {
-this._identityBox.classList.add("mixedActiveBlocked");
+this._identityBox.classList.add(uriIsOnionHost ?
"onionMixedActiveBlocked" : "mixedActiveBlocked");
}
if (!this._isCertUserOverridden) {
// It's a normal cert, verifier is the CA Org.
@@ -906,17 +916,17 @@ var gIdentityHandler = {
}
} else if (this._isBrokenConnection) {
// This is a secure connection, but something is wrong.
- this._identityBox.className = "unknownIdentity";
+ const uriIsOnionHost =
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 23104: Add a default line height compensation
commit f2c03fd1c49310ea289b6ad828ccc7b41ed2c5d7
Author: Igor Oliveira
Date: Sun Dec 10 18:16:59 2017 -0200
Bug 23104: Add a default line height compensation
Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.
The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
---
layout/generic/ReflowInput.cpp | 19 ---
layout/generic/test/mochitest.ini | 1 +
layout/generic/test/test_tor_bug23104.html | 51 ++
3 files changed, 66 insertions(+), 5 deletions(-)
diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp
index d716986082f2..535b5ea9859c 100644
--- a/layout/generic/ReflowInput.cpp
+++ b/layout/generic/ReflowInput.cpp
@@ -31,6 +31,7 @@
#include "mozilla/SVGUtils.h"
#include "mozilla/dom/HTMLInputElement.h"
#include "nsGridContainerFrame.h"
+#include "nsContentUtils.h"
using namespace mozilla;
using namespace mozilla::css;
@@ -2647,7 +2648,8 @@ void
ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) {
// For risk management, we use preference to control the behavior, and
// eNoExternalLeading is the old behavior.
-static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) {
+static nscoord GetNormalLineHeight(nsIContent* aContent,
+ nsFontMetrics* aFontMetrics) {
MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics");
nscoord normalLineHeight;
@@ -2655,6 +2657,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics*
aFontMetrics) {
nscoord externalLeading = aFontMetrics->ExternalLeading();
nscoord internalLeading = aFontMetrics->InternalLeading();
nscoord emHeight = aFontMetrics->EmHeight();
+
+ if (nsContentUtils::ShouldResistFingerprinting() &&
+ !aContent->IsInChromeDocument()) {
+return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR);
+ }
+
switch (GetNormalLineHeightCalcControl()) {
case eIncludeExternalLeading:
normalLineHeight = emHeight + internalLeading + externalLeading;
@@ -2672,7 +2680,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics*
aFontMetrics) {
return normalLineHeight;
}
-static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle,
+static inline nscoord ComputeLineHeight(nsIContent* aContent,
+ComputedStyle* aComputedStyle,
nsPresContext* aPresContext,
nscoord aBlockBSize,
float aFontSizeInflation) {
@@ -2701,7 +2710,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle*
aComputedStyle,
RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle(
aComputedStyle, aPresContext, aFontSizeInflation);
- return GetNormalLineHeight(fm);
+ return GetNormalLineHeight(aContent, fm);
}
nscoord ReflowInput::CalcLineHeight() const {
@@ -2723,7 +2732,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent,
float aFontSizeInflation) {
MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle");
- nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext,
+ nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle,
aPresContext,
aBlockBSize, aFontSizeInflation);
NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up");
@@ -2736,7 +2745,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent,
if (!lh.IsNormal()) {
RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle(
aComputedStyle, aPresContext, aFontSizeInflation);
- nscoord normal = GetNormalLineHeight(fm);
+ nscoord normal = GetNormalLineHeight(aContent, fm);
if (lineHeight < normal) {
lineHeight = normal;
}
diff --git a/layout/generic/test/mochitest.ini
b/layout/generic/test/mochitest.ini
index 8c744ad28b66..5694dbce7a23 100644
--- a/layout/generic/test/mochitest.ini
+++ b/layout/generic/test/mochitest.ini
@@ -170,3 +170,4 @@ skip-if = debug == true || tsan # the test is slow. tsan:
bug 1612707
support-files =
file_reframe_for_lazy_load_image.html
[test_bug1655135.html]
+[test_tor_bug23104.html]
diff --git a/layout/generic/test/test_tor_bug23104.html
b/layout/generic/test/test_tor_bug23104.html
new file mode 100644
index ..ae73a3446037
--- /dev/null
+++ b/layout/generic/test/test_tor_bug23104.html
@@ -0,0 +1,51 @@
+
+
+
+
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 27511: Add new identity button to toolbar
commit f4816db26b7dbb44e97c0429533937f8335d136b
Author: Alex Catarineu
Date: Fri Oct 4 19:08:33 2019 +0200
Bug 27511: Add new identity button to toolbar
Also added 'New circuit for this site' button to CustomizableUI, but
not visible by default.
---
browser/base/content/browser.xhtml | 10 ++
.../components/customizableui/CustomizableUI.jsm| 21 +
browser/themes/shared/icons/new_circuit.svg | 8
browser/themes/shared/icons/new_identity.svg| 9 +
browser/themes/shared/jar.inc.mn| 3 +++
browser/themes/shared/menupanel.inc.css | 8
browser/themes/shared/toolbarbutton-icons.inc.css | 8
7 files changed, 67 insertions(+)
diff --git a/browser/base/content/browser.xhtml
b/browser/base/content/browser.xhtml
index 06aef6f277fc..cfa0973a1ea3 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -2167,6 +2167,16 @@
ondragenter="newWindowButtonObserver.onDragOver(event)"
ondragexit="newWindowButtonObserver.onDragExit(event)"/>
+
+
+
+
+http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;>
+Icon / New Circuit@1.5x
+
+
+
+
+
diff --git a/browser/themes/shared/icons/new_identity.svg
b/browser/themes/shared/icons/new_identity.svg
new file mode 100644
index ..91d5b35f7e80
--- /dev/null
+++ b/browser/themes/shared/icons/new_identity.svg
@@ -0,0 +1,9 @@
+
+http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;>
+New Identity Icon
+
+
+
+
+
+
\ No newline at end of file
diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn
index 6427db946f74..8d5d2bf5127d 100644
--- a/browser/themes/shared/jar.inc.mn
+++ b/browser/themes/shared/jar.inc.mn
@@ -307,3 +307,6 @@
skin/classic/browser/privatebrowsing/private-browsing.svg
(../shared/privatebrowsing/private-browsing.svg)
skin/classic/browser/install-ssb.svg
(../shared/install-ssb.svg)
skin/classic/browser/critical.svg
(../shared/icons/critical.svg)
+
+ skin/classic/browser/new_circuit.svg
(../shared/icons/new_circuit.svg)
+ skin/classic/browser/new_identity.svg
(../shared/icons/new_identity.svg)
diff --git a/browser/themes/shared/menupanel.inc.css
b/browser/themes/shared/menupanel.inc.css
index c919f32a1454..eae453ec5004 100644
--- a/browser/themes/shared/menupanel.inc.css
+++ b/browser/themes/shared/menupanel.inc.css
@@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] >
#bookmarks-menu-button,
-moz-context-properties: fill, fill-opacity;
fill-opacity: 0;
}
+
+#appMenuNewIdentity {
+ list-style-image: url("chrome://browser/skin/new_identity.svg");
+}
+
+#appMenuNewCircuit {
+ list-style-image: url("chrome://browser/skin/new_circuit.svg");
+}
diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css
b/browser/themes/shared/toolbarbutton-icons.inc.css
index 69e92272eb93..a948e1f1977a 100644
--- a/browser/themes/shared/toolbarbutton-icons.inc.css
+++ b/browser/themes/shared/toolbarbutton-icons.inc.css
@@ -233,6 +233,14 @@ toolbar[brighttext] {
list-style-image: url("chrome://browser/skin/new-tab.svg");
}
+#new-identity-button {
+ list-style-image: url("chrome://browser/skin/new_identity.svg");
+}
+
+#new-circuit-button {
+ list-style-image: url("chrome://browser/skin/new_circuit.svg");
+}
+
#privatebrowsing-button {
list-style-image: url("chrome://browser/skin/privateBrowsing.svg");
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 28369: Stop shipping pingsender executable
commit 2da49c0ffcb884646b38d704974b9410da140699
Author: Alex Catarineu
Date: Wed Apr 10 17:52:51 2019 +0200
Bug 28369: Stop shipping pingsender executable
---
browser/app/macbuild/Contents/MacOS-files.in | 1 -
browser/installer/package-manifest.in | 4
browser/installer/windows/nsis/shared.nsh | 1 -
python/mozbuild/mozbuild/artifacts.py | 2 --
toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +--
toolkit/components/telemetry/moz.build | 4
6 files changed, 1 insertion(+), 30 deletions(-)
diff --git a/browser/app/macbuild/Contents/MacOS-files.in
b/browser/app/macbuild/Contents/MacOS-files.in
index 3c6a1db5d6ea..bebc656a0a05 100644
--- a/browser/app/macbuild/Contents/MacOS-files.in
+++ b/browser/app/macbuild/Contents/MacOS-files.in
@@ -16,7 +16,6 @@
#if defined(MOZ_CRASHREPORTER)
/minidump-analyzer
#endif
-/pingsender
/pk12util
/ssltunnel
/xpcshell
diff --git a/browser/installer/package-manifest.in
b/browser/installer/package-manifest.in
index 937afa28fd71..6c314a352c3b 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -448,10 +448,6 @@ bin/libfreebl_64int_3.so
@BINPATH@/minidump-analyzer@BIN_SUFFIX@
#endif
-; [ Ping Sender ]
-;
-@BINPATH@/pingsender@BIN_SUFFIX@
-
; Shutdown Terminator
@RESPATH@/components/terminator.manifest
diff --git a/browser/installer/windows/nsis/shared.nsh
b/browser/installer/windows/nsis/shared.nsh
index 0529ac4529db..c556fe016af0 100755
--- a/browser/installer/windows/nsis/shared.nsh
+++ b/browser/installer/windows/nsis/shared.nsh
@@ -1472,7 +1472,6 @@ ${EndIf}
Push "crashreporter.exe"
Push "default-browser-agent.exe"
Push "minidump-analyzer.exe"
- Push "pingsender.exe"
Push "updater.exe"
Push "updateagent.exe"
Push "${FileMainEXE}"
diff --git a/python/mozbuild/mozbuild/artifacts.py
b/python/mozbuild/mozbuild/artifacts.py
index 1eb5e00aab00..b28b4703f5db 100644
--- a/python/mozbuild/mozbuild/artifacts.py
+++ b/python/mozbuild/mozbuild/artifacts.py
@@ -494,7 +494,6 @@ class LinuxArtifactJob(ArtifactJob):
"{product}/{product}",
"{product}/{product}-bin",
"{product}/minidump-analyzer",
-"{product}/pingsender",
"{product}/plugin-container",
"{product}/updater",
"{product}/**/*.so",
@@ -563,7 +562,6 @@ class MacArtifactJob(ArtifactJob):
"libosclientcerts.dylib",
"libsoftokn3.dylib",
"minidump-analyzer",
-"pingsender",
"plugin-container.app/Contents/MacOS/plugin-container",
"updater.app/Contents/MacOS/org.mozilla.updater",
# 'xpcshell',
diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm
b/toolkit/components/telemetry/app/TelemetrySend.jsm
index caf11f440681..ce27382be7e0 100644
--- a/toolkit/components/telemetry/app/TelemetrySend.jsm
+++ b/toolkit/components/telemetry/app/TelemetrySend.jsm
@@ -1578,23 +1578,6 @@ var TelemetrySendImpl = {
},
runPingSender(pings, observer) {
-if (AppConstants.platform === "android") {
- throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED);
-}
-
-const exeName =
- AppConstants.platform === "win" ? "pingsender.exe" : "pingsender";
-
-let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile);
-exe.append(exeName);
-
-let params = pings.flatMap(ping => [ping.url, ping.path]);
-let process = Cc["@mozilla.org/process/util;1"].createInstance(
- Ci.nsIProcess
-);
-process.init(exe);
-process.startHidden = true;
-process.noShell = true;
-process.runAsync(params, params.length, observer);
+throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED);
},
};
diff --git a/toolkit/components/telemetry/moz.build
b/toolkit/components/telemetry/moz.build
index a686d30d0912..d545a3df42f4 100644
--- a/toolkit/components/telemetry/moz.build
+++ b/toolkit/components/telemetry/moz.build
@@ -8,10 +8,6 @@ include("/ipc/chromium/chromium-config.mozbuild")
FINAL_LIBRARY = "xul"
-DIRS = [
-"pingsender",
-]
-
DEFINES["MOZ_APP_VERSION"] = '"%s"' % CONFIG["MOZ_APP_VERSION"]
LOCAL_INCLUDES += [
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 25658: Replace security slider with security level UI
commit 5500d4ce3c6017000755319ae245c01c66d7502b
Author: Richard Pospesel
Date: Mon Mar 4 16:09:51 2019 -0800
Bug 25658: Replace security slider with security level UI
This patch adds a new 'securitylevel' component to Tor Browser intended
to replace the torbutton 'Security Slider'.
This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.
Strings used by this patch are pulled from the torbutton extension, but
en-US defaults are provided if there is an error loading from the
extension. With this patch applied, the usual work-flow of "./mach build
&& ./mach run" work as expected, even if the torbutton extension is
disabled.
---
browser/base/content/browser.js| 10 +
browser/base/content/browser.xhtml | 5 +
browser/components/moz.build | 1 +
browser/components/preferences/preferences.xhtml | 1 +
browser/components/preferences/privacy.inc.xhtml | 2 +
browser/components/preferences/privacy.js | 19 +
.../securitylevel/content/securityLevel.js | 501 +
.../securitylevel/content/securityLevelButton.css | 9 +
.../content/securityLevelButton.inc.xhtml | 7 +
.../securitylevel/content/securityLevelButton.svg | 21 +
.../securitylevel/content/securityLevelPanel.css | 82
.../content/securityLevelPanel.inc.xhtml | 38 ++
.../content/securityLevelPreferences.css | 26 ++
.../content/securityLevelPreferences.inc.xhtml | 62 +++
browser/components/securitylevel/jar.mn| 6 +
browser/components/securitylevel/moz.build | 1 +
16 files changed, 791 insertions(+)
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index 9abba4bc420c..d83553c3c0ef 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -215,6 +215,11 @@ XPCOMUtils.defineLazyScriptGetter(
["DownloadsButton", "DownloadsIndicatorView"],
"chrome://browser/content/downloads/indicator.js"
);
+XPCOMUtils.defineLazyScriptGetter(
+ this,
+ ["SecurityLevelButton"],
+ "chrome://browser/content/securitylevel/securityLevel.js"
+);
XPCOMUtils.defineLazyScriptGetter(
this,
"gEditItemOverlay",
@@ -1876,6 +1881,9 @@ var gBrowserInit = {
// doesn't flicker as the window is being shown.
DownloadsButton.init();
+// Init the SecuritySettingsButton
+SecurityLevelButton.init();
+
// Certain kinds of automigration rely on this notification to complete
// their tasks BEFORE the browser window is shown. SessionStore uses it to
// restore tabs into windows AFTER important parts like
gMultiProcessBrowser
@@ -2557,6 +2565,8 @@ var gBrowserInit = {
DownloadsButton.uninit();
+SecurityLevelButton.uninit();
+
gAccessibilityServiceIndicator.uninit();
if (gToolbarKeyNavEnabled) {
diff --git a/browser/base/content/browser.xhtml
b/browser/base/content/browser.xhtml
index 27e15b92f641..2340bb92e9af 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -20,6 +20,8 @@
+
+
@@ -644,6 +646,7 @@
#include ../../components/controlcenter/content/protectionsPanel.inc.xhtml
#include ../../components/downloads/content/downloadsPanel.inc.xhtml
#include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml
+#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml
#include browser-allTabsMenu.inc.xhtml
@@ -1981,6 +1984,8 @@
+#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml
+
+
diff --git a/browser/components/preferences/privacy.inc.xhtml
b/browser/components/preferences/privacy.inc.xhtml
index 46445e8dc28f..0f963208e6fe 100644
--- a/browser/components/preferences/privacy.inc.xhtml
+++ b/browser/components/preferences/privacy.inc.xhtml
@@ -922,6 +922,8 @@
+#include ../securitylevel/content/securityLevelPreferences.inc.xhtml
+
diff --git a/browser/components/preferences/privacy.js
b/browser/components/preferences/privacy.js
index d534d695a5c4..e7c7c331292b 100644
--- a/browser/components/preferences/privacy.js
+++ b/browser/components/preferences/privacy.js
@@ -80,6 +80,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND",
function() {
}
});
+XPCOMUtils.defineLazyScriptGetter(
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 26345: Hide tracking protection UI
commit 2041a5d439fd9baa0696aed77cb179db61e509ed
Author: Alex Catarineu
Date: Tue Sep 10 16:29:31 2019 +0200
Bug 26345: Hide tracking protection UI
---
browser/base/content/browser-siteIdentity.js | 4 ++--
browser/base/content/browser.xhtml| 4 ++--
browser/components/about/AboutRedirector.cpp | 4
browser/components/about/components.conf | 1 -
browser/components/moz.build | 1 -
browser/themes/shared/preferences/privacy.css | 4
6 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/browser/base/content/browser-siteIdentity.js
b/browser/base/content/browser-siteIdentity.js
index 0eb2124477f9..76405338eef5 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -1063,10 +1063,10 @@ var gIdentityHandler = {
this._refreshPermissionIcons();
-// Hide the shield icon if it is a chrome page.
