September 2015 - tbb-commits - lists.torproject.org

[tor-browser-bundle/master] Bug 16963: use the right commit hash in TORBROWSER_BUILDDIR
by gk＠torproject.org 02 Sep '15

02 Sep '15

commit e594dfac1fdb2bf32a51a0020e59fa1a9826f6ba Author: Nicolas Vigier <boklm(a)torproject.org> Date: Wed Sep 2 12:50:47 2015 +0200 Bug 16963: use the right commit hash in TORBROWSER_BUILDDIR --- gitian/get-tb-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitian/get-tb-version b/gitian/get-tb-version index bc3181c..07c5962 100755 --- a/gitian/get-tb-version +++ b/gitian/get-tb-version @@ -44,7 +44,7 @@ foreach my $commit (run_cmd('git', 'log', '-s', '--format=%H', '-200')) { next unless $tags{$commit}; print "TORBROWSER_VERSION=$tags{$commit}->[0]\n"; print "TORBROWSER_BUILDDIR=$tags{$commit}->[0]-", - substr($commit, 0, 12), "\n"; + substr($current_commit, 0, 12), "\n"; print "TORBROWSER_SYMLINK_VERSION=0\n"; exit 0; }

1 0

[tor-browser-bundle/maint-5.0] Bug 16956: Make explicit error when no version tag is found
by gk＠torproject.org 02 Sep '15

02 Sep '15

commit 5a8177f0164a3f19fe11a970b4b61dea04c334a2 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Wed Sep 2 12:33:46 2015 +0200 Bug 16956: Make explicit error when no version tag is found --- gitian/get-tb-version | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gitian/get-tb-version b/gitian/get-tb-version index 9a4a102..bc3181c 100755 --- a/gitian/get-tb-version +++ b/gitian/get-tb-version @@ -49,5 +49,6 @@ foreach my $commit (run_cmd('git', 'log', '-s', '--format=%H', '-200')) { exit 0; } -print STDERR "Could not find TORBROWSER version from tags\n"; +print STDERR "Could not find TORBROWSER version from tags. Does your git repo have tags?\n"; +print "exit 1\n"; exit 1;

1 0

[tor-browser-bundle/master] Bug 16956: Make explicit error when no version tag is found
by gk＠torproject.org 02 Sep '15

02 Sep '15

commit 4a83432493057ad9cb60416b1fc121b51cbff238 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Wed Sep 2 12:33:46 2015 +0200 Bug 16956: Make explicit error when no version tag is found --- gitian/get-tb-version | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gitian/get-tb-version b/gitian/get-tb-version index 9a4a102..bc3181c 100755 --- a/gitian/get-tb-version +++ b/gitian/get-tb-version @@ -49,5 +49,6 @@ foreach my $commit (run_cmd('git', 'log', '-s', '--format=%H', '-200')) { exit 0; } -print STDERR "Could not find TORBROWSER version from tags\n"; +print STDERR "Could not find TORBROWSER version from tags. Does your git repo have tags?\n"; +print "exit 1\n"; exit 1;

1 0

[tor-browser/tor-browser-38.2.1esr-5.0-2] fixup! Bug 12827: Create preference to disable SVG.
by gk＠torproject.org 01 Sep '15

