October 2023 - tbb-commits - lists.torproject.org

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 20 Oct '23

20 Oct '23

ma1 pushed to branch mullvad-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 7898b29a by hackademix at 2023-10-20T15:46:41+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42182: avoid reloading any search engine extension. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -415,10 +415,13 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { async reloadAddons() { logger.info("Reloading add-ons to clear their temporary state."); // Reload all active extensions except search engines, which would throw. - const addons = ( - await AddonManager.getAddonsByTypes(["extension"]) - ).filter(a => a.isActive && !a.id.endsWith("@search.mozilla.org")); - await Promise.all(addons.map(a => a.reload())); + const addons = await AddonManager.getAddonsByTypes(["extension"]); + const isSearchEngine = async addon => + (await (await fetch(addon.getResourceURI("manifest.json").spec)).json()) + ?.chrome_settings_overrides?.search_provider; + const reloadIfNeeded = async addon => + addon.isActive && !(await isSearchEngine(addon)) && addon.reload(); + await Promise.all(addons.map(addon => reloadIfNeeded(addon))); } // Broadcast as a hook to clear other data View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/789… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/789… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.4.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 20 Oct '23

20 Oct '23

ma1 pushed to branch base-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: a78a919d by hackademix at 2023-10-20T15:45:50+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42182: avoid reloading any search engine extension. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -415,10 +415,13 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { async reloadAddons() { logger.info("Reloading add-ons to clear their temporary state."); // Reload all active extensions except search engines, which would throw. - const addons = ( - await AddonManager.getAddonsByTypes(["extension"]) - ).filter(a => a.isActive && !a.id.endsWith("@search.mozilla.org")); - await Promise.all(addons.map(a => a.reload())); + const addons = await AddonManager.getAddonsByTypes(["extension"]); + const isSearchEngine = async addon => + (await (await fetch(addon.getResourceURI("manifest.json").spec)).json()) + ?.chrome_settings_overrides?.search_provider; + const reloadIfNeeded = async addon => + addon.isActive && !(await isSearchEngine(addon)) && addon.reload(); + await Promise.all(addons.map(addon => reloadIfNeeded(addon))); } // Broadcast as a hook to clear other data View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a78a919… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a78a919… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.0-1] fixup! Bug 40926: Implemented the New Identity feature
by ma1 (＠ma1) 20 Oct '23

20 Oct '23

ma1 pushed to branch tor-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 46614757 by hackademix at 2023-10-20T15:38:29+02:00 fixup! Bug 40926: Implemented the New Identity feature Bug 42182: avoid reloading any search engine extension. - - - - - 1 changed file: - browser/components/newidentity/content/newidentity.js Changes: ===================================== browser/components/newidentity/content/newidentity.js ===================================== @@ -415,10 +415,13 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityButton", () => { async reloadAddons() { logger.info("Reloading add-ons to clear their temporary state."); // Reload all active extensions except search engines, which would throw. - const addons = ( - await AddonManager.getAddonsByTypes(["extension"]) - ).filter(a => a.isActive && !a.id.endsWith("@search.mozilla.org")); - await Promise.all(addons.map(a => a.reload())); + const addons = await AddonManager.getAddonsByTypes(["extension"]); + const isSearchEngine = async addon => + (await (await fetch(addon.getResourceURI("manifest.json").spec)).json()) + ?.chrome_settings_overrides?.search_provider; + const reloadIfNeeded = async addon => + addon.isActive && !(await isSearchEngine(addon)) && addon.reload(); + await Promise.all(addons.map(addon => reloadIfNeeded(addon))); } // Broadcast as a hook to clear other data View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4661475… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4661475… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 40989: Add .nobackup files to reproducible and disposable directories
by boklm (＠boklm) 20 Oct '23

20 Oct '23

boklm pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build Commits: 6fdfa43f by Richard Pospesel at 2023-10-20T08:18:52+02:00 Bug 40989: Add .nobackup files to reproducible and disposable directories - - - - - 7 changed files: - + git_clones/.nobackup - + hg_clones/.nobackup - + mullvadbrowser/.nobackup - + out/.nobackup - + testbuild/.nobackup - + tmp/.nobackup - + torbrowser/.nobackup Changes: ===================================== git_clones/.nobackup ===================================== ===================================== hg_clones/.nobackup ===================================== ===================================== mullvadbrowser/.nobackup ===================================== ===================================== out/.nobackup ===================================== ===================================== testbuild/.nobackup ===================================== ===================================== tmp/.nobackup ===================================== ===================================== torbrowser/.nobackup ===================================== View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40989: Add .nobackup files to reproducible and disposable directories
by boklm (＠boklm) 20 Oct '23

