tbb-commits
Threads by month
- ----- 2025 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- 1 participants
- 18669 discussions
[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.0.1-build1
by richard (@richard) 23 Oct '23
by richard (@richard) 23 Oct '23
23 Oct '23
richard pushed new tag tbb-13.0.1-build1 at The Tor Project / Applications / tor-browser-build
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser-build][maint-13.0] Bug 40977&40980: Tor Browser and Mullvad Browser 13.0.1.
by Pier Angelo Vendrame (@pierov) 23 Oct '23
by Pier Angelo Vendrame (@pierov) 23 Oct '23
23 Oct '23
Pier Angelo Vendrame pushed to branch maint-13.0 at The Tor Project / Applications / tor-browser-build
Commits:
f6a7fbed by Pier Angelo Vendrame at 2023-10-23T14:22:20+02:00
Bug 40977&40980: Tor Browser and Mullvad Browser 13.0.1.
- - - - -
9 changed files:
- projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
- projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt
- projects/browser/allowed_addons.json
- projects/firefox/config
- projects/geckoview/config
- projects/go/config
- projects/manual/config
- projects/translation/config
- rbm.conf
Changes:
=====================================
projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt
=====================================
@@ -1,3 +1,13 @@
+Mullvad Browser 13.0.1 - October 24 2023
+ * All Platforms
+ * Updated Firefox to 115.4.0esr
+ * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser]
+ * Bug 42185: Rebase stable browsers on top of 115.4.0esr [tor-browser]
+ * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser]
+ * Build System
+ * Windows
+ * Bug 40984: The PDBs for .exe are not included [tor-browser-build]
+
Mullvad Browser 13.0 - October 12 2023
* All Platforms
* Updated Firefox to 115.3.1esr
=====================================
projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt
=====================================
@@ -1,3 +1,23 @@
+Tor Browser 13.0.1 - October 24 2023
+ * All Platforms
+ * Bug 42185: Rebase stable browsers on top of 115.4.0esr [tor-browser]
+ * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser]
+ * Bug 40975: libstdc++.so.6 is included twice in tor-browser [tor-browser-build]
+ * Windows + macOS + Linux
+ * Updated Firefox to 115.4.0esr
+ * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser]
+ * Android
+ * Updated GeckoView to 115.4.0esr
+ * Build System
+ * All Platforms
+ * Updated Go to 1.21.3
+ * Bug 40976: Update download-unsigned-sha256sums-gpg-signatures-from-people-tpo to fetch from tb-build-02 and tb-build-03 [tor-browser-build]
+ * Bug 40062: Copy input directories to containers recursively [rbm]
+ * Windows
+ * Bug 40984: The PDBs for .exe are not included [tor-browser-build]
+ * Linux
+ * Bug 40979: Add redirects from old Linux bundle filename to the new one [tor-browser-build]
+
Tor Browser 13.0 - October 12 2023
* All Platforms
* Updated tor to 0.4.8.7
=====================================
projects/browser/allowed_addons.json
=====================================
@@ -17,7 +17,7 @@
"picture_url": "https://addons.mozilla.org/user-media/userpics/34/9734/13299734/13299734.pn…"
}
],
- "average_daily_users": 1023781,
+ "average_daily_users": 1045779,
"categories": {
"android": [
"experimental",
@@ -221,10 +221,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.5548,
- "bayesian_average": 4.553650148808013,
- "count": 5182,
- "text_count": 1630
+ "average": 4.556,
+ "bayesian_average": 4.554850109055476,
+ "count": 5200,
+ "text_count": 1632
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/reviews/",
"requires_payment": false,
@@ -321,7 +321,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/darkreader/versions/",
- "weekly_downloads": 26757
+ "weekly_downloads": 30788
},
"notes": null
},
@@ -337,7 +337,7 @@
"picture_url": "https://addons.mozilla.org/user-media/userpics/56/7656/6937656/6937656.png?…"
}
],
- "average_daily_users": 257919,
+ "average_daily_users": 260965,
"categories": {
"android": [
"security-privacy"
@@ -346,7 +346,7 @@
"privacy-security"
]
},
- "contributions_url": "",
+ "contributions_url": "https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=decentraleyes…",
"created": "2014-06-10T05:46:02Z",
"current_version": {
"id": 5613891,
@@ -553,10 +553,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.8201,
- "bayesian_average": 4.815424717092739,
- "count": 1362,
- "text_count": 239
+ "average": 4.8133,
+ "bayesian_average": 4.80862905917694,
+ "count": 1366,
+ "text_count": 241
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/reviews/",
"requires_payment": false,
@@ -641,7 +641,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/versions/",
- "weekly_downloads": 3661
+ "weekly_downloads": 4245
},
"notes": null
},
@@ -657,7 +657,7 @@
"picture_url": "https://addons.mozilla.org/user-media/userpics/73/4073/5474073/5474073.png?…"
}
],
- "average_daily_users": 1125441,
+ "average_daily_users": 1155791,
"categories": {
"android": [
"security-privacy"
@@ -1181,10 +1181,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.7962,
- "bayesian_average": 4.793440331700814,
- "count": 2296,
- "text_count": 438
+ "average": 4.7969,
+ "bayesian_average": 4.794146592865077,
+ "count": 2309,
+ "text_count": 440
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/reviews/",
"requires_payment": false,
@@ -1208,7 +1208,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/versions/",
- "weekly_downloads": 18664
+ "weekly_downloads": 27720
},
"notes": null
},
@@ -1224,7 +1224,7 @@
"picture_url": null
}
],
- "average_daily_users": 6647234,
+ "average_daily_users": 6840315,
"categories": {
"android": [
"security-privacy"
@@ -1389,7 +1389,7 @@
},
"is_disabled": false,
"is_experimental": false,
- "last_updated": "2023-10-07T16:35:31Z",
+ "last_updated": "2023-10-22T22:40:35Z",
"name": {
"ar": "uBlock Origin",
"bg": "uBlock Origin",
@@ -1534,10 +1534,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.783,
- "bayesian_average": 4.782608236958109,
- "count": 16130,
- "text_count": 4186
+ "average": 4.7828,
+ "bayesian_average": 4.7824108134916,
+ "count": 16288,
+ "text_count": 4231
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/reviews/",
"requires_payment": false,
@@ -1599,7 +1599,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/versions/",
- "weekly_downloads": 157230
+ "weekly_downloads": 284546
},
"notes": null
},
@@ -1615,7 +1615,7 @@
"picture_url": null
}
],
- "average_daily_users": 171186,
+ "average_daily_users": 171634,
"categories": {
"android": [
"photos-media"
@@ -1714,10 +1714,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.4899,
- "bayesian_average": 4.484788501655236,
+ "average": 4.4908,
+ "bayesian_average": 4.485671359198481,
"count": 1143,
- "text_count": 426
+ "text_count": 427
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/re…",
"requires_payment": false,
@@ -1739,7 +1739,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/video-background-play-fix/ve…",
- "weekly_downloads": 440
+ "weekly_downloads": 393
},
"notes": null
},
@@ -1755,7 +1755,7 @@
"picture_url": null
}
],
- "average_daily_users": 88145,
+ "average_daily_users": 88504,
"categories": {
"android": [
"experimental",
@@ -1893,7 +1893,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/versions/",
- "weekly_downloads": 1873
+ "weekly_downloads": 2256
},
"notes": null
},
@@ -1909,7 +1909,7 @@
"picture_url": "https://addons.mozilla.org/user-media/userpics/64/9064/12929064/12929064.pn…"
}
],
- "average_daily_users": 270436,
+ "average_daily_users": 276219,
"categories": {
"android": [
"photos-media",
@@ -1923,18 +1923,18 @@
"contributions_url": "https://www.paypal.com/donate?hosted_button_id=GLL4UNSNU6SQN&utm_content=pr…",
"created": "2017-06-17T15:23:33Z",
"current_version": {
- "id": 5588477,
+ "id": 5634958,
"compatibility": {
"firefox": {
"min": "91.0",
"max": "*"
},
"android": {
- "min": "91.0",
+ "min": "113.0",
"max": "*"
}
},
- "edit_url": "https://addons.mozilla.org/en-US/developers/addon/search_by_image/versions/…",
+ "edit_url": "https://addons.mozilla.org/en-US/developers/addon/search_by_image/versions/…",
"is_strict_compatibility_enabled": false,
"license": {
"id": 6,
@@ -1947,20 +1947,20 @@
"release_notes": {
"en-US": "Learn more about this release from the <a href=\"https://prod.outgoing.prod.webservices.mozgcp.net/v1/d50855f24f77fa6f2614b9…" rel=\"nofollow\">changelog</a>."
