August 2018 - tbb-commits - lists.torproject.org

[tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! Bug 23247: Communicating security expectations for .onion
by gk＠torproject.org 30 Aug '18

30 Aug '18

commit 4f22857f926d1e35d22709a247cca0aa3f8e560f Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Aug 29 21:43:38 2018 -0700 fixup! Bug 23247: Communicating security expectations for .onion The mixed content blocker should not block a directly-loaded image from a .onion domain. We need to detect this situation earlier in nsMixedContentBlocker::ShouldLoad. --- dom/security/nsMixedContentBlocker.cpp | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index 7b0e5088a4de..c8f850e1300c 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -726,6 +726,17 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, } } + bool isHttpScheme = false; + rv = innerContentLocation->SchemeIs("http", &isHttpScheme); + NS_ENSURE_SUCCESS(rv, rv); + + // .onion URLs are encrypted and authenticated. Don't treat them as mixed + // content if potentially trustworthy (i.e. whitelisted). + if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { + *aDecision = ACCEPT; + return NS_OK; + } + nsCOMPtr<nsIDocShell> docShell = NS_CP_GetDocShellFromContext(aRequestingContext); NS_ENSURE_TRUE(docShell, NS_OK); @@ -746,10 +757,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - bool isHttpScheme = false; - rv = innerContentLocation->SchemeIs("http", &isHttpScheme); - NS_ENSURE_SUCCESS(rv, rv); - // Loopback origins are not considered mixed content even over HTTP. See: // https://w3c.github.io/webappsec-mixed-content/#should-block-fetch if (isHttpScheme && @@ -758,13 +765,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - // .onion URLs are encrypted and authenticated. Don't treat them as mixed - // content if potentially trustworthy (i.e. whitelisted). - if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { - *aDecision = ACCEPT; - return NS_OK; - } - // The page might have set the CSP directive 'upgrade-insecure-requests'. In such // a case allow the http: load to succeed with the promise that the channel will // get upgraded to https before fetching any data from the netwerk.

1 0

[tor-launcher/master] Bug 27392: Update Moat URLs
by gk＠torproject.org 30 Aug '18

30 Aug '18

commit 7779e8a8dbfa81c01a2fbc3be596f851e54176ad Author: Georg Koppen <gk(a)torproject.org> Date: Thu Aug 30 20:49:15 2018 +0000 Bug 27392: Update Moat URLs --- src/defaults/preferences/prefs.js | 6 +++--- src/install.rdf | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/defaults/preferences/prefs.js b/src/defaults/preferences/prefs.js index 938e1b8..dcddb1b 100644 --- a/src/defaults/preferences/prefs.js +++ b/src/defaults/preferences/prefs.js @@ -46,9 +46,9 @@ pref("extensions.torlauncher.torrc_path", ""); pref("extensions.torlauncher.tordatadir_path", ""); // BridgeDB-related preferences (used for Moat). -pref("extensions.torlauncher.bridgedb_front", "dontbeevil.appspot.com"); -pref("extensions.torlauncher.bridgedb_reflector", "https://tor-bridges-hyphae-channel.appspot.com"); -pref("extensions.torlauncher.moat_service", "https://bridges.torproject.org/moat"); +pref("extensions.torlauncher.bridgedb_front", "ajax.aspnetcdn.com"); +pref("extensions.torlauncher.bridgedb_reflector", "https://onionquiche.azureedge.net/"); +pref("extensions.torlauncher.moat_service", "https://moat.onionlab.eu/moat"); pref("extensions.torlauncher.bridgedb_bridge_type", "obfs4"); // Recommended default bridge type (can be set per localized bundle). diff --git a/src/install.rdf b/src/install.rdf index e7d7cc9..bb5ab52 100644 --- a/src/install.rdf +++ b/src/install.rdf @@ -7,7 +7,7 @@ <em:creator>The Tor Project, Inc.</em:creator> <em:contributor>Pearl Crescent, LLC</em:contributor> <em:id>tor-launcher(a)torproject.org</em:id> - <em:version>0.2.16.2</em:version> + <em:version>0.2.16.3</em:version> <em:multiprocessCompatible>true</em:multiprocessCompatible> <em:homepageURL>https://www.torproject.org/projects/torbrowser.html</em:homepageURL> <em:updateURL>data:text/plain,</em:updateURL>

