October 2024 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] 3 commits: Bug 1906024 - Format download file names better a=diannaS
by Pier Angelo Vendrame (＠pierov) 14 Oct '24

14 Oct '24

Pier Angelo Vendrame pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: febfa1bf by rahulsainani at 2024-10-14T16:07:55+02:00 Bug 1906024 - Format download file names better a=diannaS Original Revision: https://phabricator.services.mozilla.com/D220559 Differential Revision: https://phabricator.services.mozilla.com/D222254 - - - - - 0caad63c by rahulsainani at 2024-10-14T16:08:09+02:00 Bug 1906024 - Format download file names a=diannaS Original Revision: https://phabricator.services.mozilla.com/D221771 Differential Revision: https://phabricator.services.mozilla.com/D222259 - - - - - 796fd9d6 by Pier Angelo Vendrame at 2024-10-14T16:08:30+02:00 Bug 43196: Remove the vendor name from media notifications on Linux. Firefox shows "vendor remoteName" as a title of the "... is playing media" notification on Linux. However, for our browser the remote name is enough, and prepending the vendor to it creates a string users usually never see. - - - - - 3 changed files: - mobile/android/android-components/components/support/ktx/src/main/java/mozilla/components/support/ktx/kotlin/String.kt - mobile/android/android-components/components/support/ktx/src/test/java/mozilla/components/support/ktx/kotlin/StringTest.kt - widget/gtk/MPRISServiceHandler.cpp Changes: ===================================== mobile/android/android-components/components/support/ktx/src/main/java/mozilla/components/support/ktx/kotlin/String.kt ===================================== @@ -53,6 +53,8 @@ const val MAX_URI_LENGTH = 25000 private const val FILE_PREFIX = "file://" private const val MAX_VALID_PORT = 65_535 +private const val SPACE = " " +private const val UNDERSCORE = "_" /** * Shortens URLs to be more user friendly. @@ -307,7 +309,9 @@ fun String.sanitizeFileName(): String { file.name.replace("\\.\\.+".toRegex(), ".") } else { file.name.replace(".", "") - }.replaceEscapedCharacters() + }.replaceContinuousSpaces() + .replaceEscapedCharacters() + .trim() } /** @@ -315,8 +319,16 @@ fun String.sanitizeFileName(): String { * and is correctly displayed. */ private fun String.replaceEscapedCharacters(): String { - val controlCharactersRegex = "[\\x00-\\x13/*\"?<>:|\\\\]".toRegex() - return replace(controlCharactersRegex, "_") + val escapedCharactersRegex = "[\\x00-\\x13*\"?<>:|\\\\]".toRegex() + return replace(escapedCharactersRegex, UNDERSCORE) +} + +/** + * Replaces continuous spaces with a single space. + */ +private fun String.replaceContinuousSpaces(): String { + val escapedCharactersRegex = "[\\p{Z}\\s]+".toRegex() + return replace(escapedCharactersRegex, SPACE) } /** ===================================== mobile/android/android-components/components/support/ktx/src/test/java/mozilla/components/support/ktx/kotlin/StringTest.kt ===================================== @@ -199,11 +199,11 @@ class StringTest { "acknowledge\u0006signal" to "acknowledge_signal", "bell\u0007sound" to "bell_sound", "back\u0008space" to "back_space", - "horizontal\u0009tab" to "horizontal_tab", - "new\u000Aline" to "new_line", - "vertical\u000Btab" to "vertical_tab", - "form\u000Cfeed" to "form_feed", - "return\u000Dcarriage" to "return_carriage", + "horizontal\u0009tab" to "horizontal tab", + "new\u000Aline" to "new line", + "vertical\u000Btab" to "vertical tab", + "form\u000Cfeed" to "form feed", + "return\u000Dcarriage" to "return carriage", "shift\u000Eout" to "shift_out", "shift\u000Fin" to "shift_in", "escape\u0010data" to "escape_data", ===================================== widget/gtk/MPRISServiceHandler.cpp ===================================== @@ -414,8 +414,10 @@ void MPRISServiceHandler::InitIdentity() { do_GetService("@mozilla.org/xre/app-info;1", &rv); MOZ_ASSERT(NS_SUCCEEDED(rv)); +#ifndef BASE_BROWSER_VERSION rv = appInfo->GetVendor(mIdentity); MOZ_ASSERT(NS_SUCCEEDED(rv)); +#endif if (gAppData) { mDesktopEntry = gAppData->remotingName; @@ -424,7 +426,9 @@ void MPRISServiceHandler::InitIdentity() { MOZ_ASSERT(NS_SUCCEEDED(rv)); } +#ifndef BASE_BROWSER_VERSION mIdentity.Append(' '); +#endif mIdentity.Append(mDesktopEntry); // Compute the desktop entry name like nsAppRunner does for g_set_prgname View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/bdea24… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/bdea24… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 14 Oct '24

14 Oct '24

ma1 pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 2ad2eec9 by hackademix at 2024-10-14T12:56:25+02:00 fixup! Firefox preference overrides. Bug 42356: Preference review for Firefox ESR128. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -23,7 +23,7 @@ pref("startup.homepage_welcome_url.additional", ""); pref("browser.aboutwelcome.enabled", false); #if MOZ_UPDATE_CHANNEL == release -// tor-browser#42640: Disable Firefox Flame buttond due to unknown interactions with New Identity +// tor-browser#42640: Disable Firefox Flame button due to unknown interactions with New Identity pref("browser.privatebrowsing.resetPBM.enabled", false, locked); #endif @@ -58,7 +58,7 @@ pref("media.aboutwebrtc.hist.enabled", false); // Disk Activity -// Disable auto-downloaing to ~/Downloads and other download tweaks to minimize +// Disable auto-downloading to ~/Downloads and other download tweaks to minimize // disk leaks (tor-browser#42050). pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); @@ -97,7 +97,7 @@ pref("browser.pagethumbnails.capturing_disabled", true); // disk leaks, e.g., in system logs. // For example, it happened that GNOME shell logged the window name that caused // JS errors/unexpected conditions for unrelated