- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41251: Fix jtorctl.0.2.jar missing dependency
by ma1 (＠ma1) 01 Oct '24

01 Oct '24

ma1 pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: ecac6d89 by hackademix at 2024-10-01T14:24:17+02:00 Bug 41251: Fix jtorctl.0.2.jar missing dependency - - - - - 2 changed files: - projects/firefox-android/config - projects/firefox-android/gradle-dependencies-list.txt Changes: ===================================== projects/firefox-android/config ===================================== @@ -19,7 +19,7 @@ var: browser_build: 15 variant: Beta # This should be updated when the list of gradle dependencies is changed. - gradle_dependencies_version: 1 + gradle_dependencies_version: 2 gradle_version: 7.6.1 glean_parser: 7.1.0 as_version: '[% pc("application-services", "version") %]' ===================================== projects/firefox-android/gradle-dependencies-list.txt ===================================== @@ -1,6 +1,6 @@ sha256sum | url -ec3a75bebddbf19ff56a281cf5d1ad146169dcaa0e69d7b14f4aaba2e7775f34 | https://jcenter.bintray.com/net/freehaven/tor/control/jtorctl/0.2/jtorctl-0… -3369726ca2b0e3736c741ff3c22e06f707a1007ff20ccc5b5ba5d0d9a01ead30 | https://jcenter.bintray.com/net/freehaven/tor/control/jtorctl/0.2/jtorctl-0… +ec3a75bebddbf19ff56a281cf5d1ad146169dcaa0e69d7b14f4aaba2e7775f34 | https://build-sources.tbb.torproject.org/jtorctl/jtorctl-0.2.jar +3369726ca2b0e3736c741ff3c22e06f707a1007ff20ccc5b5ba5d0d9a01ead30 | https://build-sources.tbb.torproject.org/jtorctl/jtorctl-0.2.pom caa72885d1ce7979c1d6c59a8b255c6097b770780d4d4da95d56979a348646cd | https://maven.google.com/androidx/activity/activity-compose/1.7.0/activity-… f7a29bcba338575dcf89a553cff9cfad3f140340eaf2b56fd0193244da602c0a | https://maven.google.com/androidx/activity/activity-compose/1.7.0/activity-… 90f32e60dcb83add1aff051ee8709023123d524cc3f6390fff6a4a31c20d9798 | https://maven.google.com/androidx/activity/activity-compose/1.7.0/activity-… View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] 4 commits: Mullvad Browser strings
by Pier Angelo Vendrame (＠pierov) 01 Oct '24

01 Oct '24

Pier Angelo Vendrame pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: cbadd0c5 by Henry Wilkes at 2024-10-01T09:26:25+01:00 Mullvad Browser strings This commit adds strings needed by the following Mullvad Browser patches. - - - - - 96e5e78f by Henry Wilkes at 2024-10-01T09:26:26+01:00 fixup! MB 37: Customization for the about dialog MB 349: Merge Fluent files into one. - - - - - e0227da3 by Henry Wilkes at 2024-10-01T09:26:27+01:00 fixup! MB 39: Add home page about:mullvad-browser MB 349: Merge Fluent files into one. - - - - - 6243c664 by Henry Wilkes at 2024-10-01T09:26:28+01:00 fixup! MB 63: Customize some about pages for Mullvad Browser MB 349: Merge Fluent files into one. - - - - - 11 changed files: - browser/base/content/aboutDialog.xhtml - browser/components/mullvad-browser/content/aboutMullvadBrowser.xhtml - browser/components/preferences/preferences.xhtml - − browser/locales/en-US/browser/aboutDialogMullvad.ftl - − browser/locales/en-US/browser/mullvad-browser/preferences.ftl - toolkit/content/aboutRightsMullvad.xhtml - toolkit/content/aboutTelemetryMullvad.xhtml - − toolkit/locales/en-US/toolkit/about/aboutRightsMullvad.ftl - − toolkit/locales/en-US/toolkit/about/aboutTelemetryMullvad.ftl - browser/locales/en-US/browser/mullvad-browser/aboutMullvadBrowser.ftl → toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl - tools/lint/fluent-lint/exclusions.yml Changes: ===================================== browser/base/content/aboutDialog.xhtml ===================================== @@ -37,7 +37,7 @@ <html:link rel="localization" href="branding/brand.ftl"/> <html:link rel="localization" href="browser/aboutDialog.ftl"/> <html:link rel="localization" href="toolkit/global/base-browser.ftl"/> - <html:link rel="localization" href="browser/aboutDialogMullvad.ftl"/> + <html:link rel="localization" href="toolkit/global/mullvad-browser.ftl"/> </linkset> <html:div id="aboutDialogContainer"> ===================================== browser/components/mullvad-browser/content/aboutMullvadBrowser.xhtml ===================================== @@ -17,10 +17,7 @@ /> <link rel="localization" href="branding/brand.ftl" /> <link rel="localization" href="browser/newtab/newtab.ftl" /> - <link - rel="localization" - href="browser/mullvad-browser/aboutMullvadBrowser.ftl" - /> + <link rel="localization" href="toolkit/global/mullvad-browser.ftl" /> <script src="chrome://browser/content/mullvad-browser/aboutMullvadBrowser.js"></script> </head> ===================================== browser/components/preferences/preferences.xhtml ===================================== @@ -80,7 +80,7 @@ <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> <link rel="localization" href="toolkit/global/base-browser.ftl"/> - <link rel="localization" href="browser/mullvad-browser/preferences.ftl"/> + <link rel="localization" href="toolkit/global/mullvad-browser.ftl"/> <link rel="shortcut icon" href="chrome://global/skin/icons/settings.svg"/> ===================================== browser/locales/en-US/browser/aboutDialogMullvad.ftl deleted ===================================== @@ -1,11 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -## Variables -## $emailAddress (String) - The email address of Mullvad's support - -mullvad-about-desc = { -brand-short-name } is a privacy-focused web browser developed in collaboration between <label data-l10n-name="mullvad-about-mullvadLink">Mullvad VPN</label> and the <label data-l10n-name="mullvad-about-torProjectLink">Tor Project</label>. It’s produced to minimize tracking and fingerprinting. -mullvad-about-readMore = Read more -mullvad-about-feedback2 = Help & feedback: { $emailAddress } -mullvad-about-telemetryLink = Telemetry ===================================== browser/locales/en-US/browser/mullvad-browser/preferences.ftl deleted ===================================== @@ -1,2 +0,0 @@ -home-mode-choice-mullvad = - .label = { -brand-product-name } Home ===================================== toolkit/content/aboutRightsMullvad.xhtml ===================================== @@ -21,7 +21,7 @@ /> <link rel="localization" href="branding/brand.ftl" /> <link rel="localization" href="toolkit/about/aboutRights.ftl" /> - <link rel="localization" href="toolkit/about/aboutRightsMullvad.ftl" /> + <link rel="localization" href="toolkit/global/mullvad-browser.ftl" /> </head> <body id="your-rights" class="aboutPageWideContainer"> ===================================== toolkit/content/aboutTelemetryMullvad.xhtml ===================================== @@ -20,7 +20,7 @@ type="text/css" /> <link rel="localization" href="branding/brand.ftl" /> - <link rel="localization" href="toolkit/about/aboutTelemetryMullvad.ftl" /> + <link rel="localization" href="toolkit/global/mullvad-browser.ftl" /> </head> <body id="your-rights" class="aboutPageWideContainer"> ===================================== toolkit/locales/en-US/toolkit/about/aboutRightsMullvad.ftl deleted ===================================== @@ -1,10 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -rights-mullvad-intro = { -brand-short-name } is free and open source software. -rights-mullvad-you-should-know = There are a few things you should know: -rights-mullvad-trademarks = - You are not granted any trademark rights or licenses to the trademarks of - the { -brand-short-name } or any party, including without limitation the - { -brand-short-name } name or logo. ===================================== toolkit/locales/en-US/toolkit/about/aboutTelemetryMullvad.ftl deleted ===================================== @@ -1,7 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - - -telemetry-title = Telemetry Information -telemetry-description = Telemetry is disabled in { -brand-short-name }. ===================================== browser/locales/en-US/browser/mullvad-browser/aboutMullvadBrowser.ftl → toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl ===================================== @@ -1,3 +1,18 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +## About Mullvad browser dialog. + +mullvad-about-desc = { -brand-short-name } is a privacy-focused web browser developed in collaboration between <label data-l10n-name="mullvad-about-mullvadLink">Mullvad VPN</label> and the <label data-l10n-name="mullvad-about-torProjectLink">Tor Project</label>. It’s produced to minimize tracking and fingerprinting. +mullvad-about-readMore = Read more +# Variables +# $emailAddress (String) - The email address of Mullvad's support +mullvad-about-feedback2 = Help & feedback: { $emailAddress } +mullvad-about-telemetryLink = Telemetry + +## Mullvad browser home page. + about-mullvad-browser-heading = { -brand-product-name } about-mullvad-browser-developed-by = Developed in collaboration between the <a data-l10n-name="tor-project-link">Tor Project</a> and <a data-l10n-name="mullvad-vpn-link">Mullvad VPN</a> about-mullvad-browser-use-vpn = Get more privacy by using the browser <a data-l10n-name="with-vpn-link">with Mullvad VPN</a>. @@ -8,6 +23,21 @@ about-mullvad-browser-learn-more = Curious to learn more about the browser? <a d # $version (String) - The new browser version. about-mullvad-browser-update-message = { -brand-short-name } has been updated to { $version }. <a data-l10n-name="update-link">See what’s new</a> -## Deprecated. To be removed when 13.5 becomes stable. +## Home preferences. + +home-mode-choice-mullvad = + .label = { -brand-product-name } Home + +## about:rights page. + +rights-mullvad-intro = { -brand-short-name } is free and open source software. +rights-mullvad-you-should-know = There are a few things you should know: +rights-mullvad-trademarks = + You are not granted any trademark rights or licenses to the trademarks of + the { -brand-short-name } or any party, including without limitation the + { -brand-short-name } name or logo. + +## about:telemetry page. -about-mullvad-browser-page-title = { -brand-product-name } Home +telemetry-title = Telemetry Information +telemetry-description = Telemetry is disabled in { -brand-short-name }. ===================================== tools/lint/fluent-lint/exclusions.yml ===================================== @@ -87,7 +87,6 @@ ID01: # The webext-perms-description-* IDs are generated programmatically # from permission names - toolkit/locales/en-US/toolkit/global/extensionPermissions.ftl - - browser/locales/en-US/browser/aboutDialogMullvad.ftl ID02: messages: # browser/components/ion/content/ion.ftl View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/56… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/56… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-13.5.6-build1
by ma1 (＠ma1) 01 Oct '24

01 Oct '24

ma1 pushed new tag mb-13.5.6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5.6-build1
by ma1 (＠ma1) 01 Oct '24

01 Oct '24

ma1 pushed new tag tbb-13.5.6-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41245, 41235: Prepare Tor, Mullvad Browser 13.5.6
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: b32fad62 by hackademix at 2024-10-01T01:09:21+02:00 Bug 41245,41235: Prepare Tor,Mullvad Browser 13.5.6 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/allowed_addons.json - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,93 @@ +Mullvad Browser 13.5.6 - September 30 2024 + * All Platforms + * Updated Firefox to 115.16.0esr + * Updated NoScript to 11.4.40 + * Bug 356: Rebase Mullvad Browser Release onto Firefox 115.16.0esr [mullvad-browser] + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Linux + * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] + * Build System + * macOS + * Bug 41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh [tor-browser-build] + +Mullvad Browser 14.0a7 - September 27 2024 + * All Platforms + * Updated Firefox to 128.3.0esr + * Updated NoScript to 11.4.40 + * Bug 355: Rebase Mullvad Browser Alpha onto Firefox 128.3.0esr [mullvad-browser] + * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] + * Bug 42362: "New window" missing from File menu [tor-browser] + * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] + * Bug 41248: Check and update bundled font versions [tor-browser-build] + * Build System + * All Platforms + * Bug 41236: Remove binutils when not needed [tor-browser-build] + +Mullvad Browser 14.0a6 - September 19 2024 + * All Platforms + * Bug 344: set media.navigator.enabled = true [mullvad-browser] + * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser] + * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser] + * Bug 42831: Remove the shopping components [tor-browser] + * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser] + * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser] + * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser] + * Linux + * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser] + * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build] + +Mullvad Browser 14.0a5 - September 12 2024 + * All Platforms + * Updated NoScript to 11.4.37 + * Bug 328: Provide search engine icons [mullvad-browser] + * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser] + * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser] + * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser] + * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser] + * Bug 43046: Review Mozilla 1866927: Adds ability to enable email tracker blocking protection in private mode [tor-browser] + * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser] + * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser] + * Bug 43117: Hide 'Always underline links' option [tor-browser] + * Linux + * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] + * Build System + * macOS + * Bug 41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh [tor-browser-build] + +Mullvad Browser 14.0a4 - September 06 2024 + * All Platforms + * Updated NoScript to 11.4.35 + * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser] + * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser] + * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser] + * Bug 41309: Re-enable screenshots component [tor-browser] + * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser] + * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser] + * Bug 42630: Review LaterRun in 128 [tor-browser] + * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser] + * Bug 42684: Disable network prefetch [tor-browser] + * Bug 42685: compat: ESR128: enable textmetrics [tor-browser] + * Bug 42686: Backport Mozilla 1885101 [tor-browser] + * Bug 42730: Make RemoteSettings use only local dumps [tor-browser] + * Bug 42735: Disable recent search suggestions [tor-browser] + * Bug 42745: Remove some residuals from update scripts [tor-browser] + * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser] + * Bug 42867: Disable contentRelevancy component [tor-browser] + * Bug 43100: Backport security fixes from Firefox 130 [tor-browser] + * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser] + * macOS + * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser] + * Linux + * Bug 42773: Replace ~ with the original HOME [tor-browser] + * Bug 43092: Disable Wayland by default in 14.0 [tor-browser] + * Build System + * All Platforms + * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build] + * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build] + Mullvad Browser 13.5.3 - September 03 2024 * All Platforms * Updated Firefox to 115.15.