- tbb-commits - lists.torproject.org

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 12620: TorBrowser regression tests
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 5a41d164fe320767afd821d4cbf499a39c781925 Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Aug 27 16:25:00 2014 -0700 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. --- run-tbb-tests | 66 +++++++++++++++++++++++++++++++++++ tbb-tests-ignore.txt | 13 +++++++ tbb-tests/browser.ini | 5 +++ tbb-tests/browser_tor_TB4.js | 35 +++++++++++++++++++ tbb-tests/browser_tor_bug2950.js | 74 ++++++++++++++++++++++++++++++++++++++++ tbb-tests/mochitest.ini | 3 ++ tbb-tests/moz.build | 10 ++++++ tbb-tests/test_tor_bug2874.html | 25 ++++++++++++++ toolkit/toolkit.mozbuild | 3 +- 9 files changed, 233 insertions(+), 1 deletion(-) diff --git a/run-tbb-tests b/run-tbb-tests new file mode 100755 index 000000000000..bc09839f9f05 --- /dev/null +++ b/run-tbb-tests @@ -0,0 +1,66 @@ +#!/bin/bash + +# This script runs all the Mochitest tests that have been added or +# modified since the last ffxbld commit. +# +# It does not currently run XPCShell tests. We should change this if we +# start using this type or other types of tests. +# +# The logs of the tests are stored in the tbb-tests.log file. +# Ignored tests are listed in the tbb-tests-ignore.txt file. +# +# https://trac.torproject.org/projects/tor/ticket/18923 + +IFS=$'\n' + +if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ] +then + echo "Using tests list from file tbb-tests-list.txt" + tests=($(cat tbb-tests-list.txt)) +else + ffxbld_commit=$(git log -500 --format='oneline' | grep "TB3: Tor Browser's official .mozconfigs." \ + | head -1 | cut -d ' ' -f 1) + + tests=($(git diff --name-status "$ffxbld_commit" HEAD | \ + grep -e '^[AM].*/test_[^/]\+\.$html\|xul$$' \ + -e '^[AM].*/browser_[^/]\+\.js$' \ + | sed 's/^[AM]\s\+//')) +fi + +echo 'The following tests will be run:' +for i in "${!tests[@]}" +do + if [ -z "$USE_TESTS_LIST" ] \ + && grep -q "^${tests[$i]}$" tbb-tests-ignore.txt + then + unset "tests[$i]" + continue + fi + echo "- ${tests[$i]}" +done + +if [ -n "$WRITE_TESTS_LIST" ] +then + rm -f tbb-tests-list.txt + for i in "${!tests[@]}" + do + echo "${tests[$i]}" >> tbb-tests-list.txt + done + exit 0 +fi + +rm -f tbb-tests.log +echo $'\n''Starting tests' +# We need `security.nocertdb = false` because of #18087. That pref is +# forced to have the same value as `browser.privatebrowsing.autostart` in +# torbutton, so we just set `browser.privatebrowsing.autostart=false` here. +./mach mochitest --log-tbpl tbb-tests.log \ + --setpref network.file.path_blacklist='' \ + --setpref extensions.torbutton.use_nontor_proxy=true \ + --setpref browser.privatebrowsing.autostart=false \ + "${tests[@]}" + +echo "*************************" +echo "*************************" +echo "Summary of failed tests:" +grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log diff --git a/tbb-tests-ignore.txt b/tbb-tests-ignore.txt new file mode 100644 index 000000000000..ee3927a9e7c4 --- /dev/null +++ b/tbb-tests-ignore.txt @@ -0,0 +1,13 @@ +browser/extensions/onboarding/test/browser/browser_onboarding_accessibility.js +browser/extensions/onboarding/test/browser/browser_onboarding_keyboard.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_2.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_3.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_4.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_5.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_click_auto_complete_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_select_default_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_skip_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_tours.js +browser/extensions/onboarding/test/browser/browser_onboarding_tourset.js +browser/extensions/onboarding/test/browser/browser_onboarding_uitour.js diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini new file mode 100644 index 000000000000..f481660f1417 --- /dev/null +++ b/tbb-tests/browser.ini @@ -0,0 +1,5 @@ +[DEFAULT] + +[browser_tor_bug2950.js] +[browser_tor_omnibox.js] +[browser_tor_TB4.js] diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js new file mode 100644 index 000000000000..8bb12f360e5e --- /dev/null +++ b/tbb-tests/browser_tor_TB4.js @@ -0,0 +1,35 @@ +// # Test for TB4: Tor Browser's Firefox preference overrides +// This is a minimal test to check whether the 000-tor-browser.js +// pref overrides are being used at all or not. More comprehensive +// pref tests are maintained in the tor-browser-bundle-testsuite project. + +function test() { + +let expectedPrefs = [ + // Homepage + ["browser.startup.homepage", "about:tor"], + + // Disable the "Refresh" prompt that is displayed for stale profiles. + ["browser.disableResetPrompt", true], + + // Version placeholder + ["torbrowser.version", "dev-build"], + ]; + +let getPref = function (prefName) { + let type = Services.prefs.getPrefType(prefName); + if (type === Services.prefs.PREF_INT) return Services.prefs.getIntPref(prefName); + if (type === Services.prefs.PREF_BOOL) return Services.prefs.getBoolPref(prefName); + if (type === Services.prefs.PREF_STRING) return Services.prefs.getCharPref(prefName); + // Something went wrong. + throw new Error("Can't access pref " + prefName); +}; + +let testPref = function([key, expectedValue]) { + let foundValue = getPref(key); + is(foundValue, expectedValue, "Pref '" + key + "' should be '" + expectedValue +"'."); +}; + +expectedPrefs.map(testPref); + +} // end function test() diff --git a/tbb-tests/browser_tor_bug2950.js b/tbb-tests/browser_tor_bug2950.js new file mode 100644 index 000000000000..16e41344a3c4 --- /dev/null +++ b/tbb-tests/browser_tor_bug2950.js @@ -0,0 +1,74 @@ +// # Regression tests for tor Bug #2950, Make Permissions Manager memory-only +// Ensures that permissions.sqlite file in profile directory is not written to, +// even when we write a value to Firefox's permissions database. + +// The requisite test() function. +function test() { + +// Needed because of asynchronous part later in the test. +waitForExplicitFinish(); + +// Shortcut +let Ci = Components.interfaces; + +// ## utility functions + +// __principal(spec)__. +// Creates a principal instance from a spec +// (string address such as "https://www.torproject.org"). +let principal = spec => Services.scriptSecurityManager.createContentPrincipalFromOrigin(spec); + +// __setPermission(spec, key, value)__. +// Sets the site permission of type key to value, for the site located at address spec. +let setPermission = (spec, key, value) => SitePermissions.setForPrincipal(principal(spec), key, value); + +// __getPermission(spec, key)__. +// Reads the site permission value for permission type key, for the site +// located at address spec. +let getPermission = (spec, key) => SitePermissions.getForPrincipal(principal(spec), key); + +// __profileDirPath__. +// The Firefox Profile directory. Expected location of various persistent files. +let profileDirPath = Services.dirsvc.get("ProfD", Components.interfaces.nsIFile).path; + +// __fileInProfile(fileName)__. +// Returns an nsIFile instance corresponding to a file in the Profile directory. +let fileInProfile = fileName => FileUtils.File(profileDirPath + "/" + fileName); + +// ## Now let's run the test. + +let SITE = "https://www.torproject.org", + KEY = "popup"; + +let permissionsFile = fileInProfile("permissions.sqlite"), + lastModifiedTime = null, + newModifiedTime = null; +if (permissionsFile.exists()) { + lastModifiedTime = permissionsFile.lastModifiedTime; +} +// Read the original value of the permission. +let originalValue = getPermission(SITE, KEY); + +// We need to delay by at least 1000 ms, because that's the granularity +// of file time stamps, it seems. +window.setTimeout( + function () { + // Set the permission to a new value. + setPermission(SITE, KEY, SitePermissions.BLOCK); + // Now read back the permission value again. + let newReadValue = getPermission(SITE, KEY); + // Compare to confirm that the permission + // value was successfully changed. + Assert.notDeepEqual(originalValue, newReadValue, "Set a value in permissions db (perhaps in memory)."); + // If file existed or now exists, get the current time stamp. + if (permissionsFile.exists()) { + newModifiedTime = permissionsFile.lastModifiedTime; + } + // If file was created or modified since we began this test, + // then permissions db is not memory only. Complain! + is(lastModifiedTime, newModifiedTime, "Don't write to permissions.sqlite file on disk."); + // We are done with the test. + finish(); + }, 1100); + +} // test() diff --git a/tbb-tests/mochitest.ini b/tbb-tests/mochitest.ini new file mode 100644 index 000000000000..cc5172733bbe --- /dev/null +++ b/tbb-tests/mochitest.ini @@ -0,0 +1,3 @@ +[DEFAULT] + +[test_tor_bug2874.html] diff --git a/tbb-tests/moz.build b/tbb-tests/moz.build new file mode 100644 index 000000000000..de8a41a67a5c --- /dev/null +++ b/tbb-tests/moz.build @@ -0,0 +1,10 @@ +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOCHITEST_MANIFESTS += ['mochitest.ini'] + +BROWSER_CHROME_MANIFESTS += [ 'browser.ini' ] + diff --git a/tbb-tests/test_tor_bug2874.html b/tbb-tests/test_tor_bug2874.html new file mode 100644 index 000000000000..c0a956e9f687 --- /dev/null +++ b/tbb-tests/test_tor_bug2874.html @@ -0,0 +1,25 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="utf-8"> + <title>Test for Tor Bug 2874</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + <script type="application/javascript"> + is(typeof Components, 'undefined', "The global window object should not expose a Components property to untrusted content."); + </script> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/2874">Tor Bug 2874</a> +<p id="display"></p> +<div id="content" style="display: none"> + +</div> +<pre id="test"> +</pre> +</body> +</html> diff --git a/toolkit/toolkit.mozbuild b/toolkit/toolkit.mozbuild index d092b8b22346..6e35a4602300 100644 --- a/toolkit/toolkit.mozbuild +++ b/toolkit/toolkit.mozbuild @@ -96,7 +96,8 @@ if CONFIG['MOZ_WEBRTC'] and CONFIG['COMPILE_ENVIRONMENT']: ] if CONFIG['ENABLE_TESTS']: - DIRS += ['/testing/specialpowers'] + DIRS += ['/testing/specialpowers', + '/tbb-tests'] DIRS += [ '/testing/gtest',

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Add TorStrings module for localization
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 58d2ad308ee5395e1f80b2bad70fa25f811303d1 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Jul 24 21:15:20 2020 +0200 Add TorStrings module for localization --- browser/modules/TorStrings.jsm | 490 +++++++++++++++++++++++++++++++++++++++++ browser/modules/moz.build | 1 + 2 files changed, 491 insertions(+) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm new file mode 100644 index 000000000000..e8a8d37ae373 --- /dev/null +++ b/browser/modules/TorStrings.jsm @@ -0,0 +1,490 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorStrings"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); +const { getLocale } = ChromeUtils.import( + "resource://torbutton/modules/utils.js" +); + +XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]); +XPCOMUtils.defineLazyGetter(this, "domParser", () => { + const parser = new DOMParser(); + parser.forceEnableDTD(); + return parser; +}); + +/* + Tor DTD String Bundle + + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorDTDStringBundle { + constructor(aBundleURLs, aPrefix) { + let locations = []; + for (const [index, url] of aBundleURLs.entries()) { + locations.push(`<!ENTITY % dtd_${index} SYSTEM "${url}">%dtd_${index};`); + } + this._locations = locations; + this._prefix = aPrefix; + } + + // copied from testing/marionette/l10n.js + localizeEntity(urls, id) { + // Use the DOM parser to resolve the entity and extract its real value + let header = `<?xml version="1.0"?><!DOCTYPE elem [${this._locations.join( + "" + )}]>`; + let elem = `<elem id="elementID">&${id};</elem>`; + let doc = domParser.parseFromString(header + elem, "text/xml"); + let element = doc.querySelector("elem[id='elementID']"); + + if (element === null) { + throw new Error(`Entity with id='${id}' hasn't been found`); + } + + return element.textContent; + } + + getString(key, fallback) { + if (key) { + try { + return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { + try { + this._bundle = Services.strings.createBundle(aBundleURL); + } catch (e) {} + + this._prefix = aPrefix; + } + + getString(key, fallback) { + if (key) { + try { + return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Security Level Strings +*/ +var TorStrings = { + /* + Tor Browser Security Level Strings + */ + securityLevel: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torbutton/locale/torbutton.dtd"], + "torbutton.prefs.sec_" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + // read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error + let retval = { + securityLevel: getString("caption", "Security Level"), + customWarning: getString("custom_warning", "Custom"), + overview: getString( + "overview", + "Disable certain web features that can be used to attack your security and anonymity." + ), + standard: { + level: getString("standard_label", "Standard"), + tooltip: getString("standard_tooltip", "Security Level : Standard"), + summary: getString( + "standard_description", + "All Tor Browser and website features are enabled." + ), + }, + safer: { + level: getString("safer_label", "Safer"), + tooltip: getString("safer_tooltip", "Security Level : Safer"), + summary: getString( + "safer_description", + "Disables website features that are often dangerous, causing some sites to lose functionality." + ), + description1: getString( + "js_on_https_sites_only", + "JavaScript is disabled on non-HTTPS sites." + ), + description2: getString( + "limit_typography", + "Some fonts and math symbols are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + safest: { + level: getString("safest_label", "Safest"), + tooltip: getString("safest_tooltip", "Security Level : Safest"), + summary: getString( + "safest_description", + "Only allows website features required for static sites and basic services. These changes affect images, media, and scripts." + ), + description1: getString( + "js_disabled", + "JavaScript is disabled by default on all sites." + ), + description2: getString( + "limit_graphics_and_typography", + "Some fonts, icons, math symbols, and images are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + custom: { + summary: getString( + "custom_summary", + "Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels." + ), + }, + learnMore: getString("learn_more_label", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/security-settings/`, + restoreDefaults: getString("restore_defaults", "Restore Defaults"), + advancedSecuritySettings: getString( + "advanced_security_settings", + "Advanced Security Settings\u2026" + ), + }; + return retval; + })() /* Security Level Strings */, + + /* + Tor about:preferences#tor Strings + */ + settings: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torlauncher/locale/network-settings.dtd"], + "" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + let retval = { + categoryTitle: getString("torPreferences.categoryTitle", "Tor"), + torPreferencesHeading: getString( + "torPreferences.torSettings", + "Tor Settings" + ), + torPreferencesDescription: getString( + "torPreferences.torSettingsDescription", + "Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world." + ), + learnMore: getString("torPreferences.learnMore", "Learn More"), + bridgesHeading: getString("torPreferences.bridges", "Bridges"), + bridgesDescription: getString( + "torPreferences.bridgesDescription", + "Bridges help you access the Tor Network in places where Tor is blocked. Depending on where you are, one bridge may work better than another." + ), + useBridge: getString("torPreferences.useBridge", "Use a bridge"), + selectBridge: getString( + "torsettings.useBridges.default", + "Select a bridge" + ), + requestBridgeFromTorProject: getString( + "torsettings.useBridges.bridgeDB", + "Request a bridge from torproject.org" + ), + requestNewBridge: getString( + "torPreferences.requestNewBridge", + "Request a New Bridge\u2026" + ), + provideBridge: getString( + "torPreferences.provideBridge", + "Provide a bridge" + ), + provideBridgeDirections: getString( + "torsettings.useBridges.label", + "Enter bridge information from a trusted source." + ), + provideBridgePlaceholder: getString( + "torsettings.useBridges.placeholder", + "type address:port (one per line)" + ), + advancedHeading: getString("torPreferences.advanced", "Advanced"), + advancedDescription: getString( + "torPreferences.advancedDescription", + "Configure how Tor Browser connects to the internet." + ), + useLocalProxy: getString("torsettings.useProxy.checkbox", "I use a proxy to connect to the Internet"), + proxyType: getString("torsettings.useProxy.type", "Proxy Type"), + proxyTypeSOCKS4: getString("torsettings.useProxy.type.socks4", "SOCKS4"), + proxyTypeSOCKS5: getString("torsettings.useProxy.type.socks5", "SOCKS5"), + proxyTypeHTTP: getString("torsettings.useProxy.type.http", "HTTP/HTTPS"), + proxyAddress: getString("torsettings.useProxy.address", "Address"), + proxyAddressPlaceholder: getString( + "torsettings.useProxy.address.placeholder", + "IP address or hostname" + ), + proxyPort: getString("torsettings.useProxy.port", "Port"), + proxyUsername: getString("torsettings.useProxy.username", "Username"), + proxyPassword: getString("torsettings.useProxy.password", "Password"), + proxyUsernamePasswordPlaceholder: getString( + "torsettings.optional", + "Optional" + ), + useFirewall: getString( + "torsettings.firewall.checkbox", + "This computer goes through a firewall that only allows connections to certain ports" + ), + allowedPorts: getString( + "torsettings.firewall.allowedPorts", + "Allowed Ports" + ), + allowedPortsPlaceholder: getString( + "torPreferences.firewallPortsPlaceholder", + "Comma-seperated values" + ), + requestBridgeDialogTitle: getString( + "torPreferences.requestBridgeDialogTitle", + "Request Bridge" + ), + submitCaptcha: getString( + "torsettings.useBridges.captchaSubmit", + "Submit" + ), + contactingBridgeDB: getString( + "torPreferences.requestBridgeDialogWaitPrompt", + "Contacting BridgeDB. Please Wait." + ), + solveTheCaptcha: getString( + "torPreferences.requestBridgeDialogSolvePrompt", + "Solve the CAPTCHA to request a bridge." + ), + captchaTextboxPlaceholder: getString( + "torsettings.useBridges.captchaSolution.placeholder", + "Enter the characters from the image" + ), + incorrectCaptcha: getString( + "torPreferences.requestBridgeErrorBadSolution", + "The solution is not correct. Please try again." + ), + showTorDaemonLogs: getString( + "torPreferences.viewTorLogs", + "View the Tor logs." + ), + showLogs: getString("torPreferences.viewLogs", "View Logs\u2026"), + torLogDialogTitle: getString( + "torPreferences.torLogsDialogTitle", + "Tor Logs" + ), + copyLog: getString("torsettings.copyLog", "Copy Tor Log to Clipboard"), + + learnMoreTorBrowserURL: `https://tb-manual.torproject.org/${getLocale()}/about/`, + learnMoreBridgesURL: `https://tb-manual.torproject.org/${getLocale()}/bridges/`, + learnMoreNetworkSettingsURL: `about:blank`, + }; + + return retval; + })() /* Tor Network Settings Strings */, + + /* + Tor Onion Services Strings, e.g., for the authentication prompt. + */ + onionServices: (function() { + let tsb = new TorPropertyStringBundle( + "chrome://torbutton/locale/torbutton.properties", + "onionServices." + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const kProblemLoadingSiteFallback = "Problem Loading Onionsite"; + const kLongDescFallback = "Details: %S"; + + let retval = { + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://support.torproject.org/${getLocale()}/onionservices/client-auth/`, + errorPage: { + browser: getString("errorPage.browser", "Browser"), + network: getString("errorPage.network", "Network"), + onionSite: getString("errorPage.onionSite", "Onionsite"), + }, + descNotFound: { // Tor SOCKS error 0xF0 + pageTitle: getString("descNotFound.pageTitle", kProblemLoadingSiteFallback), + header: getString("descNotFound.header", "Onionsite Not Found"), + longDescription: getString("descNotFound.longDescription", kLongDescFallback), + }, + descInvalid: { // Tor SOCKS error 0xF1 + pageTitle: getString("descInvalid.pageTitle", kProblemLoadingSiteFallback), + header: getString("descInvalid.header", "Onionsite Cannot Be Reached"), + longDescription: getString("descInvalid.longDescription", kLongDescFallback), + }, + introFailed: { // Tor SOCKS error 0xF2 + pageTitle: getString("introFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("introFailed.header", "Onionsite Has Disconnected"), + longDescription: getString("introFailed.longDescription", kLongDescFallback), + }, + rendezvousFailed: { // Tor SOCKS error 0xF3 + pageTitle: getString("rendezvousFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("rendezvousFailed.header", "Unable to Connect to Onionsite"), + longDescription: getString("rendezvousFailed.longDescription", kLongDescFallback), + }, + clientAuthMissing: { // Tor SOCKS error 0xF4 + pageTitle: getString("clientAuthMissing.pageTitle", "Authorization Required"), + header: getString("clientAuthMissing.header", "Onionsite Requires Authentication"), + longDescription: getString("clientAuthMissing.longDescription", kLongDescFallback), + }, + clientAuthIncorrect: { // Tor SOCKS error 0xF5 + pageTitle: getString("clientAuthIncorrect.pageTitle", "Authorization Failed"), + header: getString("clientAuthIncorrect.header", "Onionsite Authentication Failed"), + longDescription: getString("clientAuthIncorrect.longDescription", kLongDescFallback), + }, + badAddress: { // Tor SOCKS error 0xF6 + pageTitle: getString("badAddress.pageTitle", kProblemLoadingSiteFallback), + header: getString("badAddress.header", "Invalid Onionsite Address"), + longDescription: getString("badAddress.longDescription", kLongDescFallback), + }, + introTimedOut: { // Tor SOCKS error 0xF7 + pageTitle: getString("introTimedOut.pageTitle", kProblemLoadingSiteFallback), + header: getString("introTimedOut.header", "Onionsite Circuit Creation Timed Out"), + longDescription: getString("introTimedOut.longDescription", kLongDescFallback), + }, + authPrompt: { + description: + getString("authPrompt.description2", "%S is requesting that you authenticate."), + keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your key"), + done: getString("authPrompt.done", "Done"), + doneAccessKey: getString("authPrompt.doneAccessKey", "d"), + invalidKey: getString("authPrompt.invalidKey", "Invalid key"), + failedToSetKey: + getString("authPrompt.failedToSetKey", "Failed to set key"), + }, + authPreferences: { + header: getString("authPreferences.header", "Onion Services Authentication"), + overview: getString("authPreferences.overview", "Some onion services require that you identify yourself with a key"), + savedKeys: getString("authPreferences.savedKeys", "Saved Keys"), + dialogTitle: getString("authPreferences.dialogTitle", "Onion Services Keys"), + dialogIntro: getString("authPreferences.dialogIntro", "Keys for the following onionsites are stored on your computer"), + onionSite: getString("authPreferences.onionSite", "Onionsite"), + onionKey: getString("authPreferences.onionKey", "Key"), + remove: getString("authPreferences.remove", "Remove"), + removeAll: getString("authPreferences.removeAll", "Remove All"), + failedToGetKeys: getString("authPreferences.failedToGetKeys", "Failed to get keys"), + failedToRemoveKey: getString("authPreferences.failedToRemoveKey", "Failed to remove key"), + }, + }; + + return retval; + })() /* Tor Onion Services Strings */, + + /* + OnionLocation + */ + onionLocation: (function() { + const tsb = new TorPropertyStringBundle( + ["chrome://torbutton/locale/torbutton.properties"], + "onionLocation." + ); + const getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const retval = { + alwaysPrioritize: getString( + "alwaysPrioritize", + "Always Prioritize Onionsites" + ), + alwaysPrioritizeAccessKey: getString("alwaysPrioritizeAccessKey", "a"), + notNow: getString("notNow", "Not Now"), + notNowAccessKey: getString("notNowAccessKey", "n"), + description: getString( + "description", + "Website publishers can protect users by adding a security layer. This prevents eavesdroppers from knowing that you are the one visiting that website." + ), + tryThis: getString("tryThis", "Try this: Onionsite"), + onionAvailable: getString("onionAvailable", "Onionsite available"), + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/onion-services/`, + always: getString("always", "Always"), + askEverytime: getString("askEverytime", "Ask you every time"), + prioritizeOnionsDescription: getString( + "prioritizeOnionsDescription", + "Prioritize onionsites when they are available." + ), + onionServicesTitle: getString("onionServicesTitle", "Onion Services"), + }; + + return retval; + })() /* OnionLocation */, + + /* + Tor Deamon Configuration Key Strings + */ + + // TODO: proper camel case + configKeys: { + /* Bridge Conf Settings */ + useBridges: "UseBridges", + bridgeList: "Bridge", + /* Proxy Conf Strings */ + socks4Proxy: "Socks4Proxy", + socks5Proxy: "Socks5Proxy", + socks5ProxyUsername: "Socks5ProxyUsername", + socks5ProxyPassword: "Socks5ProxyPassword", + httpsProxy: "HTTPSProxy", + httpsProxyAuthenticator: "HTTPSProxyAuthenticator", + /* Firewall Conf Strings */ + reachableAddresses: "ReachableAddresses", + + /* BridgeDB Strings */ + clientTransportPlugin: "ClientTransportPlugin", + }, + + /* + about:config preference keys + */ + + preferenceKeys: { + defaultBridgeType: "extensions.torlauncher.default_bridge_type", + recommendedBridgeType: + "extensions.torlauncher.default_bridge_recommended_type", + }, + + /* + about:config preference branches + */ + preferenceBranches: { + defaultBridge: "extensions.torlauncher.default_bridge.", + bridgeDBBridges: "extensions.torlauncher.bridgedb_bridge.", + }, +}; diff --git a/browser/modules/moz.build b/browser/modules/moz.build index cbb94cf736a0..88f2a55d6f49 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -154,6 +154,7 @@ EXTRA_JS_MODULES += [ 'TabUnloader.jsm', 'ThemeVariableMap.jsm', 'TopSiteAttribution.jsm', + 'TorStrings.jsm', 'TransientPrefs.jsm', 'webrtcUI.jsm', 'ZoomUI.jsm',

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit ae5d7c97b6d103ee7c2fdc6f8f00a75c682b320f Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Wed Aug 27 15:19:10 2014 -0700 Bug 12974: Disable NTLM and Negotiate HTTP Auth This is technically an embargoed Mozilla bug, so I probably shouldn't provide too many details. Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt very many (or any of them) actually need it. The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421 --- extensions/auth/nsHttpNegotiateAuth.cpp | 4 ++++ netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++ 2 files changed, 7 insertions(+) diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 99720475b9dd..1c08fcf3da7e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -152,6 +152,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel, nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState; *identityInvalid = false; + + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + if (rawModule) { return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 0a30de051014..891aaadfd758 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel, *identityInvalid = false; + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them.

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 3547: Block all plugins.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 5fc41dbe7a484cc1a836b4278302b7d11418e099 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index 4e1c1fd53698..cace7d4ef6ba 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -480,6 +480,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath);

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 16439: Remove screencasting code
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit da13a217972d17f470854acf9cc7573ff4158314 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index f000f35c126f..e1f1eb5759c5 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -260,10 +260,11 @@ if 'Android' != CONFIG['OS_TARGET']: ] else: DEFINES['ANDROID'] = True - EXTRA_JS_MODULES += [ - 'secondscreen/RokuApp.jsm', - 'secondscreen/SimpleServiceDiscovery.jsm', - ] + if not CONFIG['TOR_BROWSER_VERSION']: + EXTRA_JS_MODULES += [ + 'secondscreen/RokuApp.jsm', + 'secondscreen/SimpleServiceDiscovery.jsm', + ] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 8125e31d89b1f2b6dbfeeea965ada240c2786a2d Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 18 15:20:06 2013 -0400 Bug 9173: Change the default Firefox profile directory to be TBB-relative. This should eliminate our need to rely on a wrapper script that sets /Users/arthur and launches Firefox with -profile. --- toolkit/profile/nsToolkitProfileService.cpp | 5 +- toolkit/xre/nsAppRunner.cpp | 2 +- toolkit/xre/nsConsoleWriter.cpp | 2 +- toolkit/xre/nsXREDirProvider.cpp | 150 ++++++---------------------- toolkit/xre/nsXREDirProvider.h | 16 +-- xpcom/io/nsAppFileLocationProvider.cpp | 97 +++++++----------- 6 files changed, 84 insertions(+), 188 deletions(-) diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index dc4811313b5e..a3e50f8c00d3 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() { NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!"); nsresult rv; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData)); NS_ENSURE_SUCCESS(rv, rv); - rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData)); + rv = + gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData)); NS_ENSURE_SUCCESS(rv, rv); rv = mAppData->Clone(getter_AddRefs(mProfileDBFile)); diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8b5bce27cdc4..e3e7f785ada9 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3182,7 +3182,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) && NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) { nsCOMPtr<nsIFile> file; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file)); + rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file)); if (NS_SUCCEEDED(rv)) { CrashReporter::SetUserAppDataDirectory(file); } diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp index 0a2c0c342893..46735a293a00 100644 --- a/toolkit/xre/nsConsoleWriter.cpp +++ b/toolkit/xre/nsConsoleWriter.cpp @@ -29,7 +29,7 @@ void WriteConsoleLog() { } else { if (!gLogConsoleErrors) return; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile)); if (NS_FAILED(rv)) return; lfile->AppendNative(NS_LITERAL_CSTRING("console.log")); diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 7641ef683c39..f80cb2827349 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -32,6 +32,7 @@ #include "nsArrayEnumerator.h" #include "nsEnumeratorUtils.h" #include "nsReadableUtils.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #include "SpecialSystemDirectory.h" @@ -249,9 +250,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -267,9 +265,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -1403,7 +1398,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile, nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal) { // Copied from nsAppFileLocationProvider (more or less) - nsresult rv; + NS_ENSURE_ARG_POINTER(aFile); nsCOMPtr<nsIFile> localDir; if (aLocal && gDataDirHomeLocal) { @@ -1413,81 +1408,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } -#if defined(XP_MACOSX) - FSRef fsRef; - OSType folderType; - if (aLocal) { - folderType = kCachedDataFolderType; - } else { -# ifdef MOZ_THUNDERBIRD - folderType = kDomainLibraryFolderType; -# else - folderType = kApplicationSupportFolderType; -# endif - } - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); - - rv = NS_NewNativeLocalFile(EmptyCString(), true, getter_AddRefs(localDir)); + nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(localDir); - NS_ENSURE_TRUE(dirFileMac, NS_ERROR_UNEXPECTED); - - rv = dirFileMac->InitWithFSRef(&fsRef); - NS_ENSURE_SUCCESS(rv, rv); + int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); - localDir = dirFileMac; -#elif defined(XP_IOS) - nsAutoCString userDir; - if (GetUIKitDirectory(aLocal, userDir)) { - rv = NS_NewNativeLocalFile(userDir, true, getter_AddRefs(localDir)); - } else { - rv = NS_ERROR_FAILURE; - } - NS_ENSURE_SUCCESS(rv, rv); -#elif defined(XP_WIN) - nsString path; - if (aLocal) { - rv = GetShellFolderPath(FOLDERID_LocalAppData, path); - if (NS_FAILED(rv)) rv = GetRegWindowsAppDataFolder(aLocal, path); - } - if (!aLocal || NS_FAILED(rv)) { - rv = GetShellFolderPath(FOLDERID_RoamingAppData, path); - if (NS_FAILED(rv)) { - if (!aLocal) rv = GetRegWindowsAppDataFolder(aLocal, path); - } + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + if (didRemove) --levelsToRemove; } - NS_ENSURE_SUCCESS(rv, rv); - rv = NS_NewLocalFile(path, true, getter_AddRefs(localDir)); -#elif defined(XP_UNIX) - const char* homeDir = getenv("HOME"); - if (!homeDir || !*homeDir) return NS_ERROR_FAILURE; + if (!localDir) return NS_ERROR_FAILURE; -# ifdef ANDROID /* We want (ProfD == ProfLD) on Android. */ - aLocal = false; -# endif + rv = localDir->AppendRelativeNativePath( + NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_ENSURE_SUCCESS(rv, rv); if (aLocal) { - // If $XDG_CACHE_HOME is defined use it, otherwise use $HOME/.cache. - const char* cacheHome = getenv("XDG_CACHE_HOME"); - if (cacheHome && *cacheHome) { - rv = NS_NewNativeLocalFile(nsDependentCString(cacheHome), true, - getter_AddRefs(localDir)); - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); - if (NS_SUCCEEDED(rv)) - rv = localDir->AppendNative(NS_LITERAL_CSTRING(".cache")); - } - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); + NS_ENSURE_SUCCESS(rv, rv); } -#else -# error "Don't know how to get product dir on your platform" -#endif NS_IF_ADDREF(*aFile = localDir); return rv; @@ -1670,39 +1623,23 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { } nsAutoCString profile; - nsAutoCString appName; - nsAutoCString vendor; if (gAppData->profile) { profile = gAppData->profile; - } else { - appName = gAppData->name; - vendor = gAppData->vendor; } - nsresult rv = NS_OK; + nsresult rv = NS_ERROR_FAILURE; #if defined(XP_MACOSX) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - // Note that MacOS ignores the vendor when creating the profile hierarchy - - // all application preferences directories live alongside one another in - // ~/Library/Application Support/ - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_WIN) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - if (!vendor.IsEmpty()) { - rv = aFile->AppendNative(vendor); - NS_ENSURE_SUCCESS(rv, rv); - } - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(ANDROID) // The directory used for storing profiles @@ -1712,11 +1649,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { rv = aFile->AppendNative(nsDependentCString("mozilla")); NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_UNIX) - nsAutoCString folder; - // Make it hidden (by starting with "."), except when local (the - // profile is already under ~/.cache or XDG_CACHE_HOME). - if (!aLocal) folder.Assign('.'); - if (!profile.IsEmpty()) { // Skip any leading path characters const char* profileStart = profile.get(); @@ -1724,32 +1656,16 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { // On the off chance that someone wanted their folder to be hidden don't // let it become ".." - if (*profileStart == '.' && !aLocal) profileStart++; + if (*profileStart == '.') profileStart++; + // Make it hidden (by starting with "."). + nsAutoCString folder("."); folder.Append(profileStart); ToLowerCase(folder); rv = AppendProfileString(aFile, folder.BeginReading()); - } else { - if (!vendor.IsEmpty()) { - folder.Append(vendor); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - NS_ENSURE_SUCCESS(rv, rv); - - folder.Truncate(); - } - - // This can be the case in tests. - if (!appName.IsEmpty()) { - folder.Append(appName); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - } + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #else # error "Don't know how to get profile path on your platform" diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index e55b4e153c56..b9678d4ec577 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -63,15 +63,19 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, void DoShutdown(); - static nsresult GetUserAppDataDirectory(nsIFile** aFile) { + nsresult GetUserAppDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, false); } - static nsresult GetUserLocalDataDirectory(nsIFile** aFile) { + nsresult GetUserLocalDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, true); } // GetUserDataDirectory gets the profile path from gAppData. - static nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); + + // This function now calls GetAppDir(), so it cannot be static anymore. + // The same happens with all the functions (in)directly calling this one (the + // rest of Get*Directory functions in this file) + nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); /* make sure you clone it, if you need to do stuff to it */ nsIFile* GetGREDir() { return mGREDir; } @@ -112,9 +116,9 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); - static nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); - static nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); - static nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); + nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); + nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); + nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); #if defined(XP_UNIX) || defined(XP_MACOSX) static nsresult GetSystemExtensionsDirectory(nsIFile** aFile); #endif diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index 915e8bc7361e..81551a8e3893 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -15,6 +15,7 @@ #include "nsSimpleEnumerator.h" #include "prenv.h" #include "nsCRT.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #if defined(MOZ_WIDGET_COCOA) # include <Carbon/Carbon.h> # include "nsILocalFileMac.h" @@ -233,9 +234,8 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla -// Mac : :Documents:Mozilla: +// UNIX and WIN : <App Folder>/TorBrowser/Data/Browser +// Mac : <App Folder>/../../TorBrowser/Data/Browser //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -247,49 +247,45 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool exists; nsCOMPtr<nsIFile> localDir; -#if defined(MOZ_WIDGET_COCOA) - FSRef fsRef; - OSType folderType = - aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType; - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - if (err) { - return NS_ERROR_FAILURE; + rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + NS_ENSURE_SUCCESS(rv, rv); + + int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + + if (didRemove) { + --levelsToRemove; + } } - NS_NewLocalFile(EmptyString(), true, getter_AddRefs(localDir)); + if (!localDir) { return NS_ERROR_FAILURE; } - nsCOMPtr<nsILocalFileMac> localDirMac(do_QueryInterface(localDir)); - rv = localDirMac->InitWithFSRef(&fsRef); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_WIN) - nsCOMPtr<nsIProperties> directoryService = - do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv); - if (NS_FAILED(rv)) { - return rv; - } - const char* prop = aLocal ? NS_WIN_LOCAL_APPDATA_DIR : NS_WIN_APPDATA_DIR; - rv = directoryService->Get(prop, NS_GET_IID(nsIFile), - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_UNIX) - rv = NS_NewNativeLocalFile(nsDependentCString(PR_GetEnv("HOME")), true, - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#else -# error dont_know_how_to_get_product_dir_on_your_platform -#endif - rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR); - if (NS_FAILED(rv)) { - return rv; + rv = localDir->AppendRelativeNativePath( + NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_ENSURE_SUCCESS(rv, rv); + + if (aLocal) { + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); + NS_ENSURE_SUCCESS(rv, rv); } + rv = localDir->Exists(&exists); if (NS_SUCCEEDED(rv) && !exists) { @@ -308,10 +304,6 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, //---------------------------------------------------------------------------------------- // GetDefaultUserProfileRoot - Gets the directory which contains each user // profile dir -// -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla\Profiles -// Mac : :Documents:Mozilla:Profiles: //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( nsIFile** aLocalFile, bool aLocal) { @@ -327,23 +319,6 @@ nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( return rv; } -#if defined(MOZ_WIDGET_COCOA) || defined(XP_WIN) - // These 3 platforms share this part of the path - do them as one - rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("Profiles")); - if (NS_FAILED(rv)) { - return rv; - } - - bool exists; - rv = localDir->Exists(&exists); - if (NS_SUCCEEDED(rv) && !exists) { - rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0775); - } - if (NS_FAILED(rv)) { - return rv; - } -#endif - localDir.forget(aLocalFile); return rv;

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 14631: Improve profile access error messages.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 9430c248988da94ce7b50b49b7a32f4a981e3786 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Feb 24 13:50:23 2015 -0500 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. --- .../mozapps/profile/profileSelection.properties | 5 + toolkit/profile/nsToolkitProfileService.cpp | 57 +++++++- toolkit/profile/nsToolkitProfileService.h | 13 +- toolkit/xre/nsAppRunner.cpp | 155 ++++++++++++++++++--- 4 files changed, 207 insertions(+), 23 deletions(-) diff --git a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties index 2be092bf4c4b..922b52cb1385 100644 --- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties +++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties @@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. +# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. +profileProblemTitle=%S Profile Problem +profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. +profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. +profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: ‘%S’ - Path: ‘%S’ diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index a3e50f8c00d3..3f32bd95f9c9 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -1161,9 +1161,10 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; + ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(&argc, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, &wasDefault); + aProfile, aDidCreate, &wasDefault, profileStatus); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1196,7 +1197,8 @@ nsToolkitProfileService::SelectStartupProfile( nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { + aProfileStatus = PROFILE_STATUS_OK; if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1290,6 +1292,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); + aProfileStatus = CheckProfileWriteAccess(lf); + if (PROFILE_STATUS_OK != aProfileStatus) { + NS_ADDREF(*aRootDir = lf); + NS_ADDREF(*aLocalDir = lf); + return NS_ERROR_FAILURE; + } + // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(&exists); @@ -2079,3 +2088,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } + +// Check for write permission to the profile directory by trying to create a +// new file (after ensuring that no file with the same name exists). +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIFile* aProfileDir) { +#if defined(XP_UNIX) + NS_NAMED_LITERAL_STRING(writeTestFileName, ".parentwritetest"); +#else + NS_NAMED_LITERAL_STRING(writeTestFileName, "parent.writetest"); +#endif + + nsCOMPtr<nsIFile> writeTestFile; + nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); + if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); + + if (NS_SUCCEEDED(rv)) { + bool doesExist = false; + rv = writeTestFile->Exists(&doesExist); + if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); + } + + if (NS_SUCCEEDED(rv)) { + rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); + (void)writeTestFile->Remove(true); + } + + ProfileStatus status = + NS_SUCCEEDED(rv) ? PROFILE_STATUS_OK : PROFILE_STATUS_OTHER_ERROR; + if (NS_ERROR_FILE_ACCESS_DENIED == rv) + status = PROFILE_STATUS_ACCESS_DENIED; + else if (NS_ERROR_FILE_READ_ONLY == rv) + status = PROFILE_STATUS_READ_ONLY; + + return status; +} + +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIToolkitProfile* aProfile) { + nsCOMPtr<nsIFile> profileDir; + nsresult rv = aProfile->GetRootDir(getter_AddRefs(profileDir)); + if (NS_FAILED(rv)) return PROFILE_STATUS_OTHER_ERROR; + + return CheckProfileWriteAccess(profileDir); +} diff --git a/toolkit/profile/nsToolkitProfileService.h b/toolkit/profile/nsToolkitProfileService.h index f2a238312b95..cfb1964ee1d7 100644 --- a/toolkit/profile/nsToolkitProfileService.h +++ b/toolkit/profile/nsToolkitProfileService.h @@ -15,6 +15,14 @@ #include "nsProfileLock.h" #include "nsINIParser.h" +enum ProfileStatus { + PROFILE_STATUS_OK, + PROFILE_STATUS_ACCESS_DENIED, + PROFILE_STATUS_READ_ONLY, + PROFILE_STATUS_IS_LOCKED, + PROFILE_STATUS_OTHER_ERROR +}; + class nsToolkitProfile final : public nsIToolkitProfile, public mozilla::LinkedListElement<RefPtr<nsToolkitProfile>> { @@ -79,10 +87,13 @@ class nsToolkitProfileService final : public nsIToolkitProfileService { nsresult SelectStartupProfile(int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection); + bool* aWasDefaultSelection, + ProfileStatus& aProfileStatus); nsresult CreateResetProfile(nsIToolkitProfile** aNewProfile); nsresult ApplyResetProfile(nsIToolkitProfile* aOldProfile); void CompleteStartup(); + static ProfileStatus CheckProfileWriteAccess(nsIToolkitProfile* aProfile); + static ProfileStatus CheckProfileWriteAccess(nsIFile* aProfileDir); private: friend class nsToolkitProfile; diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index e3e7f785ada9..8de43a8c4cfc 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1731,6 +1731,91 @@ nsresult LaunchChild(bool aBlankCommandLine) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } +static nsresult GetOverrideStringBundleForLocale(nsIStringBundleService* aSBS, + const char* aTorbuttonURI, + const char* aLocale, + nsIStringBundle** aResult) { + NS_ENSURE_ARG(aSBS); + NS_ENSURE_ARG(aTorbuttonURI); + NS_ENSURE_ARG(aLocale); + NS_ENSURE_ARG(aResult); + + const char* kFormatStr = + "jar:%s!/chrome/torbutton/locale/%s/torbutton.properties"; + nsPrintfCString strBundleURL(kFormatStr, aTorbuttonURI, aLocale); + nsresult rv = aSBS->CreateBundle(strBundleURL.get(), aResult); + NS_ENSURE_SUCCESS(rv, rv); + + // To ensure that we have a valid string bundle, try to retrieve a string + // that we know exists. + nsAutoString val; + rv = (*aResult)->GetStringFromName("profileProblemTitle", val); + if (!NS_SUCCEEDED(rv)) *aResult = nullptr; // No good. Discard it. + + return rv; +} + +static void GetOverrideStringBundle(nsIStringBundleService* aSBS, + nsIStringBundle** aResult) { + if (!aSBS || !aResult) return; + + *aResult = nullptr; + + // Build Torbutton file URI string by starting from GREDir. + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return; + + nsCOMPtr<nsIFile> greDir = dirProvider->GetGREDir(); + if (!greDir) return; + + // Create file URI, extract as string, and append omni.ja relative path. + nsCOMPtr<nsIURI> uri; + nsAutoCString uriString; + if (NS_FAILED(NS_NewFileURI(getter_AddRefs(uri), greDir)) || + NS_FAILED(uri->GetSpec(uriString))) { + return; + } + + uriString.Append("omni.ja"); + + nsAutoCString userAgentLocale; + if (!NS_SUCCEEDED( + Preferences::GetCString("intl.locale.requested", userAgentLocale))) { + return; + } + + nsresult rv = GetOverrideStringBundleForLocale( + aSBS, uriString.get(), userAgentLocale.get(), aResult); + if (NS_FAILED(rv)) { + // Try again using base locale, e.g., "en" vs. "en-US". + int16_t offset = userAgentLocale.FindChar('-', 1); + if (offset > 0) { + nsAutoCString shortLocale(Substring(userAgentLocale, 0, offset)); + rv = GetOverrideStringBundleForLocale(aSBS, uriString.get(), + shortLocale.get(), aResult); + } + } +} + +static nsresult GetFormattedString(nsIStringBundle* aOverrideBundle, + nsIStringBundle* aMainBundle, + const char* aName, + const nsTArray<nsString>& aParams, + nsAString& aResult) { + NS_ENSURE_ARG(aName); + + nsresult rv = NS_ERROR_FAILURE; + if (aOverrideBundle) { + rv = aOverrideBundle->FormatStringFromName(aName, aParams, aResult); + } + + // If string was not found in override bundle, use main (browser) bundle. + if (NS_FAILED(rv) && aMainBundle) + rv = aMainBundle->FormatStringFromName(aName, aParams, aResult); + + return rv; +} + static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -1779,7 +1864,7 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 2> params = {appName, appName}; // profileMissing @@ -1801,11 +1886,12 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } -static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, - nsIFile* aProfileLocalDir, - nsIProfileUnlocker* aUnlocker, - nsINativeAppSupport* aNative, - nsIProfileLock** aResult) { +static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, + nsIFile* aProfileLocalDir, + ProfileStatus aStatus, + nsIProfileUnlocker* aUnlocker, + nsINativeAppSupport* aNative, + nsIProfileLock** aResult) { nsresult rv; bool exists; @@ -1833,24 +1919,39 @@ static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + nsCOMPtr<nsIStringBundle> overrideSB; + GetOverrideStringBundle(sbs, getter_AddRefs(overrideSB)); + + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 3> params = {appName, appName, appName}; nsAutoString killMessage; #ifndef XP_MACOSX - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlocker" : "restartMessageNoUnlocker2", - params, killMessage); + static const char kRestartUnlocker[] = "restartMessageUnlocker"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlocker2"; + static const char kReadOnly[] = "profileReadOnly"; #else - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlockerMac" : "restartMessageNoUnlockerMac", - params, killMessage); + static const char kRestartUnlocker[] = "restartMessageUnlockerMac"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlockerMac"; + static const char kReadOnly[] = "profileReadOnlyMac"; #endif + static const char kAccessDenied[] = "profileAccessDenied"; + + const char* errorKey = aUnlocker ? kRestartUnlocker : kRestartNoUnlocker; + if (PROFILE_STATUS_READ_ONLY == aStatus) + errorKey = kReadOnly; + else if (PROFILE_STATUS_ACCESS_DENIED == aStatus) + errorKey = kAccessDenied; + rv = GetFormattedString(overrideSB, sb, errorKey, params, killMessage); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); + const char* titleKey = ((PROFILE_STATUS_READ_ONLY == aStatus) || + (PROFILE_STATUS_ACCESS_DENIED == aStatus)) + ? "profileProblemTitle" + : "restartTitle"; params.SetLength(1); nsAutoString killTitle; - rv = sb->FormatStringFromName("restartTitle", params, killTitle); + rv = sb->FormatStringFromName(titleKey, params, killTitle); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); if (gfxPlatform::IsHeadless()) { @@ -2008,6 +2109,13 @@ static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, nsIFile* aLocalDir, nsIToolkitProfile* aProfile, nsIProfileLock** aResult) { + ProfileStatus status = + (aProfile ? nsToolkitProfileService::CheckProfileWriteAccess(aProfile) + : nsToolkitProfileService::CheckProfileWriteAccess(aRootDir)); + if (PROFILE_STATUS_OK != status) + return ProfileErrorDialog(aRootDir, aLocalDir, status, nullptr, aNative, + aResult); + // If you close Firefox and very quickly reopen it, the old Firefox may // still be closing down. Rather than immediately showing the // "Firefox is running but is not responding" message, we spend a few @@ -2034,7 +2142,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, } while (TimeStamp::Now() - start < TimeDuration::FromSeconds(kLockRetrySeconds)); - return ProfileLockedDialog(aRootDir, aLocalDir, unlocker, aNative, aResult); + return ProfileErrorDialog(aRootDir, aLocalDir, PROFILE_STATUS_IS_LOCKED, + unlocker, aNative, aResult); } // Pick a profile. We need to end up with a profile root dir, local dir and @@ -2049,7 +2158,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, nsINativeAppSupport* aNative, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, + nsIProfileLock** aResult) { StartupTimeline::Record(StartupTimeline::SELECT_PROFILE); nsresult rv; @@ -2095,9 +2205,14 @@ static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, // Ask the profile manager to select the profile directories to use. bool didCreate = false; - rv = aProfileSvc->SelectStartupProfile(&gArgc, gArgv, gDoProfileReset, - aRootDir, aLocalDir, aProfile, - &didCreate, aWasDefaultSelection); + ProfileStatus profileStatus = PROFILE_STATUS_OK; + rv = aProfileSvc->SelectStartupProfile( + &gArgc, gArgv, gDoProfileReset, aRootDir, aLocalDir, aProfile, &didCreate, + aWasDefaultSelection, profileStatus); + if (PROFILE_STATUS_OK != profileStatus) { + return ProfileErrorDialog(*aRootDir, *aLocalDir, profileStatus, nullptr, + aNative, aResult); + } if (rv == NS_ERROR_SHOW_PROFILE_MANAGER) { return ShowProfileManager(aProfileSvc, aNative); @@ -3927,7 +4042,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { nsCOMPtr<nsIToolkitProfile> profile; rv = SelectProfile(mProfileSvc, mNativeApp, getter_AddRefs(mProfD), getter_AddRefs(mProfLD), getter_AddRefs(profile), - &wasDefaultSelection); + &wasDefaultSelection, getter_AddRefs(mProfileLock)); if (rv == NS_ERROR_LAUNCHED_CHILD_PROCESS || rv == NS_ERROR_ABORT) { *aExitFlag = true; return 0;