},
- "reviewed": "2023-07-06T11:07:12Z",
- "version": "5.7.0",
+ "reviewed": "2023-10-11T19:12:27Z",
+ "version": "5.8.1",
"files": [
{
- "id": 4132819,
- "created": "2023-07-02T12:35:20Z",
- "hash": "sha256:9149335f16762c6d4f33ce39f036db763b8c4a3250f5e04e915b827da22a0eb1",
+ "id": 4179298,
+ "created": "2023-10-10T10:43:18Z",
+ "hash": "sha256:ce8b510ba1df4bb941a5a82001ec85e92b6a265701ae141a7e9c63df0155e7db",
"is_restart_required": false,
"is_webextension": true,
"is_mozilla_signed_extension": false,
"platform": "all",
- "size": 1198456,
+ "size": 1205732,
"status": "public",
- "url": "https://addons.mozilla.org/firefox/downloads/file/4132819/search_by_image-5…",
+ "url": "https://addons.mozilla.org/firefox/downloads/file/4179298/search_by_image-5…",
"permissions": [
"alarms",
"clipboardRead",
@@ -2002,7 +2002,7 @@
},
"is_disabled": false,
"is_experimental": false,
- "last_updated": "2023-07-06T11:07:12Z",
+ "last_updated": "2023-10-11T19:12:27Z",
"name": {
"en-US": "Search by Image"
},
@@ -2128,10 +2128,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.6538,
- "bayesian_average": 4.6491824699299755,
- "count": 1323,
- "text_count": 255
+ "average": 4.6509,
+ "bayesian_average": 4.646312748713676,
+ "count": 1335,
+ "text_count": 256
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/reviews/",
"requires_payment": false,
@@ -2152,7 +2152,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/search_by_image/versions/",
- "weekly_downloads": 4914
+ "weekly_downloads": 5690
},
"notes": null
},
@@ -2175,7 +2175,7 @@
"picture_url": null
}
],
- "average_daily_users": 113212,
+ "average_daily_users": 113785,
"categories": {
"android": [
"other"
@@ -2458,10 +2458,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.3708,
- "bayesian_average": 4.3663229339814045,
- "count": 1265,
- "text_count": 354
+ "average": 4.3672,
+ "bayesian_average": 4.3627273427174105,
+ "count": 1269,
+ "text_count": 356
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/reviews/",
"requires_payment": false,
@@ -2481,7 +2481,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/google-search-fixer/versions/",
- "weekly_downloads": 60
+ "weekly_downloads": 36
},
"notes": null
},
@@ -2497,7 +2497,7 @@
"picture_url": "https://addons.mozilla.org/user-media/userpics/43/0143/143/143.png?modified…"
}
],
- "average_daily_users": 306753,
+ "average_daily_users": 311914,
"categories": {
"android": [
"performance",
@@ -2615,7 +2615,7 @@
},
"is_disabled": false,
"is_experimental": false,
- "last_updated": "2023-10-10T11:09:38Z",
+ "last_updated": "2023-10-19T21:15:36Z",
"name": {
"de": "NoScript",
"el": "NoScript",
@@ -2687,10 +2687,10 @@
"category": "recommended"
},
"ratings": {
- "average": 4.3987,
- "bayesian_average": 4.396010323665619,
- "count": 2122,
- "text_count": 820
+ "average": 4.3995,
+ "bayesian_average": 4.3968053215576,
+ "count": 2125,
+ "text_count": 821
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/reviews/",
"requires_payment": false,
@@ -2734,7 +2734,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/noscript/versions/",
- "weekly_downloads": 7538
+ "weekly_downloads": 9346
},
"notes": null
},
@@ -2750,7 +2750,7 @@
"picture_url": null
}
],
- "average_daily_users": 153782,
+ "average_daily_users": 154597,
"categories": {
"android": [
"performance",
@@ -2862,10 +2862,10 @@
"category": "recommended"
},
"ratings": {
- "average": 3.8752,
- "bayesian_average": 3.871054464622849,
- "count": 1178,
- "text_count": 426
+ "average": 3.8689,
+ "bayesian_average": 3.8647664217835884,
+ "count": 1182,
+ "text_count": 428
},
"ratings_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/revi…",
"requires_payment": false,
@@ -2884,7 +2884,7 @@
"type": "extension",
"url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/",
"versions_url": "https://addons.mozilla.org/en-US/firefox/addon/youtube-high-definition/vers…",
- "weekly_downloads": 2142
+ "weekly_downloads": 2037
},
"notes": null
}
=====================================
projects/firefox/config
=====================================
@@ -14,7 +14,7 @@ container:
use_container: 1
var:
- firefox_platform_version: 115.3.1
+ firefox_platform_version: 115.4.0
firefox_version: '[% c("var/firefox_platform_version") %]esr'
browser_series: '13.0'
browser_branch: '[% c("var/browser_series") %]-1'
@@ -86,7 +86,7 @@ targets:
mullvadbrowser:
git_url: https://gitlab.torproject.org/tpo/applications/mullvad-browser.git
var:
- browser_build: 3
+ browser_build: 2
branding_directory_prefix: 'mb'
gitlab_project: https://gitlab.torproject.org/tpo/applications/mullvad-browser
updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/'
=====================================
projects/geckoview/config
=====================================
@@ -14,7 +14,7 @@ container:
use_container: 1
var:
- geckoview_version: 115.3.1esr
+ geckoview_version: 115.4.0esr
browser_branch: 13.0-1
browser_build: 2
copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
=====================================
projects/go/config
=====================================
@@ -1,5 +1,5 @@
# vim: filetype=yaml sw=2
-version: 1.21.1
+version: 1.21.3
filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]'
container:
use_container: 1
@@ -119,7 +119,7 @@ input_files:
enable: '[% ! c("var/linux") %]'
- URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz'
name: go
- sha256sum: bfa36bf75e9a1e9cbbdb9abcf9d1707e479bd3a07880a8ae3564caee5711cb99
+ sha256sum: 186f2b6f8c8b704e696821b09ab2041a5c1ee13dcbc3156a13adcf75931ee488
- project: go-bootstrap
name: go-bootstrap
target_replace:
=====================================
projects/manual/config
=====================================
@@ -1,7 +1,7 @@
# vim: filetype=yaml sw=2
# To update, see doc/how-to-update-the-manual.txt
# Remember to update also the package's hash, with the version!
-version: 108500
+version: 112141
filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]'
container:
use_container: 1
@@ -23,6 +23,6 @@ input_files:
- project: container-image
- URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip'
name: manual
- sha256sum: f9fab9f904f0b584156ca7e3f5b4652f3dc9c849d52ab5923ca9d8e7ba2f6640
+ sha256sum: f767bc5f655f1263623b7af588cfb045d3e41ee019dc7ecd713decc5c1a0ea9b
- filename: packagemanual.py
name: package_script
=====================================
projects/translation/config
=====================================
@@ -12,13 +12,13 @@ compress_tar: 'gz'
steps:
base-browser:
base-browser: '[% INCLUDE build %]'
- git_hash: 0b4625699b9e1d2a75e581a7424b126120c1c818
+ git_hash: 3faf7dcd545109f7bbd8a6374838e139ca422d6c
targets:
nightly:
git_hash: 'base-browser'
tor-browser:
tor-browser: '[% INCLUDE build %]'
- git_hash: d404df763e6d3fbda42865b03733ccf2f89fe165
+ git_hash: 51bc08246d73990d461f747fb3c8cc7b6f66c1f4
targets:
nightly:
git_hash: 'tor-browser'
@@ -32,7 +32,7 @@ steps:
fenix: '[% INCLUDE build %]'
# We need to bump the commit before releasing but just pointing to a branch
# might cause too much rebuidling of the Firefox part.
- git_hash: 445042b596cad163f25342d17bc672a7ed5158d6
+ git_hash: 06de167467ab1d64448c430d4bd66f3256ca7d47
compress_tar: 'zst'
targets:
nightly:
=====================================
rbm.conf
=====================================
@@ -81,12 +81,12 @@ buildconf:
git_signtag_opt: '-s'
var:
- torbrowser_version: '13.0'
+ torbrowser_version: '13.0.1'
torbrowser_build: 'build1'
torbrowser_incremental_from:
+ - '13.0'
- '12.5.6'
- '12.5.5'
- - '12.5.4'
updater_enabled: 1
build_mar: 1
mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]'
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/f…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser-update-responses][main] Add release/download-linux-x86_64.json and release/download-windows-x86_64.json
by boklm (@boklm) 23 Oct '23
by boklm (@boklm) 23 Oct '23
23 Oct '23
boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses
Commits:
2b5dd5b4 by Nicolas Vigier at 2023-10-23T15:28:07+02:00
Add release/download-linux-x86_64.json and release/download-windows-x86_64.json
tor-browser-build#40991
- - - - -
2 changed files:
- + update_3/release/download-linux-x86_64.json
- + update_3/release/download-windows-x86_64.json
Changes:
=====================================
update_3/release/download-linux-x86_64.json
=====================================
@@ -0,0 +1 @@
+{"binary":"https://dist.torproject.org/torbrowser/13.0/tor-browser-linux-x86_64-13.0.t…","git_tag":"tbb-13.0-build1","sig":"https://dist.torproject.org/torbrowser/13.0/tor-browser-linux-x86_64-13.0.t…","version":"13.0"}
\ No newline at end of file
=====================================
update_3/release/download-windows-x86_64.json
=====================================
@@ -0,0 +1 @@
+{"binary":"https://dist.torproject.org/torbrowser/13.0/tor-browser-windows-x86_64-port…","git_tag":"tbb-13.0-build1","sig":"https://dist.torproject.org/torbrowser/13.0/tor-browser-windows-x86_64-port…","version":"13.0"}
\ No newline at end of file
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1) 23 Oct '23
by ma1 (@ma1) 23 Oct '23
23 Oct '23
ma1 pushed new tag mullvad-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Mullvad Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1) 23 Oct '23
by ma1 (@ma1) 23 Oct '23
23 Oct '23
ma1 pushed new tag base-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1) 23 Oct '23
by ma1 (@ma1) 23 Oct '23
23 Oct '23
ma1 pushed new tag tor-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard) 23 Oct '23
by richard (@richard) 23 Oct '23
23 Oct '23
richard pushed to branch mullvad-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser
Commits:
985138e0 by Eden Chuang at 2023-10-23T12:36:44+00:00
Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D186431
- - - - -
8cb3e494 by edgul at 2023-10-23T12:36:44+00:00
Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D182373
- - - - -
e116477a by Kelsey Gilbert at 2023-10-23T12:36:44+00:00
Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond
We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.
Differential Revision: https://phabricator.services.mozilla.com/D188054
- - - - -
97184c52 by Mark Banner at 2023-10-23T12:36:45+00:00
Bug 1845752. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D186676
- - - - -
e4ad60d6 by Bob Owen at 2023-10-23T12:36:45+00:00
Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel
This also specializes ElementStreamFormat for bool.
Differential Revision: https://phabricator.services.mozilla.com/D187794
- - - - -
bc7d6958 by Malte Juergens at 2023-10-23T12:36:46+00:00
Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb
Differential Revision: https://phabricator.services.mozilla.com/D187887
- - - - -
32638567 by Andreas Pehrson at 2023-10-23T12:36:46+00:00
Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt
Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.
