ma1 pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
91e057ca by cypherpunks1 at 2023-12-04T13:06:55+01:00
fixup! Bug 23247: Communicating security expectations for .onion
Bug 42231: Improve the network monitor patch for http onion resources
- - - - -
2 changed files:
- devtools/client/netmonitor/src/components/SecurityState.js
- devtools/shared/network-observer/NetworkHelper.sys.mjs
Changes:
=====================================
devtools/client/netmonitor/src/components/SecurityState.js
=====================================
@@ -41,7 +41,7 @@ class SecurityState extends Component {
const {
securityState,
- urlDetails: { isLocal },
+ urlDetails: { host, isLocal },
} = item;
const iconClassList = ["requests-security-state-icon"];
@@ -50,7 +50,11 @@ class SecurityState extends Component {
// Locally delivered files such as http://localhost and file:// paths
// are considered to have been delivered securely.
- if (isLocal) {
+ if (
+ isLocal ||
+ (host?.endsWith(".onion") &&
+ Services.prefs.getBoolPref("dom.securecontext.allowlist_onions", false))
+ ) {
realSecurityState = "secure";
}
=====================================
devtools/shared/network-observer/NetworkHelper.sys.mjs
=====================================
@@ -596,9 +596,6 @@ export var NetworkHelper = {
// The request did not contain any security info.
if (!securityInfo) {
- if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) {
- info.state = "secure";
- }
return info;
}
@@ -650,11 +647,7 @@ export var NetworkHelper = {
// schemes other than https and wss are subject to
// downgrade/etc at the scheme level and should always be
// considered insecure
- if (httpActivity.hostname && httpActivity.hostname.endsWith(".onion")) {
- info.state = "secure";
- } else {
- info.state = "insecure";
- }
+ info.state = "insecure";
} else if (state & wpl.STATE_IS_SECURE) {
// The connection is secure if the scheme is sufficient
info.state = "secure";
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/91e057c…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/91e057c…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build
Commits:
6a9aac2c by Pier Angelo Vendrame at 2023-12-04T13:03:03+01:00
Bug 41017: Tell Nvidia drivers not to create the shader cache.
Nvidia drivers create a shader cache in $HOME/.cache/nvidia by default.
However, it can be easily disabled with an environment variable.
- - - - -
1 changed file:
- projects/browser/RelativeLink/start-browser
Changes:
=====================================
projects/browser/RelativeLink/start-browser
=====================================
@@ -367,6 +367,10 @@ rm -Rf "${HOME}/TorBrowser/Data/fontconfig"
# Avoid overwriting user's dconf values. Fixes #27903.
export GSETTINGS_BACKEND=memory
+# tor-browser-build#41017: Nvidia drivers create a shader cache by default in
+# $HOME/.cache/nvidia. We we can easily disable it.
+export __GL_SHADER_DISK_CACHE=0
+
cd "${HOME}"
# We pass all additional command-line arguments we get to Firefox.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch tor-browser-115.5.0esr-13.0-1 at The Tor Project / Applications / Tor Browser
Commits:
92139ee5 by Pier Angelo Vendrame at 2023-12-04T12:57:25+01:00
fixup! Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
Bug 42299: Unbreak about:preferences#connection when invalid bridge
lines are supplied
We switched to a shared bridge line parser. It might throw if an invalid
bridge line is passed, but we do not handle the exception in
connectionPane.js. As a result, the page breaks.
As a workaround, we can simply ignore the errors, but a better solution
would warn the user about that.
A bridge card rework is expected to happen in the 13.5 cycle, so I think
we can defer a proper fix to that moment.
(This should also be the UX of 11.5, 12.0 and 12.5).
- - - - -
1 changed file:
- browser/components/torpreferences/content/connectionPane.js
Changes:
=====================================
browser/components/torpreferences/content/connectionPane.js
=====================================
@@ -398,7 +398,7 @@ const gConnectionPane = (function () {
bridgeSwitch.addEventListener("toggle", () => {
TorSettings.bridges.enabled = bridgeSwitch.pressed;
TorSettings.saveToPrefs();
- TorSettings.applySettings().then(result => {
+ TorSettings.applySettings().finally(() => {
this._populateBridgeCards();
});
});
@@ -486,7 +486,12 @@ const gConnectionPane = (function () {
});
const idString = TorStrings.settings.bridgeId;
const id = card.querySelector(selectors.bridges.cardId);
- const details = TorParsers.parseBridgeLine(bridgeString);
+ let details;
+ try {
+ details = TorParsers.parseBridgeLine(bridgeString);
+ } catch (e) {
+ console.error(`Detected invalid bridge line: ${bridgeString}`, e);
+ }
if (details && details.id !== undefined) {
card.setAttribute("data-bridge-id", details.id);
}
@@ -529,7 +534,7 @@ const gConnectionPane = (function () {
bridgeSwitch.pressed && !!strings.length;
TorSettings.bridges.bridge_strings = strings.join("\n");
TorSettings.saveToPrefs();
- TorSettings.applySettings().then(result => {
+ TorSettings.applySettings().finally(() => {
this._populateBridgeCards();
});
});
@@ -1021,7 +1026,7 @@ const gConnectionPane = (function () {
TorSettings.bridges.builtin_type = "";
}
TorSettings.saveToPrefs();
- TorSettings.applySettings().then(result => {
+ TorSettings.applySettings().finally(() => {
this._populateBridgeCards();
});
},
@@ -1036,8 +1041,12 @@ const gConnectionPane = (function () {
async saveBridgeSettings(connect) {
TorSettings.saveToPrefs();
// FIXME: This can throw if the user adds a bridge manually with invalid
- // content. Should be addressed by tor-browser#40552.
- await TorSettings.applySettings();
+ // content. Should be addressed by tor-browser#41913.
+ try {
+ await TorSettings.applySettings();
+ } catch (e) {
+ console.error("Applying settings failed", e);
+ }
this._populateBridgeCards();
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/92139ee…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/92139ee…
You're receiving this email because of your account on gitlab.torproject.org.