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 13028: Prevent potential proxy bypass cases.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit bd256b7f41a386393989fee10adf324191a4c81d Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Mon Sep 29 14:30:19 2014 -0700 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. --- security/nss/lib/certhigh/ocsp.c | 8 ++++++++ .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index cea8456606bf..86fa971cfbef 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port) PRNetAddr addr; char *netdbbuf = NULL; + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host, + port); + goto loser; +#endif + sock = PR_NewTCPSocket(); if (sock == NULL) goto loser; diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index e8698376b5be..85791d84a932 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create( plContext), PKIX_COULDNOTCREATESOCKETOBJECT); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct socket connect\n"); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + socket->isServer = isServer; socket->timeout = timeout; socket->clientSock = NULL; @@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName( localCopyName = PL_strdup(serverName); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort"); PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, + portnum); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 13252: Do not store data in the app bundle
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit c7af85a79779ba24c14a1d974713425e3f97e380 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Mar 18 14:20:02 2016 -0400 Bug 13252: Do not store data in the app bundle When --enable-tor-browser-data-outside-app-dir is enabled, all user data is stored in a directory named TorBrowser-Data which is located next to the application directory. Display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. On Mac OS, add support for the --invisible command line option which is used by the meek-http-helper to avoid showing an icon for the helper browser on the dock. --- toolkit/xre/nsAppRunner.cpp | 76 +++++++++++++++--- toolkit/xre/nsXREDirProvider.cpp | 43 +++++----- toolkit/xre/nsXREDirProvider.h | 6 ++ xpcom/io/TorFileUtils.cpp | 142 +++++++++++++++++++++++++++++++++ xpcom/io/TorFileUtils.h | 33 ++++++++ xpcom/io/moz.build | 5 ++ xpcom/io/nsAppFileLocationProvider.cpp | 53 +++++------- 7 files changed, 290 insertions(+), 68 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8de43a8c4cfc..9854332f6917 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1886,6 +1886,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } +// If aUnlocker is NULL, it is also OK for the following arguments to be NULL: +// aProfileDir, aProfileLocalDir, aResult. static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIFile* aProfileLocalDir, ProfileStatus aStatus, @@ -1894,17 +1896,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIProfileLock** aResult) { nsresult rv; - bool exists; - aProfileDir->Exists(&exists); - if (!exists) { - return ProfileMissingDialog(aNative); + if (aProfileDir) { + bool exists; + aProfileDir->Exists(&exists); + if (!exists) { + return ProfileMissingDialog(aNative); + } } ScopedXPCOMStartup xpcom; rv = xpcom.Initialize(); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); + if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); rv = xpcom.SetWindowCreator(aNative); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); @@ -1994,7 +1998,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, } } else { #ifdef MOZ_WIDGET_ANDROID - if (java::GeckoAppShell::UnlockProfile()) { + if (aProfileDir && aProfileLocalDir && aResult && + java::GeckoAppShell::UnlockProfile()) { return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr, aResult); } @@ -2102,6 +2107,23 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false); } +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) { + // Check whether we can write to the directory that will contain + // TorBrowser-Data. + nsCOMPtr<nsIFile> tbDataDir; + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR; + nsresult rv = + dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + nsCOMPtr<nsIFile> tbDataDirParent; + rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); +} +#endif + static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; @@ -3178,6 +3200,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK(); #endif +#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND); + if (hideDockIcon) { + ProcessSerialNumber psn = {0, kCurrentProcess}; + TransformProcessType(&psn, kProcessTransformToBackgroundApplication); + } +#endif + IncreaseDescriptorLimits(); #ifdef USE_GLX_TEST @@ -4026,7 +4056,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { return 0; } +#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \ + defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + nsCOMPtr<nsIFile> exeFile, exeDir; + bool persistent; + rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, 1); + rv = exeFile->GetParent(getter_AddRefs(exeDir)); + NS_ENSURE_SUCCESS(rv, 1); +#endif + rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc)); +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + if (NS_FAILED(rv)) { + // NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error + // if creation of the TorBrowser-Data directory fails due to access denied + // or because of a read-only disk volume. Do an extra check here to detect + // these errors so we can display an informative error message. + ProfileStatus status = CheckTorBrowserDataWriteAccess(exeDir); + if ((PROFILE_STATUS_ACCESS_DENIED == status) || + (PROFILE_STATUS_READ_ONLY == status)) { + ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp, + nullptr); + return 1; + } + } + #endif + if (rv == NS_ERROR_FILE_ACCESS_DENIED) { PR_fprintf(PR_STDERR, "Error: Access was denied while trying to open files in " @@ -4095,7 +4152,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { #if defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID) // Check for and process any available updates nsCOMPtr<nsIFile> updRoot; - bool persistent; rv = mDirProvider.GetFile(XRE_UPDATE_ROOT_DIR, &persistent, getter_AddRefs(updRoot)); // XRE_UPDATE_ROOT_DIR may fail. Fallback to appDir if failed @@ -4131,12 +4187,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { if (CheckArg("test-process-updates")) { SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1"); } - nsCOMPtr<nsIFile> exeFile, exeDir; - rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, - getter_AddRefs(exeFile)); - NS_ENSURE_SUCCESS(rv, 1); - rv = exeFile->GetParent(getter_AddRefs(exeDir)); - NS_ENSURE_SUCCESS(rv, 1); ProcessUpdates(mDirProvider.GetGREDir(), exeDir, updRoot, gRestartArgc, gRestartArgv, mAppData->version); if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) { diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index f80cb2827349..335a340ea3e9 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -51,6 +51,8 @@ # include "nsIPK11Token.h" #endif +#include "TorFileUtils.h" + #include <stdlib.h> #ifdef XP_WIN @@ -1408,34 +1410,18 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } - nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); + nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - if (didRemove) --levelsToRemove; - } - - if (!localDir) return NS_ERROR_FAILURE; - +#if !defined(ANDROID) +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser")); +#else rv = localDir->AppendRelativeNativePath( - NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); +#endif NS_ENSURE_SUCCESS(rv, rv); +#endif if (aLocal) { rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); @@ -1541,6 +1527,15 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) { return NS_OK; } +nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) { + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> exeFile; + bool per = false; + nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + return TorBrowser_GetUserDataDir(exeFile, aFile); +} + nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) { nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700); diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index b9678d4ec577..2aa2face5974 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -113,6 +113,12 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, */ nsresult GetProfileDir(nsIFile** aResult); + /** + * Get the TorBrowser user data directory by calling the + * TorBrowser_GetUserDataDir() utility function. + */ + nsresult GetTorBrowserUserDataDir(nsIFile** aFile); + protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); diff --git a/xpcom/io/TorFileUtils.cpp b/xpcom/io/TorFileUtils.cpp new file mode 100644 index 000000000000..bddf8d7bbd95 --- /dev/null +++ b/xpcom/io/TorFileUtils.cpp @@ -0,0 +1,142 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "TorFileUtils.h" +#include "nsString.h" +#ifdef MOZ_WIDGET_COCOA +#include <Carbon/Carbon.h> +#include "nsILocalFileMac.h" +#endif + +static nsresult GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile); + +//----------------------------------------------------------------------------- +nsresult +TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile) +{ + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> tbDataDir; + +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + nsAutoCString tbDataLeafName(NS_LITERAL_CSTRING("TorBrowser-Data")); + nsCOMPtr<nsIFile> appRootDir; + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(appRootDir)); + NS_ENSURE_SUCCESS(rv, rv); +#ifndef XP_MACOSX + // On all platforms except Mac OS, we always operate in a "portable" mode + // where the TorBrowser-Data directory is located next to the application. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); +#else + // For Mac OS, determine whether we should store user data in the OS's + // standard location (i.e., under ~/Library/Application Support). We use + // the OS location if (1) the application is installed in a directory whose + // path contains "/Applications" or (2) the TorBrowser-Data directory does + // not exist and cannot be created (which probably means we lack write + // permission to the directory that contains the application). + nsAutoString appRootPath; + rv = appRootDir->GetPath(appRootPath); + NS_ENSURE_SUCCESS(rv, rv); + bool useOSLocation = (appRootPath.Find("/Applications", + true /* ignore case */) >= 0); + if (!useOSLocation) { + // We hope to use the portable (aka side-by-side) approach, but before we + // commit to that, let's ensure that we can create the TorBrowser-Data + // directory. If it already exists, we will try to use it; if not and we + // fail to create it, we will switch to ~/Library/Application Support. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + bool exists = false; + rv = tbDataDir->Exists(&exists); + if (NS_SUCCEEDED(rv) && !exists) + rv = tbDataDir->Create(nsIFile::DIRECTORY_TYPE, 0700); + useOSLocation = NS_FAILED(rv); + } + + if (useOSLocation) { + // We are using ~/Library/Application Support/TorBrowser-Data. We do not + // need to create that directory here because the code in nsXREDirProvider + // will do so (and the user should always have write permission for + // ~/Library/Application Support; if they do not we have no more options). + FSRef fsRef; + OSErr err = ::FSFindFolder(kUserDomain, kApplicationSupportFolderType, + kCreateFolder, &fsRef); + NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); + // To convert the FSRef returned by FSFindFolder() into an nsIFile that + // points to ~/Library/Application Support, we first create an empty + // nsIFile object (no path) and then use InitWithFSRef() to set the + // path. + rv = NS_NewNativeLocalFile(EmptyCString(), true, + getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(tbDataDir); + if (!dirFileMac) + return NS_ERROR_UNEXPECTED; + rv = dirFileMac->InitWithFSRef(&fsRef); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + } +#endif + +#elif defined(ANDROID) + // Tor Browser Android stores data in the app home directory. + const char* homeDir = getenv("HOME"); + if (!homeDir || !*homeDir) + return NS_ERROR_FAILURE; + nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, + getter_AddRefs(tbDataDir)); +#else + // User data is embedded within the application directory (i.e., + // TOR_BROWSER_DATA_OUTSIDE_APP_DIR is not defined). + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(NS_LITERAL_CSTRING("TorBrowser")); + NS_ENSURE_SUCCESS(rv, rv); +#endif + + tbDataDir.forget(aFile); + return NS_OK; +} + +static nsresult +GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile) +{ + NS_ENSURE_ARG_POINTER(aExeFile); + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> appRootDir = aExeFile; + + int levelsToRemove = 1; // Remove firefox (the executable file). +#if defined(XP_MACOSX) + levelsToRemove += 2; // On Mac OS, we must also remove Contents/MacOS. +#endif + while (appRootDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + nsresult rv = appRootDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = appRootDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + appRootDir = parentDir; + + if (didRemove) + --levelsToRemove; + } + + if (!appRootDir) + return NS_ERROR_FAILURE; + + appRootDir.forget(aFile); + return NS_OK; +} diff --git a/xpcom/io/TorFileUtils.h b/xpcom/io/TorFileUtils.h new file mode 100644 index 000000000000..d5e86abf9685 --- /dev/null +++ b/xpcom/io/TorFileUtils.h @@ -0,0 +1,33 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef TorFileUtils_h__ +#define TorFileUtils_h__ + +#include "nsIFile.h" + +/** + * TorBrowser_GetUserDataDir + * + * Retrieve the Tor Browser user data directory. + * When built with --enable-tor-browser-data-outside-app-dir, the directory + * is next to the application directory, except on Mac OS where it may be + * there or it may be at ~/Library/Application Support/TorBrowser-Data (the + * latter location is used if the .app bundle is in a directory whose path + * contains /Applications or if we lack write access to the directory that + * contains the .app). + * When built without --enable-tor-browser-data-outside-app-dir, this + * directory is TorBrowser.app/TorBrowser. + * + * @param aExeFile The firefox executable. + * @param aFile Out parameter that is set to the Tor Browser user data + * directory. + * @return NS_OK on success. Error otherwise. + */ +extern nsresult +TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile); + +#endif // !TorFileUtils_h__ diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build index a165b491bc56..b0eb74f4c56d 100644 --- a/xpcom/io/moz.build +++ b/xpcom/io/moz.build @@ -86,6 +86,7 @@ EXPORTS += [ 'nsUnicharInputStream.h', 'nsWildCard.h', 'SpecialSystemDirectory.h', + 'TorFileUtils.h', ] EXPORTS.mozilla += [ @@ -135,6 +136,10 @@ UNIFIED_SOURCES += [ 'SpecialSystemDirectory.cpp', ] +SOURCES += [ + 'TorFileUtils.cpp', +] + if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': SOURCES += [ 'CocoaFileUtils.mm', diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index 81551a8e3893..9f95e5cbec2d 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -28,6 +28,8 @@ # include <sys/param.h> #endif +#include "TorFileUtils.h" + // WARNING: These hard coded names need to go away. They need to // come from localizable resources @@ -234,8 +236,14 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +// UNIX and WIN : <App Folder>/../TorBrowser-Data/Browser +// Mac : <App Folder>/../../../TorBrowser-Data/Browser OR +// ~/Library/Application Support/TorBrowser-Data/Browser +#else // UNIX and WIN : <App Folder>/TorBrowser/Data/Browser // Mac : <App Folder>/../../TorBrowser/Data/Browser +#endif //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -243,42 +251,25 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, return NS_ERROR_INVALID_ARG; } - nsresult rv; + nsresult rv = NS_ERROR_UNEXPECTED; bool exists; - nsCOMPtr<nsIFile> localDir; + nsCOMPtr<nsIFile> localDir, exeFile; - rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + nsCOMPtr<nsIProperties> directoryService( + do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv)); + NS_ENSURE_SUCCESS(rv, rv); + rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile), + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + rv = TorBrowser_GetUserDataDir(exeFile, getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - - if (didRemove) { - --levelsToRemove; - } - } - - if (!localDir) { - return NS_ERROR_FAILURE; - } - +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser")); +#else rv = localDir->AppendRelativeNativePath( - NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); +#endif NS_ENSURE_SUCCESS(rv, rv); if (aLocal) {

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 16620: Clear window.name when no referrer sent
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit b73505115f7b83ad2b863abe5fa5793362875ddc Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 30 14:28:13 2015 -0400 Bug 16620: Clear window.name when no referrer sent Convert JS implementation (within Torbutton) to a C++ browser patch. --- docshell/base/nsDocShell.cpp | 60 +++++++ docshell/test/mochitest/mochitest.ini | 3 + docshell/test/mochitest/test_tor_bug16620.html | 211 +++++++++++++++++++++++++ docshell/test/mochitest/tor_bug16620.html | 51 ++++++ docshell/test/mochitest/tor_bug16620_form.html | 51 ++++++ 5 files changed, 376 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d0aa79344605..22eb5c4556f6 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7476,11 +7476,71 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI)); } FirePageHideNotification(!mSavingOldViewer); + if (mIsBeingDestroyed) { // Force to stop the newly created orphaned viewer. viewer->Stop(); return NS_ERROR_DOCSHELL_DYING; } + + // Tor bug 16620: Clear window.name of top-level documents if + // there is no referrer. We make an exception for new windows, + // e.g., window.open(url, "MyName"). + bool isNewWindowTarget = false; + nsCOMPtr<nsIPropertyBag2> props(do_QueryInterface(aRequest, &rv)); + if (props) { + props->GetPropertyAsBool(NS_LITERAL_STRING("docshell.newWindowTarget"), + &isNewWindowTarget); + } + + if (!isNewWindowTarget) { + nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aOpenedChannel)); + nsCOMPtr<nsIURI> httpReferrer; + if (httpChannel) { + nsCOMPtr<nsIReferrerInfo> referrerInfo; + rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo)); + NS_ENSURE_SUCCESS(rv, rv); + if (referrerInfo) { + // We want GetComputedReferrer() instead of GetOriginalReferrer(), since + // the former takes into consideration referrer policy, protocol + // whitelisting... + httpReferrer = referrerInfo->GetComputedReferrer(); + } + } + + bool isTopFrame = mBrowsingContext->IsTop(); + +#ifdef DEBUG_WINDOW_NAME + printf("DOCSHELL %p CreateContentViewer - possibly clearing window.name:\n", + this); + printf(" current window.name: \"%s\"\n", + NS_ConvertUTF16toUTF8(mName).get()); + + nsAutoCString curSpec, loadingSpec; + if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec); + if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec); + printf(" current URI: %s\n", curSpec.get()); + printf(" loading URI: %s\n", loadingSpec.get()); + printf(" is top document: %s\n", isTopFrame ? "Yes" : "No"); + + if (!httpReferrer) { + printf(" referrer: None\n"); + } else { + nsAutoCString refSpec; + httpReferrer->GetSpec(refSpec); + printf(" referrer: %s\n", refSpec.get()); + } +#endif + + bool clearName = isTopFrame && !httpReferrer; + if (clearName) SetName(NS_LITERAL_STRING("")); + +#ifdef DEBUG_WINDOW_NAME + printf(" action taken: %s window.name\n", + clearName ? "Cleared" : "Preserved"); +#endif + } + mLoadingURI = nullptr; // Set mFiredUnloadEvent = false so that the unload handler for the diff --git a/docshell/test/mochitest/mochitest.ini b/docshell/test/mochitest/mochitest.ini index 25d3187711fe..663750b7fc8e 100644 --- a/docshell/test/mochitest/mochitest.ini +++ b/docshell/test/mochitest/mochitest.ini @@ -52,6 +52,8 @@ support-files = start_historyframe.html url1_historyframe.html url2_historyframe.html + tor_bug16620.html + tor_bug16620_form.html [test_anchor_scroll_after_document_open.html] [test_bfcache_plus_hash.html] @@ -115,6 +117,7 @@ support-files = file_bug675587.html [test_framedhistoryframes.html] support-files = file_framedhistoryframes.html [test_pushState_after_document_open.html] +[test_tor_bug16620.html] [test_windowedhistoryframes.html] [test_triggeringprincipal_location_seturi.html] [test_bug1507702.html] diff --git a/docshell/test/mochitest/test_tor_bug16620.html b/docshell/test/mochitest/test_tor_bug16620.html new file mode 100644 index 000000000000..46fff5a04711 --- /dev/null +++ b/docshell/test/mochitest/test_tor_bug16620.html @@ -0,0 +1,211 @@ +<!DOCTYPE HTML> +<html> + +<meta charset="utf-8"> +<head> + <title>Test for Tor Bug 16620 - Clear window.name when no referrer sent</title> + <script type="application/javascript" + src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/16620">Tor Bug 16620</a> +<script> +// ## Test constants +const kTestPath = "/tests/docshell/test/mochitest/"; +const kLinkFile = "tor_bug16620.html"; +const kFormFile = "tor_bug16620_form.html"; +const kBaseURL1 = "http://example.com"; +const kBaseURL1_https = "https://example.com"; +const kBaseURL2 = "http://example.net"; +const kSendReferrerPref = "network.http.sendRefererHeader"; +const kSendReferrerNever = 0; +const kSendReferrerForUserAction = 1; +const kSendReferrerAlways = 2; + +let gTests = [ + // Test #1: Same domain; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #2: Same domain; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #3: Same domain; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #4: Different top-level domains; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #5: Different top-level domains; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #6: Different top-level domains; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #7: https -> http transition. + { startURL: kBaseURL1_https, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: true }, + + // Test #8: Same domain, rel="noreferrer" on link. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerOnLink: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #9: Same domain, "no-referrer" meta tag in document. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #10: Like test #9, but reset window.name during unload. + // (similar to http://www.thomasfrank.se/sessvarsTestPage1.html) + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + resetInUnload: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #11: Data URL as destination (no referrer). + { startURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #12: Ensure that window.name is preserved when a dynamically loaded + // iframe is used to perform a form post (regression test for Tor bug 18168). + { startURL: kBaseURL1, + isFormTest: true, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, +]; + +let gCurTest = 0; +let gCurWinName, gChildWin, gDataURL; + +// ## Utility functions +function generateRandomName() +{ + // Generate a random 6 character string using 0-9 and a-z. + return ((1 + Math.random()).toString(36) + '000000').substr(2, 6); +} + +function startNextTest() { + ++gCurTest; + if (gCurTest > gTests.length) { + SimpleTest.finish(); + } else { + let curTest = gTests[gCurTest - 1]; + if ("referrerPref" in curTest) + SpecialPowers.setIntPref(kSendReferrerPref, curTest.referrerPref); + else + SpecialPowers.setIntPref(kSendReferrerPref, kSendReferrerForUserAction); + gCurWinName = generateRandomName(); + let url = curTest.startURL + kTestPath; + if (curTest.isFormTest === true) { + url += kFormFile + "?" + gCurWinName; + gChildWin = window.open(url, undefined); + } else { + url += kLinkFile + "?firstDocLoaded"; + gChildWin = window.open(url, gCurWinName); + } + } +} + +// ## Add a message event listener. +window.addEventListener("message", function(aEvent) { + if (aEvent.source !== gChildWin) + return; + +// console.log("parent received message:" + JSON.stringify(aEvent.data)); + + let proceedToNextTest = false; + let curTest = gTests[gCurTest - 1]; + let state = aEvent.data.state; + let winName = aEvent.data.winName; + if ("firstDocLoaded" == state) { + // Process response from step one of the link-based tests. + let step1Passed = (winName === gCurWinName); + if (!step1Passed) { + ok(step1Passed, "Test #" + gCurTest + + " - first document's name matches window.open parameter"); + proceedToNextTest = true; + } + + // Send an "openURL" message to the loaded document. + let url2 = (curTest.destURL) + ? curTest.destURL + kTestPath + kLinkFile + "?secondDocLoaded" + : gDataURL; + let noReferrerOnLink = (curTest.noReferrerOnLink === true); + let noReferrerInMetaTag = (curTest.noReferrerInMetaTag === true); + let resetInUnload = (curTest.resetInUnload === true); + aEvent.source.postMessage({ action: "openURL", url: url2, + noReferrerOnLink: noReferrerOnLink, + noReferrerInMetaTag: noReferrerInMetaTag, + resetInUnload: resetInUnload }, + "*"); + } else if ("secondDocLoaded" == state) { + // Process response from step two of the link-based tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - second document: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - second document: name was preserved"); + } + proceedToNextTest = true; + } else if ("formPostDone" == state) { + // Process response from the form post tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - iframe form post: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - iframe form post: name was preserved"); + } + proceedToNextTest = true; + + } + + if (proceedToNextTest) { + gChildWin.close(); + startNextTest(); + } + }, false); + + SimpleTest.waitForExplicitFinish(); + + if (SpecialPowers.getBoolPref("security.nocertdb")) { + // Mochitests don't simulate https correctly with "security.nocertdb" + // enabled. See https://bugs.torproject.org/18087 + ok(false, "Please disable the pref `security.nocertdb` before running this test."); + SimpleTest.finish(); + } else { + + // Read file contents, construct a data URL (used by some tests), and + // then start the first test. + let url = kTestPath + kLinkFile; + let xhr = new XMLHttpRequest(); + xhr.open("GET", url); + xhr.onload = function() { + gDataURL = "data:text/html;charset=utf-8," + + encodeURIComponent(this.responseText); + startNextTest(); + } + xhr.send(); + } +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620.html b/docshell/test/mochitest/tor_bug16620.html new file mode 100644 index 000000000000..26b8e406bbff --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Doc for Tor Bug 16620 Tests</title> +</head> +<body> +<a id="link" href="">secondDoc</a> + +<script> +// Extract test state from our query string, defaulting to +// "secondDocLoaded" to support use of this HTML content within +// a data URI (where query strings are not supported). +let state = (location.search.length > 0) ? location.search.substr(1) + : "secondDocLoaded"; + +// Notify the test driver. +opener.postMessage({ state: state, winName: window.name }, "*"); + +// Add a message event listener to process "openURL" actions. +window.addEventListener("message", function(aEvent) { + if (aEvent.data.action == "openURL") { + if (aEvent.data.noReferrerInMetaTag) { + let metaElem = document.createElement("meta"); + metaElem.name = "referrer"; + metaElem.content = "no-referrer"; + document.head.appendChild(metaElem); + } + + let linkElem = document.getElementById("link"); + linkElem.href = aEvent.data.url; + if (aEvent.data.noReferrerOnLink) + linkElem.rel = "noreferrer"; + + if (aEvent.data.resetInUnload) { + let tmpName = window.name; + window.addEventListener("unload", function() { + window.name = tmpName; + }, false); + } + + linkElem.click(); + } +}, false); +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620_form.html b/docshell/test/mochitest/tor_bug16620_form.html new file mode 100644 index 000000000000..279f62e63fab --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620_form.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Form-based Doc for Tor Bug 16620 Tests</title> +</head> +<body> + +<script> +document.addEventListener("DOMContentLoaded", function () { + addPostTarget(); +}, false); + + +function addPostTarget() +{ + let frameName = location.search.substr(1); + let form = document.getElementById("postform"); + let iframe = document.createElement("iframe"); + iframe.style.border = "1px solid red"; + iframe.src = "about:blank"; + form.target = iframe.name = iframe.id = frameName; + document.body.appendChild(iframe); + + let didSubmit = false; + iframe.onload = function() { + if (!didSubmit) { + didSubmit = true; + let submitButton = document.getElementById("submitButton"); + submitButton.click(); + } else { + // Form submission complete. Report iframe's name to test driver. + opener.postMessage({ state: "formPostDone", winName: iframe.name }, "*"); + } + }; +} + +</script> +<form name="postform" id="postform" + action="data:text/plain;charset=utf-8,Hello%20world" + method="POST" enctype="multipart/form-data"> + <input type="hidden" name="field1" value="value1"><br> + <input id="submitButton" type="submit" value="Post It"> +</body> +</html>

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit ebe4e89b54c585ed9420010189d535a9e682c524 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Apr 21 10:40:26 2016 -0400 Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp Instead of using the local computer's IP address within symlink-based profile lock signatures, always use 127.0.0.1. --- toolkit/profile/nsProfileLock.cpp | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp index 25c4f5a79e56..1942815e3446 100644 --- a/toolkit/profile/nsProfileLock.cpp +++ b/toolkit/profile/nsProfileLock.cpp @@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile, if (!mReplacedLockTime) aLockFile->GetLastModifiedTimeOfLink(&mReplacedLockTime); + // For Tor Browser, avoid a DNS lookup here so the Tor network is not + // bypassed. Instead, always use 127.0.0.1 for the IP address portion + // of the lock signature, which may cause the browser to refuse to + // start in the rare event that all of the following conditions are met: + // 1. The browser profile is on a network file system. + // 2. The file system does not support fcntl() locking. + // 3. Tor Browser is run from two different computers at the same time. + struct in_addr inaddr; inaddr.s_addr = htonl(INADDR_LOOPBACK); - char hostname[256]; - PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname); - if (status == PR_SUCCESS) { - char netdbbuf[PR_NETDB_BUF_SIZE]; - PRHostEnt hostent; - status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, &hostent); - if (status == PR_SUCCESS) memcpy(&inaddr, hostent.h_addr, sizeof inaddr); - } - mozilla::SmprintfPointer signature = mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr), aHaveFcntlLock ? "+" : "", (unsigned long)getpid());

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 3781dd6302541a716fcfa53f73026e2fedb9aa26 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jun 28 15:13:05 2016 -0400 Bug 19273: Avoid JavaScript patching of the external app helper dialog. When handling an external URI or downloading a file, invoke Torbutton's external app blocker component (which will present a download warning dialog unless the user has checked the "Automatically download files from now on" box). For e10s compatibility, avoid using a modal dialog and instead use a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton to indicate the user's desire to cancel or continue each request. Other bugs fixed: Bug 21766: Crash with e10s enabled while trying to download a file Bug 21886: Download is stalled in non-e10s mode Bug 22471: Downloading files via the PDF viewer download button is broken Bug 22472: Fix FTP downloads when external helper app dialog is shown Bug 22610: Avoid crashes when canceling external helper app downloads Bug 22618: Downloading pdf file via file:/// is stalling --- .../exthandler/nsExternalHelperAppService.cpp | 202 +++++++++++++++++---- uriloader/exthandler/nsExternalHelperAppService.h | 3 + .../exthandler/nsIExternalHelperAppService.idl | 47 +++++ 3 files changed, 217 insertions(+), 35 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 4ff7ed2e27cc..0dcc1d3ed6ab 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -132,6 +132,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] = static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] = "browser.helperApps.neverAsk.openFile"; +static const char WARNING_DIALOG_CONTRACT_ID[] = + "@torproject.org/torbutton-extAppBlocker;1"; + // Helper functions for Content-Disposition headers /** @@ -388,6 +391,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory, return NS_OK; } +static already_AddRefed<nsIInterfaceRequestor> GetDialogParentAux( + BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) { + nsCOMPtr<nsIInterfaceRequestor> dialogParent = aWindowContext; + + if (!dialogParent && aBrowsingContext) { + dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow()); + } + if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) { + RefPtr<Element> element = aBrowsingContext->Top()->GetEmbedderElement(); + if (element) { + dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); + } + } + return dialogParent.forget(); +} + /** * Structure for storing extension->type mappings. * @see defaultMimeEntries @@ -544,6 +563,111 @@ static const nsDefaultMimeTypeEntry nonDecodableExtensions[] = { {APPLICATION_COMPRESS, "z"}, {APPLICATION_GZIP, "svgz"}}; +////////////////////////////////////////////////////////////////////////////////////////////////////// +// begin nsExternalLoadURIHandler class definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// +class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher { + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER + + nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, + BrowsingContext* aBrowsingContext); + + protected: + ~nsExternalLoadURIHandler(); + + nsCOMPtr<nsIHandlerInfo> mHandlerInfo; + nsCOMPtr<nsIURI> mURI; + nsCOMPtr<nsIPrincipal> mTriggeringPrincipal; + RefPtr<BrowsingContext> mBrowsingContext; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; +}; + +NS_IMPL_ADDREF(nsExternalLoadURIHandler) +NS_IMPL_RELEASE(nsExternalLoadURIHandler) + +NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler) + NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) +NS_INTERFACE_MAP_END + +nsExternalLoadURIHandler::nsExternalLoadURIHandler( + nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext) + : mHandlerInfo(aHandlerInfo), + mURI(aURI), + mTriggeringPrincipal(aTriggeringPrincipal), + mBrowsingContext(aBrowsingContext) + +{ + nsresult rv = NS_OK; + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = + GetDialogParentAux(aBrowsingContext, nullptr); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } +} + +nsExternalLoadURIHandler::~nsExternalLoadURIHandler() {} + +NS_IMETHODIMP nsExternalLoadURIHandler::ContinueRequest() { + MOZ_ASSERT(mURI); + MOZ_ASSERT(mHandlerInfo); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + nsHandlerInfoAction preferredAction; + mHandlerInfo->GetPreferredAction(&preferredAction); + bool alwaysAsk = true; + mHandlerInfo->GetAlwaysAskBeforeHandling(&alwaysAsk); + + nsresult rv = NS_OK; + // If we are not supposed to ask, and the preferred action is to use + // a helper app or the system default, we just launch the URI. + if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || + preferredAction == nsIHandlerInfo::useSystemDefault)) { + rv = mHandlerInfo->LaunchWithURI(mURI, mBrowsingContext); + // We are not supposed to ask, but when file not found the user most likely + // uninstalled the application which handles the uri so we will continue + // by application chooser dialog. + if (rv != NS_ERROR_FILE_NOT_FOUND) { + return rv; + } + } + + nsCOMPtr<nsIContentDispatchChooser> chooser = + do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + + return chooser->Ask(mHandlerInfo, mURI, mTriggeringPrincipal, + mBrowsingContext, + nsIContentDispatchChooser::REASON_CANNOT_HANDLE); +} + +NS_IMETHODIMP nsExternalLoadURIHandler::CancelRequest(nsresult aReason) { + NS_ENSURE_ARG(NS_FAILED(aReason)); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + return NS_OK; +} + static StaticRefPtr<nsExternalHelperAppService> sExtHelperAppSvcSingleton; /** @@ -570,6 +694,9 @@ nsExternalHelperAppService::GetSingleton() { return do_AddRef(sExtHelperAppSvcSingleton); } +////////////////////////////////////////////////////////////////////////////////////////////////////// +// nsExternalHelperAppService definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// NS_IMPL_ISUPPORTS(nsExternalHelperAppService, nsIExternalHelperAppService, nsPIExternalAppLauncher, nsIExternalProtocolService, nsIMIMEService, nsIObserver, nsISupportsWeakReference) @@ -1003,30 +1130,13 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI, rv = GetProtocolHandlerInfo(scheme, getter_AddRefs(handler)); NS_ENSURE_SUCCESS(rv, rv); - nsHandlerInfoAction preferredAction; - handler->GetPreferredAction(&preferredAction); - bool alwaysAsk = true; - handler->GetAlwaysAskBeforeHandling(&alwaysAsk); - - // if we are not supposed to ask, and the preferred action is to use - // a helper app or the system default, we just launch the URI. - if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || - preferredAction == nsIHandlerInfo::useSystemDefault)) { - rv = handler->LaunchWithURI(uri, aBrowsingContext); - // We are not supposed to ask, but when file not found the user most likely - // uninstalled the application which handles the uri so we will continue - // by application chooser dialog. - if (rv != NS_ERROR_FILE_NOT_FOUND) { - return rv; - } + RefPtr<nsExternalLoadURIHandler> h = new nsExternalLoadURIHandler( + handler, uri, aTriggeringPrincipal, aBrowsingContext); + if (!h) { + return NS_ERROR_OUT_OF_MEMORY; } - nsCOMPtr<nsIContentDispatchChooser> chooser = - do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); - NS_ENSURE_SUCCESS(rv, rv); - - return chooser->Ask(handler, uri, aTriggeringPrincipal, aBrowsingContext, - nsIContentDispatchChooser::REASON_CANNOT_HANDLE); + return NS_OK; } ////////////////////////////////////////////////////////////////////////////////////////////////////// @@ -1171,6 +1281,7 @@ NS_INTERFACE_MAP_BEGIN(nsExternalAppHandler) NS_INTERFACE_MAP_ENTRY(nsIStreamListener) NS_INTERFACE_MAP_ENTRY(nsIRequestObserver) NS_INTERFACE_MAP_ENTRY(nsIHelperAppLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) NS_INTERFACE_MAP_ENTRY(nsICancelable) NS_INTERFACE_MAP_ENTRY(nsIBackgroundFileSaverObserver) NS_INTERFACE_MAP_ENTRY(nsINamed) @@ -1532,18 +1643,7 @@ void nsExternalAppHandler::MaybeApplyDecodingForExtension( already_AddRefed<nsIInterfaceRequestor> nsExternalAppHandler::GetDialogParent() { - nsCOMPtr<nsIInterfaceRequestor> dialogParent = mWindowContext; - - if (!dialogParent && mBrowsingContext) { - dialogParent = do_QueryInterface(mBrowsingContext->GetDOMWindow()); - } - if (!dialogParent && mBrowsingContext && XRE_IsParentProcess()) { - RefPtr<Element> element = mBrowsingContext->Top()->GetEmbedderElement(); - if (element) { - dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); - } - } - return dialogParent.forget(); + return GetDialogParentAux(mBrowsingContext, mWindowContext); } NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { @@ -1651,6 +1751,29 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { MOZ_ASSERT(NS_SUCCEEDED(rv)); } + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = GetDialogParent(); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } + + return NS_OK; +} + +NS_IMETHODIMP nsExternalAppHandler::ContinueRequest() { + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + // now that the temp file is set up, find out if we need to invoke a dialog // asking the user what they want us to do with this content... @@ -1736,6 +1859,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { action = nsIMIMEInfo::saveToDisk; } + nsresult rv = NS_OK; if (alwaysAsk) { // Display the dialog mDialog = do_CreateInstance(NS_HELPERAPPLAUNCHERDLG_CONTRACTID, &rv); @@ -1793,6 +1917,14 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { return NS_OK; } +NS_IMETHODIMP nsExternalAppHandler::CancelRequest(nsresult aReason) { + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + + return Cancel(aReason); +} + // Convert error info into proper message text and send OnStatusChange // notification to the dialog progress listener or nsITransfer implementation. void nsExternalAppHandler::SendStatusChange(ErrorType type, nsresult rv, @@ -2456,7 +2588,7 @@ NS_IMETHODIMP nsExternalAppHandler::Cancel(nsresult aReason) { } // Break our reference cycle with the helper app dialog (set up in - // OnStartRequest) + // ContinueRequest) mDialog = nullptr; mRequest = nullptr; diff --git a/uriloader/exthandler/nsExternalHelperAppService.h b/uriloader/exthandler/nsExternalHelperAppService.h index f2bd67f64ccd..8c2d8817ac7b 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.h +++ b/uriloader/exthandler/nsExternalHelperAppService.h @@ -203,6 +203,7 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService, */ class nsExternalAppHandler final : public nsIStreamListener, public nsIHelperAppLauncher, + public nsIHelperAppWarningLauncher, public nsIBackgroundFileSaverObserver, public nsINamed { public: @@ -210,6 +211,7 @@ class nsExternalAppHandler final : public nsIStreamListener, NS_DECL_NSISTREAMLISTENER NS_DECL_NSIREQUESTOBSERVER NS_DECL_NSIHELPERAPPLAUNCHER + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER NS_DECL_NSICANCELABLE NS_DECL_NSIBACKGROUNDFILESAVEROBSERVER NS_DECL_NSINAMED @@ -460,6 +462,7 @@ class nsExternalAppHandler final : public nsIStreamListener, nsCOMPtr<nsITransfer> mTransfer; nsCOMPtr<nsIHelperAppLauncherDialog> mDialog; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; /** diff --git a/uriloader/exthandler/nsIExternalHelperAppService.idl b/uriloader/exthandler/nsIExternalHelperAppService.idl index ea8b9b08f3e6..8b58671f7597 100644 --- a/uriloader/exthandler/nsIExternalHelperAppService.idl +++ b/uriloader/exthandler/nsIExternalHelperAppService.idl @@ -182,3 +182,50 @@ interface nsIHelperAppLauncher : nsICancelable */ readonly attribute uint64_t browsingContextId; }; + +/** + * nsIHelperAppWarningLauncher is implemented by two classes: + * nsExternalLoadURIHandler + * nsExternalAppHandler + */ +[scriptable, uuid(cffd508b-4aaf-43ad-99c6-671d35cbc558)] +interface nsIHelperAppWarningLauncher : nsISupports +{ + /** + * Callback invoked by the external app warning dialog to continue the + * request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + */ + void continueRequest(); + + /** + * Callback invoked by the external app warning dialog to cancel the request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + * + * @param aReason + * Pass a failure code to indicate the reason why this operation is + * being canceled. It is an error to pass a success code. + */ + void cancelRequest(in nsresult aReason); +}; + +/** + * nsIHelperAppWarningDialog is implemented by Torbutton's external app + * blocker (src/components/external-app-blocker.js). + */ +[scriptable, uuid(f4899a3f-0df3-42cc-9db8-bdf599e5a208)] +interface nsIHelperAppWarningDialog : nsISupports +{ + /** + * Possibly show a launch warning dialog (it will not be shown if the user + * has chosen to not see the warning again). + * + * @param aLauncher + * A nsIHelperAppWarningLauncher to be invoked after the user confirms + * or cancels the download. + * @param aWindowContext + * The window associated with the download. + */ + void maybeShow(in nsIHelperAppWarningLauncher aLauncher, + in nsISupports aWindowContext); +};

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit c942e623a80d1d07801e6dee040d7b44264d0ab3 Author: teor <teor2345(a)gmail.com> Date: Mon Mar 13 23:06:23 2017 +1100 Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. --- browser/app/Makefile.in | 2 +- browser/app/macbuild/Contents/Info.plist.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 1aec6541fc0f..6770319f1866 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -103,5 +103,5 @@ ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' endif - printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo' + printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in index f6791ea48125..95b3bc83905c 100644 --- a/browser/app/macbuild/Contents/Info.plist.in +++ b/browser/app/macbuild/Contents/Info.plist.in @@ -179,7 +179,7 @@ <key>CFBundleShortVersionString</key> <string>%APP_VERSION%</string> <key>CFBundleSignature</key> - <string>MOZB</string> + <string>TORB</string> <key>CFBundleURLTypes</key> <array> <dict>