01 Sep '15

commit 191176cf015236f75da321b2ca0e8ddcd6881a55 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Aug 21 14:59:51 2015 -0400 fixup! Bug 12827: Create preference to disable SVG. Allow SVG on about:preferences and other about: pages. Fixes #16775. --- layout/svg/moz.build | 2 ++ layout/svg/nsSVGUtils.cpp | 88 +++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 84 insertions(+), 6 deletions(-) diff --git a/layout/svg/moz.build b/layout/svg/moz.build index df2c209..7685cf5 100644 --- a/layout/svg/moz.build +++ b/layout/svg/moz.build @@ -54,6 +54,8 @@ if CONFIG['CPU_ARCH'] == 'arm' and CONFIG['BUILD_ARM_NEON']: FAIL_ON_WARNINGS = True +#DEFINES['DEBUG_SVG_ENABLE'] = True + FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ '../../widget', diff --git a/layout/svg/nsSVGUtils.cpp b/layout/svg/nsSVGUtils.cpp index c2b6608..5a66b8c 100644 --- a/layout/svg/nsSVGUtils.cpp +++ b/layout/svg/nsSVGUtils.cpp @@ -66,8 +66,12 @@ static bool sSVGDisplayListHitTestingEnabled; static bool sSVGDisplayListPaintingEnabled; static bool sSVGNewGetBBoxEnabled; +static bool IsWhitelisted(nsIURI *aURI); + // Determine if SVG should be enabled for aDoc. The svg.in-content.enabled -// preference is checked as well as whether aDoc is a content or chrome doc. +// preference is checked, then we check whether aDoc is a chrome doc, and +// finally as a fallback we check whether the top-level document is +// whitelisted (e.g., about:preferences). // If aDoc is NULL, the pref. value is returned. // Once we determine whether SVG is allowed for a given document, we record // that fact inside the document. This is necessary to avoid crashes due @@ -92,8 +96,9 @@ NS_SVGEnabled(nsIDocument *aDoc) } // Determine if SVG should be enabled for aChannel. The svg.in-content.enabled -// preference is checked as well as whether the load context associated with -// aChannel is content or chrome. +// preference is checked, then we check whether the load context associated +// with aChannel is a chrome doc, and finally as a fallback we check whether +// the top-level document is whitelisted (e.g., about:preferences). // If aChannel is NULL, the pref. value is returned. bool NS_SVGEnabledForChannel(nsIChannel *aChannel) @@ -104,13 +109,84 @@ NS_SVGEnabledForChannel(nsIChannel *aChannel) if (!aChannel) return false; - bool isContent = true; +#ifdef DEBUG_SVG_ENABLE + nsAutoCString topDocSpec; // Set if approved via a whitelisted top doc. +#endif + + bool isSVGAllowed = false; nsCOMPtr<nsILoadContext> ctx; NS_QueryNotificationCallbacks(aChannel, ctx); - if (ctx) + if (ctx) { + bool isContent = true; ctx->GetIsContent(&isContent); + if (!isContent) { + isSVGAllowed = true; + } else { + // Disallowed. As a fallback, check for whitelisted URLs. + uint32_t loadFlags = 0; + aChannel->GetLoadFlags(&loadFlags); + if (loadFlags & nsIChannel::LOAD_INITIAL_DOCUMENT_URI) { + // This is the top-level load; just check the channel's URL. + nsCOMPtr<nsIURI> uri; + aChannel->GetOriginalURI(getter_AddRefs(uri)); + isSVGAllowed = IsWhitelisted(uri); +#ifdef DEBUG_SVG_ENABLE + if (isSVGAllowed) + uri->GetSpec(topDocSpec); +#endif + } else { + // Obtain the top window's document and check it's URL. + nsCOMPtr<nsIDOMWindow> topWin; + ctx->GetTopWindow(getter_AddRefs(topWin)); + if (topWin) { + nsCOMPtr<nsIDOMDocument> topDOMDoc; + topWin->GetDocument(getter_AddRefs(topDOMDoc)); + nsCOMPtr<nsIDocument> topDoc = do_QueryInterface(topDOMDoc); + if (topDoc) { + nsIURI *topDocURI = topDoc->GetDocumentURI(); + isSVGAllowed = IsWhitelisted(topDocURI); +#ifdef DEBUG_SVG_ENABLE + if (isSVGAllowed) + topDocURI->GetSpec(topDocSpec); +#endif + } + } + } + } + } + +#ifdef DEBUG_SVG_ENABLE + nsAutoCString spec; + nsCOMPtr<nsIURI> uri; + aChannel->GetOriginalURI(getter_AddRefs(uri)); + if (uri) + uri->GetSpec(spec); + + if (topDocSpec.IsEmpty()) { + printf("NS_SVGEnabledForChannel for %s: %s\n", spec.get(), + isSVGAllowed ? "YES" : "NO"); + } else { + printf("NS_SVGEnabledForChannel for %s: %s (via whitelisted top doc %s)\n", + spec.get(), isSVGAllowed ? "YES" : "NO", topDocSpec.get()); + } +#endif + + return isSVGAllowed; +} + +// Always allow SVG for about: URLs so that about:preferences and other +// built-in browser pages function correctly. Exclude about:blank because +// iframes initially contain about:blank documents, and since we cache the +// SVG status we must avoid enabling SVG in that case. +static bool +IsWhitelisted(nsIURI *aURI) +{ + if (!aURI) + return false; - return !isContent; + nsAutoCString scheme; + aURI->GetScheme(scheme); + return scheme.EqualsLiteral("about") && !NS_IsAboutBlank(aURI); } bool