Differential Revision: https://phabricator.services.mozilla.com/D187554
- - - - -
18 changed files:
- dom/cache/TypeUtils.cpp
- dom/canvas/WebGLContextExtensions.cpp
- dom/media/MediaTrackGraph.cpp
- dom/media/MediaTrackGraph.h
- gfx/2d/RecordedEventImpl.h
- gfx/2d/RecordingTypes.h
- netwerk/cookie/CookieCommons.cpp
- testing/web-platform/meta/cookies/name/name-ctl.html.ini
- − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini
- toolkit/components/httpsonlyerror/content/errorpage.html
- toolkit/components/httpsonlyerror/content/errorpage.js
- toolkit/components/search/OpenSearchEngine.sys.mjs
- toolkit/components/search/SearchEngine.sys.mjs
- toolkit/components/search/SearchUtils.sys.mjs
- toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
- toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
- toolkit/components/search/tests/xpcshell/test_webextensions_install.js
- toolkit/modules/RemotePageAccessManager.sys.mjs
Changes:
=====================================
dom/cache/TypeUtils.cpp
=====================================
@@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut,
aOut.statusText() = aIn.GetUnfilteredStatusText();
RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders();
MOZ_DIAGNOSTIC_ASSERT(headers);
- if (HasVaryStar(headers)) {
+ if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) {
aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header.");
return;
}
=====================================
dom/canvas/WebGLContextExtensions.cpp
=====================================
@@ -17,15 +17,10 @@
namespace mozilla {
const char* GetExtensionName(const WebGLExtensionID ext) {
- static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*>
- sExtensionNamesEnumeratedArray;
- static bool initialized = false;
-
- if (!initialized) {
- initialized = true;
-
+ switch (ext) {
#define WEBGL_EXTENSION_IDENTIFIER(x) \
- sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x;
+ case WebGLExtensionID::x: \
+ return #x;
WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays)
WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax)
@@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) {
WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex)
#undef WEBGL_EXTENSION_IDENTIFIER
- }
- return sExtensionNamesEnumeratedArray[ext];
+ case WebGLExtensionID::Max:
+ break;
+ }
+ MOZ_CRASH("bad WebGLExtensionID");
}
// ----------------------------
=====================================
dom/media/MediaTrackGraph.cpp
=====================================
@@ -145,6 +145,27 @@ class GraphKey final {
nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs;
} // anonymous namespace
+static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode,
+ MediaSegment* aSegment,
+ MediaSegment* aRawSegment) {
+ if (aDisabledMode == DisabledTrackMode::ENABLED) {
+ return;
+ }
+ if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
+ aSegment->ReplaceWithDisabled();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithDisabled();
+ }
+ } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
+ aSegment->ReplaceWithNull();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithNull();
+ }
+ } else {
+ MOZ_CRASH("Unsupported mode");
+ }
+}
+
MediaTrackGraphImpl::~MediaTrackGraphImpl() {
MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(),
"All tracks should have been destroyed by messages from the main "
@@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener(
void MediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
// Base implementation, for tracks that don't support direct track listeners.
RefPtr<DirectMediaTrackListener> listener = aListener;
listener->NotifyDirectListenerInstalled(
@@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates(
}
void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MOZ_DIAGNOSTIC_ASSERT(
aMode == DisabledTrackMode::ENABLED ||
mDisabledMode == DisabledTrackMode::ENABLED,
@@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) {
void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment,
MediaSegment* aRawSegment) {
- if (mDisabledMode == DisabledTrackMode::ENABLED) {
- return;
- }
- if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
- aSegment->ReplaceWithDisabled();
- if (aRawSegment) {
- aRawSegment->ReplaceWithDisabled();
- }
- } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
- aSegment->ReplaceWithNull();
- if (aRawSegment) {
- aRawSegment->ReplaceWithNull();
- }
- } else {
- MOZ_CRASH("Unsupported mode");
- }
+ MOZ_ASSERT(mGraph->OnGraphThread());
+ mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment);
}
void MediaTrack::AddMainThreadListener(
@@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment,
// Apply track disabling before notifying any consumers directly
// or inserting into the graph
- ApplyTrackDisabling(aSegment, aRawSegment);
+ mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment);
ResampleAudioToGraphSampleRate(aSegment);
@@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) {
void SourceMediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MutexAutoLock lock(mMutex);
RefPtr<DirectMediaTrackListener> listener = aListener;
@@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl(
void SourceMediaTrack::RemoveDirectListenerImpl(
DirectMediaTrackListener* aListener) {
+ mGraph->AssertOnGraphThreadOrNotRunning();
MutexAutoLock lock(mMutex);
for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) {
const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i];
@@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() {
}
void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
{
MutexAutoLock lock(mMutex);
+ const DisabledTrackMode oldMode = mDirectDisabledMode;
+ const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
+ const bool enabled = aMode == DisabledTrackMode::ENABLED;
+ mDirectDisabledMode = aMode;
for (const auto& l : mDirectTrackListeners) {
- DisabledTrackMode oldMode = mDisabledMode;
- bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
- if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) {
+ if (!oldEnabled && enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener enabled",
GraphImpl(), this));
l->DecreaseDisabled(oldMode);
- } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) {
+ } else if (oldEnabled && !enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener disabled",
GraphImpl(), this));
=====================================
dom/media/MediaTrackGraph.h
=====================================
@@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack {
*/
void End();
- // Overriding allows us to hold the mMutex lock while changing the track
- // enable status
void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override;
- // Overriding allows us to ensure mMutex is locked while changing the track
- // enable status
- void ApplyTrackDisabling(MediaSegment* aSegment,
- MediaSegment* aRawSegment = nullptr) override {
- mMutex.AssertCurrentThreadOwns();
- MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment);
- }
-
uint32_t NumberOfChannels() const override;
void RemoveAllDirectListenersImpl() override;
@@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack {
// protected by mMutex
float mVolume MOZ_GUARDED_BY(mMutex) = 1.0;
UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex);
+ // This track's associated disabled mode for uses on the producing thread.
+ // It can either by disabled by frames being replaced by black, or by
+ // retaining the previous frame.
+ DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) =
+ DisabledTrackMode::ENABLED;
nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners
MOZ_GUARDED_BY(mMutex);
};
=====================================
gfx/2d/RecordedEventImpl.h
=====================================
@@ -65,7 +65,7 @@ class RecordedDrawTargetCreation
BackendType mBackendType;
IntRect mRect;
SurfaceFormat mFormat;
- bool mHasExistingData;
+ bool mHasExistingData = false;
RefPtr<SourceSurface> mExistingData;
private:
=====================================
gfx/2d/RecordingTypes.h
=====================================
@@ -24,6 +24,28 @@ struct ElementStreamFormat {
aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T));
}
};
+template <class S>
+struct ElementStreamFormat<S, bool> {
+ static void Write(S& aStream, const bool& aElement) {
+ char boolChar = aElement ? '\x01' : '\x00';
+ aStream.write(&boolChar, sizeof(boolChar));
+ }
+ static void Read(S& aStream, bool& aElement) {
+ char boolChar;
+ aStream.read(&boolChar, sizeof(boolChar));
+ switch (boolChar) {
+ case '\x00':
+ aElement = false;
+ break;
+ case '\x01':
+ aElement = true;
+ break;
+ default:
+ aStream.SetIsBad();
+ break;
+ }
+ }
+};
template <class S, class T>
void WriteElement(S& aStream, const T& aElement) {
=====================================
netwerk/cookie/CookieCommons.cpp
=====================================
@@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) {
bool CookieCommons::CheckName(const CookieStruct& aCookieData) {
const char illegalNameCharacters[] = {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
- 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00};
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00};
const auto* start = aCookieData.name().BeginReading();
const auto* end = aCookieData.name().EndReading();
=====================================
testing/web-platform/meta/cookies/name/name-ctl.html.ini
=====================================
@@ -11,36 +11,6 @@
[Cookie with %xd in name is rejected (DOM).]
expected: FAIL
- [Cookie with %x7f in name is rejected (DOM).]
- expected: FAIL
-
- [Cookie with %x0 in name is rejected or modified (HTTP).]
- expected: FAIL
-
- [Cookie with %x1 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x2 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x3 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x4 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x5 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x6 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x7 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x8 in name is rejected (HTTP).]
- expected: FAIL
-
[Cookie with %x9 in name is accepted (HTTP).]
expected: FAIL
=====================================
testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted
=====================================
@@ -1,26 +0,0 @@
-[cache-put.https.any.serviceworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.sharedworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.worker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
=====================================
toolkit/components/httpsonlyerror/content/errorpage.html
=====================================
@@ -67,6 +67,7 @@
<button
id="openInsecure"
data-l10n-id="about-httpsonly-button-continue-to-site"
+ inert
></button>
</div>
<div class="suggestion-box" hidden>
=====================================
toolkit/components/httpsonlyerror/content/errorpage.js
=====================================
@@ -34,6 +34,11 @@ function initPage() {
.getElementById("openInsecure")
.addEventListener("click", onOpenInsecureButtonClick);
+ const delay = RPMGetIntPref("security.dialog_enable_delay", 1000);
+ setTimeout(() => {
+ document.getElementById("openInsecure").removeAttribute("inert");
+ }, delay);
+
if (window.top == window) {
document
.getElementById("goBack")
=====================================
toolkit/components/search/OpenSearchEngine.sys.mjs
=====================================
@@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine {
lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec);
- var chan = lazy.SearchUtils.makeChannel(loadURI);
+ var chan = lazy.SearchUtils.makeChannel(
+ loadURI,
+ // OpenSearchEngine is loading a definition file for a search engine,
+ // TYPE_DOCUMENT captures that load best
+ Ci.nsIContentPolicy.TYPE_DOCUMENT
+ );
if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) {
var lastModified = this._engineToUpdate.getAttr("updatelastmodified");
=====================================
toolkit/components/search/SearchEngine.sys.mjs
=====================================
@@ -821,7 +821,10 @@ export class SearchEngine {
this._hasPreferredIcon = isPreferred;
};
- let chan = lazy.SearchUtils.makeChannel(uri);
+ let chan = lazy.SearchUtils.makeChannel(
+ uri,
+ Ci.nsIContentPolicy.TYPE_IMAGE
+ );
let listener = new lazy.SearchUtils.LoadListener(
chan,
/^image\//,
=====================================
toolkit/components/search/SearchUtils.sys.mjs
=====================================
@@ -248,19 +248,24 @@ export var SearchUtils = {
*
* @param {string|nsIURI} url
* The URL string from which to create an nsIChannel.