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 19121: reinstate the update.xml hash check
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 0eda031a5b0a0205495ddd4a04a8c53baf14e760 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Apr 23 15:22:57 2018 -0400 Bug 19121: reinstate the update.xml hash check Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and hashValue attributes from nsIUpdatePatch and code related to these attributes." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. We kept the addition to the AppConstants API in case other JS code references it in the future. --- toolkit/modules/AppConstants.jsm | 7 ++++ toolkit/mozapps/update/UpdateService.jsm | 63 ++++++++++++++++++++++++++++- toolkit/mozapps/update/UpdateTelemetry.jsm | 1 + toolkit/mozapps/update/nsIUpdateService.idl | 11 +++++ 4 files changed, 81 insertions(+), 1 deletion(-) diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index cd8ca2659626..84516f0d4c66 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({ false, #endif + MOZ_VERIFY_MAR_SIGNATURE: +#ifdef MOZ_VERIFY_MAR_SIGNATURE + true, +#else + false, +#endif + MOZ_MAINTENANCE_SERVICE: #ifdef MOZ_MAINTENANCE_SERVICE true, diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 1dc86a073646..ead961ab5252 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -742,6 +742,20 @@ function LOG(string) { } } +/** + * Convert a string containing binary values to hex. + */ +function binaryToHex(input) { + var result = ""; + for (var i = 0; i < input.length; ++i) { + var hex = input.charCodeAt(i).toString(16); + if (hex.length == 1) + hex = "0" + hex; + result += hex; + } + return result; +} + /** * Gets the specified directory at the specified hierarchy under the * update root directory and creates it if it doesn't exist. @@ -1534,6 +1548,8 @@ function UpdatePatch(patch) { } break; case "finalURL": + case "hashFunction": + case "hashValue": case "state": case "type": case "URL": @@ -1553,6 +1569,8 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode", + "hashFunction", + "hashValue", "finalURL", "selected", "size", @@ -1566,6 +1584,8 @@ UpdatePatch.prototype = { */ serialize: function UpdatePatch_serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); + patch.setAttribute("hashFunction", this.hashFunction); + patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -4315,7 +4335,42 @@ Downloader.prototype = { } LOG("Downloader:_verifyDownload downloaded size == expected size."); - return true; + let fileStream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); + fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE, 0); + + let digest; + try { + let hash = Cc["@mozilla.org/security/hash;1"]. + createInstance(Ci.nsICryptoHash); + var hashFunction = Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; + if (hashFunction == undefined) { + throw Cr.NS_ERROR_UNEXPECTED; + } + hash.init(hashFunction); + hash.updateFromStream(fileStream, -1); + // NOTE: For now, we assume that the format of _patch.hashValue is hex + // encoded binary (such as what is typically output by programs like + // sha1sum). In the future, this may change to base64 depending on how + // we choose to compute these hashes. + digest = binaryToHex(hash.finish(false)); + } catch (e) { + LOG("Downloader:_verifyDownload - failed to compute hash of the " + + "downloaded update archive"); + digest = ""; + } + + fileStream.close(); + + if (digest == this._patch.hashValue.toLowerCase()) { + LOG("Downloader:_verifyDownload hashes match."); + return true; + } + + LOG("Downloader:_verifyDownload hashes do not match. "); + AUSTLMY.pingDownloadCode(this.isCompleteUpdate, + AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH); + return false; }, /** @@ -4889,6 +4944,9 @@ Downloader.prototype = { " is higher than patch size: " + this._patch.size ); + // It's important that we use a different code than + // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference + // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_LARGER @@ -4907,6 +4965,9 @@ Downloader.prototype = { " is not equal to expected patch size: " + this._patch.size ); + // It's important that we use a different code than + // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference + // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_NOT_EQUAL diff --git a/toolkit/mozapps/update/UpdateTelemetry.jsm b/toolkit/mozapps/update/UpdateTelemetry.jsm index 6f560b07cfe7..b6c71b2ef8d6 100644 --- a/toolkit/mozapps/update/UpdateTelemetry.jsm +++ b/toolkit/mozapps/update/UpdateTelemetry.jsm @@ -180,6 +180,7 @@ var AUSTLMY = { DWNLD_ERR_VERIFY_NO_REQUEST: 13, DWNLD_ERR_VERIFY_PATCH_SIZE_NOT_EQUAL: 14, DWNLD_ERR_WRITE_FAILURE: 15, + DWNLD_ERR_VERIFY_NO_HASH_MATCH: 16, // Temporary failure code to see if there are failures without an update phase DWNLD_UNKNOWN_PHASE_ERR_WRITE_FAILURE: 40, diff --git a/toolkit/mozapps/update/nsIUpdateService.idl b/toolkit/mozapps/update/nsIUpdateService.idl index 5e4cc63c3547..47bb27b17d41 100644 --- a/toolkit/mozapps/update/nsIUpdateService.idl +++ b/toolkit/mozapps/update/nsIUpdateService.idl @@ -39,6 +39,17 @@ interface nsIUpdatePatch : nsISupports */ attribute AString finalURL; + /** + * The hash function to use when determining this file's integrity + */ + attribute AString hashFunction; + + /** + * The value of the hash function named above that should be computed if + * this file is not corrupt. + */ + attribute AString hashValue; + /** * The size of this file, in bytes. */

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 16285: Exclude ClearKey system for now
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 09d1454edc04d024f54a88d9c8a0bb88dede1e6b Author: Georg Koppen <gk(a)torproject.org> Date: Mon May 22 12:44:40 2017 +0000 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. --- browser/installer/package-manifest.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 792acb870afa..53b0b7ddf731 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -465,8 +465,8 @@ bin/libfreebl_64int_3.so #endif ; media -@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ -@RESPATH@/gmp-clearkey/0.1/manifest.json +;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ +;@RESPATH@/gmp-clearkey/0.1/manifest.json #ifdef MOZ_DMD ; DMD

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 11641: change TBB directory structure to be more like Firefox's
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit fb444c8d1333fd9620383f740b764a7950728031 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Apr 29 13:08:24 2014 -0400 Bug 11641: change TBB directory structure to be more like Firefox's Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. --- toolkit/xre/nsAppRunner.cpp | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 9854332f6917..69006b49250e 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1429,8 +1429,10 @@ static void DumpHelp() { " --migration Start with migration wizard.\n" " --ProfileManager Start with ProfileManager.\n" #ifdef MOZ_HAS_REMOTE - " --no-remote Do not accept or send remote commands; implies\n" + " --no-remote (default) Do not accept or send remote commands; " + "implies\n" " --new-instance.\n" + " --allow-remote Accept and send remote commands.\n" " --new-instance Open new instance, not a new window in running " "instance.\n" #endif @@ -3543,16 +3545,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { gSafeMode); #if defined(MOZ_HAS_REMOTE) + // In Tor Browser, remoting is disabled by default unless -osint is used. + bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND); + bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND); + if (!allowRemote && !isOsint) { + SaveToEnv("MOZ_NO_REMOTE=1"); + } // Handle --no-remote and --new-instance command line arguments. Setup // the environment to better accommodate other components and various // restart scenarios. ar = CheckArg("no-remote"); - if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) { + if ((ar == ARG_FOUND) && allowRemote) { + PR_fprintf(PR_STDERR, + "Error: argument --no-remote is invalid when argument " + "--allow-remote is specified\n"); + return 1; + } + if (EnvHasValue("MOZ_NO_REMOTE")) { mDisableRemoteClient = true; mDisableRemoteServer = true; - if (!EnvHasValue("MOZ_NO_REMOTE")) { - SaveToEnv("MOZ_NO_REMOTE=1"); - } } ar = CheckArg("new-instance");

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 18821: Disable libmdns for Android and Desktop
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 8e9e8f55c88d55f217cc80edcb5400318a158113 Author: Georg Koppen <gk(a)torproject.org> Date: Wed Apr 20 14:34:50 2016 +0000 Bug 18821: Disable libmdns for Android and Desktop There should be no need to remove the OS X support introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this is governed by a preference (which is actually set to `false`). However, we remove it at build time as well (defense in depth). This is basically a backout of the relevant passages of https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d, https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd. Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses) as well. --- dom/presentation/provider/components.conf | 10 ---------- dom/presentation/provider/moz.build | 1 - netwerk/dns/mdns/libmdns/components.conf | 15 --------------- netwerk/dns/mdns/libmdns/moz.build | 28 ---------------------------- 4 files changed, 54 deletions(-) diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf index 04cb28ec757e..56994ed7cd94 100644 --- a/dom/presentation/provider/components.conf +++ b/dom/presentation/provider/components.conf @@ -6,9 +6,6 @@ categories = {} -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'): - categories["presentation-device-provider"] = "MulticastDNSDeviceProvider" - Classes = [ { 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}', @@ -16,11 +13,4 @@ Classes = [ 'jsm': 'resource://gre/modules/PresentationControlService.jsm', 'constructor': 'PresentationControlService', }, - { - 'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}', - 'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'], - 'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider', - 'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'], - 'categories': categories, - }, ] diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build index eaea61af415a..d97b75ddbcf9 100644 --- a/dom/presentation/provider/moz.build +++ b/dom/presentation/provider/moz.build @@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [ UNIFIED_SOURCES += [ 'DeviceProviderHelpers.cpp', - 'MulticastDNSDeviceProvider.cpp', ] XPCOM_MANIFESTS += [ diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf index 6e64140c820e..1b50dbf673a4 100644 --- a/netwerk/dns/mdns/libmdns/components.conf +++ b/netwerk/dns/mdns/libmdns/components.conf @@ -5,20 +5,5 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. Classes = [ - { - 'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'], - 'type': 'mozilla::net::nsDNSServiceInfo', - 'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'], - }, ] -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa': - Classes += [ - { - 'cid': '{f9346d98-f27a-4e89-b744-493843416480}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'], - 'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm', - 'constructor': 'nsDNSServiceDiscovery', - }, - ] diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build index 05dc75eb9eda..a6fc1a8a559a 100644 --- a/netwerk/dns/mdns/libmdns/moz.build +++ b/netwerk/dns/mdns/libmdns/moz.build @@ -4,34 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': - UNIFIED_SOURCES += [ - 'MDNSResponderOperator.cpp', - 'MDNSResponderReply.cpp', - 'nsDNSServiceDiscovery.cpp', - ] - - LOCAL_INCLUDES += [ - '/netwerk/base', - ] - -else: - EXTRA_JS_MODULES += [ - 'DNSServiceDiscovery.jsm', - 'fallback/DataReader.jsm', - 'fallback/DataWriter.jsm', - 'fallback/DNSPacket.jsm', - 'fallback/DNSRecord.jsm', - 'fallback/DNSResourceRecord.jsm', - 'fallback/DNSTypes.jsm', - 'fallback/MulticastDNS.jsm', - ] - - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': - EXTRA_JS_MODULES += [ - 'MulticastDNSAndroid.jsm', - ] - UNIFIED_SOURCES += [ 'nsDNSServiceInfo.cpp', ]

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 16940: After update, load local change notes.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 24584d3c52d21f9d9975d39cfede4b1b177e52bb Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Nov 25 11:36:20 2015 -0500 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. --- browser/actors/AboutTBUpdateChild.jsm | 53 ++++++++ browser/actors/moz.build | 5 + .../base/content/abouttbupdate/aboutTBUpdate.css | 74 ++++++++++++ .../base/content/abouttbupdate/aboutTBUpdate.js | 10 ++ .../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 ++++++ browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js | 4 + browser/base/jar.mn | 5 + browser/components/BrowserContentHandler.jsm | 55 ++++++--- browser/components/BrowserGlue.jsm | 25 ++++ browser/components/about/AboutRedirector.cpp | 6 + browser/components/about/components.conf | 3 + browser/components/moz.build | 5 +- .../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++ browser/locales/jar.mn | 3 + browser/modules/AboutTBUpdate.jsm | 134 +++++++++++++++++++++ browser/modules/moz.build | 5 + 17 files changed, 420 insertions(+), 16 deletions(-) diff --git a/browser/actors/AboutTBUpdateChild.jsm b/browser/actors/AboutTBUpdateChild.jsm new file mode 100644 index 000000000000..91bb4dbba888 --- /dev/null +++ b/browser/actors/AboutTBUpdateChild.jsm @@ -0,0 +1,53 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"]; + +const {ActorChild} = ChromeUtils.import("resource://gre/modules/ActorChild.jsm"); + +class AboutTBUpdateChild extends ActorChild { + receiveMessage(aMessage) { + if (aMessage.name == "AboutTBUpdate:Update") + this.onUpdate(aMessage.data); + } + + handleEvent(aEvent) { + switch (aEvent.type) { + case "AboutTBUpdateLoad": + this.onPageLoad(); + break; + case "pagehide": + this.onPageHide(aEvent); + break; + } + } + + // aData may contain the following string properties: + // version + // releaseDate + // moreInfoURL + // releaseNotes + onUpdate(aData) { + let doc = this.content.document; + doc.getElementById("version-content").textContent = aData.version; + if (aData.releaseDate) { + doc.body.setAttribute("havereleasedate", "true"); + doc.getElementById("releasedate-content").textContent = aData.releaseDate; + } + if (aData.moreInfoURL) + doc.getElementById("infolink").setAttribute("href", aData.moreInfoURL); + doc.getElementById("releasenotes-content").textContent = aData.releaseNotes; + } + + onPageLoad() { + this.mm.sendAsyncMessage("AboutTBUpdate:RequestUpdate"); + } + + onPageHide(aEvent) { + if (aEvent.target.defaultView.frameElement) { + return; + } + } +} diff --git a/browser/actors/moz.build b/browser/actors/moz.build index 4b903146699e..e70f0f09fe3a 100644 --- a/browser/actors/moz.build +++ b/browser/actors/moz.build @@ -74,3 +74,8 @@ FINAL_TARGET_FILES.actors += [ 'WebRTCChild.jsm', 'WebRTCParent.jsm', ] + +if CONFIG['TOR_BROWSER_UPDATE']: + FINAL_TARGET_FILES.actors += [ + 'AboutTBUpdateChild.jsm', + ] diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css b/browser/base/content/abouttbupdate/aboutTBUpdate.css new file mode 100644 index 000000000000..7c1a34b77f17 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2019, The Tor Project, Inc. + * See LICENSE for licensing information. + * + * vim: set sw=2 sts=2 ts=8 et syntax=css: + */ + +:root { + --abouttor-text-color: white; + --abouttor-bg-toron-color: #420C5D; +} + +body { + font-family: Helvetica, Arial, sans-serif; + color: var(--abouttor-text-color); + background-color: var(--abouttor-bg-toron-color); + background-attachment: fixed; + background-size: 100% 100%; +} + +a { + color: var(--abouttor-text-color); +} + +.two-column-grid { + display: inline-grid; + grid-template-columns: auto auto; + grid-column-gap: 50px; + margin: 10px 0px 0px 50px; +} + +.two-column-grid div { + margin-top: 40px; + align-self: baseline; /* Align baseline of text across the row. */ +} + +.label-column { + font-size: 14px; + font-weight: 400; +} + +/* + * Use a reduced top margin to bring the row that contains the + * "visit our website" link closer to the row that precedes it. This + * looks better because the "visit our website" row does not have a + * label in the left column. + */ +div.more-info-row { + margin-top: 5px; + font-size: 14px; +} + +#version-content { + font-size: 50px; + font-weight: 300; +} + +body:not([havereleasedate]) .release-date-cell { + display: none; +} + +#releasedate-content { + font-size: 17px; +} + +#releasenotes-label { + align-self: start; /* Anchor "Release Notes" label at the top. */ +} + +#releasenotes-content { + font-family: monospace; + font-size: 15px; + white-space: pre; +} diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.js b/browser/base/content/abouttbupdate/aboutTBUpdate.js new file mode 100644 index 000000000000..da7553f0ae81 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.js @@ -0,0 +1,10 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + + +addEventListener("load", () => { + let event = new CustomEvent("AboutTBUpdateLoad", { bubbles: true }); + document.dispatchEvent(event); +}); diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml new file mode 100644 index 000000000000..8489cfef5083 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!DOCTYPE html [ + <!ENTITY % htmlDTD + PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "DTD/xhtml1-strict.dtd"> + %htmlDTD; + <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd"> + %globalDTD; + <!ENTITY % tbUpdateDTD SYSTEM "chrome://browser/locale/aboutTBUpdate.dtd"> + %tbUpdateDTD; +]> + +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> + <meta http-equiv="Content-Security-Policy" content="default-src chrome:; object-src 'none'" /> + <title>&aboutTBUpdate.changelogTitle;</title> + <link rel="stylesheet" type="text/css" + href="chrome://browser/content/abouttbupdate/aboutTBUpdate.css"/> + <script src="chrome://browser/content/abouttbupdate/aboutTBUpdate.js" + type="text/javascript"/> +</head> +<body dir="&locale.dir;"> +<div class="two-column-grid"> + <div class="label-column">&aboutTBUpdate.version;</div> + <div id="version-content"/> + + <div class="label-column release-date-cell">&aboutTBUpdate.releaseDate;</div> + <div id="releasedate-content" class="release-date-cell"/> + + <div class="more-info-row"/> + <div class="more-info-row">&aboutTBUpdate.linkPrefix;<a id="infolink">&aboutTBUpdate.linkLabel;</a>&aboutTBUpdate.linkSuffix;</div> + + <div id="releasenotes-label" + class="label-column">&aboutTBUpdate.releaseNotes;</div> + <div id="releasenotes-content"></div> +</div> +</body> +</html> diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 29f95ae4129f..1d6f9555b33f 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -57,7 +57,7 @@ var gIdentityHandler = { * RegExp used to decide if an about url should be shown as being part of * the browser UI. */ - _secureInternalUIWhitelist: /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback)(?:[?#]|$)/i, + _secureInternalUIWhitelist: (AppConstants.TOR_BROWSER_UPDATE ? /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|tbupdate)(?:[?#]|$)/i : /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor)(?:[?#]|$)/i), /** * Whether the established HTTPS connection is considered "broken". diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 3c342dedd5d4..036d92e131da 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -631,6 +631,10 @@ var gInitialPages = [ "about:newinstall", ]; +if (AppConstants.TOR_BROWSER_UPDATE) { + gInitialPages.push("about:tbupdate"); +} + function isInitialPage(url) { if (!(url instanceof Ci.nsIURI)) { try { diff --git a/browser/base/jar.mn b/browser/base/jar.mn index a2e1f9c259d2..df65349796b5 100644 --- a/browser/base/jar.mn +++ b/browser/base/jar.mn @@ -29,6 +29,11 @@ browser.jar: content/browser/aboutTabCrashed.css (content/aboutTabCrashed.css) content/browser/aboutTabCrashed.js (content/aboutTabCrashed.js) content/browser/aboutTabCrashed.xhtml (content/aboutTabCrashed.xhtml) +#ifdef TOR_BROWSER_UPDATE + content/browser/abouttbupdate/aboutTBUpdate.xhtml (content/abouttbupdate/aboutTBUpdate.xhtml) + content/browser/abouttbupdate/aboutTBUpdate.js (content/abouttbupdate/aboutTBUpdate.js) + content/browser/abouttbupdate/aboutTBUpdate.css (content/abouttbupdate/aboutTBUpdate.css) +#endif * content/browser/browser.css (content/browser.css) content/browser/browser.js (content/browser.js) * content/browser/browser.xhtml (content/browser.xhtml) diff --git a/browser/components/BrowserContentHandler.jsm b/browser/components/BrowserContentHandler.jsm index 9f5b6ab0218c..1cc1015414fc 100644 --- a/browser/components/BrowserContentHandler.jsm +++ b/browser/components/BrowserContentHandler.jsm @@ -650,6 +650,23 @@ nsBrowserContentHandler.prototype = { } } + // Retrieve the home page early so we can compare it against about:tor + // to decide whether or not we need an override page (second tab) after + // an update was applied. + var startPage = ""; + try { + var choice = prefb.getIntPref("browser.startup.page"); + if (choice == 1 || choice == 3) { + startPage = HomePage.get(); + } + } catch (e) { + Cu.reportError(e); + } + + if (startPage == "about:blank") { + startPage = ""; + } + var override; var overridePage = ""; var additionalPage = ""; @@ -701,6 +718,16 @@ nsBrowserContentHandler.prototype = { // into account because that requires waiting for the session file // to be read. If a crash occurs after updating, before restarting, // we may open the startPage in addition to restoring the session. + // + // Tor Browser: Instead of opening the post-update "override page" + // directly, we ensure that about:tor will be opened in a special + // mode that notifies the user that their browser was updated. + // The about:tor page will provide a link to the override page + // where the user can learn more about the update, as well as a + // link to the Tor Browser changelog page (about:tbupdate). The + // override page URL comes from the openURL attribute within the + // updates.xml file or, if no showURL action is present, from the + // startup.homepage_override_url pref. willRestoreSession = SessionStartup.isAutomaticRestoreEnabled(); overridePage = Services.urlFormatter.formatURLPref( @@ -720,6 +747,20 @@ nsBrowserContentHandler.prototype = { overridePage = overridePage.replace("%OLD_VERSION%", old_mstone); overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%", old_tbversion); +#ifdef TOR_BROWSER_UPDATE + if (overridePage) + { + prefb.setCharPref("torbrowser.post_update.url", overridePage); + prefb.setBoolPref("torbrowser.post_update.shouldNotify", true); + // If the user's homepage is about:tor, we will inform them + // about the update on that page; otherwise, we arrange to + // open about:tor in a secondary tab. + if (startPage === "about:tor") + overridePage = ""; + else + overridePage = "about:tor"; + } +#endif break; case OVERRIDE_NEW_BUILD_ID: if (UpdateManager.activeUpdate) { @@ -792,20 +833,6 @@ nsBrowserContentHandler.prototype = { } } - var startPage = ""; - try { - var choice = prefb.getIntPref("browser.startup.page"); - if (choice == 1 || choice == 3) { - startPage = HomePage.get(); - } - } catch (e) { - Cu.reportError(e); - } - - if (startPage == "about:blank") { - startPage = ""; - } - let skipStartPage = (override == OVERRIDE_NEW_PROFILE || override == OVERRIDE_ALTERNATE_PROFILE) && diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 0a3555f26432..3b7d8d6e0309 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -560,6 +560,22 @@ let LEGACY_ACTORS = { }, }; +if (AppConstants.TOR_BROWSER_UPDATE) { + LEGACY_ACTORS["AboutTBUpdate"] = { + child: { + module: "resource:///actors/AboutTBUpdateChild.jsm", + events: { + "AboutTBUpdateLoad": {wantUntrusted: true}, + "pagehide": {capture: true}, + }, + matches: ["about:tbupdate"], + messages: [ + "AboutTBUpdate:Update", + ], + } + }; +} + (function earlyBlankFirstPaint() { if ( AppConstants.platform == "macosx" || @@ -747,6 +763,11 @@ if (AppConstants.MOZ_CRASHREPORTER) { }); } +if (AppConstants.TOR_BROWSER_UPDATE) { + XPCOMUtils.defineLazyModuleGetter(this, "AboutTBUpdate", + "resource:///modules/AboutTBUpdate.jsm"); +} + XPCOMUtils.defineLazyGetter(this, "gBrandBundle", function() { return Services.strings.createBundle( "chrome://branding/locale/brand.properties" @@ -2200,6 +2221,10 @@ BrowserGlue.prototype = { AsanReporter.init(); } + if (AppConstants.TOR_BROWSER_UPDATE) { + AboutTBUpdate.init(); + } + Sanitizer.onStartup(); this._scheduleStartupIdleTasks(); this._lateTasksIdleObserver = (idleService, topic, data) => { diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 1471e10bf0db..933d519bd959 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -120,6 +120,12 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, {"pioneer", "chrome://browser/content/pioneer.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, +#ifdef TOR_BROWSER_UPDATE + {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, +#endif }; static nsAutoCString GetAboutModuleName(nsIURI* aURI) { diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index bf0c6c096847..f31159d30e15 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -32,6 +32,9 @@ pages = [ 'welcomeback', ] +if defined('TOR_BROWSER_UPDATE'): + pages.append('tbupdate') + Classes = [ { 'cid': '{7e4bb6ad-2fc4-4dc6-89ef-23e8e5ccf980}', diff --git a/browser/components/moz.build b/browser/components/moz.build index c75c10b0c92d..cf3f566eba71 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -90,11 +90,14 @@ EXTRA_COMPONENTS += [ ] EXTRA_JS_MODULES += [ - 'BrowserContentHandler.jsm', 'BrowserGlue.jsm', 'distribution.js', ] +EXTRA_PP_JS_MODULES += [ + 'BrowserContentHandler.jsm', +] + BROWSER_CHROME_MANIFESTS += [ 'safebrowsing/content/test/browser.ini', 'tests/browser/browser.ini', diff --git a/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd new file mode 100644 index 000000000000..2d1e59b40eaf --- /dev/null +++ b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd @@ -0,0 +1,8 @@ +<!ENTITY aboutTBUpdate.changelogTitle "Tor Browser Changelog"> +<!ENTITY aboutTBUpdate.updated "Tor Browser has been updated."> +<!ENTITY aboutTBUpdate.linkPrefix "For the most up-to-date information about this release, "> +<!ENTITY aboutTBUpdate.linkLabel "visit our website"> +<!ENTITY aboutTBUpdate.linkSuffix "."> +<!ENTITY aboutTBUpdate.version "Version"> +<!ENTITY aboutTBUpdate.releaseDate "Release Date"> +<!ENTITY aboutTBUpdate.releaseNotes "Release Notes"> diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index ca892a187adf..31e2d3d870e6 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -20,6 +20,9 @@ locale/browser/accounts.properties (%chrome/browser/accounts.properties) locale/browser/app-extension-fields.properties (%chrome/browser/app-extension-fields.properties) +#ifdef TOR_BROWSER_UPDATE + locale/browser/aboutTBUpdate.dtd (%chrome/browser/aboutTBUpdate.dtd) +#endif locale/browser/browser.dtd (%chrome/browser/browser.dtd) locale/browser/baseMenuOverlay.dtd (%chrome/browser/baseMenuOverlay.dtd) locale/browser/browser.properties (%chrome/browser/browser.properties) diff --git a/browser/modules/AboutTBUpdate.jsm b/browser/modules/AboutTBUpdate.jsm new file mode 100644 index 000000000000..996e2e8394aa --- /dev/null +++ b/browser/modules/AboutTBUpdate.jsm @@ -0,0 +1,134 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +"use strict"; + +var Cc = Components.classes; +var Ci = Components.interfaces; +var Cu = Components.utils; + +this.EXPORTED_SYMBOLS = [ "AboutTBUpdate" ]; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/NetUtil.jsm"); + +const kRequestUpdateMessageName = "AboutTBUpdate:RequestUpdate"; +const kSendUpdateMessageName = "AboutTBUpdate:Update"; + +#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION_QUOTED__; + +/** + * This code provides services to the about:tbupdate page. Whenever + * about:tbupdate needs to do something chrome-privileged, it sends a + * message that's handled here. It is modeled after Mozilla's about:home + * implementation. + */ +var AboutTBUpdate = { + init: function() { + Services.mm.addMessageListener(kRequestUpdateMessageName, this); + }, + + receiveMessage: function(aMessage) { + if (aMessage.name == kRequestUpdateMessageName) + this.sendAboutTBUpdateData(aMessage.target); + }, + + sendAboutTBUpdateData: function(aTarget) { + let data = this.releaseNoteInfo; + data.moreInfoURL = this.moreInfoURL; + if (aTarget && aTarget.messageManager) { + aTarget.messageManager.sendAsyncMessage(kSendUpdateMessageName, data); + } else { + Services.mm.broadcastAsyncMessage(kSendUpdateMessageName, data); + } + }, + + get moreInfoURL() { + try { + return Services.prefs.getCharPref("torbrowser.post_update.url"); + } catch (e) {} + + // Use the default URL as a fallback. + return Services.urlFormatter.formatURLPref("startup.homepage_override_url"); + }, + + // Read the text from the beginning of the changelog file that is located + // at TorBrowser/Docs/ChangeLog.txt and return an object that contains + // the following properties: + // version e.g., Tor Browser 8.5 + // releaseDate e.g., March 31 2019 + // releaseNotes details of changes (lines 2 - end of ChangeLog.txt) + // We attempt to parse the first line of ChangeLog.txt to extract the + // version and releaseDate. If parsing fails, we return the entire first + // line in version and omit releaseDate. + // + // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir + // to support Gatekeeper signing, the ChangeLog.txt file is located in + // TorBrowser.app/Contents/Resources/TorBrowser/Docs/. + get releaseNoteInfo() { + let info = {}; + + try { +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + // "XREExeF".parent is the directory that contains firefox, i.e., + // Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/. + let f = Services.dirsvc.get("XREExeF", Ci.nsIFile).parent; +#ifdef XP_MACOSX + f = f.parent; + f.append("Resources"); +#endif + f.append("TorBrowser"); +#else + // "DefProfRt" is .../TorBrowser/Data/Browser + let f = Cc["@mozilla.org/file/directory_service;1"] + .getService(Ci.nsIProperties).get("DefProfRt", Ci.nsIFile); + f = f.parent.parent; // Remove "Data/Browser" +#endif + f.append("Docs"); + f.append("ChangeLog.txt"); + + let fs = Cc["@mozilla.org/network/file-input-stream;1"] + .createInstance(Ci.nsIFileInputStream); + fs.init(f, -1, 0, 0); + let s = NetUtil.readInputStreamToString(fs, fs.available()); + fs.close(); + + // Truncate at the first empty line. + s = s.replace(/[\r\n][\r\n][\s\S]*$/m, ""); + + // Split into first line (version plus releaseDate) and + // remainder (releaseNotes). + // This first match() uses multiline mode with two capture groups: + // first line: (.*$) + // remaining lines: ([\s\S]+) + // [\s\S] matches all characters including end of line. This trick + // is needed because when using JavaScript regex in multiline mode, + // . does not match an end of line character. + let matchArray = s.match(/(.*$)\s*([\s\S]+)/m); + if (matchArray && (matchArray.length == 3)) { + info.releaseNotes = matchArray[2]; + let line1 = matchArray[1]; + // Extract the version and releaseDate. The first line looks like: + // Tor Browser 8.5 -- May 1 2019 + // The regex uses two capture groups: + // text that does not include a hyphen: (^[^-]*) + // remaining text: (.*$) + // In between we match optional whitespace, one or more hyphens, and + // optional whitespace by using: \s*-+\s* + matchArray = line1.match(/(^[^-]*)\s*-+\s*(.*$)/); + if (matchArray && (matchArray.length == 3)) { + info.version = matchArray[1]; + info.releaseDate = matchArray[2]; + } else { + info.version = line1; // Match failed: return entire line in version. + } + } else { + info.releaseNotes = s; // Only one line: use as releaseNotes. + } + } catch (e) {} + + return info; + }, +}; diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 88f2a55d6f49..61fe5371e48f 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -160,6 +160,11 @@ EXTRA_JS_MODULES += [ 'ZoomUI.jsm', ] +if CONFIG['TOR_BROWSER_UPDATE']: + EXTRA_PP_JS_MODULES += [ + 'AboutTBUpdate.jsm', + ] + if CONFIG['MOZ_ASAN_REPORTER']: EXTRA_JS_MODULES += [ 'AsanReporter.jsm',

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 13379: Sign our MAR files.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 74d5c0b944548119c6c2f35e23cdaf0bcfb199f4 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Dec 17 16:37:11 2014 -0500 Bug 13379: Sign our MAR files. Configure with --enable-verify-mar (when updating, require a valid signature on the MAR file before it is applied). Use the Tor Browser version instead of the Firefox version inside the MAR file info block (necessary to prevent downgrade attacks). Use NSS on all platforms for checking MAR signatures (instead of using OS-native APIs, which Mozilla does on Mac OS and Windows). So that the NSS and NSPR libraries the updater depends on can be found at runtime, we add the firefox directory to the shared library search path on macOS. On Linux, rpath is used by Mozilla to solve that problem, but that approach won't work on macOS because the updater executable is copied during the update process to a location that is under TorBrowser-Data, and the location of TorBrowser-Data varies. Also includes the fix for bug 18900. --- .mozconfig | 1 + .mozconfig-asan | 1 + .mozconfig-mac | 1 + .mozconfig-mingw | 1 + modules/libmar/tool/mar.c | 6 +-- modules/libmar/tool/moz.build | 12 ++++-- modules/libmar/verify/moz.build | 14 +++--- .../mozapps/update/updater/updater-common.build | 24 +++++++++-- toolkit/mozapps/update/updater/updater.cpp | 25 +++++++---- toolkit/xre/moz.build | 3 ++ toolkit/xre/nsUpdateDriver.cpp | 50 ++++++++++++++++++++++ 11 files changed, 113 insertions(+), 25 deletions(-) diff --git a/.mozconfig b/.mozconfig index 18cd1f9b6487..c50c57d410de 100755 --- a/.mozconfig +++ b/.mozconfig @@ -37,3 +37,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING= ac_add_options --disable-tor-launcher ac_add_options --with-tor-browser-version=dev-build ac_add_options --disable-tor-browser-update +ac_add_options --enable-verify-mar diff --git a/.mozconfig-asan b/.mozconfig-asan index 98ea6ac6f3fe..8bee813bfee8 100644 --- a/.mozconfig-asan +++ b/.mozconfig-asan @@ -30,6 +30,7 @@ ac_add_options --enable-official-branding ac_add_options --enable-default-toolkit=cairo-gtk3 ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-strip ac_add_options --disable-install-strip diff --git a/.mozconfig-mac b/.mozconfig-mac index 26e2b6b92fdb..5b4624ef1f67 100644 --- a/.mozconfig-mac +++ b/.mozconfig-mac @@ -43,6 +43,7 @@ ac_add_options --disable-debug ac_add_options --enable-tor-browser-data-outside-app-dir ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-crashreporter ac_add_options --disable-webrtc diff --git a/.mozconfig-mingw b/.mozconfig-mingw index 3ec6ff18a3e9..ce6ace1dad67 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -15,6 +15,7 @@ ac_add_options --enable-strip ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-bits-download # Let's make sure no preference is enabling either Adobe's or Google's CDM. diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 0bf2cb4bd1d4..ea2b79924914 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -65,7 +65,7 @@ static void print_usage() { "signed_input_archive.mar base_64_encoded_signature_file " "changed_signed_output.mar\n"); printf("(i) is the index of the certificate to extract\n"); -# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) +# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) printf("Verify a MAR file:\n"); printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); printf( @@ -149,7 +149,7 @@ int main(int argc, char** argv) { memset((void*)certBuffers, 0, sizeof(certBuffers)); #endif #if !defined(NO_SIGN_VERIFY) && \ - ((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)) + (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) memset(DERFilePaths, 0, sizeof(DERFilePaths)); memset(fileSizes, 0, sizeof(fileSizes)); #endif @@ -181,7 +181,7 @@ int main(int argc, char** argv) { argc -= 2; } #if !defined(NO_SIGN_VERIFY) -# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX) +# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) /* -D DERFilePath, also matches -D[index] DERFilePath We allow an index for verifying to be symmetric with the import and export command line arguments. */ diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build index 19653fb0b073..8953af0bb15c 100644 --- a/modules/libmar/tool/moz.build +++ b/modules/libmar/tool/moz.build @@ -35,15 +35,21 @@ if CONFIG['MOZ_BUILD_APP'] != 'tools/update-packaging': 'verifymar', ] + if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['MAR_NSS'] = True + if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True OS_LIBS += [ 'ws2_32', - 'crypt32', - 'advapi32', ] - elif CONFIG['OS_ARCH'] == 'Darwin': + if not CONFIG['TOR_BROWSER_UPDATE']: + OS_LIBS += [ + 'crypt32', + 'advapi32', + ] + elif CONFIG['OS_ARCH'] == 'Darwin' and not CONFIG['TOR_BROWSER_UPDATE']: OS_LIBS += [ '-framework Security', ] diff --git a/modules/libmar/verify/moz.build b/modules/libmar/verify/moz.build index 9f7dc56f8f8a..e1c6ced31c37 100644 --- a/modules/libmar/verify/moz.build +++ b/modules/libmar/verify/moz.build @@ -16,15 +16,12 @@ FORCE_STATIC_LIB = True if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True elif CONFIG['OS_ARCH'] == 'Darwin': - UNIFIED_SOURCES += [ - 'MacVerifyCrypto.cpp', - ] - OS_LIBS += [ - '-framework Security', + USE_LIBS += [ + 'nspr', + 'nss', + 'signmar', ] else: - DEFINES['MAR_NSS'] = True - LOCAL_INCLUDES += ['../sign'] USE_LIBS += [ 'nspr', 'nss', @@ -38,6 +35,9 @@ else: '-Wl,-rpath=\\$$ORIGIN', ] +DEFINES['MAR_NSS'] = True +LOCAL_INCLUDES += ['../sign'] + LOCAL_INCLUDES += [ '../src', ] diff --git a/toolkit/mozapps/update/updater/updater-common.build b/toolkit/mozapps/update/updater/updater-common.build index 5898e92d465d..9f8365df8ade 100644 --- a/toolkit/mozapps/update/updater/updater-common.build +++ b/toolkit/mozapps/update/updater/updater-common.build @@ -4,6 +4,10 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +DEFINES['MAR_NSS'] = True + +link_with_nss = DEFINES['MAR_NSS'] or (CONFIG['OS_ARCH'] == 'Linux' and CONFIG['MOZ_VERIFY_MAR_SIGNATURE']) + srcs = [ 'archivereader.cpp', 'updater.cpp', @@ -36,10 +40,14 @@ if CONFIG['OS_ARCH'] == 'WINNT': 'ws2_32', 'shell32', 'shlwapi', - 'crypt32', - 'advapi32', ] + if not link_with_nss: + OS_LIBS += [ + 'crypt32', + 'advapi32', + ] + USE_LIBS += [ 'bspatch', 'mar', @@ -47,6 +55,13 @@ USE_LIBS += [ 'xz-embedded', ] +if link_with_nss: + USE_LIBS += [ + 'nspr', + 'nss', + 'signmar', + ] + if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'gtk': have_progressui = 1 srcs += [ @@ -61,9 +76,12 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': ] OS_LIBS += [ '-framework Cocoa', - '-framework Security', '-framework SystemConfiguration', ] + if not link_with_nss: + OS_LIBS += [ + '-framework Security', + ] UNIFIED_SOURCES += [ '/toolkit/xre/updaterfileutils_osx.mm', ] diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 9a95c3b17761..aaec0b38dda0 100644 --- a/toolkit/mozapps/update/updater/updater.cpp +++ b/toolkit/mozapps/update/updater/updater.cpp @@ -106,9 +106,11 @@ struct UpdateServerThreadArgs { # define USE_EXECV #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX) -# include "nss.h" -# include "prerror.h" +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX)) +# include "nss.h" +# include "prerror.h" +# endif #endif #include "crctable.h" @@ -2738,8 +2740,13 @@ static void UpdateThreadFunc(void* param) { if (ReadMARChannelIDs(updateSettingsPath, &MARStrings) != OK) { rv = UPDATE_SETTINGS_FILE_CHANNEL; } else { +# ifdef TOR_BROWSER_UPDATE + const char* appVersion = TOR_BROWSER_VERSION_QUOTED; +# else + const char* appVersion = MOZ_APP_VERSION; +# endif rv = gArchiveReader.VerifyProductInformation(MARStrings.MARChannelID, - MOZ_APP_VERSION); + appVersion); } } } @@ -2940,11 +2947,10 @@ int NS_main(int argc, NS_tchar** argv) { } #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX) - // On Windows and Mac we rely on native APIs to do verifications so we don't - // need to initialize NSS at all there. - // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS - // databases. +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX)) + // If using NSS for signature verification, initialize NSS but minimize + // the portion we depend on by avoiding all of the NSS databases. if (NSS_NoDB_Init(nullptr) != SECSuccess) { PRErrorCode error = PR_GetError(); fprintf(stderr, "Could not initialize NSS: %s (%d)", PR_ErrorToName(error), @@ -2952,6 +2958,7 @@ int NS_main(int argc, NS_tchar** argv) { _exit(1); } #endif +#endif #ifdef XP_MACOSX if (!isElevated) { diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build index 7ba3be2fe241..6afab145c2b6 100644 --- a/toolkit/xre/moz.build +++ b/toolkit/xre/moz.build @@ -214,6 +214,9 @@ for var in ('APP_VERSION', 'APP_ID'): if CONFIG['MOZ_BUILD_APP'] == 'browser': DEFINES['MOZ_BUILD_APP_IS_BROWSER'] = True +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['MAR_NSS'] = True + LOCAL_INCLUDES += [ '../../other-licenses/nsis/Contrib/CityHash/cityhash', '../components/find', diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp index 55d1982504ed..1cbee302719f 100644 --- a/toolkit/xre/nsUpdateDriver.cpp +++ b/toolkit/xre/nsUpdateDriver.cpp @@ -360,6 +360,42 @@ static nsresult GetUpdateDirFromAppDir(nsIFile* aAppDir, nsIFile** aResult) { # endif #endif +#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \ + defined(MAR_NSS) && defined(XP_MACOSX) +/** + * Ideally we would save and restore the original library path value after + * the updater finishes its work (and before firefox is re-launched). + * Doing so would avoid potential problems like the following bug: + * https://bugzilla.mozilla.org/show_bug.cgi?id=1434033 + */ +/** + * Appends the specified path to the library path. + * This is used so that the updater can find libnss3.dylib and other + * shared libs. + * + * @param pathToAppend A new library path to prepend to the dynamic linker's + * search path. + */ +# include "prprf.h" +# define PATH_SEPARATOR ":" +# define LD_LIBRARY_PATH_ENVVAR_NAME "DYLD_LIBRARY_PATH" +static void AppendToLibPath(const char* pathToAppend) { + char* pathValue = getenv(LD_LIBRARY_PATH_ENVVAR_NAME); + if (nullptr == pathValue || '\0' == *pathValue) { + // Leak the string because that is required by PR_SetEnv. + char* s = + Smprintf("%s=%s", LD_LIBRARY_PATH_ENVVAR_NAME, pathToAppend).release(); + PR_SetEnv(s); + } else { + // Leak the string because that is required by PR_SetEnv. + char* s = Smprintf("%s=%s" PATH_SEPARATOR "%s", LD_LIBRARY_PATH_ENVVAR_NAME, + pathToAppend, pathValue) + .release(); + PR_SetEnv(s); + } +} +#endif + /** * Applies, switches, or stages an update. * @@ -606,6 +642,20 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir, PR_SetEnv("MOZ_SAFE_MODE_RESTART=1"); } +#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \ + defined(MAR_NSS) && defined(XP_MACOSX) + // On macOS, append the app directory to the shared library search path + // so the system can locate the shared libraries that are needed by the + // updater, e.g., libnss3.dylib). + nsAutoCString appPath; + nsresult rv2 = appDir->GetNativePath(appPath); + if (NS_SUCCEEDED(rv2)) { + AppendToLibPath(appPath.get()); + } else { + LOG(("ApplyUpdate -- appDir->GetNativePath() failed (0x%x)\n", rv2)); + } +#endif + LOG(("spawning updater process [%s]\n", updaterPath.get())); #ifdef DEBUG dump_argv("ApplyUpdate updater", argv, argc);

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 21830: Copying large text from web console leaks to /tmp
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 9c27aab313db46f70337c1c3b994f3d0b4d36c9a Author: Georg Koppen <gk(a)torproject.org> Date: Fri Aug 4 05:55:49 2017 +0000 Bug 21830: Copying large text from web console leaks to /tmp Patch written by Neill Miller --- widget/nsTransferable.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp index 9ccfc8639350..135135ab23a8 100644 --- a/widget/nsTransferable.cpp +++ b/widget/nsTransferable.cpp @@ -33,6 +33,7 @@ Notes to self: #include "nsILoadContext.h" #include "nsXULAppAPI.h" #include "mozilla/UniquePtr.h" +#include "mozilla/Preferences.h" using namespace mozilla; @@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) { if (aContext) { mPrivateData = aContext->UsePrivateBrowsing(); + } else { + // without aContext here to provide PrivateBrowsing information, + // we defer to the active configured setting + mPrivateData = + mozilla::Preferences::GetBool("browser.privatebrowsing.autostart"); } #ifdef DEBUG mInitialized = true;

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 26353: Prevent speculative connect that violated FPI.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 36a9e8f7a0a2b261dfc08d881972deb73ec83e3d Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Sat Jul 14 08:50:55 2018 -0700 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. --- toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm index ffa42297073e..82c7a3b950c2 100644 --- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm +++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm @@ -74,6 +74,9 @@ class RemoteWebNavigation { fixupFlags |= Services.uriFixup.FIXUP_FLAG_PRIVATE_CONTEXT; } uri = Services.uriFixup.createFixupURI(aURI, fixupFlags); +/******************************************************************************* + TOR BROWSER: Disable the following speculative connect until + we can make it properly obey first-party isolation. // We know the url is going to be loaded, let's start requesting network // connection before the content process asks. @@ -97,6 +100,7 @@ class RemoteWebNavigation { } Services.io.speculativeConnect(uri, principal, null); } +*******************************************************************************/ } catch (ex) { // Can't setup speculative connection for this uri string for some // reason (such as failing to parse the URI), just ignore it.