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,8 +1,51 @@ -Tor Browser 13.5.5 - September 25 2024 +Tor Browser 13.5.6 - September 30 2024 + * All Platforms + * Updated NoScript to 11.4.40 + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43167: Rebase Tor Browser Stable onto 115.16.0esr [tor-browser] + * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 115.16.0esr + * Bug 42737: Drop the hash check on updates [tor-browser] + * Bug 43098: YEC 2024 Takeover for Desktop Stable [tor-browser] * Windows + macOS - * Bug 43125: Update message for legacy OS (windows ≤8.1, macOS ≤10.14) users [tor-browser] - * Linux - * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] + * Bug 42747: Windows 7/8 and macOS 10.12-10.14 Legacy/Maintenance [tor-browser] + * Android + * Updated GeckoView to 115.16.0esr + * Bug 43099: YEC 2024 Takeover for Android Stable [tor-browser] + +Tor Browser 14.0a7 - September 27 2024 + * All Platforms + * Updated NoScript to 11.4.40 + * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] + * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] + * Bug 43166: Rebase Tor Browser alpha onto Firefox 128.3.0esr [tor-browser] + * Windows + macOS + Linux + * Updated Firefox to 128.3.0esr + * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] + * Bug 42362: "New window" missing from File menu [tor-browser] + * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] + * Bug 41248: Check and update bundled font versions [tor-browser-build] + * Android + * Updated GeckoView to 128.3.0esr + * Bug 43172: remove remote settings and SERPTelemetry [tor-browser] + * Build System + * All Platforms + * Updated Go to 1.23.1 + * Bug 41236: Remove binutils when not needed [tor-browser-build] + * Windows + macOS + Linux + * Bug 41246: Add updater rewriterules to make 13.5a10 a watershed [tor-browser-build] + +Tor Browser 13.5a10 - September 25 2024 + * Windows + macOS + Linux + * Updated Firefox to 115.15.0esr + * Updated NoScript to 11.4.37 + * Updated OpenSSL to 3.0.15 + * Windows + macOS + * Bug 42747: Windows 7/8 and macOS 10.12-10.14 Legacy/Maintenance [tor-browser] + * Build System + * Windows + macOS + Linux + * Updated Go to 1.21.12 Tor Browser 14.0a6 - September 19 2024 * All Platforms ===================================== projects/browser/allowed_addons.json ===================================== @@ -17,7 +17,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…" } ], - "average_daily_users": 1198801, + "average_daily_users": 1204514, "categories": { "firefox": [ "web-development", @@ -218,10 +218,10 @@ "category": "recommended" }, "ratings": { - "average": 4.5264, - "bayesian_average": 4.525326004974587, - "count": 5857, - "text_count": 1842 + "average": 4.5262, + "bayesian_average": 4.525128945531112, + "count": 5874, + "text_count": 1848 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/", "requires_payment": false, @@ -318,7 +318,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/", - "weekly_downloads": 27576 + "weekly_downloads": 27270 }, "notes": null }, @@ -334,7 +334,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…" } ], - "average_daily_users": 256931, + "average_daily_users": 257341, "categories": { "firefox": [ "privacy-security" @@ -547,9 +547,9 @@ "category": "recommended" }, "ratings": { - "average": 4.7942, - "bayesian_average": 4.789582900272357, - "count": 1458, + "average": 4.7944, + "bayesian_average": 4.7897830310986445, + "count": 1459, "text_count": 263 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/", @@ -635,7 +635,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/", - "weekly_downloads": 2895 + "weekly_downloads": 2715 }, "notes": null }, @@ -651,7 +651,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…" } ], - "average_daily_users": 1266195, + "average_daily_users": 1271165, "categories": { "firefox": [ "privacy-security" @@ -1170,9 +1170,9 @@ "category": "recommended" }, "ratings": { - "average": 4.8028, - "bayesian_average": 4.800114682839264, - "count": 2515, + "average": 4.803, + "bayesian_average": 4.800317190701833, + "count": 2518, "text_count": 474 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/", @@ -1197,7 +1197,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/", - "weekly_downloads": 23651 + "weekly_downloads": 23241 }, "notes": null }, @@ -1213,7 +1213,7 @@ "picture_url": null } ], - "average_daily_users": 8366519, + "average_daily_users": 8420658, "categories": { "firefox": [ "privacy-security" @@ -1378,7 +1378,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2024-09-22T16:00:37Z", + "last_updated": "2024-09-29T16:50:40Z", "name": { "ar": "uBlock Origin", "bg": "uBlock Origin", @@ -1523,10 +1523,10 @@ "category": "recommended" }, "ratings": { - "average": 4.7907, - "bayesian_average": 4.79033490555104, - "count": 18453, - "text_count": 4820 + "average": 4.791, + "bayesian_average": 4.790635808907738, + "count": 18504, + "text_count": 4830 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/", "requires_payment": false, @@ -1589,7 +1589,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/", - "weekly_downloads": 200561 + "weekly_downloads": 199435 }, "notes": null }, @@ -1605,7 +1605,7 @@ "picture_url": null } ], - "average_daily_users": 185437, + "average_daily_users": 186259, "categories": { "firefox": [ "photos-music-videos", @@ -1701,10 +1701,10 @@ "category": "recommended" }, "ratings": { - "average": 4.4547, - "bayesian_average": 4.449884980099753, - "count": 1280, - "text_count": 495 + "average": 4.4528, + "bayesian_average": 4.447998328835177, + "count": 1283, + "text_count": 498 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…", "requires_payment": false, @@ -1726,7 +1726,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…", - "weekly_downloads": 383 + "weekly_downloads": 343 }, "notes": null }, @@ -1742,7 +1742,7 @@ "picture_url": null } ], - "average_daily_users": 63093, + "average_daily_users": 63018, "categories": { "firefox": [ "privacy-security", @@ -1877,7 +1877,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/", - "weekly_downloads": 315 + "weekly_downloads": 280 }, "notes": null }, @@ -1893,7 +1893,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…" } ], - "average_daily_users": 362010, + "average_daily_users": 363451, "categories": { "firefox": [ "search-tools", @@ -2110,10 +2110,10 @@ "category": "recommended" }, "ratings": { - "average": 4.6193, - "bayesian_average": 4.615135958292723, - "count": 1547, - "text_count": 309 + "average": 4.6174, + "bayesian_average": 4.613245740860053, + "count": 1550, + "text_count": 310 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/", "requires_payment": false, @@ -2136,7 +2136,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/", - "weekly_downloads": 5685 + "weekly_downloads": 5585 }, "notes": null }, @@ -2159,7 +2159,7 @@ "picture_url": null } ], - "average_daily_users": 122255, + "average_daily_users": 122336, "categories": { "firefox": [ "search-tools", @@ -2440,9 +2440,9 @@ "category": "recommended" }, "ratings": { - "average": 4.3811, - "bayesian_average": 4.3767733606543135, - "count": 1396, + "average": 4.3815, + "bayesian_average": 4.377175971962635, + "count": 1397, "text_count": 392 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/", @@ -2463,7 +2463,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/", - "weekly_downloads": 35 + "weekly_downloads": 25 }, "notes": null }, @@ -2479,7 +2479,7 @@ "picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…" } ], - "average_daily_users": 289757, + "average_daily_users": 290589, "categories": { "firefox": [ "privacy-security", @@ -2489,7 +2489,7 @@ "contributions_url": "https://www.paypal.com/donate/?hosted_button_id=9ERKTU5MBH4EW&utm_content=p…", "created": "2005-05-13T10:51:32Z", "current_version": { - "id": 5805224, + "id": 5813035, "compatibility": { "firefox": { "min": "59.0", @@ -2500,7 +2500,7 @@ "max": "*" } }, - "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5805224", + "edit_url": "https://addons.mozilla.org/en-US/developers/addon/noscript/versions/5813035", "is_strict_compatibility_enabled": false, "license": { "id": 13, @@ -2511,22 +2511,22 @@ "url": "https://www.gnu.org/licenses/gpl-2.0.html" }, "release_notes": { - "en-US": "v 11.4.37\n============================================================\nx [nscl] Do not patch windows with WebGLHook if webgl is\n globally disabled\nx [nscl] Do not patch workers if webgl is globally disabled\nx [L10n] Updated uk\nx [nscl] Workers-aware WebGL Hook" + "en-US": "11.4.40\n============================================================\nx [nscl] Fix patched workers failures caused by Firefox\n webRequest filters disconnect() breaking on large files\n (thanks barbaz for reporting)\n\nv 11.4.39\n============================================================\nx [nscl] Improved WebGL-hooking and worker patching\n stability\nx [L10n] Lower to 90% the threshold for including a new\n translation\nx [L10n] Updated he, pt_PT\nx [nscl] Prevent patchWindow from throwing on SOP violations\nx [nscl] Correctly propagate extra arguments to shadowed\n worker constructors" }, - "reviewed": "2024-09-10T14:37:13Z", - "version": "11.4.37", + "reviewed": "2024-09-26T09:59:52Z", + "version": "11.4.40", "files": [ { - "id": 4349514, - "created": "2024-09-08T16:36:27Z", - "hash": "sha256:5e9921599c63e0b357851ea7ca1354554b3af2c676bbbfff5687cafce4396c18", + "id": 4357325, + "created": "2024-09-22T06:25:28Z", + "hash": "sha256:242ead426159d871480a13062cbee08abc97da746cdc5c643aee2692e9adbbb2", "is_restart_required": false, "is_webextension": true, "is_mozilla_signed_extension": false, "platform": "all", - "size": 964305, + "size": 965455, "status": "public", - "url": "https://addons.mozilla.org/firefox/downloads/file/4349514/noscript-11.4.37.…", + "url": "https://addons.mozilla.org/firefox/downloads/file/4357325/noscript-11.4.40.…", "permissions": [ "contextMenus", "storage", @@ -2593,7 +2593,7 @@ }, "is_disabled": false, "is_experimental": false, - "last_updated": "2024-09-21T23:20:33Z", + "last_updated": "2024-09-26T09:59:52Z", "name": { "de": "NoScript", "el": "NoScript", @@ -2665,10 +2665,10 @@ "category": "recommended" }, "ratings": { - "average": 4.409, - "bayesian_average": 4.406329174495118, - "count": 2279, - "text_count": 867 + "average": 4.4095, + "bayesian_average": 4.406829615955648, + "count": 2281, + "text_count": 868 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/", "requires_payment": false, @@ -2712,7 +2712,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/", - "weekly_downloads": 7547 + "weekly_downloads": 7253 }, "notes": null }, @@ -2728,7 +2728,7 @@ "picture_url": null } ], - "average_daily_users": 163291, + "average_daily_users": 164045, "categories": { "firefox": [ "photos-music-videos", @@ -2838,9 +2838,9 @@ "category": "recommended" }, "ratings": { - "average": 3.8362, - "bayesian_average": 3.832209285841853, - "count": 1282, + "average": 3.8371, + "bayesian_average": 3.8331062194266265, + "count": 1283, "text_count": 464 }, "ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…", @@ -2860,7 +2860,7 @@ "type": "extension", "url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/", "versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…", - "weekly_downloads": 1740 + "weekly_downloads": 1559 }, "notes": null } ===================================== projects/browser/config ===================================== @@ -104,9 +104,9 @@ input_files: enable: '[% ! c("var/android") %]' - filename: Bundle-Data enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4349514/noscript-11.4.37.… + - URL: https://addons.mozilla.org/firefox/downloads/file/4357325/noscript-11.4.40.… name: noscript - sha256sum: 5e9921599c63e0b357851ea7ca1354554b3af2c676bbbfff5687cafce4396c18 + sha256sum: 242ead426159d871480a13062cbee08abc97da746cdc5c643aee2692e9adbbb2 - URL: https://addons.mozilla.org/firefox/downloads/file/4328681/ublock_origin-1.5… name: ublock-origin sha256sum: 1db9c676a07d141f8d36dbbc24f9e3d64a6cc2340dbfc6c848bc4395f96cfb14 ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.15.0 + firefox_platform_version: 115.16.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 5 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' @@ -103,7 +103,6 @@ targets: mullvadbrowser: git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git var: - browser_build: 2 branding_directory_prefix: 'mb' gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' ===================================== projects/geckoview/config ===================================== @@ -14,9 +14,9 @@ container: use_container: 1 var: - geckoview_version: 115.15.0esr + geckoview_version: 115.16.0esr browser_branch: 13.5-1 - browser_build: 5 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: 16446c485b3be4198a7e79bfcac6510784a18506 + git_hash: a142f78af87f994913faa15fb4b0f34f0ce1a22b targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: a2bf4c2f45736958ac99f60e60b9f6d0e94454c3 + git_hash: 04f824bce1b6fb4b989bb9303949af17eab11406 targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 12b033e4192448315794f5fe8203fe91dcc29a8c + git_hash: 559ac499551ba78889c61b5dc0669ba10a256674 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -73,18 +73,19 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5.5' + torbrowser_version: '13.5.6' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2024/09/25 17:40:27' + browser_release_date: '2024/09/30 23:05:10' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - '[% IF c("var/tor-browser") %]13.5.5[% END %]' - '[% IF c("var/tor-browser") %]13.5.4[% END %]' - 13.5.3 - - 13.5.2 + - '[% IF c("var/mullvad-browser") %]13.5.2[% END %]' - '[% IF c("var/mullvad-browser") %]13.5.1[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag mullvad-browser-115.16.0esr-13.5-1-build2
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed new tag mullvad-browser-115.16.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/mullvad-b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.16.0esr-13.5-1] 7 commits: Bug 1881037 - Part 1: Stop showing unknown protocol error pages for...