20 Oct '23

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 6ed1f805 by Richard Pospesel at 2023-10-19T21:08:33+00:00 Bug 40989: Add .nobackup files to reproducible and disposable directories - - - - - 7 changed files: - + git_clones/.nobackup - + hg_clones/.nobackup - + mullvadbrowser/.nobackup - + out/.nobackup - + testbuild/.nobackup - + tmp/.nobackup - + torbrowser/.nobackup Changes: ===================================== git_clones/.nobackup ===================================== ===================================== hg_clones/.nobackup ===================================== ===================================== mullvadbrowser/.nobackup ===================================== ===================================== out/.nobackup ===================================== ===================================== testbuild/.nobackup ===================================== ===================================== tmp/.nobackup ===================================== ===================================== torbrowser/.nobackup ===================================== View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] 2 commits: fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser
by ma1 (＠ma1) 19 Oct '23

19 Oct '23

ma1 pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 365b399d by Henry Wilkes at 2023-10-19T16:09:40+01:00 fixup! Bug 27476: Implement about:torconnect captive portal within Tor Browser Bug 42184: Make torconnect redirect compatible with blank home page. - - - - - 8982a325 by Henry Wilkes at 2023-10-19T16:09:41+01:00 fixup! Bug 40597: Implement TorSettings module Bug 42184: Split out URI fixup logic to fixupURIs and simplify. This method is used in TorConnectParent to fixup the home page preference. - - - - - 4 changed files: - browser/components/torconnect/TorConnectChild.sys.mjs - browser/components/torconnect/TorConnectParent.sys.mjs - browser/components/torconnect/content/aboutTorConnect.js - browser/modules/TorConnect.sys.mjs Changes: ===================================== browser/components/torconnect/TorConnectChild.sys.mjs ===================================== @@ -2,4 +2,78 @@ import { RemotePageChild } from "resource://gre/actors/RemotePageChild.sys.mjs"; -export class TorConnectChild extends RemotePageChild {} +export class TorConnectChild extends RemotePageChild { + /** + * Whether we have redirected the page (after bootstrapping) or not. + * + * @type {boolean} + */ + #redirected = false; + + /** + * If bootstrapping is complete, or TorConnect is disabled, we redirect the + * page. + */ + async #maybeRedirect() { + if (await this.sendQuery("torconnect:should-show")) { + // Enabled and not yet bootstrapped. + return; + } + if (this.#redirected) { + return; + } + this.#redirected = true; + + const redirect = new URLSearchParams( + new URL(this.contentWindow.document.location.href).search + ).get("redirect"); + + // Fallback in error cases: + let replaceURI = "about:tor"; + try { + const url = new URL( + redirect + ? decodeURIComponent(redirect) + : // NOTE: We expect no redirect when address is entered manually, or + // about:torconnect is opened from preferences or urlbar. + // Go to the home page. + await this.sendQuery("torconnect:home-page") + ); + // Do not allow javascript URI. See tor-browser#41766 + if ( + ["about:", "file:", "https:", "http:"].includes(url.protocol) || + // Allow blank page. See tor-browser#42184. + // Blank page's are given as a chrome URL rather than "about:blank". + url.href === "chrome://browser/content/blanktab.html" + ) { + replaceURI = url.href; + } else { + console.error(`Scheme is not allowed "${redirect}"`); + } + } catch { + console.error(`Invalid redirect URL "${redirect}"`); + } + + // Replace the destination to prevent "about:torconnect" entering the + // history. + // NOTE: This is done here, in the window actor, rather than in content + // because we have the privilege to redirect to a "chrome:" uri here (for + // when the HomePage is set to be blank). + this.contentWindow.location.replace(replaceURI); + } + + actorCreated() { + super.actorCreated(); + // about:torconnect could need to be immediately redirected. E.g. if it is + // reached after bootstrapping. + this.#maybeRedirect(); + } + + receiveMessage(message) { + super.receiveMessage(message); + + if (message.name === "torconnect:state-change") { + this.#maybeRedirect(); + } + } +} ===================================== browser/components/torconnect/TorConnectParent.sys.mjs ===================================== @@ -1,5 +1,7 @@ // Copyright (c) 2021, The Tor Project, Inc. +import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs"; + const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); import { InternetStatus, @@ -15,6 +17,12 @@ import { const BroadcastTopic = "about-torconnect:broadcast"; +const lazy = {}; + +XPCOMUtils.defineLazyModuleGetters(lazy, { + HomePage: "resource:///modules/HomePage.jsm", +}); + /* This object is basically a marshalling interface between the TorConnect module and a particular about:torconnect page @@ -167,6 +175,11 @@ export class TorConnectParent extends JSWindowActorParent { async receiveMessage(message) { switch (message.name) { + case "torconnect:should-show": + return Promise.resolve(TorConnect.shouldShowTorConnect); + case "torconnect:home-page": + // If there are multiple home pages, just load the first one. + return