February 2023 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][main] Bug 40764: Embed repo URL and git revision in Firefox
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 7103ec20 by Pier Angelo Vendrame at 2023-02-02T15:31:44+01:00 Bug 40764: Embed repo URL and git revision in Firefox They will be visible and clickable in about:buildconfig. - - - - - 2 changed files: - projects/firefox/config - projects/firefox/mozconfig Changes: ===================================== projects/firefox/config ===================================== @@ -18,6 +18,8 @@ var: branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_osname: '[% c("var/osname") %]' + gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser + git_commit: '[% exec("git rev-parse HEAD") %]' deps: - build-essential - unzip @@ -74,6 +76,7 @@ targets: var: branding_directory_prefix: 'pb' browser_branch: '12.0-1' + gitlab_project: https://gitlab.torproject.org/tpo/applications/privacy-browser linux-x86_64: var: ===================================== projects/firefox/mozconfig ===================================== @@ -73,3 +73,6 @@ mk_add_options MOZ_PARALLEL_BUILD=[% c("num_procs") %] +export MOZ_INCLUDE_SOURCE_INFO=1 +export MOZ_SOURCE_REPO="[% c('var/gitlab_project') %]" +export MOZ_SOURCE_CHANGESET=[% c("var/git_commit") %] View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.5-1] Bug 41603: Customize the creation of MOZ_SOURCE_URL
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch base-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 2b933eba by Pier Angelo Vendrame at 2023-02-02T15:30:24+01:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 1 changed file: - build/variables.py Changes: ===================================== build/variables.py ===================================== @@ -97,7 +97,7 @@ def source_repo_header(output): output.write("#define MOZ_SOURCE_STAMP %s\n" % changeset) if repo and buildconfig.substs.get("MOZ_INCLUDE_SOURCE_INFO"): - source = "%s/rev/%s" % (repo, changeset) + source = "%s/-/commit/%s" % (repo, changeset) output.write("#define MOZ_SOURCE_REPO %s\n" % repo) output.write("#define MOZ_SOURCE_URL %s\n" % source) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2b933eb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2b933eb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.5-1] Bug 41603: Customize the creation of MOZ_SOURCE_URL
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch tor-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: bb63e34c by Pier Angelo Vendrame at 2023-02-02T15:28:37+01:00 Bug 41603: Customize the creation of MOZ_SOURCE_URL MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET. But the code takes for granted that it refers to a Hg instance, so it combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`. With this commit, we change this logic to combine them to create a URL that is valid for GitLab. $MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag. If that is needed, we could use /-/tree/, instead of /-/commit/. - - - - - 1 changed file: - build/variables.py Changes: ===================================== build/variables.py ===================================== @@ -97,7 +97,7 @@ def source_repo_header(output): output.write("#define MOZ_SOURCE_STAMP %s\n" % changeset) if repo and buildconfig.substs.get("MOZ_INCLUDE_SOURCE_INFO"): - source = "%s/rev/%s" % (repo, changeset) + source = "%s/-/commit/%s" % (repo, changeset) output.write("#define MOZ_SOURCE_REPO %s\n" % repo) output.write("#define MOZ_SOURCE_URL %s\n" % source) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bb63e34… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bb63e34… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 40760: Add BSD packager contacts to release prep templates
by Richard Pospesel (＠richard) 02 Feb '23

