Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
34ed82f6 by Pier Angelo Vendrame at 2023-02-15T15:23:42+00:00
fixup! Bug 31740: Remove some unnecessary RemoteSettings instances
Bug 41628: Disable Nimbus and Normandy components at compile time
- - - - -
1 changed file:
- toolkit/components/moz.build
Changes:
=====================================
toolkit/components/moz.build
=====================================
@@ -123,10 +123,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android":
"components.conf",
]
+# tor-browser#41628: Disable Normandy and Nimbus at compile time
if CONFIG["MOZ_BUILD_APP"] == "browser":
- DIRS += ["normandy", "messaging-system"]
-
-DIRS += ["nimbus"]
+ DIRS += ["messaging-system"]
if CONFIG["MOZ_BACKGROUNDTASKS"]:
DIRS += ["backgroundtasks"]
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/34ed82f…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/34ed82f…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
9d3722cd by Richard Pospesel at 2023-02-15T13:55:19+00:00
fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
(cherry picked from commit a697a2c0dfb46591f6d497ae7178be3a55d55fc7)
- - - - -
1 changed file:
- browser/app/profile/000-tor-browser.js
Changes:
=====================================
browser/app/profile/000-tor-browser.js
=====================================
@@ -38,9 +38,6 @@ pref("dom.securecontext.allowlist_onions", true);
// Disable HTTPS-Only mode for .onion domains (tor-browser#19850)
pref("dom.security.https_only_mode.upgrade_onion", false);
-// tor-browser#22320: Hide referer when comming from a .onion address
-pref("network.http.referer.hideOnionSource", true);
-
// Bug 40423/41137: Disable http/3
// We should re-enable it as soon as Tor gets UDP support
pref("network.http.http3.enabled", false);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9d3722c…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/9d3722c…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
8d7cac06 by Richard Pospesel at 2023-02-15T13:54:59+00:00
fixup! Firefox preference overrides.
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
(cherry picked from commit 90df17dac724c43bbc533a0f449a72ba419d9d67)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -57,6 +57,12 @@ pref("media.memory_cache_max_size", 16384);
pref("dom.security.https_only_mode", true);
pref("dom.security.https_only_mode_pbm", true);
+// tor-browser#22320: Hide referer when comming from a .onion address
+// We enable this here (rather than in Tor Browser) in case users of other
+// base-browser derived browsers configure it to use a system Tor daemon
+// to visit onion services.
+pref("network.http.referer.hideOnionSource", true);
+
// Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 )
// Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a
// MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8d7cac0…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8d7cac0…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
02bb195d by Richard Pospesel at 2023-02-15T13:54:39+00:00
fixup! Firefox preference overrides.
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
(cherry picked from commit 90df17dac724c43bbc533a0f449a72ba419d9d67)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -57,6 +57,12 @@ pref("media.memory_cache_max_size", 16384);
pref("dom.security.https_only_mode", true);
pref("dom.security.https_only_mode_pbm", true);
+// tor-browser#22320: Hide referer when comming from a .onion address
+// We enable this here (rather than in Tor Browser) in case users of other
+// base-browser derived browsers configure it to use a system Tor daemon
+// to visit onion services.
+pref("network.http.referer.hideOnionSource", true);
+
// Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 )
// Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a
// MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02bb195…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/02bb195…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
926c3f33 by Richard Pospesel at 2023-02-15T13:54:12+00:00
fixup! Firefox preference overrides.
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
(cherry picked from commit 90df17dac724c43bbc533a0f449a72ba419d9d67)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -68,6 +68,12 @@ pref("browser.pagethumbnails.capturing_disabled", true);
pref("dom.security.https_only_mode", true);
pref("dom.security.https_only_mode_pbm", true);
+// tor-browser#22320: Hide referer when comming from a .onion address
+// We enable this here (rather than in Tor Browser) in case users of other
+// base-browser derived browsers configure it to use a system Tor daemon
+// to visit onion services.
+pref("network.http.referer.hideOnionSource", true);
+
// Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 )
// Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a
// MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/926c3f3…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/926c3f3…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
90df17da by Richard Pospesel at 2023-02-15T13:37:32+00:00
fixup! Firefox preference overrides.
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
- - - - -
a697a2c0 by Richard Pospesel at 2023-02-15T13:38:06+00:00
fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
- - - - -
2 changed files:
- browser/app/profile/000-tor-browser.js
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/000-tor-browser.js
=====================================
@@ -38,9 +38,6 @@ pref("dom.securecontext.allowlist_onions", true);
// Disable HTTPS-Only mode for .onion domains (tor-browser#19850)
pref("dom.security.https_only_mode.upgrade_onion", false);
-// tor-browser#22320: Hide referer when comming from a .onion address
-pref("network.http.referer.hideOnionSource", true);
-
// Bug 40423/41137: Disable http/3
// We should re-enable it as soon as Tor gets UDP support
pref("network.http.http3.enabled", false);
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -68,6 +68,12 @@ pref("browser.pagethumbnails.capturing_disabled", true);
pref("dom.security.https_only_mode", true);
pref("dom.security.https_only_mode_pbm", true);
+// tor-browser#22320: Hide referer when comming from a .onion address
+// We enable this here (rather than in Tor Browser) in case users of other
+// base-browser derived browsers configure it to use a system Tor daemon
+// to visit onion services.