Promise.resolve(TorConnect.fixupURIs(lazy.HomePage.get())[0]); case "torconnect:set-quickstart": TorSettings.quickstart.enabled = message.data; TorSettings.saveToPrefs().applySettings(); ===================================== browser/components/torconnect/content/aboutTorConnect.js ===================================== @@ -136,10 +136,6 @@ class AboutTorConnect { tryBridgeButton: document.querySelector(this.selectors.buttons.tryBridge), }); - // a redirect url can be passed as a query parameter for the page to - // forward us to once bootstrap completes (otherwise the window will just close) - redirect = null; - uiState = { currentState: UIStates.ConnectToTor, allowAutomaticLocation: true, @@ -425,11 +421,6 @@ class AboutTorConnect { this.setLongText(TorStrings.settings.torPreferencesDescription); this.setProgress("", showProgressbar, 100); this.hideButtons(); - - // redirects page to the requested redirect url, removes about:torconnect - // from the page stack, so users cannot accidentally go 'back' to the - // now unresponsive page - window.location.replace(this.redirect); } update_Disabled(state) { @@ -822,23 +813,6 @@ class AboutTorConnect { } async init() { - // if the user gets here manually or via the button in the urlbar - // then we will redirect to about:tor - this.redirect = "about:tor"; - - // see if a user has a final destination after bootstrapping - let params = new URLSearchParams(new URL(document.location.href).search); - if (params.has("redirect")) { - try { - const redirect = new URL(decodeURIComponent(params.get("redirect"))); - if (/^(?:https?|about):$/.test(redirect.protocol)) { - this.redirect = redirect.href; - } - } catch (e) { - console.error(e, `Invalid redirect URL "${params.get("redirect")}"!`); - } - } - let args = await RPMSendQuery("torconnect:get-init-args"); // various constants ===================================== browser/modules/TorConnect.sys.mjs ===================================== @@ -1156,67 +1156,54 @@ export const TorConnect = (() => { return `about:torconnect?redirect=${encodeURIComponent(url)}`; }, + /** + * Convert the given object into a list of valid URIs. + * + * The object is either from the user's homepage preference (which may + * contain multiple domains separated by "|") or uris passed to the browser + * via command-line. + * + * @param {string|string[]} uriVariant - The string to extract uris from. + * + * @return {string[]} - The array of uris found. + */ + fixupURIs(uriVariant) { + let uriArray; + if (typeof uriVariant === "string") { + uriArray = uriVariant.split("|"); + } else if ( + Array.isArray(uriVariant) && + uriVariant.every(entry => typeof entry === "string") + ) { + uriArray = uriVariant; + } else { + // about:tor as safe fallback + console.error( + `TorConnect: received unknown variant '${JSON.stringify(uriVariant)}'` + ); + uriArray = ["about:tor"]; + } + + // Attempt to convert user-supplied string to a uri, fallback to + // about:tor if cannot convert to valid uri object + return uriArray.map( + uriString => + Services.uriFixup.getFixupURIInfo( + uriString, + Ci.nsIURIFixup.FIXUP_FLAG_NONE + ).preferredURI?.spec ?? "about:tor" + ); + }, + // called from browser.js on browser startup, passed in either the user's homepage(s) // or uris passed via command-line; we want to replace them with about:torconnect uris // which redirect after bootstrapping getURIsToLoad(uriVariant) { - // convert the object we get from browser.js - let uriStrings = (v => { - // an interop array - if (v instanceof Ci.nsIArray) { - // Transform the nsIArray of nsISupportsString's into a JS Array of - // JS strings. - return Array.from( - v.enumerate(Ci.nsISupportsString), - supportStr => supportStr.data - ); - // an interop string - } else if (v instanceof Ci.nsISupportsString) { - return [v.data]; - // a js string - } else if (typeof v === "string") { - return v.split("|"); - // a js array of js strings - } else if ( - Array.isArray(v) && - v.reduce((allStrings, entry) => { - return allStrings && typeof entry === "string"; - }, true) - ) { - return v; - } - // about:tor as safe fallback - console.log( - `TorConnect: getURIsToLoad() received unknown variant '${JSON.stringify( - v - )}'` - ); - return ["about:tor"]; - })(uriVariant); - - // will attempt to convert user-supplied string to a uri, fallback to about:tor if cannot convert - // to valid uri object - let uriStringToUri = uriString => { - const fixupFlags = Ci.nsIURIFixup.FIXUP_FLAG_NONE; - let uri = Services.uriFixup.getFixupURIInfo( - uriString, - fixupFlags - ).preferredURI; - return uri ? uri : Services.io.newURI("about:tor"); - }; - let uris = uriStrings.map(uriStringToUri); - - // assume we have a valid uri and generate an about:torconnect redirect uri - let redirectUrls = uris.map(uri => this.getRedirectURL(uri.spec)); - + const uris = this.fixupURIs(uriVariant); console.log( - `TorConnect: Will load after bootstrap => [${uris - .map(uri => { - return uri.spec; - }) - .join(", ")}]` + `TorConnect: Will load after bootstrap => [${uris.join(", ")}]` ); - return redirectUrls; + return uris.map(uri => this.getRedirectURL(uri)); }, }; return retval; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ef3a54… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ef3a54… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 40983: Bump versions for 13.5.
by Pier Angelo Vendrame (＠pierov) 19 Oct '23