02 Feb '23

Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: a9fb0000 by Richard Pospesel at 2023-02-02T13:07:18+00:00 Bug 40760: Add BSD packager contacts to release prep templates - - - - - 2 changed files: - .gitlab/issue_templates/Release Prep - Alpha.md - .gitlab/issue_templates/Release Prep - Stable.md Changes: ===================================== .gitlab/issue_templates/Release Prep - Alpha.md ===================================== @@ -200,6 +200,8 @@ Tor Browser Alpha (and Nightly) are on the `main` branch - [ ] Tails dev mailing list: tails-dev(a)boum.org - [ ] Guardian Project: nathan(a)guardianproject.info - [ ] torbrowser-launcher: micah(a)micahflee.com + - [ ] FreeBSD port: freebsd(a)sysctl.cz  + - [ ] OpenBSD port: caspar(a)schutijser.com  - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` - [ ] Note any changes which may affect packaging/downstream integration - [ ] Email upstream stakeholders: ===================================== .gitlab/issue_templates/Release Prep - Stable.md ===================================== @@ -198,6 +198,8 @@ Tor Browser Stable lives in the various `maint-$(TOR_BROWSER_MAJOR).$(TOR_BROWSE - [ ] Tails dev mailing list: tails-dev(a)boum.org - [ ] Guardian Project: nathan(a)guardianproject.info - [ ] torbrowser-launcher: micah(a)micahflee.com + - [ ] FreeBSD port: freebsd(a)sysctl.cz  + - [ ] OpenBSD port: caspar(a)schutijser.com  - [ ] Provide links to unsigned builds on `$(BUILD_SERVER)` - [ ] Note any changes which may affect packaging/downstream integration - [ ] Email upstream stakeholders: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.5-1] fixup! Bug 18905: Hide unwanted items from help menu
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch base-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 5bece552 by Pier Angelo Vendrame at 2023-02-02T15:27:17+01:00 fixup! Bug 18905: Hide unwanted items from help menu - - - - - 1 changed file: - browser/base/content/browser-safebrowsing.js Changes: ===================================== browser/base/content/browser-safebrowsing.js ===================================== @@ -7,9 +7,12 @@ var gSafeBrowsing = { setReportPhishingMenu() { - // tor-browser#18905: disable these menu entries - /* eslint-disable no-unreachable */ - return; + // tor-browser#18905: hide these menu entries + if ( + !Services.prefs.getBoolPref("browser.safebrowsing.phishing.enabled", true) + ) { + return; + } // In order to detect whether or not we're at the phishing warning // page, we have to check the documentURI instead of the currentURI. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5bece55… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5bece55… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.5-1] Bug 18905: Hide unwanted items from help menu
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch base-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 83880497 by Arthur Edelstein at 2023-02-02T15:24:05+01:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 3 changed files: - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-safebrowsing.js Changes: ===================================== browser/base/content/appmenu-viewcache.inc.xhtml ===================================== @@ -55,7 +55,8 @@ class="subviewbutton" data-l10n-id="appmenuitem-new-private-window" key="key_privatebrowsing" - command="Tools:PrivateBrowsing"/> + command="Tools:PrivateBrowsing" + hidden="true"/> <toolbarseparator/> <toolbarbutton id="appMenu-new-identity" class="subviewbutton" @@ -179,7 +180,8 @@ <toolbarbutton id="appMenu-restoreSession" data-l10n-id="appmenu-restore-session" class="subviewbutton" - command="Browser:RestoreLastSession"/> + command="Browser:RestoreLastSession" + hidden="true"/> <toolbarseparator/> <toolbarbutton id="appMenuClearRecentHistory" data-l10n-id="appmenu-clear-history" ===================================== browser/base/content/browser-menubar.inc ===================================== @@ -458,6 +458,7 @@ have their strings defined by appmenu-data-l10n-id. --> <menuitem id="menu_openHelp" oncommand="openHelpLink('firefox-help')" + hidden="true" data-l10n-id="menu-get-help" appmenu-data-l10n-id="appmenu-get-help" #ifdef XP_MACOSX @@ -467,14 +468,17 @@ #endif <menuitem id="feedbackPage" oncommand="openFeedbackPage()" + hidden="true" data-l10n-id="menu-help-share-ideas" appmenu-data-l10n-id="appmenu-help-share-ideas"/> <menuitem id="helpSafeMode" oncommand="safeModeRestart();" + hidden="true" data-l10n-id="menu-help-enter-troubleshoot-mode2" appmenu-data-l10n-id="appmenu-help-enter-troubleshoot-mode2"/> <menuitem id="troubleShooting" oncommand="openTroubleshootingPage()" + hidden="true" data-l10n-id="menu-help-more-troubleshooting-info" appmenu-data-l10n-id="appmenu-help-more-troubleshooting-info"/> <menuitem id="help_reportSiteIssue" ===================================== browser/base/content/browser-safebrowsing.js ===================================== @@ -7,6 +7,10 @@ var gSafeBrowsing = { setReportPhishingMenu() { + // tor-browser#18905: disable these menu entries + /* eslint-disable no-unreachable */ + return; + // In order to detect whether or not we're at the phishing warning // page, we have to check the documentURI instead of the currentURI. // This is because when the DocShell loads an error page, the View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8388049… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8388049… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.5-1] 5 commits: dropme! Bug 10760: Integrate TorButton to TorBrowser core
by Pier Angelo Vendrame (＠pierov) 02 Feb '23