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed to branch mullvad-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: eafe617f by Nika Layzell at 2024-10-01T00:57:18+02:00 Bug 1881037 - Part 1: Stop showing unknown protocol error pages for web-triggered loads, r=smaug,necko-reviewers,kershaw, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D217495 - - - - - db726edf by Paul Zuehlcke at 2024-10-01T00:57:20+02:00 Bug 1916659, a=diannaS Original Revision: https://phabricator.services.mozilla.com/D222629 Differential Revision: https://phabricator.services.mozilla.com/D222934 - - - - - be142b0d by André Bargull at 2024-10-01T00:57:21+02:00 Bug 1915249: Add more nodiscard. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D220311 Differential Revision: https://phabricator.services.mozilla.com/D221663 - - - - - bfc54ed4 by Emilio Cobos Álvarez at 2024-10-01T00:57:23+02:00 Bug 1914106 - Deal with insertRule edge-case. r=jwatt a=RyanVM When there's trailing garbage after an @import rule we throw, but we still trigger the load (that's not great but not trivial to change). Deal with that case before calling ImportRuleLoaded(). Differential Revision: https://phabricator.services.mozilla.com/D219783 - - - - - cb01df5c by Steve Fink at 2024-10-01T00:57:25+02:00 Bug 1912471 - Disallow deserializing structured clone buffers with transferables more than once r=iain, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D220644 - - - - - 84dc8a8a by Nika Layzell at 2024-10-01T00:57:26+02:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - 0fe417ba by Kershaw Chang at 2024-10-01T00:57:28+02:00 Bug 1907726 - Make sure WebTransportSessionProxy::NotifyDatagramReceived is called after OnStopRequest, a=RyanVM The crash occurs because WebTransportSessionProxy::OnDatagramReceivedInternal is called before WebTransportSessionProxy::OnStopRequest. When this happens, WebTransportSessionProxy::mTarget is the main thread, so a task is dispatched to the main thread. This causes WebTransportSessionProxy::NotifyDatagramReceived to be called on the main thread. If WebTransportSessionProxy::NotifyDatagramReceived is invoked while WebTransportSessionProxy::mStopRequestCalled is true, it can lead to OnDatagramReceived being called on the main thread (instead of the socket thread), resulting in a crash. Original Revision: https://phabricator.services.mozilla.com/D220013 Differential Revision: https://phabricator.services.mozilla.com/D221661 - - - - - 22 changed files: - browser/base/content/test/tabPrompts/browser_confirmFolderUpload.js - browser/components/prompts/PromptCollection.sys.mjs - docshell/base/BrowsingContext.cpp - docshell/base/BrowsingContext.h - docshell/base/nsDocShell.cpp - docshell/base/nsDocShell.h - dom/base/Document.cpp - dom/base/Document.h - dom/base/ShadowRoot.cpp - dom/base/ShadowRoot.h - dom/filesystem/tests/script_promptHandler.js - js/public/StructuredClone.h - js/public/friend/ErrorNumbers.msg - js/src/jit-test/tests/structured-clone/transferable-cleanup.js - js/src/jit/IonAnalysis.cpp - js/src/vm/StructuredClone.cpp - layout/style/ServoStyleSet.cpp - layout/style/ServoStyleSet.h - layout/style/StyleSheet.cpp - netwerk/ipc/DocumentLoadListener.cpp - netwerk/protocol/webtransport/WebTransportSessionProxy.cpp - + testing/web-platform/tests/css/cssom/insertRule-import-trailing-garbage-crash.html Changes: ===================================== browser/base/content/test/tabPrompts/browser_confirmFolderUpload.js ===================================== @@ -101,8 +101,29 @@ async function testUploadPrompt(confirmUpload) { // Wait for confirmation prompt let prompt = await promptPromise; ok(prompt, "Shown upload confirmation prompt"); + is(prompt.ui.button0.label, "Upload", "Accept button label"); + ok( + prompt.ui.button0.disabled, + "Accept button should be disabled by the security delay initially." + ); + ok(prompt.ui.button1.hasAttribute("default"), "Cancel is default button"); + ok( + !prompt.ui.button1.disabled, + "Cancel button should not be disabled by the security delay." + ); + + info("Wait for the security delay to pass."); + let delayTime = Services.prefs.getIntPref("security.dialog_enable_delay"); + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, delayTime + 100)); + + ok( + !prompt.ui.button0.disabled, + "Accept button should no longer be disabled." + ); + ok(!prompt.ui.button1.disabled, "Cancel button should remain enabled."); // Close confirmation prompt await PromptTestUtils.handlePrompt(prompt, { ===================================== browser/components/prompts/PromptCollection.sys.mjs ===================================== @@ -156,7 +156,7 @@ export class PromptCollection { Services.prompt.MODAL_TYPE_TAB, title, message, - buttonFlags, + buttonFlags | Ci.nsIPrompt.BUTTON_DELAY_ENABLE, acceptLabel, null, null, ===================================== docshell/base/BrowsingContext.cpp ===================================== @@ -572,9 +572,19 @@ mozilla::ipc::IPCResult BrowsingContext::CreateFromIPC( context->mRequestContextId = aInit.mRequestContextId; // NOTE: Private browsing ID is set by `SetOriginAttributes`. + if (const char* failure = + context->BrowsingContextCoherencyChecks(aOriginProcess)) { + mozilla::ipc::IProtocol* actor = aOriginProcess; + if (!actor) { + actor = ContentChild::GetSingleton(); + } + return IPC_FAIL(actor, "Incoherent BrowsingContext"); + } + Register(context); - return context->Attach(/* aFromIPC */ true, aOriginProcess); + context->Attach(/* aFromIPC */ true, aOriginProcess); + return IPC_OK(); } BrowsingContext::BrowsingContext(WindowContext* aParentWindow, @@ -786,8 +796,64 @@ void BrowsingContext::Embed() { } } -mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, - ContentParent* aOriginProcess) { +const char* BrowsingContext::BrowsingContextCoherencyChecks( + ContentParent* aOriginProcess) { +#define COHERENCY_ASSERT(condition) \ + if (!(condition)) return "Assertion " #condition " failed"; + + if (mGroup->IsPotentiallyCrossOriginIsolated() != + (Top()->GetOpenerPolicy() == + nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP)) { + return "Invalid CrossOriginIsolated state"; + } + + if (aOriginProcess && !IsContent()) { + return "Content cannot create chrome BCs"; + } + + // LoadContext should generally match our opener or parent. + if (IsContent()) { + if (RefPtr<BrowsingContext> opener = GetOpener()) { + COHERENCY_ASSERT(opener->mType == mType); + COHERENCY_ASSERT(opener->mGroup == mGroup); + COHERENCY_ASSERT(opener->mUseRemoteTabs == mUseRemoteTabs); + COHERENCY_ASSERT(opener->mUseRemoteSubframes == mUseRemoteSubframes); + COHERENCY_ASSERT(opener->mPrivateBrowsingId == mPrivateBrowsingId); + COHERENCY_ASSERT( + opener->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); + } + } + if (RefPtr<BrowsingContext> parent = GetParent()) { + COHERENCY_ASSERT(parent->mType == mType); + COHERENCY_ASSERT(parent->mGroup == mGroup); + COHERENCY_ASSERT(parent->mUseRemoteTabs == mUseRemoteTabs); + COHERENCY_ASSERT(parent->mUseRemoteSubframes == mUseRemoteSubframes); + COHERENCY_ASSERT(parent->mPrivateBrowsingId == mPrivateBrowsingId); + COHERENCY_ASSERT( + parent->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); + } + + // UseRemoteSubframes and UseRemoteTabs must match. + if (mUseRemoteSubframes && !mUseRemoteTabs) { + return "Cannot set useRemoteSubframes without also setting useRemoteTabs"; + } + + // Double-check OriginAttributes/Private Browsing + // Chrome browsing contexts must not have a private browsing OriginAttribute + // Content browsing contexts must maintain the equality: + // mOriginAttributes.mPrivateBrowsingId == mPrivateBrowsingId + if (IsChrome()) { + COHERENCY_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0); + } else { + COHERENCY_ASSERT(mOriginAttributes.mPrivateBrowsingId == + mPrivateBrowsingId); + } +#undef COHERENCY_ASSERT + + return nullptr; +} + +void BrowsingContext::Attach(bool aFromIPC, ContentParent* aOriginProcess) { MOZ_DIAGNOSTIC_ASSERT(!mEverAttached); MOZ_DIAGNOSTIC_ASSERT_IF(aFromIPC, aOriginProcess || XRE_IsContentProcess()); mEverAttached = true; @@ -806,25 +872,15 @@ mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, MOZ_DIAGNOSTIC_ASSERT(mGroup); MOZ_DIAGNOSTIC_ASSERT(!mIsDiscarded); - if (mGroup->IsPotentiallyCrossOriginIsolated() != - (Top()->GetOpenerPolicy() == - nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP)) { - MOZ_DIAGNOSTIC_ASSERT(aFromIPC); - if (aFromIPC) { - auto* actor = aOriginProcess - ? static_cast<mozilla::ipc::IProtocol*>(aOriginProcess) - : static_cast<mozilla::ipc::IProtocol*>( - ContentChild::GetSingleton()); - return IPC_FAIL( - actor, - "Invalid CrossOriginIsolated state in BrowsingContext::Attach call"); - } else { - MOZ_CRASH( - "Invalid CrossOriginIsolated state in BrowsingContext::Attach call"); +#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED + // We'll already have checked this if `aFromIPC` is set before calling this + // function. + if (!aFromIPC) { + if (const char* failure = BrowsingContextCoherencyChecks(aOriginProcess)) { + MOZ_CRASH_UNSAFE_PRINTF("Incoherent BrowsingContext: %s", failure); } } - - AssertCoherentLoadContext(); +#endif // Add ourselves either to our parent or BrowsingContextGroup's child list. // Important: We shouldn't return IPC_FAIL after this point, since the @@ -906,7 +962,6 @@ mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, if (XRE_IsParentProcess()) { Canonical()->CanonicalAttach(); } - return IPC_OK(); } void BrowsingContext::Detach(bool aFromIPC) { @@ -1743,40 +1798,6 @@ nsresult BrowsingContext::SetOriginAttributes(const OriginAttributes& aAttrs) { return NS_OK; } -void BrowsingContext::AssertCoherentLoadContext() { -#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED - // LoadContext should generally match our opener or parent. - if (IsContent()) { - if (RefPtr<BrowsingContext> opener = GetOpener()) { - MOZ_DIAGNOSTIC_ASSERT(opener->mType == mType); - MOZ_DIAGNOSTIC_ASSERT(opener->mGroup == mGroup); - MOZ_DIAGNOSTIC_ASSERT(opener->mUseRemoteTabs == mUseRemoteTabs); - MOZ_DIAGNOSTIC_ASSERT(opener->mUseRemoteSubframes == mUseRemoteSubframes); - MOZ_DIAGNOSTIC_ASSERT(opener->mPrivateBrowsingId == mPrivateBrowsingId); - MOZ_DIAGNOSTIC_ASSERT( - opener->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); - } - } - if (RefPtr<BrowsingContext> parent = GetParent()) { - MOZ_DIAGNOSTIC_ASSERT(parent->mType == mType); - MOZ_DIAGNOSTIC_ASSERT(parent->mGroup == mGroup); - MOZ_DIAGNOSTIC_ASSERT(parent->mUseRemoteTabs == mUseRemoteTabs); - MOZ_DIAGNOSTIC_ASSERT(parent->mUseRemoteSubframes == mUseRemoteSubframes); - MOZ_DIAGNOSTIC_ASSERT(parent->mPrivateBrowsingId == mPrivateBrowsingId); - MOZ_DIAGNOSTIC_ASSERT( - parent->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); - } - - // UseRemoteSubframes and UseRemoteTabs must match. - MOZ_DIAGNOSTIC_ASSERT( - !mUseRemoteSubframes || mUseRemoteTabs, - "Cannot set useRemoteSubframes without also setting useRemoteTabs"); - - // Double-check OriginAttributes/Private Browsing - AssertOriginAttributesMatchPrivateBrowsing(); -#endif -} - void BrowsingContext::AssertOriginAttributesMatchPrivateBrowsing() { // Chrome browsing contexts must not have a private browsing OriginAttribute // Content browsing contexts must maintain the equality: ===================================== docshell/base/BrowsingContext.h ===================================== @@ -971,7 +971,18 @@ class BrowsingContext : public nsILoadContext, public nsWrapperCache { bool aHasPostData); private: - mozilla::ipc::IPCResult Attach(bool aFromIPC, ContentParent* aOriginProcess); + // Assert that this BrowsingContext is coherent relative to related + // BrowsingContexts. This will be run before the BrowsingContext is attached. + // + // A non-null string return value indicates that there was a coherency check + // failure, which will be handled with either a crash or IPC failure. + // + // If provided, `aOriginProcess` is the process which is responsible for the + // creation of this BrowsingContext. + [[nodiscard]] const char* BrowsingContextCoherencyChecks( + ContentParent* aOriginProcess); + + void Attach(bool aFromIPC, ContentParent* aOriginProcess); // Recomputes whether we can execute scripts in this BrowsingContext based on // the value of AllowJavascript() and whether scripts are allowed in the @@ -985,10 +996,6 @@ class BrowsingContext : public nsILoadContext, public nsWrapperCache { void AssertOriginAttributesMatchPrivateBrowsing(); - // Assert that the BrowsingContext's LoadContext flags appear coherent - // relative to related BrowsingContexts. - void AssertCoherentLoadContext(); - friend class ::nsOuterWindowProxy; friend class ::nsGlobalWindowOuter; friend class WindowContext; ===================================== docshell/base/nsDocShell.cpp ===================================== @@ -6254,7 +6254,7 @@ already_AddRefed<nsIURI> nsDocShell::AttemptURIFixup( nsresult nsDocShell::FilterStatusForErrorPage( nsresult aStatus, nsIChannel* aChannel, uint32_t aLoadType, - bool aIsTopFrame, bool aUseErrorPages, bool aIsInitialDocument, + bool aIsTopFrame, bool aUseErrorPages, bool* aSkippedUnknownProtocolNavigation) { // Errors to be shown only on top-level frames if ((aStatus == NS_ERROR_UNKNOWN_HOST || @@ -6298,18 +6298,10 @@ nsresult nsDocShell::FilterStatusForErrorPage( if (aStatus == NS_ERROR_UNKNOWN_PROTOCOL) { // For unknown protocols we only display an error if the load is triggered - // by the browser itself, or we're replacing the initial document (and - // nothing else). Showing the error for page-triggered navigations causes - // annoying behavior for users, see bug 1528305. - // - // We could, maybe, try to detect if this is in response to some user - // interaction (like clicking a link, or something else) and maybe show - // the error page in that case. But this allows for ctrl+clicking and such - // to see the error page. + // by the browser itself. Showing the error for page-triggered navigations + // causes annoying behavior for users, see bug 1528305. nsCOMPtr<nsILoadInfo> info = aChannel->LoadInfo(); - if (!info->TriggeringPrincipal()->IsSystemPrincipal() && - StaticPrefs::dom_no_unknown_protocol_error_enabled() && - !aIsInitialDocument) { + if (!info->TriggeringPrincipal()->IsSystemPrincipal()) { if (aSkippedUnknownProtocolNavigation) { *aSkippedUnknownProtocolNavigation = true; } @@ -6459,12 +6451,9 @@ nsresult nsDocShell::EndPageLoad(nsIWebProgress* aProgress, aStatus == NS_ERROR_CONTENT_BLOCKED); UnblockEmbedderLoadEventForFailure(fireFrameErrorEvent); - bool isInitialDocument = - !GetExtantDocument() || GetExtantDocument()->IsInitialDocument(); bool skippedUnknownProtocolNavigation = false; aStatus = FilterStatusForErrorPage(aStatus, aChannel, mLoadType, isTopFrame, mBrowsingContext->GetUseErrorPages(), - isInitialDocument, &skippedUnknownProtocolNavigation); hadErrorStatus = true; if (NS_FAILED(aStatus)) { ===================================== docshell/base/nsDocShell.h ===================================== @@ -464,7 +464,7 @@ class nsDocShell final : public nsDocLoader, // navigation. static nsresult FilterStatusForErrorPage( nsresult aStatus, nsIChannel* aChannel, uint32_t aLoadType, - bool aIsTopFrame, bool aUseErrorPages, bool aIsInitialDocument, + bool aIsTopFrame, bool aUseErrorPages, bool* aSkippedUnknownProtocolNavigation = nullptr); // Notify consumers of a search being loaded through the observer service: ===================================== dom/base/Document.cpp ===================================== @@ -8266,7 +8266,7 @@ void Document::RuleAdded(StyleSheet& aSheet, css::Rule& aRule) { } } -void Document::ImportRuleLoaded(dom::CSSImportRule& aRule, StyleSheet& aSheet) { +void Document::ImportRuleLoaded(StyleSheet& aSheet) { if (aSheet.IsApplicable()) { ApplicableStylesChanged(); } ===================================== dom/base/Document.h ===================================== @@ -2135,7 +2135,7 @@ class Document : public nsINode, void RuleAdded(StyleSheet&, css::Rule&); void RuleRemoved(StyleSheet&, css::Rule&); void SheetCloned(StyleSheet&) {} - void ImportRuleLoaded(CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); /** * Flush notifications for this document and its parent documents ===================================== dom/base/ShadowRoot.cpp ===================================== @@ -412,7 +412,7 @@ void ShadowRoot::RuleChanged(StyleSheet& aSheet, css::Rule*, ApplicableRulesChanged(); } -void ShadowRoot::ImportRuleLoaded(CSSImportRule&, StyleSheet& aSheet) { +void ShadowRoot::ImportRuleLoaded(StyleSheet& aSheet) { if (mStyleRuleMap) { mStyleRuleMap->SheetAdded(aSheet); } ===================================== dom/base/ShadowRoot.h ===================================== @@ -86,7 +86,7 @@ class ShadowRoot final : public DocumentFragment, void RuleAdded(StyleSheet&, css::Rule&); void RuleRemoved(StyleSheet&, css::Rule&); void RuleChanged(StyleSheet&, css::Rule*, StyleRuleChangeKind); - void ImportRuleLoaded(CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); void SheetCloned(StyleSheet&); void StyleSheetApplicableStateChanged(StyleSheet&); ===================================== dom/filesystem/tests/script_promptHandler.js ===================================== @@ -2,7 +2,45 @@ let dialogObserverTopic = "common-dialog-loaded"; -function dialogObserver(subj, topic, data) { +function waitForButtonEnabledState(button) { + return new Promise(resolve => { + // Check if the button is already enabled (not disabled) + if (!button.disabled) { + resolve(); + return; + } + + // Create a MutationObserver instance + let win = button.ownerGlobal; + let { MutationObserver } = win; + const observer = new MutationObserver(mutationsList => { + for (const mutation of mutationsList) { + if ( + mutation.type === "attributes" && + mutation.attributeName === "disabled" + ) { + if (!button.disabled) { + // Resolve the promise when the button is enabled + observer.disconnect(); // Stop observing + resolve(); + } + } + } + }); + + // Start observing the button for changes to the 'disabled' attribute + observer.observe(button, { + attributes: true, + attributeFilter: ["disabled"], + }); + }); +} + +async function dialogObserver(subj) { + let dialog = subj.document.querySelector("dialog"); + let acceptButton = dialog.getButton("accept"); + await waitForButtonEnabledState(acceptButton); + subj.document.querySelector("dialog").acceptDialog(); sendAsyncMessage("promptAccepted"); } ===================================== js/public/StructuredClone.h ===================================== @@ -744,6 +744,7 @@ class JS_PUBLIC_API JSAutoStructuredCloneBuffer { #define JS_SCERR_WASM_NO_TRANSFER 6 #define JS_SCERR_NOT_CLONABLE 7 #define JS_SCERR_NOT_CLONABLE_WITH_COOP_COEP 8 +#define JS_SCERR_TRANSFERABLE_TWICE 9 JS_PUBLIC_API bool JS_ReadUint32Pair(JSStructuredCloneReader* r, uint32_t* p1, uint32_t* p2); ===================================== js/public/friend/ErrorNumbers.msg ===================================== @@ -527,6 +527,7 @@ MSG_DEF(JSMSG_SC_BAD_CLONE_VERSION, 0, JSEXN_ERR, "unsupported structured clo MSG_DEF(JSMSG_SC_BAD_SERIALIZED_DATA, 1, JSEXN_INTERNALERR, "bad serialized structured data ({0})") MSG_DEF(JSMSG_SC_DUP_TRANSFERABLE, 0, JSEXN_TYPEERR, "duplicate transferable for structured clone") MSG_DEF(JSMSG_SC_NOT_TRANSFERABLE, 0, JSEXN_TYPEERR, "invalid transferable array for structured clone") +MSG_DEF(JSMSG_SC_TRANSFERABLE_TWICE, 0, JSEXN_TYPEERR, "structured clone cannot transfer twice") MSG_DEF(JSMSG_SC_UNSUPPORTED_TYPE, 0, JSEXN_TYPEERR, "unsupported type for structured data") MSG_DEF(JSMSG_SC_NOT_CLONABLE, 1, JSEXN_TYPEERR, "The {0} object cannot be serialized. The Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy HTTP headers will enable this in the future.") MSG_DEF(JSMSG_SC_NOT_CLONABLE_WITH_COOP_COEP, 1, JSEXN_TYPEERR, "The {0} object cannot be serialized. The Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy HTTP headers can be used to enable this.") ===================================== js/src/jit-test/tests/structured-clone/transferable-cleanup.js ===================================== @@ -160,6 +160,15 @@ function testMultiWithDeserializeReadTransferErrorHelper(g, BASE, desc) { } catch (e) { assertEq(e.message.includes("invalid transferable"), true); } + + try { + // This fails without logging anything, since the re-transfer will be caught + // by looking at its header before calling any callbacks. + let clone = deserialize(s); + } catch (e) { + assertEq(e.message.includes("cannot transfer twice"), true); + } + s = null; gc(); printTrace(arguments.callee.name, g, BASE, obj.log, "deserialize"); @@ -170,6 +179,7 @@ function testMultiWithDeserializeReadTransferErrorHelper(g, BASE, desc) { // which comes before the main reading. obj transfer data is now owned by its // clone. obj3 transfer data was not successfully handed over to a new object, // so it is still owned by the clone buffer and must be discarded with freeTransfer. + // 'F' means the data is freed. BASE + 3, "F", ], "deserialize " + desc); obj.log = null; ===================================== js/src/jit/IonAnalysis.cpp ===================================== @@ -29,8 +29,9 @@ using MPhiUseIteratorStack = // Look for Phi uses with a depth-first search. If any uses are found the stack // of MPhi instructions is returned in the |worklist| argument. -static bool DepthFirstSearchUse(MIRGenerator* mir, - MPhiUseIteratorStack& worklist, MPhi* phi) { +[[nodiscard]] static bool DepthFirstSearchUse(MIRGenerator* mir, + MPhiUseIteratorStack& worklist, + MPhi* phi) { // Push a Phi and the next use to iterate over in the worklist. auto push = [&worklist](MPhi* phi, MUseIterator use) -> bool { phi->setInWorklist(); @@ -131,9 +132,9 @@ static bool DepthFirstSearchUse(MIRGenerator* mir, return true; } -static bool FlagPhiInputsAsImplicitlyUsed(MIRGenerator* mir, MBasicBlock* block, - MBasicBlock* succ, - MPhiUseIteratorStack& worklist) { +[[nodiscard]] static bool FlagPhiInputsAsImplicitlyUsed( + MIRGenerator* mir, MBasicBlock* block, MBasicBlock* succ, + MPhiUseIteratorStack& worklist) { // When removing an edge between 2 blocks, we might remove the ability of // later phases to figure out that the uses of a Phi should be considered as // a use of all its inputs. Thus we need to mark the Phi inputs as being @@ -265,7 +266,7 @@ static MInstructionIterator FindFirstInstructionAfterBail(MBasicBlock* block) { // Given an iterator pointing to the first removed instruction, mark // the operands of each removed instruction as having implicit uses. -static bool FlagOperandsAsImplicitlyUsedAfter( +[[nodiscard]] static bool FlagOperandsAsImplicitlyUsedAfter( MIRGenerator* mir, MBasicBlock* block, MInstructionIterator firstRemoved) { MOZ_ASSERT(firstRemoved->block() == block); @@ -312,8 +313,8 @@ static bool FlagOperandsAsImplicitlyUsedAfter( return true; } -static bool FlagEntryResumePointOperands(MIRGenerator* mir, - MBasicBlock* block) { +[[nodiscard]] static bool FlagEntryResumePointOperands(MIRGenerator* mir, + MBasicBlock* block) { // Flag observable operands of the entry resume point as having implicit uses. MResumePoint* rp = block->entryResumePoint(); while (rp) { @@ -334,8 +335,8 @@ static bool FlagEntryResumePointOperands(MIRGenerator* mir, return true; } -static bool FlagAllOperandsAsImplicitlyUsed(MIRGenerator* mir, - MBasicBlock* block) { +[[nodiscard]] static bool FlagAllOperandsAsImplicitlyUsed(MIRGenerator* mir, + MBasicBlock* block) { return FlagEntryResumePointOperands(mir, block) && FlagOperandsAsImplicitlyUsedAfter(mir, block, block->begin()); } @@ -420,12 +421,16 @@ bool jit::PruneUnusedBranches(MIRGenerator* mir, MIRGraph& graph) { if (!block->isMarked()) { // If we are removing the block entirely, mark the operands of every // instruction as being implicitly used. - FlagAllOperandsAsImplicitlyUsed(mir, block); + if (!FlagAllOperandsAsImplicitlyUsed(mir, block)) { + return false; + } } else if (block->alwaysBails()) { // If we are only trimming instructions after a bail, only mark operands // of removed instructions. MInstructionIterator firstRemoved = FindFirstInstructionAfterBail(block); - FlagOperandsAsImplicitlyUsedAfter(mir, block, firstRemoved); + if (!FlagOperandsAsImplicitlyUsedAfter(mir, block, firstRemoved)) { + return false; + } } } @@ -503,7 +508,8 @@ bool jit::PruneUnusedBranches(MIRGenerator* mir, MIRGraph& graph) { return true; } -static bool SplitCriticalEdgesForBlock(MIRGraph& graph, MBasicBlock* block) { +[[nodiscard]] static bool SplitCriticalEdgesForBlock(MIRGraph& graph, + MBasicBlock* block) { if (block->numSuccessors() < 2) { return true; } @@ -767,8 +773,8 @@ static bool IsDiamondPattern(MBasicBlock* initialBlock) { return true; } -static bool MaybeFoldDiamondConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldDiamondConditionBlock( + MIRGraph& graph, MBasicBlock* initialBlock) { MOZ_ASSERT(IsDiamondPattern(initialBlock)); // Optimize the MIR graph to improve the code generated for conditional @@ -936,8 +942,8 @@ static bool IsTrianglePattern(MBasicBlock* initialBlock) { return false; } -static bool MaybeFoldTriangleConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldTriangleConditionBlock( + MIRGraph& graph, MBasicBlock* initialBlock) { MOZ_ASSERT(IsTrianglePattern(initialBlock)); // Optimize the MIR graph to improve the code generated for boolean @@ -1089,8 +1095,8 @@ static bool MaybeFoldTriangleConditionBlock(MIRGraph& graph, return true; } -static bool MaybeFoldConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldConditionBlock(MIRGraph& graph, + MBasicBlock* initialBlock) { if (IsDiamondPattern(initialBlock)) { return MaybeFoldDiamondConditionBlock(graph, initialBlock); } @@ -1100,7 +1106,8 @@ static bool MaybeFoldConditionBlock(MIRGraph& graph, return true; } -static bool MaybeFoldTestBlock(MIRGraph& graph, MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldTestBlock(MIRGraph& graph, + MBasicBlock* initialBlock) { // Handle test expressions on more than two inputs. For example // |if ((x > 10) && (y > 20) && (z > 30)) { ... }|, which results in the below // pattern. @@ -2752,7 +2759,9 @@ bool jit::RemoveUnmarkedBlocks(MIRGenerator* mir, MIRGraph& graph, continue; } - FlagAllOperandsAsImplicitlyUsed(mir, block); + if (!FlagAllOperandsAsImplicitlyUsed(mir, block)) { + return false; + } } // Find unmarked blocks and remove them. @@ -4003,8 +4012,8 @@ bool jit::EliminateRedundantShapeGuards(MIRGraph& graph) { return true; } -static bool TryEliminateGCBarriersForAllocation(TempAllocator& alloc, - MInstruction* allocation) { +[[nodiscard]] static bool TryEliminateGCBarriersForAllocation( + TempAllocator& alloc, MInstruction* allocation) { MOZ_ASSERT(allocation->type() == MIRType::Object); JitSpew(JitSpew_RedundantGCBarriers, "Analyzing allocation %s", ===================================== js/src/vm/StructuredClone.cpp ===================================== @@ -172,17 +172,25 @@ enum StructuredDataType : uint32_t { /* * Format of transfer map: - * <SCTAG_TRANSFER_MAP_HEADER, TransferableMapHeader(UNREAD|TRANSFERRED)> - * numTransferables (64 bits) - * array of: - * <SCTAG_TRANSFER_MAP_*, TransferableOwnership> - * pointer (64 bits) - * extraData (64 bits), eg byte length for ArrayBuffers + * - <SCTAG_TRANSFER_MAP_HEADER, UNREAD|TRANSFERRING|TRANSFERRED> + * - numTransferables (64 bits) + * - array of: + * - <SCTAG_TRANSFER_MAP_*, TransferableOwnership> pointer (64 + * bits) + * - extraData (64 bits), eg byte length for ArrayBuffers + * - any data written for custom transferables */ // Data associated with an SCTAG_TRANSFER_MAP_HEADER that tells whether the -// contents have been read out yet or not. -enum TransferableMapHeader { SCTAG_TM_UNREAD = 0, SCTAG_TM_TRANSFERRED }; +// contents have been read out yet or not. TRANSFERRING is for the case where we +// have started but not completed reading, which due to errors could mean that +// there are things still owned by the clone buffer that need to be released, so +// discarding should not just be skipped. +enum TransferableMapHeader { + SCTAG_TM_UNREAD = 0, + SCTAG_TM_TRANSFERRING, + SCTAG_TM_TRANSFERRED +}; static inline uint64_t PairToUInt64(uint32_t tag, uint32_t data) { return uint64_t(data) | (uint64_t(tag) << 32); @@ -693,6 +701,10 @@ static void ReportDataCloneError(JSContext* cx, errorNumber = JSMSG_SC_SHMEM_TRANSFERABLE; break; + case JS_SCERR_TRANSFERABLE_TWICE: + errorNumber = JSMSG_SC_TRANSFERABLE_TWICE; + break; + case JS_SCERR_TYPED_ARRAY_DETACHED: errorNumber = JSMSG_TYPED_ARRAY_DETACHED; break; @@ -3209,11 +3221,21 @@ bool JSStructuredCloneReader::readTransferMap() { return in.reportTruncated(); } + auto transferState = static_cast<TransferableMapHeader>(data); + if (tag != SCTAG_TRANSFER_MAP_HEADER || - TransferableMapHeader(data) == SCTAG_TM_TRANSFERRED) { + transferState == SCTAG_TM_TRANSFERRED) { return true; } + if (transferState == SCTAG_TM_TRANSFERRING) { + ReportDataCloneError(cx, callbacks, JS_SCERR_TRANSFERABLE_TWICE, closure); + return false; + } + + headerPos.write( + PairToUInt64(SCTAG_TRANSFER_MAP_HEADER, SCTAG_TM_TRANSFERRING)); + uint64_t numTransferables; MOZ_ALWAYS_TRUE(in.readPair(&tag, &data)); if (!in.read(&numTransferables)) { @@ -3329,7 +3351,7 @@ bool JSStructuredCloneReader::readTransferMap() { #ifdef DEBUG SCInput::getPair(headerPos.peek(), &tag, &data); MOZ_ASSERT(tag == SCTAG_TRANSFER_MAP_HEADER); - MOZ_ASSERT(TransferableMapHeader(data) != SCTAG_TM_TRANSFERRED); + MOZ_ASSERT(TransferableMapHeader(data) == SCTAG_TM_TRANSFERRING); #endif headerPos.write( PairToUInt64(SCTAG_TRANSFER_MAP_HEADER, SCTAG_TM_TRANSFERRED)); ===================================== layout/style/ServoStyleSet.cpp ===================================== @@ -954,7 +954,7 @@ static OriginFlags ToOriginFlags(StyleOrigin aOrigin) { } } -void ServoStyleSet::ImportRuleLoaded(dom::CSSImportRule&, StyleSheet& aSheet) { +void ServoStyleSet::ImportRuleLoaded(StyleSheet& aSheet) { if (mStyleRuleMap) { mStyleRuleMap->SheetAdded(aSheet); } ===================================== layout/style/ServoStyleSet.h ===================================== @@ -133,7 +133,7 @@ class ServoStyleSet { void RuleRemoved(StyleSheet&, css::Rule&); void RuleChanged(StyleSheet&, css::Rule*, StyleRuleChangeKind); void SheetCloned(StyleSheet&); - void ImportRuleLoaded(dom::CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); // Runs style invalidation due to document state changes. void InvalidateStyleForDocumentStateChanges( ===================================== layout/style/StyleSheet.cpp ===================================== @@ -836,15 +836,19 @@ StyleSheet::StyleSheetLoaded(StyleSheet* aSheet, bool aWasDeferred, if (!aSheet->GetParentSheet()) { return NS_OK; // ignore if sheet has been detached already } - MOZ_ASSERT(this == aSheet->GetParentSheet(), - "We are being notified of a sheet load for a sheet that is not " - "our child!"); + MOZ_DIAGNOSTIC_ASSERT(this == aSheet->GetParentSheet(), + "We are being notified of a sheet load for a sheet " + "that is not our child!"); if (NS_FAILED(aStatus)) { return NS_OK; } - - MOZ_ASSERT(aSheet->GetOwnerRule()); - NOTIFY(ImportRuleLoaded, (*aSheet->GetOwnerRule(), *aSheet)); + // The assert below should hold if we stop triggering import loads for invalid + // insertRule() calls, see bug 1914106. + // MOZ_ASSERT(aSheet->GetOwnerRule()); + if (!aSheet->GetOwnerRule()) { + return NS_OK; + } + NOTIFY(ImportRuleLoaded, (*aSheet)); return NS_OK; } ===================================== netwerk/ipc/DocumentLoadListener.cpp ===================================== @@ -2316,15 +2316,9 @@ bool DocumentLoadListener::DocShellWillDisplayContent(nsresult aStatus) { auto* loadingContext = GetLoadingBrowsingContext(); - bool isInitialDocument = true; - if (WindowGlobalParent* currentWindow = - loadingContext->GetCurrentWindowGlobal()) { - isInitialDocument = currentWindow->IsInitialDocument(); - } - nsresult rv = nsDocShell::FilterStatusForErrorPage( aStatus, mChannel, mLoadStateLoadType, loadingContext->IsTop(), - loadingContext->GetUseErrorPages(), isInitialDocument, nullptr); + loadingContext->GetUseErrorPages(), nullptr); if (NS_SUCCEEDED(rv)) { MOZ_LOG(gProcessIsolationLog, LogLevel::Verbose, ===================================== netwerk/protocol/webtransport/WebTransportSessionProxy.cpp ===================================== @@ -1042,15 +1042,6 @@ void WebTransportSessionProxy::NotifyDatagramReceived( MutexAutoLock lock(mMutex); MOZ_ASSERT(mTarget->IsOnCurrentThread()); - if (!mStopRequestCalled) { - CopyableTArray<uint8_t> copied(aData); - mPendingEvents.AppendElement( - [self = RefPtr{this}, data = std::move(copied)]() mutable { - self->NotifyDatagramReceived(std::move(data)); - }); - return; - } - if (mState != WebTransportSessionProxyState::ACTIVE || !mListener) { return; } @@ -1066,6 +1057,15 @@ NS_IMETHODIMP WebTransportSessionProxy::OnDatagramReceivedInternal( { MutexAutoLock lock(mMutex); + if (!mStopRequestCalled) { + CopyableTArray<uint8_t> copied(aData); + mPendingEvents.AppendElement( + [self = RefPtr{this}, data = std::move(copied)]() mutable { + self->OnDatagramReceivedInternal(std::move(data)); + }); + return NS_OK; + } + if (!mTarget->IsOnCurrentThread()) { return mTarget->Dispatch(NS_NewRunnableFunction( "WebTransportSessionProxy::OnDatagramReceived", ===================================== testing/web-platform/tests/css/cssom/insertRule-import-trailing-garbage-crash.html ===================================== @@ -0,0 +1,6 @@ +<!doctype html> +<link rel="help" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1914106"> +<style></style> +<script> +document.querySelector("style").sheet.insertRule("@import url('data:text/css,:root{background:red}');html,body{/* random garbage */}"); +</script> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/4d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/4d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.16.0esr-13.5-1-build2
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed new tag base-browser-115.16.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.16.0esr-13.5-1] 7 commits: Bug 1881037 - Part 1: Stop showing unknown protocol error pages for...