issues. -// TODO: Enable again after more UX considerations. +// TODO: commented out for now because of UX concerns, to be reconsidered in 14.5 // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); @@ -123,7 +123,7 @@ pref("dom.security.https_only_mode_pbm", true); // tor-browser#43197, defense in depth if ever https-only got disabled pref("dom.security.https_first_add_exception_on_failiure", false); -// tor-browser#22320: Hide referer when comming from a .onion address +// tor-browser#22320: Hide referer when coming from a .onion address // We enable this here (rather than in Tor Browser) in case users of other // base-browser derived browsers configure it to use a system Tor daemon // to visit onion services. @@ -214,7 +214,6 @@ pref("toolkit.telemetry.bhrPing.enabled", false); pref("toolkit.telemetry.coverage.opt-out", true); pref("toolkit.coverage.opt-out", true); pref("toolkit.coverage.endpoint.base", ""); -pref("browser.ping-centre.telemetry", false); pref("browser.tabs.crashReporting.sendReport", false); pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // Added in tor-browser#41496 even though false by default @@ -244,7 +243,6 @@ pref("services.sync.engine.passwords", false); pref("services.sync.engine.prefs", false); pref("services.sync.engine.tabs", false); pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ -pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups pref("privacy.donottrackheader.enabled", false); // (mullvad-browser#17) // Make sure there is no Tracking Protection active in Tor Browser, see: #17898. pref("privacy.trackingprotection.enabled", false); @@ -284,9 +282,7 @@ pref("browser.newtabpage.activity-stream.telemetry", false); // Notice that null is between quotes because it is a JSON string. // Keep checked firefox.js to see if new entries are added. pref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "null"); // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). @@ -312,6 +308,10 @@ pref("browser.preferences.moreFromMozilla", false); // Disable webcompat reporter pref("extensions.webcompat-reporter.enabled", false); +// Disable Content Analysis SDK (tor-browser#42364) +pref("browser.contentanalysis.enabled", false); +pref("browser.contentanalysis.default_result", 0); + // Disable contentRelevancy component (which itself is gated on Nimbus) (tor-browser#42867) pref("toolkit.contentRelevancy.enabled", false); pref("toolkit.contentRelevancy.ingestEnabled", false); @@ -455,12 +455,9 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// tor-browser#41676: Set the TZ environment variable as a defense-in-depth. -// TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. -pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); -// tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox -pref("javascript.options.spectre.disable_for_isolated_content", false, locked); +// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162) +pref("javascript.options.spectre.disable_for_isolated_content", false); // Third party stuff pref("privacy.firstparty.isolate", true); // Always enforce first party isolation @@ -510,27 +507,6 @@ pref("network.proxy.failover_direct", false, locked); // alters content load order in a page. See tor-browser#24686 pref("network.http.tailing.enabled", true, locked); -// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked -// to firefox defaults to minimize network performance fingerprinting. -// See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 -pref("network.http.http2.enabled", true, locked); -pref("network.http.http2.enabled.deps", true, locked); -pref("network.http.http2.enforce-tls-profile", true, locked); -pref("network.http.http2.chunk-size", 16000, locked); -pref("network.http.http2.timeout", 170, locked); -pref("network.http.http2.coalesce-hostnames", true, locked); -pref("network.http.http2.persistent-settings", false, locked); -pref("network.http.http2.ping-threshold", 58, locked); -pref("network.http.http2.ping-timeout", 8, locked); -pref("network.http.http2.send-buffer-size", 0, locked); -pref("network.http.http2.allow-push", true, locked); -pref("network.http.http2.push-allowance", 131072, locked); -pref("network.http.http2.pull-allowance", 12582912, locked); -pref("network.http.http2.default-concurrent", 100, locked); -pref("network.http.http2.default-hpack-buffer", 65536, locked); -pref("network.http.http2.websockets", true, locked); -pref("network.http.http2.enable-hpack-dump", false, locked); - // tor-browser#23044: Make sure we don't have any GIO supported protocols // (defense in depth measure). // As of Firefox 118 (Bug 1843763), upstream does not add any protocol by @@ -618,8 +594,8 @@ pref("extensions.htmlaboutaddons.recommendations.enabled", false); // Disable personalized Extension Recommendations in about:addons and // addons.mozilla.org pref("browser.discovery.enabled", false); -// Bug 26114: Allow NoScript to access addons.mozilla.org etc. -// TODO: Audit again (tor-browser#41445) +// tor-browser#26114: Allow NoScript to work on addons.mozilla.org and other Mozilla sites. +// Revisited and confirmed in tor-browser#41445. pref("extensions.webextensions.restrictedDomains", ""); // Don't give Mozilla-recommended third-party extensions special privileges. pref("extensions.postDownloadThirdPartyPrompt", false); @@ -651,16 +627,16 @@ pref("browser.menu.share_url.allow", false, locked); // Disable special URL bar behaviors pref("browser.urlbar.suggest.topsites", false); +pref("browser.urlbar.quicksuggest.enabled", false); +pref("browser.urlbar.richSuggestions.featureGate", false); +pref("browser.urlbar.yelp.featureGate", false); +pref("browser.urlbar.mdn.featureGate", false); // tor-browser#41884: Do not start a search when clicking on the new tab button // with the middle