02 Feb '23

Pier Angelo Vendrame pushed to branch tor-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser Commits: 153c0294 by Pier Angelo Vendrame at 2023-02-02T10:18:40+01:00 dropme! Bug 10760: Integrate TorButton to TorBrowser core Remove implementation of 18905 from Torbutton - - - - - 816d9867 by Arthur Edelstein at 2023-02-02T10:27:54+01:00 Bug 18905: Hide unwanted items from help menu Bug 25660: Remove the "New Private Window" option - - - - - 28ab7be0 by Pier Angelo Vendrame at 2023-02-02T10:28:18+01:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bring back the new circuit entries. - - - - - aaa2f0dc by Pier Angelo Vendrame at 2023-02-02T10:28:19+01:00 fixup! Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser Move the manual menu entry to the manual commit - - - - - 39eb835a by Pier Angelo Vendrame at 2023-02-02T11:44:32+01:00 fixup! Bug 18905: Hide unwanted items from help menu - - - - - 2 changed files: - browser/base/content/browser-menubar.inc - browser/base/content/browser-safebrowsing.js Changes: ===================================== browser/base/content/browser-menubar.inc ===================================== @@ -461,17 +461,11 @@ <menupopup id="menu_HelpPopup" onpopupshowing="buildHelpMenu();">  -  - <box id="feedbackPage"/> - <box id="helpSafeMode"/> - <box id="menu_HelpPopup_reportPhishingtoolmenu"/> - <box id="menu_HelpPopup_reportPhishingErrortoolmenu"/>  <menuitem id="torBrowserUserManual" oncommand="gBrowser.selectedTab = gBrowser.addTab('about:manual', {triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal()});" label="&aboutTor.torbrowser_user_manual.label;" accesskey="&aboutTor.torbrowser_user_manual.accesskey;"/> -  <menuitem id="menu_openHelp" oncommand="openHelpLink('firefox-help')" hidden="true" @@ -485,8 +479,8 @@ <menuitem id="feedbackPage" oncommand="openFeedbackPage()" hidden="true" - data-l10n-id="menu-help-feedback-page" - appmenu-data-l10n-id="appmenu-help-feedback-page"/> + data-l10n-id="menu-help-share-ideas" + appmenu-data-l10n-id="appmenu-help-share-ideas"/> <menuitem id="helpSafeMode" oncommand="safeModeRestart();" hidden="true" ===================================== browser/base/content/browser-safebrowsing.js ===================================== @@ -7,6 +7,13 @@ var gSafeBrowsing = { setReportPhishingMenu() { + // tor-browser#18905: hide these menu entries + if ( + !Services.prefs.getBoolPref("browser.safebrowsing.phishing.enabled", true) + ) { + return; + } + // In order to detect whether or not we're at the phishing warning // page, we have to check the documentURI instead of the currentURI. // This is because when the DocShell loads an error page, the View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5ac078… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/5ac078… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.0-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core
by Richard Pospesel (＠richard) 01 Feb '23

01 Feb '23

Richard Pospesel pushed to branch tor-browser-102.7.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: 0bf68ade by Pier Angelo Vendrame at 2023-02-01T15:02:12+00:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bug 41572: Check for userContextId also in the circuit display (cherry picked from commit e4496e7ab626686e07f7d93093b81247e7e26118) - - - - - 1 changed file: - toolkit/torbutton/chrome/content/tor-circuit-display.js Changes: ===================================== toolkit/torbutton/chrome/content/tor-circuit-display.js ===================================== @@ -306,21 +306,32 @@ let createTorCircuitDisplay = (function() { // Obtains the circuit used by the given browser. let currentCircuitData = function(browser) { if (browser) { - let firstPartyDomain = getDomainForBrowser(browser); - let domain = firstPartyDomain || "--unknown--"; - let domainMap = browserToCredentialsMap.get(browser); - let credentials = domainMap && domainMap.get(domain); + const firstPartyDomain = getDomainForBrowser(browser); + const userContextId = + browser.contentPrincipal.originAttributes.userContextId; + const key = firstPartyDomain + ? `${firstPartyDomain}:${userContextId}` + : "--unknown--"; + const credentialMap = browserToCredentialsMap.get(browser); + const credentials = credentialMap && credentialMap.get(key); if (credentials) { - let [SOCKS_username, SOCKS_password] = credentials; - let nodeData = credentialsToNodeDataMap.get( + const [SOCKS_username, SOCKS_password] = credentials; + const nodeData = credentialsToNodeDataMap.get( `${SOCKS_username}|${SOCKS_password}` ); - let domain = SOCKS_username; - if (browser.documentURI.host.endsWith(".tor.onion")) { - const service = Cc[ - "@torproject.org/onion-alias-service;1" - ].getService(Ci.IOnionAliasService); - domain = service.getOnionAlias(browser.documentURI.host); + let domain = firstPartyDomain; + try { + if (browser.documentURI.host.endsWith(".tor.onion")) { + const service = Cc[ + "@torproject.org/onion-alias-service;1" + ].getService(Ci.IOnionAliasService); + domain = service.getOnionAlias(browser.documentURI.host); + } + } catch (e) { + logger.eclog( + 3, + `[circuit display] Cannot verify if we are visiting an onion alias: ${e.message}\n${e.stack}` + ); } return { domain, nodeData }; } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0bf68ad… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0bf68ad… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.0-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core
by Richard Pospesel (＠richard) 01 Feb '23