+ * @param {nsIContentPolicy} contentPolicyType
+ * The type of document being loaded.
* @returns {nsIChannel}
* an nsIChannel object, or null if the url is invalid.
*/
- makeChannel(url) {
+ makeChannel(url, contentPolicyType) {
+ if (!contentPolicyType) {
+ throw new Error("makeChannel called with invalid content policy type");
+ }
try {
let uri = typeof url == "string" ? Services.io.newURI(url) : url;
return Services.io.newChannelFromURI(
uri,
null /* loadingNode */,
- Services.scriptSecurityManager.getSystemPrincipal(),
+ Services.scriptSecurityManager.createNullPrincipal({}),
null /* triggeringPrincipal */,
Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
- Ci.nsIContentPolicy.TYPE_OTHER
+ contentPolicyType
);
} catch (ex) {}
=====================================
toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
=====================================
@@ -10,7 +10,7 @@ function handleRequest(request, response) {
response.setStatusLine("1.1", 302, "Moved");
if (request.queryString == "type=invalid") {
response.setHeader("Content-Type", "image/png", false);
- response.setHeader("Location", "engine.xml", false);
+ response.setHeader("Location", "/head_search.js", false);
} else {
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Location", "remoteIcon.ico", false);
=====================================
toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
=====================================
@@ -12,9 +12,11 @@ add_task(async function setup() {
});
add_task(async function test_installedresourceicon() {
+ // Attempts to load a resource:// url as an icon.
let engine1 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/resourceicon.xml`,
});
+ // Attempts to load a chrome:// url as an icon.
let engine2 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/chromeicon.xml`,
});
@@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() {
// The easiest way to test adding the icon is via a generated xml, otherwise
// we have to somehow insert the address of the server into it.
+ // Attempts to load a non-image page into an image icon.
let engine = await SearchTestUtils.promiseNewSearchEngine({
url:
`${gDataUrl}data/engineMaker.sjs?` +
JSON.stringify({
baseURL: gDataUrl,
- image: "opensearch/resourceicon.xml",
+ image: "head_search.js",
name: "invalidicon",
method: "GET",
}),
=====================================
toolkit/components/search/tests/xpcshell/test_webextensions_install.js
=====================================
@@ -5,6 +5,8 @@
const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils;
+let gBaseUrl;
+
async function getEngineNames() {
let engines = await Services.search.getEngines();
return engines.map(engine => engine._name);
@@ -13,6 +15,8 @@ async function getEngineNames() {
add_task(async function setup() {
let server = useHttpServer();
server.registerContentType("sjs", "sjs");
+ gBaseUrl = `http://localhost:${server.identity.primaryPort}/`;
+
await SearchTestUtils.useTestEngines("test-extensions");
await promiseStartupManager();
@@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() {
// User installs a new search engine
let extension = await SearchTestUtils.installSearchExtension(
{
- favicon_url: `${gDataUrl}engine.xml`,
+ favicon_url: `${gBaseUrl}/head_search.js`,
},
{ skipUnload: true }
);
=====================================
toolkit/modules/RemotePageAccessManager.sys.mjs
=====================================
@@ -66,6 +66,7 @@ export let RemotePageAccessManager = {
},
"about:httpsonlyerror": {
RPMGetFormatURLPref: ["app.support.baseURL"],
+ RPMGetIntPref: ["security.dialog_enable_delay"],
RPMSendAsyncMessage: ["goBack", "openInsecure"],
RPMAddMessageListener: ["WWWReachable"],
RPMTryPingSecureWWWLink: ["*"],
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/68…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/68…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard) 23 Oct '23
by richard (@richard) 23 Oct '23
23 Oct '23
richard pushed to branch base-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits:
b019f751 by Eden Chuang at 2023-10-23T12:34:34+00:00
Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D186431
- - - - -
15e6ab9a by edgul at 2023-10-23T12:34:34+00:00
Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D182373
- - - - -
198e936f by Kelsey Gilbert at 2023-10-23T12:34:35+00:00
Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond
We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.
Differential Revision: https://phabricator.services.mozilla.com/D188054
- - - - -
da8da0e5 by Mark Banner at 2023-10-23T12:34:35+00:00
Bug 1845752. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D186676
- - - - -
1665929f by Bob Owen at 2023-10-23T12:34:35+00:00
Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel
This also specializes ElementStreamFormat for bool.
Differential Revision: https://phabricator.services.mozilla.com/D187794
- - - - -
4528a947 by Malte Juergens at 2023-10-23T12:34:36+00:00
Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb
Differential Revision: https://phabricator.services.mozilla.com/D187887
- - - - -
251143c1 by Andreas Pehrson at 2023-10-23T12:34:36+00:00
Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt
Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.
Differential Revision: https://phabricator.services.mozilla.com/D187554
- - - - -
18 changed files:
- dom/cache/TypeUtils.cpp
- dom/canvas/WebGLContextExtensions.cpp
- dom/media/MediaTrackGraph.cpp
- dom/media/MediaTrackGraph.h
- gfx/2d/RecordedEventImpl.h
- gfx/2d/RecordingTypes.h
- netwerk/cookie/CookieCommons.cpp
- testing/web-platform/meta/cookies/name/name-ctl.html.ini
- − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini
- toolkit/components/httpsonlyerror/content/errorpage.html
- toolkit/components/httpsonlyerror/content/errorpage.js
- toolkit/components/search/OpenSearchEngine.sys.mjs
- toolkit/components/search/SearchEngine.sys.mjs
- toolkit/components/search/SearchUtils.sys.mjs
- toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
- toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
- toolkit/components/search/tests/xpcshell/test_webextensions_install.js
- toolkit/modules/RemotePageAccessManager.sys.mjs
Changes:
=====================================
dom/cache/TypeUtils.cpp
=====================================
@@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut,
aOut.statusText() = aIn.GetUnfilteredStatusText();
RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders();
MOZ_DIAGNOSTIC_ASSERT(headers);
- if (HasVaryStar(headers)) {
+ if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) {
aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header.");
return;
}
=====================================
dom/canvas/WebGLContextExtensions.cpp
=====================================
@@ -17,15 +17,10 @@
namespace mozilla {
const char* GetExtensionName(const WebGLExtensionID ext) {
- static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*>
- sExtensionNamesEnumeratedArray;
- static bool initialized = false;
-
- if (!initialized) {
- initialized = true;
-
+ switch (ext) {
#define WEBGL_EXTENSION_IDENTIFIER(x) \
- sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x;
+ case WebGLExtensionID::x: \
+ return #x;
WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays)
WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax)
@@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) {
WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex)
#undef WEBGL_EXTENSION_IDENTIFIER
- }
- return sExtensionNamesEnumeratedArray[ext];
+ case WebGLExtensionID::Max:
+ break;
+ }
+ MOZ_CRASH("bad WebGLExtensionID");
}
// ----------------------------
=====================================
dom/media/MediaTrackGraph.cpp
=====================================
@@ -145,6 +145,27 @@ class GraphKey final {
nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs;
} // anonymous namespace
+static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode,
+ MediaSegment* aSegment,
+ MediaSegment* aRawSegment) {
+ if (aDisabledMode == DisabledTrackMode::ENABLED) {
+ return;
+ }
+ if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
+ aSegment->ReplaceWithDisabled();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithDisabled();
+ }
+ } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
+ aSegment->ReplaceWithNull();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithNull();
+ }
+ } else {
+ MOZ_CRASH("Unsupported mode");
+ }
+}
+
MediaTrackGraphImpl::~MediaTrackGraphImpl() {
MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(),
"All tracks should have been destroyed by messages from the main "
@@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener(
void MediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
// Base implementation, for tracks that don't support direct track listeners.
RefPtr<DirectMediaTrackListener> listener = aListener;
listener->NotifyDirectListenerInstalled(
@@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates(
}
void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MOZ_DIAGNOSTIC_ASSERT(
aMode == DisabledTrackMode::ENABLED ||
mDisabledMode == DisabledTrackMode::ENABLED,
@@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) {
void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment,
MediaSegment* aRawSegment) {
- if (mDisabledMode == DisabledTrackMode::ENABLED) {
- return;
- }
- if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
- aSegment->ReplaceWithDisabled();
- if (aRawSegment) {
- aRawSegment->ReplaceWithDisabled();
- }
- } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
- aSegment->ReplaceWithNull();
- if (aRawSegment) {
- aRawSegment->ReplaceWithNull();
- }
- } else {
- MOZ_CRASH("Unsupported mode");
- }
+ MOZ_ASSERT(mGraph->OnGraphThread());
+ mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment);
}
void MediaTrack::AddMainThreadListener(
@@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment,
// Apply track disabling before notifying any consumers directly
// or inserting into the graph
- ApplyTrackDisabling(aSegment, aRawSegment);
+ mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment);
ResampleAudioToGraphSampleRate(aSegment);
@@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) {
void SourceMediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MutexAutoLock lock(mMutex);
RefPtr<DirectMediaTrackListener> listener = aListener;
@@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl(
void SourceMediaTrack::RemoveDirectListenerImpl(
DirectMediaTrackListener* aListener) {
+ mGraph->AssertOnGraphThreadOrNotRunning();
MutexAutoLock lock(mMutex);
for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) {
const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i];
@@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() {
}
void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
{
MutexAutoLock lock(mMutex);
+ const DisabledTrackMode oldMode = mDirectDisabledMode;
+ const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
+ const bool enabled = aMode == DisabledTrackMode::ENABLED;
+ mDirectDisabledMode = aMode;
for (const auto& l : mDirectTrackListeners) {
- DisabledTrackMode oldMode = mDisabledMode;
- bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
- if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) {
+ if (!oldEnabled && enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener enabled",
GraphImpl(), this));
l->DecreaseDisabled(oldMode);
- } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) {
+ } else if (oldEnabled && !enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener disabled",
GraphImpl(), this));
=====================================
dom/media/MediaTrackGraph.h
=====================================
@@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack {
*/
void End();
- // Overriding allows us to hold the mMutex lock while changing the track
- // enable status
void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override;
- // Overriding allows us to ensure mMutex is locked while changing the track
- // enable status
- void ApplyTrackDisabling(MediaSegment* aSegment,
- MediaSegment* aRawSegment = nullptr) override {
- mMutex.AssertCurrentThreadOwns();
- MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment);
- }
-
uint32_t NumberOfChannels() const override;
void RemoveAllDirectListenersImpl() override;
@@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack {
// protected by mMutex
float mVolume MOZ_GUARDED_BY(mMutex) = 1.0;
UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex);
+ // This track's associated disabled mode for uses on the producing thread.