mouse button (to prevent searching for anything you might // have selected or already in your clipboard). pref("browser.tabs.searchclipboardfor.middleclick", false); -// Skip checking omni.ja and other files for corruption since the result -// is only reported via telemetry (which is disabled). See tor-browser#40048. -pref("corroborator.enabled", false); - // tor-browser#41417: do not allow live reload until we switch to Fluent and // stop using .textContent. // Even after that, it might be a good idea to keep it off, as it is not handled @@ -678,7 +654,7 @@ pref("privacy.query_stripping.strip_on_share.enabled", true); pref("privacy.globalprivacycontrol.enabled", true); pref("privacy.globalprivacycontrol.pbmode.enabled", true); -// Disable platform text recogniition functionality (tor-browser#42057) +// Disable platform text recognition functionality (tor-browser#42057) pref("dom.text-recognition.enabled", false); // Log levels View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/2ad… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/2ad… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 14 Oct '24

14 Oct '24

ma1 pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: bdea242f by hackademix at 2024-10-14T12:56:11+02:00 fixup! Firefox preference overrides. Bug 42356: Preference review for Firefox ESR128. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -23,7 +23,7 @@ pref("startup.homepage_welcome_url.additional", ""); pref("browser.aboutwelcome.enabled", false); #if MOZ_UPDATE_CHANNEL == release -// tor-browser#42640: Disable Firefox Flame buttond due to unknown interactions with New Identity +// tor-browser#42640: Disable Firefox Flame button due to unknown interactions with New Identity pref("browser.privatebrowsing.resetPBM.enabled", false, locked); #endif @@ -58,7 +58,7 @@ pref("media.aboutwebrtc.hist.enabled", false); // Disk Activity -// Disable auto-downloaing to ~/Downloads and other download tweaks to minimize +// Disable auto-downloading to ~/Downloads and other download tweaks to minimize // disk leaks (tor-browser#42050). pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); @@ -97,7 +97,7 @@ pref("browser.pagethumbnails.capturing_disabled", true); // disk leaks, e.g., in system logs. // For example, it happened that GNOME shell logged the window name that caused // JS errors/unexpected conditions for unrelated issues. -// TODO: Enable again after more UX considerations. +// TODO: commented out for now because of UX concerns, to be reconsidered in 14.5 // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); @@ -123,7 +123,7 @@ pref("dom.security.https_only_mode_pbm", true); // tor-browser#43197, defense in depth if ever https-only got disabled pref("dom.security.https_first_add_exception_on_failiure", false); -// tor-browser#22320: Hide referer when comming from a .onion address +// tor-browser#22320: Hide referer when coming from a .onion address // We enable this here (rather than in Tor Browser) in case users of other // base-browser derived browsers configure it to use a system Tor daemon // to visit onion services. @@ -214,7 +214,6 @@ pref("toolkit.telemetry.bhrPing.enabled", false); pref("toolkit.telemetry.coverage.opt-out", true); pref("toolkit.coverage.opt-out", true); pref("toolkit.coverage.endpoint.base", ""); -pref("browser.ping-centre.telemetry", false); pref("browser.tabs.crashReporting.sendReport", false); pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // Added in tor-browser#41496 even though false by default @@ -244,7 +243,6 @@ pref("services.sync.engine.passwords", false); pref("services.sync.engine.prefs", false); pref("services.sync.engine.tabs", false); pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ -pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups pref("privacy.donottrackheader.enabled", false); // (mullvad-browser#17) // Make sure there is no Tracking Protection active in Tor Browser, see: #17898. pref("privacy.trackingprotection.enabled", false); @@ -284,9 +282,7 @@ pref("browser.newtabpage.activity-stream.telemetry", false); // Notice that null is between quotes because it is a JSON string. // Keep checked firefox.js to see if new entries are added. pref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "null"); // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). @@ -312,6 +308,10 @@ pref("browser.preferences.moreFromMozilla", false); // Disable webcompat reporter pref("extensions.webcompat-reporter.enabled", false); +// Disable Content Analysis SDK (tor-browser#42364) +pref("browser.contentanalysis.enabled", false); +pref("browser.contentanalysis.default_result", 0); + // Disable contentRelevancy component (which itself is gated on Nimbus) (tor-browser#42867) pref("toolkit.contentRelevancy.enabled", false); pref("toolkit.contentRelevancy.ingestEnabled", false); @@ -455,12 +455,9 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// tor-browser#41676: Set the TZ environment variable as a defense-in-depth. -// TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. -pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); -// tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox -pref("javascript.options.spectre.disable_for_isolated_content", false, locked); +// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162) +pref("javascript.options.spectre.disable_for_isolated_content", false); // Third party stuff pref("privacy.firstparty.isolate", true); // Always enforce first party isolation @@ -510,27 +507,6 @@ pref("network.proxy.failover_direct", false, locked); // alters content load order in a page. See tor-browser#24686 pref("network.http.tailing.enabled", true, locked); -// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked -// to firefox defaults to minimize