May 2024 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 2 commits: Revert "Bug 41881: Don't persist custom network requests on private windows"
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 1e2cec74 by Pier Angelo Vendrame at 2024-05-13T20:39:35+00:00 Revert "Bug 41881: Don't persist custom network requests on private windows" This reverts commit 6450a4e62e810832f35ee8732a4630ec2c2ba6f6. - - - - - fa7dafa6 by cypherpunks1 at 2024-05-13T20:39:43+00:00 Bug 1892052 - Do not persist custom network requests on PBM. r=devtools-reviewers,bomsy,nchevobbe Differential Revision: https://phabricator.services.mozilla.com/D207762 - - - - - 3 changed files: - devtools/client/netmonitor/src/components/new-request/HTTPCustomRequestPanel.js - devtools/client/netmonitor/test/browser_net_new_request_panel_persisted_content.js - devtools/client/netmonitor/test/head.js Changes: ===================================== devtools/client/netmonitor/src/components/new-request/HTTPCustomRequestPanel.js ===================================== @@ -4,11 +4,6 @@ "use strict"; -const lazy = {}; -ChromeUtils.defineESModuleGetters(lazy, { - PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.sys.mjs", -}); - const { Component, createFactory, @@ -127,7 +122,7 @@ class HTTPCustomRequestPanel extends Component { async componentDidMount() { let { connector, request } = this.props; - if (!lazy.PrivateBrowsingUtils.isWindowPrivate(window)) { + if (!connector.currentTarget?.targetForm?.isPrivate) { const persistedCustomRequest = await asyncStorage.getItem( "devtools.netmonitor.customRequest" ); @@ -198,7 +193,7 @@ class HTTPCustomRequestPanel extends Component { } componentWillUnmount() { - if (!lazy.PrivateBrowsingUtils.isWindowPrivate(window)) { + if (!this.props.connector.currentTarget?.targetForm?.isPrivate) { asyncStorage.setItem("devtools.netmonitor.customRequest", this.state); } } ===================================== devtools/client/netmonitor/test/browser_net_new_request_panel_persisted_content.js ===================================== @@ -9,30 +9,14 @@ const asyncStorage = require("resource://devtools/shared/async-storage.js"); * Test if content is still persisted after the panel is closed */ -add_task(async function () { - // Turn true the pref - await pushPref("devtools.netmonitor.features.newEditAndResend", true); - // Reset the storage for the persisted custom request - await asyncStorage.removeItem("devtools.netmonitor.customRequest"); - - const { monitor } = await initNetMonitor(HTTPS_CUSTOM_GET_URL, { - requestCount: 1, - }); - info("Starting test... "); - - const { document, store, windowRequire } = monitor.panelWin; - - // Action should be processed synchronously in tests. - const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); - store.dispatch(Actions.batchEnable(false)); - - info("open the left panel"); - let waitForPanels = waitForDOM( +async function addCustomRequestTestContent(tab, monitor, document) { + info("Open the left panel"); + const waitForPanels = waitForDOM( document, ".monitor-panel .network-action-bar" ); - let HTTPCustomRequestButton = document.querySelector( + const HTTPCustomRequestButton = document.querySelector( "#netmonitor-toolbar-container .devtools-http-custom-request-icon" ); HTTPCustomRequestButton.click(); @@ -59,91 +43,166 @@ add_task(async function () { "#http-custom-query .map-add-new-inputs .http-custom-input-name" ); newParameterName.focus(); - EventUtils.sendString("My-param"); + EventUtils.sendString("My-param", monitor.panelWin); info("Adding new headers"); const newHeaderName = document.querySelector( "#http-custom-headers .map-add-new-inputs .http-custom-input-name" ); newHeaderName.focus(); - EventUtils.sendString("My-header"); + EventUtils.sendString("My-header", monitor.panelWin); const newHeaderValue = Array.from( document.querySelectorAll( "#http-custom-headers .http-custom-input .http-custom-input-value" ) - ).pop(); + ).at(-1); newHeaderValue.focus(); - EventUtils.sendString("my-value"); + EventUtils.sendString("my-value", monitor.panelWin); const postValue = document.querySelector("#http-custom-postdata-value"); postValue.focus(); - EventUtils.sendString("{'Name': 'Value'}"); + EventUtils.sendString("{'Name': 'Value'}", monitor.panelWin); - // Close the panel + info("Close the panel"); const closePanel = document.querySelector( ".network-action-bar .tabs-navigation .sidebar-toggle" ); closePanel.click(); +} - // Open the panel again to see if the content is still there - waitForPanels = waitUntil( +async function runTests(tab, monitor, document, isPrivate = false) { + info("Open the panel again to see if the content is still there"); + const waitForPanels = waitFor( () => document.querySelector(".http-custom-request-panel") && document.querySelector("#http-custom-request-send-button").disabled === - false + isPrivate ); - HTTPCustomRequestButton = document.querySelector( + const HTTPCustomRequestButton = document.querySelector( "#netmonitor-toolbar-container .devtools-http-custom-request-icon" ); HTTPCustomRequestButton.click(); await waitForPanels; - is( - methodValue.value, - "POST", - "The content should still be there after the user close the panel and re-opened" - ); - - is( - url.value, - "https://www.example.com?My-param=", - "The url should still be there after the user close the panel and re-opened" - ); + // Wait a few seconds to make sure all the fields have been updated + await wait(1500); + + const customMethod = document.querySelector("#http-custom-method-value"); + const customUrl = document.querySelector(".http-custom-url-value"); + const customQuery = document.querySelectorAll( + "#http-custom-query .tabpanel-summary-container.http-custom-input textarea" + ); + const customHeaders = document.querySelectorAll( + "#http-custom-headers .tabpanel-summary-container.http-custom-input textarea" + ); + const postDataValue = document.querySelector("#http-custom-postdata-value"); + + if (isPrivate) { + is( + customMethod.value, + "GET", + "The method should not be persisted after the user close the panel and re-opened in PBM" + ); + + is( + customUrl.value, + "", + "The url should not be there after the user close the panel and re-opened in PBM" + ); + + is( + customQuery.length, + 0, + "The Parameter should not be there after the user close the panel and re-opened in PBM" + ); + + is( + customHeaders.length, + 0, + "There should be no custom headers after the user close the panel and re-opened in PBM" + ); + + is( + postDataValue.value, + "", + "The post data should still be reset after the user close the panel and re-opened in PBM" + ); + } else { + is( + customMethod.value, + "POST", + "The method should be persisted after the user close the panel and re-opened" + ); + + is( + customUrl.value, + "https://www.example.com?My-param=", + "The url should still be there after the user close the panel and re-opened" + ); + + const [nameParam] = Array.from(customQuery); + is( + nameParam.value, + "My-param", + "The Parameter name should still be there after the user close the panel and re-opened" + ); + + const [name, value] = Array.from(customHeaders); + is( + name.value, + "My-header", + "The header name should still be there after the user close the panel and re-opened" + ); + is( + value.value, + "my-value", + "The header value should still be there after the user close the panel and re-opened" + ); + + is( + postDataValue.value, + "{'Name': 'Value'}", + "The content should still be there after the user close the panel and re-opened" + ); + } +} + +add_task(async function testRequestPanelPersistedContent() { + // Turn true the pref + await pushPref("devtools.netmonitor.features.newEditAndResend", true); + // Reset the storage for the persisted custom request + await asyncStorage.removeItem("devtools.netmonitor.customRequest"); - const [nameParam] = Array.from( - document.querySelectorAll( - "#http-custom-query .tabpanel-summary-container.http-custom-input textarea" - ) - ); - is( - nameParam.value, - "My-param", - "The Parameter name should still be there after the user close the panel and re-opened" - ); + const { tab, monitor } = await initNetMonitor(HTTPS_CUSTOM_GET_URL, { + requestCount: 1, + }); + const { document, store, windowRequire } = monitor.panelWin; + const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); + store.dispatch(Actions.batchEnable(false)); - const [name, value] = Array.from( - document.querySelectorAll( - "#http-custom-headers .tabpanel-summary-container.http-custom-input textarea" - ) - ); - is( - name.value, - "My-header", - "The header name should still be there after the user close the panel and re-opened" - ); - is( - value.value, - "my-value", - "The header value should still be there after