01 Feb '23

Richard Pospesel pushed to branch tor-browser-102.7.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: 6ec1fbad by trinity-1686a at 2023-02-01T15:00:25+00:00 fixup! Bug 10760: Integrate TorButton to TorBrowser core Bug 41066: isolate tor connections based on userContextId (cherry picked from commit 4a257dd55db4184672220c25a4f07b8999b8dd83) - - - - - 1 changed file: - toolkit/torbutton/components/domain-isolator.js Changes: ===================================== toolkit/torbutton/components/domain-isolator.js ===================================== @@ -58,7 +58,11 @@ let tor = {}; // __tor.noncesForDomains__. // A mutable map that records what nonce we are using for each domain. -tor.noncesForDomains = {}; +tor.noncesForDomains = new Map(); + +// __tor.noncesForUserContextId__. +// A mutable map that records what nonce we are using for each tab container. +tor.noncesForUserContextId = new Map(); // __tor.isolationEabled__. // A bool that controls if we use SOCKS auth for isolation or not. @@ -68,23 +72,37 @@ tor.isolationEnabled = true; // Specifies when the current catch-all circuit was first used tor.unknownDirtySince = Date.now(); -// __tor.socksProxyCredentials(originalProxy, domain)__. -// Takes a proxyInfo object (originalProxy) and returns a new proxyInfo -// object with the same properties, except the username is set to the -// the domain, and the password is a nonce. -tor.socksProxyCredentials = function(originalProxy, domain) { +tor.passwordForDomainAndUserContextId = function(domain, userContextId) { // Check if we already have a nonce. If not, create - // one for this domain. - if (!tor.noncesForDomains.hasOwnProperty(domain)) { - tor.noncesForDomains[domain] = tor.nonce(); + // one for this domain and userContextId. + if (!tor.noncesForDomains.has(domain)) { + tor.noncesForDomains.set(domain, tor.nonce()); + } + if (!tor.noncesForUserContextId.has(userContextId)) { + tor.noncesForUserContextId.set(userContextId, tor.nonce()); } + return ( + tor.noncesForDomains.get(domain) + + tor.noncesForUserContextId.get(userContextId) + ); +}; + +// __tor.socksProxyCredentials(originalProxy, domain, userContextId)__. +// Takes a proxyInfo object (originalProxy) and returns a new proxyInfo +// object with the same properties, except the username is set to the +// the domain and userContextId, and the password is a nonce. +tor.socksProxyCredentials = function(originalProxy, domain, userContextId) { let proxy = originalProxy.QueryInterface(Ci.nsIProxyInfo); + let proxyPassword = tor.passwordForDomainAndUserContextId( + domain, + userContextId + ); return mozilla.protocolProxyService.newProxyInfoWithAuth( "socks", proxy.host, proxy.port, - domain, // username - tor.noncesForDomains[domain], // password + `${domain}:${userContextId}`, // username + proxyPassword, "", // aProxyAuthorizationHeader "", // aConnectionIsolationKey proxy.flags, @@ -116,10 +134,21 @@ tor.newCircuitForDomain = function(domain) { if (domain === "") { domain = "--unknown--"; } - tor.noncesForDomains[domain] = tor.nonce(); + tor.noncesForDomains.set(domain, tor.nonce()); + logger.eclog( + 3, + `New domain isolation for ${domain}: ${tor.noncesForDomains.get(domain)}` + ); +}; + +tor.newCircuitForUserContextId = function(userContextId) { + // Re-generate the nonce for the context. + tor.noncesForUserContextId.set(userContextId, tor.nonce()); logger.eclog( 3, - "New domain isolation for " + domain + ": " + tor.noncesForDomains[domain] + `New container isolation for ${userContextId}: ${tor.noncesForUserContextId.get( + userContextId + )}` ); }; @@ -127,8 +156,9 @@ tor.newCircuitForDomain = function(domain) { // Clear the isolation state cache, forcing new circuits to be used for all // subsequent requests. tor.clearIsolation = function() { - // Per-domain