+// Bug 26345: Hide tracking protection UI.
gProtectionsHandler._trackingProtectionIconContainer.classList.toggle(
"chromeUI",
- this._isSecureInternalUI
+ true
);
},
diff --git a/browser/base/content/browser.xhtml
b/browser/base/content/browser.xhtml
index 2340bb92e9af..06aef6f277fc 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -774,7 +774,7 @@
oncommand="gSync.toggleAccountPanel('PanelUI-fxa',
this, event)"/>
-
+
@@ -785,7 +785,7 @@
-
+
description {
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
commit 1e936d3db79ab47a4d749ca6c21cca9f47f57932 Author: Mike Perry Date: Fri May 5 03:41:57 2017 -0700 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. --- .../search/extensions/ddg-onion/favicon.ico| Bin 0 -> 973 bytes .../search/extensions/ddg-onion/manifest.json | 26 + .../components/search/extensions/ddg/favicon.ico | Bin 5430 -> 0 bytes .../components/search/extensions/ddg/favicon.png | Bin 0 -> 1150 bytes .../components/search/extensions/ddg/manifest.json | 42 +++-- .../extensions/google/_locales/b-1-d/messages.json | 23 --- .../extensions/google/_locales/b-1-e/messages.json | 23 --- .../extensions/google/_locales/b-d/messages.json | 23 --- .../extensions/google/_locales/b-e/messages.json | 23 --- .../extensions/google/_locales/en/messages.json| 24 .../search/extensions/google/manifest.json | 17 - .../search/extensions/startpage/favicon.png| Bin 0 -> 1150 bytes .../search/extensions/startpage/manifest.json | 26 + .../search/extensions/twitter/favicon.ico | Bin 0 -> 1650 bytes .../search/extensions/twitter/manifest.json| 26 + .../extensions/wikipedia/_locales/NN/messages.json | 20 -- .../extensions/wikipedia/_locales/NO/messages.json | 20 -- .../extensions/wikipedia/_locales/af/messages.json | 20 -- .../extensions/wikipedia/_locales/an/messages.json | 20 -- .../extensions/wikipedia/_locales/ar/messages.json | 20 -- .../wikipedia/_locales/ast/messages.json | 20 -- .../extensions/wikipedia/_locales/az/messages.json | 20 -- .../wikipedia/_locales/be-tarask/messages.json | 20 -- .../extensions/wikipedia/_locales/be/messages.json | 20 -- .../extensions/wikipedia/_locales/bg/messages.json | 20 -- .../extensions/wikipedia/_locales/bn/messages.json | 20 -- .../extensions/wikipedia/_locales/br/messages.json | 20 -- .../extensions/wikipedia/_locales/bs/messages.json | 20 -- .../extensions/wikipedia/_locales/ca/messages.json | 20 -- .../extensions/wikipedia/_locales/cy/messages.json | 20 -- .../extensions/wikipedia/_locales/cz/messages.json | 20 -- .../extensions/wikipedia/_locales/da/messages.json | 20 -- .../extensions/wikipedia/_locales/de/messages.json | 20 -- .../wikipedia/_locales/dsb/messages.json | 20 -- .../extensions/wikipedia/_locales/el/messages.json | 20 -- .../extensions/wikipedia/_locales/en/messages.json | 20 -- .../extensions/wikipedia/_locales/eo/messages.json | 20 -- .../extensions/wikipedia/_locales/es/messages.json | 20 -- .../extensions/wikipedia/_locales/et/messages.json | 20 -- .../extensions/wikipedia/_locales/eu/messages.json | 20 -- .../extensions/wikipedia/_locales/fa/messages.json | 20 -- .../extensions/wikipedia/_locales/fi/messages.json | 20 -- .../extensions/wikipedia/_locales/fr/messages.json | 20 -- .../wikipedia/_locales/fy-NL/messages.json | 20 -- .../wikipedia/_locales/ga-IE/messages.json | 20 -- .../extensions/wikipedia/_locales/gd/messages.json | 20 -- .../extensions/wikipedia/_locales/gl/messages.json | 20 -- .../extensions/wikipedia/_locales/gn/messages.json | 20 -- .../extensions/wikipedia/_locales/gu/messages.json | 20 -- .../extensions/wikipedia/_locales/he/messages.json | 20 --
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
commit c7233bc4d81e2d158948fadf3a1e1953518e37ee Author: teor Date: Mon Mar 13 23:06:23 2017 +1100 Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. --- browser/app/Makefile.in | 2 +- browser/app/macbuild/Contents/Info.plist.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 54d6b43fe126..8dd3a9a65661 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -102,5 +102,5 @@ ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' endif - printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo' + printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in index fb5e6993ea9d..1d376c8d83d6 100644 --- a/browser/app/macbuild/Contents/Info.plist.in +++ b/browser/app/macbuild/Contents/Info.plist.in @@ -179,7 +179,7 @@ CFBundleShortVersionString @APP_VERSION@ CFBundleSignature - MOZB + TORB CFBundleURLTypes ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 21830: Copying large text from web console leaks to /tmp
commit c741ae9d6f37271318d5c4cc77ad7d7d085d45fd
Author: Georg Koppen
Date: Fri Aug 4 05:55:49 2017 +
Bug 21830: Copying large text from web console leaks to /tmp
Patch written by Neill Miller
---
widget/nsTransferable.cpp | 6 ++
1 file changed, 6 insertions(+)
diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp
index c82549a4d1d1..f8ecfbff0983 100644
--- a/widget/nsTransferable.cpp
+++ b/widget/nsTransferable.cpp
@@ -33,6 +33,7 @@ Notes to self:
#include "nsILoadContext.h"
#include "nsXULAppAPI.h"
#include "mozilla/UniquePtr.h"
+#include "mozilla/Preferences.h"
using namespace mozilla;
@@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) {
if (aContext) {
mPrivateData = aContext->UsePrivateBrowsing();
+ } else {
+// without aContext here to provide PrivateBrowsing information,
+// we defer to the active configured setting
+mPrivateData =
+mozilla::Preferences::GetBool("browser.privatebrowsing.autostart");
}
#ifdef DEBUG
mInitialized = true;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 11641: change TBB directory structure to be more like Firefox's
commit 1a9d0ff79f580ba05750934b13c082ec25c894a6
Author: Kathy Brade
Date: Tue Apr 29 13:08:24 2014 -0400
Bug 11641: change TBB directory structure to be more like Firefox's
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
---
toolkit/xre/nsAppRunner.cpp | 21 -
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 51a1a43ec891..86f6d55988a9 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -1804,8 +1804,10 @@ static void DumpHelp() {
" --migrationStart with migration wizard.\n"
" --ProfileManager Start with ProfileManager.\n"
#ifdef MOZ_HAS_REMOTE
- " --no-remoteDo not accept or send remote commands; implies\n"
+ " --no-remote(default) Do not accept or send remote commands; "
+ "implies\n"
" --new-instance.\n"
+ " --allow-remote Accept and send remote commands.\n"
" --new-instance Open new instance, not a new window in running "
"instance.\n"
#endif
@@ -3975,16 +3977,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
gSafeMode);
#if defined(MOZ_HAS_REMOTE)
+ // In Tor Browser, remoting is disabled by default unless -osint is used.
+ bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND);
+ bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND);
+ if (!allowRemote && !isOsint) {
+SaveToEnv("MOZ_NO_REMOTE=1");
+ }
// Handle --no-remote and --new-instance command line arguments. Setup
// the environment to better accommodate other components and various
// restart scenarios.
ar = CheckArg("no-remote");
- if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) {
+ if ((ar == ARG_FOUND) && allowRemote) {
+PR_fprintf(PR_STDERR,
+ "Error: argument --no-remote is invalid when argument "
+ "--allow-remote is specified\n");
+return 1;
+ }
+ if (EnvHasValue("MOZ_NO_REMOTE")) {
mDisableRemoteClient = true;
mDisableRemoteServer = true;
-if (!EnvHasValue("MOZ_NO_REMOTE")) {
- SaveToEnv("MOZ_NO_REMOTE=1");
-}
}
ar = CheckArg("new-instance");
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 21431: Clean-up system extensions shipped in Firefox
commit 91463d31b02b542cbfd2f0e07faf0b12d733d821
Author: Kathy Brade
Date: Tue May 23 17:05:29 2017 -0400
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
---
browser/components/BrowserGlue.jsm| 6 ++
browser/extensions/moz.build | 2 +-
browser/installer/package-manifest.in | 1 -
browser/locales/Makefile.in | 8
browser/locales/jar.mn| 7 ---
5 files changed, 7 insertions(+), 17 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index 3725c8f8b7a5..869317142bb2 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -2201,6 +2201,9 @@ BrowserGlue.prototype = {
const ID = "screensh...@mozilla.org";
const _checkScreenshotsPref = async () => {
let addon = await AddonManager.getAddonByID(ID);
+ if (!addon) {
+return;
+ }
let disabled = Services.prefs.getBoolPref(PREF, false);
if (disabled) {
await addon.disable({ allowSystemAddons: true });
@@ -2217,6 +2220,9 @@ BrowserGlue.prototype = {
const ID = "webcompat-repor...@mozilla.org";
Services.prefs.addObserver(PREF, async () => {
let addon = await AddonManager.getAddonByID(ID);
+ if (!addon) {
+return;
+ }
let enabled = Services.prefs.getBoolPref(PREF, false);
if (enabled && !addon.isActive) {
await addon.enable({ allowSystemAddons: true });
diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build
index df98fa94f629..8b16ddc4a84a 100644
--- a/browser/extensions/moz.build
+++ b/browser/extensions/moz.build
@@ -4,7 +4,7 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-DIRS += ["doh-rollout", "formautofill", "screenshots", "webcompat",
"report-site-issue"]
+DIRS += []
if not CONFIG["TOR_BROWSER_DISABLE_TOR_LAUNCHER"]:
DIRS += ["tor-launcher"]
diff --git a/browser/installer/package-manifest.in
b/browser/installer/package-manifest.in
index 74589084d4fa..937afa28fd71 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -272,7 +272,6 @@
@RESPATH@/browser/chrome/icons/default/default64.png
@RESPATH@/browser/chrome/icons/default/default128.png
#endif
-@RESPATH@/browser/features/*
; [DevTools Startup Files]
@RESPATH@/browser/chrome/devtools-startup@JAREXT@
diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in
index 496379c4306f..0946188813da 100644
--- a/browser/locales/Makefile.in
+++ b/browser/locales/Makefile.in
@@ -58,10 +58,6 @@ l10n-%:
@$(MAKE) -C ../../toolkit/locales l10n-$*
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$*
@$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$*
XPI_NAME=locale-$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
- @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$*
XPI_NAME=locale-$*
-endif
- @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$*
XPI_NAME=locale-$*
@$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$*
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$*
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) l10n AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR)
@@ -75,14 +71,10 @@ chrome-%:
@$(MAKE) -C ../../toolkit/locales chrome-$*
@$(MAKE) -C ../../services/sync/locales chrome AB_CD=$*
@$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
- @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$*
-endif
@$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$*
@$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$*
@$(MAKE) chrome AB_CD=$*
@$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$*
- @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$*
package-win32-installer: $(SUBMAKEFILES)
$(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)'
installer
diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn
index 454dcf5fdf2f..7866d448d176 100644
--- a/browser/locales/jar.mn
+++ b/browser/locales/jar.mn
@@ -54,10 +54,3 @@
locale/browser/newInstall.dtd
(%chrome/browser/newInstall.dtd)
locale/browser/brandings.dtd
(%chrome/browser/brandings.dtd)
locale/browser/fxmonitor.properties
(%chrome/browser/fxmonitor.properties)
-
-#ifdef XPI_NAME
-# Bug 1240628, restructure how l10n repacks work with feature addons
-# This is hacky, but ensures the chrome.manifest chain is complete
-[.] chrome.jar:
-% manifest features/chrome.manifest
-#endif
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 4234: Use the Firefox Update Process for Tor Browser.
commit fb0d644fdff6ec451605b5847141f45de47dcfdf Author: Kathy Brade Date: Fri Jan 13 11:40:24 2017 -0500 Bug 4234: Use the Firefox Update Process for Tor Browser. The following files are never updated: TorBrowser/Data/Browser/profiles.ini TorBrowser/Data/Browser/profile.default/bookmarks.html TorBrowser/Data/Tor/torrc Mac OS: Store update metadata under TorBrowser/UpdateInfo. Removed the %OS_VERSION% component from the update URL (13047) and added support for minSupportedOSVersion, an attribute of the element that may be used to trigger Firefox's "unsupported platform" behavior. Hide the "What's new" links (set app.releaseNotesURL value to about:blank). Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix Bug 26049: reduce the delay before the update prompt is displayed. Instead of Firefox's 2 days, we use 1 hour (after which time the update doorhanger will be displayed). Also fix bug 27221: purge the startup cache if the Tor Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Tor Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Tor Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. --- browser/app/Makefile.in| 2 + browser/app/profile/000-tor-browser.js | 16 +- browser/app/profile/firefox.js | 10 +- browser/base/content/aboutDialog-appUpdater.js | 2 +- browser/base/content/aboutDialog.js| 12 +- browser/components/BrowserContentHandler.jsm | 39 ++- .../customizableui/content/panelUI.inc.xhtml | 5 +- browser/confvars.sh| 35 +-- browser/installer/package-manifest.in | 2 + build/application.ini.in | 2 +- build/moz.configure/init.configure | 3 +- config/createprecomplete.py| 19 +- .../client/aboutdebugging/src/actions/runtimes.js | 5 + toolkit/modules/UpdateUtils.jsm| 34 +-- toolkit/mozapps/extensions/AddonManager.jsm| 24 ++ toolkit/mozapps/extensions/test/browser/head.js| 1 + .../extensions/test/xpcshell/head_addons.js| 1 + toolkit/mozapps/update/UpdateService.jsm | 127 +++- toolkit/mozapps/update/UpdateServiceStub.jsm | 4 + toolkit/mozapps/update/common/updatehelper.cpp | 8 + toolkit/mozapps/update/moz.build | 5 +- toolkit/mozapps/update/updater/launchchild_osx.mm | 2 + toolkit/mozapps/update/updater/moz.build | 2 +- toolkit/mozapps/update/updater/updater.cpp | 339 ++--- toolkit/xre/MacLaunchHelper.h | 2 + toolkit/xre/MacLaunchHelper.mm | 2 + toolkit/xre/nsAppRunner.cpp| 22 +- toolkit/xre/nsUpdateDriver.cpp | 109 ++- toolkit/xre/nsXREDirProvider.cpp | 42 ++- tools/update-packaging/common.sh | 64 ++-- tools/update-packaging/make_full_update.sh | 25 ++ tools/update-packaging/make_incremental_update.sh | 71 - 32 files changed, 881 insertions(+), 155 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 8dd3a9a65661..3a5550c96c15 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -97,10 +97,12 @@ tools repackage::
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 18821: Disable libmdns for Android and Desktop
commit c4037a4bc377fa7e3212cc281697f7978cce1873
Author: Georg Koppen
Date: Wed Apr 20 14:34:50 2016 +
Bug 18821: Disable libmdns for Android and Desktop
There should be no need to remove the OS X support introduced in
https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this
is governed by a preference (which is actually set to `false`). However,
we remove it at build time as well (defense in depth).
This is basically a backout of the relevant passages of
https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d,
https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and
https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd.
Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses)
as well.
---
dom/presentation/provider/components.conf | 10 --
dom/presentation/provider/moz.build | 1 -
netwerk/dns/mdns/libmdns/components.conf | 15 ---
netwerk/dns/mdns/libmdns/moz.build| 28
4 files changed, 54 deletions(-)
diff --git a/dom/presentation/provider/components.conf
b/dom/presentation/provider/components.conf
index 04cb28ec757e..56994ed7cd94 100644
--- a/dom/presentation/provider/components.conf
+++ b/dom/presentation/provider/components.conf
@@ -6,9 +6,6 @@
categories = {}
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'):
-categories["presentation-device-provider"] = "MulticastDNSDeviceProvider"
-
Classes = [
{
'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}',
@@ -16,11 +13,4 @@ Classes = [
'jsm': 'resource://gre/modules/PresentationControlService.jsm',
'constructor': 'PresentationControlService',
},
-{
-'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}',
-'contract_ids':
['@mozilla.org/presentation-device/multicastdns-provider;1'],
-'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider',
-'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'],
-'categories': categories,
-},
]
diff --git a/dom/presentation/provider/moz.build
b/dom/presentation/provider/moz.build
index f6c4527d2cdf..9fab92997787 100644
--- a/dom/presentation/provider/moz.build
+++ b/dom/presentation/provider/moz.build
@@ -8,7 +8,6 @@ EXTRA_JS_MODULES += ["PresentationControlService.jsm"]
UNIFIED_SOURCES += [
"DeviceProviderHelpers.cpp",
-"MulticastDNSDeviceProvider.cpp",
]
XPCOM_MANIFESTS += [
diff --git a/netwerk/dns/mdns/libmdns/components.conf
b/netwerk/dns/mdns/libmdns/components.conf
index 6e64140c820e..1b50dbf673a4 100644
--- a/netwerk/dns/mdns/libmdns/components.conf
+++ b/netwerk/dns/mdns/libmdns/components.conf
@@ -5,20 +5,5 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Classes = [
-{
-'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}',
-'contract_ids':
['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'],
-'type': 'mozilla::net::nsDNSServiceInfo',
-'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'],
-},
]
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa':
-Classes += [
-{
-'cid': '{f9346d98-f27a-4e89-b744-493843416480}',
-'contract_ids':
['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'],
-'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm',
-'constructor': 'nsDNSServiceDiscovery',
-},
-]
diff --git a/netwerk/dns/mdns/libmdns/moz.build
b/netwerk/dns/mdns/libmdns/moz.build
index f9c025fa823e..e6e70a6d803c 100644
--- a/netwerk/dns/mdns/libmdns/moz.build
+++ b/netwerk/dns/mdns/libmdns/moz.build
@@ -4,34 +4,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-if CONFIG["MOZ_WIDGET_TOOLKIT"] == "cocoa":
-UNIFIED_SOURCES += [
-"MDNSResponderOperator.cpp",
-"MDNSResponderReply.cpp",
-"nsDNSServiceDiscovery.cpp",
-]
-
-LOCAL_INCLUDES += [
-"/netwerk/base",
-]
-
-else:
-EXTRA_JS_MODULES += [
-"DNSServiceDiscovery.jsm",
-"fallback/DataReader.jsm",
-"fallback/DataWriter.jsm",
-"fallback/DNSPacket.jsm",
-"fallback/DNSRecord.jsm",
-"fallback/DNSResourceRecord.jsm",
-"fallback/DNSTypes.jsm",
-"fallback/MulticastDNS.jsm",
-]
-
-if CONFIG["MOZ_WIDGET_TOOLKIT"] == "android":
-EXTRA_JS_MODULES += [
-"MulticastDNSAndroid.jsm",
-]
-
UNIFIED_SOURCES += [
"nsDNSServiceInfo.cpp",
]
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 16285: Exclude ClearKey system for now
commit 349f0e39ad25956d1c4f41603433abc6c72cd785 Author: Georg Koppen Date: Mon May 22 12:44:40 2017 + Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. --- browser/installer/package-manifest.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 6a2f19cb040a..74589084d4fa 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -469,8 +469,8 @@ bin/libfreebl_64int_3.so #endif ; media -@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ -@RESPATH@/gmp-clearkey/0.1/manifest.json +;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ +;@RESPATH@/gmp-clearkey/0.1/manifest.json #ifdef MOZ_DMD ; DMD ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 19121: reinstate the update.xml hash check
commit 610b39377edb9af740a4f1020f725669509f17ae
Author: Kathy Brade
Date: Mon Apr 23 15:22:57 2018 -0400
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
---
toolkit/modules/AppConstants.jsm| 7
toolkit/mozapps/update/UpdateService.jsm| 63 -
toolkit/mozapps/update/UpdateTelemetry.jsm | 1 +
toolkit/mozapps/update/nsIUpdateService.idl | 11 +
4 files changed, 81 insertions(+), 1 deletion(-)
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index f94c47cc8953..e42c8ed8d0b9 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({
false,
#endif
+ MOZ_VERIFY_MAR_SIGNATURE:
+#ifdef MOZ_VERIFY_MAR_SIGNATURE
+ true,
+#else
+ false,
+#endif
+
MOZ_MAINTENANCE_SERVICE:
#ifdef MOZ_MAINTENANCE_SERVICE
true,
diff --git a/toolkit/mozapps/update/UpdateService.jsm
b/toolkit/mozapps/update/UpdateService.jsm
index 9f5e88efc5e6..6756fad9ce05 100644
--- a/toolkit/mozapps/update/UpdateService.jsm
+++ b/toolkit/mozapps/update/UpdateService.jsm
@@ -799,6 +799,20 @@ function LOG(string) {
}
}
+/**
+ * Convert a string containing binary values to hex.
+ */
+function binaryToHex(input) {
+ var result = "";
+ for (var i = 0; i < input.length; ++i) {
+var hex = input.charCodeAt(i).toString(16);
+if (hex.length == 1)
+ hex = "0" + hex;
+result += hex;
+ }
+ return result;
+}
+
/**
* Gets the specified directory at the specified hierarchy under the
* update root directory and creates it if it doesn't exist.
@@ -1612,6 +1626,8 @@ function UpdatePatch(patch) {
}
break;
case "finalURL":
+ case "hashFunction":
+ case "hashValue":
case "state":
case "type":
case "URL":
@@ -1631,6 +1647,8 @@ UpdatePatch.prototype = {
// over writing nsIUpdatePatch attributes.
_attrNames: [
"errorCode",
+"hashFunction",
+"hashValue",
"finalURL",
"selected",
"size",
@@ -1644,6 +1662,8 @@ UpdatePatch.prototype = {
*/
serialize: function UpdatePatch_serialize(updates) {
var patch = updates.createElementNS(URI_UPDATE_NS, "patch");
+patch.setAttribute("hashFunction", this.hashFunction);
+patch.setAttribute("hashValue", this.hashValue);
patch.setAttribute("size", this.size);
patch.setAttribute("type", this.type);
patch.setAttribute("URL", this.URL);
@@ -4480,7 +4500,42 @@ Downloader.prototype = {
}
LOG("Downloader:_verifyDownload downloaded size == expected size.");
-return true;
+let fileStream = Cc["@mozilla.org/network/file-input-stream;1"].
+ createInstance(Ci.nsIFileInputStream);
+fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE,
0);
+
+let digest;
+try {
+ let hash = Cc["@mozilla.org/security/hash;1"].
+ createInstance(Ci.nsICryptoHash);
+ var hashFunction =
Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()];
+ if (hashFunction == undefined) {
+throw Cr.NS_ERROR_UNEXPECTED;
+ }
+ hash.init(hashFunction);
+ hash.updateFromStream(fileStream, -1);
+ // NOTE: For now, we assume that the format of _patch.hashValue is hex
+ // encoded binary (such as what is typically output by programs like
+ // sha1sum). In the future, this may change to base64 depending on how
+ // we choose to compute these hashes.