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 26381: about:tor page does not load on first start on Windows and
by gk＠torproject.org 30 Aug '18

30 Aug '18

commit b8dcb4f1ab5f06017cee025a2ad35cd17d869679 Author: Richard Pospesel <richard(a)torproject.org> Date: Wed Aug 29 15:27:40 2018 -0700 Bug 26381: about:tor page does not load on first start on Windows and browser is stuck in endless reload cycle The problem goes away when the security.sandbox.content.level pref is set to 2. This patch sets the option on Windows only to work around this issue until the root cause is found and fixed. --- browser/app/profile/000-tor-browser.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 2b5ebe8cf949..b7c2ff8207f2 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -330,6 +330,11 @@ pref("browser.onboarding.newtour", "welcome,privacy,tor-network,circuit-display, pref("browser.onboarding.updatetour", "welcome,privacy,tor-network,circuit-display,security,expect-differences,onion-services"); pref("browser.onboarding.skip-tour-button.hide", true); +#ifdef XP_WIN +// For now, reduce sandboxing level to 2 (see #26381). +pref("security.sandbox.content.level", 2); +#endif + #ifdef TOR_BROWSER_VERSION #expand pref("torbrowser.version", __TOR_BROWSER_VERSION__); #endif

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] Bug 26670: Make canvas permission respect FPI
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit 79db24856a23ec7ae1f6d8cf46919a499ae5bb9f Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Aug 29 09:56:57 2018 -0700 Bug 26670: Make canvas permission respect FPI --- browser/base/content/browser.js | 21 ++++++++++++--------- dom/canvas/CanvasUtils.cpp | 23 ++++++++++++++++------- dom/ipc/PBrowser.ipdl | 4 ++-- dom/ipc/TabParent.cpp | 4 ++-- dom/ipc/TabParent.h | 2 +- 5 files changed, 33 insertions(+), 21 deletions(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index fbfbf3e809ca..443619533567 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -6824,7 +6824,7 @@ var CanvasPermissionPromptHelper = { }, // aSubject is an nsIBrowser (e10s) or an nsIDOMWindow (non-e10s). - // aData is an URL string. + // aData is an Origin string. observe(aSubject, aTopic, aData) { if (aTopic != this._permissionsPrompt) { return; @@ -6838,7 +6838,6 @@ var CanvasPermissionPromptHelper = { browser = aSubject.QueryInterface(Ci.nsIBrowser); } - let uri = Services.io.newURI(aData); if (gBrowser.selectedBrowser !== browser) { // Must belong to some other window. return; @@ -6846,17 +6845,21 @@ var CanvasPermissionPromptHelper = { let message = gNavigatorBundle.getFormattedString("canvas.siteprompt", ["<>"], 1); - function setCanvasPermission(aURI, aPerm, aPersistent) { - Services.perms.add(aURI, "canvas", aPerm, - aPersistent ? Ci.nsIPermissionManager.EXPIRE_NEVER - : Ci.nsIPermissionManager.EXPIRE_SESSION); + let principal = Services.scriptSecurityManager + .createCodebasePrincipalFromOrigin(aData); + + function setCanvasPermission(aPerm, aPersistent) { + Services.perms.addFromPrincipal( + principal, "canvas", aPerm, + aPersistent ? Ci.nsIPermissionManager.EXPIRE_NEVER + : Ci.nsIPermissionManager.EXPIRE_SESSION); } let mainAction = { label: gNavigatorBundle.getString("canvas.allow"), accessKey: gNavigatorBundle.getString("canvas.allow.accesskey"), callback(state) { - setCanvasPermission(uri, Ci.nsIPermissionManager.ALLOW_ACTION, + setCanvasPermission(Ci.nsIPermissionManager.ALLOW_ACTION, state && state.checkboxChecked); } }; @@ -6865,7 +6868,7 @@ var CanvasPermissionPromptHelper = { label: gNavigatorBundle.getString("canvas.notAllow"), accessKey: gNavigatorBundle.getString("canvas.notAllow.accesskey"), callback(state) { - setCanvasPermission(uri, Ci.nsIPermissionManager.DENY_ACTION, + setCanvasPermission(Ci.nsIPermissionManager.DENY_ACTION, state && state.checkboxChecked); } }]; @@ -6881,7 +6884,7 @@ var CanvasPermissionPromptHelper = { let options = { checkbox, - name: uri.asciiHost, + name: principal.URI.host, learnMoreURL: Services.urlFormatter.formatURLPref("app.support.baseURL") + "fingerprint-permission", }; PopupNotifications.show(browser, aTopic, message, this._notificationIcon, diff --git a/dom/canvas/CanvasUtils.cpp b/dom/canvas/CanvasUtils.cpp index 0a8d7f0e2e59..ca8d91d92181 100644 --- a/dom/canvas/CanvasUtils.cpp +++ b/dom/canvas/CanvasUtils.cpp @@ -58,8 +58,13 @@ bool IsImageExtractionAllowed(nsIDocument *aDocument, JSContext *aCx) // Documents with system principal can always extract canvas data. nsPIDOMWindowOuter *win = aDocument->GetWindow(); nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(win)); - if (sop && nsContentUtils::IsSystemPrincipal(sop->GetPrincipal())) { - return true; + if (!sop) { + return false; + } + + nsCOMPtr<nsIPrincipal> principal(sop->GetPrincipal()); + if (principal && nsContentUtils::IsSystemPrincipal(principal)) { + return true; } // Always give permission to chrome scripts (e.g. Page Inspector). @@ -127,9 +132,9 @@ bool IsImageExtractionAllowed(nsIDocument *aDocument, JSContext *aCx) // Check if the site has permission to extract canvas data. // Either permit or block extraction if a stored permission setting exists. uint32_t permission; - rv = permissionManager->TestPermission(topLevelDocURI, - PERMISSION_CANVAS_EXTRACT_DATA, - &permission); + rv = permissionManager->TestPermissionFromPrincipal(principal, + PERMISSION_CANVAS_EXTRACT_DATA, + &permission); NS_ENSURE_SUCCESS(rv, false); switch (permission) { case nsIPermissionManager::ALLOW_ACTION: @@ -165,16 +170,20 @@ bool IsImageExtractionAllowed(nsIDocument *aDocument, JSContext *aCx) nsContentUtils::LogMessageToConsole(message.get()); // Prompt the user (asynchronous). + nsAutoCString origin; + rv = principal->GetOrigin(origin); + NS_ENSURE_SUCCESS(rv, false); + if (XRE_IsContentProcess()) { TabChild* tabChild = TabChild::GetFrom(win); if (tabChild) { - tabChild->SendShowCanvasPermissionPrompt(topLevelDocURISpec); + tabChild->SendShowCanvasPermissionPrompt(origin); } } else { nsCOMPtr<nsIObserverService> obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT, - NS_ConvertUTF8toUTF16(topLevelDocURISpec).get()); + NS_ConvertUTF8toUTF16(origin).get()); } } diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl index 024ebc5b6cf7..118eaf15af1f 100644 --- a/dom/ipc/PBrowser.ipdl +++ b/dom/ipc/PBrowser.ipdl @@ -579,9 +579,9 @@ parent: * This function is used to notify the parent that it should display a * canvas permission prompt. * - * @param aFirstPartyURI first party of the tab that is requesting access. + * @param aOrigin origin string of the document that is requesting access. */ - async ShowCanvasPermissionPrompt(nsCString aFirstPartyURI); + async ShowCanvasPermissionPrompt(nsCString aOrigin); child: /** diff --git a/dom/ipc/TabParent.cpp b/dom/ipc/TabParent.cpp index 86bb854962be..d8f4567626e1 100644 --- a/dom/ipc/TabParent.cpp +++ b/dom/ipc/TabParent.cpp @@ -3567,7 +3567,7 @@ TabParent::RecvLookUpDictionary(const nsString& aText, } mozilla::ipc::IPCResult -TabParent::RecvShowCanvasPermissionPrompt(const nsCString& aFirstPartyURI) +TabParent::RecvShowCanvasPermissionPrompt(const nsCString& aOrigin) { nsCOMPtr<nsIBrowser> browser = do_QueryInterface(mFrameElement); if (!browser) { @@ -3580,7 +3580,7 @@ TabParent::RecvShowCanvasPermissionPrompt(const nsCString& aFirstPartyURI) return IPC_FAIL_NO_REASON(this); } nsresult rv = os->NotifyObservers(browser, "canvas-permissions-prompt", - NS_ConvertUTF8toUTF16(aFirstPartyURI).get()); + NS_ConvertUTF8toUTF16(aOrigin).get()); if (NS_FAILED(rv)) { return IPC_FAIL_NO_REASON(this); } diff --git a/dom/ipc/TabParent.h b/dom/ipc/TabParent.h index 7d62663835d7..6f3d6de10c10 100644 --- a/dom/ipc/TabParent.h +++ b/dom/ipc/TabParent.h @@ -631,7 +631,7 @@ protected: virtual mozilla::ipc::IPCResult RecvGetTabCount(uint32_t* aValue) override; - virtual mozilla::ipc::IPCResult RecvShowCanvasPermissionPrompt(const nsCString& aFirstPartyURI) override; + virtual mozilla::ipc::IPCResult RecvShowCanvasPermissionPrompt(const nsCString& aOrigin) override; ContentCacheInParent mContentCache;