+ // It can either by disabled by frames being replaced by black, or by
+ // retaining the previous frame.
+ DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) =
+ DisabledTrackMode::ENABLED;
nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners
MOZ_GUARDED_BY(mMutex);
};
=====================================
gfx/2d/RecordedEventImpl.h
=====================================
@@ -65,7 +65,7 @@ class RecordedDrawTargetCreation
BackendType mBackendType;
IntRect mRect;
SurfaceFormat mFormat;
- bool mHasExistingData;
+ bool mHasExistingData = false;
RefPtr<SourceSurface> mExistingData;
private:
=====================================
gfx/2d/RecordingTypes.h
=====================================
@@ -24,6 +24,28 @@ struct ElementStreamFormat {
aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T));
}
};
+template <class S>
+struct ElementStreamFormat<S, bool> {
+ static void Write(S& aStream, const bool& aElement) {
+ char boolChar = aElement ? '\x01' : '\x00';
+ aStream.write(&boolChar, sizeof(boolChar));
+ }
+ static void Read(S& aStream, bool& aElement) {
+ char boolChar;
+ aStream.read(&boolChar, sizeof(boolChar));
+ switch (boolChar) {
+ case '\x00':
+ aElement = false;
+ break;
+ case '\x01':
+ aElement = true;
+ break;
+ default:
+ aStream.SetIsBad();
+ break;
+ }
+ }
+};
template <class S, class T>
void WriteElement(S& aStream, const T& aElement) {
=====================================
netwerk/cookie/CookieCommons.cpp
=====================================
@@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) {
bool CookieCommons::CheckName(const CookieStruct& aCookieData) {
const char illegalNameCharacters[] = {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
- 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00};
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00};
const auto* start = aCookieData.name().BeginReading();
const auto* end = aCookieData.name().EndReading();
=====================================
testing/web-platform/meta/cookies/name/name-ctl.html.ini
=====================================
@@ -11,36 +11,6 @@
[Cookie with %xd in name is rejected (DOM).]
expected: FAIL
- [Cookie with %x7f in name is rejected (DOM).]
- expected: FAIL
-
- [Cookie with %x0 in name is rejected or modified (HTTP).]
- expected: FAIL
-
- [Cookie with %x1 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x2 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x3 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x4 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x5 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x6 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x7 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x8 in name is rejected (HTTP).]
- expected: FAIL
-
[Cookie with %x9 in name is accepted (HTTP).]
expected: FAIL
=====================================
testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted
=====================================
@@ -1,26 +0,0 @@
-[cache-put.https.any.serviceworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.sharedworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.worker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
=====================================
toolkit/components/httpsonlyerror/content/errorpage.html
=====================================
@@ -67,6 +67,7 @@
<button
id="openInsecure"
data-l10n-id="about-httpsonly-button-continue-to-site"
+ inert
></button>
</div>
<div class="suggestion-box" hidden>
=====================================
toolkit/components/httpsonlyerror/content/errorpage.js
=====================================
@@ -34,6 +34,11 @@ function initPage() {
.getElementById("openInsecure")
.addEventListener("click", onOpenInsecureButtonClick);
+ const delay = RPMGetIntPref("security.dialog_enable_delay", 1000);
+ setTimeout(() => {
+ document.getElementById("openInsecure").removeAttribute("inert");
+ }, delay);
+
if (window.top == window) {
document
.getElementById("goBack")
=====================================
toolkit/components/search/OpenSearchEngine.sys.mjs
=====================================
@@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine {
lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec);
- var chan = lazy.SearchUtils.makeChannel(loadURI);
+ var chan = lazy.SearchUtils.makeChannel(
+ loadURI,
+ // OpenSearchEngine is loading a definition file for a search engine,
+ // TYPE_DOCUMENT captures that load best
+ Ci.nsIContentPolicy.TYPE_DOCUMENT
+ );
if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) {
var lastModified = this._engineToUpdate.getAttr("updatelastmodified");
=====================================
toolkit/components/search/SearchEngine.sys.mjs
=====================================
@@ -821,7 +821,10 @@ export class SearchEngine {
this._hasPreferredIcon = isPreferred;
};
- let chan = lazy.SearchUtils.makeChannel(uri);
+ let chan = lazy.SearchUtils.makeChannel(
+ uri,
+ Ci.nsIContentPolicy.TYPE_IMAGE
+ );
let listener = new lazy.SearchUtils.LoadListener(
chan,
/^image\//,
=====================================
toolkit/components/search/SearchUtils.sys.mjs
=====================================
@@ -248,19 +248,24 @@ export var SearchUtils = {
*
* @param {string|nsIURI} url
* The URL string from which to create an nsIChannel.
+ * @param {nsIContentPolicy} contentPolicyType
+ * The type of document being loaded.
* @returns {nsIChannel}
* an nsIChannel object, or null if the url is invalid.
*/
- makeChannel(url) {
+ makeChannel(url, contentPolicyType) {
+ if (!contentPolicyType) {
+ throw new Error("makeChannel called with invalid content policy type");
+ }
try {
let uri = typeof url == "string" ? Services.io.newURI(url) : url;
return Services.io.newChannelFromURI(
uri,
null /* loadingNode */,
- Services.scriptSecurityManager.getSystemPrincipal(),
+ Services.scriptSecurityManager.createNullPrincipal({}),
null /* triggeringPrincipal */,
Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
- Ci.nsIContentPolicy.TYPE_OTHER
+ contentPolicyType
);
} catch (ex) {}
=====================================
toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
=====================================
@@ -10,7 +10,7 @@ function handleRequest(request, response) {
response.setStatusLine("1.1", 302, "Moved");
if (request.queryString == "type=invalid") {
response.setHeader("Content-Type", "image/png", false);
- response.setHeader("Location", "engine.xml", false);
+ response.setHeader("Location", "/head_search.js", false);
} else {
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Location", "remoteIcon.ico", false);
=====================================
toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
=====================================
@@ -12,9 +12,11 @@ add_task(async function setup() {
});
add_task(async function test_installedresourceicon() {
+ // Attempts to load a resource:// url as an icon.
let engine1 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/resourceicon.xml`,
});
+ // Attempts to load a chrome:// url as an icon.
let engine2 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/chromeicon.xml`,
});
@@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() {
// The easiest way to test adding the icon is via a generated xml, otherwise
// we have to somehow insert the address of the server into it.
+ // Attempts to load a non-image page into an image icon.
let engine = await SearchTestUtils.promiseNewSearchEngine({
url:
`${gDataUrl}data/engineMaker.sjs?` +
JSON.stringify({
baseURL: gDataUrl,
- image: "opensearch/resourceicon.xml",
+ image: "head_search.js",
name: "invalidicon",
method: "GET",
}),
=====================================
toolkit/components/search/tests/xpcshell/test_webextensions_install.js
=====================================
@@ -5,6 +5,8 @@
const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils;
+let gBaseUrl;
+
async function getEngineNames() {
let engines = await Services.search.getEngines();
return engines.map(engine => engine._name);
@@ -13,6 +15,8 @@ async function getEngineNames() {
add_task(async function setup() {
let server = useHttpServer();
server.registerContentType("sjs", "sjs");
+ gBaseUrl = `http://localhost:${server.identity.primaryPort}/`;
+
await SearchTestUtils.useTestEngines("test-extensions");
await promiseStartupManager();
@@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() {
// User installs a new search engine
let extension = await SearchTestUtils.installSearchExtension(
{
- favicon_url: `${gDataUrl}engine.xml`,
+ favicon_url: `${gBaseUrl}/head_search.js`,
},
{ skipUnload: true }
);
=====================================
toolkit/modules/RemotePageAccessManager.sys.mjs
=====================================
@@ -66,6 +66,7 @@ export let RemotePageAccessManager = {
},
"about:httpsonlyerror": {
RPMGetFormatURLPref: ["app.support.baseURL"],
+ RPMGetIntPref: ["security.dialog_enable_delay"],
RPMSendAsyncMessage: ["goBack", "openInsecure"],
RPMAddMessageListener: ["WWWReachable"],
RPMTryPingSecureWWWLink: ["*"],
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f3701b…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f3701b…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard) 23 Oct '23
by richard (@richard) 23 Oct '23
23 Oct '23
richard pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits:
b4ecf06a by Eden Chuang at 2023-10-23T12:29:13+00:00
Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D186431
- - - - -
64bd0c0d by edgul at 2023-10-23T12:29:13+00:00
Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D182373
- - - - -
4ead76f7 by Kelsey Gilbert at 2023-10-23T12:29:14+00:00
Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond
We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.
Differential Revision: https://phabricator.services.mozilla.com/D188054
- - - - -
ce34aa4f by Mark Banner at 2023-10-23T12:29:14+00:00
Bug 1845752. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D186676
- - - - -
24a2f717 by Bob Owen at 2023-10-23T12:29:15+00:00
Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel
This also specializes ElementStreamFormat for bool.
Differential Revision: https://phabricator.services.mozilla.com/D187794
- - - - -
b41e1ac5 by Malte Juergens at 2023-10-23T12:29:15+00:00
Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb
Differential Revision: https://phabricator.services.mozilla.com/D187887
- - - - -
5d1936d6 by Andreas Pehrson at 2023-10-23T12:29:15+00:00
Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt
Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.