+ digest = binaryToHex(hash.finish(false));
+} catch (e) {
+ LOG("Downloader:_verifyDownload - failed to compute hash of the " +
+ "downloaded update archive");
+ digest = "";
+}
+
+fileStream.close();
+
+if (digest == this._patch.hashValue.toLowerCase()) {
+ LOG("Downloader:_verifyDownload hashes match.");
+ return true;
+}
+
+LOG("Downloader:_verifyDownload hashes do not match. ");
+AUSTLMY.pingDownloadCode(this.isCompleteUpdate,
+ AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH);
+return false;
},
/**
@@ -5072,6
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 13379: Sign our MAR files.
commit 4aad1091f69e2a2f82eb0b976cb482b1bb7055f7
Author: Kathy Brade
Date: Wed Dec 17 16:37:11 2014 -0500
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS.
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
---
.mozconfig | 1 +
.mozconfig-asan| 1 +
.mozconfig-mac | 1 +
.mozconfig-mingw | 1 +
modules/libmar/tool/mar.c | 6 +--
modules/libmar/tool/moz.build | 12 --
modules/libmar/verify/moz.build| 14 +++---
.../mozapps/update/updater/updater-common.build| 26 +--
toolkit/mozapps/update/updater/updater.cpp | 25 +++
toolkit/xre/moz.build | 3 ++
toolkit/xre/nsUpdateDriver.cpp | 50 ++
11 files changed, 115 insertions(+), 25 deletions(-)
diff --git a/.mozconfig b/.mozconfig
index 24efaea57b0b..d71c858844e3 100755
--- a/.mozconfig
+++ b/.mozconfig
@@ -36,3 +36,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING=
ac_add_options --disable-tor-launcher
ac_add_options --with-tor-browser-version=dev-build
ac_add_options --disable-tor-browser-update
+ac_add_options --enable-verify-mar
diff --git a/.mozconfig-asan b/.mozconfig-asan
index 13232e054d45..ca05fb12eedb 100644
--- a/.mozconfig-asan
+++ b/.mozconfig-asan
@@ -28,6 +28,7 @@ ac_add_options --enable-official-branding
ac_add_options --enable-default-toolkit=cairo-gtk3
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-strip
ac_add_options --disable-install-strip
diff --git a/.mozconfig-mac b/.mozconfig-mac
index 1f89cab30bbc..9be7751f8241 100644
--- a/.mozconfig-mac
+++ b/.mozconfig-mac
@@ -42,6 +42,7 @@ ac_add_options --disable-debug
ac_add_options --enable-tor-browser-data-outside-app-dir
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-crashreporter
ac_add_options --disable-webrtc
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
index 4fb050308060..29c58d8fdab2 100644
--- a/.mozconfig-mingw
+++ b/.mozconfig-mingw
@@ -14,6 +14,7 @@ ac_add_options --enable-strip
ac_add_options --enable-official-branding
ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
ac_add_options --disable-bits-download
# Let's make sure no preference is enabling either Adobe's or Google's CDM.
diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c
index 0bf2cb4bd1d4..ea2b79924914 100644
--- a/modules/libmar/tool/mar.c
+++ b/modules/libmar/tool/mar.c
@@ -65,7 +65,7 @@ static void print_usage() {
"signed_input_archive.mar base_64_encoded_signature_file "
"changed_signed_output.mar\n");
printf("(i) is the index of the certificate to extract\n");
-# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS))
+# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS)
printf("Verify a MAR file:\n");
printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n");
printf(
@@ -149,7 +149,7 @@ int main(int argc, char** argv) {
memset((void*)certBuffers, 0, sizeof(certBuffers));
#endif
#if !defined(NO_SIGN_VERIFY) && \
-((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX))
+(!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
memset(DERFilePaths, 0, sizeof(DERFilePaths));
memset(fileSizes, 0, sizeof(fileSizes));
#endif
@@ -181,7 +181,7 @@ int main(int argc, char** argv) {
argc -= 2;
}
#if !defined(NO_SIGN_VERIFY)
-# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)
+# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
/* -D DERFilePath, also matches -D[index] DERFilePath
We allow an index for verifying to be symmetric
with the import and export command line arguments. */
diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build
index a6d26c66a668..d6fa1677ddf1 100644
--- a/modules/libmar/tool/moz.build
+++
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 13252: Do not store data in the app bundle
commit f909b8b97bcb8b0df4672cb9b366787a8e291db5
Author: Kathy Brade
Date: Fri Mar 18 14:20:02 2016 -0400
Bug 13252: Do not store data in the app bundle
When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.
Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
---
toolkit/xre/nsAppRunner.cpp| 76 +++
toolkit/xre/nsXREDirProvider.cpp | 43 +--
toolkit/xre/nsXREDirProvider.h | 6 ++
xpcom/io/TorFileUtils.cpp | 133 +
xpcom/io/TorFileUtils.h| 32
xpcom/io/moz.build | 5 ++
xpcom/io/nsAppFileLocationProvider.cpp | 53 ++---
7 files changed, 280 insertions(+), 68 deletions(-)
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 21c5415a5dff..51a1a43ec891 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -2369,6 +2369,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport*
aNative) {
}
}
+// If aUnlocker is NULL, it is also OK for the following arguments to be NULL:
+// aProfileDir, aProfileLocalDir, aResult.
static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir,
nsIFile* aProfileLocalDir,
ProfileStatus aStatus,
@@ -2377,17 +2379,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile*
aProfileDir,
nsIProfileLock** aResult) {
nsresult rv;
- bool exists;
- aProfileDir->Exists();
- if (!exists) {
-return ProfileMissingDialog(aNative);
+ if (aProfileDir) {
+bool exists;
+aProfileDir->Exists();
+if (!exists) {
+ return ProfileMissingDialog(aNative);
+}
}
ScopedXPCOMStartup xpcom;
rv = xpcom.Initialize();
NS_ENSURE_SUCCESS(rv, rv);
- mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
+ if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
rv = xpcom.SetWindowCreator(aNative);
NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE);
@@ -2477,7 +2481,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile*
aProfileDir,
}
} else {
#ifdef MOZ_WIDGET_ANDROID
- if (java::GeckoAppShell::UnlockProfile()) {
+ if (aProfileDir && aProfileLocalDir && aResult &&
+ java::GeckoAppShell::UnlockProfile()) {
return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr,
aResult);
}
@@ -2586,6 +2591,23 @@ static ReturnAbortOnError ShowProfileManager(
return LaunchChild(false);
}
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) {
+ // Check whether we can write to the directory that will contain
+ // TorBrowser-Data.
+ nsCOMPtr tbDataDir;
+ RefPtr dirProvider = nsXREDirProvider::GetSingleton();
+ if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR;
+ nsresult rv =
+ dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir));
+ NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+ nsCOMPtr tbDataDirParent;
+ rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent));
+ NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+ return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent);
+}
+#endif
+
static bool gDoMigration = false;
static bool gDoProfileReset = false;
static nsCOMPtr gResetOldProfile;
@@ -3610,6 +3632,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK();
#endif
+#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+ bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND);
+ if (hideDockIcon) {
+ProcessSerialNumber psn = {0, kCurrentProcess};
+TransformProcessType(, kProcessTransformToBackgroundApplication);
+ }
+#endif
+
IncreaseDescriptorLimits();
#ifdef USE_GLX_TEST
@@ -4458,7 +4488,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
return 0;
}
+#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \
+defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+ nsCOMPtr exeFile, exeDir;
+ bool persistent;
+ rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, ,
+getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, 1);
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
+ NS_ENSURE_SUCCESS(rv, 1);
+#endif
+
rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc));
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ if (NS_FAILED(rv)) {
+//
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 16620: Clear window.name when no referrer sent
commit b517f802d738193367ca3add94ea7ce72c53f63d
Author: Kathy Brade
Date: Fri Oct 30 14:28:13 2015 -0400
Bug 16620: Clear window.name when no referrer sent
Convert JS implementation (within Torbutton) to a C++ browser patch.
---
docshell/base/nsDocShell.cpp | 60 +++
docshell/test/mochitest/mochitest.ini | 3 +
docshell/test/mochitest/test_tor_bug16620.html | 212 +
docshell/test/mochitest/tor_bug16620.html | 51 ++
docshell/test/mochitest/tor_bug16620_form.html | 51 ++
5 files changed, 377 insertions(+)
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index c924653a10ef..b440da6b5ffe 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -7742,11 +7742,71 @@ nsresult nsDocShell::CreateContentViewer(const
nsACString& aContentType,
aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI));
}
FirePageHideNotification(!mSavingOldViewer);
+
if (mIsBeingDestroyed) {
// Force to stop the newly created orphaned viewer.
viewer->Stop();
return NS_ERROR_DOCSHELL_DYING;
}
+
+ // Tor bug 16620: Clear window.name of top-level documents if
+ // there is no referrer. We make an exception for new windows,
+ // e.g., window.open(url, "MyName").
+ bool isNewWindowTarget = false;
+ nsCOMPtr props(do_QueryInterface(aRequest, ));
+ if (props) {
+props->GetPropertyAsBool(u"docshell.newWindowTarget"_ns,
+ );
+ }
+
+ if (!isNewWindowTarget) {
+nsCOMPtr httpChannel(do_QueryInterface(aOpenedChannel));
+nsCOMPtr httpReferrer;
+if (httpChannel) {
+ nsCOMPtr referrerInfo;
+ rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo));
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (referrerInfo) {
+// We want GetComputedReferrer() instead of GetOriginalReferrer(),
since
+// the former takes into consideration referrer policy, protocol
+// whitelisting...
+httpReferrer = referrerInfo->GetComputedReferrer();
+ }
+}
+
+bool isTopFrame = mBrowsingContext->IsTop();
+
+#ifdef DEBUG_WINDOW_NAME
+printf("DOCSHELL %p CreateContentViewer - possibly clearing
window.name:\n",
+ this);
+printf(" current window.name: \"%s\"\n",
+ NS_ConvertUTF16toUTF8(mName).get());
+
+nsAutoCString curSpec, loadingSpec;
+if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec);
+if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec);
+printf(" current URI: %s\n", curSpec.get());
+printf(" loading URI: %s\n", loadingSpec.get());
+printf(" is top document: %s\n", isTopFrame ? "Yes" : "No");
+
+if (!httpReferrer) {
+ printf(" referrer: None\n");
+} else {
+ nsAutoCString refSpec;
+ httpReferrer->GetSpec(refSpec);
+ printf(" referrer: %s\n", refSpec.get());
+}
+#endif
+
+bool clearName = isTopFrame && !httpReferrer;
+if (clearName) SetName(u""_ns);
+
+#ifdef DEBUG_WINDOW_NAME
+printf(" action taken: %s window.name\n",
+ clearName ? "Cleared" : "Preserved");
+#endif
+ }
+
mLoadingURI = nullptr;
// Set mFiredUnloadEvent = false so that the unload handler for the
diff --git a/docshell/test/mochitest/mochitest.ini
b/docshell/test/mochitest/mochitest.ini
index b712654703f9..89b6718811c4 100644
--- a/docshell/test/mochitest/mochitest.ini
+++ b/docshell/test/mochitest/mochitest.ini
@@ -53,6 +53,8 @@ support-files =
start_historyframe.html
url1_historyframe.html
url2_historyframe.html
+ tor_bug16620.html
+ tor_bug16620_form.html
[test_anchor_scroll_after_document_open.html]
[test_bfcache_plus_hash.html]
@@ -127,6 +129,7 @@ support-files =
file_history_length_during_pageload.html
file_history_length_during_pageload_2.html
[test_pushState_after_document_open.html]
+[test_tor_bug16620.html]
[test_navigate_after_pagehide.html]
[test_redirect_history.html]
support-files =
diff --git a/docshell/test/mochitest/test_tor_bug16620.html
b/docshell/test/mochitest/test_tor_bug16620.html
new file mode 100644
index ..f60a06711c17
--- /dev/null
+++ b/docshell/test/mochitest/test_tor_bug16620.html
@@ -0,0 +1,212 @@
+
+
+
+
+
+ Test for Tor Bug 16620 - Clear window.name when no referrer
sent
+
+
+
+
+https://trac.torproject.org/projects/tor/ticket/16620;>Tor Bug 16620
+
+
+// ## Test constants
+const kTestPath = "/tests/docshell/test/mochitest/";
+const kLinkFile = "tor_bug16620.html";
+const kFormFile = "tor_bug16620_form.html";
+const kBaseURL1 = "http://example.com";;
+const kBaseURL1_https = "https://example.com";;
+const kBaseURL2 = "http://example.net";;
+const kSendReferrerPref = "network.http.sendRefererHeader";
+const kSendReferrerNever = 0;
+const kSendReferrerForUserAction = 1;
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 13028: Prevent potential proxy bypass cases.
commit 1e2826d96f36d46a0060afc2ae1a279c923dc3a2
Author: Mike Perry
Date: Mon Sep 29 14:30:19 2014 -0700
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and
it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
---
security/nss/lib/certhigh/ocsp.c| 8
.../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +
2 files changed, 29 insertions(+)
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
index cea8456606bf..86fa971cfbef 100644
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port)
PRNetAddr addr;
char *netdbbuf = NULL;
+// XXX: Do we need a unittest ifdef here? We don't want to break the
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n",
host,
+port);
+goto loser;
+#endif
+
sock = PR_NewTCPSocket();
if (sock == NULL)
goto loser;
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
index e8698376b5be..85791d84a932 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create(
plContext),
PKIX_COULDNOTCREATESOCKETOBJECT);
+// XXX: Do we need a unittest ifdef here? We don't want to break the
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct socket connect\n");
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
socket->isServer = isServer;
socket->timeout = timeout;
socket->clientSock = NULL;
@@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName(
localCopyName = PL_strdup(serverName);
+// XXX: Do we need a unittest ifdef here? We don't want to break the
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct connect to %s\n",
serverName);
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
sepPtr = strchr(localCopyName, ':');
/* First strip off the portnum, if present, from the end of the name */
if (sepPtr) {
@@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort(
PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort");
PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
+// XXX: Do we need a unittest ifdef here? We don't want to break the
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct connect to %s, port
%u\n", hostname,
+portnum);
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), );
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
commit 1929918f708a8656eb632622e70ace6a864b1ab1
Author: Kathy Brade
Date: Tue Jun 28 15:13:05 2016 -0400
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
---
.../exthandler/nsExternalHelperAppService.cpp | 172 ++---
uriloader/exthandler/nsExternalHelperAppService.h | 3 +
.../exthandler/nsIExternalHelperAppService.idl | 47 ++
3 files changed, 204 insertions(+), 18 deletions(-)
diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp
b/uriloader/exthandler/nsExternalHelperAppService.cpp
index 16b7be9b364a..8028eaeafaab 100644
--- a/uriloader/exthandler/nsExternalHelperAppService.cpp
+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp
@@ -133,6 +133,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] =
static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] =
"browser.helperApps.neverAsk.openFile";
+static const char WARNING_DIALOG_CONTRACT_ID[] =
+"@torproject.org/torbutton-extAppBlocker;1";
+
// Helper functions for Content-Disposition headers
/**
@@ -405,6 +408,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory,
return NS_OK;
}
+static already_AddRefed GetDialogParentAux(
+BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) {
+ nsCOMPtr dialogParent = aWindowContext;
+
+ if (!dialogParent && aBrowsingContext) {
+dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow());
+ }
+ if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) {
+RefPtr element = aBrowsingContext->Top()->GetEmbedderElement();
+if (element) {
+ dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow());
+}
+ }
+ return dialogParent.forget();
+}
+
/**
* Structure for storing extension->type mappings.
* @see defaultMimeEntries
@@ -624,6 +643,92 @@ static const char* descriptionOverwriteExtensions[] = {
"avif", "pdf", "svg", "webp", "xml",
};
+//
+// begin nsExternalLoadURIHandler class definition and implementation
+//
+class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher {
+ public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIHELPERAPPWARNINGLAUNCHER
+
+ nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+ nsIPrincipal* aTriggeringPrincipal,
+ BrowsingContext* aBrowsingContext);
+
+ protected:
+ ~nsExternalLoadURIHandler();
+
+ nsCOMPtr mHandlerInfo;
+ nsCOMPtr mURI;
+ nsCOMPtr mTriggeringPrincipal;
+ RefPtr mBrowsingContext;
+ nsCOMPtr mWarningDialog;
+};
+
+NS_IMPL_ADDREF(nsExternalLoadURIHandler)
+NS_IMPL_RELEASE(nsExternalLoadURIHandler)
+
+NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler)
+ NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher)
+ NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher)
+NS_INTERFACE_MAP_END
+
+nsExternalLoadURIHandler::nsExternalLoadURIHandler(
+nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext)
+: mHandlerInfo(aHandlerInfo),
+ mURI(aURI),
+ mTriggeringPrincipal(aTriggeringPrincipal),
+ mBrowsingContext(aBrowsingContext)
+
+{
+ nsresult rv = NS_OK;
+ mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, );
+ if (NS_SUCCEEDED(rv) && mWarningDialog) {
+// This will create a reference cycle (the dialog holds a reference to us
+// as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest
+// or CancelRequest.
+nsCOMPtr dialogParent =
+GetDialogParentAux(aBrowsingContext, nullptr);
+rv = mWarningDialog->MaybeShow(this, dialogParent);
+ }
+
+ if (NS_FAILED(rv)) {
+// If for some reason we could not open the download warning prompt,
+// continue with the request.
+ContinueRequest();
+ }
+}
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
commit 3ab883f085e97ade6c290a511c98ade9c1092703
Author: Mike Perry
Date: Wed Aug 27 15:19:10 2014 -0700
Bug 12974: Disable NTLM and Negotiate HTTP Auth
This is technically an embargoed Mozilla bug, so I probably shouldn't
provide
too many details.
Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I
doubt
very many (or any of them) actually need it.
The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421
---
extensions/auth/nsHttpNegotiateAuth.cpp | 4
netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++
2 files changed, 7 insertions(+)
diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp
b/extensions/auth/nsHttpNegotiateAuth.cpp
index 99720475b9dd..1c08fcf3da7e 100644
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -152,6 +152,10 @@
nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel,
nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState;
*identityInvalid = false;
+
+ /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+ return NS_ERROR_ABORT;
+
if (rawModule) {
return NS_OK;
}
diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
index 0a30de051014..891aaadfd758 100644
--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
@@ -168,6 +168,9 @@
nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel,
*identityInvalid = false;
+ /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+ return NS_ERROR_ABORT;
+
// Start a new auth sequence if the challenge is exactly "NTLM".
// If native NTLM auth apis are available and enabled through prefs,
// try to use them.
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 16439: Remove screencasting code
commit 8a86dfcebe1876b77bd32e678b5d08b857e149b5 Author: Kathy Brade Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index f61496e9d3d6..f732cec2cef3 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -258,10 +258,11 @@ if "Android" != CONFIG["OS_TARGET"]: ] else: DEFINES["ANDROID"] = True -EXTRA_JS_MODULES += [ -"secondscreen/RokuApp.jsm", -"secondscreen/SimpleServiceDiscovery.jsm", -] +if not CONFIG["TOR_BROWSER_VERSION"]: +EXTRA_JS_MODULES += [ +"secondscreen/RokuApp.jsm", +"secondscreen/SimpleServiceDiscovery.jsm", +] if CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
commit 31b41425350479cfcf23ec4a5cfe7284049ccd9a
Author: Kathy Brade
Date: Fri Oct 18 15:20:06 2013 -0400
Bug 9173: Change the default Firefox profile directory to be TBB-relative.
This should eliminate our need to rely on a wrapper script that
sets /Users/arthur and launches Firefox with -profile.