nonces are stored in a map, so simply re-initialize the map. - tor.noncesForDomains = {}; + // Per-domain and per contextId nonces are stored in maps, so simply clear them. + tor.noncesForDomains.clear(); + tor.noncesForUserContextId.clear(); // Force a rotation on the next catch-all circuit use by setting the creation // time to the epoch. @@ -137,9 +167,9 @@ tor.clearIsolation = function() { // __tor.isolateCircuitsByDomain()__. // For every HTTPChannel, replaces the default SOCKS proxy with one that authenticates -// to the SOCKS server (the tor client process) with a username (the first party domain) -// and a nonce password. Tor provides a separate circuit for each username+password -// combination. +// to the SOCKS server (the tor client process) with a username (the first party domain +// and userContextId) and a nonce password. Tor provides a separate circuit for each +// username+password combination. tor.isolateCircuitsByDomain = function() { mozilla.registerProxyChannelFilter(function(aChannel, aProxy) { if (!tor.isolationEnabled) { @@ -147,7 +177,8 @@ tor.isolateCircuitsByDomain = function() { } try { let channel = aChannel.QueryInterface(Ci.nsIChannel), - firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain; + firstPartyDomain = channel.loadInfo.originAttributes.firstPartyDomain, + userContextId = channel.loadInfo.originAttributes.userContextId; if (firstPartyDomain === "") { firstPartyDomain = "--unknown--"; if (Date.now() - tor.unknownDirtySince > 1000 * 10 * 60) { @@ -161,7 +192,8 @@ tor.isolateCircuitsByDomain = function() { } let replacementProxy = tor.socksProxyCredentials( aProxy, - firstPartyDomain + firstPartyDomain, + userContextId ); logger.eclog( 3, @@ -206,6 +238,9 @@ DomainIsolator.prototype = { newCircuitForDomain(domain) { tor.newCircuitForDomain(domain); }, + newCircuitForUserContextId(userContextId) { + tor.newCircuitForUserContextId(userContextId); + }, enableIsolation() { tor.isolationEnabled = true; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6ec1fba… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6ec1fba… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.0-1] Bug 40283: Workaround for the file upload bug
by Richard Pospesel (＠richard) 01 Feb '23

01 Feb '23

Richard Pospesel pushed to branch base-browser-102.7.0esr-12.0-1 at The Tor Project / Applications / Tor Browser Commits: f8403767 by p13dz at 2023-02-01T14:22:02+00:00 Bug 40283: Workaround for the file upload bug (cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170) - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoSession.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoSession.java ===================================== @@ -4726,12 +4726,19 @@ public class GeckoSession { return super.confirm(); } + private static String normalizePath(String input) { + // For an unclear reason, Android media picker delivers file paths + // starting with double slash. Firefox performs path validation on + // all paths, and double slash is deemed invalid. + return input.startsWith("//") ? input.substring(1) : input; + } + private static String getFile(final @NonNull Context context, final @NonNull Uri uri) { if (uri == null) { return null; } if ("file".equals(uri.getScheme())) { - return uri.getPath(); + return normalizePath(uri.getPath()); } final ContentResolver cr = context.getContentResolver(); final Cursor cur = @@ -4753,7 +4760,7 @@ public class GeckoSession { try { final String path = cur.getString(idx); if (path != null && !path.isEmpty()) { - return path; + return normalizePath(path); } } catch (final Exception e) { } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f840376… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f840376… You're receiving this email because of your account on gitlab.torproject.org.

1 0