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed to branch base-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 9ce14cc7 by Nika Layzell at 2024-10-01T00:53:35+02:00 Bug 1881037 - Part 1: Stop showing unknown protocol error pages for web-triggered loads, r=smaug,necko-reviewers,kershaw, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D217495 - - - - - 63cf9662 by Paul Zuehlcke at 2024-10-01T00:53:37+02:00 Bug 1916659, a=diannaS Original Revision: https://phabricator.services.mozilla.com/D222629 Differential Revision: https://phabricator.services.mozilla.com/D222934 - - - - - 32373e41 by André Bargull at 2024-10-01T00:53:38+02:00 Bug 1915249: Add more nodiscard. a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D220311 Differential Revision: https://phabricator.services.mozilla.com/D221663 - - - - - e6dfa497 by Emilio Cobos Álvarez at 2024-10-01T00:53:40+02:00 Bug 1914106 - Deal with insertRule edge-case. r=jwatt a=RyanVM When there's trailing garbage after an @import rule we throw, but we still trigger the load (that's not great but not trivial to change). Deal with that case before calling ImportRuleLoaded(). Differential Revision: https://phabricator.services.mozilla.com/D219783 - - - - - 35286ac0 by Steve Fink at 2024-10-01T00:53:42+02:00 Bug 1912471 - Disallow deserializing structured clone buffers with transferables more than once r=iain, a=dsmith Differential Revision: https://phabricator.services.mozilla.com/D220644 - - - - - bf0a17a2 by Nika Layzell at 2024-10-01T00:53:43+02:00 Bug 1911745 - Unify BrowsingContext flag coherency checks, r=mccr8 Previously these checks were largely diagnostic tools for finding bugs in other code as it evolves. This unifies the checks a bit more and makes them stronger for BrowsingContexts created over IPC, providing a place for more coherency checks to be added in the future. Differential Revision: https://phabricator.services.mozilla.com/D218860 - - - - - bf6b766b by Kershaw Chang at 2024-10-01T00:53:46+02:00 Bug 1907726 - Make sure WebTransportSessionProxy::NotifyDatagramReceived is called after OnStopRequest, a=RyanVM The crash occurs because WebTransportSessionProxy::OnDatagramReceivedInternal is called before WebTransportSessionProxy::OnStopRequest. When this happens, WebTransportSessionProxy::mTarget is the main thread, so a task is dispatched to the main thread. This causes WebTransportSessionProxy::NotifyDatagramReceived to be called on the main thread. If WebTransportSessionProxy::NotifyDatagramReceived is invoked while WebTransportSessionProxy::mStopRequestCalled is true, it can lead to OnDatagramReceived being called on the main thread (instead of the socket thread), resulting in a crash. Original Revision: https://phabricator.services.mozilla.com/D220013 Differential Revision: https://phabricator.services.mozilla.com/D221661 - - - - - 22 changed files: - browser/base/content/test/tabPrompts/browser_confirmFolderUpload.js - browser/components/prompts/PromptCollection.sys.mjs - docshell/base/BrowsingContext.cpp - docshell/base/BrowsingContext.h - docshell/base/nsDocShell.cpp - docshell/base/nsDocShell.h - dom/base/Document.cpp - dom/base/Document.h - dom/base/ShadowRoot.cpp - dom/base/ShadowRoot.h - dom/filesystem/tests/script_promptHandler.js - js/public/StructuredClone.h - js/public/friend/ErrorNumbers.msg - js/src/jit-test/tests/structured-clone/transferable-cleanup.js - js/src/jit/IonAnalysis.cpp - js/src/vm/StructuredClone.cpp - layout/style/ServoStyleSet.cpp - layout/style/ServoStyleSet.h - layout/style/StyleSheet.cpp - netwerk/ipc/DocumentLoadListener.cpp - netwerk/protocol/webtransport/WebTransportSessionProxy.cpp - + testing/web-platform/tests/css/cssom/insertRule-import-trailing-garbage-crash.html Changes: ===================================== browser/base/content/test/tabPrompts/browser_confirmFolderUpload.js ===================================== @@ -101,8 +101,29 @@ async function testUploadPrompt(confirmUpload) { // Wait for confirmation prompt let prompt = await promptPromise; ok(prompt, "Shown upload confirmation prompt"); + is(prompt.ui.button0.label, "Upload", "Accept button label"); + ok( + prompt.ui.button0.disabled, + "Accept button should be disabled by the security delay initially." + ); + ok(prompt.ui.button1.hasAttribute("default"), "Cancel is default button"); + ok( + !prompt.ui.button1.disabled, + "Cancel button should not be disabled by the security delay." + ); + + info("Wait for the security delay to pass."); + let delayTime = Services.prefs.getIntPref("security.dialog_enable_delay"); + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, delayTime + 100)); + + ok( + !prompt.ui.button0.disabled, + "Accept button should no longer be disabled." + ); + ok(!prompt.ui.button1.disabled, "Cancel button should remain enabled."); // Close confirmation prompt await PromptTestUtils.handlePrompt(prompt, { ===================================== browser/components/prompts/PromptCollection.sys.mjs ===================================== @@ -156,7 +156,7 @@ export class PromptCollection { Services.prompt.MODAL_TYPE_TAB, title, message, - buttonFlags, + buttonFlags | Ci.nsIPrompt.BUTTON_DELAY_ENABLE, acceptLabel, null, null, ===================================== docshell/base/BrowsingContext.cpp ===================================== @@ -572,9 +572,19 @@ mozilla::ipc::IPCResult BrowsingContext::CreateFromIPC( context->mRequestContextId = aInit.mRequestContextId; // NOTE: Private browsing ID is set by `SetOriginAttributes`. + if (const char* failure = + context->BrowsingContextCoherencyChecks(aOriginProcess)) { + mozilla::ipc::IProtocol* actor = aOriginProcess; + if (!actor) { + actor = ContentChild::GetSingleton(); + } + return IPC_FAIL(actor, "Incoherent BrowsingContext"); + } + Register(context); - return context->Attach(/* aFromIPC */ true, aOriginProcess); + context->Attach(/* aFromIPC */ true, aOriginProcess); + return IPC_OK(); } BrowsingContext::BrowsingContext(WindowContext* aParentWindow, @@ -786,8 +796,64 @@ void BrowsingContext::Embed() { } } -mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, - ContentParent* aOriginProcess) { +const char* BrowsingContext::BrowsingContextCoherencyChecks( + ContentParent* aOriginProcess) { +#define COHERENCY_ASSERT(condition) \ + if (!(condition)) return "Assertion " #condition " failed"; + + if (mGroup->IsPotentiallyCrossOriginIsolated() != + (Top()->GetOpenerPolicy() == + nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP)) { + return "Invalid CrossOriginIsolated state"; + } + + if (aOriginProcess && !IsContent()) { + return "Content cannot create chrome BCs"; + } + + // LoadContext should generally match our opener or parent. + if (IsContent()) { + if (RefPtr<BrowsingContext> opener = GetOpener()) { + COHERENCY_ASSERT(opener->mType == mType); + COHERENCY_ASSERT(opener->mGroup == mGroup); + COHERENCY_ASSERT(opener->mUseRemoteTabs == mUseRemoteTabs); + COHERENCY_ASSERT(opener->mUseRemoteSubframes == mUseRemoteSubframes); + COHERENCY_ASSERT(opener->mPrivateBrowsingId == mPrivateBrowsingId); + COHERENCY_ASSERT( + opener->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); + } + } + if (RefPtr<BrowsingContext> parent = GetParent()) { + COHERENCY_ASSERT(parent->mType == mType); + COHERENCY_ASSERT(parent->mGroup == mGroup); + COHERENCY_ASSERT(parent->mUseRemoteTabs == mUseRemoteTabs); + COHERENCY_ASSERT(parent->mUseRemoteSubframes == mUseRemoteSubframes); + COHERENCY_ASSERT(parent->mPrivateBrowsingId == mPrivateBrowsingId); + COHERENCY_ASSERT( + parent->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); + } + + // UseRemoteSubframes and UseRemoteTabs must match. + if (mUseRemoteSubframes && !mUseRemoteTabs) { + return "Cannot set useRemoteSubframes without also setting useRemoteTabs"; + } + + // Double-check OriginAttributes/Private Browsing + // Chrome browsing contexts must not have a private browsing OriginAttribute + // Content browsing contexts must maintain the equality: + // mOriginAttributes.mPrivateBrowsingId == mPrivateBrowsingId + if (IsChrome()) { + COHERENCY_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0); + } else { + COHERENCY_ASSERT(mOriginAttributes.mPrivateBrowsingId == + mPrivateBrowsingId); + } +#undef COHERENCY_ASSERT + + return nullptr; +} + +void BrowsingContext::Attach(bool aFromIPC, ContentParent* aOriginProcess) { MOZ_DIAGNOSTIC_ASSERT(!mEverAttached); MOZ_DIAGNOSTIC_ASSERT_IF(aFromIPC, aOriginProcess || XRE_IsContentProcess()); mEverAttached = true; @@ -806,25 +872,15 @@ mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, MOZ_DIAGNOSTIC_ASSERT(mGroup); MOZ_DIAGNOSTIC_ASSERT(!mIsDiscarded); - if (mGroup->IsPotentiallyCrossOriginIsolated() != - (Top()->GetOpenerPolicy() == - nsILoadInfo::OPENER_POLICY_SAME_ORIGIN_EMBEDDER_POLICY_REQUIRE_CORP)) { - MOZ_DIAGNOSTIC_ASSERT(aFromIPC); - if (aFromIPC) { - auto* actor = aOriginProcess - ? static_cast<mozilla::ipc::IProtocol*>(aOriginProcess) - : static_cast<mozilla::ipc::IProtocol*>( - ContentChild::GetSingleton()); - return IPC_FAIL( - actor, - "Invalid CrossOriginIsolated state in BrowsingContext::Attach call"); - } else { - MOZ_CRASH( - "Invalid CrossOriginIsolated state in BrowsingContext::Attach call"); +#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED + // We'll already have checked this if `aFromIPC` is set before calling this + // function. + if (!aFromIPC) { + if (const char* failure = BrowsingContextCoherencyChecks(aOriginProcess)) { + MOZ_CRASH_UNSAFE_PRINTF("Incoherent BrowsingContext: %s", failure); } } - - AssertCoherentLoadContext(); +#endif // Add ourselves either to our parent or BrowsingContextGroup's child list. // Important: We shouldn't return IPC_FAIL after this point, since the @@ -906,7 +962,6 @@ mozilla::ipc::IPCResult BrowsingContext::Attach(bool aFromIPC, if (XRE_IsParentProcess()) { Canonical()->CanonicalAttach(); } - return IPC_OK(); } void BrowsingContext::Detach(bool aFromIPC) { @@ -1743,40 +1798,6 @@ nsresult BrowsingContext::SetOriginAttributes(const OriginAttributes& aAttrs) { return NS_OK; } -void BrowsingContext::AssertCoherentLoadContext() { -#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED - // LoadContext should generally match our opener or parent. - if (IsContent()) { - if (RefPtr<BrowsingContext> opener = GetOpener()) { - MOZ_DIAGNOSTIC_ASSERT(opener->mType == mType); - MOZ_DIAGNOSTIC_ASSERT(opener->mGroup == mGroup); - MOZ_DIAGNOSTIC_ASSERT(opener->mUseRemoteTabs == mUseRemoteTabs); - MOZ_DIAGNOSTIC_ASSERT(opener->mUseRemoteSubframes == mUseRemoteSubframes); - MOZ_DIAGNOSTIC_ASSERT(opener->mPrivateBrowsingId == mPrivateBrowsingId); - MOZ_DIAGNOSTIC_ASSERT( - opener->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); - } - } - if (RefPtr<BrowsingContext> parent = GetParent()) { - MOZ_DIAGNOSTIC_ASSERT(parent->mType == mType); - MOZ_DIAGNOSTIC_ASSERT(parent->mGroup == mGroup); - MOZ_DIAGNOSTIC_ASSERT(parent->mUseRemoteTabs == mUseRemoteTabs); - MOZ_DIAGNOSTIC_ASSERT(parent->mUseRemoteSubframes == mUseRemoteSubframes); - MOZ_DIAGNOSTIC_ASSERT(parent->mPrivateBrowsingId == mPrivateBrowsingId); - MOZ_DIAGNOSTIC_ASSERT( - parent->mOriginAttributes.EqualsIgnoringFPD(mOriginAttributes)); - } - - // UseRemoteSubframes and UseRemoteTabs must match. - MOZ_DIAGNOSTIC_ASSERT( - !mUseRemoteSubframes || mUseRemoteTabs, - "Cannot set useRemoteSubframes without also setting useRemoteTabs"); - - // Double-check OriginAttributes/Private Browsing - AssertOriginAttributesMatchPrivateBrowsing(); -#endif -} - void