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 23104: Add a default line height compensation
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 2b9a95af5139c34a1feb267fceaea5f881f64bca Author: Igor Oliveira <igor.oliveira(a)posteo.net> Date: Sun Dec 10 18:16:59 2017 -0200 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height only and only if the frame is outside the chrome. --- layout/generic/ReflowInput.cpp | 19 +++++++++--- layout/generic/test/mochitest.ini | 1 + layout/generic/test/test_tor_bug23104.html | 50 ++++++++++++++++++++++++++++++ 3 files changed, 65 insertions(+), 5 deletions(-) diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index 5b1f6d62043a..5da354f86558 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -30,6 +30,7 @@ #include <algorithm> #include "mozilla/dom/HTMLInputElement.h" #include "nsGridContainerFrame.h" +#include "nsContentUtils.h" using namespace mozilla; using namespace mozilla::css; @@ -2690,7 +2691,8 @@ void ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) { // For risk management, we use preference to control the behavior, and // eNoExternalLeading is the old behavior. -static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { +static nscoord GetNormalLineHeight(nsIContent* aContent, + nsFontMetrics* aFontMetrics) { MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics"); nscoord normalLineHeight; @@ -2698,6 +2700,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { nscoord externalLeading = aFontMetrics->ExternalLeading(); nscoord internalLeading = aFontMetrics->InternalLeading(); nscoord emHeight = aFontMetrics->EmHeight(); + + if (nsContentUtils::ShouldResistFingerprinting() && + !aContent->IsInChromeDocument()) { + return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR); + } + switch (GetNormalLineHeightCalcControl()) { case eIncludeExternalLeading: normalLineHeight = emHeight + internalLeading + externalLeading; @@ -2715,7 +2723,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { return normalLineHeight; } -static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, +static inline nscoord ComputeLineHeight(nsIContent* aContent, + ComputedStyle* aComputedStyle, nsPresContext* aPresContext, nscoord aBlockBSize, float aFontSizeInflation) { @@ -2743,7 +2752,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, RefPtr<nsFontMetrics> fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - return GetNormalLineHeight(fm); + return GetNormalLineHeight(aContent, fm); } nscoord ReflowInput::CalcLineHeight() const { @@ -2765,7 +2774,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, float aFontSizeInflation) { MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle"); - nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext, + nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle, aPresContext, aBlockBSize, aFontSizeInflation); NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up"); @@ -2778,7 +2787,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, if (!lh.IsNormal()) { RefPtr<nsFontMetrics> fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - nscoord normal = GetNormalLineHeight(fm); + nscoord normal = GetNormalLineHeight(aContent, fm); if (lineHeight < normal) { lineHeight = normal; } diff --git a/layout/generic/test/mochitest.ini b/layout/generic/test/mochitest.ini index f6678d8d8e4e..c1602bbbc6b1 100644 --- a/layout/generic/test/mochitest.ini +++ b/layout/generic/test/mochitest.ini @@ -161,3 +161,4 @@ skip-if = debug == true || tsan # the test is slow. tsan: bug 1612707 [test_reframe_for_lazy_load_image.html] support-files = file_reframe_for_lazy_load_image.html +[test_tor_bug23104.html] diff --git a/layout/generic/test/test_tor_bug23104.html b/layout/generic/test/test_tor_bug23104.html new file mode 100644 index 000000000000..8ff1d2190c45 --- /dev/null +++ b/layout/generic/test/test_tor_bug23104.html @@ -0,0 +1,50 @@ +<!DOCTYPE HTML> +<meta charset="UTF-8"> +<html> +<head> + <title>Test for Tor Bug #23104: CSS line-height reveals the platform Tor browser is running</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="application/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <style type="text/css"> + span { + background-color: #000; + color: #fff; + font-size: 16.5px; + } + </style> +</head> +<body> +<span id="test1">Test1</span> +<span id="test2">كلمة</span> +<span id="test3">ação</span> +<script> + +let setPref = async function (key, value) { + await SpecialPowers.pushPrefEnv({"set": [[key, value]]}); +} + +function getStyle(el, styleprop) { + el = document.getElementById(el); + return document.defaultView.getComputedStyle(el, null).getPropertyValue(styleprop); +} + +function validateElement(elementName, isFingerprintResistent) { + var fontSize = getStyle(elementName, 'font-size'); + var lineHeight = getStyle(elementName, 'line-height'); + var validationCb = isFingerprintResistent ? is : isnot; + validationCb(parseFloat(lineHeight), Math.round(parseFloat(fontSize)) * 1.2, 'Line Height validation'); +} + +add_task(async function() { + await setPref("layout.css.line-height.normal-as-resolved-value.enabled", false); + for (let resistFingerprintingValue of [true, false]) { + await setPref("privacy.resistFingerprinting", resistFingerprintingValue); + for (let elementId of ['test1', 'test2', 'test3']) { + validateElement(elementId, resistFingerprintingValue); + } + } +}); + +</script> +</body> +</html>

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 31563: force reloading search extensions if extensions.enabledScopes has changed
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 819110bf86f844afa960401a4234eb3dfc50d08f Author: Alex Catarineu <acat(a)torproject.org> Date: Sat Aug 31 16:23:20 2019 +0200 Bug 31563: force reloading search extensions if extensions.enabledScopes has changed --- toolkit/components/search/SearchService.jsm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/toolkit/components/search/SearchService.jsm b/toolkit/components/search/SearchService.jsm index 46b992bec8ec..608f3c475458 100644 --- a/toolkit/components/search/SearchService.jsm +++ b/toolkit/components/search/SearchService.jsm @@ -975,6 +975,7 @@ SearchService.prototype = { let locale = Services.locale.requestedLocale; let buildID = Services.appinfo.platformBuildID; let appVersion = Services.appinfo.version; + let enabledScopes = Services.prefs.getIntPref("extensions.enabledScopes", -1); // Allows us to force a cache refresh should the cache format change. cache.version = SearchUtils.CACHE_VERSION; @@ -988,6 +989,10 @@ SearchService.prototype = { cache.appVersion = appVersion; cache.locale = locale; + // Bug 31563: we want to force reloading engines if extensions.enabledScopes + // pref changes + cache.enabledScopes = enabledScopes; + if (gModernConfig) { cache.builtInEngineList = this._searchOrder; // For built-in engines we don't want to store all their data in the cache @@ -1049,7 +1054,8 @@ SearchService.prototype = { !cache.engines || cache.version != SearchUtils.CACHE_VERSION || cache.locale != Services.locale.requestedLocale || - cache.buildID != buildID; + cache.buildID != buildID || + cache.enabledScopes != Services.prefs.getIntPref("extensions.enabledScopes", -1); let enginesCorrupted = false; if (!rebuildCache) {

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 21431: Clean-up system extensions shipped in Firefox
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 14fe40e84cfe8c2fb60f4612cd5e15252f7d6752 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue May 23 17:05:29 2017 -0400 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. --- browser/components/BrowserGlue.jsm | 6 ++++++ browser/extensions/moz.build | 5 ----- browser/installer/package-manifest.in | 1 - browser/locales/Makefile.in | 8 -------- browser/locales/jar.mn | 7 ------- 5 files changed, 6 insertions(+), 21 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3b7d8d6e0309..3363e24a9b56 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2076,6 +2076,9 @@ BrowserGlue.prototype = { const ID = "screenshots(a)mozilla.org"; const _checkScreenshotsPref = async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { + return; + } let disabled = Services.prefs.getBoolPref(PREF, false); if (disabled) { await addon.disable({ allowSystemAddons: true }); @@ -2092,6 +2095,9 @@ BrowserGlue.prototype = { const ID = "webcompat-reporter(a)mozilla.org"; Services.prefs.addObserver(PREF, async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { + return; + } let enabled = Services.prefs.getBoolPref(PREF, false); if (enabled && !addon.isActive) { await addon.enable({ allowSystemAddons: true }); diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index fd2e65d01f02..499c59b8d6a5 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -5,12 +5,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. DIRS += [ - 'doh-rollout', - 'formautofill', 'pdfjs', - 'screenshots', - 'webcompat', - 'report-site-issue' ] if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 53b0b7ddf731..ad7dd023a92e 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -268,7 +268,6 @@ @RESPATH@/browser/chrome/icons/default/default64.png @RESPATH@/browser/chrome/icons/default/default128.png #endif -@RESPATH@/browser/features/* ; [DevTools Startup Files] @RESPATH@/browser/chrome/devtools-startup@JAREXT@ diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in index 05f0242c5248..1fdf34d9460f 100644 --- a/browser/locales/Makefile.in +++ b/browser/locales/Makefile.in @@ -58,10 +58,6 @@ libs-%: @$(MAKE) -C ../../toolkit/locales libs-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$* -endif - @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) libs AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR) @@ -75,14 +71,10 @@ chrome-%: @$(MAKE) -C ../../toolkit/locales chrome-$* @$(MAKE) -C ../../services/sync/locales chrome AB_CD=$* @$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$* -endif @$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$* @$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$* @$(MAKE) chrome AB_CD=$* @$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$* - @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$* package-win32-installer: $(SUBMAKEFILES) $(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index 31e2d3d870e6..ff577dfd4e7c 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -60,10 +60,3 @@ locale/browser/newInstall.dtd (%chrome/browser/newInstall.dtd) locale/browser/brandings.dtd (%chrome/browser/brandings.dtd) locale/browser/fxmonitor.properties (%chrome/browser/fxmonitor.properties) - -#ifdef XPI_NAME -# Bug 1240628, restructure how l10n repacks work with feature addons -# This is hacky, but ensures the chrome.manifest chain is complete -[.] chrome.jar: -% manifest features/chrome.manifest -#endif

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 25658: Replace security slider with security level UI
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit c558c78f86b6be1813dd5317a628c0ca33b514f8 Author: Richard Pospesel <richard(a)torproject.org> Date: Mon Mar 4 16:09:51 2019 -0800 Bug 25658: Replace security slider with security level UI This patch adds a new 'securitylevel' component to Tor Browser intended to replace the torbutton 'Security Slider'. This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Strings used by this patch are pulled from the torbutton extension, but en-US defaults are provided if there is an error loading from the extension. With this patch applied, the usual work-flow of "./mach build && ./mach run" work as expected, even if the torbutton extension is disabled. --- browser/base/content/browser.js | 10 + browser/base/content/browser.xhtml | 5 + browser/components/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 19 + .../securitylevel/content/securityLevel.js | 501 +++++++++++++++++++++ .../securitylevel/content/securityLevelButton.css | 9 + .../content/securityLevelButton.inc.xhtml | 7 + .../securitylevel/content/securityLevelButton.svg | 21 + .../securitylevel/content/securityLevelPanel.css | 82 ++++ .../content/securityLevelPanel.inc.xhtml | 38 ++ .../content/securityLevelPreferences.css | 26 ++ .../content/securityLevelPreferences.inc.xhtml | 62 +++ browser/components/securitylevel/jar.mn | 6 + browser/components/securitylevel/moz.build | 1 + 16 files changed, 791 insertions(+) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 036d92e131da..a851be586c0c 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -216,6 +216,11 @@ XPCOMUtils.defineLazyScriptGetter( ["DownloadsButton", "DownloadsIndicatorView"], "chrome://browser/content/downloads/indicator.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelButton"], + "chrome://browser/content/securitylevel/securityLevel.js" +); XPCOMUtils.defineLazyScriptGetter( this, "gEditItemOverlay", @@ -1876,6 +1881,9 @@ var gBrowserInit = { // doesn't flicker as the window is being shown. DownloadsButton.init(); + // Init the SecuritySettingsButton + SecurityLevelButton.init(); + // Certain kinds of automigration rely on this notification to complete // their tasks BEFORE the browser window is shown. SessionStore uses it to // restore tabs into windows AFTER important parts like gMultiProcessBrowser @@ -2558,6 +2566,8 @@ var gBrowserInit = { DownloadsButton.uninit(); + SecurityLevelButton.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 229fc2a26dd2..72c415b8f843 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -20,6 +20,8 @@ <?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/tabbrowser.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/downloads/downloads.css" type="text/css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPanel.css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelButton.css"?> <?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/usercontext/usercontext.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/" type="text/css"?> @@ -623,6 +625,7 @@ #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml #include ../../components/downloads/content/downloadsPanel.inc.xhtml #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml +#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml #include browser-allTabsMenu.inc.xhtml <hbox id="downloads-animation-container"> @@ -1136,6 +1139,8 @@ </stack> </toolbarbutton> +#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml + <toolbarbutton id="library-button" class="toolbarbutton-1 chromeclass-toolbar-additional subviewbutton-nav" removable="true" onmousedown="PanelUI.showSubView('appMenu-libraryView', this, event);" diff --git a/browser/components/moz.build b/browser/components/moz.build index cf3f566eba71..8d6d2503e4a0 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -52,6 +52,7 @@ DIRS += [ 'protocolhandler', 'resistfingerprinting', 'search', + 'securitylevel', 'sessionstore', 'shell', 'ssb', diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index c8adb60653b7..3d89ddf00808 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -12,6 +12,7 @@ <?xml-stylesheet href="chrome://browser/skin/preferences/search.css"?> <?xml-stylesheet href="chrome://browser/skin/preferences/containers.css"?> <?xml-stylesheet href="chrome://browser/skin/preferences/privacy.css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPreferences.css"?> <!DOCTYPE html> diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 572b0233c8c4..f36145ea80d4 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -913,6 +913,8 @@ <html:h1 data-l10n-id="security-header"/> </hbox> +#include ../securitylevel/content/securityLevelPreferences.inc.xhtml +  <groupbox id="browsingProtectionGroup" data-category="panePrivacy" hidden="true"> <label><html:h2 data-l10n-id="security-browsing-protection"/></label> diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 2cff75726546..949fa84c24ab 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -77,6 +77,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", function() { } }); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelPreferences"], + "chrome://browser/content/securitylevel/securityLevel.js" +); + XPCOMUtils.defineLazyServiceGetter( this, "listManager", @@ -275,6 +281,18 @@ function addCustomBlockingLearnMore() { var gPrivacyPane = { _pane: null, + /** + * Show the Security Level UI + */ + _initSecurityLevel() { + SecurityLevelPreferences.init(); + let unload = () => { + window.removeEventListener("unload", unload); + SecurityLevelPreferences.uninit(); + }; + window.addEventListener("unload", unload); + }, + /** * Whether the prompt to restart Firefox should appear when changing the autostart pref. */ @@ -415,6 +433,7 @@ var gPrivacyPane = { this.trackingProtectionReadPrefs(); this.networkCookieBehaviorReadPrefs(); this._initTrackingProtectionExtensionControl(); + this._initSecurityLevel(); Services.telemetry.setEventRecordingEnabled("pwmgr", true); diff --git a/browser/components/securitylevel/content/securityLevel.js b/browser/components/securitylevel/content/securityLevel.js new file mode 100644 index 000000000000..b47d0cfb545e --- /dev/null +++ b/browser/components/securitylevel/content/securityLevel.js @@ -0,0 +1,501 @@ +"use strict"; + +ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); +ChromeUtils.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetters(this, { + CustomizableUI: "resource:///modules/CustomizableUI.jsm", + PanelMultiView: "resource:///modules/PanelMultiView.jsm", +}); + +ChromeUtils.defineModuleGetter( + this, + "TorStrings", + "resource:///modules/TorStrings.jsm" +); + +/* + Security Level Prefs + + Getters and Setters for relevant torbutton prefs +*/ +const SecurityLevelPrefs = { + security_slider_pref : "extensions.torbutton.security_slider", + security_custom_pref : "extensions.torbutton.security_custom", + + get securitySlider() { + try { + return Services.prefs.getIntPref(this.security_slider_pref); + } catch(e) { + // init pref to 4 (standard) + const val = 4; + Services.prefs.setIntPref(this.security_slider_pref, val); + return val; + } + }, + + set securitySlider(val) { + Services.prefs.setIntPref(this.security_slider_pref, val); + }, + + get securityCustom() { + try { + return Services.prefs.getBoolPref(this.security_custom_pref); + } catch(e) { + // init custom to false + const val = false; + Services.prefs.setBoolPref(this.security_custom_pref, val); + return val; + } + }, + + set securityCustom(val) { + Services.prefs.setBoolPref(this.security_custom_pref, val); + }, +}; /* Security Level Prefs */ + +/* + Security Level Button Code + + Controls init and update of the security level toolbar button +*/ + +const SecurityLevelButton = { + _securityPrefsBranch : null, + + _populateXUL : function(securityLevelButton) { + if (securityLevelButton != null) { + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.securityLevel); + securityLevelButton.setAttribute("label", TorStrings.securityLevel.securityLevel); + } + }, + + _configUIFromPrefs : function(securityLevelButton) { + if (securityLevelButton != null) { + let securitySlider = SecurityLevelPrefs.securitySlider; + let classList = securityLevelButton.classList; + classList.remove("standard", "safer", "safest"); + switch(securitySlider) { + case 4: + classList.add("standard"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.standard.tooltip); + break; + case 2: + classList.add("safer"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safer.tooltip); + break; + case 1: + classList.add("safest"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safest.tooltip); + break; + } + } + }, + + get button() { + let button = document.getElementById("security-level-button"); + if (!button) { + return null; + } + return button; + }, + + get anchor() { + let anchor = this.button.icon; + if (!anchor) { + return null; + } + + anchor.setAttribute("consumeanchor", SecurityLevelButton.button.id); + return anchor; + }, + + init : function() { + // set the initial class based off of the current pref + let button = this.button; + this._populateXUL(button); + this._configUIFromPrefs(button); + + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + + CustomizableUI.addListener(this); + + SecurityLevelPanel.init(); + }, + + uninit : function() { + CustomizableUI.removeListener(this); + + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + + SecurityLevelPanel.uninit(); + }, + + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider") { + this._configUIFromPrefs(this.button); + } + break; + } + }, + + // callback for entering the 'Customize Firefox' screen to set icon + onCustomizeStart : function(window) { + let navigatorToolbox = document.getElementById("navigator-toolbox"); + let button = navigatorToolbox.palette.querySelector("#security-level-button"); + this._populateXUL(button); + this._configUIFromPrefs(button); + }, + + // callback when CustomizableUI modifies DOM + onWidgetAfterDOMChange : function(aNode, aNextNode, aContainer, aWasRemoval) { + if (aNode.id == "security-level-button" && !aWasRemoval) { + this._populateXUL(aNode); + this._configUIFromPrefs(aNode); + } + }, + + // for when the toolbar button needs to be activated and displays the Security Level panel + // + // In the toolbarbutton xul you'll notice we register this callback for both onkeypress and + // onmousedown. We do this to match the behavior of other panel spawning buttons such as Downloads, + // Library, and the Hamburger menus. Using oncommand alone would result in only getting fired + // after onclick, which is mousedown followed by mouseup. + onCommand : function(aEvent) { + // snippet stolen from /browser/components/downloads/indicator.js DownloadsIndicatorView.onCommand(evt) + if ( + (aEvent.type == "mousedown" && aEvent.button != 0) || + (aEvent.type == "keypress" && aEvent.key != " " && aEvent.key != "Enter") + ) { + return; + } + + // we need to set this attribute for the button to be shaded correctly to look like it is pressed + // while the security level panel is open + this.button.setAttribute("open", "true"); + SecurityLevelPanel.show(); + }, +}; /* Security Level Button */ + +/* + Security Level Panel Code + + Controls init and update of the panel in the security level hanger +*/ + +const SecurityLevelPanel = { + _securityPrefsBranch : null, + _panel : null, + _anchor : null, + _populated : false, + + _populateXUL : function() { + // get the panel elements we need to populate + let panelview = document.getElementById("securityLevel-panelview"); + let labelHeader = panelview.querySelector("#securityLevel-header"); + let labelCustomWarning = panelview.querySelector("#securityLevel-customWarning") + let labelLearnMore = panelview.querySelector("#securityLevel-learnMore"); + let buttonRestoreDefaults = panelview.querySelector("#securityLevel-restoreDefaults"); + let buttonAdvancedSecuritySettings = panelview.querySelector("#securityLevel-advancedSecuritySettings"); + + labelHeader.setAttribute("value", TorStrings.securityLevel.securityLevel); + labelCustomWarning.setAttribute("value", TorStrings.securityLevel.customWarning); + labelLearnMore.setAttribute("value", TorStrings.securityLevel.learnMore); + labelLearnMore.setAttribute("href", TorStrings.securityLevel.learnMoreURL); + buttonRestoreDefaults.setAttribute("label", TorStrings.securityLevel.restoreDefaults); + buttonAdvancedSecuritySettings.setAttribute("label", TorStrings.securityLevel.advancedSecuritySettings); + + // rest of the XUL is set based on security prefs + this._configUIFromPrefs(); + + this._populated = true; + }, + + _configUIFromPrefs : function() { + // get security prefs + let securitySlider = SecurityLevelPrefs.securitySlider; + let securityCustom = SecurityLevelPrefs.securityCustom; + + // get the panel elements we need to populate + let panelview = document.getElementById("securityLevel-panelview"); + let labelLevel = panelview.querySelector("#securityLevel-level"); + let labelCustomWarning = panelview.querySelector("#securityLevel-customWarning") + let summary = panelview.querySelector("#securityLevel-summary"); + let buttonRestoreDefaults = panelview.querySelector("#securityLevel-restoreDefaults"); + let buttonAdvancedSecuritySettings = panelview.querySelector("#securityLevel-advancedSecuritySettings"); + + // only visible when user is using custom settings + labelCustomWarning.hidden = !securityCustom; + buttonRestoreDefaults.hidden = !securityCustom; + + // Descriptions change based on security level + switch(securitySlider) { + // standard + case 4: + labelLevel.setAttribute("value", TorStrings.securityLevel.standard.level); + summary.textContent = TorStrings.securityLevel.standard.summary; + break; + // safer + case 2: + labelLevel.setAttribute("value", TorStrings.securityLevel.safer.level); + summary.textContent = TorStrings.securityLevel.safer.summary; + break; + // safest + case 1: + labelLevel.setAttribute("value", TorStrings.securityLevel.safest.level); + summary.textContent = TorStrings.securityLevel.safest.summary; + break; + } + + // override the summary text with custom warning + if (securityCustom) { + summary.textContent = TorStrings.securityLevel.custom.summary; + } + }, + + init : function() { + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + }, + + uninit : function() { + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + }, + + show : function() { + // we have to defer this until after the browser has finished init'ing before + // we can populate the panel + if (!this._populated) { + this._populateXUL(); + } + + let panel = document.getElementById("securityLevel-panel"); + panel.hidden = false; + PanelMultiView.openPopup(panel, SecurityLevelButton.anchor, "bottomcenter topright", + 0, 0, false, null).catch(Cu.reportError); + }, + + hide : function() { + let panel = document.getElementById("securityLevel-panel"); + PanelMultiView.hidePopup(panel); + }, + + restoreDefaults : function() { + SecurityLevelPrefs.securityCustom = false; + // hide and reshow so that layout re-renders properly + this.hide(); + this.show(this._anchor); + }, + + openAdvancedSecuritySettings : function() { + openPreferences("privacy-securitylevel"); + this.hide(); + }, + + // callback when prefs change + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider" || data == "security_custom") { + this._configUIFromPrefs(); + } + break; + } + }, + + // callback when the panel is displayed + onPopupShown : function(event) { + SecurityLevelButton.button.setAttribute("open", "true"); + }, + + // callback when the panel is hidden + onPopupHidden : function(event) { + SecurityLevelButton.button.removeAttribute("open"); + } +}; /* Security Level Panel */ + +/* + Security Level Preferences Code + + Code to handle init and update of security level section in about:preferences#privacy +*/ + +const SecurityLevelPreferences = +{ + _securityPrefsBranch : null, + + _populateXUL : function() { + let groupbox = document.getElementById("securityLevel-groupbox"); + + let labelHeader = groupbox.querySelector("#securityLevel-header"); + labelHeader.textContent = TorStrings.securityLevel.securityLevel; + + let spanOverview = groupbox.querySelector("#securityLevel-overview"); + spanOverview.textContent = TorStrings.securityLevel.overview; + + let labelLearnMore = groupbox.querySelector("#securityLevel-learnMore"); + labelLearnMore.setAttribute("value", TorStrings.securityLevel.learnMore); + labelLearnMore.setAttribute("href", TorStrings.securityLevel.learnMoreURL); + + let radiogroup = document.getElementById("securityLevel-radiogroup"); + radiogroup.addEventListener("command", SecurityLevelPreferences.selectSecurityLevel); + + let populateRadioElements = function(vboxQuery, stringStruct) { + let vbox = groupbox.querySelector(vboxQuery); + + let radio = vbox.querySelector("radio"); + radio.setAttribute("label", stringStruct.level); + + let customWarning = vbox.querySelector("#securityLevel-customWarning"); + customWarning.setAttribute("value", TorStrings.securityLevel.customWarning); + + let labelSummary = vbox.querySelector("#securityLevel-summary"); + labelSummary.textContent = stringStruct.summary; + + let labelRestoreDefaults = vbox.querySelector("#securityLevel-restoreDefaults"); + labelRestoreDefaults.setAttribute("value", TorStrings.securityLevel.restoreDefaults); + labelRestoreDefaults.addEventListener("click", SecurityLevelPreferences.restoreDefaults); + + let description1 = vbox.querySelector("#securityLevel-description1"); + if (description1) { + description1.textContent = stringStruct.description1; + } + let description2 = vbox.querySelector("#securityLevel-description2"); + if (description2) { + description2.textContent = stringStruct.description2; + } + let description3 = vbox.querySelector("#securityLevel-description3"); + if (description3) { + description3.textContent = stringStruct.description3; + } + }; + + populateRadioElements("#securityLevel-vbox-standard", TorStrings.securityLevel.standard); + populateRadioElements("#securityLevel-vbox-safer", TorStrings.securityLevel.safer); + populateRadioElements("#securityLevel-vbox-safest", TorStrings.securityLevel.safest); + }, + + _configUIFromPrefs : function() { + // read our prefs + let securitySlider = SecurityLevelPrefs.securitySlider; + let securityCustom = SecurityLevelPrefs.securityCustom; + + // get our elements + let groupbox = document.getElementById("securityLevel-groupbox"); + + let radiogroup = groupbox.querySelector("#securityLevel-radiogroup"); + let labelStandardCustom = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-customWarning"); + let labelSaferCustom = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-customWarning"); + let labelSafestCustom = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-customWarning"); + let labelStandardRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-restoreDefaults"); + let labelSaferRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-restoreDefaults"); + let labelSafestRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-restoreDefaults"); + + // hide custom label by default until we know which level we're at + labelStandardCustom.hidden = true; + labelSaferCustom.hidden = true; + labelSafestCustom.hidden = true; + + labelStandardRestoreDefaults.hidden = true; + labelSaferRestoreDefaults.hidden = true; + labelSafestRestoreDefaults.hidden = true; + + switch(securitySlider) { + // standard + case 4: + radiogroup.value = "standard"; + labelStandardCustom.hidden = !securityCustom; + labelStandardRestoreDefaults.hidden = !securityCustom; + break; + // safer + case 2: + radiogroup.value = "safer"; + labelSaferCustom.hidden = !securityCustom; + labelSaferRestoreDefaults.hidden = !securityCustom; + break; + // safest + case 1: + radiogroup.value = "safest"; + labelSafestCustom.hidden = !securityCustom; + labelSafestRestoreDefaults.hidden = !securityCustom; + break; + } + }, + + init : function() { + // populate XUL with localized strings + this._populateXUL(); + + // read prefs and populate UI + this._configUIFromPrefs(); + + // register for pref chagnes + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + }, + + uninit : function() { + // unregister for pref change events + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + }, + + // callback for when prefs change + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider" || + data == "security_custom") { + this._configUIFromPrefs(); + } + break; + } + }, + + selectSecurityLevel : function() { + // radio group elements + let radiogroup = document.getElementById("securityLevel-radiogroup"); + + // update pref based on selected radio option + switch (radiogroup.value) { + case "standard": + SecurityLevelPrefs.securitySlider = 4; + break; + case "safer": + SecurityLevelPrefs.securitySlider = 2; + break; + case "safest": + SecurityLevelPrefs.securitySlider = 1; + break; + } + + SecurityLevelPreferences.restoreDefaults(); + }, + + restoreDefaults : function() { + SecurityLevelPrefs.securityCustom = false; + }, +}; /* Security Level Prefereces */ + +Object.defineProperty(this, "SecurityLevelButton", { + value: SecurityLevelButton, + enumerable: true, + writable: false +}); + +Object.defineProperty(this, "SecurityLevelPanel", { + value: SecurityLevelPanel, + enumerable: true, + writable: false +}); + +Object.defineProperty(this, "SecurityLevelPreferences", { + value: SecurityLevelPreferences, + enumerable: true, + writable: false +}); diff --git a/browser/components/securitylevel/content/securityLevelButton.css b/browser/components/securitylevel/content/securityLevelButton.css new file mode 100644 index 000000000000..81f2365bae28 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.css @@ -0,0 +1,9 @@ +toolbarbutton#security-level-button.standard { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#standard"); +} +toolbarbutton#security-level-button.safer { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#safer"); +} +toolbarbutton#security-level-button.safest { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#safest"); +} diff --git a/browser/components/securitylevel/content/securityLevelButton.inc.xhtml b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml new file mode 100644 index 000000000000..96ee1ec0ca49 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml @@ -0,0 +1,7 @@ +<toolbarbutton id="security-level-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + badged="true" + removable="true" + onmousedown="SecurityLevelButton.onCommand(event);" + onkeypress="SecurityLevelButton.onCommand(event);" + closemenu="none" + cui-areatype="toolbar"/> diff --git a/browser/components/securitylevel/content/securityLevelButton.svg b/browser/components/securitylevel/content/securityLevelButton.svg new file mode 100644 index 000000000000..8535cdcc531e --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.svg @@ -0,0 +1,21 @@ +<svg width="14px" height="16px" viewBox="0 0 14 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <style> + use:not(:target) { + display: none; + } + </style> + <defs> + <g id="standard_icon" stroke="none" stroke-width="1"> + <path d="M7.0 2.16583509C7.0 2.16583509 2.0 4.24375717 2.0 4.24375717C2.0 4.24375717 2.0 7.27272727 2.0 7.27272727C2.0 10.2413541 4.13435329 13.0576771 7.0 13.9315843C9.8656467 13.0576771 12.0 10.2413541 12.0 7.27272727C12.0 7.27272727 12.0 4.24375717 12.0 4.24375717C12.0 4.24375717 7.0 2.16583509 7.0 2.16583509C7.0 2.16583509 7.0 2.16583509 7.0 2.16583509M7.0 0.0C7.0 0.0 14.0 2.90909091 14.0 2.90909091C14.0 2.90909091 14.0 7.27272727 14.0 7.27272727C14.0 11.3090909 11.0133333 15.0836364 7.0 16.0C2.98666667 15.0836364 0.0 11.3090909 0.0 7.27272727C0.0 7.27272727 0.0 2.90909091 0.0 2.90909091C0.0 2.90909091 7.0 0.0 7.0 0.0C7.0 0.0 7.0 0.0 7.0 0.0" /> + </g> + <g id="safer_icon" stroke="none" stroke-width="1"> + <path fill-rule="nonzero" d="M7.0 2.1658351C7.0 13.931584 7.0 2.1658351 7.0 13.931584C9.8656467 13.057677 12.0 10.241354 12.0 7.2727273C12.0 7.2727273 12.0 4.2437572 12.0 4.2437572C12.0 4.2437572 7.0 2.1658351 7.0 2.1658351C7.0 2.1658351 7.0 2.1658351 7.0 2.1658351M7.0 0.0C7.0 0.0 14.0 2.9090909 14.0 2.9090909C14.0 2.9090909 14.0 7.2727273 14.0 7.2727273C14.0 11.309091 11.013333 15.083636 7.0 16.0C2.9866667 15.083636 0.0 11.309091 0.0 7.2727273C0.0 7.2727273 0.0 2.9090909 0.0 2.9090909C0.0 2.9090909 7.0 0.0 7.0 0.0"/> + </g> + <g id="safest_icon" stroke="none" stroke-width="1"> + <path d="M7.0 0.0C7.0 0.0 14.0 2.90909091 14.0 2.90909091C14.0 2.90909091 14.0 7.27272727 14.0 7.27272727C14.0 11.3090909 11.0133333 15.0836364 7.0 16.0C2.98666667 15.0836364 0.0 11.3090909 0.0 7.27272727C0.0 7.27272727 0.0 2.90909091 0.0 2.90909091C0.0 2.90909091 7.0 0.0 7.0 0.0C7.0 0.0 7.0 0.0 7.0 0.0" /> + </g> + </defs> + <use id="standard" fill="context-fill" fill-opacity="context-fill-opacity" href="#standard_icon" /> + <use id="safer" fill="context-fill" fill-opacity="context-fill-opacity" href="#safer_icon" /> + <use id="safest" fill="context-fill" fill-opacity="context-fill-opacity" href="#safest_icon" /> +</svg> diff --git a/browser/components/securitylevel/content/securityLevelPanel.css b/browser/components/securitylevel/content/securityLevelPanel.css new file mode 100644 index 000000000000..70022e2bd4b2 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPanel.css @@ -0,0 +1,82 @@ +/* Security Level CSS */ + +panel#securityLevel-panel > .panel-arrowcontainer > .panel-arrowcontent { + padding: 0; +} + +panelview#securityLevel-panelview { + width: 20em; +} + +panelview#securityLevel-panelview>vbox.panel-subview-body { + padding: 1em; +} + +label#securityLevel-header { + text-transform: uppercase; + color: var(--panel-disabled-color); + font-size: 0.85em; + margin: 0 0 0.4em 0; + padding: 0; +} + +hbox#securityLevel-levelHbox { + margin-bottom: 1em; +} + +label#securityLevel-level { + font-size: 1.5em; + margin: 0 0.5em 0 0; + padding: 0; +} + +label#securityLevel-customWarning { + border-radius: 2px; + background-color: #ffe845; + text-transform: uppercase; + font-weight: bolder; + font-size: 0.8em; + height: 1em; + line-height: 1em; + vertical-align: middle; + margin: auto; + padding: 0.4em; +} + +panelview#securityLevel-panelview description { + margin: 0 -0.5em 0.5em 0; + padding: 0 !important; +} + +label#securityLevel-learnMore { + margin: 0 0 1.0em 0; + padding: 0; +} + +panelview#securityLevel-panelview button { + -moz-appearance: none; + background-color: var(--arrowpanel-dimmed); +} + +panelview#securityLevel-panelview button:hover { + background-color: var(--arrowpanel-dimmed-further); +} + +panelview#securityLevel-panelview button:active { + background-color: var(--arrowpanel-dimmed-even-further); +} + +button#securityLevel-restoreDefaults { + margin: 0 0 1.0em 0; + padding: 0.45em; + color: inherit !important; +} + +button#securityLevel-advancedSecuritySettings { + margin: 0 -1.0em -1.0em -1.0em; + border-radius: 0; + border-top: 1px solid var(--panel-separator-color); + padding: 0; + height: 3.0em; + color: inherit !important; +} diff --git a/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml new file mode 100644 index 000000000000..4abbb12dd856 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml @@ -0,0 +1,38 @@ +<panel id="securityLevel-panel" + role="group" + type="arrow" + orient="vertical" + level="top" + hidden="true" + class="panel-no-padding" + onpopupshown="SecurityLevelPanel.onPopupShown(event);" + onpopuphidden="SecurityLevelPanel.onPopupHidden(event);" + > + <panelmultiview mainViewId="securityLevel-panelview"> + <panelview id="securityLevel-panelview" descriptionheightworkaround="true"> + <vbox class="panel-subview-body"> + <label id="securityLevel-header"/> + <hbox id="securityLevel-levelHbox"> + <label id="securityLevel-level"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description id="securityLevel-summary"/> + <label + id="securityLevel-learnMore" + class="learnMore text-link" + onclick="SecurityLevelPanel.hide();" + is="text-link"/> + <button + id="securityLevel-restoreDefaults" + oncommand="SecurityLevelPanel.restoreDefaults();"/> + <button + id="securityLevel-advancedSecuritySettings" + oncommand="SecurityLevelPanel.openAdvancedSecuritySettings();"/> + </vbox> + </panelview> + </panelmultiview> +</panel> diff --git a/browser/components/securitylevel/content/securityLevelPreferences.css b/browser/components/securitylevel/content/securityLevelPreferences.css new file mode 100644 index 000000000000..0d1040d177d8 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPreferences.css @@ -0,0 +1,26 @@ +label#securityLevel-customWarning { + border-radius: 2px; + background-color: #ffe845; + text-transform: uppercase; + font-weight: bolder; + font-size: 0.7em; + height: 1em; + line-height: 1em; + padding: 0.35em; +} + +radiogroup#securityLevel-radiogroup radio { + font-weight: bold; +} + +vbox#securityLevel-vbox-standard, +vbox#securityLevel-vbox-safer, +vbox#securityLevel-vbox-safest { + margin-top: 0.4em; +} + +vbox#securityLevel-vbox-standard description.indent, +vbox#securityLevel-vbox-safer description.indent, +vbox#securityLevel-vbox-safest description.indent { + margin-inline-start: 0 !important; +} diff --git a/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml new file mode 100644 index 000000000000..a108d44a7b51 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml @@ -0,0 +1,62 @@ +<groupbox id="securityLevel-groupbox" data-category="panePrivacy" hidden="true"> + <label><html:h2 id="securityLevel-header"/></label> + <vbox data-subcategory="securitylevel" flex="1"> + <description flex="1"> + <html:span id="securityLevel-overview" class="tail-with-learn-more"/> + <label id="securityLevel-learnMore" class="learnMore text-link" is="text-link"/> + </description> + <radiogroup id="securityLevel-radiogroup"> + <vbox id="securityLevel-vbox-standard"> + <hbox> + <radio value="standard"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + </vbox> + <vbox id="securityLevel-vbox-safer"> + <hbox> + <radio value="safer"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + <description id="securityLevel-description1" class="indent tip-caption"/> + <description id="securityLevel-description2" class="indent tip-caption"/> + <description id="securityLevel-description3" class="indent tip-caption"/> + </vbox> + <vbox id="securityLevel-vbox-safest"> + <hbox> + <radio value="safest"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + <description id="securityLevel-description1" class="indent tip-caption"/> + <description id="securityLevel-description2" class="indent tip-caption"/> + <description id="securityLevel-description3" class="indent tip-caption"/> + </vbox> + </radiogroup> + </vbox> +</groupbox> diff --git a/browser/components/securitylevel/jar.mn b/browser/components/securitylevel/jar.mn new file mode 100644 index 000000000000..9ac408083fbc --- /dev/null +++ b/browser/components/securitylevel/jar.mn @@ -0,0 +1,6 @@ +browser.jar: + content/browser/securitylevel/securityLevel.js (content/securityLevel.js) + content/browser/securitylevel/securityLevelPanel.css (content/securityLevelPanel.css) + content/browser/securitylevel/securityLevelButton.css (content/securityLevelButton.css) + content/browser/securitylevel/securityLevelPreferences.css (content/securityLevelPreferences.css) + content/browser/securitylevel/securityLevelButton.svg (content/securityLevelButton.svg) diff --git a/browser/components/securitylevel/moz.build b/browser/components/securitylevel/moz.build new file mode 100644 index 000000000000..7e103239c8d6 --- /dev/null +++ b/browser/components/securitylevel/moz.build @@ -0,0 +1 @@ +JAR_MANIFESTS += ['jar.mn']