Differential Revision: https://phabricator.services.mozilla.com/D187554
- - - - -
18 changed files:
- dom/cache/TypeUtils.cpp
- dom/canvas/WebGLContextExtensions.cpp
- dom/media/MediaTrackGraph.cpp
- dom/media/MediaTrackGraph.h
- gfx/2d/RecordedEventImpl.h
- gfx/2d/RecordingTypes.h
- netwerk/cookie/CookieCommons.cpp
- testing/web-platform/meta/cookies/name/name-ctl.html.ini
- − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini
- toolkit/components/httpsonlyerror/content/errorpage.html
- toolkit/components/httpsonlyerror/content/errorpage.js
- toolkit/components/search/OpenSearchEngine.sys.mjs
- toolkit/components/search/SearchEngine.sys.mjs
- toolkit/components/search/SearchUtils.sys.mjs
- toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
- toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
- toolkit/components/search/tests/xpcshell/test_webextensions_install.js
- toolkit/modules/RemotePageAccessManager.sys.mjs
Changes:
=====================================
dom/cache/TypeUtils.cpp
=====================================
@@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut,
aOut.statusText() = aIn.GetUnfilteredStatusText();
RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders();
MOZ_DIAGNOSTIC_ASSERT(headers);
- if (HasVaryStar(headers)) {
+ if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) {
aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header.");
return;
}
=====================================
dom/canvas/WebGLContextExtensions.cpp
=====================================
@@ -17,15 +17,10 @@
namespace mozilla {
const char* GetExtensionName(const WebGLExtensionID ext) {
- static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*>
- sExtensionNamesEnumeratedArray;
- static bool initialized = false;
-
- if (!initialized) {
- initialized = true;
-
+ switch (ext) {
#define WEBGL_EXTENSION_IDENTIFIER(x) \
- sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x;
+ case WebGLExtensionID::x: \
+ return #x;
WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays)
WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax)
@@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) {
WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex)
#undef WEBGL_EXTENSION_IDENTIFIER
- }
- return sExtensionNamesEnumeratedArray[ext];
+ case WebGLExtensionID::Max:
+ break;
+ }
+ MOZ_CRASH("bad WebGLExtensionID");
}
// ----------------------------
=====================================
dom/media/MediaTrackGraph.cpp
=====================================
@@ -145,6 +145,27 @@ class GraphKey final {
nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs;
} // anonymous namespace
+static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode,
+ MediaSegment* aSegment,
+ MediaSegment* aRawSegment) {
+ if (aDisabledMode == DisabledTrackMode::ENABLED) {
+ return;
+ }
+ if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
+ aSegment->ReplaceWithDisabled();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithDisabled();
+ }
+ } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
+ aSegment->ReplaceWithNull();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithNull();
+ }
+ } else {
+ MOZ_CRASH("Unsupported mode");
+ }
+}
+
MediaTrackGraphImpl::~MediaTrackGraphImpl() {
MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(),
"All tracks should have been destroyed by messages from the main "
@@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener(
void MediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
// Base implementation, for tracks that don't support direct track listeners.
RefPtr<DirectMediaTrackListener> listener = aListener;
listener->NotifyDirectListenerInstalled(
@@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates(
}
void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MOZ_DIAGNOSTIC_ASSERT(
aMode == DisabledTrackMode::ENABLED ||
mDisabledMode == DisabledTrackMode::ENABLED,
@@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) {
void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment,
MediaSegment* aRawSegment) {
- if (mDisabledMode == DisabledTrackMode::ENABLED) {
- return;
- }
- if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
- aSegment->ReplaceWithDisabled();
- if (aRawSegment) {
- aRawSegment->ReplaceWithDisabled();
- }
- } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
- aSegment->ReplaceWithNull();
- if (aRawSegment) {
- aRawSegment->ReplaceWithNull();
- }
- } else {
- MOZ_CRASH("Unsupported mode");
- }
+ MOZ_ASSERT(mGraph->OnGraphThread());
+ mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment);
}
void MediaTrack::AddMainThreadListener(
@@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment,
// Apply track disabling before notifying any consumers directly
// or inserting into the graph
- ApplyTrackDisabling(aSegment, aRawSegment);
+ mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment);
ResampleAudioToGraphSampleRate(aSegment);
@@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) {
void SourceMediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MutexAutoLock lock(mMutex);
RefPtr<DirectMediaTrackListener> listener = aListener;
@@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl(
void SourceMediaTrack::RemoveDirectListenerImpl(
DirectMediaTrackListener* aListener) {
+ mGraph->AssertOnGraphThreadOrNotRunning();
MutexAutoLock lock(mMutex);
for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) {
const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i];
@@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() {
}
void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
{
MutexAutoLock lock(mMutex);
+ const DisabledTrackMode oldMode = mDirectDisabledMode;
+ const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
+ const bool enabled = aMode == DisabledTrackMode::ENABLED;
+ mDirectDisabledMode = aMode;
for (const auto& l : mDirectTrackListeners) {
- DisabledTrackMode oldMode = mDisabledMode;
- bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
- if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) {
+ if (!oldEnabled && enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener enabled",
GraphImpl(), this));
l->DecreaseDisabled(oldMode);
- } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) {
+ } else if (oldEnabled && !enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener disabled",
GraphImpl(), this));
=====================================
dom/media/MediaTrackGraph.h
=====================================
@@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack {
*/
void End();
- // Overriding allows us to hold the mMutex lock while changing the track
- // enable status
void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override;
- // Overriding allows us to ensure mMutex is locked while changing the track
- // enable status
- void ApplyTrackDisabling(MediaSegment* aSegment,
- MediaSegment* aRawSegment = nullptr) override {
- mMutex.AssertCurrentThreadOwns();
- MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment);
- }
-
uint32_t NumberOfChannels() const override;
void RemoveAllDirectListenersImpl() override;
@@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack {
// protected by mMutex
float mVolume MOZ_GUARDED_BY(mMutex) = 1.0;
UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex);
+ // This track's associated disabled mode for uses on the producing thread.
+ // It can either by disabled by frames being replaced by black, or by
+ // retaining the previous frame.
+ DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) =
+ DisabledTrackMode::ENABLED;
nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners
MOZ_GUARDED_BY(mMutex);
};
=====================================
gfx/2d/RecordedEventImpl.h
=====================================
@@ -65,7 +65,7 @@ class RecordedDrawTargetCreation
BackendType mBackendType;
IntRect mRect;
SurfaceFormat mFormat;
- bool mHasExistingData;
+ bool mHasExistingData = false;
RefPtr<SourceSurface> mExistingData;
private:
=====================================
gfx/2d/RecordingTypes.h
=====================================
@@ -24,6 +24,28 @@ struct ElementStreamFormat {
aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T));
}
};
+template <class S>
+struct ElementStreamFormat<S, bool> {
+ static void Write(S& aStream, const bool& aElement) {
+ char boolChar = aElement ? '\x01' : '\x00';
+ aStream.write(&boolChar, sizeof(boolChar));
+ }
+ static void Read(S& aStream, bool& aElement) {
+ char boolChar;
+ aStream.read(&boolChar, sizeof(boolChar));
+ switch (boolChar) {
+ case '\x00':
+ aElement = false;
+ break;
+ case '\x01':
+ aElement = true;
+ break;
+ default:
+ aStream.SetIsBad();
+ break;
+ }
+ }
+};
template <class S, class T>
void WriteElement(S& aStream, const T& aElement) {
=====================================
netwerk/cookie/CookieCommons.cpp
=====================================
@@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) {
bool CookieCommons::CheckName(const CookieStruct& aCookieData) {
const char illegalNameCharacters[] = {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
- 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00};
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00};
const auto* start = aCookieData.name().BeginReading();
const auto* end = aCookieData.name().EndReading();
=====================================
testing/web-platform/meta/cookies/name/name-ctl.html.ini
=====================================
@@ -11,36 +11,6 @@
[Cookie with %xd in name is rejected (DOM).]
expected: FAIL
- [Cookie with %x7f in name is rejected (DOM).]
- expected: FAIL
-
- [Cookie with %x0 in name is rejected or modified (HTTP).]
- expected: FAIL
-
- [Cookie with %x1 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x2 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x3 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x4 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x5 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x6 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x7 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x8 in name is rejected (HTTP).]
- expected: FAIL
-
[Cookie with %x9 in name is accepted (HTTP).]
expected: FAIL
=====================================
testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted
=====================================
@@ -1,26 +0,0 @@
-[cache-put.https.any.serviceworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.sharedworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.worker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
=====================================
toolkit/components/httpsonlyerror/content/errorpage.html
=====================================
@@ -67,6 +67,7 @@
<button
id="openInsecure"
data-l10n-id="about-httpsonly-button-continue-to-site"
+ inert
></button>
</div>
<div class="suggestion-box" hidden>
=====================================
toolkit/components/httpsonlyerror/content/errorpage.js
=====================================
@@ -34,6 +34,11 @@ function initPage() {
.getElementById("openInsecure")
.addEventListener("click", onOpenInsecureButtonClick);
+ const delay = RPMGetIntPref("security.dialog_enable_delay", 1000);
+ setTimeout(() => {
+ document.getElementById("openInsecure").removeAttribute("inert");
+ }, delay);
+
if (window.top == window) {
document
.getElementById("goBack")
=====================================
toolkit/components/search/OpenSearchEngine.sys.mjs
=====================================
@@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine {
lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec);
- var chan = lazy.SearchUtils.makeChannel(loadURI);
+ var chan = lazy.SearchUtils.makeChannel(
+ loadURI,
+ // OpenSearchEngine is loading a definition file for a search engine,
+ // TYPE_DOCUMENT captures that load best
+ Ci.nsIContentPolicy.TYPE_DOCUMENT
+ );
if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) {
var lastModified = this._engineToUpdate.getAttr("updatelastmodified");
=====================================
toolkit/components/search/SearchEngine.sys.mjs
=====================================
@@ -821,7 +821,10 @@ export class SearchEngine {
this._hasPreferredIcon = isPreferred;
};
- let chan = lazy.SearchUtils.makeChannel(uri);
+ let chan = lazy.SearchUtils.makeChannel(
+ uri,
+ Ci.nsIContentPolicy.TYPE_IMAGE
+ );
let listener = new lazy.SearchUtils.LoadListener(
chan,
/^image\//,
=====================================
toolkit/components/search/SearchUtils.sys.mjs
=====================================
@@ -248,19 +248,24 @@ export var SearchUtils = {
*
* @param {string|nsIURI} url
* The URL string from which to create an nsIChannel.