network performance fingerprinting. -// See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 -pref("network.http.http2.enabled", true, locked); -pref("network.http.http2.enabled.deps", true, locked); -pref("network.http.http2.enforce-tls-profile", true, locked); -pref("network.http.http2.chunk-size", 16000, locked); -pref("network.http.http2.timeout", 170, locked); -pref("network.http.http2.coalesce-hostnames", true, locked); -pref("network.http.http2.persistent-settings", false, locked); -pref("network.http.http2.ping-threshold", 58, locked); -pref("network.http.http2.ping-timeout", 8, locked); -pref("network.http.http2.send-buffer-size", 0, locked); -pref("network.http.http2.allow-push", true, locked); -pref("network.http.http2.push-allowance", 131072, locked); -pref("network.http.http2.pull-allowance", 12582912, locked); -pref("network.http.http2.default-concurrent", 100, locked); -pref("network.http.http2.default-hpack-buffer", 65536, locked); -pref("network.http.http2.websockets", true, locked); -pref("network.http.http2.enable-hpack-dump", false, locked); - // tor-browser#23044: Make sure we don't have any GIO supported protocols // (defense in depth measure). // As of Firefox 118 (Bug 1843763), upstream does not add any protocol by @@ -622,8 +598,8 @@ pref("extensions.htmlaboutaddons.recommendations.enabled", false); // Disable personalized Extension Recommendations in about:addons and // addons.mozilla.org pref("browser.discovery.enabled", false); -// Bug 26114: Allow NoScript to access addons.mozilla.org etc. -// TODO: Audit again (tor-browser#41445) +// tor-browser#26114: Allow NoScript to work on addons.mozilla.org and other Mozilla sites. +// Revisited and confirmed in tor-browser#41445. pref("extensions.webextensions.restrictedDomains", ""); // Don't give Mozilla-recommended third-party extensions special privileges. pref("extensions.postDownloadThirdPartyPrompt", false); @@ -655,16 +631,16 @@ pref("browser.menu.share_url.allow", false, locked); // Disable special URL bar behaviors pref("browser.urlbar.suggest.topsites", false); +pref("browser.urlbar.quicksuggest.enabled", false); +pref("browser.urlbar.richSuggestions.featureGate", false); +pref("browser.urlbar.yelp.featureGate", false); +pref("browser.urlbar.mdn.featureGate", false); // tor-browser#41884: Do not start a search when clicking on the new tab button // with the middle mouse button (to prevent searching for anything you might // have selected or already in your clipboard). pref("browser.tabs.searchclipboardfor.middleclick", false); -// Skip checking omni.ja and other files for corruption since the result -// is only reported via telemetry (which is disabled). See tor-browser#40048. -pref("corroborator.enabled", false); - // tor-browser#41417: do not allow live reload until we switch to Fluent and // stop using .textContent. // Even after that, it might be a good idea to keep it off, as it is not handled @@ -682,7 +658,7 @@ pref("privacy.query_stripping.strip_on_share.enabled", true); pref("privacy.globalprivacycontrol.enabled", true); pref("privacy.globalprivacycontrol.pbmode.enabled", true); -// Disable platform text recogniition functionality (tor-browser#42057) +// Disable platform text recognition functionality (tor-browser#42057) pref("dom.text-recognition.enabled", false); // Log levels View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bdea242… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bdea242… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 14 Oct '24

14 Oct '24

ma1 pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 55c8c9e7 by hackademix at 2024-10-11T09:17:04+02:00 fixup! Firefox preference overrides. Bug 42356: Preference review for Firefox ESR128. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -23,7 +23,7 @@ pref("startup.homepage_welcome_url.additional", ""); pref("browser.aboutwelcome.enabled", false); #if MOZ_UPDATE_CHANNEL == release -// tor-browser#42640: Disable Firefox Flame buttond due to unknown interactions with New Identity +// tor-browser#42640: Disable Firefox Flame button due to unknown interactions with New Identity pref("browser.privatebrowsing.resetPBM.enabled", false, locked); #endif @@ -58,7 +58,7 @@ pref("media.aboutwebrtc.hist.enabled", false); // Disk Activity -// Disable auto-downloaing to ~/Downloads and other download tweaks to minimize +// Disable auto-downloading to ~/Downloads and other download tweaks to minimize // disk leaks (tor-browser#42050). pref("browser.download.useDownloadDir", false); pref("browser.download.always_ask_before_handling_new_types", true); @@ -97,7 +97,7 @@ pref("browser.pagethumbnails.capturing_disabled", true); // disk leaks, e.g., in system logs. // For example, it happened that GNOME shell logged the window name that caused // JS errors/unexpected conditions for unrelated issues. -// TODO: Enable again after more UX considerations. +// TODO: commented out for now because of UX concerns, to be reconsidered in 14.5 // pref("privacy.exposeContentTitleInWindow", false); // pref("privacy.exposeContentTitleInWindow.pbm", false); @@ -123,7 +123,7 @@ pref("dom.security.https_only_mode_pbm", true); // tor-browser#43197, defense in depth if ever https-only got disabled pref("dom.security.https_first_add_exception_on_failiure", false); -// tor-browser#22320: Hide referer when comming from a .onion address +// tor-browser#22320: Hide referer when coming from a .onion address // We enable this here (rather than in Tor Browser) in case users of other // base-browser derived browsers configure it to use a system Tor daemon // to visit onion services. @@ -214,7 +214,6 @@ pref("toolkit.telemetry.bhrPing.enabled", false); pref("toolkit.telemetry.coverage.opt-out", true); pref("toolkit.coverage.opt-out", true); pref("toolkit.coverage.endpoint.base", ""); -pref("browser.ping-centre.telemetry", false); pref("browser.tabs.crashReporting.sendReport", false); pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // Added in tor-browser#41496 even though false by default @@ -244,7 +243,6 @@ pref("services.sync.engine.passwords", false); pref("services.sync.engine.prefs", false); pref("services.sync.engine.tabs", false); pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ -pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups pref("privacy.donottrackheader.enabled", false); // (mullvad-browser#17) // Make sure there is no Tracking Protection active in Tor Browser, see: #17898. pref("privacy.trackingprotection.enabled", false); @@ -284,9 +282,7 @@ pref("browser.newtabpage.activity-stream.telemetry", false); // Notice that null is between quotes because it is a JSON string. // Keep checked firefox.js to see if new entries are added. pref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "null"); -pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "null"); pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "null"); // Disable fetching asrouter.ftl and related console errors (tor-browser#40763). @@ -312,6 +308,10 @@ pref("browser.preferences.moreFromMozilla", false); // Disable webcompat reporter pref("extensions.webcompat-reporter.enabled", false); +// Disable Content Analysis SDK (tor-browser#42364) +pref("browser.contentanalysis.enabled", false); +pref("browser.contentanalysis.default_result", 0); + // Disable contentRelevancy component (which itself is gated on Nimbus) (tor-browser#42867) pref("toolkit.contentRelevancy.enabled", false); pref("toolkit.contentRelevancy.ingestEnabled", false); @@ -455,12 +455,9 @@ pref("pdfjs.disabled", false, locked); #endif // Bug 40057: Ensure system colors are not used for CSS4 colors pref("browser.display.use_system_colors", false); -// tor-browser#41676: Set the TZ environment variable as a defense-in-depth. -// TODO: Remove this in ESR-128, as it has been removed in 116 with Bug 1837582. -pref("privacy.resistFingerprinting.testing.setTZtoUTC", true); -// tor-browser#41943: lock and revisit after it gets flipped to true in stable Firefox -pref("javascript.options.spectre.disable_for_isolated_content", false, locked); +// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162) +pref("javascript.options.spectre.disable_for_isolated_content", false); // Third party stuff pref("privacy.firstparty.isolate", true); // Always enforce first party isolation @@ -510,27 +507,6 @@ pref("network.proxy.failover_direct", false, locked); // alters content load order in a page. See tor-browser#24686 pref("network.http.tailing.enabled", true, locked); -// Make sure the varoius http2 settings, buffer sizes, timings, etc are locked -// to firefox defaults to minimize network performance fingerprinting. -// See https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27128 -pref("network.http.http2.enabled", true, locked); -pref("network.http.http2.enabled.deps", true, locked); -pref("network.http.http2.enforce-tls-profile", true, locked); -pref("network.http.http2.chunk-size", 16000, locked); -pref("network.http.http2.timeout", 170, locked); -pref("network.http.http2.coalesce-hostnames", true, locked); -pref("network.http.http2.persistent-settings", false, locked); -pref("network.http.http2.ping-threshold", 58, locked); -pref("network.http.http2.ping-timeout", 8, locked); -pref("network.http.http2.send-buffer-size", 0, locked); -pref("network.http.http2.allow-push", true, locked); -pref("network.http.http2.push-allowance", 131072, locked); -pref("network.http.http2.pull-allowance", 12582912, locked); -pref("network.http.http2.default-concurrent", 100, locked); -pref("network.http.http2.default-hpack-buffer", 65536, locked); -pref("network.http.http2.websockets", true, locked); -pref("network.http.http2.enable-hpack-dump", false, locked); - // tor-browser#23044: Make sure we don't have any GIO supported protocols // (defense in depth measure). // As of Firefox 118 (Bug 1843763), upstream does not add any protocol by @@ -622,8 +598,8 @@ pref("extensions.htmlaboutaddons.recommendations.enabled", false); // Disable personalized Extension Recommendations in about:addons and // addons.mozilla.org pref("browser.discovery.enabled", false); -// Bug 26114: Allow NoScript to access addons.mozilla.org etc. -// TODO: Audit again (tor-browser#41445) +// tor-browser#26114: Allow NoScript to work on addons.mozilla.org and other Mozilla sites. +// Revisited and confirmed in tor-browser#41445. pref("extensions.webextensions.restrictedDomains", ""); // Don't give Mozilla-recommended third-party extensions special privileges. pref("extensions.postDownloadThirdPartyPrompt", false); @@ -655,16 +631,16 @@ pref("browser.menu.share_url.allow", false, locked); // Disable special URL bar behaviors pref("browser.urlbar.suggest.topsites", false); +pref("browser.urlbar.quicksuggest.enabled", false); +pref("browser.urlbar.richSuggestions.featureGate", false); +pref("browser.urlbar.yelp.featureGate", false); +pref("browser.urlbar.mdn.featureGate", false); // tor-browser#41884: Do not start a search when clicking on the new tab button // with the middle mouse button (to prevent searching for anything you might // have selected or already in your clipboard). pref("browser.tabs.searchclipboardfor.middleclick", false); -// Skip checking omni.ja and other files for corruption since the result -// is only reported via telemetry (which is disabled). See tor-browser#40048. -pref("corroborator.enabled", false); - // tor-browser#41417: do not allow live reload until we switch to Fluent and // stop using .textContent. // Even after that, it might be a good idea to keep it off, as it is not handled @@ -682,7 +658,7 @@ pref("privacy.query_stripping.strip_on_share.enabled", true); pref("privacy.globalprivacycontrol.enabled", true); pref("privacy.globalprivacycontrol.pbmode.enabled", true); -// Disable platform text recogniition functionality (tor-browser#42057) +// Disable platform text recognition functionality (tor-browser#42057) pref("dom.text-recognition.enabled", false); // Log levels View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/55c8c9e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/55c8c9e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41261: Use an uncompressed NoScript xpi file to improve apk compression