---
toolkit/profile/nsToolkitProfileService.cpp | 5 +-
toolkit/xre/nsAppRunner.cpp | 2 +-
toolkit/xre/nsConsoleWriter.cpp | 2 +-
toolkit/xre/nsXREDirProvider.cpp| 149 ++--
toolkit/xre/nsXREDirProvider.h | 16 +--
xpcom/io/nsAppFileLocationProvider.cpp | 97 +++---
6 files changed, 84 insertions(+), 187 deletions(-)
diff --git a/toolkit/profile/nsToolkitProfileService.cpp
b/toolkit/profile/nsToolkitProfileService.cpp
index 4af61d54d19b..060248c42689 100644
--- a/toolkit/profile/nsToolkitProfileService.cpp
+++ b/toolkit/profile/nsToolkitProfileService.cpp
@@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() {
NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!");
nsresult rv;
- rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData));
+ rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData));
NS_ENSURE_SUCCESS(rv, rv);
- rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData));
+ rv =
+
gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData));
NS_ENSURE_SUCCESS(rv, rv);
rv = mAppData->Clone(getter_AddRefs(mProfileDBFile));
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 40e4dae574dc..1f7003ccf83c 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -3614,7 +3614,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) &&
NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) {
nsCOMPtr file;
-rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file));
+rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file));
if (NS_SUCCEEDED(rv)) {
CrashReporter::SetUserAppDataDirectory(file);
}
diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp
index d89ea3bde31d..4a9a6d28034a 100644
--- a/toolkit/xre/nsConsoleWriter.cpp
+++ b/toolkit/xre/nsConsoleWriter.cpp
@@ -29,7 +29,7 @@ void WriteConsoleLog() {
} else {
if (!gLogConsoleErrors) return;
-rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile));
+rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile));
if (NS_FAILED(rv)) return;
lfile->AppendNative("console.log"_ns);
diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
index 2760be996403..b88fd3eb368c 100644
--- a/toolkit/xre/nsXREDirProvider.cpp
+++ b/toolkit/xre/nsXREDirProvider.cpp
@@ -32,6 +32,7 @@
#include "nsArrayEnumerator.h"
#include "nsEnumeratorUtils.h"
#include "nsReadableUtils.h"
+#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR
#include "SpecialSystemDirectory.h"
@@ -244,9 +245,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile**
aResult) {
nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false);
if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
-rv = file->AppendNative("Profiles"_ns);
-#endif
// We must create the profile directory here if it does not exist.
nsresult tmp = EnsureDirectoryExists(file);
if (NS_FAILED(tmp)) {
@@ -262,9 +260,6 @@ nsresult
nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) {
nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true);
if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
-rv = file->AppendNative("Profiles"_ns);
-#endif
// We must create the profile directory here if it does not exist.
nsresult tmp = EnsureDirectoryExists(file);
if (NS_FAILED(tmp)) {
@@ -1394,7 +1389,7 @@ nsresult
nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr& aFile,
nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
bool aLocal) {
// Copied from nsAppFileLocationProvider (more or less)
- nsresult rv;
+ NS_ENSURE_ARG_POINTER(aFile);
nsCOMPtr localDir;
if (aLocal && gDataDirHomeLocal) {
@@ -1404,80 +1399,39 @@ nsresult
nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
return gDataDirHome->Clone(aFile);
}
-#if defined(XP_MACOSX)
- FSRef fsRef;
- OSType folderType;
- if (aLocal) {
-folderType = kCachedDataFolderType;
- } else {
-# ifdef MOZ_THUNDERBIRD
-folderType = kDomainLibraryFolderType;
-# else
-folderType = kApplicationSupportFolderType;
-# endif
- }
- OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, );
- NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
-
- rv =
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Add TorStrings module for localization
commit 2bd0ff989bfd2e3c4568aa0e6225f4f23cc2720b
Author: Alex Catarineu
Date: Fri Jul 24 21:15:20 2020 +0200
Add TorStrings module for localization
---
browser/modules/TorStrings.jsm | 490 +
browser/modules/moz.build | 1 +
2 files changed, 491 insertions(+)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
new file mode 100644
index ..e8a8d37ae373
--- /dev/null
+++ b/browser/modules/TorStrings.jsm
@@ -0,0 +1,490 @@
+"use strict";
+
+var EXPORTED_SYMBOLS = ["TorStrings"];
+
+const { XPCOMUtils } = ChromeUtils.import(
+ "resource://gre/modules/XPCOMUtils.jsm"
+);
+const { Services } = ChromeUtils.import(
+ "resource://gre/modules/Services.jsm"
+);
+const { getLocale } = ChromeUtils.import(
+ "resource://torbutton/modules/utils.js"
+);
+
+XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]);
+XPCOMUtils.defineLazyGetter(this, "domParser", () => {
+ const parser = new DOMParser();
+ parser.forceEnableDTD();
+ return parser;
+});
+
+/*
+ Tor DTD String Bundle
+
+ DTD strings loaded from torbutton/tor-launcher, but provide a fallback in
case they aren't available
+*/
+class TorDTDStringBundle {
+ constructor(aBundleURLs, aPrefix) {
+let locations = [];
+for (const [index, url] of aBundleURLs.entries()) {
+ locations.push(`%dtd_${index};`);
+}
+this._locations = locations;
+this._prefix = aPrefix;
+ }
+
+ // copied from testing/marionette/l10n.js
+ localizeEntity(urls, id) {
+// Use the DOM parser to resolve the entity and extract its real value
+let header = ``;
+let elem = `&${id};`;
+let doc = domParser.parseFromString(header + elem, "text/xml");
+let element = doc.querySelector("elem[id='elementID']");
+
+if (element === null) {
+ throw new Error(`Entity with id='${id}' hasn't been found`);
+}
+
+return element.textContent;
+ }
+
+ getString(key, fallback) {
+if (key) {
+ try {
+return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`);
+ } catch (e) {}
+}
+
+// on failure, assign the fallback if it exists
+if (fallback) {
+ return fallback;
+}
+// otherwise return string key
+return `$(${key})`;
+ }
+}
+
+/*
+ Tor Property String Bundle
+
+ Property strings loaded from torbutton/tor-launcher, but provide a fallback
in case they aren't available
+*/
+class TorPropertyStringBundle {
+ constructor(aBundleURL, aPrefix) {
+try {
+ this._bundle = Services.strings.createBundle(aBundleURL);
+} catch (e) {}
+
+this._prefix = aPrefix;
+ }
+
+ getString(key, fallback) {
+if (key) {
+ try {
+return this._bundle.GetStringFromName(`${this._prefix}${key}`);
+ } catch (e) {}
+}
+
+// on failure, assign the fallback if it exists
+if (fallback) {
+ return fallback;
+}
+// otherwise return string key
+return `$(${key})`;
+ }
+}
+
+/*
+ Security Level Strings
+*/
+var TorStrings = {
+ /*
+Tor Browser Security Level Strings
+ */
+ securityLevel: (function() {
+let tsb = new TorDTDStringBundle(
+ ["chrome://torbutton/locale/torbutton.dtd"],
+ "torbutton.prefs.sec_"
+);
+let getString = function(key, fallback) {
+ return tsb.getString(key, fallback);
+};
+
+// read localized strings from torbutton; but use hard-coded en-US strings
as fallbacks in case of error
+let retval = {
+ securityLevel: getString("caption", "Security Level"),
+ customWarning: getString("custom_warning", "Custom"),
+ overview: getString(
+"overview",
+"Disable certain web features that can be used to attack your security
and anonymity."
+ ),
+ standard: {
+level: getString("standard_label", "Standard"),
+tooltip: getString("standard_tooltip", "Security Level : Standard"),
+summary: getString(
+ "standard_description",
+ "All Tor Browser and website features are enabled."
+),
+ },
+ safer: {
+level: getString("safer_label", "Safer"),
+tooltip: getString("safer_tooltip", "Security Level : Safer"),
+summary: getString(
+ "safer_description",
+ "Disables website features that are often dangerous, causing some
sites to lose functionality."
+),
+description1: getString(
+ "js_on_https_sites_only",
+ "JavaScript is disabled on non-HTTPS sites."
+),
+description2: getString(
+ "limit_typography",
+ "Some fonts and math symbols are disabled."
+),
+description3: getString(
+ "click_to_play_media",
+ "Audio and video (HTML5 media), and WebGL are click-to-play."
+),
+ },
+ safest: {
+level: getString("safest_label", "Safest"),
+tooltip: getString("safest_tooltip", "Security Level : Safest"),
+summary: getString(
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
commit 570cdc545c4bc4d5e7caaffe259270785194255d
Author: Kathy Brade
Date: Thu Apr 21 10:40:26 2016 -0400
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
---
toolkit/profile/nsProfileLock.cpp | 17 -
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/toolkit/profile/nsProfileLock.cpp
b/toolkit/profile/nsProfileLock.cpp
index 01818d32e6f7..adccfa4dd6d4 100644
--- a/toolkit/profile/nsProfileLock.cpp
+++ b/toolkit/profile/nsProfileLock.cpp
@@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile*
aLockFile,
if (!mReplacedLockTime)
aLockFile->GetLastModifiedTimeOfLink();
+ // For Tor Browser, avoid a DNS lookup here so the Tor network is not
+ // bypassed. Instead, always use 127.0.0.1 for the IP address portion
+ // of the lock signature, which may cause the browser to refuse to
+ // start in the rare event that all of the following conditions are met:
+ // 1. The browser profile is on a network file system.
+ // 2. The file system does not support fcntl() locking.
+ // 3. Tor Browser is run from two different computers at the same time.
+
struct in_addr inaddr;
inaddr.s_addr = htonl(INADDR_LOOPBACK);
- char hostname[256];
- PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof
hostname);
- if (status == PR_SUCCESS) {
-char netdbbuf[PR_NETDB_BUF_SIZE];
-PRHostEnt hostent;
-status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, );
-if (status == PR_SUCCESS) memcpy(, hostent.h_addr, sizeof inaddr);
- }
-
mozilla::SmprintfPointer signature =
mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr),
aHaveFcntlLock ? "+" : "", (unsigned long)getpid());
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 40069: Add helpers for message passing with extensions
commit 8f47d60176b6639fc5d995b17fab26b57b59a2e6
Author: Alex Catarineu
Date: Sun Aug 2 19:12:25 2020 +0200
Bug 40069: Add helpers for message passing with extensions
---
toolkit/components/extensions/ExtensionParent.jsm | 47 +++
1 file changed, 47 insertions(+)
diff --git a/toolkit/components/extensions/ExtensionParent.jsm
b/toolkit/components/extensions/ExtensionParent.jsm
index e12ee5478403..a662b62c277f 100644
--- a/toolkit/components/extensions/ExtensionParent.jsm
+++ b/toolkit/components/extensions/ExtensionParent.jsm
@@ -264,6 +264,8 @@ const ProxyMessenger = {
/** @type Map */
ports: new Map(),
+ _torRuntimeMessageListeners: [],
+
init() {
this.conduit = new BroadcastConduit(ProxyMessenger, {
id: "ProxyMessenger",
@@ -326,6 +328,10 @@ const ProxyMessenger = {
},
async recvRuntimeMessage(arg, { sender }) {
+// We need to listen to some extension messages in Tor Browser
+for (const listener of this._torRuntimeMessageListeners) {
+ listener(arg);
+}
arg.firstResponse = true;
let kind = await this.normalizeArgs(arg, sender);
let result = await this.conduit.castRuntimeMessage(kind, arg);
@@ -1880,6 +1886,45 @@ for (let name of StartupCache.STORE_NAMES) {
StartupCache[name] = new CacheStore(name);
}
+async function torSendExtensionMessage(extensionId, message) {
+ // This should broadcast the message to all children "conduits"
+ // listening for a "RuntimeMessage". Those children conduits
+ // will either be extension background pages or other extension
+ // pages listening to browser.runtime.onMessage.
+ const result = await ProxyMessenger.conduit.castRuntimeMessage("messenger", {
+extensionId,
+holder: new StructuredCloneHolder(message),
+firstResponse: true,
+sender: {
+ id: extensionId,
+ envType: "addon_child",
+},
+ });
+ return result
+? result.value
+: Promise.reject({ message: ERROR_NO_RECEIVERS });
+}
+
+async function torWaitForExtensionMessage(extensionId, checker) {
+ return new Promise(resolve => {
+const msgListener = msg => {
+ try {
+if (msg && msg.extensionId === extensionId) {
+ const deserialized = msg.holder.deserialize({});
+ if (checker(deserialized)) {
+const idx = ProxyMessenger._torRuntimeMessageListeners.indexOf(
+ msgListener
+);
+ProxyMessenger._torRuntimeMessageListeners.splice(idx, 1);
+resolve(deserialized);
+ }
+}
+ } catch (e) {}
+};
+ProxyMessenger._torRuntimeMessageListeners.push(msgListener);
+ });
+}
+
var ExtensionParent = {
GlobalManager,
HiddenExtensionPage,
@@ -1891,6 +1936,8 @@ var ExtensionParent = {
promiseExtensionViewLoaded,
watchExtensionProxyContextLoad,
DebugUtils,
+ torSendExtensionMessage,
+ torWaitForExtensionMessage,
};
// browserPaintedPromise and browserStartupPromise are promises that
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 3547: Block all plugins.
commit 88b110c69f244896ea054ff6b3ce8934bc530a70 Author: Mike Perry Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index dfac7b052567..aa06842dd3f5 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -478,6 +478,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 10760: Integrate TorButton to TorBrowser core
commit 574478155dcc1fbba5678a4f5e80f510c94166f3
Author: Alex Catarineu
Date: Wed Feb 19 23:05:08 2020 +0100
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
---
.gitmodules| 3 ++
browser/base/content/aboutDialog.xhtml | 38 +++--
browser/base/content/browser-doctype.inc | 6 +++
browser/base/content/browser-menubar.inc | 49 --
browser/base/content/browser-sets.inc | 2 +
browser/base/content/browser.js| 1 +
browser/base/content/browser.xhtml | 26 +++-
.../controlcenter/content/identityPanel.inc.xhtml | 17
browser/installer/package-manifest.in | 2 +
docshell/base/nsAboutRedirector.cpp| 6 ++-
docshell/build/components.conf | 1 +
mobile/android/installer/package-manifest.in | 4 ++
toolkit/moz.build | 1 +
.../mozapps/extensions/internal/XPIProvider.jsm| 9
toolkit/torproject/torbutton | 1 +
.../lib/environments/browser-window.js | 6 ++-
16 files changed, 142 insertions(+), 30 deletions(-)
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index ..2f03bd8e22df
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "toolkit/torproject/torbutton"]
+ path = toolkit/torproject/torbutton
+ url = https://git.torproject.org/torbutton.git
diff --git a/browser/base/content/aboutDialog.xhtml
b/browser/base/content/aboutDialog.xhtml
index 69cbf846bbef..5274cbc02831 100644
--- a/browser/base/content/aboutDialog.xhtml
+++ b/browser/base/content/aboutDialog.xhtml
@@ -7,11 +7,11 @@
+
+
http://www.w3.org/1999/xhtml;
@@ -28,7 +28,7 @@
data-l10n-id="aboutDialog-title"
#endif
role="dialog"
-aria-describedby="version distribution distributionId communityDesc
contributeDesc trademark"
+aria-describedby="version distribution distributionId projectDesc
helpDesc trademark trademarkTor"
>
#ifdef XP_MACOSX
#include macWindow.inc.xhtml
@@ -132,24 +132,36 @@
-
-http://www.mozilla.org/;
data-l10n-name="community-mozillaLink">
-
+
+
+
+
+
+https://www.torproject.org/;>
+
+
-
-https://donate.mozilla.org/?utm_source=firefoxutm_medium=referralutm_campaign=firefox_aboututm_content=firefox_about;
data-l10n-name="helpus-donateLink">
-http://www.mozilla.org/contribute/;
data-l10n-name="helpus-getInvolvedLink">
+
+
+https://donate.torproject.org/;>
+
+
+
+https://community.torproject.org/;>
+
+
-
-
-
-https://www.mozilla.org/privacy/;
data-l10n-id="bottomLinks-privacy">
+
+https://support.torproject.org/;>
+https://community.torproject.org/relay/;>
+
+
diff --git a/browser/base/content/browser-doctype.inc
b/browser/base/content/browser-doctype.inc
index 9aa278773158..48cf6cd3eda0 100644
--- a/browser/base/content/browser-doctype.inc
+++ b/browser/base/content/browser-doctype.inc
@@ -14,3 +14,9 @@
%syncBrandDTD;
%brandingsDTD;
+
+%torbuttonDTD;
+
+%aboutTorDTD;
+
+%aboutDialogDTD;
diff --git a/browser/base/content/browser-menubar.inc
b/browser/base/content/browser-menubar.inc
index b217216aab9a..368bf5052103 100644
--- a/browser/base/content/browser-menubar.inc
+++ b/browser/base/content/browser-menubar.inc
@@ -34,6 +34,18 @@
command="Tools:NonFissionWindow"
accesskey="s" label="New Non-Fission Window"/>
#endif
+
+
+
+
-
+
+
+
+
+
+https://tb-manual.torproject.org/' +
Services.locale.requestedLocale, {triggeringPrincipal:
Services.scriptSecurityManager.getSystemPrincipal()});"
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 14631: Improve profile access error messages.
commit a17c73cae3a6388304d409747885d2d7bd923168
Author: Kathy Brade
Date: Tue Feb 24 13:50:23 2015 -0500
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
---
.../mozapps/profile/profileSelection.properties| 5 +
toolkit/profile/nsToolkitProfileService.cpp| 57 +++-
toolkit/profile/nsToolkitProfileService.h | 13 +-
toolkit/xre/nsAppRunner.cpp| 157 ++---
4 files changed, 208 insertions(+), 24 deletions(-)
diff --git
a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
index d326083202b2..aa38bda24347 100644
--- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
+++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
@@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not
responding. The old %S
restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S
can be open at a time.
restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S
will quit in order to open this one.
+# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac,
profileAccessDenied): Messages displayed when the browser profile cannot be
accessed or written to. %S is the application name.
+profileProblemTitle=%S Profile Problem
+profileReadOnly=You cannot run %S from a read-only file system. Please copy
%S to another location before trying to use it.
+profileReadOnlyMac=You cannot run %S from a read-only file system. Please
copy %S to your Desktop or Applications folder before trying to use it.
+profileAccessDenied=%S does not have permission to access the profile. Please
adjust your file system permissions and try again.
# Profile manager
# LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S
is the path to the profile folder.
profileTooltip=Profile: â%Sâ â Path: â%Sâ
diff --git a/toolkit/profile/nsToolkitProfileService.cpp
b/toolkit/profile/nsToolkitProfileService.cpp
index 060248c42689..65066f3562de 100644
--- a/toolkit/profile/nsToolkitProfileService.cpp
+++ b/toolkit/profile/nsToolkitProfileService.cpp
@@ -1159,9 +1159,10 @@ nsToolkitProfileService::SelectStartupProfile(
}
bool wasDefault;
+ ProfileStatus profileStatus;
nsresult rv =
SelectStartupProfile(, argv.get(), aIsResetting, aRootDir,
aLocalDir,
- aProfile, aDidCreate, );
+ aProfile, aDidCreate, , profileStatus);
// Since we were called outside of the normal startup path complete any
// startup tasks.
@@ -1194,7 +1195,8 @@ nsToolkitProfileService::SelectStartupProfile(
nsresult nsToolkitProfileService::SelectStartupProfile(
int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir,
nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate,
-bool* aWasDefaultSelection) {
+bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) {
+ aProfileStatus = PROFILE_STATUS_OK;
if (mStartupProfileSelected) {
return NS_ERROR_ALREADY_INITIALIZED;
}
@@ -1288,6 +1290,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile(
rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf));
NS_ENSURE_SUCCESS(rv, rv);
+aProfileStatus = CheckProfileWriteAccess(lf);
+if (PROFILE_STATUS_OK != aProfileStatus) {
+ NS_ADDREF(*aRootDir = lf);
+ NS_ADDREF(*aLocalDir = lf);
+ return NS_ERROR_FAILURE;
+}
+
// Make sure that the profile path exists and it's a directory.
bool exists;
rv = lf->Exists();
@@ -2077,3 +2086,47 @@ nsresult XRE_GetFileFromPath(const char* aPath,
nsIFile** aResult) {
# error Platform-specific logic needed here.
#endif
}
+
+// Check for write permission to the profile directory by trying to create a
+// new file (after ensuring that no file with the same name exists).
+ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess(
+nsIFile* aProfileDir) {
+#if defined(XP_UNIX)
+ constexpr auto writeTestFileName = u".parentwritetest"_ns;
+#else
+ constexpr auto writeTestFileName = u"parent.writetest"_ns;
+#endif
+
+ nsCOMPtr writeTestFile;
+ nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile));
+ if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName);
+
+ if (NS_SUCCEEDED(rv)) {
+bool doesExist = false;
+rv = writeTestFile->Exists();
+if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true);
+ }
+
+ if (NS_SUCCEEDED(rv)) {
+rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666);
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] TB3: Tor Browser's official .mozconfigs.
commit d4baeafdaf9086e4554cd1afa8f266a1aa6c Author: Mike Perry Date: Mon May 6 15:51:06 2013 -0700 TB3: Tor Browser's official .mozconfigs. Also: Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24 Changes needed to build Mac in 64bit Bug 10715: Enable Webgl for mingw-w64 again. Disable ICU when cross-compiling; clean-up. Bug 15773: Enable ICU on OS X Bug 15990: Don't build the sandbox with mingw-w64 Bug 12761: Switch to ESR 38 for OS X Updating .mozconfig-asan Bug 12516: Compile hardenend Tor Browser with -fwrapv Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 13419: Add back ICU for Windows Bug 21239: Use GTK2 for ESR52 Linux builds Bug 23025: Add hardening flags for macOS Bug 24478: Enable debug assertions and tests in our ASan builds --enable-proxy-bypass-protection Bug 27597: ASan build option in tor-browser-build is broken Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 21849: Don't allow SSL key logging. Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 25741 - TBA: Disable features at compile-time MOZ_NATIVE_DEVICES for casting and the media player MOZ_TELEMETRY_REPORTING for telemetry MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo) Bug 25741 - TBA: Add default configure options in dedicated file Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 29859: Disable HLS support for now Add --disable-tor-launcher build option Add --enable-tor-browser-update build option Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40061: Omit the Windows default browser agent from the build Bug 40211: Lower required build-tools version to 29.0.2 --- .mozconfig| 38 + .mozconfig-android| 35 .mozconfig-asan | 43 .mozconfig-mac| 55 +++ .mozconfig-mingw | 30 + browser/base/moz.build| 3 ++ browser/installer/Makefile.in | 8 + browser/moz.configure | 8 ++--- build/moz.configure/android-sdk.configure | 2 +- build/moz.configure/old.configure | 5 +++ mobile/android/confvars.sh| 9 + mobile/android/geckoview/build.gradle | 1 + mobile/android/moz.configure | 22 +++-- mobile/android/torbrowser.configure | 30 + old-configure.in | 49 +++ security/moz.build| 2 +- security/nss/lib/ssl/Makefile | 2 +- toolkit/modules/AppConstants.jsm | 15 + toolkit/modules/moz.build | 3 ++ 19 files changed, 351 insertions(+), 9 deletions(-) diff --git a/.mozconfig b/.mozconfig new file mode 100755 index ..24efaea57b0b --- /dev/null +++ b/.mozconfig @@ -0,0 +1,38 @@ +. $topsrcdir/browser/config/mozconfig + +# This mozconfig file is not used in official Tor Browser builds. +# It is only intended to be used when doing incremental Linux builds +# during development. The platform-specific mozconfig configuration +# files used in official Tor Browser releases can be found in the +# tor-browser-build repo: +# https://gitweb.torproject.org/builders/tor-browser-build.git/ +# under: +# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 1676474 - Disable webrender partial present on Mali-Gxx. r=aosmond, a=RyanVM
commit 0d1c263a3403f7d74899ed89b37bd3787171a9e3
Author: Jamie Nicol
Date: Wed Dec 9 13:07:33 2020 +
Bug 1676474 - Disable webrender partial present on Mali-Gxx. r=aosmond,
a=RyanVM
Due to rendering issues reported on a Mali-G77, disable partial
present on all Mali-Gxx devices.
Differential Revision: https://phabricator.services.mozilla.com/D99216
---
gfx/config/gfxConfigManager.cpp | 10 ++
gfx/tests/gtest/TestConfigManager.cpp | 23 +++
2 files changed, 29 insertions(+), 4 deletions(-)
diff --git a/gfx/config/gfxConfigManager.cpp b/gfx/config/gfxConfigManager.cpp
index 1f75d301ea66..994658d90228 100644
--- a/gfx/config/gfxConfigManager.cpp
+++ b/gfx/config/gfxConfigManager.cpp
@@ -386,6 +386,16 @@ void gfxConfigManager::ConfigureWebRender() {
if (mWrPartialPresent) {
if (mFeatureWr->IsEnabled()) {
mFeatureWrPartial->EnableByDefault();
+
+ nsString adapter;
+ mGfxInfo->GetAdapterDeviceID(adapter);
+ // Block partial present on Mali-Gxx GPUs due to rendering issues.
+ // See bug 1676474.
+ if (adapter.Find("Mali-G", /*ignoreCase*/ true) >= 0) {
+mFeatureWrPartial->Disable(FeatureStatus::Blocked,
+ "Partial present blocked on Mali-Gxx",
+ "FEATURE_FAILURE_PARTIAL_PRESENT_MALI"_ns);
+ }
}
}
}
diff --git a/gfx/tests/gtest/TestConfigManager.cpp
b/gfx/tests/gtest/TestConfigManager.cpp
index bf43001ac419..707e3b277e90 100644
--- a/gfx/tests/gtest/TestConfigManager.cpp
+++ b/gfx/tests/gtest/TestConfigManager.cpp
@@ -26,6 +26,7 @@ class MockGfxInfo final : public nsIGfxInfo {
bool mHasMixedRefreshRate;
Maybe mHasBattery;
const char* mVendorId;
+ const char* mDeviceId;
// Default allows WebRender + compositor, and is desktop NVIDIA.
MockGfxInfo()
@@ -35,7 +36,8 @@ class MockGfxInfo final : public nsIGfxInfo {
mMaxRefreshRate(-1),
mHasMixedRefreshRate(false),
mHasBattery(Some(false)),
-mVendorId("0x10de") {}
+mVendorId("0x10de"),
+mDeviceId("") {}
NS_IMETHOD GetFeatureStatus(int32_t aFeature, nsACString& aFailureId,
int32_t* _retval) override {
@@ -71,6 +73,14 @@ class MockGfxInfo final : public nsIGfxInfo {
return NS_OK;
}
+ NS_IMETHOD GetAdapterDeviceID(nsAString& aAdapterDeviceID) override {
+if (!mDeviceId) {
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+aAdapterDeviceID.AssignASCII(mDeviceId);
+return NS_OK;
+ }
+
NS_IMETHOD_(int32_t) GetMaxRefreshRate(bool* aMixed) override {
if (aMixed) {
*aMixed = mHasMixedRefreshRate;
@@ -164,9 +174,6 @@ class MockGfxInfo final : public nsIGfxInfo {
NS_IMETHOD GetAdapterDriver(nsAString& aAdapterDriver) override {
return NS_ERROR_NOT_IMPLEMENTED;
}
- NS_IMETHOD GetAdapterDeviceID(nsAString& aAdapterDeviceID) override {
-return NS_ERROR_NOT_IMPLEMENTED;
- }
NS_IMETHOD GetAdapterSubsysID(nsAString& aAdapterSubsysID) override {
return NS_ERROR_NOT_IMPLEMENTED;
}
@@ -333,6 +340,14 @@ TEST_F(GfxConfigManager, WebRenderNoPartialPresent) {
EXPECT_FALSE(mFeatures.mWrSoftware.IsEnabled());
}
+TEST_F(GfxConfigManager, WebRenderPartialPresentMali) {
+ mWrPartialPresent = true;
+ mMockGfxInfo->mDeviceId = "Mali-G77";
+ ConfigureWebRender();
+
+ EXPECT_FALSE(mFeatures.mWrPartial.IsEnabled());
+}
+
TEST_F(GfxConfigManager, WebRenderScaledResolutionWithHwStretching) {
mScaledResolution = true;
ConfigureWebRender();
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 12620: TorBrowser regression tests
commit dc70db5750638df15ee9b44bd76a290835f56faf
Author: Arthur Edelstein
Date: Wed Aug 27 16:25:00 2014 -0700
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
---
run-tbb-tests| 60 +++
tbb-tests/browser.ini| 5 ++
tbb-tests/browser_tor_TB4.js | 162 +++
tbb-tests/browser_tor_bug2950.js | 74 ++
tbb-tests/mochitest.ini | 3 +
tbb-tests/moz.build | 9 +++
tbb-tests/test_tor_bug2874.html | 25 ++
toolkit/toolkit.mozbuild | 3 +-
8 files changed, 340 insertions(+), 1 deletion(-)
diff --git a/run-tbb-tests b/run-tbb-tests
new file mode 100755
index ..5e266f9ba4cd
--- /dev/null
+++ b/run-tbb-tests
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+# This script runs all the Mochitest tests that have been added or
+# modified since the last ffxbld commit.
+#
+# It does not currently run XPCShell tests. We should change this if we
+# start using this type or other types of tests.
+#
+# The logs of the tests are stored in the tbb-tests.log file.
+# Ignored tests are listed in the tbb-tests-ignore.txt file.
+#
+# https://trac.torproject.org/projects/tor/ticket/18923
+
+IFS=$'\n'
+
+if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ]
+then
+echo "Using tests list from file tbb-tests-list.txt"
+tests=($(cat tbb-tests-list.txt))
+else
+ffxbld_commit=$(git log -500 --format='%an %H' | grep '^ffxbld ' \
+| head -1 | cut -d ' ' -f 2)
+
+tests=($(git diff --name-status "$ffxbld_commit" HEAD | \
+grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \
+ -e '^[AM].*/browser_[^/]\+\.js$' \
+ | sed 's/^[AM]\s\+//'))
+fi
+
+echo 'The following tests will be run:'
+for i in "${!tests[@]}"
+do
+if [ -z "$USE_TESTS_LIST" ] \
+&& grep -q "^${tests[$i]}$" tbb-tests-ignore.txt
+then
+unset "tests[$i]"
+continue
+fi
+echo "- ${tests[$i]}"
+done
+
+if [ -n "$WRITE_TESTS_LIST" ]
+then
+rm -f tbb-tests-list.txt
+for i in "${!tests[@]}"
+do
+echo "${tests[$i]}" >> tbb-tests-list.txt
+done
+exit 0
+fi
+
+rm -f tbb-tests.log
+echo $'\n''Starting tests'
+./mach mochitest --log-tbpl tbb-tests.log --setpref security.nocertdb=false \
+ "${tests[@]}"
+
+echo "*"
+echo "*"
+echo "Summary of failed tests:"
+grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log
diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini
new file mode 100644
index ..f481660f1417
--- /dev/null
+++ b/tbb-tests/browser.ini
@@ -0,0 +1,5 @@
+[DEFAULT]
+
+[browser_tor_bug2950.js]
+[browser_tor_omnibox.js]
+[browser_tor_TB4.js]
diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js
new file mode 100644
index ..af688bee0226
--- /dev/null
+++ b/tbb-tests/browser_tor_TB4.js
@@ -0,0 +1,162 @@
+// # Test for TB4: Tor Browser's Firefox preference overrides
+// Simple regression tests to check the value of each pref and
+// decides if it is set as expected.
+
+// TODO: Write unit tests to check that each pref setting here
+// causes the browser to have the desired behavior (a big task).
+
+function test() {
+
+let expectedPrefs = [
+ // Disable browser auto updaters and associated homepage notifications
+ ["app.update.auto", false],
+ ["app.update.enabled", false],
+ ["browser.search.update", false],
+ ["browser.rights.3.shown", true],
+ ["browser.startup.homepage_override.mstone", "ignore"],
+ ["startup.homepage_welcome_url", ""],
+ ["startup.homepage_override_url", ""],
+
+ // Disable the "Refresh" prompt that is displayed for stale profiles.
+ ["browser.disableResetPrompt", true],
+
+ // Disk activity: Disable Browsing History Storage
+ ["browser.privatebrowsing.autostart", true],
+ ["browser.cache.disk.enable", false],
+ ["browser.cache.offline.enable", false],
+ ["dom.indexedDB.enabled", false],
+ ["permissions.memory_only", true],
+ ["network.cookie.lifetimePolicy", 2],
+ ["security.nocertdb", true],
+
+ // Disk activity: TBB Directory Isolation
+ ["browser.download.useDownloadDir", false],
+ ["browser.shell.checkDefaultBrowser", false],
+ ["browser.download.manager.addToRecentDocs", false],
+
+ // Misc privacy: Disk
+ ["signon.rememberSignons", false],
+ ["browser.formfill.enable", false],
+ ["signon.autofillForms", false],
+ ["browser.sessionstore.privacy_level", 2],
+
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 1681251 - Return AUTF8String from GetDateTimePattern in mozIOSPreferences; r=zbraniecki, a=RyanVM
commit 63e3dc6e23e707557065cf5400b3cc41640e
Author: Dan Minor
Date: Wed Dec 9 03:16:23 2020 +
Bug 1681251 - Return AUTF8String from GetDateTimePattern in
mozIOSPreferences; r=zbraniecki, a=RyanVM
Differential Revision: https://phabricator.services.mozilla.com/D99162
---
intl/locale/mozIOSPreferences.idl | 6 +++---
toolkit/components/mozintl/test/test_mozintl.js | 16
2 files changed, 19 insertions(+), 3 deletions(-)
diff --git a/intl/locale/mozIOSPreferences.idl
b/intl/locale/mozIOSPreferences.idl
index b18df3fbc654..f3e1c124408d 100644
--- a/intl/locale/mozIOSPreferences.idl
+++ b/intl/locale/mozIOSPreferences.idl
@@ -89,7 +89,7 @@ interface mozIOSPreferences : nsISupports
* handle all scenarios, including with cases where we fail to retrieve
* anything from the OS, here.
*/
- ACString getDateTimePattern(in long timeFormatStyle,
- in long dateFormatStyle,
- [optional] in ACString locale);
+ AUTF8String getDateTimePattern(in long timeFormatStyle,
+ in long dateFormatStyle,
+ [optional] in ACString locale);
};
diff --git a/toolkit/components/mozintl/test/test_mozintl.js
b/toolkit/components/mozintl/test/test_mozintl.js
index ba1fb498e161..3f9e66b54fa1 100644
--- a/toolkit/components/mozintl/test/test_mozintl.js
+++ b/toolkit/components/mozintl/test/test_mozintl.js
@@ -8,6 +8,7 @@ function run_test() {
test_methods_calling();
test_constructors();
test_rtf_formatBestUnit();
+ test_datetimeformat();
ok(true);
}
@@ -162,3 +163,18 @@ function test_rtf_formatBestUnit() {
testRTFBestUnit(anchor, "2098-01-02 18:30", "in 82 years");
}
}
+
+function test_datetimeformat() {
+ Services.prefs.setStringPref(
+"intl.date_time.pattern_override.date_long",
+"å¹´Mædæ¥"
+ );
+
+ let formatted = new Services.intl.DateTimeFormat("ja", {
+dateStyle: "long",
+ }).format(new Date("2020-12-08 21:00:05"));
+
+ equal(formatted, "2020å¹´12æ8æ¥");
+
+ Services.prefs.clearUserPref("intl.date_time.pattern_override.date_long");
+}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 28044: Integrate Tor Launcher into tor-browser
commit 1bafbb3c2298518bf999d9bd572bf75d1bc24530
Author: Kathy Brade
Date: Tue Feb 26 10:07:17 2019 -0500
Bug 28044: Integrate Tor Launcher into tor-browser
Build and package Tor Launcher as part of the browser (similar to
how pdfjs is handled).
If a Tor Launcher extension is present in the user's profile, it is
removed.
---
browser/extensions/moz.build| 3 +++
browser/installer/package-manifest.in | 5 +
toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++
3 files changed, 18 insertions(+)
diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build
index 0eb3c53e76c2..df98fa94f629 100644
--- a/browser/extensions/moz.build
+++ b/browser/extensions/moz.build
@@ -5,3 +5,6 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
DIRS += ["doh-rollout", "formautofill", "screenshots", "webcompat",
"report-site-issue"]
+
+if not CONFIG["TOR_BROWSER_DISABLE_TOR_LAUNCHER"]:
+DIRS += ["tor-launcher"]
diff --git a/browser/installer/package-manifest.in
b/browser/installer/package-manifest.in
index 2865597f498e..9cb8a3c65d7b 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -252,6 +252,11 @@
@RESPATH@/browser/chrome/browser.manifest
@RESPATH@/chrome/pdfjs.manifest
@RESPATH@/chrome/pdfjs/*
+#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER
+@RESPATH@/browser/chrome/torlauncher.manifest
+@RESPATH@/browser/chrome/torlauncher/*
+@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js
+#endif
@RESPATH@/chrome/toolkit@JAREXT@
@RESPATH@/chrome/toolkit.manifest
@RESPATH@/chrome/recording.manifest
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index b7d1ff6ac83c..c65316143b58 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -1471,6 +1471,16 @@ var XPIStates = {
for (let [id, file] of loc.readAddons()) {
knownIds.delete(id);
+// Since it is now part of the browser, uninstall the Tor Launcher
+// extension. This will remove the Tor Launcher .xpi from user
+// profiles on macOS.
+if (id === "tor-launc...@torproject.org") {
+ logger.debug("Uninstalling the Tor Launcher extension.");
+ loc.installer.uninstallAddon(id);
+ changed = true;
+ continue;
+}
+
let xpiState = loc.get(id);
if (!xpiState) {
// If the location is not supported for sideloading, skip new
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] No bug - Tagging 6cf020352b4e350ab6b84253620652d55cdd0b60 with FIREFOX_84_0_BUILD1 a=release CLOSED TREE DONTBUILD
commit f7bbabc5cba81d2d4eafd8a5ad7cf34e69f45517 Author: Mozilla Releng Treescript Date: Mon Dec 7 23:44:21 2020 + No bug - Tagging 6cf020352b4e350ab6b84253620652d55cdd0b60 with FIREFOX_84_0_BUILD1 a=release CLOSED TREE DONTBUILD --- .hgtags | 1 + 1 file changed, 1 insertion(+) diff --git a/.hgtags b/.hgtags index e76e38b4b333..a47b8af4e267 100644 --- a/.hgtags +++ b/.hgtags @@ -2754,3 +2754,4 @@ c7bfe4342159c2040e909fa363fa9bfaa604d203 FIREFOX_84_0b5_RELEASE 32683280e54bc7b03d85a2e84073c0600bfe5bd4 FIREFOX_84_0b8_RELEASE 87ab4da1b9f786db1f5c6633357cbe2ee1ca562e FIREFOX_RELEASE_84_BASE a42ea3aab3e467141d56b5c299749ee842cd3c41 FIREFOX_RELEASE_83_END +6cf020352b4e350ab6b84253620652d55cdd0b60 FIREFOX_84_0_BUILD1 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] TB4: Tor Browser's Firefox preference overrides.
commit d66af792a2963da7d5be52688ca709dc1be62f24 Author: Mike Perry Date: Tue Sep 10 18:20:43 2013 -0700 TB4: Tor Browser's Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera ) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 1677797 - Change autoconf to avoid using a hard-coded file descriptor. r=glandium, a=RyanVM
commit 3cc22031afe992da84d4367664a81d27a1310ee3
Author: Tom Ritter
Date: Tue Dec 8 22:04:09 2020 +
Bug 1677797 - Change autoconf to avoid using a hard-coded file descriptor.
r=glandium, a=RyanVM
In Bug 1671424 we changed the way we configure firefox and it broke the
codeql database
generation job. This job wraps the entire build process in a way similar to
codeql --command="./mach build"
Specifically, the previous way we executed the configure shell script made
codeql
disable itself because it was named configure (codeql disables itself during
configuration.)
codeql injects via LD_PRELOAD, and it opens a configuration file and a
logging file
(getting fd 3 and 4 respectively.)
autoconf grabs file descriptor 4 and uses it a temporary redirection point
either
to a file or stdout. When it does so, it closes the original file
descriptor 4 and
points it at the new location, which also affects the codeql code,
resulting in
undesired logging output going into the configure script.
Because this file descriptor trick is only used to avoid duplicating a few
lines of
code, I removed the trick and duplicated the code.