+pref("network.http.referer.hideOnionSource", true);
+
// Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 )
// Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a
// MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/33b90e…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/33b90e…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
2de21152 by Pier Angelo Vendrame at 2023-02-15T09:24:19+01:00
fixup! Bug 40925: Implemented the Security Level component
Bug 40781 (build): Move l10n files to browser/locales
- - - - -
9c96c84b by Pier Angelo Vendrame at 2023-02-15T09:25:44+01:00
fixup! Bug 40926: Implemented the New Identity feature
Bug 40781 (build): Move l10n files to browser/locales
- - - - -
8 changed files:
- browser/components/newidentity/content/newidentity.js
- browser/components/newidentity/jar.mn
- browser/components/securitylevel/content/securityLevel.js
- browser/components/securitylevel/jar.mn
- browser/installer/package-manifest.in
- browser/components/newidentity/locale/en-US/newIdentity.properties → browser/locales/en-US/chrome/browser/newIdentity.properties
- browser/components/securitylevel/locale/en-US/securityLevel.properties → browser/locales/en-US/chrome/browser/securityLevel.properties
- browser/locales/jar.mn
Changes:
=====================================
browser/components/newidentity/content/newidentity.js
=====================================
@@ -24,7 +24,7 @@ XPCOMUtils.defineLazyGetter(this, "NewIdentityStrings", () => {
let bundle = null;
try {
bundle = Services.strings.createBundle(
- "chrome://newidentity/locale/newIdentity.properties"
+ "chrome://browser/locale/newIdentity.properties"
);
} catch (e) {
console.warn("Could not load the New Identity strings");
=====================================
browser/components/newidentity/jar.mn
=====================================
@@ -3,14 +3,3 @@ browser.jar:
content/browser/newIdentityDialog.xhtml (content/newIdentityDialog.xhtml)
content/browser/newIdentityDialog.css (content/newIdentityDialog.css)
content/browser/newIdentityDialog.js (content/newIdentityDialog.js)
-
-newidentity.jar:
-# We need to list at least one locale here, to make Firefox load the localized
-# copy of properties at chrome://newidentity/locale/newIdentity.properties.
-# Ideally, we should use @AB_CD@.jar to automatically copy all the locales
-# Firefox is built with. But we only provide English here, and injecting the
-# translated files directly to the omni.ja works better for us, for the time
-# being. In addition to inject the properties files, we also add the
-# corresponding locale line to chrome/chrome.manifest.
-% locale newidentity en-US %locale/en-US/
- locale/en-US/newIdentity.properties (locale/en-US/newIdentity.properties)
=====================================
browser/components/securitylevel/content/securityLevel.js
=====================================
@@ -46,7 +46,7 @@ XPCOMUtils.defineLazyGetter(this, "SecurityLevelStrings", () => {
let bundle = null;
try {
bundle = Services.strings.createBundle(
- "chrome://securitylevel/locale/securityLevel.properties"
+ "chrome://browser/locale/securityLevel.properties"
);
} catch (e) {
console.warn("Could not load the Security Level strings");
=====================================
browser/components/securitylevel/jar.mn
=====================================
@@ -4,8 +4,3 @@ browser.jar:
content/browser/securitylevel/securityLevelButton.css (content/securityLevelButton.css)
content/browser/securitylevel/securityLevelPreferences.css (content/securityLevelPreferences.css)
content/browser/securitylevel/securityLevelIcon.svg (content/securityLevelIcon.svg)
-
-securitylevel.jar:
-# See New Identity for further information on how this works
-% locale securitylevel en-US %locale/en-US/
- locale/en-US/securityLevel.properties (locale/en-US/securityLevel.properties)
=====================================
browser/installer/package-manifest.in
=====================================
@@ -245,10 +245,6 @@
#endif
; Base Browser
-@RESPATH@/browser/chrome/newidentity.manifest
-@RESPATH@/browser/chrome/newidentity/
-@RESPATH@/browser/chrome/securitylevel.manifest
-@RESPATH@/browser/chrome/securitylevel/
@RESPATH@/components/SecurityLevel.manifest
; [DevTools Startup Files]
=====================================
browser/components/newidentity/locale/en-US/newIdentity.properties → browser/locales/en-US/chrome/browser/newIdentity.properties
=====================================
=====================================
browser/components/securitylevel/locale/en-US/securityLevel.properties → browser/locales/en-US/chrome/browser/securityLevel.properties
=====================================
=====================================
browser/locales/jar.mn
=====================================
@@ -39,6 +39,8 @@
locale/browser/safebrowsing/safebrowsing.properties (%chrome/browser/safebrowsing/safebrowsing.properties)
locale/browser/feeds/subscribe.properties (%chrome/browser/feeds/subscribe.properties)
locale/browser/syncSetup.properties (%chrome/browser/syncSetup.properties)
+ locale/browser/securityLevel.properties (%chrome/browser/securityLevel.properties)
+ locale/browser/newIdentity.properties (%chrome/browser/newIdentity.properties)
% locale browser-region @AB_CD@ %locale/browser-region/
# the following files are browser-specific overrides
locale/browser/netError.dtd (%chrome/overrides/netError.dtd)
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/82f538…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/82f538…
You're receiving this email because of your account on gitlab.torproject.org.