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 6bf962cd by cypherpunks1 at 2024-10-10T00:35:11+00:00 Bug 41261: Use an uncompressed NoScript xpi file to improve apk compression - - - - - 1 changed file: - projects/browser/build.android Changes: ===================================== projects/browser/build.android ===================================== @@ -21,7 +21,15 @@ noscript_path="$ext_dir/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi" mkdir -p /var/tmp/build/$ext_dir [% dest_dir _ '/' _ c('filename') %] cd /var/tmp/build -mv $rootdir/[% c('input_files_by_name/noscript') %] "$noscript_path" + +mkdir noscript +pushd noscript +unzip $rootdir/[% c('input_files_by_name/noscript') %] +[% c('zip', { + zip_src => [ '.' ], + zip_args => '-0 ../$noscript_path', + }) %] +popd [%IF c("var/tor-browser") -%] tar -xaf "$rootdir/[% c("input_files_by_name/tor-expert-bundle") %]/tor-expert-bundle.tar.gz" tor/pluggable_transports/pt_config.json View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] 2 commits: dropme! Bug 4234: Use the Firefox Update Process for Base Browser.
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: bc8fd871 by Pier Angelo Vendrame at 2024-10-10T21:13:43+00:00 dropme! Bug 4234: Use the Firefox Update Process for Base Browser. This commit is not for rebase. Revert "fixup! Bug 4234: Use the Firefox Update Process for Base Browser." This reverts commit af856ef0e56959a57baa0056916b84e02eaf4c67. - - - - - 2a2f50eb by Pier Angelo Vendrame at 2024-10-10T21:13:44+00:00 Bug 1923264 - Discard unsupported updates in selectUpdate. r=bytesized,nalexander UpdateService.#selectUpdate currently chooses always the most recent update even when unsupported and an older but supported one is available. This commit makes #selectUpdate discard the unsupported update if a supported alternative is found. Differential Revision: https://phabricator.services.mozilla.com/D224905 - - - - - 3 changed files: - toolkit/mozapps/update/tests/data/sharedUpdateXML.js - + toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js - toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml Changes: ===================================== toolkit/mozapps/update/tests/data/sharedUpdateXML.js ===================================== @@ -141,6 +141,7 @@ function getRemoteUpdateString(aUpdateProps, aPatches) { name: "App Update Test", promptWaitTime: null, type: "major", + unsupported: false, }; for (let name in aUpdateProps) { @@ -346,6 +347,7 @@ function getUpdateString(aUpdateProps) { aUpdateProps.disableBackgroundUpdates + '" ' : ""; + let unsupported = aUpdateProps.unsupported ? 'unsupported="true" ' : ""; let custom1 = aUpdateProps.custom1 ? aUpdateProps.custom1 + " " : ""; let custom2 = aUpdateProps.custom2 ? aUpdateProps.custom2 + " " : ""; let buildID = 'buildID="' + aUpdateProps.buildID + '"'; @@ -360,6 +362,7 @@ function getUpdateString(aUpdateProps) { promptWaitTime + disableBITS + disableBackgroundUpdates + + unsupported + custom1 + custom2 + buildID ===================================== toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js ===================================== @@ -0,0 +1,50 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +/** + * This tests that an older update is chosen over a more recent but unsupported + * update. + */ + +async function run_test() { + setupTestCommon(); + start_httpserver(); + setUpdateURL(gURLData + gHTTPHandlerPath); + setUpdateChannel("test_channel"); + + let patchProps = { + type: "complete", + url: "http://complete/", + size: "9856459", + }; + let patches = getRemotePatchString(patchProps); + patchProps = { type: "partial", url: "http://partial/", size: "1316138" }; + patches += getRemotePatchString(patchProps); + + let oldAppVersion = "900000.0"; + let newAppVersion = "999999.0"; + let update1 = getRemoteUpdateString( + { appVersion: newAppVersion, unsupported: true }, + patches + ); + let update2 = getRemoteUpdateString({ appVersion: oldAppVersion }, patches); + gResponseBody = getRemoteUpdatesXMLString(update1 + update2); + + let checkResult = await waitForUpdateCheck(true, { updateCount: 2 }); + let bestUpdate = await gAUS.selectUpdate(checkResult.updates); + bestUpdate.QueryInterface(Ci.nsIWritablePropertyBag); + Assert.equal( + bestUpdate.unsupported, + false, + "The unsupported update has been discarded." + ); + Assert.equal( + bestUpdate.appVersion, + oldAppVersion, + "Expected the older version to be chosen over the more recent but unsupported." + ); + + stop_httpserver(doTestFinish); +} ===================================== toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml ===================================== @@ -56,6 +56,8 @@ reason = "Feature is Firefox-specific and Windows-specific." ["languagePackUpdates.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 +["mixedUnsupported.js"] + ["multiUpdate.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/be… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/be… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] 2 commits: dropme! Bug 4234: Use the Firefox Update Process for Base Browser.