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit 3c6862f6cc8a7dc59b9eba41638100638ecb33b0 Author: Georg Koppen <gk(a)torproject.org> Date: Tue Aug 28 21:51:27 2018 +0000 fixup! TB4: Tor Browser's Firefox preference overrides. Disable wasm for now until we have it properly reviewed in #21549. --- browser/app/profile/000-tor-browser.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 17c9d614b61c..2b5ebe8cf949 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -231,6 +231,8 @@ pref("mathml.disabled", false); // Until we address at least the linkability concerns in #19417 let's disable // asmjs. pref("javascript.options.asmjs", false); +// Unless we audit wasm properly in #21549 let's disable it. +pref("javascript.options.wasm", false); // Mozilla keeps still finding critical bugs in Graphite code. Disable it for // now, see bug 21726. pref("gfx.font_rendering.graphite.enabled", false);

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit d7442e6576b00951a7e60b97cb3308da17caa996 Author: Georg Koppen <gk(a)torproject.org> Date: Tue Aug 28 21:57:47 2018 +0000 fixup! TB4: Tor Browser's Firefox preference overrides. Disable WebVR for now until we have it properly audited in #21607. --- browser/app/profile/000-tor-browser.js | 1 + 1 file changed, 1 insertion(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 46c56ea0cede..17c9d614b61c 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -151,6 +151,7 @@ pref("media.webspeech.synth.enabled", false); // Bug 10283: Disable SpeechSynthe pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API pref("dom.maxHardwareConcurrency", 1); // Bug 21675: Spoof single-core cpu pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now // Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575) pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now pref("browser.cache.frecency_experiment", -1);

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] squash! Bug 4234: Use the Firefox Update Process for Tor Browser.
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit 7b269d1c44ba383444a1bfed3acb67ab3cac5071 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Aug 22 13:51:29 2018 -0400 squash! Bug 4234: Use the Firefox Update Process for Tor Browser. Also fix bug 27221: purge the startup cache if the Tor Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Tor Browser update. --- toolkit/xre/nsAppRunner.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index d036bc915c80..1000014aedd0 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3208,6 +3208,13 @@ CheckCompatibility(nsIFile* aProfileDir, const nsCString& aVersion, if (NS_FAILED(rv) || !aVersion.Equals(buf)) return false; +#ifdef TOR_BROWSER_VERSION + nsAutoCString tbVersion(TOR_BROWSER_VERSION); + rv = parser.GetString("Compatibility", "LastTorBrowserVersion", buf); + if (NS_FAILED(rv) || !tbVersion.Equals(buf)) + return false; +#endif + rv = parser.GetString("Compatibility", "LastOSABI", buf); if (NS_FAILED(rv) || !aOSABI.Equals(buf)) return false; @@ -3304,6 +3311,13 @@ WriteVersion(nsIFile* aProfileDir, const nsCString& aVersion, PR_Write(fd, kHeader, sizeof(kHeader) - 1); PR_Write(fd, aVersion.get(), aVersion.Length()); +#ifdef TOR_BROWSER_VERSION + nsAutoCString tbVersion(TOR_BROWSER_VERSION); + static const char kTorBrowserVersionHeader[] = NS_LINEBREAK "LastTorBrowserVersion="; + PR_Write(fd, kTorBrowserVersionHeader, sizeof(kTorBrowserVersionHeader) - 1); + PR_Write(fd, tbVersion.get(), tbVersion.Length()); +#endif + static const char kOSABIHeader[] = NS_LINEBREAK "LastOSABI="; PR_Write(fd, kOSABIHeader, sizeof(kOSABIHeader) - 1); PR_Write(fd, aOSABI.get(), aOSABI.Length());