the user close the panel and re-opened" - ); + info("Starting test... "); + info("Add initial custom request test content"); + await addCustomRequestTestContent(tab, monitor, document); + await runTests(tab, monitor, document); + await teardown(monitor); +}); - is( - postValue.value, - "{'Name': 'Value'}", - "The content should still be there after the user close the panel and re-opened" +add_task(async function testRequestPanelPersistedContentInPrivateWindow() { + await pushPref("devtools.netmonitor.features.newEditAndResend", true); + const { tab, monitor, privateWindow } = await initNetMonitor( + HTTPS_CUSTOM_GET_URL, + { + requestCount: 1, + openInPrivateWindow: true, + } ); + const { document, store, windowRequire } = monitor.panelWin; + const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); + store.dispatch(Actions.batchEnable(false)); - await teardown(monitor); + info("Starting test in private window... "); + await runTests(tab, monitor, document, true); + await teardown(monitor, privateWindow); }); ===================================== devtools/client/netmonitor/test/head.js ===================================== @@ -321,6 +321,7 @@ function initNetMonitor( expectedEventTimings, waitForLoad = true, enableCache = false, + openInPrivateWindow = false, } ) { info("Initializing a network monitor pane."); @@ -341,7 +342,22 @@ function initNetMonitor( ], }); - const tab = await addTab(url, { waitForLoad }); + let tab = null; + let privateWindow = null; + + if (openInPrivateWindow) { + privateWindow = await BrowserTestUtils.openNewBrowserWindow({ + private: true, + }); + ok( + PrivateBrowsingUtils.isContentWindowPrivate(privateWindow), + "window is private" + ); + tab = BrowserTestUtils.addTab(privateWindow.gBrowser, url); + } else { + tab = await addTab(url, { waitForLoad }); + } + info("Net tab added successfully: " + url); const toolbox = await gDevTools.showToolboxForTab(tab, { @@ -371,7 +387,7 @@ function initNetMonitor( await clearNetworkEvents(monitor); } - return { tab, monitor, toolbox }; + return { tab, monitor, toolbox, privateWindow }; })(); } @@ -408,7 +424,7 @@ async function clearNetworkEvents(monitor) { store.dispatch(Actions.clearRequests()); } -function teardown(monitor) { +function teardown(monitor, privateWindow) { info("Destroying the specified network monitor."); return (async function () { @@ -419,6 +435,12 @@ function teardown(monitor) { await monitor.toolbox.destroy(); await removeTab(tab); + + if (privateWindow) { + const closed = BrowserTestUtils.windowClosed(privateWindow); + privateWindow.BrowserCommands.tryToCloseWindow(); + await closed; + } })(); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3bed85… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3bed85… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 2 commits: Revert "Bug 41881: Don't persist custom network requests on private windows"
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 55da4b57 by Pier Angelo Vendrame at 2024-05-13T20:38:15+00:00 Revert "Bug 41881: Don't persist custom network requests on private windows" This reverts commit 6450a4e62e810832f35ee8732a4630ec2c2ba6f6. - - - - - 894dc8df by cypherpunks1 at 2024-05-13T20:38:15+00:00 Bug 1892052 - Do not persist custom network requests on PBM. r=devtools-reviewers,bomsy,nchevobbe Differential Revision: https://phabricator.services.mozilla.com/D207762 - - - - - 3 changed files: - devtools/client/netmonitor/src/components/new-request/HTTPCustomRequestPanel.js - devtools/client/netmonitor/test/browser_net_new_request_panel_persisted_content.js - devtools/client/netmonitor/test/head.js Changes: ===================================== devtools/client/netmonitor/src/components/new-request/HTTPCustomRequestPanel.js ===================================== @@ -4,11 +4,6 @@ "use strict"; -const lazy = {}; -ChromeUtils.defineESModuleGetters(lazy, { - PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.sys.mjs", -}); - const { Component, createFactory, @@ -127,7 +122,7 @@ class HTTPCustomRequestPanel extends Component { async componentDidMount() { let { connector, request } = this.props; - if (!lazy.PrivateBrowsingUtils.isWindowPrivate(window)) { + if (!connector.currentTarget?.targetForm?.isPrivate) { const persistedCustomRequest = await asyncStorage.getItem( "devtools.netmonitor.customRequest" ); @@ -198,7 +193,7 @@ class