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 27511: Add new identity button to toolbar
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit cf92cb91988c77fbf88aeecb973c8efdb5d3febe Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 4 19:08:33 2019 +0200 Bug 27511: Add new identity button to toolbar Also added 'New circuit for this site' button to CustomizableUI, but not visible by default. --- browser/base/content/browser.xhtml | 10 ++++++++++ .../components/customizableui/CustomizableUI.jsm | 21 +++++++++++++++++++++ browser/themes/shared/icons/new_circuit.svg | 8 ++++++++ browser/themes/shared/icons/new_identity.svg | 9 +++++++++ browser/themes/shared/jar.inc.mn | 3 +++ browser/themes/shared/menupanel.inc.css | 8 ++++++++ browser/themes/shared/toolbarbutton-icons.inc.css | 8 ++++++++ 7 files changed, 67 insertions(+) diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 72c415b8f843..ddf5d766126b 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1295,6 +1295,16 @@ ondragenter="newWindowButtonObserver.onDragOver(event)" ondragexit="newWindowButtonObserver.onDragExit(event)"/> + <toolbarbutton id="new-identity-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();" + tooltiptext="&torbutton.context_menu.new_identity;"/> + + <toolbarbutton id="new-circuit-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();" + tooltiptext="&torbutton.context_menu.new_circuit;"/> + <toolbarbutton id="fullscreen-button" class="toolbarbutton-1 chromeclass-toolbar-additional" observes="View:FullScreen" type="checkbox" diff --git a/browser/components/customizableui/CustomizableUI.jsm b/browser/components/customizableui/CustomizableUI.jsm index e2f006c73464..1c0064249158 100644 --- a/browser/components/customizableui/CustomizableUI.jsm +++ b/browser/components/customizableui/CustomizableUI.jsm @@ -68,6 +68,8 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 16; +var kTorVersion = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -566,6 +568,20 @@ var CustomizableUIInternal = { navbarPlacements.push("fxa-toolbar-menu-button"); } } + + let currentTorVersion = gSavedState.currentTorVersion; + if (currentTorVersion < 1 && gSavedState.placements) { + let navbarPlacements = gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + let secLevelIndex = navbarPlacements.indexOf("security-level-button"); + if (secLevelIndex === -1) { + let urlbarIndex = navbarPlacements.indexOf("urlbar-container"); + secLevelIndex = urlbarIndex + 1; + navbarPlacements.splice(secLevelIndex, 0, "security-level-button"); + } + navbarPlacements.splice(secLevelIndex + 1, 0, "new-identity-button"); + } + } }, /** @@ -2369,6 +2385,10 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentTorVersion" in gSavedState)) { + gSavedState.currentTorVersion = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2447,6 +2467,7 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentTorVersion: kTorVersion, newElementCount: gNewElementCount, }; diff --git a/browser/themes/shared/icons/new_circuit.svg b/browser/themes/shared/icons/new_circuit.svg new file mode 100644 index 000000000000..e0a93cc83502 --- /dev/null +++ b/browser/themes/shared/icons/new_circuit.svg @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <title>Icon / New Circuit(a)1.5x</title> + <g id="Icon-/-New-Circuit" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <path d="M13.4411138,10.1446317 L9.5375349,10.1446317 C8.99786512,10.1446317 8.56164018,10.5818326 8.56164018,11.1205264 C8.56164018,11.6592203 8.99786512,12.0964212 9.5375349,12.0964212 L11.4571198,12.0964212 C10.7554515,13.0479185 9.73466563,13.692009 8.60067597,13.9359827 C8.41818366,13.9720908 8.23276366,14.0033194 8.04734366,14.0218614 C7.97219977,14.0277168 7.89803177,14.0306445 7.82288788,14.0335722 C6.07506044,14.137017 4.290149,13.4499871 3.38647049,11.857327 C2.52280367,10.3349312 2.77263271,8.15966189 3.93687511,6.87343267 C5.12453898,5.56183017 7.44814431,5.04363008 8.21226987,3.38558497 C9.01738301,4.92847451 9.60682342,5.02801577 10.853041,6.15029468 C11.2892659,6.54455615 11.9704404,7.55558307 12.1861132,8.10501179 C12.3051723,8.40949094 12.5013272,9.17947187 12.5013272,9.17947187 L14.2862386,9.17947187 C14.2091429,7.59754654 13.439162,5.96877827 12.2261248,4.93628166 C11.279507,4.13116853 10.5065984,3.84718317 9.77662911,2.8088312 C9.63219669,2.60194152 9.599 99216,2.4565332 9.56290816,2.21646311 C9.53851079,2.00762164 9.54143848,1.78511764 9.62048595,1.53919218 C9.65952174,1.41720534 9.59804037,1.28545955 9.47702943,1.23764071 L6.40296106,0.0167964277 C6.32391359,-0.0134563083 6.23413128,-0.00272146652 6.16679454,0.0480250584 L5.95502539,0.206120002 C5.85743592,0.280288 5.82815908,0.416913259 5.89159223,0.523285783 C6.70060895,1.92564648 6.36978064,2.82542141 5.8984235,3.20211676 C5.4914754,3.4900057 4.99084141,3.72226864 4.63366394,3.95453159 C3.82367132,4.47956294 3.03222071,5.02508808 2.40374451,5.76774396 C0.434388969,8.09427695 0.519291809,12.0046871 2.77165682,14.1077402 C3.65288975,14.9284676 4.70295247,15.4749686 5.81742423,15.7570022 C5.81742423,15.7570022 6.13556591,15.833122 6.21754107,15.8497122 C7.36616915,16.0829511 8.53529102,16.0146384 9.62243774,15.6672199 C9.67416016,15.6525815 9.77174963,15.620377 9.76784605,15.6154975 C10.7730176,15.2700308 11.7049971,14.7010841 12.4652191,13.90573 L12.4652191,15.0241053 C12.4652191, 15.5627992 12.901444,16 13.4411138,16 C13.9798077,16 14.4170085,15.5627992 14.4170085,15.0241053 L14.4170085,11.1205264 C14.4170085,10.5818326 13.9798077,10.1446317 13.4411138,10.1446317" id="Fill-3" fill="context-fill" fill-opacity="context-fill-opacity"></path> + <path d="M5.107,7.462 C4.405,8.078 4,8.946 4,9.839 C4,10.712 4.422,11.57 5.13,12.132 C5.724,12.607 6.627,12.898 7.642,12.949 L7.642,5.8 C7.39,6.029 7.103,6.227 6.791,6.387 C5.993,6.812 5.489,7.133 5.107,7.462" id="Fill-1" fill="context-fill" fill-opacity="context-fill-opacity"></path> + </g> +</svg> diff --git a/browser/themes/shared/icons/new_identity.svg b/browser/themes/shared/icons/new_identity.svg new file mode 100644 index 000000000000..91d5b35f7e80 --- /dev/null +++ b/browser/themes/shared/icons/new_identity.svg @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <title>New Identity Icon</title> + <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="New-Identity-Icon" fill="#000000" fill-rule="nonzero"> + <path d="M4.65687153,14.5532899 L5.79494313,12.0855326 C5.8689125,11.9251399 5.6620883,11.7793527 5.53742729,11.9040137 L3.77194352,13.6694975 L2.32342782,12.2228406 L4.089841,10.4564274 C4.21450201,10.3317664 4.06871482,10.1249422 3.90832206,10.1989116 L1.43773764,11.338287 L0.206601383,10.1087306 C0.0509544211,9.9532834 -0.0167994233,9.75447206 0.00351451705,9.53432844 C0.0238284574,9.31418483 0.154794797,9.13897939 0.330406365,9.0302193 L4.61213917,6.53066101 C4.98542292,6.31331572 5.42541251,6.16259067 5.8659261,6.07796117 C6.63682488,5.92985954 7.40999434,6.06817199 8.09666802,6.42610336 L12.618483,1.910278 C13.0562019,1.47313888 13.7399062,1.45652879 14.1403159,1.87828207 C14.5407256,2.30003536 14.523905,2.96081599 14.0861861,3.39795511 L9.56437119,7.91378047 C9.92258101,8.57753432 10.0391721,9.37155544 9.91292178,10.1416209 C9.85023328,10.5817332 9.67706706,10.9989392 9.45960494,11.3937636 L6.95651989,15.6478297 C6.84761416,15.82321 6.6720026,15.9319701 6.47398108 ,15.9964916 C6.25354962,16.0167745 6.0544801,15.9491049 5.89883314,15.7936577 L4.65687153,14.5532899 L4.65687153,14.5532899 Z M6.35600863,9.57888316 C6.35684236,9.57982492 6.35770616,9.58074275 6.35860024,9.58163642 L7.56801202,10.7899206 C7.78820303,11.010009 8.15567242,10.9533982 8.29166823,10.678253 C8.42766403,10.4031079 8.55818512,10.1511975 8.61427424,9.83946755 C8.73630873,9.14856819 8.51477165,8.45005355 8.01189873,7.92920397 C8.01085853,7.92816425 8.00979562,7.92715687 8.00871022,7.92618158 C8.00773493,7.92509618 8.00672754,7.92403327 8.00568783,7.92299307 C7.48483824,7.42012014 6.7863236,7.19858307 6.09542425,7.32061756 C5.78369428,7.37670668 5.53178393,7.50722777 5.25663877,7.64322357 C4.98149362,7.77921937 4.92488284,8.14668876 5.14497116,8.36687978 L6.35325537,9.57629155 C6.35414904,9.57718564 6.35506687,9.57804944 6.35600863,9.57888316 L6.35600863,9.57888316 Z M3.56503003,4.86094581 C3.44279837,4.85716019 3.33693302,4.76594656 3.31450832,4.6450962 C3.29259157,4.5009814 3 3.24425431,4.36089837 3.1719467,4.23194774 C3.04272848,4.15978087 2.90235166,4.11153221 2.75793184,4.08964745 C2.63678145,4.06729735 2.5453314,3.9616241 2.54155161,3.83961366 C2.53777182,3.71760322 2.62276629,3.61489221 2.74265726,3.59658884 C2.88757581,3.57942626 3.02687427,3.53584537 3.15371096,3.46798665 C3.21938702,3.3436261 3.26061987,3.20700605 3.27529255,3.0651408 C3.29205048,2.94466859 3.39451537,2.85825378 3.5172925,2.86104768 C3.6386065,2.86399065 3.74452528,2.95324633 3.76872081,3.07292141 C3.79288781,3.21715288 3.84342323,3.35694342 3.91777207,3.4852254 C4.04615548,3.55876237 4.18583906,3.60883869 4.32991405,3.63297757 C4.45015386,3.6576218 4.53936117,3.76418021 4.54139495,3.88559216 C4.54342874,4.00700411 4.45770065,4.10814717 4.33816215,4.12536877 C4.1960481,4.14067978 4.05931708,4.18249381 3.9349938,4.24866259 C3.86697751,4.37522253 3.82328954,4.51422019 3.80607564,4.65882867 C3.78847982,4.77811508 3.68677836,4.86339193 3.56503003,4.86094581 Z M14.4103464,14.3126948 C14.2513672,14.307719 14.1137716,14.188804 14.0849193,14.0314492 C14.045996,13.7585014 13.9510862,13.4938971 13.8061961,13.2543814 C13.5663773,13.109665 13.301434,13.0148623 13.0281329,12.9759728 C12.8707684,12.946921 12.75198,12.8095493 12.7470672,12.6509372 C12.7421545,12.492325 12.8525523,12.3587997 13.0082799,12.3350024 C13.2816632,12.3044807 13.5433622,12.2185794 13.7775725,12.0824861 C13.9099238,11.8524988 13.992337,11.5955854 14.0197279,11.3275956 C14.0417134,11.1717293 14.1740126,11.0598594 14.3327736,11.0628895 C14.4905572,11.0667732 14.6282205,11.1831391 14.6593783,11.3389665 C14.703143,11.6110771 14.8017156,11.8740418 14.9490566,12.1117486 C15.1872615,12.2578242 15.450159,12.3559923 15.7221615,12.4004323 C15.8783433,12.4324665 15.9942186,12.5709889 15.9968634,12.7288231 C15.9995083,12.8866572 15.8881575,13.0181443 15.7328877,13.0405352 C15.4641157,13.0669716 15.2064728,13.14931 14.9763475,13.2823129 C14.8406047,13.5164173 14.7548186,13.7777086 14.724105,14.0506041 C14.70 09285,14.2056508 14.5685348,14.3162427 14.4103464,14.3126948 Z M8.37194288,2.75251202 C8.23729358,2.7482977 8.12075529,2.6475812 8.09631849,2.5143077 C8.06335201,2.28313133 7.98296703,2.05902158 7.86025062,1.85616098 C7.65713325,1.73359169 7.43273641,1.65329741 7.2012608,1.62035947 C7.06797908,1.59575373 6.9673698,1.47940513 6.96320889,1.34506671 C6.95904797,1.21072829 7.05255074,1.09763741 7.18444606,1.07748204 C7.41599123,1.0516313 7.6376403,0.978876138 7.83600755,0.863610339 C7.94810399,0.668819911 8.01790485,0.45122403 8.04110388,0.224246882 C8.05972477,0.0922341146 8.17177714,-0.00251545243 8.30624168,5.089704e-05 C8.43987839,0.00334026838 8.55647391,0.101897787 8.58286336,0.233877601 C8.61993042,0.464344927 8.70341768,0.687066016 8.82820981,0.888394549 C9.02996027,1.012115 9.25262444,1.09525963 9.4830002,1.13289867 C9.6152802,1.16003037 9.71342219,1.27735361 9.71566226,1.41103311 C9.71790232,1.5447126 9.62359245,1.65607713 9.49208487,1.67504141 C9.26444525,1.69743199 9.0462315 3,1.76716948 8.85132417,1.87981789 C8.73635526,2.07809534 8.66369764,2.2993991 8.63768445,2.53053117 C8.61805481,2.66184983 8.50592239,2.75551697 8.37194288,2.75251202 Z" id="Shape" fill="context-fill" fill-opacity="context-fill-opacity"></path> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 71fea38eb829..e4a3c8d2d41c 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -302,3 +302,6 @@ skin/classic/browser/install-ssb.svg (../shared/install-ssb.svg) skin/classic/browser/critical.svg (../shared/icons/critical.svg) skin/classic/browser/webRTC-indicator.css (../shared/webRTC-indicator.css) + + skin/classic/browser/new_circuit.svg (../shared/icons/new_circuit.svg) + skin/classic/browser/new_identity.svg (../shared/icons/new_identity.svg) diff --git a/browser/themes/shared/menupanel.inc.css b/browser/themes/shared/menupanel.inc.css index c919f32a1454..eae453ec5004 100644 --- a/browser/themes/shared/menupanel.inc.css +++ b/browser/themes/shared/menupanel.inc.css @@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] > #bookmarks-menu-button, -moz-context-properties: fill, fill-opacity; fill-opacity: 0; } + +#appMenuNewIdentity { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#appMenuNewCircuit { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css b/browser/themes/shared/toolbarbutton-icons.inc.css index 9514eb1d5338..cf02f871c9a4 100644 --- a/browser/themes/shared/toolbarbutton-icons.inc.css +++ b/browser/themes/shared/toolbarbutton-icons.inc.css @@ -233,6 +233,14 @@ toolbar[brighttext] { list-style-image: url("chrome://browser/skin/new-tab.svg"); } +#new-identity-button { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#new-circuit-button { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} + #privatebrowsing-button { list-style-image: url("chrome://browser/skin/privateBrowsing.svg"); }

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 26345: Hide tracking protection UI
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit b7a6e7000f0f1a86767c71a0735eacf7ca0ae39d Author: Alex Catarineu <acat(a)torproject.org> Date: Tue Sep 10 16:29:31 2019 +0200 Bug 26345: Hide tracking protection UI --- browser/base/content/browser-siteIdentity.js | 4 ++-- browser/components/about/AboutRedirector.cpp | 4 ---- browser/components/about/components.conf | 1 - browser/components/customizableui/content/panelUI.inc.xhtml | 4 ++-- browser/components/moz.build | 1 - browser/themes/shared/preferences/privacy.css | 4 ++++ 6 files changed, 8 insertions(+), 10 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 71b12374758d..b7fa432d9478 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -837,10 +837,10 @@ var gIdentityHandler = { this._refreshPermissionIcons(); - // Hide the shield icon if it is a chrome page. + // Bug 26345: Hide tracking protection UI. gProtectionsHandler._trackingProtectionIconContainer.classList.toggle( "chromeUI", - this._isSecureInternalUI + true ); }, diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 933d519bd959..544e21782729 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,10 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, - {"protections", "chrome://browser/content/protections.html", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | - nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, {"pioneer", "chrome://browser/content/pioneer.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index f31159d30e15..d78de142e2e4 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -20,7 +20,6 @@ pages = [ 'policies', 'preferences', 'privatebrowsing', - 'protections', 'profiling', 'reader', 'restartrequired', diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index 719eee14e681..45f4a10ace7b 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -244,7 +244,7 @@ oncommand="gSync.toggleAccountPanel('PanelUI-fxa', this, event)"/> </toolbaritem> <toolbarseparator class="sync-ui-item"/> - <toolbaritem> + <toolbaritem hidden="true"> <toolbarbutton id="appMenu-protection-report-button" class="subviewbutton subviewbutton-iconic" oncommand="gProtectionsHandler.openProtections(); gProtectionsHandler.recordClick('open_full_report', null, 'app_menu');"> @@ -255,7 +255,7 @@ </label> </toolbarbutton> </toolbaritem> - <toolbarseparator id="appMenu-tp-separator"/> + <toolbarseparator hidden="true" id="appMenu-tp-separator"/> <toolbarbutton id="appMenu-new-window-button" class="subviewbutton subviewbutton-iconic" label="&newNavigatorCmd.label;" diff --git a/browser/components/moz.build b/browser/components/moz.build index 8d6d2503e4a0..cb6eeb9164ef 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -48,7 +48,6 @@ DIRS += [ 'preferences', 'privatebrowsing', 'prompts', - 'protections', 'protocolhandler', 'resistfingerprinting', 'search', diff --git a/browser/themes/shared/preferences/privacy.css b/browser/themes/shared/preferences/privacy.css index 7ac2a5119411..87e3ecc2d4b7 100644 --- a/browser/themes/shared/preferences/privacy.css +++ b/browser/themes/shared/preferences/privacy.css @@ -99,6 +99,10 @@ /* Content Blocking */ +#trackingGroup { + display: none; +} + /* Override styling that sets descriptions as grey */ #trackingGroup description.indent, #trackingGroup .indent > description {

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 30541: Disable WebGL readPixel() for web content
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 42ab0bddf09a3cc0a886cf739886a11437e91e2b Author: Georg Koppen <gk(a)torproject.org> Date: Wed May 29 12:29:19 2019 +0000 Bug 30541: Disable WebGL readPixel() for web content --- dom/canvas/ClientWebGLContext.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp index 42c0b1ba6b80..c7f2559332d3 100644 --- a/dom/canvas/ClientWebGLContext.cpp +++ b/dom/canvas/ClientWebGLContext.cpp @@ -4118,6 +4118,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck( return false; } + // Security check passed, but don't let content readPixel calls through for + // now, if Resist Fingerprinting Mode is enabled. + if (nsContentUtils::ResistFingerprinting(aCallerType)) { + JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode"); + out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); + return false; + } + return true; }

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 31575: Replace Firefox Home (newtab) with about:tor
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 3962381d84c1906c165f44b0603b22151286ad01 Author: Alex Catarineu <acat(a)torproject.org> Date: Mon Sep 9 13:04:34 2019 +0200 Bug 31575: Replace Firefox Home (newtab) with about:tor Avoid loading AboutNewTab in BrowserGlue.jsm in order to avoid several network requests that we do not need. Besides, about:newtab will now point to about:blank or about:tor (depending on browser.newtabpage.enabled) and about:home will point to about:tor. --- browser/components/BrowserGlue.jsm | 29 ++---------------------- browser/components/newtab/AboutNewTabService.jsm | 15 +----------- browser/components/preferences/home.inc.xhtml | 4 ++-- browser/components/preferences/preferences.xhtml | 5 +++- browser/modules/HomePage.jsm | 2 +- 5 files changed, 10 insertions(+), 45 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3363e24a9b56..44b1426b92e0 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -29,12 +29,6 @@ ChromeUtils.defineModuleGetter( "resource:///modules/CustomizableUI.jsm" ); -ChromeUtils.defineModuleGetter( - this, - "AboutNewTab", - "resource:///modules/AboutNewTab.jsm" -); - ChromeUtils.defineModuleGetter( this, "E10SUtils", @@ -123,19 +117,6 @@ let JSWINDOWACTORS = { matches: ["about:newinstall"], }, - AboutNewTab: { - child: { - moduleURI: "resource:///actors/AboutNewTabChild.jsm", - events: { - DOMContentLoaded: {}, - }, - }, - // The wildcard on about:newtab is for the ?endpoint query parameter - // that is used for snippets debugging. - matches: ["about:home", "about:welcome", "about:newtab*"], - remoteTypes: ["privilegedabout"], - }, - AboutPlugins: { parent: { moduleURI: "resource:///actors/AboutPluginsParent.jsm", @@ -1730,8 +1711,6 @@ BrowserGlue.prototype = { // the first browser window has finished initializing _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) { - AboutNewTab.init(); - TabCrashHandler.init(); ProcessHangMonitor.init(); @@ -5199,12 +5178,8 @@ var AboutHomeStartupCache = { return { pageInputStream: null, scriptInputStream: null }; } - let state = AboutNewTab.activityStream.store.getState(); - return new Promise(resolve => { - this._cacheDeferred = resolve; - this.log.trace("Parent received cache streams."); - this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state }); - }); + this.log.error("Activity Stream is disabled in Tor Browser."); + return { pageInputStream: null, scriptInputStream: null }; }, /** diff --git a/browser/components/newtab/AboutNewTabService.jsm b/browser/components/newtab/AboutNewTabService.jsm index 506b521f528c..3962ebf94ab5 100644 --- a/browser/components/newtab/AboutNewTabService.jsm +++ b/browser/components/newtab/AboutNewTabService.jsm @@ -286,20 +286,7 @@ class BaseAboutNewTabService { * the newtab page has no effect on the result of this function. */ get defaultURL() { - // Generate the desired activity stream resource depending on state, e.g., - // "resource://activity-stream/prerendered/activity-stream.html" - // "resource://activity-stream/prerendered/activity-stream-debug.html" - // "resource://activity-stream/prerendered/activity-stream-noscripts.html" - return [ - "resource://activity-stream/prerendered/", - "activity-stream", - // Debug version loads dev scripts but noscripts separately loads scripts - this.activityStreamDebug && !this.privilegedAboutProcessEnabled - ? "-debug" - : "", - this.privilegedAboutProcessEnabled ? "-noscripts" : "", - ".html", - ].join(""); + return "about:tor"; } /* diff --git a/browser/components/preferences/home.inc.xhtml b/browser/components/preferences/home.inc.xhtml index 2e900ccd296c..2a7412944d73 100644 --- a/browser/components/preferences/home.inc.xhtml +++ b/browser/components/preferences/home.inc.xhtml @@ -37,7 +37,7 @@ class="check-home-page-controlled" data-preference-related="browser.startup.homepage"> <menupopup> - <menuitem value="0" data-l10n-id="home-mode-choice-default" /> + <menuitem value="0" label="&aboutTor.title;" /> <menuitem value="2" data-l10n-id="home-mode-choice-custom" /> <menuitem value="1" data-l10n-id="home-mode-choice-blank" /> </menupopup> @@ -97,7 +97,7 @@ flex="1" preference="browser.newtabpage.enabled"> <menupopup> - <menuitem value="0" data-l10n-id="home-mode-choice-default" /> + <menuitem value="0" label="&aboutTor.title;" /> <menuitem value="1" data-l10n-id="home-mode-choice-blank" /> </menupopup> </menulist> diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index 3d89ddf00808..c176457c68fd 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -14,7 +14,10 @@ <?xml-stylesheet href="chrome://browser/skin/preferences/privacy.css"?> <?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPreferences.css"?> -<!DOCTYPE html> +<!DOCTYPE html [ +<!ENTITY % aboutTorDTD SYSTEM "chrome://torbutton/locale/aboutTor.dtd"> + %aboutTorDTD; +]> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:html="http://www.w3.org/1999/xhtml" diff --git a/browser/modules/HomePage.jsm b/browser/modules/HomePage.jsm index c903787fde48..bf67b1c5d173 100644 --- a/browser/modules/HomePage.jsm +++ b/browser/modules/HomePage.jsm @@ -20,7 +20,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { }); const kPrefName = "browser.startup.homepage"; -const kDefaultHomePage = "about:home"; +const kDefaultHomePage = "about:tor"; const kExtensionControllerPref = "browser.startup.homepage_override.extensionControlled"; const kHomePageIgnoreListId = "homepage-urls";

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 28369: Stop shipping pingsender executable
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit ab4fa261c998f40341738411c65bb7ff64ba152a Author: Alex Catarineu <acat(a)torproject.org> Date: Wed Apr 10 17:52:51 2019 +0200 Bug 28369: Stop shipping pingsender executable --- browser/app/macbuild/Contents/MacOS-files.in | 1 - browser/installer/package-manifest.in | 4 ---- browser/installer/windows/nsis/shared.nsh | 1 - python/mozbuild/mozbuild/artifacts.py | 2 -- toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +------------------ toolkit/components/telemetry/moz.build | 4 ---- 6 files changed, 1 insertion(+), 30 deletions(-) diff --git a/browser/app/macbuild/Contents/MacOS-files.in b/browser/app/macbuild/Contents/MacOS-files.in index a0cac14ef7e3..38c3766c6375 100644 --- a/browser/app/macbuild/Contents/MacOS-files.in +++ b/browser/app/macbuild/Contents/MacOS-files.in @@ -13,7 +13,6 @@ #if defined(MOZ_CRASHREPORTER) /minidump-analyzer #endif -/pingsender /pk12util /ssltunnel /xpcshell diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index ad7dd023a92e..9e36326dee5b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -444,10 +444,6 @@ bin/libfreebl_64int_3.so @BINPATH@/minidump-analyzer@BIN_SUFFIX@ #endif -; [ Ping Sender ] -; -@BINPATH@/pingsender@BIN_SUFFIX@ - ; Shutdown Terminator @RESPATH@/components/terminator.manifest diff --git a/browser/installer/windows/nsis/shared.nsh b/browser/installer/windows/nsis/shared.nsh index 668fbca98b39..cb61865af70f 100755 --- a/browser/installer/windows/nsis/shared.nsh +++ b/browser/installer/windows/nsis/shared.nsh @@ -1472,7 +1472,6 @@ ${EndIf} Push "crashreporter.exe" Push "default-browser-agent.exe" Push "minidump-analyzer.exe" - Push "pingsender.exe" Push "updater.exe" Push "updateagent.exe" Push "${FileMainEXE}" diff --git a/python/mozbuild/mozbuild/artifacts.py b/python/mozbuild/mozbuild/artifacts.py index d1de6bca15d9..35107ac894fd 100644 --- a/python/mozbuild/mozbuild/artifacts.py +++ b/python/mozbuild/mozbuild/artifacts.py @@ -420,7 +420,6 @@ class LinuxArtifactJob(ArtifactJob): '{product}/{product}', '{product}/{product}-bin', '{product}/minidump-analyzer', - '{product}/pingsender', '{product}/plugin-container', '{product}/updater', '{product}/**/*.so', @@ -482,7 +481,6 @@ class MacArtifactJob(ArtifactJob): 'libosclientcerts.dylib', 'libsoftokn3.dylib', 'minidump-analyzer', - 'pingsender', 'plugin-container.app/Contents/MacOS/plugin-container', 'updater.app/Contents/MacOS/org.mozilla.updater', # 'xpcshell', diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm b/toolkit/components/telemetry/app/TelemetrySend.jsm index f0f61b74026b..502416431b24 100644 --- a/toolkit/components/telemetry/app/TelemetrySend.jsm +++ b/toolkit/components/telemetry/app/TelemetrySend.jsm @@ -1578,23 +1578,6 @@ var TelemetrySendImpl = { }, runPingSender(pings, observer) { - if (AppConstants.platform === "android") { - throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); - } - - const exeName = - AppConstants.platform === "win" ? "pingsender.exe" : "pingsender"; - - let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile); - exe.append(exeName); - - let params = pings.flatMap(ping => [ping.url, ping.path]); - let process = Cc["@mozilla.org/process/util;1"].createInstance( - Ci.nsIProcess - ); - process.init(exe); - process.startHidden = true; - process.noShell = true; - process.runAsync(params, params.length, observer); + throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); }, }; diff --git a/toolkit/components/telemetry/moz.build b/toolkit/components/telemetry/moz.build index 8d9104f632a6..520d2da3acf1 100644 --- a/toolkit/components/telemetry/moz.build +++ b/toolkit/components/telemetry/moz.build @@ -8,10 +8,6 @@ include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' -DIRS = [ - 'pingsender', -] - DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] LOCAL_INCLUDES += [

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 23247: Communicating security expectations for .onion
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit a5b8ad271ac94987284976a5cdf780b2e07fdaa5 Author: Richard Pospesel <richard(a)torproject.org> Date: Fri Jun 8 13:38:40 2018 -0700 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. --- browser/base/content/browser-siteIdentity.js | 39 ++++++++----- browser/base/content/pageinfo/security.js | 64 ++++++++++++++++++---- .../shared/identity-block/identity-block.inc.css | 19 +++++++ .../themes/shared/identity-block/onion-slash.svg | 5 ++ .../themes/shared/identity-block/onion-warning.svg | 6 ++ browser/themes/shared/identity-block/onion.svg | 3 + browser/themes/shared/jar.inc.mn | 3 + dom/base/nsContentUtils.cpp | 19 +++++++ dom/base/nsContentUtils.h | 5 ++ dom/base/nsGlobalWindowOuter.cpp | 3 +- dom/ipc/WindowGlobalActor.cpp | 4 +- dom/ipc/WindowGlobalChild.cpp | 6 +- dom/presentation/PresentationRequest.cpp | 3 +- dom/security/nsMixedContentBlocker.cpp | 16 +++++- security/manager/ssl/nsSecureBrowserUI.cpp | 12 ++++ 15 files changed, 175 insertions(+), 32 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 1d6f9555b33f..71b12374758d 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -131,6 +131,10 @@ var gIdentityHandler = { ); }, + get _uriIsOnionHost() { + return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; + }, + // smart getters get _identityPopup() { delete this._identityPopup; @@ -624,9 +628,9 @@ var gIdentityHandler = { get pointerlockFsWarningClassName() { // Note that the fullscreen warning does not handle _isSecureInternalUI. if (this._uriHasHost && this._isSecureConnection) { - return "verifiedDomain"; + return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; } - return "unknownIdentity"; + return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; }, /** @@ -634,6 +638,10 @@ var gIdentityHandler = { * built-in (returns false) or imported (returns true). */ _hasCustomRoot() { + if (!this._secInfo) { + return false; + } + let issuerCert = null; issuerCert = this._secInfo.succeededCertChain[ this._secInfo.succeededCertChain.length - 1 @@ -676,11 +684,13 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); - } else if (this._uriHasHost && this._isSecureConnection) { + } else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. - this._identityBox.className = "verifiedDomain"; + // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; if (this._isMixedActiveContentBlocked) { - this._identityBox.classList.add("mixedActiveBlocked"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveBlocked" : "mixedActiveBlocked"); } if (!this._isCertUserOverridden) { // It's a normal cert, verifier is the CA Org. @@ -691,17 +701,17 @@ var gIdentityHandler = { } } else if (this._isBrokenConnection) { // This is a secure connection, but something is wrong. - this._identityBox.className = "unknownIdentity"; + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; if (this._isMixedActiveContentLoaded) { - this._identityBox.classList.add("mixedActiveContent"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveContent" : "mixedActiveContent"); } else if (this._isMixedActiveContentBlocked) { - this._identityBox.classList.add( - "mixedDisplayContentLoadedActiveBlocked" - ); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedDisplayContentLoadedActiveBlocked" : "mixedDisplayContentLoadedActiveBlocked"); } else if (this._isMixedPassiveContentLoaded) { - this._identityBox.classList.add("mixedDisplayContent"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedDisplayContent" : "mixedDisplayContent"); } else { + // TODO: ignore weak https cipher for onionsites? this._identityBox.classList.add("weakCipher"); } } else if (this._isAboutCertErrorPage) { @@ -713,8 +723,8 @@ var gIdentityHandler = { (gBrowser.selectedBrowser.documentURI.scheme == "about" || gBrowser.selectedBrowser.documentURI.scheme == "chrome")) ) { - // This is a local resource (and shouldn't be marked insecure). - this._identityBox.className = "unknownIdentity"; + // This is a local resource or an onion site (and shouldn't be marked insecure). + this._identityBox.className = this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; } else { // This is an insecure connection. let warnOnInsecure = @@ -738,7 +748,8 @@ var gIdentityHandler = { } if (this._isCertUserOverridden) { - this._identityBox.classList.add("certUserOverridden"); + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.classList.add(uriIsOnionHost ? "onionCertUserOverridden" : "certUserOverridden"); // Cert is trusted because of a security exception, verifier is a special string. tooltip = gNavigatorBundle.getString( "identity.identified.verified_by_you" diff --git a/browser/base/content/pageinfo/security.js b/browser/base/content/pageinfo/security.js index 966d3fdb3901..4331ebc4b219 100644 --- a/browser/base/content/pageinfo/security.js +++ b/browser/base/content/pageinfo/security.js @@ -22,6 +22,13 @@ ChromeUtils.defineModuleGetter( "PluralForm", "resource://gre/modules/PluralForm.jsm" ); +XPCOMUtils.defineLazyGetter( + this, + "gTorButtonBundle", + function() { + return Services.strings.createBundle("chrome://torbutton/locale/torbutton.properties"); + } +); var security = { async init(uri, windowInfo) { @@ -70,6 +77,11 @@ var security = { (Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT | Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT); var isEV = ui.state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL; + var isOnion = false; + const hostName = this.windowInfo.hostName; + if (hostName && hostName.endsWith(".onion")) { + isOnion = true; + } let secInfo = await window.opener.gBrowser.selectedBrowser.browsingContext.currentWindowGlobal.getSecurityInfo(); if (secInfo) { @@ -95,6 +107,7 @@ var security = { isBroken, isMixed, isEV, + isOnion, cert, certChain: certChainArray, certificateTransparency: undefined, @@ -154,6 +167,7 @@ var security = { isBroken, isMixed, isEV, + isOnion, cert: null, certificateTransparency: null, }; @@ -350,22 +364,50 @@ async function securityOnLoad(uri, windowInfo) { } msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } else if (info.encryptionStrength > 0) { - hdr = pkiBundle.getFormattedString( - "pageInfo_EncryptionWithBitsAndProtocol", - [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] - ); + if (!info.isOnion) { + hdr = pkiBundle.getFormattedString( + "pageInfo_EncryptionWithBitsAndProtocol", + [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] + ); + } else { + try { + hdr = gTorButtonBundle.formatStringFromName( + "pageInfo_OnionEncryptionWithBitsAndProtocol", + [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] + ); + } catch(err) { + hdr = "Connection Encrypted (Onion Service, " + + info.encryptionAlgorithm + + ", " + + info.encryptionStrength + + " bit keys, " + + info.version + + ")"; + } + } msg1 = pkiBundle.getString("pageInfo_Privacy_Encrypted1"); msg2 = pkiBundle.getString("pageInfo_Privacy_Encrypted2"); } else { - hdr = pkiBundle.getString("pageInfo_NoEncryption"); - if (windowInfo.hostName != null) { - msg1 = pkiBundle.getFormattedString("pageInfo_Privacy_None1", [ - windowInfo.hostName, - ]); + if (!info.isOnion) { + hdr = pkiBundle.getString("pageInfo_NoEncryption"); + if (windowInfo.hostName != null) { + msg1 = pkiBundle.getFormattedString("pageInfo_Privacy_None1", [ + windowInfo.hostName, + ]); + } else { + msg1 = pkiBundle.getString("pageInfo_Privacy_None4"); + } + msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } else { - msg1 = pkiBundle.getString("pageInfo_Privacy_None4"); + try { + hdr = gTorButtonBundle.GetStringFromName("pageInfo_OnionEncryption"); + } catch (err) { + hdr = "Connection Encrypted (Onion Service)"; + } + + msg1 = pkiBundle.getString("pageInfo_Privacy_Encrypted1"); + msg2 = pkiBundle.getString("pageInfo_Privacy_Encrypted2"); } - msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } setText("security-technical-shortform", hdr); setText("security-technical-longform1", msg1); diff --git a/browser/themes/shared/identity-block/identity-block.inc.css b/browser/themes/shared/identity-block/identity-block.inc.css index 27a990e08bc8..011fb9f3081c 100644 --- a/browser/themes/shared/identity-block/identity-block.inc.css +++ b/browser/themes/shared/identity-block/identity-block.inc.css @@ -172,6 +172,25 @@ toolbar[brighttext] #identity-box[pageproxystate="valid"].chromeUI > #identity-i list-style-image: url(chrome://browser/skin/connection-mixed-active-loaded.svg); } +#identity-box[pageproxystate="valid"].onionUnknownIdentity > #identity-icon, +#identity-box[pageproxystate="valid"].onionVerifiedDomain > #identity-icon, +#identity-box[pageproxystate="valid"].onionMixedActiveBlocked > #identity-icon { + list-style-image: url(chrome://browser/skin/onion.svg); + visibility: visible; +} + +#identity-box[pageproxystate="valid"].onionMixedDisplayContent > #identity-icon, +#identity-box[pageproxystate="valid"].onionMixedDisplayContentLoadedActiveBlocked > #identity-icon, +#identity-box[pageproxystate="valid"].onionCertUserOverridden > #identity-icon { + list-style-image: url(chrome://browser/skin/onion-warning.svg); + visibility: visible; +} + +#identity-box[pageproxystate="valid"].onionMixedActiveContent > #identity-icon { + list-style-image: url(chrome://browser/skin/onion-slash.svg); + visibility: visible; +} + #permissions-granted-icon { list-style-image: url(chrome://browser/skin/permissions.svg); } diff --git a/browser/themes/shared/identity-block/onion-slash.svg b/browser/themes/shared/identity-block/onion-slash.svg new file mode 100644 index 000000000000..e7c98b769482 --- /dev/null +++ b/browser/themes/shared/identity-block/onion-slash.svg @@ -0,0 +1,5 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M3.409559 13.112147C3.409559 13.112147 8.200807 8.103115 8.200807 8.103115C8.200807 8.103115 8.200807 6.516403 8.200807 6.516403C8.620819 6.516403 9.009719 6.703075 9.274171 6.998639C9.274171 6.998639 10.160863 6.080835 10.160863 6.080835C9.663071 5.567487 8.978607 5.256367 8.200807 5.256367C8.200807 5.256367 8.200807 4.400787 8.200807 4.400787C9.196391 4.400787 10.098639 4.805243 10.736435 5.458595C10.736435 5.458595 11.623127 4.540791 11.623127 4.540791C10.751991 3.669655 9.538623 3.125195 8.200807 3.125195C8.200807 3.125195 8.200807 2.269615 8.200807 2.269615C9.756407 2.269615 11.172003 2.907411 12.214255 3.918551C12.214255 3.918551 13.100947 3.000747 13.100947 3.000747C11.825355 1.756267 10.098639 0.994023 8.185251 0.994023C4.311807 0.994023 1.185051 4.120779 1.185051 7.994223C1.185051 10.016503 2.040631 11.836555 3.409559 13.112147C3.409559 13.112147 3.409559 13.112147 3.409559 13.112147" fill-opacity="context-fill-opacity" fill="context-fill" /> + <path d="M14.205423 4.416343C14.205423 4.416343 13.287619 5.380815 13.287619 5.380815C13.692075 6.158615 13.909859 7.045307 13.909859 7.994223C13.909859 11.152091 11.358675 13.718831 8.200807 13.718831C8.200807 13.718831 8.200807 12.863251 8.200807 12.863251C10.891995 12.863251 13.069835 10.669855 13.069835 7.978667C13.069835 7.278647 12.929831 6.625295 12.665379 6.018611C12.665379 6.018611 11.685351 7.045307 11.685351 7.045307C11.763131 7.340871 11.809799 7.651991 11.809799 7.963111C11.809799 9.954279 10.207531 11.556547 8.216363 11.572103C8.216363 11.572103 8.216363 10.716523 8.216363 10.716523C9.725295 10.700967 10.954219 9.472043 10.954219 7.963111C10.954219 7.916443 10.954219 7.854219 10.954219 7.807551C10.954219 7.807551 4.887379 14.169955 4.887379 14.169955C5.867407 14.698859 6.987439 14.994423 8.185251 14.994423C12.058695 14.994423 15.185451 11.867667 15.185451 7.994223C15.185451 6.687519 14.827663 5.474151 14.205423 4.416343C14.205423 4.416343 14.205423 4.416343 14.205423 4.416343" fill-opacity="context-fill-opacity" fill="context-fill" /> + <path d="M1.791735 15.461103C1.402835 15.461103 1.045047 15.212207 0.889487 14.838863C0.733927 14.465519 0.827267 14.014395 1.107271 13.734387C1.107271 13.734387 13.458735 0.822907 13.458735 0.822907C13.847635 0.434007 14.454319 0.449563 14.827663 0.838467C15.201007 1.227367 15.216563 1.865163 14.843223 2.269619C14.843223 2.269619 2.491759 15.181099 2.491759 15.181099C2.289531 15.352215 2.040635 15.461107 1.791739 15.461107C1.791739 15.461107 1.791735 15.461103 1.791735 15.461103" fill="#ff0039" /> +</svg> diff --git a/browser/themes/shared/identity-block/onion-warning.svg b/browser/themes/shared/identity-block/onion-warning.svg new file mode 100644 index 000000000000..d42a7dab7246 --- /dev/null +++ b/browser/themes/shared/identity-block/onion-warning.svg @@ -0,0 +1,6 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M15.8630401732 14.127C15.8630401732 14.127 12.6649598146 7.716 12.6649598146 7.716C12.4469357756 7.279935 12.0003277145 7.0043454 11.5116853046 7.0043454C11.0230428947 7.0043454 10.5764348336 7.279935 10.3584107946 7.716C10.3584107946 7.716 7.1573218938 14.127 7.1573218938 14.127C6.95646770542 14.527294 6.97733695982 15.002669 7.21250176686 15.38393C7.4476665739 15.765191 7.86372750208 15.998191 8.3126020986 16.0C8.3126020986 16.0 14.7077599684 16.0 14.7077599684 16.0C15.1566344646 15.9982 15.572695794 15.765191 15.8078605007 15.38393C16.0430252075 15.002669 16.0638944619 14.527294 15.8630371647 14.127C15.8630371647 14.127 15.8630401732 14.127 15.8630401732 14.127" fill="#ffbf00" /> + <path d="M11.5106824572 8.0C11.6210488221 7.99691 11.7223975832 8.060469 11.7674113916 8.161C11.7674113916 8.161 14.9644889028 14.573 14.9644889028 14.573C15.0126456349 14.66534 15.0076715118 14.776305 14.9514518866 14.864C14.9011992034 14.95041 14.8079143382 15.002854 14.7077599684 15.001048C14.7077599684 15.001048 8.3126020986 15.001048 8.3126020986 15.001048C8.2124480296 15.002854 8.1191607576 14.950409 8.0689101804 14.864C8.0124814615 14.77637 8.0075053327 14.665298 8.0558731642 14.573C8.0558731642 14.573 11.2529506754 8.161 11.2529506754 8.161C11.2981038796 8.0601247 11.3999560701 7.9964997 11.5106824572 8.0M11.5106824572 6.9999751C11.0194557096 6.9969427 10.5701148893 7.2754275 10.3554022524 7.716C10.3554022524 7.716 7.1573218938 14.127 7.1573218938 14.127C6.95646770542 14.527294 6.97733695982 15.002669 7.21250176686 15.38393C7.4476665739 15.765191 7.86372750208 15.998191 8.3126020986 16.0C8.3126020986 16.0 14.7077599684 16.0 14.7077599684 16.0C15.1566344646 15.9982 15.57269 5794 15.765191 15.8078605007 15.38393C16.0430252075 15.002669 16.0638944619 14.527294 15.8630371647 14.127C15.8630371647 14.127 12.6649598146 7.716 12.6649598146 7.716C12.4504036219 7.2757546 12.0015481798 6.9973287 11.5106824572 6.9999751C11.5106824572 6.9999751 11.5106824572 6.9999751 11.5106824572 6.9999751" opacity="0.35" fill="#d76e00" /> + <path d="M11.5327451 12.0C11.8096733867 12.0 12.0341688 11.776142 12.0341688 11.5C12.0341688 11.5 12.0341688 9.5 12.0341688 9.5C12.0341688 9.2238576 11.8096733867 9.0 11.5327451 9.0C11.2558168133 9.0 11.0313214 9.2238576 11.0313214 9.5C11.0313214 9.5 11.0313214 11.5 11.0313214 11.5C11.0313214 11.776142 11.2558168133 12.0 11.5327451 12.0C11.5327451 12.0 11.5327451 12.0 11.5327451 12.0M11.5327451 12.809C11.1500294496 12.809 10.8397775466 13.118371 10.8397775466 13.5C10.8397775466 13.881629 11.1500294496 14.191 11.5327451 14.191C11.9154607504 14.191 12.2257126534 13.881629 12.2257126534 13.5C12.2257126534 13.118371 11.9154607504 12.809 11.5327451 12.809C11.5327451 12.809 11.5327451 12.809 11.5327451 12.809" fill="#ffffff" /> + <path d="M7.08030321348 6.552C7.90163523408 6.56 8.5645173655 7.225 8.5645173655 8.046C8.5645173655 8.866 7.90163523408 9.532 7.08030321348 9.54C7.08030321348 9.54 7.08030321348 6.552 7.08030321348 6.552M6.30610502068 13.756C6.30610502068 13.756 9.4991711423 7.353 9.4991711423 7.353C9.5453021227 7.259 9.6144985933 7.184 9.6716608951 7.098C9.2845617987 6.039 8.2756973143 5.277 7.08030321348 5.271C7.08030321348 5.271 7.08030321348 4.417 7.08030321348 4.417C8.5043465215 4.423 9.7238089599 5.251 10.3164917733 6.443C10.6795225321 6.21 11.1067355245 6.074 11.5519997701 6.074C11.5519997701 6.074 11.5620282441 6.074 11.5620282441 6.074C11.5620282441 6.074 11.5640339389 6.074 11.5640339389 6.074C11.5660396337 6.074 11.5690481759 6.075 11.5710538707 6.075C10.8108955415 4.35 9.0900094031 3.141 7.08030321348 3.135C7.08030321348 3.135 7.08030321348 2.281 7.08030321348 2.281C9.6716608951 2.288 11.8618796167 3.993 12.5889439817 6.34C13.0231769059 6.561 13.3922247491 6.9 13.6088397875 7.344C13.60 88397875 7.344 14.1162805719 8.361 14.1162805719 8.361C14.1202919615 8.256 14.1313232829 8.152 14.1313232829 8.046C14.1313232829 4.155 10.9683425833 1.0 7.06626334988 1.0C3.16318126908 1.0 0.00020056948 4.155 0.00020056948 8.046C0.00020056948 11.603 2.64571201068 14.536 6.08046435568 15.015C6.03633907008 14.595 6.10252699848 14.16 6.30610502068 13.756C6.30610502068 13.756 6.30610502068 13.756 6.30610502068 13.756" fill-opacity="context-fill-opacity" fill="context-fill" /> +</svg> diff --git a/browser/themes/shared/identity-block/onion.svg b/browser/themes/shared/identity-block/onion.svg new file mode 100644 index 000000000000..b123a9786acc --- /dev/null +++ b/browser/themes/shared/identity-block/onion.svg @@ -0,0 +1,3 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M8.01435945 13.726867125C8.01435945 13.726867125 8.01435945 12.87830525 8.01435945 12.87830525C10.70227825 12.87051775 12.87869375 10.689666 12.87869375 7.9998060125C12.87869375 5.310140275 10.70227825 3.1292621 8.01435945 3.121500325C8.01435945 3.121500325 8.01435945 2.272938975 8.01435945 2.272938975C11.170899375 2.280892725 13.727061375 4.8415202875 13.727061375 7.9998060125C13.727061375 11.158285375 11.170899375 13.719105 8.01435945 13.726867125C8.01435945 13.726867125 8.01435945 13.726867125 8.01435945 13.726867125M8.01435945 10.756805625C9.5304373 10.74884925 10.75758175 9.5180185125 10.75758175 7.9998060125C10.75758175 6.4817875 9.5304373 5.2509564125 8.01435945 5.2430005625C8.01435945 5.2430005625 8.01435945 4.3946332875 8.01435945 4.3946332875C9.999251625 4.4023945375 11.60614275 6.013167425 11.60614275 7.9998060125C11.60614275 9.986639375 9.999251625 11.597411125 8.01435945 11.605172375C8.01435945 11.605172375 8.01435945 10.756805625 8.01435945 10.756805625M8.01 435945 6.5157454625C8.8276046625 6.5235067125 9.484837025 7.184620575 9.484837025 7.9998060125C9.484837025 8.815185875 8.8276046625 9.4762985125 8.01435945 9.4840608125C8.01435945 9.4840608125 8.01435945 6.5157454625 8.01435945 6.5157454625M1.0 7.9998060125C1.0 11.8659705 4.1338360375 15.0 8.0000000875 15.0C11.8659705 15.0 15.0 11.8659705 15.0 7.9998060125C15.0 4.1338360375 11.8659705 1.0 8.0000000875 1.0C4.1338360375 1.0 1.0 4.1338360375 1.0 7.9998060125C1.0 7.9998060125 1.0 7.9998060125 1.0 7.9998060125" fill-rule="even-odd" fill-opacity="context-fill-opacity" fill="context-fill" /> +</svg> diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 8cfe1b69c371..71fea38eb829 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -57,6 +57,9 @@ skin/classic/browser/connection-secure.svg (../shared/identity-block/connection-secure.svg) skin/classic/browser/connection-mixed-passive-loaded.svg (../shared/identity-block/connection-mixed-passive-loaded.svg) skin/classic/browser/connection-mixed-active-loaded.svg (../shared/identity-block/connection-mixed-active-loaded.svg) + skin/classic/browser/onion.svg (../shared/identity-block/onion.svg) + skin/classic/browser/onion-slash.svg (../shared/identity-block/onion-slash.svg) + skin/classic/browser/onion-warning.svg (../shared/identity-block/onion-warning.svg) skin/classic/browser/info.svg (../shared/info.svg) skin/classic/browser/newInstall.css (../shared/newInstall.css) skin/classic/browser/newInstallPage.css (../shared/newInstallPage.css) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index da92cb4967b0..2f090de19231 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -9057,6 +9057,25 @@ bool nsContentUtils::ComputeIsSecureContext(nsIChannel* aChannel) { return principal->GetIsOriginPotentiallyTrustworthy(); } +/* static */ bool nsContentUtils::DocumentHasOnionURI(Document* aDocument) { + if (!aDocument) { + return false; + } + + nsIURI* uri = aDocument->GetDocumentURI(); + if (!uri) { + return false; + } + + nsAutoCString host; + if (NS_SUCCEEDED(uri->GetHost(host))) { + bool hasOnionURI = StringEndsWith(host, NS_LITERAL_CSTRING(".onion")); + return hasOnionURI; + } + + return false; +} + /* static */ void nsContentUtils::TryToUpgradeElement(Element* aElement) { NodeInfo* nodeInfo = aElement->NodeInfo(); diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h index b8dc0092e32b..08a117fc2803 100644 --- a/dom/base/nsContentUtils.h +++ b/dom/base/nsContentUtils.h @@ -2999,6 +2999,11 @@ class nsContentUtils { */ static bool HttpsStateIsModern(Document* aDocument); + /** + * Returns true of the document's URI is a .onion + */ + static bool DocumentHasOnionURI(Document* aDocument); + /** * Returns true if the channel is for top-level window and is over secure * context. diff --git a/dom/base/nsGlobalWindowOuter.cpp b/dom/base/nsGlobalWindowOuter.cpp index da9d56e843a2..abe1e56d9714 100644 --- a/dom/base/nsGlobalWindowOuter.cpp +++ b/dom/base/nsGlobalWindowOuter.cpp @@ -1868,7 +1868,8 @@ bool nsGlobalWindowOuter::ComputeIsSecureContext(Document* aDocument, return false; } - if (nsContentUtils::HttpsStateIsModern(aDocument)) { + if (nsContentUtils::HttpsStateIsModern(aDocument) || + nsContentUtils::DocumentHasOnionURI(aDocument)) { return true; } diff --git a/dom/ipc/WindowGlobalActor.cpp b/dom/ipc/WindowGlobalActor.cpp index 25204e1fc20e..b6dfa63fe664 100644 --- a/dom/ipc/WindowGlobalActor.cpp +++ b/dom/ipc/WindowGlobalActor.cpp @@ -14,6 +14,7 @@ #include "mozilla/dom/JSWindowActorParent.h" #include "mozilla/dom/JSWindowActorChild.h" #include "mozilla/net/CookieJarSettings.h" +#include "mozilla/dom/nsMixedContentBlocker.h" namespace mozilla { namespace dom { @@ -118,7 +119,8 @@ WindowGlobalInit WindowGlobalActor::WindowInitializer( nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(doc->GetDocumentURI()); if (innerDocURI) { mozilla::Get<WindowContext::IDX_IsSecure>(init.context().mFields) = - innerDocURI->SchemeIs("https"); + innerDocURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI); } nsCOMPtr<nsIChannel> mixedChannel; aWindow->GetDocShell()->GetMixedContentChannel(getter_AddRefs(mixedChannel)); diff --git a/dom/ipc/WindowGlobalChild.cpp b/dom/ipc/WindowGlobalChild.cpp index d545661be835..142c35ea4e17 100644 --- a/dom/ipc/WindowGlobalChild.cpp +++ b/dom/ipc/WindowGlobalChild.cpp @@ -38,6 +38,8 @@ #include "nsIHttpChannelInternal.h" #include "nsIURIMutator.h" +#include "mozilla/dom/nsMixedContentBlocker.h" + using namespace mozilla::ipc; using namespace mozilla::dom::ipc; @@ -223,7 +225,9 @@ void WindowGlobalChild::OnNewDocument(Document* aDocument) { nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(aDocument->GetDocumentURI()); if (innerDocURI) { - txn.SetIsSecure(innerDocURI->SchemeIs("https")); + txn.SetIsSecure( + innerDocURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI)); } nsCOMPtr<nsIChannel> mixedChannel; mWindowGlobal->GetDocShell()->GetMixedContentChannel( diff --git a/dom/presentation/PresentationRequest.cpp b/dom/presentation/PresentationRequest.cpp index 020cbda1c1b1..35c0ae575568 100644 --- a/dom/presentation/PresentationRequest.cpp +++ b/dom/presentation/PresentationRequest.cpp @@ -468,7 +468,8 @@ bool PresentationRequest::IsProhibitMixedSecurityContexts(Document* aDocument) { nsCOMPtr<Document> doc = aDocument; while (doc && !nsContentUtils::IsChromeDoc(doc)) { - if (nsContentUtils::HttpsStateIsModern(doc)) { + if (nsContentUtils::HttpsStateIsModern(doc) || + nsContentUtils::DocumentHasOnionURI(doc)) { return true; } diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index 477c1543ab20..ee0fddeb3e2c 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -587,8 +587,8 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - // Check the parent scheme. If it is not an HTTPS page then mixed content - // restrictions do not apply. + // Check the parent scheme. If it is not an HTTPS or .onion page then mixed + // content restrictions do not apply. nsCOMPtr<nsIURI> innerRequestingLocation = NS_GetInnermostURI(requestingLocation); if (!innerRequestingLocation) { @@ -599,6 +599,17 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, bool parentIsHttps = innerRequestingLocation->SchemeIs("https"); if (!parentIsHttps) { + bool parentIsOnion = IsPotentiallyTrustworthyOnion(innerRequestingLocation); + if (!parentIsOnion) { + *aDecision = ACCEPT; + return NS_OK; + } + } + + bool isHttpScheme = innerContentLocation->SchemeIs("http"); + // .onion URLs are encrypted and authenticated. Don't treat them as mixed + // content if potentially trustworthy (i.e. whitelisted). + if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { *aDecision = ACCEPT; return NS_OK; } @@ -618,7 +629,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - bool isHttpScheme = innerContentLocation->SchemeIs("http"); if (isHttpScheme && IsPotentiallyTrustworthyOrigin(innerContentLocation)) { *aDecision = ACCEPT; return NS_OK; diff --git a/security/manager/ssl/nsSecureBrowserUI.cpp b/security/manager/ssl/nsSecureBrowserUI.cpp index fd9a26d42b79..0dd53ded3708 100644 --- a/security/manager/ssl/nsSecureBrowserUI.cpp +++ b/security/manager/ssl/nsSecureBrowserUI.cpp @@ -9,6 +9,7 @@ #include "mozilla/Logging.h" #include "mozilla/Unused.h" #include "mozilla/dom/Document.h" +#include "mozilla/dom/nsMixedContentBlocker.h" #include "nsContentUtils.h" #include "nsIChannel.h" #include "nsDocShell.h" @@ -136,6 +137,17 @@ void nsSecureBrowserUI::UpdateForLocationOrMixedContentChange() { } } } + + // any protocol routed over tor is secure + if (!(mState & nsIWebProgressListener::STATE_IS_SECURE)) { + nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(win->GetDocumentURI()); + if (innerDocURI && + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI)) { + MOZ_LOG(gSecureBrowserUILog, LogLevel::Debug, (" is onion")); + mState = (mState & ~nsIWebProgressListener::STATE_IS_INSECURE) | + nsIWebProgressListener::STATE_IS_SECURE; + } + } } // Add the mixed content flags from the window