Differential Revision: https://phabricator.services.mozilla.com/D98642
---
build/autoconf/autoconf.sh | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/build/autoconf/autoconf.sh b/build/autoconf/autoconf.sh
index e6b0819fab30..ceb8a25b00af 100644
--- a/build/autoconf/autoconf.sh
+++ b/build/autoconf/autoconf.sh
@@ -141,18 +141,17 @@ if grep "^[^#]*${pattern}" $tmpout > /dev/null 2>&1; then
fi
if test $# -eq 0; then
- exec 4> configure; chmod +x configure
-else
- exec 4>&1
+ echo "This case should not be reached."
+ exit 1
fi
-# Put the real line numbers into configure to make config.log more helpful.
+# Put the real line numbers into the output to make config.log more helpful.
$AWK '
/__oline__/ { printf "%d:", NR + 1 }
{ print }
' $tmpout | sed '
/__oline__/s/^\([0-9][0-9]*\):\(.*\)__oline__/\2\1/
-' >&4
+'
rm -f $tmpout
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 1681428 - back out highlights and logo changes. r=thecount, a=RyanVM
commit 7969cebe593fccee033e8533482d4cb3e084d1d8
Author: Erica Wright
Date: Wed Dec 9 01:36:15 2020 +
Bug 1681428 - back out highlights and logo changes. r=thecount, a=RyanVM
Differential Revision: https://phabricator.services.mozilla.com/D99171
---
browser/app/profile/firefox.js | 2 +-
browser/components/newtab/lib/ActivityStream.jsm | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index f8f11b8ba6d1..2588a53cf233 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1429,7 +1429,7 @@
pref("browser.newtabpage.activity-stream.feeds.section.topstories", true);
pref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar",
false);
#endif
-pref("browser.newtabpage.activity-stream.logowordmark.alwaysVisible", true);
+pref("browser.newtabpage.activity-stream.logowordmark.alwaysVisible", false);
// Used to display triplet cards on newtab
pref("trailhead.firstrun.newtab.triplets", "");
diff --git a/browser/components/newtab/lib/ActivityStream.jsm
b/browser/components/newtab/lib/ActivityStream.jsm
index 88046a4d3c11..743e581f970b 100644
--- a/browser/components/newtab/lib/ActivityStream.jsm
+++ b/browser/components/newtab/lib/ActivityStream.jsm
@@ -589,7 +589,7 @@ const FEEDS_DATA = [
name: "section.highlights",
factory: () => new HighlightsFeed(),
title: "Fetches content recommendations from places db",
-value: false,
+value: true,
},
{
name: "system.topstories",
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
commit d9274ac8422d432f831af4c05dd72eed5150fb74
Author: Alex Catarineu
Date: Wed Nov 4 15:58:22 2020 +0100
Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
---
.../main/java/org/mozilla/geckoview/WebRequest.java| 18 ++
widget/android/WebExecutorSupport.cpp | 10 ++
2 files changed, 28 insertions(+)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
index 7e3aa285c5be..18f56abeec43 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
@@ -49,6 +49,11 @@ public class WebRequest extends WebMessage {
*/
public final @Nullable String referrer;
+/**
+ * The value of the origin of this request.
+ */
+public final @Nullable String origin;
+
@Retention(RetentionPolicy.SOURCE)
@IntDef({CACHE_MODE_DEFAULT, CACHE_MODE_NO_STORE,
CACHE_MODE_RELOAD, CACHE_MODE_NO_CACHE,
@@ -110,6 +115,7 @@ public class WebRequest extends WebMessage {
method = builder.mMethod;
cacheMode = builder.mCacheMode;
referrer = builder.mReferrer;
+origin = builder.mOrigin;
if (builder.mBody != null) {
body = builder.mBody.asReadOnlyBuffer();
@@ -126,6 +132,7 @@ public class WebRequest extends WebMessage {
/* package */ String mMethod = "GET";
/* package */ int mCacheMode = CACHE_MODE_DEFAULT;
/* package */ String mReferrer;
+/* package */ String mOrigin;
/**
* Construct a Builder instance with the specified URI.
@@ -205,6 +212,17 @@ public class WebRequest extends WebMessage {
return this;
}
+/**
+ * Set the origin URI.
+ *
+ * @param origin A URI String
+ * @return This Builder instance.
+ */
+public @NonNull Builder origin(final @Nullable String origin) {
+mOrigin = origin;
+return this;
+}
+
/**
* @return A {@link WebRequest} constructed with the values from this
Builder instance.
*/
diff --git a/widget/android/WebExecutorSupport.cpp
b/widget/android/WebExecutorSupport.cpp
index f9f4262fb50c..bb639740f013 100644
--- a/widget/android/WebExecutorSupport.cpp
+++ b/widget/android/WebExecutorSupport.cpp
@@ -390,6 +390,16 @@ nsresult WebExecutorSupport::CreateStreamLoader(
MOZ_ASSERT(cookieJarSettings);
nsCOMPtr loadInfo = channel->LoadInfo();
+
+ RefPtr originUri;
+ const auto origin = req->Origin();
+ if (origin) {
+rv = NS_NewURI(getter_AddRefs(originUri), origin->ToString());
+NS_ENSURE_SUCCESS(rv, NS_ERROR_MALFORMED_URI);
+OriginAttributes attrs = loadInfo->GetOriginAttributes();
+attrs.SetFirstPartyDomain(true, originUri);
+loadInfo->SetOriginAttributes(attrs);
+ }
loadInfo->SetCookieJarSettings(cookieJarSettings);
// setup http/https specific things
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.0-1] Bug 1680528 - set several webrtc/mediacapturing test as passing on beta and release. r=drno a=test-only
commit f789719e4fb6150fd7f9d7410ad4075c0d8145a3
Author: Sebastian Hengst
Date: Tue Dec 8 19:11:56 2020 +
Bug 1680528 - set several webrtc/mediacapturing test as passing on beta and
release. r=drno a=test-only
More details about the underlying issue in bug 1526207.
Differential Revision: https://phabricator.services.mozilla.com/D98963
---
.../MediaRecorder-no-sink.https.html.ini | 6 +--
.../MediaRecorder-peerconnection.https.html.ini| 58 +++---
.../RTCPeerConnection-videoDetectorTest.html.ini | 3 +-
.../RTCRtpSender-replaceTrack.https.html.ini | 2 +-
4 files changed, 25 insertions(+), 44 deletions(-)
diff --git
a/testing/web-platform/meta/mediacapture-record/MediaRecorder-no-sink.https.html.ini
b/testing/web-platform/meta/mediacapture-record/MediaRecorder-no-sink.https.html.ini
index f1843e6dea9d..f1f7909e3471 100644
---
a/testing/web-platform/meta/mediacapture-record/MediaRecorder-no-sink.https.html.ini
+++
b/testing/web-platform/meta/mediacapture-record/MediaRecorder-no-sink.https.html.ini
@@ -1,14 +1,14 @@
[MediaRecorder-no-sink.https.html]
expected:
if release_or_beta and (os == "android"): [OK, TIMEOUT]
-if os == "android": TIMEOUT
+if os == "android" and nightly_build: TIMEOUT
[PeerConnection MediaRecorder records video from PeerConnection without
sinks]
expected:
if release_or_beta and (os == "android"): [PASS, TIMEOUT]
- if os == "android": TIMEOUT
+ if os == "android" and nightly_build: TIMEOUT
[PeerConnection MediaRecorder records audio/video from PeerConnection
without sinks]
expected:
if release_or_beta and (os == "android"): [PASS, NOTRUN]
- if os == "android": NOTRUN
+ if os == "android" and nightly_build: NOTRUN
diff --git
a/testing/web-platform/meta/mediacapture-record/MediaRecorder-peerconnection.https.html.ini
b/testing/web-platform/meta/mediacapture-record/MediaRecorder-peerconnection.https.html.ini
index 0011d0a232b1..b81eb9052c83 100644
---
a/testing/web-platform/meta/mediacapture-record/MediaRecorder-peerconnection.https.html.ini
+++
b/testing/web-platform/meta/mediacapture-record/MediaRecorder-peerconnection.https.html.ini
@@ -1,106 +1,86 @@
[MediaRecorder-peerconnection.https.html]
expected:
-if (os == "android") and debug and not webrender: ["TIMEOUT", "CRASH",
"ERROR"]
-if (os == "android") and debug and webrender: ["TIMEOUT", "ERROR"]
-if (os == "android") and not debug: ["TIMEOUT", "ERROR", "CRASH"]
+if (os == "android") and nightly_build: ["TIMEOUT", "CRASH", "ERROR"]
[PeerConnection MediaRecorder receives data after onstart,
{"video":true,"audio":false} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["TIMEOUT"]
- if (os == "android") and not debug: ["TIMEOUT"]
+ if os == "android" and nightly_build: TIMEOUT
[PeerConnection MediaRecorder gets ondata on stopping recorded tracks
{"video":true,"audio":false} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
[PeerConnection MediaRecorder receives data after onstart,
{"video":false,"audio":true} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
[PeerConnection MediaRecorder gets ondata on stopping recorded tracks
{"video":false,"audio":true} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
[PeerConnection MediaRecorder receives data after onstart,
{"video":true,"audio":true} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
[PeerConnection MediaRecorder gets ondata on stopping recorded tracks
{"video":true,"audio":true} with format \[passthrough\].]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
[PeerConnection MediaRecorder receives data after onstart,
{"video":false,"audio":true} with format video/webm;codecs=vp8.]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
+ if os == "android" and nightly_build: NOTRUN
FAIL
[PeerConnection MediaRecorder gets ondata on stopping recorded tracks
{"video":false,"audio":true} with format video/webm;codecs=vp8.]
expected:
- if (os == "android") and debug: ["NOTRUN"]
- if (os == "android") and not debug: ["NOTRUN"]
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40198: Expose privacy.spoof_english pref in GeckoView
commit 3ccea085dd87b723d65b9f130c55d26241c3e238
Author: Alex Catarineu
Date: Sun Oct 18 17:06:04 2020 +0200
Bug 40198: Expose privacy.spoof_english pref in GeckoView
---
mobile/android/geckoview/api.txt | 3 ++
.../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
2 files changed, 36 insertions(+)
diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index 946446a97f30..2b394bca70b3 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -632,6 +632,7 @@ package org.mozilla.geckoview {
method public boolean getRemoteDebuggingEnabled();
method @Nullable public GeckoRuntime getRuntime();
method @Nullable public Rect getScreenSizeOverride();
+method public boolean getSpoofEnglish();
method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
method public int getTorSecurityLevel();
method public boolean getUseMaxScreenDepth();
@@ -651,6 +652,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings
setLoginAutofillEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setSpoofEnglish(boolean);
method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
@@ -686,6 +688,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings.Builder
preferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings.Builder
remoteDebuggingEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
screenSizeOverride(int, int);
+method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings.Builder
useMaxScreenDepth(boolean);
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index bb992733937e..e6493f8cddb3 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -457,6 +457,17 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
getSettings().mTorSecurityLevel.set(level);
return this;
}
+
+/**
+ * Sets whether we should spoof locale to English for webpages.
+ *
+ * @param flag True if we should spoof locale to English for webpages,
false otherwise.
+ * @return This Builder instance.
+ */
+public @NonNull Builder spoofEnglish(final boolean flag) {
+getSettings().mSpoofEnglish.set(flag ? 2 : 1);
+return this;
+}
}
private GeckoRuntime mRuntime;
@@ -507,6 +518,8 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
"signon.autofillForms", true);
/* package */ final Pref mTorSecurityLevel = new Pref<>(
"extensions.torbutton.security_slider", 4);
+/* package */ final Pref mSpoofEnglish = new Pref<>(
+"privacy.spoof_english", 0);
/* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
@@ -1171,6 +1184,26 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
return this;
}
+/**
+ * Get whether we should spoof locale to English for webpages.
+ *
+ * @return Whether we should spoof locale to English for webpages.
+ */
+public boolean getSpoofEnglish() {
+return mSpoofEnglish.get() == 2;
+}
+
+/**
+ * Set whether we should spoof locale to English for webpages.
+ *
+ * @param flag A flag determining whether we should locale to English for
webpages.
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setSpoofEnglish(final boolean flag) {
+mSpoofEnglish.commit(flag ? 2 : 1);
+return this;
+}
+
@Override // Parcelable
public void writeToParcel(final Parcel out, final int flags) {
super.writeToParcel(out, flags);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
commit 2a348d5a3859ee0b4cd2237f670109f37ee44601
Author: Alex Catarineu
Date: Fri Oct 9 12:55:35 2020 +0200
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
---
browser/app/profile/000-tor-browser.js | 3 +++
browser/components/BrowserGlue.jsm | 14 ++
2 files changed, 17 insertions(+)
diff --git a/browser/app/profile/000-tor-browser.js
b/browser/app/profile/000-tor-browser.js
index d7c7d366b24d..19991a801fcd 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -313,6 +313,9 @@ pref("security.enterprise_roots.enabled", false);
// Don't ping Mozilla for MitM detection, see bug 32321
pref("security.certerrors.mitm.priming.enabled", false);
+// Don't automatically enable enterprise roots, see bug 40166
+pref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
+
// Disable the language pack signing check for now on macOS, see #31942
#ifdef XP_MACOSX
pref("extensions.langpacks.signatures.required", false);
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index f8cb7c664578..0bbc0e54c740 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -1401,6 +1401,20 @@ BrowserGlue.prototype = {
// handle any UI migration
this._migrateUI();
+// Clear possibly auto enabled enterprise_roots prefs (see bug 40166)
+if (
+ !Services.prefs.getBoolPref(
+"security.certerrors.mitm.auto_enable_enterprise_roots"
+ ) &&
+ Services.prefs.getBoolPref(
+"security.enterprise_roots.auto-enabled",
+false
+ )
+) {
+ Services.prefs.clearUserPref("security.enterprise_roots.enabled");
+ Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled");
+}
+
if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) {
PdfJs.checkIsDefault(this._isNewProfile);
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 32418: Allow updates to be disabled via an enterprise policy.
commit 9596f1afea07d1f3023876b5882b2522d720d6f3
Author: Kathy Brade
Date: Thu Apr 16 17:07:09 2020 -0400
Bug 32418: Allow updates to be disabled via an enterprise policy.
Restrict the Enterprise Policies mechanism to only consult a
policies.json file (avoiding the Windows Registry and macOS's
file system attributes).
Add a few disabledByPolicy() checks to the update service to
avoid extraneous (and potentially confusing) log messages when
updates are disabled by policy.
Sample content for distribution/policies.json:
{
"policies": {
"DisableAppUpdate": true
}
}
On Linux, avoid reading policies from /etc/firefox/policies/policies.json
---
.../enterprisepolicies/EnterprisePoliciesParent.jsm | 14 --
toolkit/components/enterprisepolicies/moz.build | 3 +++
toolkit/mozapps/update/UpdateService.jsm | 20
3 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
index 8b0a5170cbdd..38e2c2b36a24 100644
--- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
+++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
@@ -4,6 +4,10 @@
var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"];
+// To ensure that policies intended for Firefox or another browser will not
+// be used, Tor Browser only looks for policies in ${InstallDir}/distribution
+#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION
+
const { XPCOMUtils } = ChromeUtils.import(
"resource://gre/modules/XPCOMUtils.jsm"
);
@@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import(
);
XPCOMUtils.defineLazyModuleGetters(this, {
+#ifndef AVOID_SYSTEM_POLICIES
WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm",
macOSPoliciesParser:
"resource://gre/modules/policies/macOSPoliciesParser.jsm",
+#endif
Policies: "resource:///modules/policies/Policies.jsm",
JsonSchemaValidator:
"resource://gre/modules/components-utils/JsonSchemaValidator.jsm",
@@ -137,6 +143,7 @@ EnterprisePoliciesManager.prototype = {
_chooseProvider() {
let provider = null;
+#ifndef AVOID_SYSTEM_POLICIES
if (AppConstants.platform == "win") {
provider = new WindowsGPOPoliciesProvider();
} else if (AppConstants.platform == "macosx") {
@@ -145,6 +152,7 @@ EnterprisePoliciesManager.prototype = {
if (provider && provider.hasPolicies) {
return provider;
}
+#endif
provider = new JSONPoliciesProvider();
if (provider.hasPolicies) {
@@ -495,7 +503,7 @@ class JSONPoliciesProvider {
_getConfigurationFile() {
let configFile = null;
-
+#ifndef AVOID_SYSTEM_POLICIES
if (AppConstants.platform == "linux") {
let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance(
Ci.nsIFile
@@ -508,7 +516,7 @@ class JSONPoliciesProvider {
return systemConfigFile;
}
}
-
+#endif
try {
let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false);
if (perUserPath) {
@@ -589,6 +597,7 @@ class JSONPoliciesProvider {
}
}
+#ifndef AVOID_SYSTEM_POLICIES
class WindowsGPOPoliciesProvider {
constructor() {
this._policies = null;
@@ -654,3 +663,4 @@ class macOSPoliciesProvider {
return this._failed;
}
}
+#endif
diff --git a/toolkit/components/enterprisepolicies/moz.build
b/toolkit/components/enterprisepolicies/moz.build
index 09d2046e1bd7..3f685d3fbbd6 100644
--- a/toolkit/components/enterprisepolicies/moz.build
+++ b/toolkit/components/enterprisepolicies/moz.build
@@ -19,6 +19,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android":
EXTRA_JS_MODULES += [
"EnterprisePolicies.jsm",
"EnterprisePoliciesContent.jsm",
+]
+
+EXTRA_PP_JS_MODULES += [
"EnterprisePoliciesParent.jsm",
]
diff --git a/toolkit/mozapps/update/UpdateService.jsm
b/toolkit/mozapps/update/UpdateService.jsm
index 01da9f2b7292..c6f34df9163b 100644
--- a/toolkit/mozapps/update/UpdateService.jsm
+++ b/toolkit/mozapps/update/UpdateService.jsm
@@ -2843,6 +2843,10 @@ UpdateService.prototype = {
_checkForBackgroundUpdates: function AUS__checkForBackgroundUpdates(
isNotify
) {
+if (this.disabledByPolicy) {
+ return;
+}
+
this._isNotify = isNotify;
// Histogram IDs:
@@ -3345,6 +3349,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
get canApplyUpdates() {
+if (this.disabledByPolicy) {
+ LOG(
+"UpdateService.canApplyUpdates - unable to apply updates, " +
+ "the option has been disabled by the administrator."
+ );
+ return false;
+}
+
return getCanApplyUpdates() && hasUpdateMutex();
},
@@ -3352,6 +3364,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
get
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
commit 1f18b3c9727e5a664da125594e4b56e5c03a4aca
Author: Alex Catarineu
Date: Tue Oct 20 17:44:36 2020 +0200
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
---
.../mozilla/geckoview/GeckoRuntimeSettings.java| 26 +-
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index 662b34c476ae..bb992733937e 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -758,19 +758,25 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
private String computeAcceptLanguages() {
ArrayList locales = new ArrayList();
-// Explicitly-set app prefs come first:
-if (mRequestedLocales != null) {
-for (String locale : mRequestedLocales) {
-locales.add(locale.toLowerCase());
-}
-}
-// OS prefs come second:
-for (String locale : getDefaultLocales()) {
-locale = locale.toLowerCase();
-if (!locales.contains(locale)) {
+// In Desktop, these are defined in the `intl.accept_languages`
localized property.
+// At some point we should probably use the same values here, but for
now we use a simple
+// strategy which will hopefully result in reasonable acceptLanguage
values.
+if (mRequestedLocales != null && mRequestedLocales.length > 0) {
+String locale = mRequestedLocales[0].toLowerCase();
+// No need to include `en-us` twice.
+if (!locale.equals("en-us")) {
locales.add(locale);
+if (locale.contains("-")) {
+String lang = locale.split("-")[0];
+// No need to include `en` twice.