19 Oct '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 04fb18b1 by Pier Angelo Vendrame at 2023-10-19T09:16:51+02:00 Bug 40983: Bump versions for 13.5. Also, update the MB extension, that was updated only on the 13.0 branch. - - - - - 6c469013 by Pier Angelo Vendrame at 2023-10-19T09:16:57+02:00 Revert "Bug 40933: Add symlinks to have incrementals between 12.5.x and 13.0" This reverts commit a21969281d18941b69a94b994b0797f8b88ad45f. We do not need it anymore, because the latest alphas already used the new naming scheme. - - - - - 8 changed files: - Makefile - projects/browser/config - projects/firefox-android/config - projects/firefox/config - projects/geckoview/config - projects/release/config - − projects/release/link_old_mar_filenames - rbm.conf Changes: ===================================== Makefile ===================================== @@ -183,7 +183,6 @@ torbrowser-testbuild-src: submodule-update torbrowser-incrementals-release: submodule-update $(rbm) build release --step update_responses_config --target release --target create_unsigned_incrementals --target torbrowser tools/update-responses/download_missing_versions release - $(rbm) build release --step link_old_mar_filenames --target release --target torbrowser tools/update-responses/gen_incrementals release $(rbm) build release --step hash_incrementals --target release --target torbrowser @@ -196,7 +195,6 @@ torbrowser-incrementals-release-unsigned: submodule-update torbrowser-incrementals-alpha: submodule-update $(rbm) build release --step update_responses_config --target alpha --target create_unsigned_incrementals --target torbrowser tools/update-responses/download_missing_versions alpha - $(rbm) build release --step link_old_mar_filenames --target alpha --target torbrowser tools/update-responses/gen_incrementals alpha $(rbm) build release --step hash_incrementals --target alpha --target torbrowser @@ -223,14 +221,12 @@ torbrowser-dmg2mar-release: submodule-update $(rbm) build release --step update_responses_config --target release --target signed --target torbrowser $(rbm) build release --step dmg2mar --target release --target signed --target torbrowser tools/update-responses/download_missing_versions release - $(rbm) build release --step link_old_mar_filenames --target release --target torbrowser CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 tools/update-responses/gen_incrementals release torbrowser-dmg2mar-alpha: submodule-update $(rbm) build release --step update_responses_config --target alpha --target signed --target torbrowser $(rbm) build release --step dmg2mar --target alpha --target signed --target torbrowser tools/update-responses/download_missing_versions alpha - $(rbm) build release --step link_old_mar_filenames --target alpha --target torbrowser CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 tools/update-responses/gen_incrementals alpha @@ -515,7 +511,6 @@ mullvadbrowser-testbuild-src: submodule-update mullvadbrowser-incrementals-release: submodule-update $(rbm) build release --step update_responses_config --target release --target create_unsigned_incrementals --target mullvadbrowser tools/update-responses/download_missing_versions release - $(rbm) build release --step link_old_mar_filenames --target release --target mullvadbrowser tools/update-responses/gen_incrementals release $(rbm) build release --step hash_incrementals --target release --target mullvadbrowser @@ -528,7 +523,6 @@ mullvadbrowser-incrementals-release-unsigned: submodule-update mullvadbrowser-incrementals-alpha: submodule-update $(rbm) build release --step update_responses_config --target alpha --target create_unsigned_incrementals --target mullvadbrowser tools/update-responses/download_missing_versions alpha - $(rbm) build release --step link_old_mar_filenames --target alpha --target mullvadbrowser tools/update-responses/gen_incrementals alpha $(rbm) build release --step hash_incrementals --target alpha --target mullvadbrowser @@ -555,14 +549,12 @@ mullvadbrowser-dmg2mar-release: submodule-update $(rbm) build release --step update_responses_config --target release --target signed --target mullvadbrowser $(rbm) build release --step dmg2mar --target release --target signed --target mullvadbrowser tools/update-responses/download_missing_versions release - $(rbm) build release --step link_old_mar_filenames --target release --target mullvadbrowser CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 