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] TB4: Tor Browser's Firefox preference overrides.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit a2bfd5700c089c694f72637fb12da330fc18375b Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Sep 10 18:20:43 2013 -0700 TB4: Tor Browser's Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera <ffmancera(a)riseup.net>) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned directory and this patch will not remove it since it was created with an unknown AUMID. However, another patch could be written which goes to that directory and deletes any item containing the 'Tor Browser' string. See bug 28996. Bug 31396: Disable indexedDB WebExtension storage backend. Bug 30845: Make sure default themes and other internal extensions are enabled Bug 28896: Enable extensions in private browsing by default Bug 31065: Explicitly allow proxying localhost Bug 31598: Enable letterboxing Disable Presentation API everywhere Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer security levels. Bug 32321: Disable Mozilla's MitM pings Bug 19890: Disable installation of system addons By setting the URL to "" we make sure that already installed system addons get deleted as well. Bug 22548: Firefox downgrades VP9 videos to VP8. On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor Browser 7.0 all youtube videos are degraded to VP8. This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0. All clients will get better experience and lower traffic, beause TBB doesn't use "Use hardware acceleration when available". Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs Bug 16441: Suppress "Reset Tor Browser" prompt. Bug 29120: Use the in-memory media cache and increase its maximum size. Bug 33697: use old search config based on list.json Bug 33855: Ensure that site-specific browser mode is disabled. Bug 30682: Disable Intermediate CA Preloading. Bug 40061: Omit the Windows default browser agent from the build Bug 40140: Videos stop working with Tor Browser 10.0 on Windows Bug 40322: Consider disabling network.connectivity-service.enabled Bug 40408: Disallow SVG Context Paint in all web content --- .eslintignore | 3 + browser/app/profile/000-tor-browser.js | 646 ++++++++++++++++++++++++++ browser/app/profile/firefox.js | 6 +- browser/installer/package-manifest.in | 1 + browser/moz.build | 1 + mobile/android/app/000-tor-browser-android.js | 47 ++ mobile/android/app/geckoview-prefs.js | 2 + mobile/android/app/mobile.js | 4 + mobile/android/app/moz.build | 1 + taskcluster/ci/source-test/mozlint.yml | 2 + 10 files changed, 710 insertions(+), 3 deletions(-) diff --git a/.eslintignore b/.eslintignore index e0be1073894c..031ff26f1808 100644 --- a/.eslintignore +++ b/.eslintignore @@ -143,6 +143,9 @@ js/src/jsapi-tests/binast/ js/src/tests/ js/src/Y.js +# uses `#include` +mobile/android/app/000-tor-browser-android.js + # Uses `#filter substitution` mobile/android/app/mobile.js mobile/android/app/geckoview-prefs.js diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js new file mode 100644 index 000000000000..3b3bbfd1889b --- /dev/null +++ b/browser/app/profile/000-tor-browser.js @@ -0,0 +1,646 @@ +# Default Preferences +# Tor Browser Bundle +# Do not edit this file. + +// Please maintain unit tests at ./tbb-tests/browser_tor_TB4.js + +// Disable initial homepage notifications +pref("browser.search.update", false); +pref("browser.rights.3.shown", true); +pref("browser.startup.homepage_override.mstone", "ignore"); +pref("startup.homepage_welcome_url", ""); +pref("startup.homepage_welcome_url.additional", ""); + +// Set a generic, default URL that will be opened in a tab after an update. +// Typically, this will not be used; instead, the <update> element within +// each update manifest should contain attributes similar to: +// actions="showURL" +// openURL="https://blog.torproject.org/tor-browser-55a2-released" +pref("startup.homepage_override_url", "https://blog.torproject.org/category/tags/tor-browser"); + +// Try to nag a bit more about updates: Pop up a restart dialog an hour after the initial dialog +pref("app.update.promptWaitTime", 3600); + +#ifdef XP_WIN +// For now, disable staged updates on Windows (see #18292). +pref("app.update.staging.enabled", false); +#endif + +// Disable "Slow startup" warnings and associated disk history +// (bug #13346) +pref("browser.slowStartup.notificationDisabled", true); +pref("browser.slowStartup.maxSamples", 0); +pref("browser.slowStartup.samples", 0); + +// Disable the "Refresh" prompt that is displayed for stale profiles. +pref("browser.disableResetPrompt", true); + +// Disk activity: Disable Browsing History Storage +pref("browser.privatebrowsing.autostart", true); +pref("browser.cache.disk.enable", false); +pref("browser.cache.offline.enable", false); +pref("permissions.memory_only", true); +pref("network.cookie.lifetimePolicy", 2); +pref("security.nocertdb", true); + +// Disk activity: TBB Directory Isolation +pref("browser.download.useDownloadDir", false); +pref("browser.shell.checkDefaultBrowser", false); +pref("browser.download.manager.addToRecentDocs", false); + +// Misc privacy: Disk +pref("signon.rememberSignons", false); +pref("browser.formfill.enable", false); +pref("signon.autofillForms", false); +pref("browser.sessionstore.privacy_level", 2); +// Use the in-memory media cache and increase its maximum size (#29120) +pref("browser.privatebrowsing.forceMediaMemoryCache", true); +pref("media.memory_cache_max_size", 16384); +// Disable site-specific browsing to avoid sharing site icons with the OS. +pref("browser.ssb.enabled", false); + +// Misc privacy: Remote +pref("browser.send_pings", false); +pref("geo.enabled", false); +pref("geo.provider.network.url", ""); +pref("browser.search.suggest.enabled", false); +pref("browser.safebrowsing.malware.enabled", false); +pref("browser.safebrowsing.phishing.enabled", false); +pref("browser.safebrowsing.downloads.enabled", false); +pref("browser.safebrowsing.downloads.remote.enabled", false); +pref("browser.safebrowsing.blockedURIs.enabled", false); +pref("browser.safebrowsing.downloads.remote.url", ""); +pref("browser.safebrowsing.provider.google.updateURL", ""); +pref("browser.safebrowsing.provider.google.gethashURL", ""); +pref("browser.safebrowsing.provider.google4.updateURL", ""); +pref("browser.safebrowsing.provider.google4.gethashURL", ""); +pref("browser.safebrowsing.provider.mozilla.updateURL", ""); +pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); +pref("extensions.ui.lastCategory", "addons://list/extension"); +pref("datareporting.healthreport.uploadEnabled", false); +pref("datareporting.policy.dataSubmissionEnabled", false); +// Make sure Unified Telemetry is really disabled, see: #18738. +pref("toolkit.telemetry.unified", false); +pref("toolkit.telemetry.enabled", false); +#ifdef XP_WIN +// Defense-in-depth: ensure that the Windows default browser agent will +// not ping Mozilla if it is somehow present (we omit it at build time). +pref("default-browser-agent.enabled", false); +#endif +pref("identity.fxaccounts.enabled", false); // Disable sync by default +pref("services.sync.engine.prefs", false); // Never sync prefs, addons, or tabs with other browsers +pref("services.sync.engine.addons", false); +pref("services.sync.engine.tabs", false); +pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ +pref("browser.newtabpage.enabled", false); +pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254) +pref("browser.search.geoip.url", ""); +pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups +// Make sure there is no Tracking Protection active in Tor Browser, see: #17898. +pref("privacy.trackingprotection.enabled", false); +pref("privacy.trackingprotection.pbmode.enabled", false); +pref("privacy.trackingprotection.annotate_channels", false); +pref("privacy.trackingprotection.cryptomining.enabled", false); +pref("privacy.trackingprotection.fingerprinting.enabled", false); +pref("privacy.trackingprotection.socialtracking.enabled", false); +pref("privacy.socialtracking.block_cookies.enabled", false); +pref("privacy.annotate_channels.strict_list.enabled", false); + +// Disable the Pocket extension (Bug #18886 and #31602) +pref("extensions.pocket.enabled", false); +pref("network.http.referer.hideOnionSource", true); + +// Disable use of WiFi location information +pref("browser.region.network.scan", false); +pref("browser.region.network.url", ""); + +// Don't load Mozilla domains in a separate tab process +pref("browser.tabs.remote.separatedMozillaDomains", ""); + +// Avoid DNS lookups on search terms +pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); + +// Disable about:newtab and "first run" experiments +pref("messaging-system.rsexperimentloader.enabled", false); +pref("trailhead.firstrun.branches", ""); + +// Clear the list of trusted recursive resolver services +pref("network.trr.resolvers", ""); + +// Disable crlite +pref("security.pki.crlite_mode", 0); + +// Disable website password breach alerts +pref("signon.management.page.breach-alerts.enabled", false); +pref("extensions.fxmonitor.enabled", false); + +// Remove mobile app tracking URLs +pref("signon.management.page.mobileAndroidURL", ""); +pref("signon.management.page.mobileAppleURL", ""); + +// Disable ServiceWorkers and push notifications by default +pref("dom.serviceWorkers.enabled", false); +pref("dom.push.enabled", false); + +// Fingerprinting +pref("webgl.disable-extensions", true); +pref("webgl.disable-fail-if-major-performance-caveat", true); +pref("webgl.enable-webgl2", false); +pref("gfx.downloadable_fonts.fallback_delay", -1); +pref("browser.startup.homepage_override.buildID", "20100101"); +pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups) +// Set video VP9 to 0 for everyone (bug 22548) +pref("media.benchmark.vp9.threshold", 0); +pref("dom.enable_resource_timing", false); // Bug 13024: To hell with this API +pref("privacy.resistFingerprinting", true); +pref("privacy.resistFingerprinting.block_mozAddonManager", true); // Bug 26114 +pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API +pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +pref("dom.w3c_pointer_events.enabled", false); +pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now +// Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575) +pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now +// Disable intermediate preloading (Bug 30682) +pref("security.remote_settings.intermediates.enabled", false); +// Bug 2874: Block Components.interfaces from content +pref("dom.use_components_shim", false); +// Enable letterboxing +pref("privacy.resistFingerprinting.letterboxing", true); +// Disable network information API everywhere. It gets spoofed in bug 1372072 +// but, alas, the behavior is inconsistent across platforms, see: +// https://trac.torproject.org/projects/tor/ticket/27268#comment:19. We should +// not leak that difference if possible. +pref("dom.netinfo.enabled", false); +pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status +pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147 + +// Third party stuff +pref("privacy.firstparty.isolate", true); // Always enforce first party isolation +pref("network.cookie.cookieBehavior", 1); +pref("network.http.spdy.allow-push", false); // Disabled for now. See https://bugs.torproject.org/27127 +pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633 + +// Proxy and proxy security +pref("network.proxy.socks", "127.0.0.1"); +pref("network.proxy.socks_port", 9150); +pref("network.proxy.socks_remote_dns", true); +pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419) +pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065) +pref("network.proxy.type", 1); +pref("network.security.ports.banned", "9050,9051,9150,9151"); +pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks +pref("network.dns.disablePrefetch", true); +pref("network.protocol-handler.external-default", false); +pref("network.protocol-handler.external.mailto", false); +pref("network.protocol-handler.external.news", false); +pref("network.protocol-handler.external.nntp", false); +pref("network.protocol-handler.external.snews", false); +pref("network.protocol-handler.warn-external.mailto", true); +pref("network.protocol-handler.warn-external.news", true); +pref("network.protocol-handler.warn-external.nntp", true); +pref("network.protocol-handler.warn-external.snews", true); +// Make sure we don't have any GIO supported protocols (defense in depth +// measure) +pref("network.gio.supported-protocols", ""); +pref("plugin.disable", true); // Disable to search plugins on first start +pref("plugin.state.flash", 0); // Disable for defense-in-depth +pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces +// Disables media devices but only if `media.peerconnection.enabled` is set to +// `false` as well. (see bug 16328 for this defense-in-depth measure) +pref("media.navigator.enabled", false); +// GMPs: We make sure they don't show up on the Add-on panel and confuse users. +// And the external update/donwload server must not get pinged. We apply a +// clever solution for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769716. +pref("media.gmp-provider.enabled", false); +pref("media.gmp-manager.url.override", "data:text/plain,"); +// Since ESR52 it is not enough anymore to block pinging the GMP update/download +// server. There is a local fallback that must be blocked now as well. See: +// https://bugzilla.mozilla.org/show_bug.cgi?id=1267495. +pref("media.gmp-manager.updateEnabled", false); +// Mozilla is relying on preferences to make sure no DRM blob is downloaded and +// run. Even though those prefs should be set correctly by specifying +// --disable-eme (which we do), we disable all of them here as well for defense +// in depth (see bug 16285 for more details). +pref("browser.eme.ui.enabled", false); +pref("media.gmp-widevinecdm.visible", false); +pref("media.gmp-widevinecdm.enabled", false); +pref("media.eme.enabled", false); +pref("media.mediadrm-widevinecdm.visible", false); +// WebIDE can bypass proxy settings for remote debugging. It also downloads +// some additional addons that we have not reviewed. Turn all that off. +pref("devtools.webide.autoinstallADBExtension", false); +pref("devtools.webide.enabled", false); +// The in-browser debugger for debugging chrome code is not coping with our +// restrictive DNS look-up policy. We use "127.0.0.1" instead of "localhost" as +// a workaround. See bug 16523 for more details. +pref("devtools.debugger.chrome-debugging-host", "127.0.0.1"); +// Disable using UNC paths (bug 26424 and Mozilla's bug 1413868) +pref("network.file.disable_unc_paths", true); +// Enhance our treatment of file:// to avoid proxy bypasses (see Mozilla's bug +// 1412081) +pref("network.file.path_blacklist", "/net"); +// Make sure no enterprise policy can interfere with our proxy settings, see +// #29916. +pref("browser.policies.testing.disallowEnterprise", true); + +// Security slider +pref("svg.in-content.enabled", true); +pref("mathml.disabled", false); + +// Bug 40408 +pref("svg.context-properties.content.allowed-domains", ""); + +// Network and performance +pref("security.ssl.enable_false_start", true); +pref("network.http.connection-retry-timeout", 0); +pref("network.http.max-persistent-connections-per-proxy", 256); +pref("network.manage-offline-status", false); +// No need to leak things to Mozilla, see bug 21790 and tor-browser#40322 +pref("network.captive-portal-service.enabled", false); +pref("network.connectivity-service.enabled", false); +// As a "defense in depth" measure, configure an empty push server URL (the +// DOM Push features are disabled by default via other prefs). +pref("dom.push.serverURL", ""); + +// Extension support +pref("extensions.autoDisableScopes", 0); +pref("extensions.bootstrappedAddons", "{}"); +pref("extensions.checkCompatibility.4.*", false); +pref("extensions.databaseSchema", 3); +pref("extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5"); +pref("extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8"); +pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4 +pref("extensions.pendingOperations", false); +pref("xpinstall.whitelist.add", ""); +pref("xpinstall.whitelist.add.36", ""); +// We don't know what extensions Mozilla is advertising to our users and we +// don't want to have some random Google Analytics script running either on the +// about:addons page, see bug 22073, 22900 and 31601. +pref("extensions.getAddons.showPane", false); +pref("extensions.htmlaboutaddons.recommendations.enabled", false); +// Show our legacy extensions directly on about:addons and get rid of the +// warning for the default theme. +pref("extensions.legacy.exceptions", "{972ce4c6-7e08-4474-a285-3208198ce6fd},torbutton(a)torproject.org"); +// Bug 26114: Allow NoScript to access addons.mozilla.org etc. +pref("extensions.webextensions.restrictedDomains", ""); +// Bug 28896: Make sure our bundled WebExtensions are running in Private Browsing Mode +pref("extensions.allowPrivateBrowsingByDefault", true); + +// Toolbar layout +pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"https-everywhere-eff_eff_org-browser-action\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount \":1}"); + +// Putting the search engine prefs into this file to fix #11236. +// Default search engine +pref("browser.search.defaultenginename", "Search"); + +// Search engine order (order displayed in the search bar dropdown) +// Somewhat surprisingly we get some random behavior if we specify more than +// two search engines as below. See +// https://bugzilla.mozilla.org/show_bug.cgi?id=1126722 for details. +pref("browser.search.order.extra.1", "Search"); +pref("browser.search.order.extra.2", "YouTube"); + +// Enforce certificate pinning, see: https://bugs.torproject.org/16206 +pref("security.cert_pinning.enforcement_level", 2); + +// Don't allow MitM via Microsoft Family Safety, see bug 21686 +pref("security.family_safety.mode", 0); + +// Don't allow MitM via enterprise roots, see bug 30681 +pref("security.enterprise_roots.enabled", false); + +// Don't ping Mozilla for MitM detection, see bug 32321 +pref("security.certerrors.mitm.priming.enabled", false); + +// Disable the language pack signing check for now on macOS, see #31942 +#ifdef XP_MACOSX +pref("extensions.langpacks.signatures.required", false); +#endif + +// Avoid report TLS errors to Mozilla. We might want to repurpose this feature +// one day to help detecting bad relays (which is bug 19119). For now we just +// hide the checkbox, see bug 22072. +pref("security.ssl.errorReporting.enabled", false); + +// Workaround for https://bugs.torproject.org/13579. Progress on +// `about:downloads` is only shown if the following preference is set to `true` +// in case the download panel got removed from the toolbar. +pref("browser.download.panel.shown", true); + +// Treat .onions as secure +pref("dom.securecontext.whitelist_onions", true); + +// Disable special URL bar behaviors +pref("browser.urlbar.suggest.topsites", false); +pref("browser.urlbar.update1.interventions", false); +pref("browser.urlbar.update1.searchTips", false); + +// Skip checking omni.ja and other files for corruption since the result +// is only reported via telemetry (which is disabled). +pref("corroborator.enabled", false); + +// Having the RDD Opus option enabled on Windows breaks videos for us. +// See: https://bugzilla.mozilla.org/show_bug.cgi?id=1667360 and +// tor-browser#40140. +#ifdef XP_WIN +pref("media.rdd-opus.enabled", false); +#endif + +// prefs to disable jump-list entries in the taskbar on Windows (see bug #12885) +#ifdef XP_WIN +// this pref changes the app's set AUMID to be dependent on the profile path, rather than +// attempting to read it from the registry; this is necessary so that the file generated +// by the jumplist system can be properly deleted if it is disabled +pref("taskbar.grouping.useprofile", true); +pref("browser.taskbar.lists.enabled", false); +pref("browser.taskbar.lists.frequent.enabled", false); +pref("browser.taskbar.lists.tasks.enabled", false); +pref("browser.taskbar.lists.recent.enabled", false); +#endif + +// Disable Presentation API +pref("dom.presentation.controller.enabled", false); +pref("dom.presentation.enabled", false); +pref("dom.presentation.discoverable", false); +pref("dom.presentation.discoverable.encrypted", false); +pref("dom.presentation.discovery.enabled", false); +pref("dom.presentation.receiver.enabled", false); + +pref("dom.audiochannel.audioCompeting", false); +pref("dom.audiochannel.mediaControl", false); + +#expand pref("torbrowser.version", __TOR_BROWSER_VERSION_QUOTED__); + +// Old torbutton prefs + +// debug prefs +pref("extensions.torbutton.loglevel",4); +pref("extensions.torbutton.logmethod",1); // 0=stdout, 1=errorconsole, 2=debuglog + +// Display prefs +pref("extensions.torbutton.display_circuit", true); +pref("extensions.torbutton(a)torproject.org.description", "chrome://torbutton/locale/torbutton.properties"); +pref("extensions.torbutton.updateNeeded", false); + +// Tor check and proxy prefs +pref("extensions.torbutton.test_enabled",true); +pref("extensions.torbutton.test_url","https://check.torproject.org/?TorButton=true"); +pref("extensions.torbutton.local_tor_check",true); +pref("extensions.torbutton.versioncheck_url","https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions"); +pref("extensions.torbutton.versioncheck_enabled",true); +pref("extensions.torbutton.use_nontor_proxy",false); + +// State prefs: +pref("extensions.torbutton.startup",false); +pref("extensions.torbutton.inserted_button",false); +pref("extensions.torbutton.inserted_security_level",false); + +// This is only used when letterboxing is disabled. +// See #7255 for details. We display the warning three times to make sure the +// user did not click on it by accident. +pref("extensions.torbutton.maximize_warnings_remaining", 3); + +// Security prefs: +pref("extensions.torbutton.clear_http_auth",true); +pref("extensions.torbutton.close_newnym",true); +pref("extensions.torbutton.resize_new_windows",false); +pref("extensions.torbutton.startup_state", 2); // 0=non-tor, 1=tor, 2=last +pref("extensions.torbutton.tor_memory_jar",false); +pref("extensions.torbutton.nontor_memory_jar",false); +pref("extensions.torbutton.launch_warning",true); + +// Opt out of Firefox addon pings: +// https://developer.mozilla.org/en/Addons/Working_with_AMO +pref("extensions.torbutton(a)torproject.org.getAddons.cache.enabled", false); + +// Security Slider +pref("extensions.torbutton.security_slider", 4); +pref("extensions.torbutton.security_custom", false); + +pref("extensions.torbutton.confirm_plugins", true); +pref("extensions.torbutton.confirm_newnym", true); + +pref("extensions.torbutton.noscript_inited", false); +pref("extensions.torbutton.noscript_persist", false); + +// Browser home page: +pref("browser.startup.homepage", "about:tor"); + +// This pref specifies an ad-hoc "version" for various pref update hacks we need to do +pref("extensions.torbutton.pref_fixup_version", 0); + +// If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection. + +#ifdef MOZ_BUNDLED_FONTS + +#ifdef XP_MACOSX +pref("font.system.whitelist", "AppleGothic, Apple Color Emoji, Arial, Courier, Geneva, Georgia, Heiti TC, Helvetica, Helvetica Neue, .Helvetica Neue DeskInterface, Hiragino Kaku Gothic ProN, Lucida Grande, Monaco, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi, STHeiti, STIX Math, Tahoma, Thonburi, Times, Times New Roman, Verdana"); +pref("font.name-list.cursive.x-unicode", "Apple Chancery, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi"); +pref("font.name-list.fantasy.x-unicode", "Papyrus, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi"); +pref("font.name-list.monospace.x-unicode", "Courier, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi"); +pref("font.name-list.sans-serif.x-unicode", "Helvetica, Tahoma, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi"); +pref("font.name-list.serif.x-unicode", "Times, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi"); +pref("font.name.cursive.ar", "Arial"); +pref("font.name.fantasy.ar", "Arial"); +pref("font.name.monospace.ar", "Arial"); +pref("font.name.sans-serif.ar", "Arial"); +#endif + +#ifdef XP_WIN +pref("font.system.whitelist", "Arial, Batang, 바탕, Cambria Math, Courier New, Euphemia, Gautami, Georgia, Gulim, 굴림, GulimChe, 굴림체, Iskoola Pota, Kalinga, Kartika, Latha, Lucida Console, MS Gothic, ＭＳゴシック, MS Mincho, ＭＳ明朝, MS PGothic, ＭＳＰゴシック, MS PMincho, ＭＳＰ明朝, MV Boli, Malgun Gothic, Mangal, Meiryo, Meiryo UI, Microsoft Himalaya, Microsoft JhengHei, Microsoft JhengHei UI, Microsoft YaHei, 微软雅黑, Microsoft YaHei UI, MingLiU, 細明體, Noto Sans Buginese, Noto Sans Khmer, Noto Sans Lao, Noto Sans Myanmar, Noto Sans Yi, Nyala, PMingLiU, 新細明體, Plantagenet Cherokee, Raavi, Segoe UI, Shruti, SimSun, 宋体, Sylfaen, Tahoma, Times New Roman, Tunga, Verdana, Vrinda, Yu Gothic UI"); +#endif + +#ifdef XP_LINUX +pref("font.default.lo", "Noto Sans Lao"); +pref("font.default.my", "Noto Sans Myanmar"); +pref("font.default.x-western", "sans-serif"); +pref("font.name-list.cursive.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.cursive.he", "Noto Sans Hebrew, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.cursive.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.cursive.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.cursive.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.el", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.he", "Noto Sans Hebrew, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.fantasy.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.ar", "Noto Naskh Arabic, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.el", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.he", "Noto Sans Hebrew, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.ja", "Noto Sans JP Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.ko", "Noto Sans KR Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.th", "Noto Sans Thai, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-armn", "Noto Sans Armenian, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-beng", "Noto Sans Bengali, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-cyrillic", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-devanagari", "Noto Sans Devanagari, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-ethi", "Noto Sans Ethiopic, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-geor", "Noto Sans Georgian, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-gujr", "Noto Sans Gujarati, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-guru", "Noto Sans Gurmukhi, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-khmr", "Noto Sans Khmer, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-knda", "Noto Sans Kannada, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-mlym", "Noto Sans Malayalam, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-orya", "Noto Sans Oriya, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-sinh", "Noto Sans Sinhala, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-tamil", "Noto Sans Tamil, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-telu", "Noto Sans Telugu, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-tibt", "Noto Sans Tibetan, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-unicode", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.x-western", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.zh-CN", "Noto Sans SC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.zh-HK", "Noto Sans TC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.monospace.zh-TW", "Noto Sans TC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.ar", "Noto Naskh Arabic, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.el", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.he", "Noto Sans Hebrew, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.ja", "Noto Sans JP Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.ko", "Noto Sans KR Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.th", "Noto Sans Thai, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-armn", "Noto Sans Armenian, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-beng", "Noto Sans Bengali, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-cyrillic", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-devanagari", "Noto Sans Devanagari, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-ethi", "Noto Sans Ethiopic, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-geor", "Noto Sans Georgian, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-gujr", "Noto Sans Gujarati, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-guru", "Noto Sans Gurmukhi, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-khmr", "Noto Sans Khmer, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-knda", "Noto Sans Kannada, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-mlym", "Noto Sans Malayalam, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-orya", "Noto Sans Oriya, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-sinh", "Noto Sans Sinhala, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-tamil", "Noto Sans Tamil, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-telu", "Noto Sans Telugu, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-tibt", "Noto Sans Tibetan, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-unicode", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.x-western", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.el", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.he", "Tinos, Georgia, Noto Sans Hebrew, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.ja", "Noto Sans JP Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.ko", "Noto Sans KR Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.th", "Noto Serif Thai, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-armn", "Noto Serif Armenian, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-beng", "Noto Sans Bengali, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-devanagari", "Noto Sans Devanagari, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-ethi", "Noto Sans Ethiopic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-geor", "Noto Sans Georgian, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-gujr", "Noto Sans Gujarati, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-guru", "Noto Sans Gurmukhi, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-khmr", "Noto Serif Khmer, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-knda", "Noto Sans Kannada, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-mlym", "Noto Sans Malayalam, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-orya", "Noto Sans Oriya, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-sinh", "Noto Sans Sinhala, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-tamil", "Noto Sans Tamil, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-telu", "Noto Sans Telugu, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-tibt", "Noto Sans Tibetan, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.zh-CN", "Noto Sans SC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.zh-HK", "Noto Sans TC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name-list.serif.zh-TW", "Noto Sans TC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai"); +pref("font.name.cursive.ar", "Noto Naskh Arabic"); +pref("font.name.cursive.el", "Tinos, Georgia"); +pref("font.name.cursive.he", "Noto Sans Hebrew"); +pref("font.name.cursive.x-cyrillic", "Tinos, Georgia"); +pref("font.name.cursive.x-unicode", "Tinos, Georgia"); +pref("font.name.cursive.x-western", "Tinos, Georgia"); +pref("font.name.fantasy.ar", "Noto Naskh Arabic"); +pref("font.name.fantasy.el", "Tinos, Georgia"); +pref("font.name.fantasy.he", "Noto Sans Hebrew"); +pref("font.name.fantasy.x-cyrillic", "Tinos, Georgia"); +pref("font.name.fantasy.x-unicode", "Tinos, Georgia"); +pref("font.name.fantasy.x-western", "Tinos, Georgia"); +pref("font.name.monospace.ar", "Noto Naskh Arabic"); +pref("font.name.monospace.el", "Tinos, Georgia"); +pref("font.name.monospace.he", "Noto Sans Hebrew"); +pref("font.name.monospace.ja", "Noto Sans JP Regular"); +pref("font.name.monospace.ko", "Noto Sans KR Regular"); +pref("font.name.monospace.my", "Noto Sans Myanmar"); +pref("font.name.monospace.th", "Noto Sans Thai"); +pref("font.name.monospace.x-armn", "Noto Sans Armenian"); +pref("font.name.monospace.x-beng", "Noto Sans Bengali"); +pref("font.name.monospace.x-cyrillic", "Cousine, Courier, Courier New"); +pref("font.name.monospace.x-devanagari", "Noto Sans Devanagari"); +pref("font.name.monospace.x-ethi", "Noto Sans Ethiopic"); +pref("font.name.monospace.x-geor", "Noto Sans Georgian"); +pref("font.name.monospace.x-gujr", "Noto Sans Gujarati"); +pref("font.name.monospace.x-guru", "Noto Sans Gurmukhi"); +pref("font.name.monospace.x-khmr", "Noto Sans Khmer"); +pref("font.name.monospace.x-knda", "Noto Sans Kannada"); +pref("font.name.monospace.x-mlym", "Noto Sans Malayalam"); +pref("font.name.monospace.x-orya", "Noto Sans Oriya"); +pref("font.name.monospace.x-sinh", "Noto Sans Sinhala"); +pref("font.name.monospace.x-tamil", "Noto Sans Tamil"); +pref("font.name.monospace.x-telu", "Noto Sans Telugu"); +pref("font.name.monospace.x-tibt", "Noto Sans Tibetan"); +pref("font.name.monospace.x-unicode", "Cousine, Courier, Courier New"); +pref("font.name.monospace.x-western", "Cousine, Courier, Courier New"); +pref("font.name.monospace.zh-CN", "Noto Sans SC Regular"); +pref("font.name.monospace.zh-HK", "Noto Sans TC Regular"); +pref("font.name.monospace.zh-TW", "Noto Sans TC Regular"); +pref("font.name.sans-serif.ar", "Noto Naskh Arabic"); +pref("font.name.sans-serif.el", "Arimo, Arial, Verdana"); +pref("font.name.sans-serif.he", "Noto Sans Hebrew"); +pref("font.name.sans-serif.ja", "Noto Sans JP Regular"); +pref("font.name.sans-serif.ko", "Noto Sans KR Regular"); +pref("font.name.sans-serif.th", "Noto Sans Thai"); +pref("font.name.sans-serif.x-armn", "Noto Sans Armenian"); +pref("font.name.sans-serif.x-beng", "Noto Sans Bengali"); +pref("font.name.sans-serif.x-cyrillic", "Arimo, Arial, Verdana"); +pref("font.name.sans-serif.x-devanagari", "Noto Sans Devanagari"); +pref("font.name.sans-serif.x-ethi", "Noto Sans Ethiopic"); +pref("font.name.sans-serif.x-geor", "Noto Sans Georgian"); +pref("font.name.sans-serif.x-gujr", "Noto Sans Gujarati"); +pref("font.name.sans-serif.x-guru", "Noto Sans Gurmukhi"); +pref("font.name.sans-serif.x-khmr", "Noto Sans Khmer"); +pref("font.name.sans-serif.x-knda", "Noto Sans Kannada"); +pref("font.name.sans-serif.x-mlym", "Noto Sans Malayalam"); +pref("font.name.sans-serif.x-orya", "Noto Sans Oriya"); +pref("font.name.sans-serif.x-sinh", "Noto Sans Sinhala"); +pref("font.name.sans-serif.x-tamil", "Noto Sans Tamil"); +pref("font.name.sans-serif.x-telu", "Noto Sans Telugu"); +pref("font.name.sans-serif.x-tibt", "Noto Sans Tibetan"); +pref("font.name.sans-serif.x-unicode", "Arimo, Arial, Verdana"); +pref("font.name.sans-serif.x-western", "Arimo, Arial, Verdana"); +pref("font.name.sans-serif.zh-CN", "Noto Sans SC Regular"); +pref("font.name.sans-serif.zh-HK", "Noto Sans TC Regular"); +pref("font.name.sans-serif.zh-TW", "Noto Sans TC Regular"); +pref("font.name.sans.my", "Noto Sans Myanmar"); +pref("font.name.serif.ar", "Noto Naskh Arabic"); +pref("font.name.serif.el", "Tinos, Georgia"); +pref("font.name.serif.he", "Noto Sans Hebrew"); +pref("font.name.serif.ja", "Noto Sans JP Regular"); +pref("font.name.serif.ko", "Noto Sans KR Regular"); +pref("font.name.serif.my", "Noto Sans Myanmar"); +pref("font.name.serif.th", "Noto Serif Thai"); +pref("font.name.serif.x-armn", "Noto Serif Armenian"); +pref("font.name.serif.x-beng", "Noto Sans Bengali"); +pref("font.name.serif.x-cyrillic", "Tinos, Georgia"); +pref("font.name.serif.x-devanagari", "Noto Sans Devanagari"); +pref("font.name.serif.x-ethi", "Noto Sans Ethiopic"); +pref("font.name.serif.x-geor", "Noto Sans Georgian"); +pref("font.name.serif.x-gujr", "Noto Sans Gujarati"); +pref("font.name.serif.x-guru", "Noto Sans Gurmukhi"); +pref("font.name.serif.x-khmr", "Noto Serif Khmer"); +pref("font.name.serif.x-knda", "Noto Sans Kannada"); +pref("font.name.serif.x-mlym", "Noto Sans Malayalam"); +pref("font.name.serif.x-orya", "Noto Sans Oriya"); +pref("font.name.serif.x-sinh", "Noto Sans Sinhala"); +pref("font.name.serif.x-tamil", "Noto Sans Tamil"); +pref("font.name.serif.x-telu", "Noto Sans Telugu"); +pref("font.name.serif.x-tibt", "Noto Sans Tibetan"); +pref("font.name.serif.x-unicode", "Tinos, Georgia"); +pref("font.name.serif.x-western", "Tinos, Georgia"); +pref("font.name.serif.zh-CN", "Noto Sans SC Regular"); +pref("font.name.serif.zh-HK", "Noto Sans TC Regular"); +pref("font.name.serif.zh-TW", "Noto Sans TC Regular"); +#endif +#endif diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 479c68efdd8c..b04fd2dd30f0 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -53,9 +53,9 @@ pref("extensions.recommendations.themeRecommendationUrl", "https://color.firefox pref("extensions.update.autoUpdateDefault", true); -// Check AUS for system add-on updates. -pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_…"); -pref("extensions.systemAddon.update.enabled", true); +// No AUS check for system add-on updates for Tor Browser users. +pref("extensions.systemAddon.update.url", ""); +pref("extensions.systemAddon.update.enabled", false); // Disable add-ons that are not installed by the user in all scopes by default. // See the SCOPE constants in AddonManager.jsm for values to use here. diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index e011b74cc4b4..7deaf1b51f9a 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -292,6 +292,7 @@ @RESPATH@/browser/defaults/settings/pinning @RESPATH@/browser/defaults/settings/main @RESPATH@/browser/defaults/settings/security-state +@RESPATH@/browser/@PREF_DIR@/000-tor-browser.js ; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325) ; Technically this is an app pref file, but we are keeping it in the original diff --git a/browser/moz.build b/browser/moz.build index cfbfea4f31f2..19977e036fba 100644 --- a/browser/moz.build +++ b/browser/moz.build @@ -53,6 +53,7 @@ if CONFIG['MOZ_GPSD']: # These files are specified in this moz.build to pick up DIST_SUBDIR as set in # this directory, which is un-set in browser/app. JS_PREFERENCE_PP_FILES += [ + 'app/profile/000-tor-browser.js', 'app/profile/firefox.js', ] FINAL_TARGET_FILES.defaults += ['app/permissions'] diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js new file mode 100644 index 000000000000..61c8a0cd7fa1 --- /dev/null +++ b/mobile/android/app/000-tor-browser-android.js @@ -0,0 +1,47 @@ +// Import all prefs from the canonical file +// We override mobile-specific prefs below +// Tor Browser for Android +// Do not edit this file. + +#include ../../../browser/app/profile/000-tor-browser.js + +// Space separated list of URLs that are allowed to send objects (instead of +// only strings) through webchannels. This list is duplicated in browser/app/profile/firefox.js +pref("webchannel.allowObject.urlWhitelist", ""); + +// Disable browser auto updaters +pref("app.update.auto", false); +pref("browser.startup.homepage_override.mstone", "ignore"); + +// Clear data on quit +pref("privacy.clearOnShutdown.cache", true); +pref("privacy.clearOnShutdown.cookies",true); +pref("privacy.clearOnShutdown.downloads",true); +pref("privacy.clearOnShutdown.formdata",true); +pref("privacy.clearOnShutdown.history",true); +pref("privacy.clearOnShutdown.offlineApps",true); +pref("privacy.clearOnShutdown.passwords",true); +pref("privacy.clearOnShutdown.sessions",true); +pref("privacy.clearOnShutdown.siteSettings",true); + +// controls if we want camera support +pref("media.realtime_decoder.enabled", false); + +// Enable touch events on Android (highlighting text, etc) +pref("dom.w3c_touch_events.enabled", 2); + +// Ensure that pointer events are disabled +pref("dom.w3c_pointer_events.multiprocess.android.enabled", false); + +// No HLS support for now due to browser freezing, see: #29859. +pref("media.hls.enabled", false); + +// Inherit locale from the OS, used for multi-locale builds +pref("intl.locale.requested", ""); + +// Disable WebAuthn. It requires Google Play Services, so it isn't +// available, but avoid any potential problems. +pref("security.webauth.webauthn_enable_android_fido2", false); + +// Disable the External App Blocker on Android +pref("extensions.torbutton.launch_warning", false); diff --git a/mobile/android/app/geckoview-prefs.js b/mobile/android/app/geckoview-prefs.js index 3d3871975a28..826970425362 100644 --- a/mobile/android/app/geckoview-prefs.js +++ b/mobile/android/app/geckoview-prefs.js @@ -91,3 +91,5 @@ pref("toolkit.autocomplete.delegate", true); // Android doesn't support the new sync storage yet, we will have our own in // Bug 1625257. pref("webextensions.storage.sync.kinto", true); + +#include 000-tor-browser-android.js diff --git a/mobile/android/app/mobile.js b/mobile/android/app/mobile.js index c0f0a0a2dfd8..6c72bc2ed2d7 100644 --- a/mobile/android/app/mobile.js +++ b/mobile/android/app/mobile.js @@ -399,7 +399,11 @@ pref("app.update.timerMinimumDelay", 30); // seconds // used by update service to decide whether or not to // automatically download an update pref("app.update.autodownload", "wifi"); +#ifdef TOR_BROWSER_VERSION +pref("app.update.url.android", ""); +#else pref("app.update.url.android", "https://aus5.mozilla.org/update/4/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TAR…"); +#endif #ifdef MOZ_UPDATER /* prefs used specifically for updating the app */ diff --git a/mobile/android/app/moz.build b/mobile/android/app/moz.build index 65963fe448eb..4075e8a9d2c4 100644 --- a/mobile/android/app/moz.build +++ b/mobile/android/app/moz.build @@ -17,6 +17,7 @@ if CONFIG['MOZ_PKG_SPECIAL']: DEFINES['MOZ_PKG_SPECIAL'] = CONFIG['MOZ_PKG_SPECIAL'] JS_PREFERENCE_PP_FILES += [ + '000-tor-browser-android.js', 'mobile.js', ] diff --git a/taskcluster/ci/source-test/mozlint.yml b/taskcluster/ci/source-test/mozlint.yml index 6e3373dee6ec..42067fcf14a0 100644 --- a/taskcluster/ci/source-test/mozlint.yml +++ b/taskcluster/ci/source-test/mozlint.yml @@ -135,7 +135,9 @@ lintpref: files-changed: - 'modules/libpref/init/all.js' - 'modules/libpref/init/StaticPrefList.yaml' + - 'browser/app/profile/000-tor-browser.js' - 'browser/app/profile/firefox.js' + - 'mobile/android/app/000-tor-browser-android.js' - 'mobile/android/app/mobile.js' - 'devtools/client/preferences/debugger.js' - 'mobile/android/app/geckoview-prefs.js'