BrowsingContext::AssertOriginAttributesMatchPrivateBrowsing() { // Chrome browsing contexts must not have a private browsing OriginAttribute // Content browsing contexts must maintain the equality: ===================================== docshell/base/BrowsingContext.h ===================================== @@ -971,7 +971,18 @@ class BrowsingContext : public nsILoadContext, public nsWrapperCache { bool aHasPostData); private: - mozilla::ipc::IPCResult Attach(bool aFromIPC, ContentParent* aOriginProcess); + // Assert that this BrowsingContext is coherent relative to related + // BrowsingContexts. This will be run before the BrowsingContext is attached. + // + // A non-null string return value indicates that there was a coherency check + // failure, which will be handled with either a crash or IPC failure. + // + // If provided, `aOriginProcess` is the process which is responsible for the + // creation of this BrowsingContext. + [[nodiscard]] const char* BrowsingContextCoherencyChecks( + ContentParent* aOriginProcess); + + void Attach(bool aFromIPC, ContentParent* aOriginProcess); // Recomputes whether we can execute scripts in this BrowsingContext based on // the value of AllowJavascript() and whether scripts are allowed in the @@ -985,10 +996,6 @@ class BrowsingContext : public nsILoadContext, public nsWrapperCache { void AssertOriginAttributesMatchPrivateBrowsing(); - // Assert that the BrowsingContext's LoadContext flags appear coherent - // relative to related BrowsingContexts. - void AssertCoherentLoadContext(); - friend class ::nsOuterWindowProxy; friend class ::nsGlobalWindowOuter; friend class WindowContext; ===================================== docshell/base/nsDocShell.cpp ===================================== @@ -6254,7 +6254,7 @@ already_AddRefed<nsIURI> nsDocShell::AttemptURIFixup( nsresult nsDocShell::FilterStatusForErrorPage( nsresult aStatus, nsIChannel* aChannel, uint32_t aLoadType, - bool aIsTopFrame, bool aUseErrorPages, bool aIsInitialDocument, + bool aIsTopFrame, bool aUseErrorPages, bool* aSkippedUnknownProtocolNavigation) { // Errors to be shown only on top-level frames if ((aStatus == NS_ERROR_UNKNOWN_HOST || @@ -6298,18 +6298,10 @@ nsresult nsDocShell::FilterStatusForErrorPage( if (aStatus == NS_ERROR_UNKNOWN_PROTOCOL) { // For unknown protocols we only display an error if the load is triggered - // by the browser itself, or we're replacing the initial document (and - // nothing else). Showing the error for page-triggered navigations causes - // annoying behavior for users, see bug 1528305. - // - // We could, maybe, try to detect if this is in response to some user - // interaction (like clicking a link, or something else) and maybe show - // the error page in that case. But this allows for ctrl+clicking and such - // to see the error page. + // by the browser itself. Showing the error for page-triggered navigations + // causes annoying behavior for users, see bug 1528305. nsCOMPtr<nsILoadInfo> info = aChannel->LoadInfo(); - if (!info->TriggeringPrincipal()->IsSystemPrincipal() && - StaticPrefs::dom_no_unknown_protocol_error_enabled() && - !aIsInitialDocument) { + if (!info->TriggeringPrincipal()->IsSystemPrincipal()) { if (aSkippedUnknownProtocolNavigation) { *aSkippedUnknownProtocolNavigation = true; } @@ -6459,12 +6451,9 @@ nsresult nsDocShell::EndPageLoad(nsIWebProgress* aProgress, aStatus == NS_ERROR_CONTENT_BLOCKED); UnblockEmbedderLoadEventForFailure(fireFrameErrorEvent); - bool isInitialDocument = - !GetExtantDocument() || GetExtantDocument()->IsInitialDocument(); bool skippedUnknownProtocolNavigation = false; aStatus = FilterStatusForErrorPage(aStatus, aChannel, mLoadType, isTopFrame, mBrowsingContext->GetUseErrorPages(), - isInitialDocument, &skippedUnknownProtocolNavigation); hadErrorStatus = true; if (NS_FAILED(aStatus)) { ===================================== docshell/base/nsDocShell.h ===================================== @@ -464,7 +464,7 @@ class nsDocShell final : public nsDocLoader, // navigation. static nsresult FilterStatusForErrorPage( nsresult aStatus, nsIChannel* aChannel, uint32_t aLoadType, - bool aIsTopFrame, bool aUseErrorPages, bool aIsInitialDocument, + bool aIsTopFrame, bool aUseErrorPages, bool* aSkippedUnknownProtocolNavigation = nullptr); // Notify consumers of a search being loaded through the observer service: ===================================== dom/base/Document.cpp ===================================== @@ -8266,7 +8266,7 @@ void Document::RuleAdded(StyleSheet& aSheet, css::Rule& aRule) { } } -void Document::ImportRuleLoaded(dom::CSSImportRule& aRule, StyleSheet& aSheet) { +void Document::ImportRuleLoaded(StyleSheet& aSheet) { if (aSheet.IsApplicable()) { ApplicableStylesChanged(); } ===================================== dom/base/Document.h ===================================== @@ -2135,7 +2135,7 @@ class Document : public nsINode, void RuleAdded(StyleSheet&, css::Rule&); void RuleRemoved(StyleSheet&, css::Rule&); void SheetCloned(StyleSheet&) {} - void ImportRuleLoaded(CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); /** * Flush notifications for this document and its parent documents ===================================== dom/base/ShadowRoot.cpp ===================================== @@ -412,7 +412,7 @@ void ShadowRoot::RuleChanged(StyleSheet& aSheet, css::Rule*, ApplicableRulesChanged(); } -void ShadowRoot::ImportRuleLoaded(CSSImportRule&, StyleSheet& aSheet) { +void ShadowRoot::ImportRuleLoaded(StyleSheet& aSheet) { if (mStyleRuleMap) { mStyleRuleMap->SheetAdded(aSheet); } ===================================== dom/base/ShadowRoot.h ===================================== @@ -86,7 +86,7 @@ class ShadowRoot final : public DocumentFragment, void RuleAdded(StyleSheet&, css::Rule&); void RuleRemoved(StyleSheet&, css::Rule&); void RuleChanged(StyleSheet&, css::Rule*, StyleRuleChangeKind); - void ImportRuleLoaded(CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); void SheetCloned(StyleSheet&); void StyleSheetApplicableStateChanged(StyleSheet&); ===================================== dom/filesystem/tests/script_promptHandler.js ===================================== @@ -2,7 +2,45 @@ let dialogObserverTopic = "common-dialog-loaded"; -function dialogObserver(subj, topic, data) { +function waitForButtonEnabledState(button) { + return new Promise(resolve => { + // Check if the button is already enabled (not disabled) + if (!button.disabled) { + resolve(); + return; + } + + // Create a MutationObserver instance + let win = button.ownerGlobal; + let { MutationObserver } = win; + const observer = new MutationObserver(mutationsList => { + for (const mutation of mutationsList) { + if ( + mutation.type === "attributes" && + mutation.attributeName === "disabled" + ) { + if (!button.disabled) { + // Resolve the promise when the button is enabled + observer.disconnect(); // Stop observing + resolve(); + } + } + } + }); + + // Start observing the button for changes to the 'disabled' attribute + observer.observe(button, { + attributes: true, + attributeFilter: ["disabled"], + }); + }); +} + +async function dialogObserver(subj) { + let dialog = subj.document.querySelector("dialog"); + let acceptButton = dialog.getButton("accept"); + await waitForButtonEnabledState(acceptButton); + subj.document.querySelector("dialog").acceptDialog(); sendAsyncMessage("promptAccepted"); } ===================================== js/public/StructuredClone.h ===================================== @@ -744,6 +744,7 @@ class JS_PUBLIC_API JSAutoStructuredCloneBuffer { #define JS_SCERR_WASM_NO_TRANSFER 6 #define JS_SCERR_NOT_CLONABLE 7 #define JS_SCERR_NOT_CLONABLE_WITH_COOP_COEP 8 +#define JS_SCERR_TRANSFERABLE_TWICE 9 JS_PUBLIC_API bool JS_ReadUint32Pair(JSStructuredCloneReader* r, uint32_t* p1, uint32_t* p2); ===================================== js/public/friend/ErrorNumbers.msg ===================================== @@ -527,6 +527,7 @@ MSG_DEF(JSMSG_SC_BAD_CLONE_VERSION, 0, JSEXN_ERR, "unsupported structured clo MSG_DEF(JSMSG_SC_BAD_SERIALIZED_DATA, 1, JSEXN_INTERNALERR, "bad serialized structured data ({0})") MSG_DEF(JSMSG_SC_DUP_TRANSFERABLE, 0, JSEXN_TYPEERR, "duplicate transferable for structured clone") MSG_DEF(JSMSG_SC_NOT_TRANSFERABLE, 0, JSEXN_TYPEERR, "invalid transferable array for structured clone") +MSG_DEF(JSMSG_SC_TRANSFERABLE_TWICE, 0, JSEXN_TYPEERR, "structured clone cannot transfer twice") MSG_DEF(JSMSG_SC_UNSUPPORTED_TYPE, 0, JSEXN_TYPEERR, "unsupported type for structured data") MSG_DEF(JSMSG_SC_NOT_CLONABLE, 1, JSEXN_TYPEERR, "The {0} object cannot be serialized. The Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy HTTP headers will enable this in the future.") MSG_DEF(JSMSG_SC_NOT_CLONABLE_WITH_COOP_COEP, 1, JSEXN_TYPEERR, "The {0} object cannot be serialized. The Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy HTTP headers can be used to enable this.") ===================================== js/src/jit-test/tests/structured-clone/transferable-cleanup.js ===================================== @@ -160,6 +160,15 @@ function testMultiWithDeserializeReadTransferErrorHelper(g, BASE, desc) { } catch (e) { assertEq(e.message.includes("invalid transferable"), true); } + + try { + // This fails without logging anything, since the re-transfer will be caught + // by looking at its header before calling any callbacks. + let clone = deserialize(s); + } catch (e) { + assertEq(e.message.includes("cannot transfer twice"), true); + } + s = null; gc(); printTrace(arguments.callee.name, g, BASE, obj.log, "deserialize"); @@ -170,6 +179,7 @@ function testMultiWithDeserializeReadTransferErrorHelper(g, BASE, desc) { // which comes before the main reading. obj transfer data is now owned by its // clone. obj3 transfer data was not successfully handed over to a new object, // so it is still owned by the clone buffer and must be discarded with freeTransfer. + // 'F' means the data is freed. BASE + 3, "F", ], "deserialize " + desc); obj.log = null; ===================================== js/src/jit/IonAnalysis.cpp ===================================== @@ -29,8 +29,9 @@ using MPhiUseIteratorStack = // Look for Phi uses with a depth-first search. If any uses are found the stack // of MPhi instructions is returned in the |worklist| argument. -static bool DepthFirstSearchUse(MIRGenerator* mir, - MPhiUseIteratorStack& worklist, MPhi* phi) { +[[nodiscard]] static bool DepthFirstSearchUse(MIRGenerator* mir, + MPhiUseIteratorStack& worklist, + MPhi* phi) { // Push a Phi and the next use to iterate over in the worklist. auto push = [&worklist](MPhi* phi, MUseIterator use) -> bool { phi->setInWorklist(); @@ -131,9 +132,9 @@ static bool DepthFirstSearchUse(MIRGenerator* mir, return true; } -static bool FlagPhiInputsAsImplicitlyUsed(MIRGenerator* mir, MBasicBlock* block, - MBasicBlock* succ, - MPhiUseIteratorStack& worklist) { +[[nodiscard]] static bool FlagPhiInputsAsImplicitlyUsed( + MIRGenerator* mir, MBasicBlock* block, MBasicBlock* succ, + MPhiUseIteratorStack& worklist) { // When removing an edge between 2 blocks, we might remove the ability of // later phases to figure out that the uses of a Phi should be considered as // a use of all its inputs. Thus we need to mark the Phi inputs as being @@ -265,7 +266,7 @@ static MInstructionIterator FindFirstInstructionAfterBail(MBasicBlock* block) { // Given an iterator pointing to the first removed instruction, mark // the operands of each removed instruction as having implicit uses. -static bool FlagOperandsAsImplicitlyUsedAfter( +[[nodiscard]] static