tools/update-responses/gen_incrementals release mullvadbrowser-dmg2mar-alpha: submodule-update $(rbm) build release --step update_responses_config --target alpha --target signed --target mullvadbrowser $(rbm) build release --step dmg2mar --target alpha --target signed --target mullvadbrowser tools/update-responses/download_missing_versions alpha - $(rbm) build release --step link_old_mar_filenames --target alpha --target mullvadbrowser CHECK_CODESIGNATURE_EXISTS=1 MAR_SKIP_EXISTING=1 tools/update-responses/gen_incrementals alpha ===================================== projects/browser/config ===================================== @@ -95,9 +95,9 @@ input_files: name: ublock-origin sha256sum: e8ee3f9d597a6d42db9d73fe87c1d521de340755fd8bfdd69e41623edfe096d6 enable: '[% c("var/mullvad-browser") %]' - - URL: https://github.com/mullvad/browser-extension/releases/download/v0.8.3-firef… + - URL: https://cdn.mullvad.net/browser-extension/0.8.4/mullvad-browser-extension-0… name: mullvad-extension - sha256sum: e531ce6e809091eb40848874ea9e695bce61196397b6d8238ab582a152e02ac7 + sha256sum: a0057a37482e178331cde7a6fd3c100315fcfc26e804aa37c9281f412d24cb79 enable: '[% c("var/mullvad-browser") %]' - filename: 'gtk3-settings.ini' enable: '[% c("var/linux") %]' ===================================== projects/firefox-android/config ===================================== @@ -15,8 +15,8 @@ container: var: fenix_version: 115.2.1 - browser_branch: 13.0-1 - browser_build: 5 + browser_branch: 13.5-1 + browser_build: 1 variant: Beta # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 1 ===================================== projects/firefox/config ===================================== @@ -14,11 +14,11 @@ container: use_container: 1 var: - firefox_platform_version: 115.3.0 + firefox_platform_version: 115.4.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' - browser_series: '13.0' + browser_series: '13.5' browser_branch: '[% c("var/browser_series") %]-1' - browser_build: 3 + browser_build: 1 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -14,9 +14,9 @@ container: use_container: 1 var: - geckoview_version: 115.3.0esr - browser_branch: 13.0-1 - browser_build: 3 + geckoview_version: 115.4.0esr + browser_branch: 13.5-1 + browser_build: 1 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/release/config ===================================== @@ -243,11 +243,6 @@ steps: debug: 0 input_files: [] update_responses_config: '[% INCLUDE update_responses_config %]' - link_old_mar_filenames: - build_log: '-' - debug: 0 - input_files: [] - link_old_mar_filenames: '[% INCLUDE link_old_mar_filenames %]' create_update_responses_tar: build_log: '-' debug: 0 ===================================== projects/release/link_old_mar_filenames deleted ===================================== @@ -1,19 +0,0 @@ -#!/bin/bash -[% c("var/set_default_env") -%] -# This script is for #40933: -# Fix generating incrementals between 12.5.x and 13.0 -[% FOREACH version = c("var/torbrowser_incremental_from") %] - cd [% shell_quote(path(dest_dir)) %]/[% IF c("var/unsigned_releases_dir") %]un[% END %]signed/[% version %] - test -e [% c("var/project-name") %]-linux-i686-[% version %]_ALL.mar || \ - ln -s [% c("var/project-name") %]-linux32-[% version %]_ALL.mar \ - [% c("var/project-name") %]-linux-i686-[% version %]_ALL.mar - test -e [% c("var/project-name") %]-linux-x86_64-[% version %]_ALL.mar || \ - ln -s [% c("var/project-name") %]-linux64-[% version %]_ALL.mar \ - [% c("var/project-name") %]-linux-x86_64-[% version %]_ALL.mar - test -e [% c("var/project-name") %]-windows-i686-[% version %]_ALL.mar || \ - ln -s [% c("var/project-name") %]-win32-[% version %]_ALL.mar \ - [% c("var/project-name") %]-windows-i686-[% version %]_ALL.mar - test -e [% c("var/project-name") %]-windows-x86_64-[% version %]_ALL.mar || \ - ln -s [% c("var/project-name") %]-win64-[% version %]_ALL.mar \ - [% c("var/project-name") %]-windows-x86_64-[% version %]_ALL.mar -[% END -%] ===================================== rbm.conf ===================================== @@ -81,12 +81,12 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.0a6' + torbrowser_version: '13.5a1' torbrowser_build: 'build1' torbrowser_incremental_from: - - '13.0a3' - '13.0a4' - '13.0a5' + - '13.0a6' updater_enabled: 1 build_mar: 1 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.5-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by richard (＠richard) 18 Oct '23