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 2176: Rebrand Firefox to TorBrowser
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 9107ed44e5f1ec9223f841a7caeefc14fdd3b58a Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Sep 10 16:21:47 2013 -0700 Bug 2176: Rebrand Firefox to TorBrowser See also Bugs #5194, #7187, #8115, #8219. This patch does some basic renaming of Firefox to TorBrowser. The rest of the branding is done by images and icons. Also fix bug 27905. Bug 25702: Update Tor Browser icon to follow design guidelines - Updated all of the branding in /browser/branding/official with new 'stable' icon series. - Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and add the source svg in the same directory - Copied /browser/branding/official over /browser/branding/nightly and the new /browser/branding/alpha directories. Replaced content with 'nightly' and 'alpha' icon series. Updated VisualElements_70.png and VisualElements_150.png with updated icons in each branding directory (fixes #22654) - Updated firefox.VisualElementsManfiest.xml with updated colors in each branding directory - Updated content/identity-icons-brand.svg with Tor Browser icon (fixes #28111) - Added firefox.svg to each branding directory from which all the other icons are derived (apart from document.icns and document.ico) - Added default256.png and default512.png icons - Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed original icon - Use the Tor Browser icon within devtools/client/themes/images/. Bug 30631: Blurry Tor Browser icon on macOS app switcher It would seem the png2icns tool does not generate correct icns files and so on macOS the larger icons were missing resulting in blurry icons in the OS chrome. Regenerated the padded icons in a macOS VM using iconutil. Bug 28196: preparations for using torbutton tor-browser-brand.ftl A small change to Fluent FileSource class is required so that we can register a new source without its supported locales being counted as available locales for the browser. Bug 31803: Replaced about:debugging logo with flat version --- browser/branding/alpha/VisualElements_150.png | Bin 0 -> 8412 bytes browser/branding/alpha/VisualElements_70.png | Bin 0 -> 3496 bytes browser/branding/alpha/background.png | Bin 0 -> 33362 bytes browser/branding/alpha/bgstub.jpg | Bin 0 -> 12506 bytes browser/branding/alpha/bgstub_2x.jpg | Bin 0 -> 49771 bytes browser/branding/alpha/branding.nsi | 64 +++++++++++++++++++++ browser/branding/alpha/configure.sh | 5 ++ browser/branding/alpha/content/about-logo.png | Bin 0 -> 21173 bytes browser/branding/alpha/content/about-logo(a)2x.png | Bin 0 -> 51309 bytes browser/branding/alpha/content/about-wordmark.svg | 36 ++++++++++++ browser/branding/alpha/content/about.png | Bin 0 -> 18520 bytes browser/branding/alpha/content/aboutDialog.css | 49 ++++++++++++++++ browser/branding/alpha/content/aboutlogins.svg | 59 +++++++++++++++++++ .../branding/alpha/content/firefox-wordmark.svg | 1 + .../branding/alpha/content/horizontal-lockup.svg | 5 ++ .../alpha/content/identity-icons-brand.svg | 25 ++++++++ browser/branding/alpha/content/jar.mn | 22 +++++++ browser/branding/alpha/content/moz.build | 7 +++ browser/branding/alpha/default128.png | Bin 0 -> 9397 bytes browser/branding/alpha/default16.png | Bin 0 -> 811 bytes browser/branding/alpha/default22.png | Bin 0 -> 1240 bytes browser/branding/alpha/default24.png | Bin 0 -> 1368 bytes browser/branding/alpha/default256.png | Bin 0 -> 20481 bytes browser/branding/alpha/default32.png | Bin 0 -> 1956 bytes browser/branding/alpha/default48.png | Bin 0 -> 3067 bytes browser/branding/alpha/default512.png | Bin 0 -> 44907 bytes browser/branding/alpha/default64.png | Bin 0 -> 4318 bytes browser/branding/alpha/disk.icns | Bin 0 -> 1548786 bytes browser/branding/alpha/document.icns | Bin 0 -> 564054 bytes browser/branding/alpha/document.ico | Bin 0 -> 119671 bytes browser/branding/alpha/dsstore | Bin 0 -> 14340 bytes .../alpha/firefox.VisualElementsManifest.xml | 12 ++++ browser/branding/alpha/firefox.icns | Bin 0 -> 291096 bytes browser/branding/alpha/firefox.ico | Bin 0 -> 119941 bytes browser/branding/alpha/firefox.svg | 25 ++++++++ browser/branding/alpha/firefox64.ico | Bin 0 -> 119941 bytes browser/branding/alpha/locales/en-US/brand.dtd | 11 ++++ browser/branding/alpha/locales/en-US/brand.ftl | 22 +++++++ .../branding/alpha/locales/en-US/brand.properties | 14 +++++ browser/branding/alpha/locales/jar.mn | 12 ++++ browser/branding/alpha/locales/moz.build | 7 +++ browser/branding/alpha/moz.build | 13 +++++ browser/branding/alpha/newtab.ico | Bin 0 -> 6518 bytes browser/branding/alpha/newwindow.ico | Bin 0 -> 6518 bytes browser/branding/alpha/pbmode.ico | Bin 0 -> 6518 bytes browser/branding/alpha/pref/firefox-branding.js | 34 +++++++++++ browser/branding/alpha/stubinstaller/bgstub.jpg | Bin 0 -> 53597 bytes .../alpha/stubinstaller/installing_page.css | 61 ++++++++++++++++++++ .../alpha/stubinstaller/profile_cleanup_page.css | 42 ++++++++++++++ browser/branding/alpha/wizHeader.bmp | Bin 0 -> 34254 bytes browser/branding/alpha/wizHeaderRTL.bmp | Bin 0 -> 34254 bytes browser/branding/alpha/wizWatermark.bmp | Bin 0 -> 206038 bytes browser/branding/branding-common.mozbuild | 2 + browser/branding/nightly/VisualElements_150.png | Bin 25470 -> 11666 bytes browser/branding/nightly/VisualElements_70.png | Bin 9590 -> 4273 bytes browser/branding/nightly/configure.sh | 3 +- .../nightly/content/identity-icons-brand.svg | 32 ++++++++++- browser/branding/nightly/content/jar.mn | 2 + browser/branding/nightly/default128.png | Bin 12392 -> 13686 bytes browser/branding/nightly/default16.png | Bin 756 -> 891 bytes browser/branding/nightly/default22.png | Bin 1146 -> 1377 bytes browser/branding/nightly/default24.png | Bin 1281 -> 1509 bytes browser/branding/nightly/default256.png | Bin 30546 -> 33587 bytes browser/branding/nightly/default32.png | Bin 1910 -> 2254 bytes browser/branding/nightly/default48.png | Bin 3606 -> 3789 bytes browser/branding/nightly/default512.png | Bin 0 -> 87830 bytes browser/branding/nightly/default64.png | Bin 4826 -> 5426 bytes browser/branding/nightly/document.icns | Bin 517716 -> 689723 bytes browser/branding/nightly/document.ico | Bin 47042 -> 124422 bytes .../nightly/firefox.VisualElementsManifest.xml | 2 +- browser/branding/nightly/firefox.icns | Bin 1014680 -> 642308 bytes browser/branding/nightly/firefox.ico | Bin 66730 -> 131711 bytes browser/branding/nightly/firefox.svg | 29 ++++++++++ browser/branding/nightly/firefox64.ico | Bin 38630 -> 131711 bytes browser/branding/nightly/locales/en-US/brand.dtd | 8 +-- browser/branding/nightly/locales/en-US/brand.ftl | 2 +- .../nightly/locales/en-US/brand.properties | 10 ++-- browser/branding/nightly/locales/jar.mn | 7 +-- browser/branding/nightly/locales/moz.build | 2 - browser/branding/nightly/wizHeader.bmp | Bin 25820 -> 34254 bytes browser/branding/nightly/wizHeaderRTL.bmp | Bin 25820 -> 34254 bytes browser/branding/nightly/wizWatermark.bmp | Bin 154544 -> 206038 bytes browser/branding/official/VisualElements_150.png | Bin 23037 -> 7949 bytes browser/branding/official/VisualElements_70.png | Bin 8763 -> 3374 bytes browser/branding/official/configure.sh | 2 +- .../official/content/identity-icons-brand.svg | 34 ++++++++++- browser/branding/official/content/jar.mn | 2 + browser/branding/official/default128.png | Bin 13513 -> 9007 bytes browser/branding/official/default16.png | Bin 722 -> 839 bytes browser/branding/official/default22.png | Bin 1134 -> 1250 bytes browser/branding/official/default24.png | Bin 1312 -> 1405 bytes browser/branding/official/default256.png | Bin 32441 -> 19136 bytes browser/branding/official/default32.png | Bin 1948 -> 1965 bytes browser/branding/official/default48.png | Bin 3448 -> 3074 bytes browser/branding/official/default512.png | Bin 0 -> 40438 bytes browser/branding/official/default64.png | Bin 5459 -> 4196 bytes browser/branding/official/disk.icns | Bin 1525764 -> 172073 bytes browser/branding/official/document.icns | Bin 501145 -> 509227 bytes browser/branding/official/document.ico | Bin 45478 -> 119916 bytes .../official/firefox.VisualElementsManifest.xml | 2 +- browser/branding/official/firefox.icns | Bin 1021785 -> 259709 bytes browser/branding/official/firefox.ico | Bin 68328 -> 118595 bytes browser/branding/official/firefox.svg | 31 ++++++++++ browser/branding/official/firefox64.ico | Bin 38630 -> 118595 bytes browser/branding/official/locales/en-US/brand.dtd | 8 +-- .../official/locales/en-US/brand.properties | 10 ++-- browser/branding/official/wizHeader.bmp | Bin 25820 -> 34254 bytes browser/branding/official/wizHeaderRTL.bmp | Bin 25820 -> 34254 bytes browser/branding/official/wizWatermark.bmp | Bin 154544 -> 206038 bytes .../newtab/data/content/activity-stream.bundle.js | 2 +- .../onboarding/content/img/tor-watermark.png | Bin 0 -> 3064 bytes .../shared/identity-block/identity-block.inc.css | 10 ++++ config/version.mk | 2 +- .../images/aboutdebugging-firefox-aurora.svg | 35 +++++++++-- .../themes/images/aboutdebugging-firefox-beta.svg | 35 +++++++++-- .../themes/images/aboutdebugging-firefox-logo.svg | 11 ++-- .../images/aboutdebugging-firefox-nightly.svg | 35 +++++++++-- .../images/aboutdebugging-firefox-release.svg | 35 +++++++++-- intl/l10n/L10nRegistry.jsm | 19 +++++- 119 files changed, 836 insertions(+), 62 deletions(-) diff --git a/browser/branding/alpha/VisualElements_150.png b/browser/branding/alpha/VisualElements_150.png new file mode 100644 index 000000000000..fbf4af94d813 Binary files /dev/null and b/browser/branding/alpha/VisualElements_150.png differ diff --git a/browser/branding/alpha/VisualElements_70.png b/browser/branding/alpha/VisualElements_70.png new file mode 100644 index 000000000000..1add6b0e77ff Binary files /dev/null and b/browser/branding/alpha/VisualElements_70.png differ diff --git a/browser/branding/alpha/background.png b/browser/branding/alpha/background.png new file mode 100644 index 000000000000..0a7e3088f4f0 Binary files /dev/null and b/browser/branding/alpha/background.png differ diff --git a/browser/branding/alpha/bgstub.jpg b/browser/branding/alpha/bgstub.jpg new file mode 100644 index 000000000000..3b78c9498c93 Binary files /dev/null and b/browser/branding/alpha/bgstub.jpg differ diff --git a/browser/branding/alpha/bgstub_2x.jpg b/browser/branding/alpha/bgstub_2x.jpg new file mode 100644 index 000000000000..c724d1803c26 Binary files /dev/null and b/browser/branding/alpha/bgstub_2x.jpg differ diff --git a/browser/branding/alpha/branding.nsi b/browser/branding/alpha/branding.nsi new file mode 100644 index 000000000000..b37853b77643 --- /dev/null +++ b/browser/branding/alpha/branding.nsi @@ -0,0 +1,64 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# NSIS branding defines for nightly builds. +# The official release build branding.nsi is located in other-license/branding/firefox/ +# The unofficial build branding.nsi is located in browser/branding/unofficial/ + +# BrandFullNameInternal is used for some registry and file system values +# instead of BrandFullName and typically should not be modified. +!define BrandFullNameInternal "Nightly" +!define BrandFullName "Firefox Nightly" +!define CompanyName "mozilla.org" +!define URLInfoAbout "https://www.mozilla.org" +!define HelpLink "https://support.mozilla.org" + +!define URLStubDownloadX86 "https://download.mozilla.org/?os=win&lang=${AB_CD}&product=firefox-nightly-…" +!define URLStubDownloadAMD64 "https://download.mozilla.org/?os=win64&lang=${AB_CD}&product=firefox-nightl…" +!define URLStubDownloadAArch64 "https://download.mozilla.org/?os=win64-aarch64&lang=${AB_CD}&product=firefo…" +!define URLManualDownload "https://www.mozilla.org/${AB_CD}/firefox/installer-help/?channel=nightly&in…" +!define URLSystemRequirements "https://www.mozilla.org/firefox/system-requirements/" +!define Channel "nightly" + +# The installer's certificate name and issuer expected by the stub installer +!define CertNameDownload "Mozilla Corporation" +!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA" + +# Dialog units are used so the UI displays correctly with the system's DPI +# settings. +!define PROFILE_CLEANUP_LABEL_TOP "35u" +!define PROFILE_CLEANUP_LABEL_LEFT "0" +!define PROFILE_CLEANUP_LABEL_WIDTH "100%" +!define PROFILE_CLEANUP_LABEL_HEIGHT "80u" +!define PROFILE_CLEANUP_LABEL_ALIGN "center" +!define PROFILE_CLEANUP_CHECKBOX_LEFT "center" +!define PROFILE_CLEANUP_CHECKBOX_WIDTH "100%" +!define PROFILE_CLEANUP_BUTTON_LEFT "center" +!define INSTALL_BLURB_TOP "137u" +!define INSTALL_BLURB_WIDTH "60u" +!define INSTALL_FOOTER_TOP "-48u" +!define INSTALL_FOOTER_WIDTH "250u" +!define INSTALL_INSTALLING_TOP "70u" +!define INSTALL_INSTALLING_LEFT "0" +!define INSTALL_INSTALLING_WIDTH "100%" +!define INSTALL_PROGRESS_BAR_TOP "112u" +!define INSTALL_PROGRESS_BAR_LEFT "20%" +!define INSTALL_PROGRESS_BAR_WIDTH "60%" +!define INSTALL_PROGRESS_BAR_HEIGHT "12u" + +!define PROFILE_CLEANUP_CHECKBOX_TOP_MARGIN "20u" +!define PROFILE_CLEANUP_BUTTON_TOP_MARGIN "20u" +!define PROFILE_CLEANUP_BUTTON_X_PADDING "40u" +!define PROFILE_CLEANUP_BUTTON_Y_PADDING "4u" + +# Font settings that can be customized for each channel +!define INSTALL_HEADER_FONT_SIZE 28 +!define INSTALL_HEADER_FONT_WEIGHT 400 +!define INSTALL_INSTALLING_FONT_SIZE 28 +!define INSTALL_INSTALLING_FONT_WEIGHT 400 + +# UI Colors that can be customized for each channel +!define COMMON_TEXT_COLOR 0xFFFFFF +!define COMMON_BACKGROUND_COLOR 0x000000 +!define INSTALL_INSTALLING_TEXT_COLOR 0xFFFFFF diff --git a/browser/branding/alpha/configure.sh b/browser/branding/alpha/configure.sh new file mode 100644 index 000000000000..243091484f75 --- /dev/null +++ b/browser/branding/alpha/configure.sh @@ -0,0 +1,5 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOZ_APP_DISPLAYNAME="Tor Browser" diff --git a/browser/branding/alpha/content/about-logo.png b/browser/branding/alpha/content/about-logo.png new file mode 100644 index 000000000000..7d705be61dfd Binary files /dev/null and b/browser/branding/alpha/content/about-logo.png differ diff --git a/browser/branding/alpha/content/about-logo(a)2x.png b/browser/branding/alpha/content/about-logo(a)2x.png new file mode 100644 index 000000000000..193c856f3e8c Binary files /dev/null and b/browser/branding/alpha/content/about-logo(a)2x.png differ diff --git a/browser/branding/alpha/content/about-wordmark.svg b/browser/branding/alpha/content/about-wordmark.svg new file mode 100644 index 000000000000..6f71130b417d --- /dev/null +++ b/browser/branding/alpha/content/about-wordmark.svg @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="utf-8"?> + +<svg xmlns="http://www.w3.org/2000/svg" width="270px" height="48px" viewBox="0 0 270 48"> + <path fill="#fff" d="M75.5,11.8V7.9c0-2.2,1.2-3.5,3.1-3.5c1,0,1.8,0.3,3,0.9l1.8-3.5c-1.7-1-3.5-1.4-5.7-1.4 + C73.2,0.3,70,2.8,70,8c0,2.3,0.2,3.7,0.2,3.7h-2.5v3.8H70V37h5.4V15.6h5.1l1.4-3.8H75.5z M92.3,11.2c-6.7,0-11,5.2-11,13.3 + c0,8.1,4.3,13.2,11.1,13.2c6.8,0,11.2-5,11.2-13.2C103.6,16.5,99.5,11.2,92.3,11.2z M92.5,33.6c-3.3,0-5.1-2.1-5.1-9.5 + c0-6.1,1.5-8.8,5-8.8c3.2,0,5.2,2.1,5.2,9.3C97.6,30.9,95.8,33.6,92.5,33.6z M43.7,11.1c-2.5,0-4.4,1.3-6.4,4c0-1.4-0.3-2.8-0.9-4 + l-5,1.3c0.6,1.6,0.9,3.6,0.9,6.8V37h5.5V19.9c0.5-2,2.4-3.7,4.7-3.7c0.6,0,1,0.1,1.6,0.4l1.7-5.1C45,11.2,44.5,11.1,43.7,11.1z + M0,37h5.7V21.2h9.6v-4.6H5.7V7.2h11.8l0.7-4.7H0V37z M21.4,37h5.5V11.2l-5.5,1V37z M24.2,0.7c-2,0-3.6,1.6-3.6,3.7 + c0,2,1.5,3.6,3.5,3.6c2,0,3.7-1.6,3.7-3.6C27.8,2.3,26.2,0.7,24.2,0.7z M125.2,11.8h-6.4c-0.7,1.1-3.3,6.1-4,7.7 + c-1.2-2.3-3.4-6.3-4.6-8.2l-5.9,1.2l7.3,10.8L102.2,37h6.9c0.9-1.4,4.5-7.5,5.5-9.4c0.5,0.9,4.6,8,5.5,9.4h6.9l-9.2-13.8L125.2,11.8 + z M62.7,13.8c-2.1-1.9-4.4-2.6-6.9-2.6c-3.2,0-5.7,1-7.7,3.4C45.9,17.1,45,20,45,24.5c0,8.1,4.5,13.2,11.6,13.2 + c3.4,0,6.4-1.1,9.1-3.3L63.4,31c-1.9,1.6-3.9,2.5-6.3,2.5c-4.9,0-6.2-3.7-6.2-7.2v-0.4H66v-1.2C66,18.9,64.9,15.8,62.7,13.8z + M51,21.8c0-4.1,1.7-6.5,4.8-6.5c2.8,0,4.5,2.4,4.5,6.5H51z M198.5,14.3l-2.4-2.4c-1.2,0.8-2.2,1.1-3.5,1.1c-3,0-3.8-1.4-7.6-1.4 + c-5.4,0-9.2,3.4-9.2,8.4c0,3.3,2.2,6.1,5.6,7.2c-3.4,1-4.5,2.2-4.5,4.3c0,2.2,1.8,3.6,4.7,3.6h3.8c2.5,0,3.9,0.2,4.9,0.9 + c0.9,0.6,1.4,1.6,1.4,3c0,3.1-2.2,4.4-6,4.4c-2,0-3.8-0.5-5.1-1.2c-0.9-0.6-1.5-1.6-1.5-2.9c0-0.8,0.3-1.7,0.7-2.2l-4.1,0.4 + c-0.3,1-0.5,1.7-0.5,2.6c0,3.5,3,6.4,10.8,6.4c6.1,0,9.9-2.5,9.9-7.9c0-2.1-0.8-3.9-2.7-5.3c-1.5-1.1-3.1-1.4-6-1.4h-4 + c-1.3,0-2-0.5-2-1.2c0-0.8,1.1-1.7,4.5-2.9c1.8,0,3.4-0.3,4.7-1.1c2.3-1.4,3.7-4.1,3.7-6.8c0-1.6-0.5-3-1.5-4.3 + c0.4,0.2,1.1,0.3,1.7,0.3C195.8,15.8,196.9,15.4,198.5,14.3z M185,24.8c-3.1,0-4.8-1.7-4.8-4.8c0-3.5,1.6-5.1,4.7-5.1 + c3.3,0,4.6,1.5,4.6,4.9C189.5,23.1,188,24.8,185,24.8z M168.6,1.3c-1.7,0-3,1.4-3,3.1c0,1.7,1.4,3,3,3c1.7,0,3.1-1.3,3.1-3 + C171.6,2.7,170.3,1.3,168.6,1.3z M245.7,34.5c-1.1,0-1.4-0.6-1.4-2.5V6.5c0-3.8-0.6-5.9-0.6-5.9l-3.9,0.8c0,0,0.6,1.9,0.6,5.1v26.4 + c0,1.8,0.4,2.8,1.2,3.5c0.7,0.7,1.7,1,2.9,1c1,0,1.5-0.1,2.5-0.5l-0.8-2.5C246.2,34.4,245.8,34.5,245.7,34.5z M212.7,11.6 + c-3.2,0-6.1,1.8-8.3,3.9c0,0,0.2-1.8,0.2-3.4V6.3c0-3.8-0.7-5.9-0.7-5.9L200,1.1c0,0,0.7,1.9,0.7,5.1V37h3.9V19.3 + c2.1-2.7,4.9-4.2,7.2-4.2c1.3,0,2.3,0.4,2.9,1c0.7,0.7,0.9,1.8,0.9,3.7V37h3.8V19.1c0-1.8-0.1-2.6-0.4-3.6 + C218.4,13.2,215.7,11.6,212.7,11.6z M265.4,12.1l-4.9,16.4c-0.6,2-1.6,5.2-1.6,5.2s-0.7-3.9-1.5-6.2l-5.1-16.2l-3.9,1.3l5.4,15.6 + c0.8,2.5,2.2,7.4,2.5,9l1.6-0.3c-1.3,5.1-2.5,6.7-5.7,7.6l1.2,2.7c4.4-1,6.4-4.3,8-9.3l8.6-25.8H265.4z M234.9,15l1.2-2.9h-6.2 + c0-3.3,0.5-7.2,0.5-7.2l-4.1,0.9c0,0-0.4,3.9-0.4,6.3h-3.2V15h3.2v17.1c0,2.5,0.7,4.1,2.4,5c0.9,0.4,1.9,0.7,3.3,0.7 + c1.8,0,3.1-0.4,4.4-1l-0.6-2.5c-0.7,0.3-1.3,0.5-2.4,0.5c-2.4,0-3.2-0.9-3.2-3.7V15H234.9z M166.5,37h4.1V11.5l-4.1,0.6V37z + M156.8,21.3c0,5,0.4,10.5,0.4,10.5s-1.4-3.8-3.2-7.2L142.7,2.7h-4.8V37h4.2l-0.2-19.9c0-4.5-0.4-9.3-0.4-9.3s1.7,4.1,3.9,8.2l11,21 + h4.3V2.7h-4L156.8,21.3z M128.3,12.9c-0.3-0.1-0.7-0.1-1-0.1v2.3h0.3v-1c0.3,0,0.7,1,0.7,1s0.2,0,0.4,0c-0.2-0.3-0.3-0.7-0.6-1 + C128.8,14.1,128.9,13.1,128.3,12.9z M127.6,13.8v-0.7c0,0,0.7,0,0.7,0.3C128.3,13.9,127.8,13.9,127.6,13.8z M128,12 + c-1.1,0-2,0.9-2,2s0.9,2,2,2s2-0.9,2-2S129.1,12,128,12z M128,15.5c-0.8,0-1.5-0.7-1.5-1.5s0.7-1.5,1.5-1.5s1.5,0.7,1.5,1.5 + S128.8,15.5,128,15.5z"/> +</svg> diff --git a/browser/branding/alpha/content/about.png b/browser/branding/alpha/content/about.png new file mode 100644 index 000000000000..3b93625ddd70 Binary files /dev/null and b/browser/branding/alpha/content/about.png differ diff --git a/browser/branding/alpha/content/aboutDialog.css b/browser/branding/alpha/content/aboutDialog.css new file mode 100644 index 000000000000..293b5f493f3f --- /dev/null +++ b/browser/branding/alpha/content/aboutDialog.css @@ -0,0 +1,49 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#aboutDialogContainer { + background-color: #20123a; + color: #fff; +} + +#clientBox { + padding: 10px 0 15px; +} + +#leftBox { + background-image: url("chrome://branding/content/about-logo.png"); + background-repeat: no-repeat; + background-size: 192px auto; + background-position: center 20%; + /* min-width and min-height create room for the logo */ + min-width: 210px; + min-height: 210px; + margin-top: 20px; + margin-inline-start: 30px; +} + +@media (min-resolution: 2dppx) { + #leftBox { + background-image: url("chrome://branding/content/about-logo@2x.png"); + } +} + +.text-link { + color: #fff !important; + text-decoration: underline; +} + +.text-link:-moz-focusring { + border-color: #fff; +} + +#rightBox { + margin-inline: 30px; + padding-top: 64px; +} + +#bottomBox { + background-color: hsla(235, 43%, 10%, .5); + padding: 15px 10px 15px; +} diff --git a/browser/branding/alpha/content/aboutlogins.svg b/browser/branding/alpha/content/aboutlogins.svg new file mode 100644 index 000000000000..f4b6a3fc41b7 --- /dev/null +++ b/browser/branding/alpha/content/aboutlogins.svg @@ -0,0 +1,59 @@ +<svg xmlns="http://www.w3.org/2000/svg" height="80" width="460" viewBox="0 0 460 80"> + <defs> + <linearGradient id="a" x1="57.63" y1="9.47" x2="21.37" y2="72.26" gradientUnits="userSpaceOnUse"> + <stop offset="0" stop-color="#ff980e"/> + <stop offset=".11" stop-color="#ff851b"/> + <stop offset=".57" stop-color="#ff3750"/> + <stop offset=".8" stop-color="#f92261"/> + <stop offset="1" stop-color="#f5156c"/> + </linearGradient> + <linearGradient id="b" x1="57.31" y1="-.8" x2="27.68" y2="69.03" gradientUnits="userSpaceOnUse"> + <stop offset="0" stop-color="#fff261" stop-opacity=".8"/> + <stop offset=".06" stop-color="#fff261" stop-opacity=".68"/> + <stop offset=".19" stop-color="#fff261" stop-opacity=".48"/> + <stop offset=".31" stop-color="#fff261" stop-opacity=".31"/> + <stop offset=".42" stop-color="#fff261" stop-opacity=".17"/> + <stop offset=".53" stop-color="#fff261" stop-opacity=".08"/> + <stop offset=".63" stop-color="#fff261" stop-opacity=".02"/> + <stop offset=".72" stop-color="#fff261" stop-opacity="0"/> + </linearGradient> + <linearGradient id="c" x1="71.71" y1="75.85" x2="71.71" y2="28.29" gradientUnits="userSpaceOnUse"> + <stop offset="0" stop-color="#0090ed"/> + <stop offset=".5" stop-color="#9059ff"/> + <stop offset=".81" stop-color="#b833e1"/> + </linearGradient> + <linearGradient id="d" x1="17.89" y1="78.48" x2="48.5" y2="26.39" gradientUnits="userSpaceOnUse"> + <stop offset=".02" stop-color="#0090ed"/> + <stop offset=".49" stop-color="#9059ff"/> + <stop offset="1" stop-color="#b833e1"/> + </linearGradient> + <linearGradient id="e" x1="21.87" y1="58.41" x2="4.02" y2="40.56" gradientUnits="userSpaceOnUse"> + <stop offset=".14" stop-color="#592acb" stop-opacity="0"/> + <stop offset=".33" stop-color="#542bc8" stop-opacity=".03"/> + <stop offset=".53" stop-color="#462fbf" stop-opacity=".11"/> + <stop offset=".74" stop-color="#2f35b1" stop-opacity=".25"/> + <stop offset=".95" stop-color="#0f3d9c" stop-opacity=".44"/> + <stop offset="1" stop-color="#054096" stop-opacity=".5"/> + </linearGradient> + <linearGradient id="f" x1="75.86" y1="38.71" x2="66.87" y2="54.27" gradientUnits="userSpaceOnUse"> + <stop offset="0" stop-color="#722291" stop-opacity=".5"/> + <stop offset=".5" stop-color="#b833e1" stop-opacity="0"/> + </linearGradient> + <linearGradient id="g" x1="56.84" y1="60.96" x2="46.4" y2="72.73" gradientUnits="userSpaceOnUse"> + <stop offset="0" stop-color="#054096" stop-opacity=".5"/> + <stop offset=".03" stop-color="#0f3d9c" stop-opacity=".44"/> + <stop offset=".17" stop-color="#2f35b1" stop-opacity=".25"/> + <stop offset=".3" stop-color="#462fbf" stop-opacity=".11"/> + <stop offset=".43" stop-color="#542bc8" stop-opacity=".03"/> + <stop offset=".56" stop-color="#592acb" stop-opacity="0"/> + </linearGradient> + </defs> + <path d="M76.46 30.15A312.48 312.48 0 0 0 49.84 3.53a15.47 15.47 0 0 0-19.69 0A312.48 312.48 0 0 0 3.53 30.16a15.47 15.47 0 0 0 0 19.69 312.48 312.48 0 0 0 26.63 26.62A14.87 14.87 0 0 0 40 80a14.93 14.93 0 0 0 9.88-3.56c4.9-4.42 9.37-8.69 13.68-13.07a4.45 4.45 0 0 0-.34-6.11L50 44.93a15.18 15.18 0 0 0 5.08-12 15.4 15.4 0 0 0-14.4-14.64 15.2 15.2 0 0 0-11.36 4.16 15.28 15.28 0 0 0 .3 22.48l-4.78 4.33A3.86 3.86 0 0 0 30 55l5.29-4.8.14-.13a7.24 7.24 0 0 0 2.11-5.43A7.34 7.34 0 0 0 35 39.35a7.58 7.58 0 1 1 9.77 0 7.39 7.39 0 0 0-2.62 5.32 7.25 7.25 0 0 0 2.11 5.4l.09.09 11.1 10.4c-3.4 3.37-6.94 6.71-10.71 10.13a7.89 7.89 0 0 1-9.46 0 307.34 307.34 0 0 1-26-26 7.91 7.91 0 0 1 0-9.46 304.52 304.52 0 0 1 26-26 7.89 7.89 0 0 1 9.45 0 304.52 304.52 0 0 1 26 26 7.89 7.89 0 0 1 0 9.45c-1.33 1.5-2.66 3-4 4.37a3.85 3.85 0 1 0 5.67 5.22c1.32-1.43 2.68-2.93 4-4.47a15.47 15.47 0 0 0 .06-19.65z" fill="url(#a)"/> + <path d="M76.46 30.15A312.48 312.48 0 0 0 49.84 3.53a15.47 15.47 0 0 0-19.69 0A312.48 312.48 0 0 0 3.53 30.16a15.47 15.47 0 0 0 0 19.69 312.48 312.48 0 0 0 26.63 26.62A14.87 14.87 0 0 0 40 80a14.93 14.93 0 0 0 9.88-3.56c4.9-4.42 9.37-8.69 13.68-13.07a4.45 4.45 0 0 0-.34-6.11L50 44.93a15.18 15.18 0 0 0 5.08-12 15.4 15.4 0 0 0-14.4-14.64 15.2 15.2 0 0 0-11.36 4.16 15.28 15.28 0 0 0 .3 22.48l-4.78 4.33A3.86 3.86 0 0 0 30 55l5.29-4.8.14-.13a7.24 7.24 0 0 0 2.11-5.43A7.34 7.34 0 0 0 35 39.35a7.58 7.58 0 1 1 9.77 0 7.39 7.39 0 0 0-2.62 5.32 7.25 7.25 0 0 0 2.11 5.4l.09.09 11.1 10.4c-3.4 3.37-6.94 6.71-10.71 10.13a7.89 7.89 0 0 1-9.46 0 307.34 307.34 0 0 1-26-26 7.91 7.91 0 0 1 0-9.46 304.52 304.52 0 0 1 26-26 7.89 7.89 0 0 1 9.45 0 304.52 304.52 0 0 1 26 26 7.89 7.89 0 0 1 0 9.45c-1.33 1.5-2.66 3-4 4.37a3.85 3.85 0 1 0 5.67 5.22c1.32-1.43 2.68-2.93 4-4.47a15.47 15.47 0 0 0 .06-19.65z" fill="url(#b)"/> + <path d="M70.69 35.27a7.89 7.89 0 0 1 0 9.45c-1.33 1.5-2.66 3-4 4.37a3.85 3.85 0 1 0 5.67 5.22c1.32-1.43 2.68-2.93 4-4.47 4.82-5.33-5.67-14.57-5.67-14.57z" fill="url(#c)"/> + <path d="M55.45 60.56c-3.4 3.37-6.94 6.71-10.71 10.13a7.89 7.89 0 0 1-9.46 0 307.34 307.34 0 0 1-26-26 7.91 7.91 0 0 1 0-9.46l-1.75 2a12.89 12.89 0 0 0 .21 17.27 309.82 309.82 0 0 0 22.42 21.97A14.87 14.87 0 0 0 40 80a14.93 14.93 0 0 0 9.88-3.56c2.79-2.52 5.89-5.43 8.67-8.11a3.37 3.37 0 0 0 0-4.86z" fill="url(#d)"/> + <path d="M7.78 54.53c2.92 3.17 5.83 6.2 8.81 9.16l1.19-1.94c1-1.59 2-3.15 3.07-4.71-3.85-3.91-7.66-7.95-11.54-12.3a7.91 7.91 0 0 1 0-9.46l-1.75 2a12.89 12.89 0 0 0 .18 17.22z" fill="url(#e)" opacity=".9"/> + <path d="M70.69 35.27a7.89 7.89 0 0 1 0 9.45c-1.33 1.5-2.66 3-4 4.37a3.85 3.85 0 1 0 5.67 5.22c1.32-1.43 2.68-2.93 4-4.47 4.82-5.33-5.67-14.57-5.67-14.57z" fill="url(#f)"/> + <path d="M58.51 63.47l-3.06-2.91c-3.4 3.37-6.94 6.71-10.72 10.13a7.71 7.71 0 0 1-6.07 1.48v7.77c.44 0 .88.06 1.33.06a14.93 14.93 0 0 0 9.88-3.56c2.79-2.52 5.89-5.43 8.67-8.11a3.36 3.36 0 0 0-.03-4.86z" fill="url(#g)" opacity=".9"/> + <path d="M97 56.15h6.25v-13h14.44v-5.8h-14.48v-7.41h14.44v-5.89H97zm28.35-34.38a3.79 3.79 0 0 0-3.87 3.95 3.9 3.9 0 0 0 7.79 0 3.77 3.77 0 0 0-3.96-3.95zm-3.08 34.38h6.21V32.41h-6.21zm17-20.09v-3.65h-6v23.74h6V43.62c0-4 2-5.58 5.15-5.58a5.59 5.59 0 0 1 3.17.83l2.2-6a8.78 8.78 0 0 0-4-.92c-3 .05-5.38 1.29-6.52 4.11zm23.42-4.14a12.27 12.27 0 0 0-12.46 12.41c0 6.9 4.93 12.31 12.59 12.31a12.5 12.5 0 0 0 11-5.5l-5-2.9a6.5 6.5 0 0 1-5.9 3.17 6.61 6.61 0 0 1-6.83-5H175V44.1a11.84 11.84 0 0 0-12.31-12.18zm-6.43 9.72a6.61 6.61 0 0 1 6.43-4.57 6 6 0 0 1 6.25 4.57zm24.39-10.07v.84h-3.92v5.45h3.92v18.29h6V37.86h5.72v-5.45h-5.72v-1.15c0-3.6.49-4.22 4.71-4.22h1V21.5h-1.58c-7.71 0-10.13 2.38-10.13 10.07zm25.71.35A12.36 12.36 0 1 0 219 44.28a12.31 12.31 0 0 0-12.64-12.36zm0 19a6.64 6.64 0 1 1 6.52-6.64 6.53 6.53 0 0 1-6.48 6.6zM244 32.41h-7.13l-5 7-5-7h-7.22L228.06 44l-8.89 12.18h7.31l5.33-7.43 5.45 7.43h7.36L235.55 44zm18.89-8.36h-3.7v32.1h20.25v-3.56h-16.55zm31 7.87a12.36 12.36 0 1 0 12.37 12.3 6 12.2 12.2 0 0 0-12.38-12.36zm0 21.29a8.61 8.61 0 0 1-8.67-8.93 8.7 8.7 0 1 1 17.39 0 8.65 8.65 0 0 1-8.73 8.93zm28.35 0a8.88 8.88 0 0 1-8.89-9 8.77 8.77 0 0 1 8.76-9 8.4 8.4 0 0 1 8 5.28l3.3-1.45a12 12 0 0 0-11.23-7.22 12.36 12.36 0 1 0 .05 24.72 11.88 11.88 0 0 0 11.31-7.48l-3.34-1.41a8.5 8.5 0 0 1-7.97 5.6zm37.06-20.8h-4.53l-12.59 13.41V21.5h-3.57v34.65h3.57V50l5.06-5.36 8.27 11.56h4.36l-10-13.8zm30.16 18.69l-7.09-18.69H379l-7.26 18.82-6-18.82H362l7.79 23.74h3.52l7.31-18.82 7.31 18.82h3.25l8.24-23.74h-3.75zm16-28.85a2.86 2.86 0 1 0 2.86 2.86 2.79 2.79 0 0 0-2.88-2.86zm-1.81 33.9h3.66V32.41h-3.66zm19-13.72c-3.7-.74-6.56-1.23-6.56-3.69 0-2.2 1.5-3.78 5.15-3.78a7.65 7.65 0 0 1 6.51 3.16l3-2a11.52 11.52 0 0 0-9.51-4.22c-5.64 0-8.85 3.21-8.85 6.9 0 4.75 4.36 5.85 8.45 6.64 3.48.71 6.74 1.24 6.74 3.87 0 2.38-1.94 4.14-5.64 4.14a8.79 8.79 0 0 1-7.66-3.87l-3.12 2.11c2.11 3 5.5 5 10.7 5 6.2 0 9.37-3.65 9.37-7.39-.04-4.93-4.53-6.07-8.62-6.87zM459.76 44a11.72 11.72 0 0 0-12.1-12.1 12.2 12. 2 0 0 0-12.42 12.45c0 7 4.93 12.27 12.55 12.27a12.21 12.21 0 0 0 11-6l-3.08-1.8a8.5 8.5 0 0 1-8 4.57c-5 0-8.5-3.21-9-7.74h21zm-20.91-1.54a8.84 8.84 0 0 1 8.81-7.35 8 8 0 0 1 8.41 7.35z" fill="#20123a"/> +</svg> diff --git a/browser/branding/alpha/content/firefox-wordmark.svg b/browser/branding/alpha/content/firefox-wordmark.svg new file mode 100644 index 000000000000..65270a3cd9a9 --- /dev/null +++ b/browser/branding/alpha/content/firefox-wordmark.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="172" height="42"><path fill="context-fill #20123a" d="M.19 2.82h25.72v7H7.57v9.43h18.34v6.9H7.57v15.14H.19zM34.65.13a4.14 4.14 0 0 1 4.27 4.33 4.12 4.12 0 0 1-4.32 4.32 4.09 4.09 0 0 1-4.27-4.22A4.27 4.27 0 0 1 34.65.13zM31 12.83h7.27v28.46H31zm28.35 7.91a5.89 5.89 0 0 0-3.53-1.27c-3 0-4.64 1.9-4.64 6.06v15.76H44V12.83h6.9v4.11a6.79 6.79 0 0 1 6.8-4.37A8.69 8.69 0 0 1 62.53 14zm3 6.48c0-8.17 6.06-15 14.65-15s14.59 6.06 14.59 14.49v3H69.48c.79 3.58 3.58 6 7.85 6a7.62 7.62 0 0 0 7.06-4.21l6.06 3.63c-3 4.43-7.27 6.75-13.33 6.75-9.22-.01-14.75-6.18-14.75-14.66zM69.59 24h15c-.79-3.63-3.74-5.63-7.59-5.63A7.31 7.31 0 0 0 69.59 24zM93.4 12.83h5.11v-1.42c0-7.75 3.27-11 10.44-11h2.53v6.31h-2.06c-3.37 0-4.11 1.16-4.11 4.69v1.42h6.17v6.54h-6v21.92h-7V19.37H93.4zm19.45 14.23a14.56 14.56 0 0 1 14.85-14.81 14.81 14.81 0 1 1 0 29.62c-8.85 0-14.85-6.49-14.85-14.81zm22.65 0a7.8 7.8 0 1 0-15.59 0 7.8 7.8 0 1 0 15.59 0zm16.86-.32l-10.27-13.91h8.53l6.06 8.7 5 6.22-8.75h8.38l-10.43 13.86 11 14.6h-8.49L156.53 32l-6.59 9.28h-8.48z"/></svg> \ No newline at end of file diff --git a/browser/branding/alpha/content/horizontal-lockup.svg b/browser/branding/alpha/content/horizontal-lockup.svg new file mode 100644 index 000000000000..ca00c08f449b --- /dev/null +++ b/browser/branding/alpha/content/horizontal-lockup.svg @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="utf-8"?> + +<svg id="Layer_1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1646.4 381.8"><style>.st0{fill:#363959}</style><path class="st0" d="M996 168.9h-21.8L951 209.4l-23.1-40.5h-22.7l34.2 52.2-38.6 58.3h21.8l27.5-46.8 27.1 46.8h23.3l-38.4-59.2 33.9-51.3zM530 279.5h19.3V168.9H530v110.6zm63-87.3l-1.9-23.3h-16.5v110.5H594v-57c0-17.2 12.6-36.3 26.4-36.3 3.3 0 6.5.4 9.7 1.3l3.6-18.9c-3.6-.8-7.2-1.3-10.9-1.3-13.4 0-23.7 8.4-29.6 24.9l-.2.1zm-156.3 87.2h19.9v-63.6h47.2v-15.7h-47.2v-49.3h54.5l2.3-15.9h-76.8l.1 144.5zm102.8-151.6c-8 0-13.4 5.7-13.4 13.2 0 7.3 5.5 13 13.4 13 8.2 0 13.6-5.7 13.6-13 .1-7.5-5.4-13.2-13.6-13.2zm312.7 39.5c-31.5 0-49.5 22.8-49.5 57 0 35 17.8 57.7 49.3 57.7 31.3 0 49.3-23.7 49.3-57.9 0-35.1-17.6-56.9-49.1-56.8zm-.2 99.1c-18.5 0-28.5-13.4-28.5-42.2 0-28.9 10.3-41.5 28.7-41.5 18.2 0 28.3 12.6 28.3 41.3 0 29-10.1 42.4-28.5 42.4zm-78.2-105.2c0-10.7 4.2-18.6 16.4-18.6 6.7 0 13.2 1.5 19.3 4.2l6.1-14c-8.8-3.8-15.9-5.7-26.4-5.7-22.5 0-34.6 14.1-34.6 32.6v9.2h-19.7v14.8h19.7v95. 