HTTPCustomRequestPanel extends Component { } componentWillUnmount() { - if (!lazy.PrivateBrowsingUtils.isWindowPrivate(window)) { + if (!this.props.connector.currentTarget?.targetForm?.isPrivate) { asyncStorage.setItem("devtools.netmonitor.customRequest", this.state); } } ===================================== devtools/client/netmonitor/test/browser_net_new_request_panel_persisted_content.js ===================================== @@ -9,30 +9,14 @@ const asyncStorage = require("resource://devtools/shared/async-storage.js"); * Test if content is still persisted after the panel is closed */ -add_task(async function () { - // Turn true the pref - await pushPref("devtools.netmonitor.features.newEditAndResend", true); - // Reset the storage for the persisted custom request - await asyncStorage.removeItem("devtools.netmonitor.customRequest"); - - const { monitor } = await initNetMonitor(HTTPS_CUSTOM_GET_URL, { - requestCount: 1, - }); - info("Starting test... "); - - const { document, store, windowRequire } = monitor.panelWin; - - // Action should be processed synchronously in tests. - const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); - store.dispatch(Actions.batchEnable(false)); - - info("open the left panel"); - let waitForPanels = waitForDOM( +async function addCustomRequestTestContent(tab, monitor, document) { + info("Open the left panel"); + const waitForPanels = waitForDOM( document, ".monitor-panel .network-action-bar" ); - let HTTPCustomRequestButton = document.querySelector( + const HTTPCustomRequestButton = document.querySelector( "#netmonitor-toolbar-container .devtools-http-custom-request-icon" ); HTTPCustomRequestButton.click(); @@ -59,91 +43,166 @@ add_task(async function () { "#http-custom-query .map-add-new-inputs .http-custom-input-name" ); newParameterName.focus(); - EventUtils.sendString("My-param"); + EventUtils.sendString("My-param", monitor.panelWin); info("Adding new headers"); const newHeaderName = document.querySelector( "#http-custom-headers .map-add-new-inputs .http-custom-input-name" ); newHeaderName.focus(); - EventUtils.sendString("My-header"); + EventUtils.sendString("My-header", monitor.panelWin); const newHeaderValue = Array.from( document.querySelectorAll( "#http-custom-headers .http-custom-input .http-custom-input-value" ) - ).pop(); + ).at(-1); newHeaderValue.focus(); - EventUtils.sendString("my-value"); + EventUtils.sendString("my-value", monitor.panelWin); const postValue = document.querySelector("#http-custom-postdata-value"); postValue.focus(); - EventUtils.sendString("{'Name': 'Value'}"); + EventUtils.sendString("{'Name': 'Value'}", monitor.panelWin); - // Close the panel + info("Close the panel"); const closePanel = document.querySelector( ".network-action-bar .tabs-navigation .sidebar-toggle" ); closePanel.click(); +} - // Open the panel again to see if the content is still there - waitForPanels = waitUntil( +async function runTests(tab, monitor, document, isPrivate = false) { + info("Open the panel again to see if the content is still there"); + const waitForPanels = waitFor( () => document.querySelector(".http-custom-request-panel") && document.querySelector("#http-custom-request-send-button").disabled === - false + isPrivate ); - HTTPCustomRequestButton = document.querySelector( + const HTTPCustomRequestButton = document.querySelector( "#netmonitor-toolbar-container .devtools-http-custom-request-icon" ); HTTPCustomRequestButton.click(); await waitForPanels; - is( - methodValue.value, - "POST", - "The content should still be there after the user close the panel and re-opened" - ); - - is( - url.value, - "https://www.example.com?My-param=", - "The url should still be there after the user close the panel and re-opened" - ); + // Wait a few seconds to make sure all the fields have been updated + await wait(1500); + + const customMethod = document.querySelector("#http-custom-method-value"); + const customUrl = document.querySelector(".http-custom-url-value"); + const customQuery = document.querySelectorAll( + "#http-custom-query .tabpanel-summary-container.http-custom-input textarea" + ); + const customHeaders = document.querySelectorAll( + "#http-custom-headers .tabpanel-summary-container.http-custom-input textarea" + ); + const postDataValue = document.querySelector("#http-custom-postdata-value"); + + if (isPrivate) { + is( + customMethod.value, + "GET", + "The