1 0

[tor-browser/tor-browser-38.2.1esr-5.5-2] fixup! Bug 12827: Create preference to disable SVG.
by gk＠torproject.org 01 Sep '15

01 Sep '15

commit d8419037dbb3d36115702cc19de9380c6d9c0f10 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Aug 21 14:59:51 2015 -0400 fixup! Bug 12827: Create preference to disable SVG. Allow SVG on about:preferences and other about: pages. Fixes #16775. --- layout/svg/moz.build | 2 ++ layout/svg/nsSVGUtils.cpp | 88 +++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 84 insertions(+), 6 deletions(-) diff --git a/layout/svg/moz.build b/layout/svg/moz.build index df2c209..7685cf5 100644 --- a/layout/svg/moz.build +++ b/layout/svg/moz.build @@ -54,6 +54,8 @@ if CONFIG['CPU_ARCH'] == 'arm' and CONFIG['BUILD_ARM_NEON']: FAIL_ON_WARNINGS = True +#DEFINES['DEBUG_SVG_ENABLE'] = True + FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ '../../widget', diff --git a/layout/svg/nsSVGUtils.cpp b/layout/svg/nsSVGUtils.cpp index c2b6608..5a66b8c 100644 --- a/layout/svg/nsSVGUtils.cpp +++ b/layout/svg/nsSVGUtils.cpp @@ -66,8 +66,12 @@ static bool sSVGDisplayListHitTestingEnabled; static bool sSVGDisplayListPaintingEnabled; static bool sSVGNewGetBBoxEnabled; +static bool IsWhitelisted(nsIURI *aURI); + // Determine if SVG should be enabled for aDoc. The svg.in-content.enabled -// preference is checked as well as whether aDoc is a content or chrome doc. +// preference is checked, then we check whether aDoc is a chrome doc, and +// finally as a fallback we check whether the top-level document is +// whitelisted (e.g., about:preferences). // If aDoc is NULL, the pref. value is returned. // Once we determine whether SVG is allowed for a given document, we record // that fact inside the document. This is necessary to avoid crashes due @@ -92,8 +96,9 @@ NS_SVGEnabled(nsIDocument *aDoc) } // Determine if SVG should be enabled for aChannel. The svg.in-content.enabled -// preference is checked as well as whether the load context associated with -// aChannel is content or chrome. +// preference is checked, then we check whether the load context associated +// with aChannel is a chrome doc, and finally as a fallback we check whether +// the top-level document is whitelisted (e.g., about:preferences). // If aChannel is NULL, the pref. value is returned. bool NS_SVGEnabledForChannel(nsIChannel *aChannel) @@ -104,13 +109,84 @@ NS_SVGEnabledForChannel(nsIChannel *aChannel) if (!aChannel) return false; - bool isContent = true; +#ifdef DEBUG_SVG_ENABLE + nsAutoCString topDocSpec; // Set if approved via a whitelisted top doc. +#endif + + bool isSVGAllowed = false; nsCOMPtr<nsILoadContext> ctx; NS_QueryNotificationCallbacks(aChannel, ctx); - if (ctx) + if (ctx) { + bool isContent = true; ctx->GetIsContent(&isContent); + if (!isContent) { + isSVGAllowed = true; + } else { + // Disallowed. As a fallback, check for whitelisted URLs. + uint32_t loadFlags = 0; + aChannel->GetLoadFlags(&loadFlags); + if (loadFlags & nsIChannel::LOAD_INITIAL_DOCUMENT_URI) { + // This is the top-level load; just check the channel's URL. + nsCOMPtr<nsIURI> uri; + aChannel->GetOriginalURI(getter_AddRefs(uri)); + isSVGAllowed = IsWhitelisted(uri); +#ifdef DEBUG_SVG_ENABLE + if (isSVGAllowed) + uri->GetSpec(topDocSpec); +#endif + } else { + // Obtain the top window's document and check it's URL. + nsCOMPtr<nsIDOMWindow> topWin; + ctx->GetTopWindow(getter_AddRefs(topWin)); + if (topWin) { + nsCOMPtr<nsIDOMDocument> topDOMDoc; + topWin->GetDocument(getter_AddRefs(topDOMDoc)); + nsCOMPtr<nsIDocument> topDoc = do_QueryInterface(topDOMDoc); + if (topDoc) { + nsIURI *topDocURI = topDoc->GetDocumentURI(); + isSVGAllowed = IsWhitelisted(topDocURI); +#ifdef DEBUG_SVG_ENABLE + if (isSVGAllowed) + topDocURI->GetSpec(topDocSpec); +#endif + } + } + } + } + } + +#ifdef DEBUG_SVG_ENABLE + nsAutoCString spec; + nsCOMPtr<nsIURI> uri; + aChannel->GetOriginalURI(getter_AddRefs(uri)); + if (uri) + uri->GetSpec(spec); + + if (topDocSpec.IsEmpty()) { + printf("NS_SVGEnabledForChannel for %s: %s\n", spec.get(), + isSVGAllowed ? "YES" : "NO"); + } else { + printf("NS_SVGEnabledForChannel for %s: %s (via whitelisted top doc %s)\n", + spec.get(), isSVGAllowed ? "YES" : "NO", topDocSpec.get()); + } +#endif + + return isSVGAllowed; +} + +// Always allow SVG for about: URLs so that about:preferences and other +// built-in browser pages function correctly. Exclude about:blank because +// iframes initially contain about:blank documents, and since we cache the +// SVG status we must avoid enabling SVG in that case. +static bool +IsWhitelisted(nsIURI *aURI) +{ + if (!aURI) + return false; - return !isContent; + nsAutoCString scheme; + aURI->GetScheme(scheme); + return scheme.EqualsLiteral("about") && !NS_IsAboutBlank(aURI); } bool