+if (!lang.equals("en")) {
+locales.add(lang);
+}
+}
}
}
+locales.add("en-us");
+locales.add("en");
return TextUtils.join(",", locales);
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 30605: Honor privacy.spoof_english in Android
commit 707b234fb43545a12064aae4eea8eba767b3e326
Author: Alex Catarineu
Date: Fri Oct 16 10:45:17 2020 +0200
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
---
mobile/android/components/geckoview/GeckoViewStartup.jsm | 5 +
1 file changed, 5 insertions(+)
diff --git a/mobile/android/components/geckoview/GeckoViewStartup.jsm
b/mobile/android/components/geckoview/GeckoViewStartup.jsm
index 83558ff558a9..432d27f86f8a 100644
--- a/mobile/android/components/geckoview/GeckoViewStartup.jsm
+++ b/mobile/android/components/geckoview/GeckoViewStartup.jsm
@@ -18,6 +18,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
Preferences: "resource://gre/modules/Preferences.jsm",
SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
Services: "resource://gre/modules/Services.jsm",
+ RFPHelper: "resource://gre/modules/RFPHelper.jsm",
});
const { debug, warn } = GeckoViewUtils.initLogging("Startup");
@@ -251,6 +252,10 @@ class GeckoViewStartup {
if (aData.requestedLocales) {
Services.locale.requestedLocales = aData.requestedLocales;
}
+RFPHelper._handleSpoofEnglishChanged();
+if (Services.prefs.getIntPref("privacy.spoof_english", 0) === 2) {
+ break;
+}
const pls = Cc["@mozilla.org/pref-localizedstring;1"].createInstance(
Ci.nsIPrefLocalizedString
);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40125: Expose Security Level pref in GeckoView
commit 2f7dcf9487c7f8eb8c908f1f339e6f84879598f0
Author: Matthew Finkel
Date: Mon Sep 14 02:52:28 2020 +
Bug 40125: Expose Security Level pref in GeckoView
---
mobile/android/geckoview/api.txt | 3 ++
.../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
2 files changed, 36 insertions(+)
diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index 1c01a3f6731b..946446a97f30 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -633,6 +633,7 @@ package org.mozilla.geckoview {
method @Nullable public GeckoRuntime getRuntime();
method @Nullable public Rect getScreenSizeOverride();
method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
+method public int getTorSecurityLevel();
method public boolean getUseMaxScreenDepth();
method public boolean getWebFontsEnabled();
method public boolean getWebManifestEnabled();
@@ -650,6 +651,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings
setLoginAutofillEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
method @NonNull public GeckoRuntimeSettings
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
field public static final int COLOR_SCHEME_DARK = 1;
@@ -685,6 +687,7 @@ package org.mozilla.geckoview {
method @NonNull public GeckoRuntimeSettings.Builder
remoteDebuggingEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
screenSizeOverride(int, int);
method @NonNull public GeckoRuntimeSettings.Builder
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
+method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
method @NonNull public GeckoRuntimeSettings.Builder
useMaxScreenDepth(boolean);
method @NonNull public GeckoRuntimeSettings.Builder
webFontsEnabled(boolean);
method @NonNull public GeckoRuntimeSettings.Builder webManifest(boolean);
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index 97c33665fc18..662b34c476ae 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -446,6 +446,17 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
getSettings().mForceUserScalable.set(flag);
return this;
}
+
+/**
+ * Set security level.
+ *
+ * @param level A value determining the security level. Default is 0.
+ * @return This Builder instance.
+ */
+public @NonNull Builder torSecurityLevel(final int level) {
+getSettings().mTorSecurityLevel.set(level);
+return this;
+}
}
private GeckoRuntime mRuntime;
@@ -494,6 +505,8 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
"browser.ui.zoom.force-user-scalable", false);
/* package */ final Pref mAutofillLogins = new Pref(
"signon.autofillForms", true);
+/* package */ final Pref mTorSecurityLevel = new Pref<>(
+"extensions.torbutton.security_slider", 4);
/* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
@@ -1132,6 +1145,26 @@ public final class GeckoRuntimeSettings extends
RuntimeSettings {
return this;
}
+/**
+ * Gets the current security level.
+ *
+ * @return current security protection level
+ */
+public int getTorSecurityLevel() {
+return mTorSecurityLevel.get();
+}
+
+/**
+ * Sets the Tor Security Level.
+ *
+ * @param level security protection level
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setTorSecurityLevel(final int level) {
+mTorSecurityLevel.commit(level);
+return this;
+}
+
@Override // Parcelable
public void writeToParcel(final Parcel out, final int flags) {
super.writeToParcel(out, flags);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
commit 2abb5248905331c041f3a013595e649b98a8c84f
Author: Alex Catarineu
Date: Fri Sep 4 12:34:35 2020 +0200
Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
This loads HTTPS Everywhere as a builtin addon from a hardcoded
resource:// URI in desktop. It also ensures that the non-builtin
HTTPS Everywhere addon is always uninstalled on browser startup.
The reason of making this desktop-only is that there are some issues
when installing a builtin extension from geckoview side, making
the extension not available on first startup. So, at least for
now we handle the Fenix case separately. See #40118 for a followup
for investigating these.
---
browser/components/BrowserGlue.jsm | 37 ++
toolkit/components/extensions/Extension.jsm| 10 --
.../mozapps/extensions/internal/XPIProvider.jsm| 13
3 files changed, 57 insertions(+), 3 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index 5b05cf48dd0f..f8cb7c664578 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -71,6 +71,13 @@ XPCOMUtils.defineLazyServiceGetter(
"nsIPushService"
);
+XPCOMUtils.defineLazyServiceGetters(this, {
+ resProto: [
+"@mozilla.org/network/protocol;1?name=resource",
+"nsISubstitutingProtocolHandler",
+ ],
+});
+
const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state";
/**
@@ -817,6 +824,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
DoHController: "resource:///modules/DoHController.jsm",
DownloadsViewableInternally:
"resource:///modules/DownloadsViewableInternally.jsm",
+ ExtensionData: "resource://gre/modules/Extension.jsm",
ExtensionsUI: "resource:///modules/ExtensionsUI.jsm",
FirefoxMonitor: "resource:///modules/FirefoxMonitor.jsm",
FxAccounts: "resource://gre/modules/FxAccounts.jsm",
@@ -1417,6 +1425,35 @@ BrowserGlue.prototype = {
"resource://builtin-themes/alpenglow/"
);
+// Install https-everywhere builtin addon if needed.
+(async () => {
+ const HTTPS_EVERYWHERE_ID = "https-everywhere-...@eff.org";
+ const HTTPS_EVERYWHERE_BUILTIN_URL =
+"resource://torbutton/content/extensions/https-everywhere/";
+ // This does something similar as GeckoViewWebExtension.jsm: it tries
+ // to load the manifest to retrieve the version of the builtin and
+ // compares it to the currently installed one to see whether we need
+ // to install or not. Here we delegate that to
+ // AddonManager.maybeInstallBuiltinAddon.
+ try {
+const resolvedURI = Services.io.newURI(
+ resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL))
+);
+const extensionData = new ExtensionData(resolvedURI);
+const manifest = await extensionData.loadManifest();
+
+await AddonManager.maybeInstallBuiltinAddon(
+ HTTPS_EVERYWHERE_ID,
+ manifest.version,
+ HTTPS_EVERYWHERE_BUILTIN_URL
+);
+ } catch (e) {
+const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader");
+log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter()));
+log.error("Could not install https-everywhere extension", e);
+ }
+})();
+
if (AppConstants.MOZ_NORMANDY) {
Normandy.init();
}
diff --git a/toolkit/components/extensions/Extension.jsm
b/toolkit/components/extensions/Extension.jsm
index 302bb32a3b2e..1942031a1f63 100644
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@@ -212,6 +212,7 @@ const LOGGER_ID_BASE = "addons.webextension.";
const UUID_MAP_PREF = "extensions.webextensions.uuids";
const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall";
const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall";
+const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-...@eff.org"]);
const COMMENT_REGEXP = new RegExp(
String.raw`
@@ -358,7 +359,8 @@ var ExtensionAddonObserver = {
);
}
-if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) &&
+ !PERSISTENT_EXTENSIONS.has(addon.id)) {
// Clear browser.storage.local backends.
AsyncShutdown.profileChangeTeardown.addBlocker(
`Clear Extension Storage ${addon.id} (File Backend)`,
@@ -406,7 +408,8 @@ var ExtensionAddonObserver = {
ExtensionPermissions.removeAll(addon.id);
-if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) &&
+ !PERSISTENT_EXTENSIONS.has(addon.id)) {
// Clear the entry in the UUID map
UUIDMap.remove(addon.id);
}
@@ -2584,7 +2587,8 @@ class Extension extends ExtensionData {
);
} else if (
this.startupReason === "ADDON_INSTALL"
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40073: Disable remote Public Suffix List fetching
commit 9644dcbaf645dcf6876cd522059c1eb68543d3a1
Author: Alex Catarineu
Date: Thu Aug 13 11:05:03 2020 +0200
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
---
browser/components/BrowserGlue.jsm | 5 -
1 file changed, 5 deletions(-)
diff --git a/browser/components/BrowserGlue.jsm
b/browser/components/BrowserGlue.jsm
index d760f38d2e3e..5b05cf48dd0f 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -837,7 +837,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
PluralForm: "resource://gre/modules/PluralForm.jsm",
PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm",
ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm",
- PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm",
RemoteSettings: "resource://services-settings/remote-settings.js",
RemoteSecuritySettings:
"resource://gre/modules/psm/RemoteSecuritySettings.jsm",
@@ -2802,10 +2801,6 @@ BrowserGlue.prototype = {
this._addBreachesSyncHandler();
},
- () => {
-PublicSuffixList.init();
- },
-
() => {
RemoteSecuritySettings.init();
},
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40025: Remove Mozilla add-on install permissions
commit af0a1aefdb03dbb29f69265fd6711442e3d3b541 Author: Alex Catarineu Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 5 - 1 file changed, 5 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index 4938bd1e22e5..5c4c302f5ba5 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -11,11 +11,6 @@ origin uitour 1 https://3g2upl4pq6kufc4m.onion origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://fpn.firefox.com ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 40002: Remove about:ion
commit 1bed9300fec1750e24df83eecce0e53a651bb633
Author: Kathy Brade
Date: Fri Aug 14 09:06:33 2020 -0400
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which
people
volunteer to participate in studies that collect detailed, sensitive data
about
how they use their browser.
---
browser/components/about/AboutRedirector.cpp | 2 --
browser/components/about/components.conf | 1 -
2 files changed, 3 deletions(-)
diff --git a/browser/components/about/AboutRedirector.cpp
b/browser/components/about/AboutRedirector.cpp
index cdb84d4ed9cd..27c5b687c0d2 100644
--- a/browser/components/about/AboutRedirector.cpp
+++ b/browser/components/about/AboutRedirector.cpp
@@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = {
nsIAboutModule::URI_MUST_LOAD_IN_CHILD |
nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
-{"ion", "chrome://browser/content/ion.html",
- nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
#ifdef TOR_BROWSER_UPDATE
{"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml",
nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
diff --git a/browser/components/about/components.conf
b/browser/components/about/components.conf
index 290fce3feed9..8e04467c05da 100644
--- a/browser/components/about/components.conf
+++ b/browser/components/about/components.conf
@@ -14,7 +14,6 @@ pages = [
'logins',
'newinstall',
'newtab',
-'ion',
'pocket-saved',
'pocket-signup',
'policies',
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
commit 1c5e590073ce6eaa137451601f57c0ceb9d295a1
Author: Kathy Brade
Date: Tue Jul 14 11:15:07 2020 -0400
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
---
browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++
browser/components/aboutlogins/content/aboutLogins.css | 8 +++-
browser/components/aboutlogins/content/aboutLogins.js | 6 ++
.../aboutlogins/content/components/fxaccounts-button.css | 5 +
.../components/aboutlogins/content/components/menu-button.css | 10 ++
5 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm
b/browser/components/aboutlogins/AboutLoginsParent.jsm
index 8e617fced951..c7e3aef6547b 100644
--- a/browser/components/aboutlogins/AboutLoginsParent.jsm
+++ b/browser/components/aboutlogins/AboutLoginsParent.jsm
@@ -62,6 +62,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync";
const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF =
"signon.management.page.showPasswordSyncNotification";
+const NOCERTDB_PREF = "security.nocertdb";
// about:logins will always use the privileged content process,
// even if it is disabled for other consumers such as about:newtab.
@@ -265,6 +266,7 @@ class AboutLoginsParent extends JSWindowActorParent {
importVisible:
Services.policies.isAllowed("profileImport") &&
AppConstants.platform != "linux",
+canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false),
});
await AboutLogins._sendAllLoginRelatedObjects(
diff --git a/browser/components/aboutlogins/content/aboutLogins.css
b/browser/components/aboutlogins/content/aboutLogins.css
index 7ed29bda8297..dca63da2e649 100644
--- a/browser/components/aboutlogins/content/aboutLogins.css
+++ b/browser/components/aboutlogins/content/aboutLogins.css
@@ -69,6 +69,11 @@ login-item {
grid-area: login;
}
+/* Do not promote Mozilla Sync in Tor Browser. */
+login-intro {
+ display: none !important;
+}
+
#branding-logo {
flex-basis: var(--sidebar-width);
flex-shrink: 0;
@@ -83,7 +88,8 @@ login-item {
}
}
-:root:not(.official-branding) #branding-logo {
+/* Hide "Firefox LockWise" branding in Tor Browser. */
+#branding-logo {
visibility: hidden;
}
diff --git a/browser/components/aboutlogins/content/aboutLogins.js
b/browser/components/aboutlogins/content/aboutLogins.js
index d23c3567f89e..5a6424c5eb41 100644
--- a/browser/components/aboutlogins/content/aboutLogins.js
+++ b/browser/components/aboutlogins/content/aboutLogins.js
@@ -15,6 +15,9 @@ const gElements = {
loginIntro: document.querySelector("login-intro"),
loginItem: document.querySelector("login-item"),
loginFilter: document.querySelector("login-filter"),
+ get createNewLoginButton() {
+return this.loginList.shadowRoot.querySelector(".create-login-button");
+ },
};
let numberOfLogins = 0;
@@ -92,6 +95,9 @@ window.addEventListener("AboutLoginsChromeToContent", event
=> {
gElements.loginList.setSortDirection(event.detail.value.selectedSort);
document.documentElement.classList.add("initialized");
gElements.loginList.classList.add("initialized");
+ if (!event.detail.value.canCreateLogins) {
+gElements.createNewLoginButton.disabled = true;
+ }
break;
}
case "ShowLoginItemError": {
diff --git
a/browser/components/aboutlogins/content/components/fxaccounts-button.css
b/browser/components/aboutlogins/content/components/fxaccounts-button.css
index e63192a98e3a..c59eda2dec56 100644
--- a/browser/components/aboutlogins/content/components/fxaccounts-button.css
+++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css
@@ -8,6 +8,11 @@
align-items: center;
}
+/* Do not promote Mozilla Sync in Tor Browser. */
+.logged-out-view {
+ display: none !important;
+}
+
.fxaccounts-extra-text {
/* Only show at most 3 lines of text to limit the
text from overflowing the header. */
diff --git a/browser/components/aboutlogins/content/components/menu-button.css
b/browser/components/aboutlogins/content/components/menu-button.css
index db902c4da60a..55d2d28f4280 100644
--- a/browser/components/aboutlogins/content/components/menu-button.css
+++ b/browser/components/aboutlogins/content/components/menu-button.css
@@ -81,3 +81,13 @@
.menuitem-preferences {
background-image: url("chrome://global/skin/icons/settings.svg");
}
+
+/*
+ * Do not promote LockWise mobile apps in Tor Browser: hide the menu items
+ * and the separator line that precedes them.
+ */
+.menuitem-mobile-android,
+.menuitem-mobile-ios,
+button[data-event-name="AboutLoginsGetHelp"] + hr {
+ display: none !important;
+}
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 30237: Add v3 onion services client authentication prompt
commit 997de51abd93753f125d3d9789620a1f9edc0833
Author: Kathy Brade
Date: Tue Nov 12 16:11:05 2019 -0500
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
---
browser/actors/NetErrorChild.jsm | 7 +
browser/base/content/aboutNetError.js | 10 +-
browser/base/content/aboutNetError.xhtml | 1 +
browser/base/content/browser.js| 10 +
browser/base/content/browser.xhtml | 3 +
browser/base/content/tab-content.js| 5 +
browser/components/moz.build | 1 +
.../content/authNotificationIcon.inc.xhtml | 6 +
.../onionservices/content/authPopup.inc.xhtml | 16 ++
.../onionservices/content/authPreferences.css | 20 ++
.../content/authPreferences.inc.xhtml | 19 ++
.../onionservices/content/authPreferences.js | 66 +
.../components/onionservices/content/authPrompt.js | 316 +
.../components/onionservices/content/authUtil.jsm | 47 +++
.../onionservices/content/netError/browser.svg | 3 +
.../onionservices/content/netError/network.svg | 3 +
.../content/netError/onionNetError.css | 65 +
.../content/netError/onionNetError.js | 244
.../onionservices/content/netError/onionsite.svg | 7 +
.../onionservices/content/onionservices.css| 69 +
.../onionservices/content/savedKeysDialog.js | 259 +
.../onionservices/content/savedKeysDialog.xhtml| 42 +++
browser/components/onionservices/jar.mn| 9 +
browser/components/onionservices/moz.build | 1 +
browser/components/preferences/preferences.xhtml | 1 +
browser/components/preferences/privacy.inc.xhtml | 2 +
browser/components/preferences/privacy.js | 7 +
browser/themes/shared/notification-icons.inc.css | 3 +
docshell/base/nsDocShell.cpp | 81 +-
dom/ipc/BrowserParent.cpp | 21 ++
dom/ipc/BrowserParent.h| 3 +
dom/ipc/PBrowser.ipdl | 9 +
js/xpconnect/src/xpc.msg | 10 +
netwerk/base/nsSocketTransport2.cpp| 6 +
netwerk/socket/nsSOCKSIOLayer.cpp | 49
toolkit/modules/PopupNotifications.jsm | 6 +
toolkit/modules/RemotePageAccessManager.jsm| 1 +
.../lib/environments/frame-script.js | 1 +
xpcom/base/ErrorList.py| 22 ++
39 files changed, 1449 insertions(+), 2 deletions(-)
diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm
index 82978412fe24..164fb7c95cd1 100644
--- a/browser/actors/NetErrorChild.jsm
+++ b/browser/actors/NetErrorChild.jsm
@@ -13,6 +13,8 @@ const { RemotePageChild } = ChromeUtils.import(
"resource://gre/actors/RemotePageChild.jsm"
);
+const { TorStrings } =
ChromeUtils.import("resource:///modules/TorStrings.jsm");
+
XPCOMUtils.defineLazyServiceGetter(
this,
"gSerializationHelper",
@@ -33,6 +35,7 @@ class NetErrorChild extends RemotePageChild {
"RPMAddToHistogram",
"RPMRecordTelemetryEvent",
"RPMGetHttpResponseHeader",
+ "RPMGetTorStrings",
];
this.exportFunctions(exportableFunctions);
}
@@
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 28005: Implement .onion alias urlbar rewrites
commit 2b9717ff02060a6d7c952ced0f1d9abe3f6e725c
Author: Alex Catarineu
Date: Thu Feb 13 13:24:33 2020 +0100
Bug 28005: Implement .onion alias urlbar rewrites
A custom HTTPS Everywhere update channel is installed,
which provides rules for locally redirecting some memorable
.tor.onion URLs to non-memorable .onion URLs.
When these redirects occur, we also rewrite the URL in the urlbar
to display the human-memorable hostname instead of the actual
.onion.