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: e67837c7 by Pier Angelo Vendrame at 2024-10-10T21:12:54+00:00 dropme! Bug 4234: Use the Firefox Update Process for Base Browser. This commit is not for rebase. Revert "fixup! Bug 4234: Use the Firefox Update Process for Base Browser." This reverts commit af856ef0e56959a57baa0056916b84e02eaf4c67. - - - - - 011b3ff9 by Pier Angelo Vendrame at 2024-10-10T21:12:55+00:00 Bug 1923264 - Discard unsupported updates in selectUpdate. r=bytesized,nalexander UpdateService.#selectUpdate currently chooses always the most recent update even when unsupported and an older but supported one is available. This commit makes #selectUpdate discard the unsupported update if a supported alternative is found. Differential Revision: https://phabricator.services.mozilla.com/D224905 - - - - - 3 changed files: - toolkit/mozapps/update/tests/data/sharedUpdateXML.js - + toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js - toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml Changes: ===================================== toolkit/mozapps/update/tests/data/sharedUpdateXML.js ===================================== @@ -141,6 +141,7 @@ function getRemoteUpdateString(aUpdateProps, aPatches) { name: "App Update Test", promptWaitTime: null, type: "major", + unsupported: false, }; for (let name in aUpdateProps) { @@ -346,6 +347,7 @@ function getUpdateString(aUpdateProps) { aUpdateProps.disableBackgroundUpdates + '" ' : ""; + let unsupported = aUpdateProps.unsupported ? 'unsupported="true" ' : ""; let custom1 = aUpdateProps.custom1 ? aUpdateProps.custom1 + " " : ""; let custom2 = aUpdateProps.custom2 ? aUpdateProps.custom2 + " " : ""; let buildID = 'buildID="' + aUpdateProps.buildID + '"'; @@ -360,6 +362,7 @@ function getUpdateString(aUpdateProps) { promptWaitTime + disableBITS + disableBackgroundUpdates + + unsupported + custom1 + custom2 + buildID ===================================== toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js ===================================== @@ -0,0 +1,50 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +/** + * This tests that an older update is chosen over a more recent but unsupported + * update. + */ + +async function run_test() { + setupTestCommon(); + start_httpserver(); + setUpdateURL(gURLData + gHTTPHandlerPath); + setUpdateChannel("test_channel"); + + let patchProps = { + type: "complete", + url: "http://complete/", + size: "9856459", + }; + let patches = getRemotePatchString(patchProps); + patchProps = { type: "partial", url: "http://partial/", size: "1316138" }; + patches += getRemotePatchString(patchProps); + + let oldAppVersion = "900000.0"; + let newAppVersion = "999999.0"; + let update1 = getRemoteUpdateString( + { appVersion: newAppVersion, unsupported: true }, + patches + ); + let update2 = getRemoteUpdateString({ appVersion: oldAppVersion }, patches); + gResponseBody = getRemoteUpdatesXMLString(update1 + update2); + + let checkResult = await waitForUpdateCheck(true, { updateCount: 2 }); + let bestUpdate = await gAUS.selectUpdate(checkResult.updates); + bestUpdate.QueryInterface(Ci.nsIWritablePropertyBag); + Assert.equal( + bestUpdate.unsupported, + false, + "The unsupported update has been discarded." + ); + Assert.equal( + bestUpdate.appVersion, + oldAppVersion, + "Expected the older version to be chosen over the more recent but unsupported." + ); + + stop_httpserver(doTestFinish); +} ===================================== toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml ===================================== @@ -56,6 +56,8 @@ reason = "Feature is Firefox-specific and Windows-specific." ["languagePackUpdates.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 +["mixedUnsupported.js"] + ["multiUpdate.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c3282a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c3282a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] 2 commits: dropme! Bug 4234: Use the Firefox Update Process for Base Browser.