+ * @param {nsIContentPolicy} contentPolicyType
+ * The type of document being loaded.
* @returns {nsIChannel}
* an nsIChannel object, or null if the url is invalid.
*/
- makeChannel(url) {
+ makeChannel(url, contentPolicyType) {
+ if (!contentPolicyType) {
+ throw new Error("makeChannel called with invalid content policy type");
+ }
try {
let uri = typeof url == "string" ? Services.io.newURI(url) : url;
return Services.io.newChannelFromURI(
uri,
null /* loadingNode */,
- Services.scriptSecurityManager.getSystemPrincipal(),
+ Services.scriptSecurityManager.createNullPrincipal({}),
null /* triggeringPrincipal */,
Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
- Ci.nsIContentPolicy.TYPE_OTHER
+ contentPolicyType
);
} catch (ex) {}
=====================================
toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
=====================================
@@ -10,7 +10,7 @@ function handleRequest(request, response) {
response.setStatusLine("1.1", 302, "Moved");
if (request.queryString == "type=invalid") {
response.setHeader("Content-Type", "image/png", false);
- response.setHeader("Location", "engine.xml", false);
+ response.setHeader("Location", "/head_search.js", false);
} else {
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Location", "remoteIcon.ico", false);
=====================================
toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
=====================================
@@ -12,9 +12,11 @@ add_task(async function setup() {
});
add_task(async function test_installedresourceicon() {
+ // Attempts to load a resource:// url as an icon.
let engine1 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/resourceicon.xml`,
});
+ // Attempts to load a chrome:// url as an icon.
let engine2 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/chromeicon.xml`,
});
@@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() {
// The easiest way to test adding the icon is via a generated xml, otherwise
// we have to somehow insert the address of the server into it.
+ // Attempts to load a non-image page into an image icon.
let engine = await SearchTestUtils.promiseNewSearchEngine({
url:
`${gDataUrl}data/engineMaker.sjs?` +
JSON.stringify({
baseURL: gDataUrl,
- image: "opensearch/resourceicon.xml",
+ image: "head_search.js",
name: "invalidicon",
method: "GET",
}),
=====================================
toolkit/components/search/tests/xpcshell/test_webextensions_install.js
=====================================
@@ -5,6 +5,8 @@
const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils;
+let gBaseUrl;
+
async function getEngineNames() {
let engines = await Services.search.getEngines();
return engines.map(engine => engine._name);
@@ -13,6 +15,8 @@ async function getEngineNames() {
add_task(async function setup() {
let server = useHttpServer();
server.registerContentType("sjs", "sjs");
+ gBaseUrl = `http://localhost:${server.identity.primaryPort}/`;
+
await SearchTestUtils.useTestEngines("test-extensions");
await promiseStartupManager();
@@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() {
// User installs a new search engine
let extension = await SearchTestUtils.installSearchExtension(
{
- favicon_url: `${gDataUrl}engine.xml`,
+ favicon_url: `${gBaseUrl}/head_search.js`,
},
{ skipUnload: true }
);
=====================================
toolkit/modules/RemotePageAccessManager.sys.mjs
=====================================
@@ -66,6 +66,7 @@ export let RemotePageAccessManager = {
},
"about:httpsonlyerror": {
RPMGetFormatURLPref: ["app.support.baseURL"],
+ RPMGetIntPref: ["security.dialog_enable_delay"],
RPMSendAsyncMessage: ["goBack", "openInsecure"],
RPMAddMessageListener: ["WWWReachable"],
RPMTryPingSecureWWWLink: ["*"],
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8982a3…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8982a3…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.0-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard) 23 Oct '23
by richard (@richard) 23 Oct '23
23 Oct '23
richard pushed to branch mullvad-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser
Commits:
00e0b1d4 by Eden Chuang at 2023-10-23T12:18:47+00:00
Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth
Differential Revision: https://phabricator.services.mozilla.com/D186431
- - - - -
19e02723 by edgul at 2023-10-23T12:18:48+00:00
Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D182373
- - - - -
18e737f2 by Kelsey Gilbert at 2023-10-23T12:18:48+00:00
Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond
We could do non-racy static init here (e.g. with a static initializer
self-calling-closure), but there doesn't seem to be a strong reason for
this. Let's just use a switch and get robustness from -Werror=switch.
Differential Revision: https://phabricator.services.mozilla.com/D188054
- - - - -
57c1d25a by Mark Banner at 2023-10-23T12:18:48+00:00
Bug 1845752. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D186676
- - - - -
cc34ac65 by Bob Owen at 2023-10-23T12:18:49+00:00
Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel
This also specializes ElementStreamFormat for bool.
Differential Revision: https://phabricator.services.mozilla.com/D187794
- - - - -
75377f78 by Malte Juergens at 2023-10-23T12:18:49+00:00
Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb
Differential Revision: https://phabricator.services.mozilla.com/D187887
- - - - -
d366918b by Andreas Pehrson at 2023-10-23T12:18:49+00:00
Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt
Similar to MediaTrack::mDisabledMode, but this is for uses on the
SourceMediaTrack producer thread. It is still signaled via a control message
from the control thread to maintain order of operations, and is protected by the
SourceMediaTrack mutex.
Differential Revision: https://phabricator.services.mozilla.com/D187554
- - - - -
18 changed files:
- dom/cache/TypeUtils.cpp
- dom/canvas/WebGLContextExtensions.cpp
- dom/media/MediaTrackGraph.cpp
- dom/media/MediaTrackGraph.h
- gfx/2d/RecordedEventImpl.h
- gfx/2d/RecordingTypes.h
- netwerk/cookie/CookieCommons.cpp
- testing/web-platform/meta/cookies/name/name-ctl.html.ini
- − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini
- toolkit/components/httpsonlyerror/content/errorpage.html
- toolkit/components/httpsonlyerror/content/errorpage.js
- toolkit/components/search/OpenSearchEngine.sys.mjs
- toolkit/components/search/SearchEngine.sys.mjs
- toolkit/components/search/SearchUtils.sys.mjs
- toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
- toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
- toolkit/components/search/tests/xpcshell/test_webextensions_install.js
- toolkit/modules/RemotePageAccessManager.sys.mjs
Changes:
=====================================
dom/cache/TypeUtils.cpp
=====================================
@@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut,
aOut.statusText() = aIn.GetUnfilteredStatusText();
RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders();
MOZ_DIAGNOSTIC_ASSERT(headers);
- if (HasVaryStar(headers)) {
+ if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) {
aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header.");
return;
}
=====================================
dom/canvas/WebGLContextExtensions.cpp
=====================================
@@ -17,15 +17,10 @@
namespace mozilla {
const char* GetExtensionName(const WebGLExtensionID ext) {
- static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*>
- sExtensionNamesEnumeratedArray;
- static bool initialized = false;
-
- if (!initialized) {
- initialized = true;
-
+ switch (ext) {
#define WEBGL_EXTENSION_IDENTIFIER(x) \
- sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x;
+ case WebGLExtensionID::x: \
+ return #x;
WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays)
WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax)
@@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) {
WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex)
#undef WEBGL_EXTENSION_IDENTIFIER
- }
- return sExtensionNamesEnumeratedArray[ext];
+ case WebGLExtensionID::Max:
+ break;
+ }
+ MOZ_CRASH("bad WebGLExtensionID");
}
// ----------------------------
=====================================
dom/media/MediaTrackGraph.cpp
=====================================
@@ -145,6 +145,27 @@ class GraphKey final {
nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs;
} // anonymous namespace
+static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode,
+ MediaSegment* aSegment,
+ MediaSegment* aRawSegment) {
+ if (aDisabledMode == DisabledTrackMode::ENABLED) {
+ return;
+ }
+ if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
+ aSegment->ReplaceWithDisabled();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithDisabled();
+ }
+ } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
+ aSegment->ReplaceWithNull();
+ if (aRawSegment) {
+ aRawSegment->ReplaceWithNull();
+ }
+ } else {
+ MOZ_CRASH("Unsupported mode");
+ }
+}
+
MediaTrackGraphImpl::~MediaTrackGraphImpl() {
MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(),
"All tracks should have been destroyed by messages from the main "
@@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener(
void MediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
// Base implementation, for tracks that don't support direct track listeners.
RefPtr<DirectMediaTrackListener> listener = aListener;
listener->NotifyDirectListenerInstalled(
@@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates(
}
void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MOZ_DIAGNOSTIC_ASSERT(
aMode == DisabledTrackMode::ENABLED ||
mDisabledMode == DisabledTrackMode::ENABLED,
@@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) {
void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment,
MediaSegment* aRawSegment) {
- if (mDisabledMode == DisabledTrackMode::ENABLED) {
- return;
- }
- if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) {
- aSegment->ReplaceWithDisabled();
- if (aRawSegment) {
- aRawSegment->ReplaceWithDisabled();
- }
- } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) {
- aSegment->ReplaceWithNull();
- if (aRawSegment) {
- aRawSegment->ReplaceWithNull();
- }
- } else {
- MOZ_CRASH("Unsupported mode");
- }
+ MOZ_ASSERT(mGraph->OnGraphThread());
+ mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment);
}
void MediaTrack::AddMainThreadListener(
@@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment,
// Apply track disabling before notifying any consumers directly
// or inserting into the graph
- ApplyTrackDisabling(aSegment, aRawSegment);
+ mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment);
ResampleAudioToGraphSampleRate(aSegment);
@@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) {
void SourceMediaTrack::AddDirectListenerImpl(
already_AddRefed<DirectMediaTrackListener> aListener) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
MutexAutoLock lock(mMutex);
RefPtr<DirectMediaTrackListener> listener = aListener;
@@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl(
void SourceMediaTrack::RemoveDirectListenerImpl(
DirectMediaTrackListener* aListener) {
+ mGraph->AssertOnGraphThreadOrNotRunning();
MutexAutoLock lock(mMutex);
for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) {
const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i];
@@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() {
}
void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) {
+ MOZ_ASSERT(mGraph->OnGraphThread());
{
MutexAutoLock lock(mMutex);
+ const DisabledTrackMode oldMode = mDirectDisabledMode;
+ const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
+ const bool enabled = aMode == DisabledTrackMode::ENABLED;
+ mDirectDisabledMode = aMode;
for (const auto& l : mDirectTrackListeners) {
- DisabledTrackMode oldMode = mDisabledMode;
- bool oldEnabled = oldMode == DisabledTrackMode::ENABLED;
- if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) {
+ if (!oldEnabled && enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener enabled",
GraphImpl(), this));
l->DecreaseDisabled(oldMode);
- } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) {
+ } else if (oldEnabled && !enabled) {
LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting "
"direct listener disabled",
GraphImpl(), this));
=====================================
dom/media/MediaTrackGraph.h
=====================================
@@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack {
*/
void End();
- // Overriding allows us to hold the mMutex lock while changing the track
- // enable status
void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override;
- // Overriding allows us to ensure mMutex is locked while changing the track
- // enable status
- void ApplyTrackDisabling(MediaSegment* aSegment,
- MediaSegment* aRawSegment = nullptr) override {
- mMutex.AssertCurrentThreadOwns();
- MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment);
- }
-
uint32_t NumberOfChannels() const override;
void RemoveAllDirectListenersImpl() override;
@@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack {
// protected by mMutex
float mVolume MOZ_GUARDED_BY(mMutex) = 1.0;
UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex);
+ // This track's associated disabled mode for uses on the producing thread.