bool FlagOperandsAsImplicitlyUsedAfter( MIRGenerator* mir, MBasicBlock* block, MInstructionIterator firstRemoved) { MOZ_ASSERT(firstRemoved->block() == block); @@ -312,8 +313,8 @@ static bool FlagOperandsAsImplicitlyUsedAfter( return true; } -static bool FlagEntryResumePointOperands(MIRGenerator* mir, - MBasicBlock* block) { +[[nodiscard]] static bool FlagEntryResumePointOperands(MIRGenerator* mir, + MBasicBlock* block) { // Flag observable operands of the entry resume point as having implicit uses. MResumePoint* rp = block->entryResumePoint(); while (rp) { @@ -334,8 +335,8 @@ static bool FlagEntryResumePointOperands(MIRGenerator* mir, return true; } -static bool FlagAllOperandsAsImplicitlyUsed(MIRGenerator* mir, - MBasicBlock* block) { +[[nodiscard]] static bool FlagAllOperandsAsImplicitlyUsed(MIRGenerator* mir, + MBasicBlock* block) { return FlagEntryResumePointOperands(mir, block) && FlagOperandsAsImplicitlyUsedAfter(mir, block, block->begin()); } @@ -420,12 +421,16 @@ bool jit::PruneUnusedBranches(MIRGenerator* mir, MIRGraph& graph) { if (!block->isMarked()) { // If we are removing the block entirely, mark the operands of every // instruction as being implicitly used. - FlagAllOperandsAsImplicitlyUsed(mir, block); + if (!FlagAllOperandsAsImplicitlyUsed(mir, block)) { + return false; + } } else if (block->alwaysBails()) { // If we are only trimming instructions after a bail, only mark operands // of removed instructions. MInstructionIterator firstRemoved = FindFirstInstructionAfterBail(block); - FlagOperandsAsImplicitlyUsedAfter(mir, block, firstRemoved); + if (!FlagOperandsAsImplicitlyUsedAfter(mir, block, firstRemoved)) { + return false; + } } } @@ -503,7 +508,8 @@ bool jit::PruneUnusedBranches(MIRGenerator* mir, MIRGraph& graph) { return true; } -static bool SplitCriticalEdgesForBlock(MIRGraph& graph, MBasicBlock* block) { +[[nodiscard]] static bool SplitCriticalEdgesForBlock(MIRGraph& graph, + MBasicBlock* block) { if (block->numSuccessors() < 2) { return true; } @@ -767,8 +773,8 @@ static bool IsDiamondPattern(MBasicBlock* initialBlock) { return true; } -static bool MaybeFoldDiamondConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldDiamondConditionBlock( + MIRGraph& graph, MBasicBlock* initialBlock) { MOZ_ASSERT(IsDiamondPattern(initialBlock)); // Optimize the MIR graph to improve the code generated for conditional @@ -936,8 +942,8 @@ static bool IsTrianglePattern(MBasicBlock* initialBlock) { return false; } -static bool MaybeFoldTriangleConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldTriangleConditionBlock( + MIRGraph& graph, MBasicBlock* initialBlock) { MOZ_ASSERT(IsTrianglePattern(initialBlock)); // Optimize the MIR graph to improve the code generated for boolean @@ -1089,8 +1095,8 @@ static bool MaybeFoldTriangleConditionBlock(MIRGraph& graph, return true; } -static bool MaybeFoldConditionBlock(MIRGraph& graph, - MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldConditionBlock(MIRGraph& graph, + MBasicBlock* initialBlock) { if (IsDiamondPattern(initialBlock)) { return MaybeFoldDiamondConditionBlock(graph, initialBlock); } @@ -1100,7 +1106,8 @@ static bool MaybeFoldConditionBlock(MIRGraph& graph, return true; } -static bool MaybeFoldTestBlock(MIRGraph& graph, MBasicBlock* initialBlock) { +[[nodiscard]] static bool MaybeFoldTestBlock(MIRGraph& graph, + MBasicBlock* initialBlock) { // Handle test expressions on more than two inputs. For example // |if ((x > 10) && (y > 20) && (z > 30)) { ... }|, which results in the below // pattern. @@ -2752,7 +2759,9 @@ bool jit::RemoveUnmarkedBlocks(MIRGenerator* mir, MIRGraph& graph, continue; } - FlagAllOperandsAsImplicitlyUsed(mir, block); + if (!FlagAllOperandsAsImplicitlyUsed(mir, block)) { + return false; + } } // Find unmarked blocks and remove them. @@ -4003,8 +4012,8 @@ bool jit::EliminateRedundantShapeGuards(MIRGraph& graph) { return true; } -static bool TryEliminateGCBarriersForAllocation(TempAllocator& alloc, - MInstruction* allocation) { +[[nodiscard]] static bool TryEliminateGCBarriersForAllocation( + TempAllocator& alloc, MInstruction* allocation) { MOZ_ASSERT(allocation->type() == MIRType::Object); JitSpew(JitSpew_RedundantGCBarriers, "Analyzing allocation %s", ===================================== js/src/vm/StructuredClone.cpp ===================================== @@ -172,17 +172,25 @@ enum StructuredDataType : uint32_t { /* * Format of transfer map: - * <SCTAG_TRANSFER_MAP_HEADER, TransferableMapHeader(UNREAD|TRANSFERRED)> - * numTransferables (64 bits) - * array of: - * <SCTAG_TRANSFER_MAP_*, TransferableOwnership> - * pointer (64 bits) - * extraData (64 bits), eg byte length for ArrayBuffers + * - <SCTAG_TRANSFER_MAP_HEADER, UNREAD|TRANSFERRING|TRANSFERRED> + * - numTransferables (64 bits) + * - array of: + * - <SCTAG_TRANSFER_MAP_*, TransferableOwnership> pointer (64 + * bits) + * - extraData (64 bits), eg byte length for ArrayBuffers + * - any data written for custom transferables */ // Data associated with an SCTAG_TRANSFER_MAP_HEADER that tells whether the -// contents have been read out yet or not. -enum TransferableMapHeader { SCTAG_TM_UNREAD = 0, SCTAG_TM_TRANSFERRED }; +// contents have been read out yet or not. TRANSFERRING is for the case where we +// have started but not completed reading, which due to errors could mean that +// there are things still owned by the clone buffer that need to be released, so +// discarding should not just be skipped. +enum TransferableMapHeader { + SCTAG_TM_UNREAD = 0, + SCTAG_TM_TRANSFERRING, + SCTAG_TM_TRANSFERRED +}; static inline uint64_t PairToUInt64(uint32_t tag, uint32_t data) { return uint64_t(data) | (uint64_t(tag) << 32); @@ -693,6 +701,10 @@ static void ReportDataCloneError(JSContext* cx, errorNumber = JSMSG_SC_SHMEM_TRANSFERABLE; break; + case JS_SCERR_TRANSFERABLE_TWICE: + errorNumber = JSMSG_SC_TRANSFERABLE_TWICE; + break; + case JS_SCERR_TYPED_ARRAY_DETACHED: errorNumber = JSMSG_TYPED_ARRAY_DETACHED; break; @@ -3209,11 +3221,21 @@ bool JSStructuredCloneReader::readTransferMap() { return in.reportTruncated(); } + auto transferState = static_cast<TransferableMapHeader>(data); + if (tag != SCTAG_TRANSFER_MAP_HEADER || - TransferableMapHeader(data) == SCTAG_TM_TRANSFERRED) { + transferState == SCTAG_TM_TRANSFERRED) { return true; } + if (transferState == SCTAG_TM_TRANSFERRING) { + ReportDataCloneError(cx, callbacks, JS_SCERR_TRANSFERABLE_TWICE, closure); + return false; + } + + headerPos.write( + PairToUInt64(SCTAG_TRANSFER_MAP_HEADER, SCTAG_TM_TRANSFERRING)); + uint64_t numTransferables; MOZ_ALWAYS_TRUE(in.readPair(&tag, &data)); if (!in.read(&numTransferables)) { @@ -3329,7 +3351,7 @@ bool JSStructuredCloneReader::readTransferMap() { #ifdef DEBUG SCInput::getPair(headerPos.peek(), &tag, &data); MOZ_ASSERT(tag == SCTAG_TRANSFER_MAP_HEADER); - MOZ_ASSERT(TransferableMapHeader(data) != SCTAG_TM_TRANSFERRED); + MOZ_ASSERT(TransferableMapHeader(data) == SCTAG_TM_TRANSFERRING); #endif headerPos.write( PairToUInt64(SCTAG_TRANSFER_MAP_HEADER, SCTAG_TM_TRANSFERRED)); ===================================== layout/style/ServoStyleSet.cpp ===================================== @@ -954,7 +954,7 @@ static OriginFlags ToOriginFlags(StyleOrigin aOrigin) { } } -void ServoStyleSet::ImportRuleLoaded(dom::CSSImportRule&, StyleSheet& aSheet) { +void ServoStyleSet::ImportRuleLoaded(StyleSheet& aSheet) { if (mStyleRuleMap) { mStyleRuleMap->SheetAdded(aSheet); } ===================================== layout/style/ServoStyleSet.h ===================================== @@ -133,7 +133,7 @@ class ServoStyleSet { void RuleRemoved(StyleSheet&, css::Rule&); void RuleChanged(StyleSheet&, css::Rule*, StyleRuleChangeKind); void SheetCloned(StyleSheet&); - void ImportRuleLoaded(dom::CSSImportRule&, StyleSheet&); + void ImportRuleLoaded(StyleSheet&); // Runs style invalidation due to document state changes. void InvalidateStyleForDocumentStateChanges( ===================================== layout/style/StyleSheet.cpp ===================================== @@ -836,15 +836,19 @@ StyleSheet::StyleSheetLoaded(StyleSheet* aSheet, bool aWasDeferred, if (!aSheet->GetParentSheet()) { return NS_OK; // ignore if sheet has been detached already } - MOZ_ASSERT(this == aSheet->GetParentSheet(), - "We are being notified of a sheet load for a sheet that is not " - "our child!"); + MOZ_DIAGNOSTIC_ASSERT(this == aSheet->GetParentSheet(), + "We are being notified of a sheet load for a sheet " + "that is not our child!"); if (NS_FAILED(aStatus)) { return NS_OK; } - - MOZ_ASSERT(aSheet->GetOwnerRule()); - NOTIFY(ImportRuleLoaded, (*aSheet->GetOwnerRule(), *aSheet)); + // The assert below should hold if we stop triggering import loads for invalid + // insertRule() calls, see bug 1914106. + // MOZ_ASSERT(aSheet->GetOwnerRule()); + if (!aSheet->GetOwnerRule()) { + return NS_OK; + } + NOTIFY(ImportRuleLoaded, (*aSheet)); return NS_OK; } ===================================== netwerk/ipc/DocumentLoadListener.cpp ===================================== @@ -2316,15 +2316,9 @@ bool DocumentLoadListener::DocShellWillDisplayContent(nsresult aStatus) { auto* loadingContext = GetLoadingBrowsingContext(); - bool isInitialDocument = true; - if (WindowGlobalParent* currentWindow = - loadingContext->GetCurrentWindowGlobal()) { - isInitialDocument = currentWindow->IsInitialDocument(); - } - nsresult rv = nsDocShell::FilterStatusForErrorPage( aStatus, mChannel, mLoadStateLoadType, loadingContext->IsTop(), - loadingContext->GetUseErrorPages(), isInitialDocument, nullptr); + loadingContext->GetUseErrorPages(), nullptr); if (NS_SUCCEEDED(rv)) { MOZ_LOG(gProcessIsolationLog, LogLevel::Verbose, ===================================== netwerk/protocol/webtransport/WebTransportSessionProxy.cpp ===================================== @@ -1042,15 +1042,6 @@ void WebTransportSessionProxy::NotifyDatagramReceived( MutexAutoLock lock(mMutex); MOZ_ASSERT(mTarget->IsOnCurrentThread()); - if (!mStopRequestCalled) { - CopyableTArray<uint8_t> copied(aData); - mPendingEvents.AppendElement( - [self = RefPtr{this}, data = std::move(copied)]() mutable { - self->NotifyDatagramReceived(std::move(data)); - }); - return; - } - if (mState != WebTransportSessionProxyState::ACTIVE || !mListener) { return; } @@ -1066,6 +1057,15 @@ NS_IMETHODIMP WebTransportSessionProxy::OnDatagramReceivedInternal( { MutexAutoLock lock(mMutex); + if (!mStopRequestCalled) { + CopyableTArray<uint8_t> copied(aData); + mPendingEvents.AppendElement( + [self = RefPtr{this}, data = std::move(copied)]() mutable { + self->OnDatagramReceivedInternal(std::move(data)); + }); + return NS_OK; + } + if (!mTarget->IsOnCurrentThread()) { return mTarget->Dispatch(NS_NewRunnableFunction( "WebTransportSessionProxy::OnDatagramReceived", ===================================== testing/web-platform/tests/css/cssom/insertRule-import-trailing-garbage-crash.html ===================================== @@ -0,0 +1,6 @@ +<!doctype html> +<link rel="help" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1914106"> +<style></style> +<script> +document.querySelector("style").sheet.insertRule("@import url('data:text/css,:root{background:red}');html,body{/* random garbage */}"); +</script> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b97760… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/b97760… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.16.0esr-13.5-1-build2
by ma1 (＠ma1) 30 Sep '24

30 Sep '24

ma1 pushed new tag tor-browser-115.16.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0