Bug 34196: Update site info URL with the onion name
---
browser/actors/ClickHandlerChild.jsm | 20 ++
browser/actors/ClickHandlerParent.jsm | 1 +
browser/actors/ContextMenuChild.jsm| 4 +
browser/base/content/browser-places.js | 12 +-
browser/base/content/browser-siteIdentity.js | 12 +-
browser/base/content/browser.js| 43 -
browser/base/content/nsContextMenu.js | 18 ++
browser/base/content/pageinfo/pageInfo.js | 2 +-
browser/base/content/pageinfo/pageInfo.xhtml | 10 +
browser/base/content/pageinfo/security.js | 17 +-
browser/base/content/tabbrowser.js | 7 +
browser/base/content/utilityOverlay.js | 12 ++
browser/components/BrowserGlue.jsm | 8 +
.../onionservices/ExtensionMessaging.jsm | 77
.../onionservices/HttpsEverywhereControl.jsm | 119
.../components/onionservices/OnionAliasStore.jsm | 201 +
browser/components/onionservices/moz.build | 6 +
browser/components/urlbar/UrlbarInput.jsm | 13 +-
docshell/base/nsDocShell.cpp | 52 ++
docshell/base/nsDocShell.h | 6 +
docshell/base/nsDocShellLoadState.cpp | 4 +
docshell/base/nsIDocShell.idl | 5 +
docshell/base/nsIWebNavigation.idl | 5 +
docshell/shistory/SessionHistoryEntry.cpp | 14 ++
docshell/shistory/SessionHistoryEntry.h| 1 +
docshell/shistory/nsISHEntry.idl | 5 +
docshell/shistory/nsSHEntry.cpp| 22 ++-
docshell/shistory/nsSHEntry.h | 1 +
dom/interfaces/base/nsIBrowser.idl | 3 +-
dom/ipc/BrowserChild.cpp | 2 +
dom/ipc/BrowserParent.cpp | 3 +-
dom/ipc/PBrowser.ipdl | 1 +
modules/libpref/init/StaticPrefList.yaml | 6 +
netwerk/dns/effective_tld_names.dat| 2 +
netwerk/ipc/DocumentLoadListener.cpp | 10 +
toolkit/content/widgets/browser-custom-element.js | 13 +-
toolkit/modules/sessionstore/SessionHistory.jsm| 5 +
xpcom/reflect/xptinfo/xptinfo.h| 3 +-
38 files changed, 722 insertions(+), 23 deletions(-)
diff --git a/browser/actors/ClickHandlerChild.jsm
b/browser/actors/ClickHandlerChild.jsm
index d5f7f31f3280..1d147bb274f2 100644
--- a/browser/actors/ClickHandlerChild.jsm
+++ b/browser/actors/ClickHandlerChild.jsm
@@ -136,6 +136,26 @@ class ClickHandlerChild extends JSWindowActorChild {
json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal;
json.triggeringPrincipal = ownerDoc.nodePrincipal;
+ // Check if the link needs to be opened with .tor.onion urlbar rewrites
+ // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true
+ // and the same origin we should allow this.
+ json.onionUrlbarRewritesAllowed = false;
+ if (this.docShell.onionUrlbarRewritesAllowed) {
+const sm = Services.scriptSecurityManager;
+try {
+ let targetURI = Services.io.newURI(href);
+ let isPrivateWin =
+ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0;
+ sm.checkSameOriginURI(
+docshell.currentDocumentChannel.URI,
+targetURI,
+false,
+isPrivateWin
+ );
+ json.onionUrlbarRewritesAllowed = true;
+} catch (e) {}
+ }
+
// If a link element is clicked with middle button, user wants to open
// the link somewhere rather than pasting clipboard content. Therefore,
// when it's clicked with middle button, we should prevent multiple
diff --git a/browser/actors/ClickHandlerParent.jsm
b/browser/actors/ClickHandlerParent.jsm
index 75509b95ce7f..06d56624e316 100644
--- a/browser/actors/ClickHandlerParent.jsm
+++ b/browser/actors/ClickHandlerParent.jsm
@@ -99,6 +99,7 @@ class ClickHandlerParent extends JSWindowActorParent {
charset: browser.characterSet,
referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo),
allowMixedContent: data.allowMixedContent,
+ onionUrlbarRewritesAllowed: data.onionUrlbarRewritesAllowed,
isContentWindowPrivate: data.isContentWindowPrivate,
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 33342: Avoid disconnect search addon error after removal.
commit 5406c8eb7ccbecb7b3e273967ad9a6991abf879e
Author: Alex Catarineu
Date: Fri Mar 13 18:19:30 2020 +0100
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
---
toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 4c0ffd7f8896..c0fd26e34b7c 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -976,6 +976,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends
XPIStateLocation {
isLinkedAddon(/* aId */) {
return false;
}
+
+ restore(saved) {
+super.restore(saved);
+// Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4.
+this.removeAddon("disconn...@search.mozilla.org");
+ }
})();
/**
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 25741 - TBA: Disable GeckoNetworkManager
commit dbd208b33973107b0b0efb4921034df24ea0cb3d
Author: Matthew Finkel
Date: Thu Apr 26 22:22:51 2018 +
Bug 25741 - TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
---
.../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
index 8fca9c9240c1..f20549991840 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
@@ -122,7 +122,9 @@ public final class GeckoRuntime implements Parcelable {
mPaused = false;
// Monitor network status and send change notifications to Gecko
// while active.
-
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+}
}
@OnLifecycleEvent(Lifecycle.Event.ON_PAUSE)
@@ -130,7 +132,9 @@ public final class GeckoRuntime implements Parcelable {
Log.d(LOGTAG, "Lifecycle: onPause");
mPaused = true;
// Stop monitoring network status while inactive.
-GeckoNetworkManager.getInstance().stop();
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+GeckoNetworkManager.getInstance().stop();
+}
GeckoThread.onPause();
}
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 32092: Fix Tor Browser Support link in preferences
commit 1fd341bd4d690c0dd9b8ea9cf42e5c82f6b8800a
Author: Alex Catarineu
Date: Tue Oct 15 22:54:10 2019 +0200
Bug 32092: Fix Tor Browser Support link in preferences
---
browser/components/preferences/preferences.js | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/browser/components/preferences/preferences.js
b/browser/components/preferences/preferences.js
index a89fddd0306d..ce338584142e 100644
--- a/browser/components/preferences/preferences.js
+++ b/browser/components/preferences/preferences.js
@@ -166,10 +166,7 @@ function init_all() {
gotoPref().then(() => {
let helpButton = document.getElementById("helpButton");
-let helpUrl =
- Services.urlFormatter.formatURLPref("app.support.baseURL") +
- "preferences";
-helpButton.setAttribute("href", helpUrl);
+helpButton.setAttribute("href", "https://support.torproject.org/tbb;);
document.getElementById("addonsButton").addEventListener("click", e => {
if (e.button >= 2) {
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 32658: Create a new MAR signing key
commit 1bf45b2875eebec0b47fb0b3d242f7eba86944ef Author: Georg Koppen Date: Fri Jan 17 12:54:31 2020 + Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. --- toolkit/mozapps/update/updater/release_primary.der | Bin 1225 -> 1229 bytes toolkit/mozapps/update/updater/release_secondary.der | Bin 1225 -> 1229 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/toolkit/mozapps/update/updater/release_primary.der b/toolkit/mozapps/update/updater/release_primary.der index 1d94f88ad73b..0103a171de88 100644 Binary files a/toolkit/mozapps/update/updater/release_primary.der and b/toolkit/mozapps/update/updater/release_primary.der differ diff --git a/toolkit/mozapps/update/updater/release_secondary.der b/toolkit/mozapps/update/updater/release_secondary.der index 474706c4b73c..fcee3944e9b7 100644 Binary files a/toolkit/mozapps/update/updater/release_secondary.der and b/toolkit/mozapps/update/updater/release_secondary.der differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 28125 - Prevent non-Necko network connections
commit 2a2df0ca71963108be279532e7210d4f7a550f0c
Author: Matthew Finkel
Date: Thu Oct 25 19:17:09 2018 +
Bug 28125 - Prevent non-Necko network connections
---
.../gecko/media/GeckoMediaDrmBridgeV21.java| 49 +-
.../exoplayer2/upstream/DefaultHttpDataSource.java | 47 ++---
2 files changed, 4 insertions(+), 92 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
index 3ba59bfd6776..eb57b1013642 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
@@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements
GeckoMediaDrm {
@Override
protected Void doInBackground(final Void... params) {
-HttpURLConnection urlConnection = null;
-BufferedReader in = null;
-try {
-URI finalURI = new URI(mURL + "=" +
URLEncoder.encode(new String(mDrmRequest), "UTF-8"));
-urlConnection = (HttpURLConnection)
ProxySelector.openConnectionWithProxy(finalURI);
-urlConnection.setRequestMethod("POST");
-if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" +
finalURI.toString());
-
-// Add data
-urlConnection.setRequestProperty("Accept", "*/*");
-urlConnection.setRequestProperty("User-Agent",
getCDMUserAgent());
-urlConnection.setRequestProperty("Content-Type",
"application/json");
-
-// Execute HTTP Post Request
-urlConnection.connect();
-
-int responseCode = urlConnection.getResponseCode();
-if (responseCode == HttpURLConnection.HTTP_OK) {
-in = new BufferedReader(new
InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8));
-String inputLine;
-StringBuffer response = new StringBuffer();
-
-while ((inputLine = in.readLine()) != null) {
-response.append(inputLine);
-}
-in.close();
-mResponseBody =
String.valueOf(response).getBytes(StringUtils.UTF_8);
-if (DEBUG) Log.d(LOGTAG, "Provisioning, response
received.");
-if (mResponseBody != null) Log.d(LOGTAG, "response
length=" + mResponseBody.length);
-} else {
-Log.d(LOGTAG, "Provisioning, server returned HTTP error
code :" + responseCode);
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Got exception during posting provisioning
request ...", e);
-} catch (URISyntaxException e) {
-Log.e(LOGTAG, "Got exception during creating uri ...", e);
-} finally {
-if (urlConnection != null) {
-urlConnection.disconnect();
-}
-try {
-if (in != null) {
-in.close();
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Exception during closing in ...", e);
-}
-}
+Log.i(LOGTAG, "This is Tor Browser. Skipping.");
return null;
}
diff --git
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
index 6e5095b0a4c9..a585e283ed4e 100644
---
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
+++
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
@@ -46,6 +46,7 @@ import java.util.regex.Pattern;
import java.util.zip.GZIPInputStream;
import org.mozilla.gecko.util.ProxySelector;
+
/**
* An {@link HttpDataSource} that uses Android's {@link HttpURLConnection}.
*
@@ -516,50 +517,8 @@ public class DefaultHttpDataSource extends BaseDataSource
implements HttpDataSou
boolean followRedirects,
Map requestParameters)
throws IOException, URISyntaxException {
-/**
- * Tor Project modified the way the connection object was created. For the
sake of
- * simplicity, instead of duplicating the whole file we changed the
connection object
- * to use the ProxySelector.
- */
-HttpURLConnection connection = (HttpURLConnection)
ProxySelector.openConnectionWithProxy(url.toURI());
-
-
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 27604: Fix addon issues when moving TB directory
commit 0be3145fd5440a33ddbbe2ded8ac06a6027c73ab
Author: Alex Catarineu
Date: Wed Oct 30 10:44:48 2019 +0100
Bug 27604: Fix addon issues when moving TB directory
---
toolkit/mozapps/extensions/internal/XPIProvider.jsm | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 29714cc86115..4c0ffd7f8896 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -485,7 +485,7 @@ class XPIState {
// Builds prior to be 1512436 did not include the rootURI property.
// If we're updating from such a build, add that property now.
-if (!("rootURI" in this) && this.file) {
+if (this.file) {
this.rootURI = getURIForResourceInFile(this.file, "").spec;
}
@@ -498,7 +498,10 @@ class XPIState {
saved.currentModifiedTime != this.lastModifiedTime
) {
this.lastModifiedTime = saved.currentModifiedTime;
-} else if (saved.currentModifiedTime === null) {
+} else if (
+ saved.currentModifiedTime === null &&
+ (!this.file || !this.file.exists())
+) {
this.missing = true;
}
}
@@ -1448,6 +1451,7 @@ var XPIStates = {
if (shouldRestoreLocationData && oldState[loc.name]) {
loc.restore(oldState[loc.name]);
+changed = changed || loc.path != oldState[loc.name].path;
}
changed = changed || loc.changed;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
commit 601aca4e7e33dd59fa7fd01d13ae3edeac0d4b3b
Author: Amogh Pradeep
Date: Fri Jun 12 02:07:45 2015 -0400
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
---
.../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++---
.../java/org/mozilla/gecko/util/BitmapUtils.java | 7 ---
.../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++-
3 files changed, 59 insertions(+), 41 deletions(-)
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
index 38a055de4a3d..aa263caf869d 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
@@ -1764,39 +1764,41 @@ public class GeckoAppShell {
@WrapForJNI
private static URLConnection getConnection(final String url) {
-try {
-String spec;
-if (url.startsWith("android://")) {
-spec = url.substring(10);
-} else {
-spec = url.substring(8);
-}
-
-// Check if we are loading a package icon.
-try {
-if (spec.startsWith("icon/")) {
-String[] splits = spec.split("/");
-if (splits.length != 2) {
-return null;
-}
-final String pkg = splits[1];
-final PackageManager pm =
getApplicationContext().getPackageManager();
-final Drawable d = pm.getApplicationIcon(pkg);
-final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d);
-return new BitmapConnection(bitmap);
-}
-} catch (Exception ex) {
-Log.e(LOGTAG, "error", ex);
-}
-
-// if the colon got stripped, put it back
-int colon = spec.indexOf(':');
-if (colon == -1 || colon > spec.indexOf('/')) {
-spec = spec.replaceFirst("/", ":/");
-}
-} catch (Exception ex) {
-return null;
-}
+// Bug 31144 - Prevent potential proxy-bypass
+
+//try {
+//String spec;
+//if (url.startsWith("android://")) {
+//spec = url.substring(10);
+//} else {
+//spec = url.substring(8);
+//}
+
+//// Check if we are loading a package icon.
+//try {
+//if (spec.startsWith("icon/")) {
+//String[] splits = spec.split("/");
+//if (splits.length != 2) {
+//return null;
+//}
+//final String pkg = splits[1];
+//final PackageManager pm =
getApplicationContext().getPackageManager();
+//final Drawable d = pm.getApplicationIcon(pkg);
+//final Bitmap bitmap =
BitmapUtils.getBitmapFromDrawable(d);
+//return new BitmapConnection(bitmap);
+//}
+//} catch (Exception ex) {
+//Log.e(LOGTAG, "error", ex);
+//}
+
+//// if the colon got stripped, put it back
+//int colon = spec.indexOf(':');
+//if (colon == -1 || colon > spec.indexOf('/')) {
+//spec = spec.replaceFirst("/", ":/");
+//}
+//} catch (Exception ex) {
+//return null;
+//}
return null;
}
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
index f8af8561ff1d..2f5501f0965a 100644
---
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
+++
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
@@ -101,13 +101,6 @@ public final class BitmapUtils {
public static Bitmap decodeUrl(final URL url) {
InputStream stream = null;
-try {
-stream = url.openStream();
-} catch (IOException e) {
-Log.w(LOGTAG, "decodeUrl: IOException downloading " + url);
-return null;
-}
-
if (stream == null) {
Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url);
return null;
diff --git
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
index 636586b23102..552bf951b51b 100644
---
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 21952: Implement Onion-Location
commit 772d720212aed19be6d1ed3a675156acdc323901
Author: Alex Catarineu
Date: Thu Mar 5 22:16:39 2020 +0100
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
---
browser/base/content/browser.js| 12 ++
browser/base/content/browser.xhtml | 3 +
browser/components/BrowserGlue.jsm | 13 ++
.../onionservices/OnionLocationChild.jsm | 39 +
.../onionservices/OnionLocationParent.jsm | 168 +
.../content/onionlocation-notification-icons.css | 5 +
.../onionservices/content/onionlocation-urlbar.css | 27
.../content/onionlocation-urlbar.inc.xhtml | 10 ++
.../onionservices/content/onionlocation.svg| 3 +
.../content/onionlocationPreferences.inc.xhtml | 11 ++
.../content/onionlocationPreferences.js| 31
browser/components/onionservices/jar.mn| 2 +
browser/components/onionservices/moz.build | 2 +
browser/components/preferences/privacy.inc.xhtml | 2 +
browser/components/preferences/privacy.js | 17 +++
browser/themes/shared/notification-icons.inc.css | 2 +
browser/themes/shared/urlbar-searchbar.inc.css | 2 +
dom/base/Document.cpp | 34 -
dom/base/Document.h| 2 +
dom/webidl/Document.webidl | 9 ++
modules/libpref/init/StaticPrefList.yaml | 5 +
xpcom/ds/StaticAtoms.py| 1 +
22 files changed, 399 insertions(+), 1 deletion(-)
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index b1d6193120dd..383307116064 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
NetUtil: "resource://gre/modules/NetUtil.jsm",
NewTabUtils: "resource://gre/modules/NewTabUtils.jsm",
OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm",
+ OnionLocationParent: "resource:///modules/OnionLocationParent.jsm",
PageActions: "resource:///modules/PageActions.jsm",
PageThumbs: "resource://gre/modules/PageThumbs.jsm",
PanelMultiView: "resource:///modules/PanelMultiView.jsm",
@@ -5494,6 +5495,7 @@ var XULBrowserWindow = {
Services.obs.notifyObservers(null, "touchbar-location-change", location);
UpdateBackForwardCommands(gBrowser.webNavigation);
AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser);
+OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser);
if (!gMultiProcessBrowser) {
// Bug 1108553 - Cannot rotate images with e10s
@@ -5986,6 +5988,16 @@ var CombinedStopReload = {
var TabsProgressListener = {
onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
+// Clear OnionLocation UI
+if (
+ aStateFlags & Ci.nsIWebProgressListener.STATE_START &&
+ aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK &&
+ aRequest &&
+ aWebProgress.isTopLevel
+) {
+ OnionLocationParent.onStateChange(aBrowser);
+}
+
// Collect telemetry data about tab load times.
if (
aWebProgress.isTopLevel &&
diff --git a/browser/base/content/browser.xhtml
b/browser/base/content/browser.xhtml
index a80707bb2cc4..1d8dd28e983a 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -1922,6 +1922,9 @@
onclick="FullZoom.reset(); FullZoom.resetScalingZoom();"
tooltip="dynamic-shortcut-tooltip"
hidden="true"/>
+
+#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml
+
{},
+};
+
+const options = {
+ autofocus: true,
+ persistent: true,
+ removeOnDismissal: false,
+ eventCallback(aTopic) {
+if (aTopic === "removed") {
+ delete browser._onionLocationPrompt;
+ delete browser.onionpopupnotificationanchor;
+}
+ },
+ learnMoreURL: NOTIFICATION_LEARN_MORE_URL,
+ displayURI: {
+hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have
a title without extra markup/css.
+ },
+ hideClose: true,
+ popupIconClass: "onionlocation-notification-icon",
+};
+
+// A hacky way of setting the popup anchor outside the usual url bar icon
box
+// onionlocationpopupnotificationanchor comes from
`${ANCHOR_ID}popupnotificationanchor`
+// From
https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c44301a/browser/components/newtab/lib/CFRPageActions.jsm#488
+browser.onionlocationpopupnotificationanchor =
[tor-commits] [tor-browser/tor-browser-84.0-10.5-2] Bug 31607: App menu items stop working on macOS
commit a273125761cc322dc8ee0e40a4408d44467550d0
Author: Kathy Brade
Date: Thu Oct 3 10:53:43 2019 -0400
Bug 31607: App menu items stop working on macOS
Avoid re-creating the hidden window, since this causes the nsMenuBarX
object that is associated with the app menu to be freed (which in
turn causes all of the app menu items to stop working).
More detail: There should only be one hidden window.
XREMain::XRE_mainRun() contains an explicit call to create the
hidden window and that is the normal path by which it is created.
However, when Tor Launcher's wizard/progress window is opened during
startup, a hidden window is created earlier as a side effect of
calls to nsAppShellService::GetHiddenWindow(). Then, when
XREMain::XRE_mainRun() creates its hidden window, the original one
is freed which also causes the app menu's nsMenuBarX object which
is associated with that window to be destroyed. When that happens,
the menuGroupOwner property within each Cocoa menu items's MenuItemInfo
object is cleared. This breaks the link that is necessary for
NativeMenuItemTarget's menuItemHit method to dispatch a menu item
event.
---
xpfe/appshell/nsAppShellService.cpp | 4
1 file changed, 4 insertions(+)
diff --git a/xpfe/appshell/nsAppShellService.cpp
b/xpfe/appshell/nsAppShellService.cpp
index 2f834508afa8..1983f27d4c8c 100644
--- a/xpfe/appshell/nsAppShellService.cpp
+++ b/xpfe/appshell/nsAppShellService.cpp
@@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() {
NS_IMETHODIMP
nsAppShellService::CreateHiddenWindow() {
+ if (mHiddenWindow) {
+return NS_OK;
+ }
+
if (!XRE_IsParentProcess()) {
return NS_ERROR_NOT_IMPLEMENTED;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