+ // It can either by disabled by frames being replaced by black, or by
+ // retaining the previous frame.
+ DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) =
+ DisabledTrackMode::ENABLED;
nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners
MOZ_GUARDED_BY(mMutex);
};
=====================================
gfx/2d/RecordedEventImpl.h
=====================================
@@ -65,7 +65,7 @@ class RecordedDrawTargetCreation
BackendType mBackendType;
IntRect mRect;
SurfaceFormat mFormat;
- bool mHasExistingData;
+ bool mHasExistingData = false;
RefPtr<SourceSurface> mExistingData;
private:
=====================================
gfx/2d/RecordingTypes.h
=====================================
@@ -24,6 +24,28 @@ struct ElementStreamFormat {
aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T));
}
};
+template <class S>
+struct ElementStreamFormat<S, bool> {
+ static void Write(S& aStream, const bool& aElement) {
+ char boolChar = aElement ? '\x01' : '\x00';
+ aStream.write(&boolChar, sizeof(boolChar));
+ }
+ static void Read(S& aStream, bool& aElement) {
+ char boolChar;
+ aStream.read(&boolChar, sizeof(boolChar));
+ switch (boolChar) {
+ case '\x00':
+ aElement = false;
+ break;
+ case '\x01':
+ aElement = true;
+ break;
+ default:
+ aStream.SetIsBad();
+ break;
+ }
+ }
+};
template <class S, class T>
void WriteElement(S& aStream, const T& aElement) {
=====================================
netwerk/cookie/CookieCommons.cpp
=====================================
@@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) {
bool CookieCommons::CheckName(const CookieStruct& aCookieData) {
const char illegalNameCharacters[] = {
- 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
- 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
- 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00};
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00};
const auto* start = aCookieData.name().BeginReading();
const auto* end = aCookieData.name().EndReading();
=====================================
testing/web-platform/meta/cookies/name/name-ctl.html.ini
=====================================
@@ -11,36 +11,6 @@
[Cookie with %xd in name is rejected (DOM).]
expected: FAIL
- [Cookie with %x7f in name is rejected (DOM).]
- expected: FAIL
-
- [Cookie with %x0 in name is rejected or modified (HTTP).]
- expected: FAIL
-
- [Cookie with %x1 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x2 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x3 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x4 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x5 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x6 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x7 in name is rejected (HTTP).]
- expected: FAIL
-
- [Cookie with %x8 in name is rejected (HTTP).]
- expected: FAIL
-
[Cookie with %x9 in name is accepted (HTTP).]
expected: FAIL
=====================================
testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted
=====================================
@@ -1,26 +0,0 @@
-[cache-put.https.any.serviceworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.sharedworker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
-
-
-[cache-put.https.any.worker.html]
- expected:
- if (os == "android") and fission: [OK, TIMEOUT]
- [Cache.put with a VARY:* opaque response should not reject]
- expected: FAIL
=====================================
toolkit/components/httpsonlyerror/content/errorpage.html
=====================================
@@ -67,6 +67,7 @@
<button
id="openInsecure"
data-l10n-id="about-httpsonly-button-continue-to-site"
+ inert
></button>
</div>
<div class="suggestion-box" hidden>
=====================================
toolkit/components/httpsonlyerror/content/errorpage.js
=====================================
@@ -34,6 +34,11 @@ function initPage() {
.getElementById("openInsecure")
.addEventListener("click", onOpenInsecureButtonClick);
+ const delay = RPMGetIntPref("security.dialog_enable_delay", 1000);
+ setTimeout(() => {
+ document.getElementById("openInsecure").removeAttribute("inert");
+ }, delay);
+
if (window.top == window) {
document
.getElementById("goBack")
=====================================
toolkit/components/search/OpenSearchEngine.sys.mjs
=====================================
@@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine {
lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec);
- var chan = lazy.SearchUtils.makeChannel(loadURI);
+ var chan = lazy.SearchUtils.makeChannel(
+ loadURI,
+ // OpenSearchEngine is loading a definition file for a search engine,
+ // TYPE_DOCUMENT captures that load best
+ Ci.nsIContentPolicy.TYPE_DOCUMENT
+ );
if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) {
var lastModified = this._engineToUpdate.getAttr("updatelastmodified");
=====================================
toolkit/components/search/SearchEngine.sys.mjs
=====================================
@@ -821,7 +821,10 @@ export class SearchEngine {
this._hasPreferredIcon = isPreferred;
};
- let chan = lazy.SearchUtils.makeChannel(uri);
+ let chan = lazy.SearchUtils.makeChannel(
+ uri,
+ Ci.nsIContentPolicy.TYPE_IMAGE
+ );
let listener = new lazy.SearchUtils.LoadListener(
chan,
/^image\//,
=====================================
toolkit/components/search/SearchUtils.sys.mjs
=====================================
@@ -248,19 +248,24 @@ export var SearchUtils = {
*
* @param {string|nsIURI} url
* The URL string from which to create an nsIChannel.
+ * @param {nsIContentPolicy} contentPolicyType
+ * The type of document being loaded.
* @returns {nsIChannel}
* an nsIChannel object, or null if the url is invalid.
*/
- makeChannel(url) {
+ makeChannel(url, contentPolicyType) {
+ if (!contentPolicyType) {
+ throw new Error("makeChannel called with invalid content policy type");
+ }
try {
let uri = typeof url == "string" ? Services.io.newURI(url) : url;
return Services.io.newChannelFromURI(
uri,
null /* loadingNode */,
- Services.scriptSecurityManager.getSystemPrincipal(),
+ Services.scriptSecurityManager.createNullPrincipal({}),
null /* triggeringPrincipal */,
Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
- Ci.nsIContentPolicy.TYPE_OTHER
+ contentPolicyType
);
} catch (ex) {}
=====================================
toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs
=====================================
@@ -10,7 +10,7 @@ function handleRequest(request, response) {
response.setStatusLine("1.1", 302, "Moved");
if (request.queryString == "type=invalid") {
response.setHeader("Content-Type", "image/png", false);
- response.setHeader("Location", "engine.xml", false);
+ response.setHeader("Location", "/head_search.js", false);
} else {
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Location", "remoteIcon.ico", false);
=====================================
toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js
=====================================
@@ -12,9 +12,11 @@ add_task(async function setup() {
});
add_task(async function test_installedresourceicon() {
+ // Attempts to load a resource:// url as an icon.
let engine1 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/resourceicon.xml`,
});
+ // Attempts to load a chrome:// url as an icon.
let engine2 = await SearchTestUtils.promiseNewSearchEngine({
url: `${gDataUrl}opensearch/chromeicon.xml`,
});
@@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() {
// The easiest way to test adding the icon is via a generated xml, otherwise
// we have to somehow insert the address of the server into it.
+ // Attempts to load a non-image page into an image icon.
let engine = await SearchTestUtils.promiseNewSearchEngine({
url:
`${gDataUrl}data/engineMaker.sjs?` +
JSON.stringify({
baseURL: gDataUrl,
- image: "opensearch/resourceicon.xml",
+ image: "head_search.js",
name: "invalidicon",
method: "GET",
}),
=====================================
toolkit/components/search/tests/xpcshell/test_webextensions_install.js
=====================================
@@ -5,6 +5,8 @@
const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils;
+let gBaseUrl;
+
async function getEngineNames() {
let engines = await Services.search.getEngines();
return engines.map(engine => engine._name);
@@ -13,6 +15,8 @@ async function getEngineNames() {
add_task(async function setup() {
let server = useHttpServer();
server.registerContentType("sjs", "sjs");
+ gBaseUrl = `http://localhost:${server.identity.primaryPort}/`;
+
await SearchTestUtils.useTestEngines("test-extensions");
await promiseStartupManager();
@@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() {
// User installs a new search engine
let extension = await SearchTestUtils.installSearchExtension(
{
- favicon_url: `${gDataUrl}engine.xml`,
+ favicon_url: `${gBaseUrl}/head_search.js`,
},
{ skipUnload: true }
);
=====================================
toolkit/modules/RemotePageAccessManager.sys.mjs
=====================================
@@ -66,6 +66,7 @@ export let RemotePageAccessManager = {
},
"about:httpsonlyerror": {
RPMGetFormatURLPref: ["app.support.baseURL"],
+ RPMGetIntPref: ["security.dialog_enable_delay"],
RPMSendAsyncMessage: ["goBack", "openInsecure"],
RPMAddMessageListener: ["WWWReachable"],
RPMTryPingSecureWWWLink: ["*"],
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/78…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/78…
You're receiving this email because of your account on gitlab.torproject.org.
1
0