1 0

[torbutton/master] Bug 26520: Fix sec slider/NoScript for TOR_SKIP_LAUNCH=1
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit 931f0659c42fe317fd8ccae0d9210f8814dcf8ea Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Mon Jul 16 17:58:33 2018 -0700 Bug 26520: Fix sec slider/NoScript for TOR_SKIP_LAUNCH=1 We need to wait for NoScript to have launched before we send the first settings message from the security slider. So wait for NoScript to send us a message first. --- src/modules/noscript-control.js | 75 ++++++++++++++++++++++++----------------- 1 file changed, 44 insertions(+), 31 deletions(-) diff --git a/src/modules/noscript-control.js b/src/modules/noscript-control.js index 196d14c2..14f78c49 100644 --- a/src/modules/noscript-control.js +++ b/src/modules/noscript-control.js @@ -9,6 +9,9 @@ const { LegacyExtensionContext } = Cu.import("resource://gre/modules/LegacyExtensionsUtils.jsm", {}); const { bindPrefAndInit } = Cu.import("resource://torbutton/modules/utils.js", {}); +let logger = Components.classes["@torproject.org/torbutton-logger;1"] + .getService(Components.interfaces.nsISupports).wrappedJSObject; +let log = (level, msg) => logger.log(level, msg); // ## NoScript settings @@ -80,34 +83,6 @@ let noscriptSettings = safetyLevel => ( // The extension ID for NoScript (WebExtension) const noscriptID = "{73a6fe31-595d-460b-a920-fcc0f8843232}"; -// A mock extension object that can communicate with another extension -// via the WebExtensions sendMessage/onMessage mechanism. -let extensionContext = new LegacyExtensionContext({ id : noscriptID }); - -// The component that handles WebExtensions' sendMessage. -let messageManager = extensionContext.messenger.messageManagers[0]; - -// __setNoScriptSettings(settings)__. -// NoScript listens for internal settings with onMessage. We can send -// a new settings JSON object according to NoScript's -// protocol and these are accepted! See the use of -// `browser.runtime.onMessage.addListener(...)` in NoScript's bg/main.js. -let sendNoScriptSettings = settings => - extensionContext.messenger.sendMessage(messageManager, settings, noscriptID); - -// __setNoScriptSafetyLevel(safetyLevel)__. -// Set NoScript settings according to a particular safety level -// (security slider level): 0 = Standard, 1 = Safer, 2 = Safest -let setNoScriptSafetyLevel = safetyLevel => - sendNoScriptSettings(noscriptSettings(safetyLevel)); - -// ## Slider binding - -// __securitySliderToSafetyLevel(sliderState)__. -// Converts the "extensions.torbutton.security_slider" pref value -// to a "safety level" value: 0 = Standard, 1 = Safer, 2 = Safest -let securitySliderToSafetyLevel = sliderState => [undefined, 2, 1, 1, 0][sliderState]; - // Ensure binding only occurs once. let initialized = false; @@ -119,9 +94,47 @@ var initialize = () => { return; } initialized = true; - bindPrefAndInit( - "extensions.torbutton.security_slider", - sliderState => setNoScriptSafetyLevel(securitySliderToSafetyLevel(sliderState))); + + try { + // A mock extension object that can communicate with another extension + // via the WebExtensions sendMessage/onMessage mechanism. + let extensionContext = new LegacyExtensionContext({ id : noscriptID }); + + // The component that handles WebExtensions' sendMessage. + let messageManager = extensionContext.messenger.messageManagers[0]; + + // __setNoScriptSettings(settings)__. + // NoScript listens for internal settings with onMessage. We can send + // a new settings JSON object according to NoScript's + // protocol and these are accepted! See the use of + // `browser.runtime.onMessage.addListener(...)` in NoScript's bg/main.js. + let sendNoScriptSettings = settings => + extensionContext.messenger.sendMessage(messageManager, settings, noscriptID); + + // __setNoScriptSafetyLevel(safetyLevel)__. + // Set NoScript settings according to a particular safety level + // (security slider level): 0 = Standard, 1 = Safer, 2 = Safest + let setNoScriptSafetyLevel = safetyLevel => + sendNoScriptSettings(noscriptSettings(safetyLevel)); + + // __securitySliderToSafetyLevel(sliderState)__. + // Converts the "extensions.torbutton.security_slider" pref value + // to a "safety level" value: 0 = Standard, 1 = Safer, 2 = Safest + let securitySliderToSafetyLevel = sliderState => + [undefined, 2, 1, 1, 0][sliderState]; + + // Wait for the first message from NoScript to arrive, and then + // bind the security_slider pref to the NoScript settings. + let messageListener = (a,b,c) => { + extensionContext.api.browser.runtime.onMessage.removeListener(messageListener); + bindPrefAndInit( + "extensions.torbutton.security_slider", + sliderState => setNoScriptSafetyLevel(securitySliderToSafetyLevel(sliderState))); + }; + extensionContext.api.browser.runtime.onMessage.addListener(messageListener); + } catch (e) { + log(5, e.message); + } }; // Export initialize() function for external use.