method should not be persisted after the user close the panel and re-opened in PBM" + ); + + is( + customUrl.value, + "", + "The url should not be there after the user close the panel and re-opened in PBM" + ); + + is( + customQuery.length, + 0, + "The Parameter should not be there after the user close the panel and re-opened in PBM" + ); + + is( + customHeaders.length, + 0, + "There should be no custom headers after the user close the panel and re-opened in PBM" + ); + + is( + postDataValue.value, + "", + "The post data should still be reset after the user close the panel and re-opened in PBM" + ); + } else { + is( + customMethod.value, + "POST", + "The method should be persisted after the user close the panel and re-opened" + ); + + is( + customUrl.value, + "https://www.example.com?My-param=", + "The url should still be there after the user close the panel and re-opened" + ); + + const [nameParam] = Array.from(customQuery); + is( + nameParam.value, + "My-param", + "The Parameter name should still be there after the user close the panel and re-opened" + ); + + const [name, value] = Array.from(customHeaders); + is( + name.value, + "My-header", + "The header name should still be there after the user close the panel and re-opened" + ); + is( + value.value, + "my-value", + "The header value should still be there after the user close the panel and re-opened" + ); + + is( + postDataValue.value, + "{'Name': 'Value'}", + "The content should still be there after the user close the panel and re-opened" + ); + } +} + +add_task(async function testRequestPanelPersistedContent() { + // Turn true the pref + await pushPref("devtools.netmonitor.features.newEditAndResend", true); + // Reset the storage for the persisted custom request + await asyncStorage.removeItem("devtools.netmonitor.customRequest"); - const [nameParam] = Array.from( - document.querySelectorAll( - "#http-custom-query .tabpanel-summary-container.http-custom-input textarea" - ) - ); - is( - nameParam.value, - "My-param", - "The Parameter name should still be there after the user close the panel and re-opened" - ); + const { tab, monitor } = await initNetMonitor(HTTPS_CUSTOM_GET_URL, { + requestCount: 1, + }); + const { document, store, windowRequire } = monitor.panelWin; + const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); + store.dispatch(Actions.batchEnable(false)); - const [name, value] = Array.from( - document.querySelectorAll( - "#http-custom-headers .tabpanel-summary-container.http-custom-input textarea" - ) - ); - is( - name.value, - "My-header", - "The header name should still be there after the user close the panel and re-opened" - ); - is( - value.value, - "my-value", - "The header value should still be there after the user close the panel and re-opened" - ); + info("Starting test... "); + info("Add initial custom request test content"); + await addCustomRequestTestContent(tab, monitor, document); + await runTests(tab, monitor, document); + await teardown(monitor); +}); - is( - postValue.value, - "{'Name': 'Value'}", - "The content should still be there after the user close the panel and re-opened" +add_task(async function testRequestPanelPersistedContentInPrivateWindow() { + await pushPref("devtools.netmonitor.features.newEditAndResend", true); + const { tab, monitor, privateWindow } = await initNetMonitor( + HTTPS_CUSTOM_GET_URL, + { + requestCount: 1, + openInPrivateWindow: true, + } ); + const { document, store, windowRequire } = monitor.panelWin; + const Actions = windowRequire("devtools/client/netmonitor/src/actions/index"); + store.dispatch(Actions.batchEnable(false)); - await teardown(monitor); + info("Starting test in private window... "); + await runTests(tab, monitor, document, true); + await teardown(monitor, privateWindow); }); ===================================== devtools/client/netmonitor/test/head.js ===================================== @@ -321,6 +321,7 @@ function initNetMonitor( expectedEventTimings, waitForLoad = true, enableCache = false, + openInPrivateWindow = false, } ) { info("Initializing a network monitor pane."); @@ -341,7 +342,22 @@ function initNetMonitor( ], }); - const tab = await addTab(url, { waitForLoad }); + let tab = null; + let privateWindow = null; + + if (openInPrivateWindow) { + privateWindow = await BrowserTestUtils.openNewBrowserWindow({ + private: true, + }); + ok( + PrivateBrowsingUtils.isContentWindowPrivate(privateWindow), + "window is private" + ); + tab = BrowserTestUtils.addTab(privateWindow.gBrowser, url); + } else { + tab = await addTab(url, { waitForLoad }); + } + info("Net tab added successfully: " + url); const toolbox = await gDevTools.showToolboxForTab(tab, { @@ -371,7 +387,7 @@ function initNetMonitor( await clearNetworkEvents(monitor); } - return { tab, monitor, toolbox }; + return { tab, monitor, toolbox, privateWindow }; })(); } @@ -408,7 +424,7 @@ async function clearNetworkEvents(monitor) { store.dispatch(Actions.clearRequests()); } -function teardown(monitor) { +function teardown(monitor, privateWindow) { info("Destroying the specified network monitor."); return (async function () { @@ -419,6 +435,12 @@ function teardown(monitor) { await monitor.toolbox.destroy(); await removeTab(tab); + + if (privateWindow) { + const closed = BrowserTestUtils.windowClosed(privateWindow); + privateWindow.BrowserCommands.tryToCloseWindow(); + await closed; + } })(); } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/32a6f9… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/32a6f9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 2 commits: Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2"
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 532087af by Pier Angelo Vendrame at 2024-05-13T19:56:57+00:00 Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2" This reverts commit 94c39de65acb82efc7ecabbd7125f8d2aeb46d02. - - - - - bed64b83 by Fatih at 2024-05-13T19:56:57+00:00 Bug 1830629: Remove unnecessary checks for pdf.js for RFP. r=tjr resource:// is exempt from RFP, so we no longer need to check pdf.js specifically. Differential Revision: https://phabricator.services.mozilla.com/D209359 - - - - - 1 changed file: - dom/base/nsGlobalWindowInner.cpp Changes: ===================================== dom/base/nsGlobalWindowInner.cpp ===================================== @@ -3604,20 +3604,9 @@ double nsGlobalWindowInner::GetDevicePixelRatio(CallerType aCallerType, return 1.0; } - if (nsIGlobalObject::ShouldResistFingerprinting(aCallerType, - RFPTarget::Unknown)) { - // Spoofing the DevicePixelRatio causes blurriness in some situations - // on HiDPI displays. pdf.js is a non-system caller; but it can't - // expose the fingerprintable information, so we can safely disable - // spoofing in this situation. It doesn't address the issue for - // web-rendered content (including pdf.js instances on the web.) - // In the future we hope to have a better solution to fix all HiDPI - // blurriness... - nsAutoCString origin; - nsresult rv = this->GetPrincipal()->GetOrigin(origin); - if (NS_FAILED(rv) || origin != "resource://pdf.js"_ns) { - return 2.0; - } + if (nsIGlobalObject::ShouldResistFingerprinting( + aCallerType, RFPTarget::Unknown)) { + return 2.0; } if (aCallerType == CallerType::NonSystem) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/5e… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/5e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 2 commits: Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2"
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: be35122b by Pier Angelo Vendrame at 2024-05-13T19:56:00+00:00 Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2" This reverts commit 94c39de65acb82efc7ecabbd7125f8d2aeb46d02. - - - - - 3bed85e2 by Fatih at 2024-05-13T19:56:00+00:00 Bug 1830629: Remove unnecessary checks for pdf.js for RFP. r=tjr resource:// is exempt from RFP, so we no longer need to check pdf.js specifically. Differential Revision: https://phabricator.services.mozilla.com/D209359 - - - - - 1 changed file: - dom/base/nsGlobalWindowInner.cpp Changes: ===================================== dom/base/nsGlobalWindowInner.cpp ===================================== @@ -3604,20 +3604,9 @@ double nsGlobalWindowInner::GetDevicePixelRatio(CallerType aCallerType, return 1.0; } - if (nsIGlobalObject::ShouldResistFingerprinting(aCallerType, - RFPTarget::Unknown)) { - // Spoofing the DevicePixelRatio causes blurriness in some situations - // on HiDPI displays. pdf.js is a non-system caller; but it can't - // expose the fingerprintable information, so we can safely disable - // spoofing in this situation. It doesn't address the issue for - // web-rendered content (including pdf.js instances on the web.) - // In the future we hope to have a better solution to fix all HiDPI - // blurriness... - nsAutoCString origin; - nsresult rv = this->GetPrincipal()->GetOrigin(origin); - if (NS_FAILED(rv) || origin != "resource://pdf.js"_ns) { - return 2.0; - } + if (nsIGlobalObject::ShouldResistFingerprinting( + aCallerType, RFPTarget::Unknown)) { + return 2.0; } if (aCallerType == CallerType::NonSystem) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1f7194… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1f7194… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 2 commits: Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2"