18 Oct '23

richard pushed to branch mullvad-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 68ee3400 by hackademix at 2023-10-18T21:27:57+00:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42154: empty clipboard content from private windows on exit. - - - - - 2 changed files: - browser/app/profile/001-base-profile.js - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,9 @@ pref("browser.sessionstore.resume_from_crash", false); // Also not needed in PBM at the moment. pref("browser.pagethumbnails.capturing_disabled", true); +// Empty clipboard content from private windows on exit (tor-browser#42154) +pref("browser.privatebrowsing.preserveClipboard", false); + // Enable HTTPS-Only mode (tor-browser#19850) pref("dom.security.https_only_mode", true); // The previous pref automatically sets this to true (see StaticPrefList.yaml), ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -148,6 +148,119 @@ const PRIVATE_BROWSING_EXE_ICON_INDEX = 1; const PREF_PRIVATE_BROWSING_SHORTCUT_CREATED = "browser.privacySegmentation.createdShortcut"; +// Empty clipboard content from private windows on exit +// (tor-browser#42154) +const ClipboardPrivacy = { + _lastClipboardHash: null, + _globalActivation: false, + _isPrivateClipboard: false, + _hasher: null, + + _computeClipboardHash(win = Services.ww.activeWindow) { + const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( + Ci.nsITransferable + ); + trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); + try { + Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); + const clipboardContent = {}; + trans.getAnyTransferData({}, clipboardContent); + const { data } = clipboardContent.value.QueryInterface( + Ci.nsISupportsString + ); + const bytes = new TextEncoder().encode(data); + const hasher = (this._hasher ||= Cc[ + "@mozilla.org/security/hash;1" + ].createInstance(Ci.nsICryptoHash)); + hasher.init(hasher.SHA256); + hasher.update(bytes, bytes.length); + return hasher.finish(true); + } catch (e) {} + return null; + }, + + startup() { + this._lastClipboardHash = this._computeClipboardHash(); + + // Here we track changes in active window / application, + // by filtering focus events and window closures. + const handleActivation = (win, activation) => { + if (activation) { + if (!this._globalActivation) { + // focus changed within this window, bail out. + return; + } + this._globalActivation = false; + } else if (!Services.focus.activeWindow) { + // focus is leaving this window: + // let's track whether it remains within the browser. + lazy.setTimeout(() => { + this._globalActivation = !Services.focus.activeWindow; + }, 100); + } + const clipboardHash = this._computeClipboardHash(win); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + const focusListener = e => + e.isTrusted && handleActivation(e.currentTarget, e.type === "focusin"); + const initWindow = win => { + for (const e of ["focusin", "focusout"]) { + win.addEventListener(e, focusListener); + } + }; + for (const w of Services.ww.getWindowEnumerator()) { + initWindow(w); + } + Services.ww.registerNotification((win, event) => { + switch (event) { + case "domwindowopened": + initWindow(win); + break; + case "domwindowclosed": + handleActivation(win, false); + if ( + this._isPrivateClipboard && + lazy.PrivateBrowsingUtils.isWindowPrivate(win) && + !( + lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + Array.from(Services.ww.getWindowEnumerator()).find(w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) + ) + ) + ) { + // no more private windows, empty private content if needed + this.emptyPrivate(); + } + } + }); + }, + emptyPrivate() { + if ( + this._isPrivateClipboard && + !Services.prefs.getBoolPref( + "browser.privatebrowsing.preserveClipboard", + false + ) && + this._lastClipboardHash === this._computeClipboardHash() + ) { + Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + this._lastClipboardHash = null; + this._isPrivateClipboard = false; + console.log("Private clipboard emptied."); + } + }, +}; + /** * Fission-compatible JSProcess implementations. * Each actor options object takes the form of a ProcessActorOptions dictionary. @@ -1619,6 +1732,8 @@ BrowserGlue.prototype = { lazy.DoHController.init(); + ClipboardPrivacy.startup(); + this._firstWindowTelemetry(aWindow); this._firstWindowLoaded(); @@ -1879,7 +1994,7 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard), // tor-browser#42019 + () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/68e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/68e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.4.0esr-13.5-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by richard (＠richard) 18 Oct '23