1 0

[tor-browser/tor-browser-38.2.1esr-5.5-2] fixup! Bug #4234: Use the Firefox Update Process for Tor Browser.
by gk＠torproject.org 01 Sep '15

01 Sep '15

commit 8882fd2ca86bc843060556b8126de75046a35f8f Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Aug 25 11:03:21 2015 -0400 fixup! Bug #4234: Use the Firefox Update Process for Tor Browser. Fixes #13512: After update, load a static tab with change notes. To use this feature, include the following attributes within the <update> element of each XML update manifest: actions="showURL" openURL="https://..." Within the URL, %OLD_VERSION% will be replaced with the previous Gecko version (e.g., 38.2.0) and %OLD_TOR_BROWSER_VERSION% will be replaced with the previous Tor Browser version (e.g., 5.5a1). Note that the "Update Installed" window that previously was displayed after an update is no longer opened. --- browser/app/profile/000-tor-browser.js | 9 ++++- browser/app/profile/firefox.js | 2 +- browser/components/nsBrowserContentHandler.js | 50 ++++++++++++++++++++++++- 3 files changed, 57 insertions(+), 4 deletions(-) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 5918a3e..b32728b 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -7,9 +7,14 @@ // Disable initial homepage notifications pref("browser.search.update", false); pref("browser.rights.3.shown", true); -pref("browser.startup.homepage_override.mstone", "ignore"); pref("startup.homepage_welcome_url", ""); -pref("startup.homepage_override_url", ""); + +// Set a generic, default URL that will be opened in a tab after an update. +// Typically, this will not be used; instead, the <update> element within +// each update manifest should contain attributes similar to: +// actions="showURL" +// openURL="https://blog.torproject.org/tor-browser-55a2-released" +pref("startup.homepage_override_url", "https://blog.torproject.org/category/tags/tor-browser"); // Try to nag a bit more about updates: Pop up a restart dialog an hour after the initial dialog pref("app.update.promptWaitTime", 3600); diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 53fd8d2..7d9677a 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -190,7 +190,7 @@ pref("app.update.idletime", 60); // upgrade start page instead! Other apps may wish to show this UI, and supply // a whatsNewURL field in their brand.properties that contains a link to a page // which tells users what's new in this new update. -pref("app.update.showInstalledUI", true); +pref("app.update.showInstalledUI", false); // 0 = suppress prompting for incompatibilities if there are updates available // to newer versions of installed addons that resolve them. diff --git a/browser/components/nsBrowserContentHandler.js b/browser/components/nsBrowserContentHandler.js index 9ae384e..a3465a0 100644 --- a/browser/components/nsBrowserContentHandler.js +++ b/browser/components/nsBrowserContentHandler.js @@ -43,6 +43,10 @@ const NS_ERROR_ABORT = Components.results.NS_ERROR_ABORT; const URI_INHERITS_SECURITY_CONTEXT = Components.interfaces.nsIHttpProtocolHandler .URI_INHERITS_SECURITY_CONTEXT; +#ifdef TOR_BROWSER_VERSION +const kTBSavedVersionPref = "browser.startup.homepage_override.torbrowser.version"; +#endif + function shouldLoadURI(aURI) { if (aURI && !aURI.schemeIs("chrome")) return true; @@ -94,7 +98,8 @@ const OVERRIDE_NEW_BUILD_ID = 3; * Returns: * OVERRIDE_NEW_PROFILE if this is the first run with a new profile. * OVERRIDE_NEW_MSTONE if this is the first run with a build with a different - * Gecko milestone (i.e. right after an upgrade). + * Gecko milestone or Tor Browser version (i.e. right + * after an upgrade). * OVERRIDE_NEW_BUILD_ID if this is the first run with a new build ID of the * same Gecko milestone (i.e. after a nightly upgrade). * OVERRIDE_NONE otherwise. @@ -110,6 +115,15 @@ function needHomepageOverride(prefb) { var mstone = Services.appinfo.platformVersion; +#ifdef TOR_BROWSER_VERSION +#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION__; + + var savedTBVersion = null; + try { + savedTBVersion = prefb.getCharPref(kTBSavedVersionPref); + } catch (e) {} +#endif + var savedBuildID = null; try { savedBuildID = prefb.getCharPref("browser.startup.homepage_override.buildID"); @@ -127,9 +141,30 @@ function needHomepageOverride(prefb) { prefb.setCharPref("browser.startup.homepage_override.mstone", mstone); prefb.setCharPref("browser.startup.homepage_override.buildID", buildID); +#ifdef TOR_BROWSER_VERSION + prefb.setCharPref(kTBSavedVersionPref, TOR_BROWSER_VERSION); + + // After an upgrade from an older release of Tor Browser (<= 5.5a1), the + // savedmstone will be undefined because those releases included the + // value "ignore" for the browser.startup.homepage_override.mstone pref. + // To correctly detect an upgrade vs. a new profile, we check for the + // presence of the "app.update.postupdate" pref. + var updated = prefb.prefHasUserValue("app.update.postupdate"); + return (savedmstone || updated) ? OVERRIDE_NEW_MSTONE + : OVERRIDE_NEW_PROFILE; +#else return (savedmstone ? OVERRIDE_NEW_MSTONE : OVERRIDE_NEW_PROFILE); +#endif } +#ifdef TOR_BROWSER_VERSION + if (TOR_BROWSER_VERSION != savedTBVersion) { + prefb.setCharPref("browser.startup.homepage_override.buildID", buildID); + prefb.setCharPref(kTBSavedVersionPref, TOR_BROWSER_VERSION); + return OVERRIDE_NEW_MSTONE; + } +#endif + if (buildID != savedBuildID) { prefb.setCharPref("browser.startup.homepage_override.buildID", buildID); return OVERRIDE_NEW_BUILD_ID; @@ -572,6 +607,15 @@ nsBrowserContentHandler.prototype = { try { old_mstone = Services.prefs.getCharPref("browser.startup.homepage_override.mstone"); } catch (ex) {} + +#ifdef TOR_BROWSER_VERSION + // We do the same for the Tor Browser version. + var old_tbversion = null; + try { + old_tbversion = prefb.getCharPref(kTBSavedVersionPref); + } catch (e) {} +#endif + let override = needHomepageOverride(prefb); if (override != OVERRIDE_NONE) { switch (override) { @@ -594,6 +638,10 @@ nsBrowserContentHandler.prototype = { overridePage = getPostUpdateOverridePage(overridePage); overridePage = overridePage.replace("%OLD_VERSION%", old_mstone); +#ifdef TOR_BROWSER_VERSION + overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%", + old_tbversion); +#endif break; } }

1 0