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 736fba53 by Pier Angelo Vendrame at 2024-05-13T17:49:22+02:00 Revert "Bug 41740: Change the RFP value of devicePixelRatio to 2" This reverts commit 94c39de65acb82efc7ecabbd7125f8d2aeb46d02. - - - - - 32a6f98c by Fatih at 2024-05-13T17:52:54+02:00 Bug 1830629: Remove unnecessary checks for pdf.js for RFP. r=tjr resource:// is exempt from RFP, so we no longer need to check pdf.js specifically. Differential Revision: https://phabricator.services.mozilla.com/D209359 - - - - - 1 changed file: - dom/base/nsGlobalWindowInner.cpp Changes: ===================================== dom/base/nsGlobalWindowInner.cpp ===================================== @@ -3604,20 +3604,9 @@ double nsGlobalWindowInner::GetDevicePixelRatio(CallerType aCallerType, return 1.0; } - if (nsIGlobalObject::ShouldResistFingerprinting(aCallerType, - RFPTarget::Unknown)) { - // Spoofing the DevicePixelRatio causes blurriness in some situations - // on HiDPI displays. pdf.js is a non-system caller; but it can't - // expose the fingerprintable information, so we can safely disable - // spoofing in this situation. It doesn't address the issue for - // web-rendered content (including pdf.js instances on the web.) - // In the future we hope to have a better solution to fix all HiDPI - // blurriness... - nsAutoCString origin; - nsresult rv = this->GetPrincipal()->GetOrigin(origin); - if (NS_FAILED(rv) || origin != "resource://pdf.js"_ns) { - return 2.0; - } + if (nsIGlobalObject::ShouldResistFingerprinting( + aCallerType, RFPTarget::Unknown)) { + return 2.0; } if (aCallerType == CallerType::NonSystem) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8e9d5e… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8e9d5e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] release: new version, 13.0.15
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: e8782cea by Richard Pospesel at 2024-05-13T15:17:52+00:00 release: new version, 13.0.15 - - - - - 30 changed files: - update_3/release/.htaccess - − update_3/release/13.0.11-13.0.14-linux-i686-ALL.xml - − update_3/release/13.0.11-13.0.14-linux-x86_64-ALL.xml - − update_3/release/13.0.11-13.0.14-macos-ALL.xml - − update_3/release/13.0.11-13.0.14-windows-i686-ALL.xml - − update_3/release/13.0.11-13.0.14-windows-x86_64-ALL.xml - − update_3/release/13.0.12-13.0.14-linux-i686-ALL.xml - − update_3/release/13.0.12-13.0.14-linux-x86_64-ALL.xml - − update_3/release/13.0.12-13.0.14-macos-ALL.xml - − update_3/release/13.0.12-13.0.14-windows-i686-ALL.xml - − update_3/release/13.0.12-13.0.14-windows-x86_64-ALL.xml - + update_3/release/13.0.12-13.0.15-linux-i686-ALL.xml - + update_3/release/13.0.12-13.0.15-linux-x86_64-ALL.xml - + update_3/release/13.0.12-13.0.15-macos-ALL.xml - + update_3/release/13.0.12-13.0.15-windows-i686-ALL.xml - + update_3/release/13.0.12-13.0.15-windows-x86_64-ALL.xml - − update_3/release/13.0.13-13.0.14-linux-i686-ALL.xml - − update_3/release/13.0.13-13.0.14-linux-x86_64-ALL.xml - − update_3/release/13.0.13-13.0.14-macos-ALL.xml - − update_3/release/13.0.13-13.0.14-windows-i686-ALL.xml - − update_3/release/13.0.13-13.0.14-windows-x86_64-ALL.xml - + update_3/release/13.0.13-13.0.15-linux-i686-ALL.xml - + update_3/release/13.0.13-13.0.15-linux-x86_64-ALL.xml - + update_3/release/13.0.13-13.0.15-macos-ALL.xml - + update_3/release/13.0.13-13.0.15-windows-i686-ALL.xml - + update_3/release/13.0.13-13.0.15-windows-x86_64-ALL.xml - + update_3/release/13.0.14-13.0.15-linux-i686-ALL.xml - + update_3/release/13.0.14-13.0.15-linux-x86_64-ALL.xml - + update_3/release/13.0.14-13.0.15-macos-ALL.xml - + update_3/release/13.0.14-13.0.15-windows-i686-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] fixup! Firefox preference overrides.