18 Oct '23

richard pushed to branch base-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: f3701b57 by hackademix at 2023-10-18T21:25:24+00:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42154: empty clipboard content from private windows on exit. - - - - - 2 changed files: - browser/app/profile/001-base-profile.js - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,9 @@ pref("browser.sessionstore.resume_from_crash", false); // Also not needed in PBM at the moment. pref("browser.pagethumbnails.capturing_disabled", true); +// Empty clipboard content from private windows on exit (tor-browser#42154) +pref("browser.privatebrowsing.preserveClipboard", false); + // Enable HTTPS-Only mode (tor-browser#19850) pref("dom.security.https_only_mode", true); // The previous pref automatically sets this to true (see StaticPrefList.yaml), ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -148,6 +148,119 @@ const PRIVATE_BROWSING_EXE_ICON_INDEX = 1; const PREF_PRIVATE_BROWSING_SHORTCUT_CREATED = "browser.privacySegmentation.createdShortcut"; +// Empty clipboard content from private windows on exit +// (tor-browser#42154) +const ClipboardPrivacy = { + _lastClipboardHash: null, + _globalActivation: false, + _isPrivateClipboard: false, + _hasher: null, + + _computeClipboardHash(win = Services.ww.activeWindow) { + const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( + Ci.nsITransferable + ); + trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); + try { + Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); + const clipboardContent = {}; + trans.getAnyTransferData({}, clipboardContent); + const { data } = clipboardContent.value.QueryInterface( + Ci.nsISupportsString + ); + const bytes = new TextEncoder().encode(data); + const hasher = (this._hasher ||= Cc[ + "@mozilla.org/security/hash;1" + ].createInstance(Ci.nsICryptoHash)); + hasher.init(hasher.SHA256); + hasher.update(bytes, bytes.length); + return hasher.finish(true); + } catch (e) {} + return null; + }, + + startup() { + this._lastClipboardHash = this._computeClipboardHash(); + + // Here we track changes in active window / application, + // by filtering focus events and window closures. + const handleActivation = (win, activation) => { + if (activation) { + if (!this._globalActivation) { + // focus changed within this window, bail out. + return; + } + this._globalActivation = false; + } else if (!Services.focus.activeWindow) { + // focus is leaving this window: + // let's track whether it remains within the browser. + lazy.setTimeout(() => { + this._globalActivation = !Services.focus.activeWindow; + }, 100); + } + const clipboardHash = this._computeClipboardHash(win); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + const focusListener = e => + e.isTrusted && handleActivation(e.currentTarget, e.type === "focusin"); + const initWindow = win => { + for (const e of ["focusin", "focusout"]) { + win.addEventListener(e, focusListener); + } + }; + for (const w of Services.ww.getWindowEnumerator()) { + initWindow(w); + } + Services.ww.registerNotification((win, event) => { + switch (event) { + case "domwindowopened": + initWindow(win); + break; + case "domwindowclosed": + handleActivation(win, false); + if ( + this._isPrivateClipboard && + lazy.PrivateBrowsingUtils.isWindowPrivate(win) && + !( + lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + Array.from(Services.ww.getWindowEnumerator()).find(w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) + ) + ) + ) { + // no more private windows, empty private content if needed + this.emptyPrivate(); + } + } + }); + }, + emptyPrivate() { + if ( + this._isPrivateClipboard && + !Services.prefs.getBoolPref( + "browser.privatebrowsing.preserveClipboard", + false + ) && + this._lastClipboardHash === this._computeClipboardHash() + ) { + Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + this._lastClipboardHash = null; + this._isPrivateClipboard = false; + console.log("Private clipboard emptied."); + } + }, +}; + /** * Fission-compatible JSProcess implementations. * Each actor options object takes the form of a ProcessActorOptions dictionary. @@ -1652,6 +1765,8 @@ BrowserGlue.prototype = { lazy.DoHController.init(); + ClipboardPrivacy.startup(); + this._firstWindowTelemetry(aWindow); this._firstWindowLoaded(); @@ -1912,7 +2027,7 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard), // tor-browser#42019 + () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 ]; for (let task of tasks) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f3701b5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f3701b5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] fixup! Bug 42019: Empty browser's clipboard on browser shutdown
by richard (＠richard) 18 Oct '23