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 39ab6faf by Pier Angelo Vendrame at 2024-10-10T20:55:41+00:00 dropme! Bug 4234: Use the Firefox Update Process for Base Browser. This commit is not for rebase. Revert "fixup! Bug 4234: Use the Firefox Update Process for Base Browser." This reverts commit af856ef0e56959a57baa0056916b84e02eaf4c67. - - - - - 25d29e14 by Pier Angelo Vendrame at 2024-10-10T20:55:41+00:00 Bug 1923264 - Discard unsupported updates in selectUpdate. r=bytesized,nalexander UpdateService.#selectUpdate currently chooses always the most recent update even when unsupported and an older but supported one is available. This commit makes #selectUpdate discard the unsupported update if a supported alternative is found. Differential Revision: https://phabricator.services.mozilla.com/D224905 - - - - - 3 changed files: - toolkit/mozapps/update/tests/data/sharedUpdateXML.js - + toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js - toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml Changes: ===================================== toolkit/mozapps/update/tests/data/sharedUpdateXML.js ===================================== @@ -141,6 +141,7 @@ function getRemoteUpdateString(aUpdateProps, aPatches) { name: "App Update Test", promptWaitTime: null, type: "major", + unsupported: false, }; for (let name in aUpdateProps) { @@ -346,6 +347,7 @@ function getUpdateString(aUpdateProps) { aUpdateProps.disableBackgroundUpdates + '" ' : ""; + let unsupported = aUpdateProps.unsupported ? 'unsupported="true" ' : ""; let custom1 = aUpdateProps.custom1 ? aUpdateProps.custom1 + " " : ""; let custom2 = aUpdateProps.custom2 ? aUpdateProps.custom2 + " " : ""; let buildID = 'buildID="' + aUpdateProps.buildID + '"'; @@ -360,6 +362,7 @@ function getUpdateString(aUpdateProps) { promptWaitTime + disableBITS + disableBackgroundUpdates + + unsupported + custom1 + custom2 + buildID ===================================== toolkit/mozapps/update/tests/unit_aus_update/mixedUnsupported.js ===================================== @@ -0,0 +1,50 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +/** + * This tests that an older update is chosen over a more recent but unsupported + * update. + */ + +async function run_test() { + setupTestCommon(); + start_httpserver(); + setUpdateURL(gURLData + gHTTPHandlerPath); + setUpdateChannel("test_channel"); + + let patchProps = { + type: "complete", + url: "http://complete/", + size: "9856459", + }; + let patches = getRemotePatchString(patchProps); + patchProps = { type: "partial", url: "http://partial/", size: "1316138" }; + patches += getRemotePatchString(patchProps); + + let oldAppVersion = "900000.0"; + let newAppVersion = "999999.0"; + let update1 = getRemoteUpdateString( + { appVersion: newAppVersion, unsupported: true }, + patches + ); + let update2 = getRemoteUpdateString({ appVersion: oldAppVersion }, patches); + gResponseBody = getRemoteUpdatesXMLString(update1 + update2); + + let checkResult = await waitForUpdateCheck(true, { updateCount: 2 }); + let bestUpdate = await gAUS.selectUpdate(checkResult.updates); + bestUpdate.QueryInterface(Ci.nsIWritablePropertyBag); + Assert.equal( + bestUpdate.unsupported, + false, + "The unsupported update has been discarded." + ); + Assert.equal( + bestUpdate.appVersion, + oldAppVersion, + "Expected the older version to be chosen over the more recent but unsupported." + ); + + stop_httpserver(doTestFinish); +} ===================================== toolkit/mozapps/update/tests/unit_aus_update/xpcshell.toml ===================================== @@ -56,6 +56,8 @@ reason = "Feature is Firefox-specific and Windows-specific." ["languagePackUpdates.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 +["mixedUnsupported.js"] + ["multiUpdate.js"] skip-if = ["socketprocess_networking"] # Bug 1759035 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/61c5f5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/61c5f5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] Bug 1922204: fixup square spoofed orientation. r=tjr
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: be3bc055 by Fatih at 2024-10-10T20:53:43+00:00 Bug 1922204: fixup square spoofed orientation. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D224312 - - - - - 1 changed file: - toolkit/components/resistfingerprinting/nsRFPService.cpp Changes: ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2287,10 +2287,12 @@ Maybe<RFPTarget> nsRFPService::GetOverriddenFingerprintingSettingsForURI( /* static */ uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { + // Note that, if screen is square, we return portrait-primary. + // That's why we use > on non-android and >= on Android. #ifdef MOZ_WIDGET_ANDROID bool neutral = aHeight >= aWidth; #else - bool neutral = aWidth >= aHeight; + bool neutral = aWidth > aHeight; #endif if (neutral) { return 0; @@ -2301,7 +2303,7 @@ uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { /* static */ dom::OrientationType nsRFPService::ViewportSizeToOrientationType( int32_t aWidth, int32_t aHeight) { - if (aWidth >= aHeight) { + if (aWidth > aHeight) { return dom::OrientationType::Landscape_primary; } return dom::OrientationType::Portrait_primary; View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/be3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/be3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] Bug 1922204: fixup square spoofed orientation. r=tjr
by morgan (＠morgan) 10 Oct '24

10 Oct '24

morgan pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: c3282afe by Fatih at 2024-10-10T20:52:43+00:00 Bug 1922204: fixup square spoofed orientation. r=tjr Differential Revision: https://phabricator.services.mozilla.com/D224312 - - - - - 1 changed file: - toolkit/components/resistfingerprinting/nsRFPService.cpp Changes: ===================================== toolkit/components/resistfingerprinting/nsRFPService.cpp ===================================== @@ -2287,10 +2287,12 @@ Maybe<RFPTarget> nsRFPService::GetOverriddenFingerprintingSettingsForURI( /* static */ uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { + // Note that, if screen is square, we return portrait-primary. + // That's why we use > on non-android and >= on Android. #ifdef MOZ_WIDGET_ANDROID bool neutral = aHeight >= aWidth; #else - bool neutral = aWidth >= aHeight; + bool neutral = aWidth > aHeight; #endif if (neutral) { return 0; @@ -2301,7 +2303,7 @@ uint16_t nsRFPService::ViewportSizeToAngle(int32_t aWidth, int32_t aHeight) { /* static */ dom::OrientationType nsRFPService::ViewportSizeToOrientationType( int32_t aWidth, int32_t aHeight) { - if (aWidth >= aHeight) { + if (aWidth > aHeight) { return dom::OrientationType::Landscape_primary; } return dom::OrientationType::Portrait_primary; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c3282af… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c3282af… You're receiving this email because of your account on gitlab.torproject.org.

1 0