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] fixup! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit 6417fe352cdd2275664870ce0003fe3dfd2561eb Author: Georg Koppen <gk(a)torproject.org> Date: Tue Aug 28 22:23:19 2018 +0000 fixup! TB4: Tor Browser's Firefox preference overrides. Disable the Web Authentication API for now until we have it evaluated in #26614. --- browser/app/profile/000-tor-browser.js | 1 + 1 file changed, 1 insertion(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 7a0d26aa53cf..46c56ea0cede 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -152,6 +152,7 @@ pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API pref("dom.maxHardwareConcurrency", 1); // Bug 21675: Spoof single-core cpu pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API // Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575) +pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now pref("browser.cache.frecency_experiment", -1); // Third party stuff

1 0

[tor-browser/tor-browser-60.1.0esr-8.0-1] squash! TB4: Tor Browser's Firefox preference overrides.
by gk＠torproject.org 29 Aug '18

29 Aug '18

commit cc1c7ef7e3c4767e5a505fe791a9026855384bb4 Author: Georg Koppen <gk(a)torproject.org> Date: Tue Aug 28 22:32:00 2018 +0000 squash! TB4: Tor Browser's Firefox preference overrides. Enable ReaderView mode again (#27281). --- browser/app/profile/000-tor-browser.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 082b69a11ffe..7a0d26aa53cf 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -146,10 +146,6 @@ pref("privacy.resistFingerprinting.block_mozAddonManager", true); // Bug 26114 pref("dom.event.highrestimestamp.enabled", true); // Bug #17046: "Highres" (but truncated) timestamps prevent uptime leaks pref("privacy.suppressModifierKeyEvents", true); // Bug #17009: Suppress ALT and SHIFT events" pref("ui.use_standins_for_native_colors", true); // https://bugzilla.mozilla.org/232227 -// Make Reader View users uniform if they really want to use that feature. See -// bug 18950 for more details. -pref("browser.reader.detectedFirstArticle", true); -pref("reader.parse-on-load.enabled", false); pref("privacy.use_utc_timezone", true); pref("media.webspeech.synth.enabled", false); // Bug 10283: Disable SpeechSynthesis API pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API

1 0