18 Oct '23

richard pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: ef3a546d by hackademix at 2023-10-18T21:46:03+02:00 fixup! Bug 42019: Empty browser's clipboard on browser shutdown Bug 42154: empty clipboard content from private windows on exit. - - - - - 2 changed files: - browser/app/profile/001-base-profile.js - browser/components/BrowserGlue.sys.mjs Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -87,6 +87,9 @@ pref("browser.sessionstore.resume_from_crash", false); // Also not needed in PBM at the moment. pref("browser.pagethumbnails.capturing_disabled", true); +// Empty clipboard content from private windows on exit (tor-browser#42154) +pref("browser.privatebrowsing.preserveClipboard", false); + // Enable HTTPS-Only mode (tor-browser#19850) pref("dom.security.https_only_mode", true); // The previous pref automatically sets this to true (see StaticPrefList.yaml), ===================================== browser/components/BrowserGlue.sys.mjs ===================================== @@ -150,6 +150,119 @@ const PRIVATE_BROWSING_EXE_ICON_INDEX = 1; const PREF_PRIVATE_BROWSING_SHORTCUT_CREATED = "browser.privacySegmentation.createdShortcut"; +// Empty clipboard content from private windows on exit +// (tor-browser#42154) +const ClipboardPrivacy = { + _lastClipboardHash: null, + _globalActivation: false, + _isPrivateClipboard: false, + _hasher: null, + + _computeClipboardHash(win = Services.ww.activeWindow) { + const trans = Cc["@mozilla.org/widget/transferable;1"].createInstance( + Ci.nsITransferable + ); + trans.init(win?.docShell?.QueryInterface(Ci.nsILoadContext) || null); + ["text/x-moz-url", "text/plain"].forEach(trans.addDataFlavor); + try { + Services.clipboard.getData(trans, Ci.nsIClipboard.kGlobalClipboard); + const clipboardContent = {}; + trans.getAnyTransferData({}, clipboardContent); + const { data } = clipboardContent.value.QueryInterface( + Ci.nsISupportsString + ); + const bytes = new TextEncoder().encode(data); + const hasher = (this._hasher ||= Cc[ + "@mozilla.org/security/hash;1" + ].createInstance(Ci.nsICryptoHash)); + hasher.init(hasher.SHA256); + hasher.update(bytes, bytes.length); + return hasher.finish(true); + } catch (e) {} + return null; + }, + + startup() { + this._lastClipboardHash = this._computeClipboardHash(); + + // Here we track changes in active window / application, + // by filtering focus events and window closures. + const handleActivation = (win, activation) => { + if (activation) { + if (!this._globalActivation) { + // focus changed within this window, bail out. + return; + } + this._globalActivation = false; + } else if (!Services.focus.activeWindow) { + // focus is leaving this window: + // let's track whether it remains within the browser. + lazy.setTimeout(() => { + this._globalActivation = !Services.focus.activeWindow; + }, 100); + } + const clipboardHash = this._computeClipboardHash(win); + if (clipboardHash !== this._lastClipboardHash) { + this._isPrivateClipboard = + !activation && + (lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + lazy.PrivateBrowsingUtils.isWindowPrivate(win)); + this._lastClipboardHash = clipboardHash; + console.log( + `Clipboard changed: private ${this._isPrivateClipboard}, hash ${clipboardHash}.` + ); + } + }; + const focusListener = e => + e.isTrusted && handleActivation(e.currentTarget, e.type === "focusin"); + const initWindow = win => { + for (const e of ["focusin", "focusout"]) { + win.addEventListener(e, focusListener); + } + }; + for (const w of Services.ww.getWindowEnumerator()) { + initWindow(w); + } + Services.ww.registerNotification((win, event) => { + switch (event) { + case "domwindowopened": + initWindow(win); + break; + case "domwindowclosed": + handleActivation(win, false); + if ( + this._isPrivateClipboard && + lazy.PrivateBrowsingUtils.isWindowPrivate(win) && + !( + lazy.PrivateBrowsingUtils.permanentPrivateBrowsing || + Array.from(Services.ww.getWindowEnumerator()).find(w => + lazy.PrivateBrowsingUtils.isWindowPrivate(w) + ) + ) + ) { + // no more private windows, empty private content if needed + this.emptyPrivate(); + } + } + }); + }, + emptyPrivate() { + if ( + this._isPrivateClipboard && + !Services.prefs.getBoolPref( + "browser.privatebrowsing.preserveClipboard", + false + ) && + this._lastClipboardHash === this._computeClipboardHash() + ) { + Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard); + this._lastClipboardHash = null; + this._isPrivateClipboard = false; + console.log("Private clipboard emptied."); + } + }, +}; + /** * Fission-compatible JSProcess implementations. * Each actor options object takes the form of a ProcessActorOptions dictionary. @@ -1753,6 +1866,8 @@ BrowserGlue.prototype = { lazy.TorProviderBuilder.firstWindowLoaded(); + ClipboardPrivacy.startup(); + this._firstWindowTelemetry(aWindow); this._firstWindowLoaded(); @@ -2013,7 +2128,7 @@ BrowserGlue.prototype = { lazy.UpdateListener.reset(); } }, - () => Services.clipboard.emptyClipboard(Ci.nsIClipboard.kGlobalClipboard), // tor-browser#42019 + () => ClipboardPrivacy.emptyPrivate(), // tor-browser#42019 () => lazy.OnionAliasStore.uninit(), ]; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ef3a546… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ef3a546… You're receiving this email because of your account on gitlab.torproject.org.

1 0