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 1f7194f4 by Richard Pospesel at 2024-05-13T13:50:25+00:00 fixup! Firefox preference overrides. Bug 241: Move network.proxy.failover_direct=false pref to base-browser - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -455,6 +455,8 @@ pref("network.protocol-handler.warn-external.snews", true); pref("network.protocol-handler.warn-external.ms-windows-store", true); #endif pref("network.proxy.allow_bypass", false, locked); // #40682 +// Bug 40548: Disable proxy-bypass +pref("network.proxy.failover_direct", false, locked); // Lock to 'true', which is already the firefox default, to prevent users // from making themselves fingerprintable by disabling. This pref // alters content load order in a page. See tor-browser#24686 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1f7194f… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/1f7194f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] fixup! Firefox preference overrides.
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 5ee488b0 by Richard Pospesel at 2024-05-13T13:48:40+00:00 fixup! Firefox preference overrides. Bug 241: Move network.proxy.failover_direct=false pref to base-browser - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -454,6 +454,8 @@ pref("network.protocol-handler.warn-external.snews", true); pref("network.protocol-handler.warn-external.ms-windows-store", true); #endif pref("network.proxy.allow_bypass", false, locked); // #40682 +// Bug 40548: Disable proxy-bypass +pref("network.proxy.failover_direct", false, locked); // Lock to 'true', which is already the firefox default, to prevent users // from making themselves fingerprintable by disabling. This pref // alters content load order in a page. See tor-browser#24686 View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5ee… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5ee… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: b04fa658 by Richard Pospesel at 2024-05-13T13:18:28+00:00 fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js Bug 241: Move network.proxy.failover_direct=false pref to base-browser - - - - - 8e9d5e49 by Richard Pospesel at 2024-05-13T13:18:28+00:00 fixup! Firefox preference overrides. Bug 241: Move network.proxy.failover_direct=false pref to base-browser - - - - - 2 changed files: - browser/app/profile/000-tor-browser.js - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/000-tor-browser.js ===================================== @@ -21,8 +21,6 @@ pref("network.proxy.socks_remote_dns", true); pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419) pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065) pref("network.proxy.type", 1); -// Bug 40548: Disable proxy-bypass -pref("network.proxy.failover_direct", false); // localhost is already blocked by setting `network.proxy.allow_hijacking_localhost` to // true, allowing users to explicitly block ports makes them fingerprintable; for details, see // Bug 41317: Tor Browser leaks banned ports in network.security.ports.banned ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -455,6 +455,8 @@ pref("network.protocol-handler.warn-external.snews", true); pref("network.protocol-handler.warn-external.ms-windows-store", true); #endif pref("network.proxy.allow_bypass", false, locked); // #40682 +// Bug 40548: Disable proxy-bypass +pref("network.proxy.failover_direct", false, locked); // Lock to 'true', which is already the firefox default, to prevent users // from making themselves fingerprintable by disabling. This pref // alters content load order in a page. See tor-browser#24686 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ca21ab… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/ca21ab… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] fixup! MB 38: Mullvad Browser configuration
by richard (＠richard) 13 May '24

13 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: cce4482c by Richard Pospesel at 2024-05-13T12:37:21+00:00 fixup! MB 38: Mullvad Browser configuration Bug 222: Hide 'List all tabs' when the tabs don't overflow - - - - - 1 changed file: - browser/app/profile/000-mullvad-browser.js Changes: ===================================== browser/app/profile/000-mullvad-browser.js ===================================== @@ -48,3 +48,6 @@ pref("app.feedback.baseURL", "https://mullvad.net/help/tag/browser/"); // mullvad-browser#234: Do not spoof the OS in the User-Agent header pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false); + +// mullvad-browser#222: Hide "List all tabs" when the tabs don't overflow +pref("browser.tabs.tabmanager.enabled", false); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/cce… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/cce… You're receiving this email because of your account on gitlab.torproject.org.

1 0