7h19.3v-95.7h24.8l2.1-14.9H774l-.2-7.6zm-92 6c-28.5 0-45.9 23.7-45.9 58.1 0 35 18 56.6 48.9 56.6 15.3 0 27.7-5.2 38.6-13.8l-8.4-11.5c-9.7 6.7-17.8 9.6-28.7 9.6-15.9 0-27.9-9.9-29.8-35.4H727c.2-2.5.4-6.1.4-9.9-.1-33.7-15.8-53.7-45.6-53.7zm26.5 49.3h-51.9c1.5-24.5 11.1-33.9 25.8-33.9 17.4 0 26 11.1 26 32.7l.1 1.2z"/><g id="Layer_1-2_1_"><g id="Layer_2-2_1_"><g id="Firefox"><linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="-15667.935" y1="9459.303" x2="-15565.798" y2="9459.303" gradientTransform="matrix(.76 .03 .05 -1.12 11733.87 11198.95)"><stop offset="0" stop-color="#0083ff"/><stop offset=".1" stop-color="#0092f8"/><stop offset=".31" stop-color="#00abeb"/><stop offset=".52" stop-color="#00bee1"/><stop offset=".75" stop-color="#00c8dc"/><stop offset="1" stop-color="#00ccda"/></linearGradient><path d="M298.8 35.5c-9.3 10.8-13.6 35.2-4.2 59.9s23.9 19.3 32.9 44.5c11.9 33.2 6.4 77.8 6.4 77.8s14.3 41.4 24.2-2.6c22-82.5-59.3-159.2-59.3-179.6z" fill="url(#SVGID_1_)"/><radialG radient id="_Path__2_" cx="-7705.698" cy="9049.584" r="306.995" gradientTransform="matrix(1.23 0 0 -1.22 9720.16 11130.11)" gradientUnits="userSpaceOnUse"><stop offset=".02" stop-color="#005fe7"/><stop offset=".18" stop-color="#0042b4"/><stop offset=".32" stop-color="#002989"/><stop offset=".4" stop-color="#002079"/><stop offset=".47" stop-color="#131d78"/><stop offset=".66" stop-color="#3b1676"/><stop offset=".75" stop-color="#4a1475"/></radialGradient><path id="_Path__1_" d="M185 377.5c95.2 0 172.2-77.5 172.2-173s-77.1-173-172.1-173S13 108.8 13 204.4c-.2 95.7 77 173.1 172 173.1z" fill="url(#_Path__2_)"/><linearGradient id="SVGID_2_" gradientUnits="userSpaceOnUse" x1="208.796" y1="783.075" x2="134.518" y2="1026.051" gradientTransform="matrix(1 0 0 -1 1 1066)"><stop offset="0" stop-color="#000f43" stop-opacity=".4"/><stop offset=".48" stop-color="#001962" stop-opacity=".17"/><stop offset="1" stop-color="#002079" stop-opacity="0"/></linearGradient><path d="M314.5 311.8c-3.7 2.6-7.6 5 -11.7 7.1 5.4-7.9 10.3-16 14.9-24.4 3.7-4.1 7-8 9.8-12.3 1.3-2.1 2.8-4.7 4.4-7.7 9.7-17.4 20.3-45.6 20.6-74.6v-2.2c.1-7.3-.7-14.5-2.2-21.6.1.6.1 1.1.2 1.7-.1-.4-.2-.9-.2-1.3.1.8.3 1.6.4 2.3 2 16.8.6 33.1-6.5 45.2-.1.2-.2.3-.3.5 3.7-18.3 4.9-38.6.8-58.8 0 0-1.6-9.8-13.7-39.7-7-17.2-19.3-31.3-30.3-41.6-9.6-11.9-18.3-19.8-23.1-24.9-10-10.5-14.2-18.5-15.9-23.6-1.5-.7-20.6-19.3-22.1-20-8.3 12.9-34.6 53.4-22.1 91.2 5.7 17.1 20 34.9 34.9 44.9.7.8 8.9 9.7 12.8 29.9 4.1 20.9 1.9 37.2-6.4 61.3-9.8 21.1-34.9 42.1-58.5 44.2-50.3 4.6-68.7-25.3-68.7-25.3 18 7.2 37.9 5.7 49.9-1.8 12.2-7.5 19.6-13.1 25.5-10.9 5.9 2.2 10.6-4.2 6.4-10.8-6.7-10.2-18.8-15.5-30.8-13.4-12.2 2-23.4 11.6-39.3 2.3-1-.6-2-1.3-3-2-1.1-.7 3.4 1.1 2.4.3-3.1-1.7-8.6-5.4-10-6.7-.2-.2 2.4.8 2.2.6-14.9-12.3-13.1-20.6-12.6-25.8.4-4.2 3.1-9.5 7.7-11.7 2.2 1.2 3.6 2.1 3.6 2.1s-.9-1.9-1.5-2.9c.2-.1.3-.1.5-.1 1.8.9 5.8 3.1 7.9 4.5 2.7 1.9 3.6 3.7 3.6 3.7s.7-.4.2-2.1c-.2-.7-1-2.9-3.7-5.1h.2c1.6.9 3.2 2 4.6 3.2.8-2.8 2.1-5.7 1.8-10.9-.2-3 .7-.1-4.6-.7-6-.6-1.2.3-1.7 1.3-.4-.2-1-.5-2-.9-2.9v-.1c1.3-4.4 26.5-15.7 28.3-17 3-2.1 5.5-4.9 7.4-8.1 1.4-2.2 2.5-5.4 2.7-10.1.1-3.4-1.5-5.7-27-8.4-7-.7-11.1-5.7-13.4-10.4-.4-1-.9-1.9-1.3-2.8-.4-1.1-.7-2.2-1-3.3 4.2-12 11.2-22.1 21.5-29.8.6-.5-2.2.1-1.7-.4.7-.6 4.9-2.3 5.7-2.7 1-.5-4.2-2.7-8.8-2.1-4.7.5-5.7 1.1-8.2 2.1 1-1 4.3-2.4 3.6-2.4-5 .8-11.3 3.7-16.7 7 0-.6.1-1.2.3-1.7-2.5 1.1-8.6 5.4-10.4 9 .1-.7.1-1.4.1-2.1-1.9 1.6-3.6 3.4-5.1 5.4l-.1.1c-14.5-5.8-27.2-6.2-38-3.6-2.4-2.4-3.5-.6-8.9-12.4-.4-.7.3.7 0 0-.9-2.3.5 3.1 0 0-9 7.1-20.9 15.2-26.6 20.9-.1.2 6.7-1.9 0 0-2.3.7-2.2 2-2.5 14.5-.1.9 0 2-.1 2.9-4.6 5.8-7.7 10.7-8.8 13.3-5.9 10.2-12.4 26-18.7 51 2.8-6.8 6.1-13.3 10-19.5-5.2 13.3-10.3 34.2-11.3 66.3 1.3-6.6 2.9-13.2 4.9-19.7-1.2 26.7 3.4 53.3 13.5 78 3.6 8.9 9.6 22.3 19.8 37 32 33.7 77.2 54.7 127.2 54.7 52.1 0 99-22.8 131.2-59.1z" fill="url(#SVGID_2_)"/><linearGradient id="SVGID_3_" gradientUnits="userSpaceOnUse" x1="209.796" y1="783.075" x2="135.518" y2="1026.051" gradient Transform="matrix(1 0 0 -1 0 1066)"><stop offset="0" stop-color="#000f43" stop-opacity=".4"/><stop offset=".48" stop-color="#001962" stop-opacity=".17"/><stop offset="1" stop-color="#002079" stop-opacity="0"/></linearGradient><path d="M314.5 311.8c-3.7 2.6-7.6 5-11.7 7.1 5.4-7.9 10.3-16 14.9-24.4 3.7-4.1 7-8 9.8-12.3 1.3-2.1 2.8-4.7 4.4-7.7 9.7-17.4 20.3-45.6 20.6-74.6v-2.2c.1-7.3-.7-14.5-2.2-21.6.1.6.1 1.1.2 1.7-.1-.4-.2-.9-.2-1.3.1.8.3 1.6.4 2.3 2 16.8.6 33.1-6.5 45.2-.1.2-.2.3-.3.5 3.7-18.3 4.9-38.6.8-58.8 0 0-1.6-9.8-13.7-39.7-7-17.2-19.3-31.3-30.3-41.6-9.6-11.9-18.3-19.8-23.1-24.9-10-10.5-14.2-18.5-15.9-23.6-1.5-.7-20.6-19.3-22.1-20-8.3 12.9-34.6 53.4-22.1 91.2 5.7 17.1 20 34.9 34.9 44.9.7.8 8.9 9.7 12.8 29.9 4.1 20.9 1.9 37.2-6.4 61.3-9.8 21.1-34.9 42.1-58.5 44.2-50.3 4.6-68.7-25.3-68.7-25.3 18 7.2 37.9 5.7 49.9-1.8 12.2-7.5 19.6-13.1 25.5-10.9 5.9 2.2 10.6-4.2 6.4-10.8-6.7-10.2-18.8-15.5-30.8-13.4-12.2 2-23.4 11.6-39.3 2.3-1-.6-2-1.3-3-2-1.1-.7 3.4 1.1 2.4.3-3.1-1.7-8.6-5.4-1 0-6.7-.2-.2 2.4.8 2.2.6-14.9-12.3-13.1-20.6-12.6-25.8.4-4.2 3.1-9.5 7.7-11.7 2.2 1.2 3.6 2.1 3.6 2.1s-.9-1.9-1.5-2.9c.2-.1.3-.1.5-.1 1.8.9 5.8 3.1 7.9 4.5 2.7 1.9 3.6 3.7 3.6 3.7s.7-.4.2-2.1c-.2-.7-1-2.9-3.7-5.1h.2c1.6.9 3.2 2 4.6 3.2.8-2.8 2.1-5.7 1.8-10.9-.2-3.7-.1-4.6-.7-6-.6-1.2.3-1.7 1.3-.4-.2-1-.5-2-.9-2.9v-.1c1.3-4.4 26.5-15.7 28.3-17 3-2.1 5.5-4.9 7.4-8.1 1.4-2.2 2.5-5.4 2.7-10.1.1-3.4-1.5-5.7-27-8.4-7-.7-11.1-5.7-13.4-10.4-.4-1-.9-1.9-1.3-2.8-.4-1.1-.7-2.2-1-3.3 4.2-12 11.2-22.1 21.5-29.8.6-.5-2.2.1-1.7-.4.7-.6 4.9-2.3 5.7-2.7 1-.5-4.2-2.7-8.8-2.1-4.7.5-5.7 1.1-8.2 2.1 1-1 4.3-2.4 3.6-2.4-5 .8-11.3 3.7-16.7 7 0-.6.1-1.2.3-1.7-2.5 1.1-8.6 5.4-10.4 9 .1-.7.1-1.4.1-2.1-1.9 1.6-3.6 3.4-5.1 5.4l-.1.1c-14.5-5.8-27.2-6.2-38-3.6-2.4-2.4-3.5-.6-8.9-12.4-.4-.7.3.7 0 0-.9-2.3.5 3.1 0 0-9 7.1-20.9 15.2-26.6 20.9-.1.2 6.7-1.9 0 0-2.3.7-2.2 2-2.5 14.5-.1.9 0 2-.1 2.9-4.6 5.8-7.7 10.7-8.8 13.3-5.9 10.2-12.4 26-18.7 51 2.8-6.8 6.1-13.3 10-19.5-5.2 13.3-10.3 34.2-11.3 66.3 1.3-6.6 2.9-13.2 4.9-19.7-1.2 26.7 3.4 53.3 13.5 78 3.6 8.9 9.6 22.3 19.8 37 32 33.7 77.2 54.7 127.2 54.7 52.1 0 99-22.8 131.2-59.1z" fill="url(#SVGID_3_)"/><linearGradient id="SVGID_4_" gradientUnits="userSpaceOnUse" x1="-8672.42" y1="7683.359" x2="-8717.133" y2="7686.809" gradientTransform="matrix(1.22 .12 .12 -1.22 10013.36 10723.12)"><stop offset="0" stop-color="#812cc9"/><stop offset="1" stop-color="#005fe7"/></linearGradient><path d="M275.9 336.3c63.2-7.3 91.2-72.4 55.2-73.7-32.4-1.1-85.1 77.1-55.2 73.7z" fill="url(#SVGID_4_)"/><linearGradient id="SVGID_5_" gradientUnits="userSpaceOnUse" x1="-8704.525" y1="7740.822" x2="-8662.642" y2="7784.325" gradientTransform="matrix(1.22 .12 .12 -1.22 10013.36 10723.12)"><stop offset=".05" stop-color="#005fe7"/><stop offset=".18" stop-color="#065de6"/><stop offset=".35" stop-color="#1856e1"/><stop offset=".56" stop-color="#354adb"/><stop offset=".78" stop-color="#5d3ad1"/><stop offset=".95" stop-color="#812cc9"/></linearGradient><path d="M335.7 249.3c43.5- 25.3 32.1-80 32.1-80s-16.8 19.5-28.2 50.6c-11.2 30.8-30.1 44.7-3.9 29.4z" fill="url(#SVGID_5_)"/><linearGradient id="SVGID_6_" gradientUnits="userSpaceOnUse" x1="-8783.499" y1="7643.23" x2="-8693.914" y2="7643.02" gradientTransform="matrix(1.22 .12 .12 -1.22 10013.36 10723.12)"><stop offset="0" stop-color="#002079"/><stop offset=".99" stop-color="#a238ff"/></linearGradient><path d="M197.7 368.6c60.6 19.3 112.7-28.4 80.6-44.4-29.2-14.3-109.4 35.3-80.6 44.4z" fill="url(#SVGID_6_)"/><radialGradient id="SVGID_7_" cx="249.892" cy="916.931" r="308.051" fx="304.575" fy="866.824" gradientTransform="matrix(1 0 0 -1 0 1066)" gradientUnits="userSpaceOnUse"><stop offset=".2" stop-color="#00fdff"/><stop offset=".26" stop-color="#0af1ff"/><stop offset=".37" stop-color="#23d2ff"/><stop offset=".52" stop-color="#4da0ff"/><stop offset=".69" stop-color="#855bff"/><stop offset=".77" stop-color="#a238ff"/><stop offset=".81" stop-color="#a738fd"/><stop offset=".86" stop-color="#b539f9"/><stop offset=".9 " stop-color="#cd39f1"/><stop offset=".96" stop-color="#ee3ae6"/><stop offset=".98" stop-color="#ff3be0"/></radialGradient><path d="M247.7 8.3l.2-.2c0 .1-.1.1-.2.2zm92.5 264.2c1.5-2.1 3.5-8.7 5.2-11.7 10.7-17.3 10.8-31 10.8-31.4 6.5-32.3 5.9-45.5 1.9-69.8-3.2-19.6-17.2-47.8-29.3-61.3-12.5-14-3.7-9.4-15.8-19.6-10.6-11.8-20.9-23.4-26.5-28.1C246 16.8 247 9.6 247.7 8.4c-.1.1-.3.4-.6.6-.5-1.9-.8-3.5-.8-3.5s-22.1 22.1-26.8 59c-3 24.1 6 49.2 19 65.2 6.8 8.3 14.5 15.9 22.9 22.5 9.9 14.2 15.3 31.6 15.3 50.4 0 47-38.2 85.2-85.2 85.2-6.4 0-12.8-.7-19.1-2.1-22.2-4.2-35-15.4-41.4-23.1-3.7-4.4-5.2-7.5-5.2-7.5 19.9 7.1 41.9 5.6 55.3-1.8 13.5-7.5 21.6-13 28.3-10.8 6.5 2.2 11.7-4.1 7.1-10.7-4.6-6.5-16.5-15.9-34.1-13.3-13.5 2-25.9 11.5-43.5 2.3-1.1-.6-2.2-1.2-3.3-1.9-1.2-.7 3.8 1 2.6.3-3.4-1.7-9.5-5.3-11.1-6.6-.3-.2 2.7.8 2.4.6-16.5-12.2-14.5-20.4-14-25.6.4-4.1 3.4-9.4 8.5-11.6 2.4 1.2 4 2.1 4 2.1s-1-1.9-1.6-2.9c.2-.1.4-.1.6-.1 2 .9 6.4 3.1 8.8 4.5 3 1.9 4 3.6 4 3.6s.8-.4.2-2.1c-.2-.7-1.1-2.9-4.1-5.1 h.2c1.8.9 3.5 2 5.1 3.2.8-2.8 2.4-5.6 2-10.8-.2-3.6-.1-4.6-.8-6-.6-1.2.4-1.7 1.5-.4-.2-1-.5-1.9-.9-2.8v-.1c1.4-4.3 29.3-15.6 31.3-16.9 3.3-2.1 6.1-4.8 8.2-8 1.6-2.2 2.7-5.3 3-10 .1-2.1-.6-3.8-8-5.4-4.4-1-11.3-1.9-21.9-2.9-7.7-.7-12.3-5.7-14.8-10.3-.5-1-1-1.9-1.4-2.8-.5-1-.8-2.1-1.1-3.2 4.6-12.1 12.9-22.4 23.8-29.5.6-.5-2.5.1-1.9-.4.7-.6 5.5-2.3 6.4-2.7 1.1-.5-4.7-2.7-9.8-2.1-5.2.5-6.3 1.1-9 2.1 1.2-1 4.8-2.4 3.9-2.4-5.6.8-12.5 3.7-18.5 7 0-.6.1-1.1.4-1.7-2.8 1.1-9.6 5.3-11.5 8.9.1-.7.1-1.4.1-2.1-2.1 1.6-4 3.3-5.7 5.3l-.1.1c-16-5.8-30.1-6.2-42.1-3.6-2.6-2.4-6.8-5.9-12.8-17.6-.4-.7-.6 1.5-.9.8-2.3-5.4-3.7-14.1-3.5-20.2 0 0-4.8 2.2-8.7 11.3-.7 1.6-1.2 2.5-1.7 3.4-.2.3.5-3 .4-2.8-.7 1.2-2.5 2.8-3.2 4.9-.5 1.6-1.3 2.4-1.8 4.4l-.1.2c0-.6.1-2.4 0-2-1.9 3.7-3.5 7.6-4.8 11.5-2.1 7-4.6 16.5-5 28.9-.1.9 0 2-.1 2.8-5 5.8-8.5 10.6-9.8 13.2-6.5 10.1-13.7 25.8-20.7 50.6 3.1-6.8 6.8-13.3 11.1-19.4-6 13-11.6 33.7-12.7 65.6 1.4-6.6 3.2-13.1 5.4-19.5-1 21.3 1.5 47.6 14.9 77.4 8 17.5 26.4 53 71.2 80.7 0 0 15.3 11.4 41.5 19.9 1.9.7 3.9 1.4 5.9 2.1-.6-.3-1.2-.5-1.8-.8 17.5 5.2 35.6 7.9 53.9 7.9 68 .1 88-27.2 88-27.2l-.2.1c1-.9 1.9-1.8 2.8-2.8-10.7 10.1-35.2 10.8-44.3 10.1 15.6-4.6 25.9-8.5 45.8-16.1 2.3-.9 4.7-1.9 7.2-3l.8-.4c.5-.2 1-.4 1.5-.7 9.7-4.6 18.9-10.3 27.3-17.1 20.1-16 24.4-31.6 26.7-41.9-.3 1-1.3 3.3-2 4.8-5.2 11.1-16.6 17.8-29.1 23.7 5.9-7.8 11.4-15.9 16.4-24.2 4-4.1 5.2-10.4 8.3-14.6z" fill="url(#SVGID_7_)"/><linearGradient id="SVGID_8_" gradientUnits="userSpaceOnUse" x1="-7655.339" y1="9137.516" x2="-7683.31" y2="8823.109" gradientTransform="matrix(1.23 0 0 -1.22 9720.16 11130.11)"><stop offset="0" stop-color="#00ec00"/><stop offset=".1" stop-color="#00e244"/><stop offset=".22" stop-color="#00d694"/><stop offset=".31" stop-color="#00cfc7"/><stop offset=".35" stop-color="#00ccda"/><stop offset=".42" stop-color="#0bc2dd" stop-opacity=".92"/><stop offset=".57" stop-color="#29a7e4" stop-opacity=".72"/><stop offset=".77" stop-color="#597df0" stop-opacity=".4"/><stop offset ="1" stop-color="#9448ff" stop-opacity="0"/></linearGradient><path d="M315.8 310.8c8.2-9 15.5-19.3 21.1-31 14.3-30.1 36.5-80.2 19-132.4-13.8-41.3-32.7-63.9-56.7-86-39-35.8-49.9-51.8-49.9-61.4 0 0-45 50.2-25.5 102.6s59.5 50.4 86 105.1c31.1 64.3-25.2 134.5-71.8 154.1 2.9-.6 103.6-23.4 108.9-81-.2 1-2.4 17-31.1 30z" fill="url(#SVGID_8_)"/><linearGradient id="SVGID_9_" gradientUnits="userSpaceOnUse" x1="-8889.5" y1="7812.05" x2="-8836.55" y2="7812.05" gradientTransform="matrix(1.22 .12 .12 -1.22 10013.36 10723.12)"><stop offset="0" stop-color="#005fe7"/><stop offset=".46" stop-color="#0071f3" stop-opacity=".51"/><stop offset=".83" stop-color="#007efc" stop-opacity=".14"/><stop offset="1" stop-color="#0083ff" stop-opacity="0"/></linearGradient><path d="M185.3 123.9c.2-3.4-1.6-5.7-29.8-8.3-11.6-1.1-16-11.8-17.4-16.3-4.1 10.7-5.8 21.9-4.9 35.5.6 8.9 6.6 18.4 9.5 24.1 0 0 .6-.8.9-1.1 5.4-5.6 27.9-14.1 30-15.3 2.4-1.6 11.3-8.1 11.7-18.6z" fill="url(#SVGID_9_)"/><radialGradient id="SVGID_10_" cx="-8884.848" cy="7827.773" r="64.396" gradientTransform="matrix(1.22 .12 .12 -1.22 10013.36 10723.12)" gradientUnits="userSpaceOnUse"><stop offset=".63" stop-color="#ffe302" stop-opacity="0"/><stop offset=".67" stop-color="#ffe302" stop-opacity=".05"/><stop offset=".75" stop-color="#ffe302" stop-opacity=".19"/><stop offset=".86" stop-color="#ffe302" stop-opacity=".4"/><stop offset=".99" stop-color="#ffe302" stop-opacity=".7"/></radialGradient><path d="M185.3 123.9c.2-3.4-1.6-5.7-29.8-8.3-11.6-1.1-16-11.8-17.4-16.3-4.1 10.7-5.8 21.9-4.9 35.5.6 8.9 6.6 18.4 9.5 24.1 0 0 .6-.8.9-1.1 5.4-5.6 27.9-14.1 30-15.3 2.4-1.6 11.3-8.1 11.7-18.6z" opacity=".5" fill="url(#SVGID_10_)"/><linearGradient id="SVGID_11_" gradientUnits="userSpaceOnUse" x1="85.362" y1="2192.822" x2="39.644" y2="2290.535" gradientTransform="matrix(.99 .1 .1 -.99 -239.75 2284.79)"><stop offset=".19" stop-color="#4a1475" stop-opacity=".5"/><stop offset=".62" stop-color="#2277ac" stop-opacity=".23"/><stop offset=".94" stop -color="#00ccda" stop-opacity="0"/></linearGradient><path d="M61.4 60.7c-.4-.7-.6 1.5-.9.8-2.3-5.4-3.7-14-3.4-20.2 0 0-4.8 2.2-8.7 11.3-.7 1.6-1.2 2.5-1.7 3.4-.2.3.5-3 .4-2.8-.7 1.2-2.5 2.8-3.2 4.8-.6 1.6-1.3 2.5-1.8 4.6-.2.6.2-2.5 0-2.1-9.2 17.8-10.9 44.7-10 43.5 19.6-20.9 42-25.9 42-25.9-2.4-1.7-7.6-6.8-12.7-17.4z" fill="url(#SVGID_11_)"/><linearGradient id="SVGID_12_" gradientUnits="userSpaceOnUse" x1="-209.367" y1="527.653" x2="-172.852" y2="486.18" gradientTransform="matrix(.99 .1 .1 -.99 239.39 724.37)"><stop offset=".01" stop-color="#002079" stop-opacity=".5"/><stop offset="1" stop-color="#0083ff" stop-opacity="0"/></linearGradient><path d="M135.7 279.4c-27.1-11.6-57.8-27.8-56.6-64.8 1.6-48.7 45.5-39.1 45.5-39.1-1.7.4-6.1 3.6-7.7 6.9-1.7 4.2-4.7 13.7 4.5 23.6 14.4 15.6-29.6 37 38.3 77.4 1.6 1-16-.5-24-4z" fill="url(#SVGID_12_)"/><linearGradient id="SVGID_13_" gradientUnits="userSpaceOnUse" x1="-139.213" y1="457.058" x2="-139.193" y2="477.788" gradientTransform="matrix(.99 .1 .1 -.99 239.39 724.37)"><stop offset="0" stop-color="#4a1475" stop-opacity=".9"/><stop offset=".18" stop-color="#6720a2" stop-opacity=".6"/><stop offset=".38" stop-color="#812acb" stop-opacity=".34"/><stop offset=".57" stop-color="#9332e8" stop-opacity=".15"/><stop offset=".76" stop-color="#9e36f9" stop-opacity=".04"/><stop offset=".93" stop-color="#a238ff" stop-opacity="0"/></linearGradient><path d="M126.1 255.1c19.2 6.7 41.5 5.5 54.9-1.9 9-5 20.4-13 27.5-11-6.1-2.4-10.8-3.6-16.3-3.8-1 0-2.1 0-3.1-.1-2 0-4.1.1-6.1.3-3.5.3-7.3 2.5-10.8 2.1-.2 0 3.4-1.5 3.1-1.4-1.8.4-3.8.5-6 .7-1.3.2-2.5.3-3.8.4-40 3.4-73.7-21.7-73.7-21.7-2.9 9.8 12.9 29 34.3 36.4z" opacity=".5" fill="url(#SVGID_13_)"/><linearGradient id="SVGID_14_" gradientUnits="userSpaceOnUse" x1="240.706" y1="1051.958" x2="359.301" y2="786.765" gradientTransform="matrix(1 0 0 -1 0 1066)"><stop offset="0" stop-color="#00ec00" stop-opacity="0"/><stop offset=".28" stop-color="#00dc6d" stop-opacity=".5"/><stop offset=".5" stop-color= "#00d1bb" stop-opacity=".86"/><stop offset=".6" stop-color="#00ccda"/><stop offset=".68" stop-color="#04c9db"/><stop offset=".75" stop-color="#0fc1df"/><stop offset=".83" stop-color="#23b2e6"/><stop offset=".9" stop-color="#3e9ef0"/><stop offset=".98" stop-color="#6184fc"/><stop offset=".99" stop-color="#6680fe"/></linearGradient><path d="M315.7 311.1c40.4-39.7 60.9-87.9 52.2-142 0 0 3.5 27.7-9.6 56.1 6.3-27.7 7-62.1-9.7-97.8-22.3-47.6-59-72.6-73-83.1-21.2-15.8-30-31.9-30.2-35.3-6.3 13-25.5 57.5-2.1 95.8 22 35.9 56.6 46.6 80.8 79.5 44.7 60.8-8.4 126.8-8.4 126.8z" fill="url(#SVGID_14_)"/><linearGradient id="SVGID_15_" gradientUnits="userSpaceOnUse" x1="264.16" y1="899.455" x2="207.985" y2="748.621" gradientTransform="matrix(1 0 0 -1 0 1066)"><stop offset="0" stop-color="#0083ff"/><stop offset=".04" stop-color="#0083ff" stop-opacity=".92"/><stop offset=".14" stop-color="#0083ff" stop-opacity=".71"/><stop offset=".26" stop-color="#0083ff" stop-opacity=".52"/><stop offset=".37" stop-col or="#0083ff" stop-opacity=".36"/><stop offset=".49" stop-color="#0083ff" stop-opacity=".23"/><stop offset=".61" stop-color="#0083ff" stop-opacity=".13"/><stop offset=".73" stop-color="#0083ff" stop-opacity=".06"/><stop offset=".86" stop-color="#0083ff" stop-opacity=".01"/><stop offset="1" stop-color="#0083ff" stop-opacity="0"/></linearGradient><path d="M309.9 207.8c-14.1-29.2-31.7-41.9-48.4-55.7 1.9 2.7 2.4 3.7 3.5 5.4 14.7 15.6 36.3 53.8 20.6 101.7-29.6 90.2-147.9 47.7-160.3 35.8 5 52.2 92.3 77.1 149.2 43.3 32.4-30.6 58.6-82.7 35.4-130.5z" fill="url(#SVGID_15_)"/></g></g></g><path class="st0" d="M1132.9 279.4l-58.5-122.3c1 11.9 2.7 29.5 2.7 56.2v66h-18.6v-144h25.9l59.1 122.5c-.4-3.3-2.7-26.3-2.7-43.9v-78.6h18.6v144h-26.5v.1zM1213 141c0 7.3-5.4 13-13.6 13-7.9 0-13.4-5.6-13.4-13 0-7.5 5.4-13.2 13.4-13.2 8.1 0 13.6 5.7 13.6 13.2zm-23 28.3h19.2v110.1H1190zm105.3 8.4c13 5.9 19.4 15 19.4 27.8 0 21.7-15.7 37.4-42 37.4-5 0-9.4-.6-14-2.1-3.1 2.3-5.4 6.3-5.4 10.2 0 5 3.1 9 14.4 9h17.6c22.6 0 37.6 13 37.6 30.5 0 21.3-17.6 33.4-51.6 33.4-35.9 0-47.2-11.1-47.2-33.4h17.3c0 12.5 5.6 18.4 29.9 18.4 23.8 0 32.2-6.1 32.2-17.1 0-10.5-8.4-15.7-22.2-15.7H1264c-19.6 0-28.4-9.8-28.4-20.9 0-7.1 4.2-14.2 12.1-19.4-12.7-6.7-18.6-16.3-18.6-30.5 0-22.6 18.2-38.5 42.4-38.5 27.4.6 37.4-4 50.4-9.8l5.6 17.3c-9.2 2.9-19.6 3.4-32.2 3.4zm-46.6 27.5c0 14.6 8.2 24.9 23.2 24.9s23.2-9.2 23.2-25.1c0-16.1-7.9-24.5-23.6-24.5-14.8.1-22.8 10.3-22.8 24.7zm172.2-4.8v79h-19.2v-76.3c0-16.5-7.1-21.3-17.6-21.3-11.9 0-20.5 7.7-27.8 19.2v78.4h-19.2V125.2l19.2-2.1v61.4c7.9-10.9 18.8-17.8 32.6-17.8 20.1.1 32 13 32 33.7zm59.4 81.5c-18.6 0-29.7-10.9-29.7-31.3v-66.5h-19.2v-14.8h19.2v-24.9l19.2-2.3v27.2h26.1l-2.1 14.8h-24v65.6c0 11.1 3.6 16.3 13.2 16.3 4.8 0 9.2-1.5 14.6-4.8l7.3 13.2c-7.3 5-15.2 7.5-24.6 7.5zm59.3-15.8c2.7 0 5-.4 7.1-1.3l5 13.4c-5.2 2.5-10.7 3.8-16.3 3.8-14 0-21.9-8.4-21.9-24.2V125l19.2-2.3v134.6c0 5.8 1.9 8.8 6.9 8.8zm18.9 57.9l-2.1-15c22.4-3.8 28.6-12.3 34.9-29.5h-6.5l-37-110.1h20.5l29.5 96.1 28.8 -96.1h19.9l-36.8 110.8c-7.8 23.3-20.7 40.4-51.2 43.8z"/></svg> \ No newline at end of file diff --git a/browser/branding/alpha/content/identity-icons-brand.svg b/browser/branding/alpha/content/identity-icons-brand.svg new file mode 100644 index 000000000000..9bfa43842e2d --- /dev/null +++ b/browser/branding/alpha/content/identity-icons-brand.svg @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="-17 -17 546 546" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="3.27248873%" x2="50%" y2="97.1599968%" id="linearGradient-1"> + <stop stop-color="#00FEFF" offset="0%"></stop> + <stop stop-color="#0BE67D" offset="100%"></stop> + </linearGradient> + <path d="M25,25 C152.50841,25 255.874399,127.979815 255.874399,255.011855 C255.874399,382.043895 152.50841,485.02371 25,485.02371 L25,25 Z" id="path-2"></path> + <filter x="-20.8%" y="-8.7%" width="134.7%" height="117.4%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="12" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.0872579578 0 0 0 0 0.00490370801 0 0 0 0 0.234933036 0 0 0 0.5 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Alpha" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g> + <circle id="background" fill-opacity="0.9" fill="#030004" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384044,2.842170 94e-14 256,2.84217094e-14 C114.60886,2.84217094e-14 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.437200, 255.011855) scale(-1, 1) translate(-140.437200, -255.011855) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/alpha/content/jar.mn b/browser/branding/alpha/content/jar.mn new file mode 100644 index 000000000000..de166fe3636f --- /dev/null +++ b/browser/branding/alpha/content/jar.mn @@ -0,0 +1,22 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +browser.jar: +% content branding %content/branding/ contentaccessible=yes + content/branding/about.png + content/branding/about-logo.png + content/branding/about-logo(a)2x.png + content/branding/about-wordmark.svg + content/branding/firefox-wordmark.svg + content/branding/aboutlogins.svg + content/branding/icon16.png (../default16.png) + content/branding/icon32.png (../default32.png) + content/branding/icon48.png (../default48.png) + content/branding/icon64.png (../default64.png) + content/branding/icon128.png (../default128.png) + content/branding/icon256.png (../default256.png) + content/branding/icon512.png (../default512.png) + content/branding/identity-icons-brand.svg + content/branding/aboutDialog.css + content/branding/horizontal-lockup.svg diff --git a/browser/branding/alpha/content/moz.build b/browser/branding/alpha/content/moz.build new file mode 100644 index 000000000000..eb4454d28f88 --- /dev/null +++ b/browser/branding/alpha/content/moz.build @@ -0,0 +1,7 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +JAR_MANIFESTS += ['jar.mn'] \ No newline at end of file diff --git a/browser/branding/alpha/default128.png b/browser/branding/alpha/default128.png new file mode 100644 index 000000000000..fbc27b91d118 Binary files /dev/null and b/browser/branding/alpha/default128.png differ diff --git a/browser/branding/alpha/default16.png b/browser/branding/alpha/default16.png new file mode 100644 index 000000000000..3a4e1b679b27 Binary files /dev/null and b/browser/branding/alpha/default16.png differ diff --git a/browser/branding/alpha/default22.png b/browser/branding/alpha/default22.png new file mode 100644 index 000000000000..4feb2dbd400c Binary files /dev/null and b/browser/branding/alpha/default22.png differ diff --git a/browser/branding/alpha/default24.png b/browser/branding/alpha/default24.png new file mode 100644 index 000000000000..4387f97e3d62 Binary files /dev/null and b/browser/branding/alpha/default24.png differ diff --git a/browser/branding/alpha/default256.png b/browser/branding/alpha/default256.png new file mode 100644 index 000000000000..844f1a0323ee Binary files /dev/null and b/browser/branding/alpha/default256.png differ diff --git a/browser/branding/alpha/default32.png b/browser/branding/alpha/default32.png new file mode 100644 index 000000000000..679f5f9db43f Binary files /dev/null and b/browser/branding/alpha/default32.png differ diff --git a/browser/branding/alpha/default48.png b/browser/branding/alpha/default48.png new file mode 100644 index 000000000000..85f0253d88ca Binary files /dev/null and b/browser/branding/alpha/default48.png differ diff --git a/browser/branding/alpha/default512.png b/browser/branding/alpha/default512.png new file mode 100644 index 000000000000..b12f58b88bb4 Binary files /dev/null and b/browser/branding/alpha/default512.png differ diff --git a/browser/branding/alpha/default64.png b/browser/branding/alpha/default64.png new file mode 100644 index 000000000000..c48f1c5bf4ee Binary files /dev/null and b/browser/branding/alpha/default64.png differ diff --git a/browser/branding/alpha/disk.icns b/browser/branding/alpha/disk.icns new file mode 100644 index 000000000000..866d93a43bc8 Binary files /dev/null and b/browser/branding/alpha/disk.icns differ diff --git a/browser/branding/alpha/document.icns b/browser/branding/alpha/document.icns new file mode 100644 index 000000000000..7fbfffe2228e Binary files /dev/null and b/browser/branding/alpha/document.icns differ diff --git a/browser/branding/alpha/document.ico b/browser/branding/alpha/document.ico new file mode 100644 index 000000000000..45aa08bb1658 Binary files /dev/null and b/browser/branding/alpha/document.ico differ diff --git a/browser/branding/alpha/dsstore b/browser/branding/alpha/dsstore new file mode 100644 index 000000000000..6b82c923a662 Binary files /dev/null and b/browser/branding/alpha/dsstore differ diff --git a/browser/branding/alpha/firefox.VisualElementsManifest.xml b/browser/branding/alpha/firefox.VisualElementsManifest.xml new file mode 100644 index 000000000000..a71938708aff --- /dev/null +++ b/browser/branding/alpha/firefox.VisualElementsManifest.xml @@ -0,0 +1,12 @@ + + +<Application xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'> + <VisualElements + ShowNameOnSquare150x150Logo='on' + Square150x150Logo='browser\VisualElements\VisualElements_150.png' + Square70x70Logo='browser\VisualElements\VisualElements_70.png' + ForegroundText='light' + BackgroundColor='#1c191d'/> +</Application> diff --git a/browser/branding/alpha/firefox.icns b/browser/branding/alpha/firefox.icns new file mode 100644 index 000000000000..baad294f8497 Binary files /dev/null and b/browser/branding/alpha/firefox.icns differ diff --git a/browser/branding/alpha/firefox.ico b/browser/branding/alpha/firefox.ico new file mode 100644 index 000000000000..e25514996d37 Binary files /dev/null and b/browser/branding/alpha/firefox.ico differ diff --git a/browser/branding/alpha/firefox.svg b/browser/branding/alpha/firefox.svg new file mode 100644 index 000000000000..250c7adea0d6 --- /dev/null +++ b/browser/branding/alpha/firefox.svg @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="3.27248873%" x2="50%" y2="97.1599968%" id="linearGradient-1"> + <stop stop-color="#00FEFF" offset="0%"></stop> + <stop stop-color="#0BE67D" offset="100%"></stop> + </linearGradient> + <path d="M25,25 C152.50841,25 255.874399,127.979815 255.874399,255.011855 C255.874399,382.043895 152.50841,485.02371 25,485.02371 L25,25 Z" id="path-2"></path> + <filter x="-20.8%" y="-8.7%" width="134.7%" height="117.4%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="12" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.0872579578 0 0 0 0 0.00490370801 0 0 0 0 0.234933036 0 0 0 0.5 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Alpha" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g> + <circle id="background" fill-opacity="0.9" fill="#030004" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384044,2.842170 94e-14 256,2.84217094e-14 C114.60886,2.84217094e-14 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.437200, 255.011855) scale(-1, 1) translate(-140.437200, -255.011855) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/alpha/firefox64.ico b/browser/branding/alpha/firefox64.ico new file mode 100644 index 000000000000..e25514996d37 Binary files /dev/null and b/browser/branding/alpha/firefox64.ico differ diff --git a/browser/branding/alpha/locales/en-US/brand.dtd b/browser/branding/alpha/locales/en-US/brand.dtd new file mode 100644 index 000000000000..0b15c9978e01 --- /dev/null +++ b/browser/branding/alpha/locales/en-US/brand.dtd @@ -0,0 +1,11 @@ + + +<!ENTITY brandShorterName "Tor Browser"> +<!ENTITY brandShortName "Tor Browser"> +<!ENTITY brandFullName "Tor Browser"> + +<!ENTITY brandProductName "Tor Browser"> diff --git a/browser/branding/alpha/locales/en-US/brand.ftl b/browser/branding/alpha/locales/en-US/brand.ftl new file mode 100644 index 000000000000..22d5f837b093 --- /dev/null +++ b/browser/branding/alpha/locales/en-US/brand.ftl @@ -0,0 +1,22 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +## Firefox Brand +## +## Firefox must be treated as a brand, and kept in English. +## It cannot be: +## - Declined to adapt to grammatical case. +## - Transliterated. +## - Translated. +## +## Reference: https://www.mozilla.org/styleguide/communications/translation/ + +-brand-shorter-name = Nightly +-brand-short-name = Nightly +-brand-full-name = Firefox Nightly +# This brand name can be used in messages where the product name needs to +# remain unchanged across different versions (Nightly, Beta, etc.). +-brand-product-name = Firefox +-vendor-short-name = Mozilla +trademarkInfo = Firefox and the Firefox logos are trademarks of the Mozilla Foundation. diff --git a/browser/branding/alpha/locales/en-US/brand.properties b/browser/branding/alpha/locales/en-US/brand.properties new file mode 100644 index 000000000000..e96b063b9034 --- /dev/null +++ b/browser/branding/alpha/locales/en-US/brand.properties @@ -0,0 +1,14 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +brandShorterName=Tor Browser +brandShortName=Tor Browser +brandFullName=Tor Browser +# LOCALIZATION NOTE(brandProductName): +# This brand name can be used in messages where the product name needs to +# remain unchanged across different versions (Nightly, Beta, etc.). +brandProductName=Tor Browser +vendorShortName=Tor Project + +syncBrandShortName=Sync diff --git a/browser/branding/alpha/locales/jar.mn b/browser/branding/alpha/locales/jar.mn new file mode 100644 index 000000000000..d13c2110148f --- /dev/null +++ b/browser/branding/alpha/locales/jar.mn @@ -0,0 +1,12 @@ +#filter substitution +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +[localization] @AB_CD@.jar: + branding (%*.ftl) + +@AB_CD@.jar: +% locale branding @AB_CD@ %locale/branding/ + locale/branding/brand.dtd (%brand.dtd) + locale/branding/brand.properties (%brand.properties) diff --git a/browser/branding/alpha/locales/moz.build b/browser/branding/alpha/locales/moz.build new file mode 100644 index 000000000000..eb4454d28f88 --- /dev/null +++ b/browser/branding/alpha/locales/moz.build @@ -0,0 +1,7 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +JAR_MANIFESTS += ['jar.mn'] \ No newline at end of file diff --git a/browser/branding/alpha/moz.build b/browser/branding/alpha/moz.build new file mode 100644 index 000000000000..9045cee11bb8 --- /dev/null +++ b/browser/branding/alpha/moz.build @@ -0,0 +1,13 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +DIRS += ['content', 'locales'] + +DIST_SUBDIR = 'browser' +export('DIST_SUBDIR') + +include('../branding-common.mozbuild') +FirefoxBranding() diff --git a/browser/branding/alpha/newtab.ico b/browser/branding/alpha/newtab.ico new file mode 100644 index 000000000000..a9b37c08c6e1 Binary files /dev/null and b/browser/branding/alpha/newtab.ico differ diff --git a/browser/branding/alpha/newwindow.ico b/browser/branding/alpha/newwindow.ico new file mode 100644 index 000000000000..55372077102c Binary files /dev/null and b/browser/branding/alpha/newwindow.ico differ diff --git a/browser/branding/alpha/pbmode.ico b/browser/branding/alpha/pbmode.ico new file mode 100644 index 000000000000..47677c13fba6 Binary files /dev/null and b/browser/branding/alpha/pbmode.ico differ diff --git a/browser/branding/alpha/pref/firefox-branding.js b/browser/branding/alpha/pref/firefox-branding.js new file mode 100644 index 000000000000..792134ab45d7 --- /dev/null +++ b/browser/branding/alpha/pref/firefox-branding.js @@ -0,0 +1,34 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This file contains branding-specific prefs. + +pref("startup.homepage_override_url", "https://www.mozilla.org/projects/firefox/%VERSION%/whatsnew/?oldversion=%OL…"); +pref("startup.homepage_welcome_url", "https://www.mozilla.org/projects/firefox/%VERSION%/firstrun/"); +pref("startup.homepage_welcome_url.additional", ""); +// The time interval between checks for a new version (in seconds) +pref("app.update.interval", 7200); // 2 hours +// Give the user x seconds to react before showing the big UI. default=12 hours +pref("app.update.promptWaitTime", 43200); +// URL user can browse to manually if for some reason all update installation +// attempts fail. +pref("app.update.url.manual", "https://www.mozilla.org/%LOCALE%/firefox/nightly/"); +// A default value for the "More information about this update" link +// supplied in the "An update is available" page of the update wizard. +pref("app.update.url.details", "https://www.mozilla.org/%LOCALE%/firefox/nightly/notes/"); + +pref("app.releaseNotesURL", "https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source…"); + +// The number of days a binary is permitted to be old +// without checking for an update. This assumes that +// app.update.checkInstallTime is true. +pref("app.update.checkInstallTime.days", 2); + +// Give the user x seconds to reboot before showing a badge on the hamburger +// button. default=immediately +pref("app.update.badgeWaitTime", 0); + +// Number of usages of the web console. +// If this is less than 5, then pasting code into the web console is disabled +pref("devtools.selfxss.count", 5); diff --git a/browser/branding/alpha/stubinstaller/bgstub.jpg b/browser/branding/alpha/stubinstaller/bgstub.jpg new file mode 100644 index 000000000000..891036a4fe35 Binary files /dev/null and b/browser/branding/alpha/stubinstaller/bgstub.jpg differ diff --git a/browser/branding/alpha/stubinstaller/installing_page.css b/browser/branding/alpha/stubinstaller/installing_page.css new file mode 100644 index 000000000000..8044838c79f5 --- /dev/null +++ b/browser/branding/alpha/stubinstaller/installing_page.css @@ -0,0 +1,61 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +body { + color: white; +} + +#label, +#progress_background, +#blurb { + text-align: center; + margin: 20px 30px; +} + +#label { + font-size: 40px; + margin-top: 100px; + margin-bottom: 20px; +} + +#progress_background { + margin: 0 auto; + width: 60%; + height: 24px; + background-color: white; +} + +body.high-contrast #progress_background { + outline: solid; +} + +#progress_bar { + margin: 0; + width: 0%; + height: 100%; + background-color: #00AAFF; +} + +/* In high contrast mode, fill the entire progress bar with its border. */ +body.high-contrast #progress_bar { + /* This border should be the height of progress_background. */ + border-top: 24px solid; + box-sizing: border-box; +} + +/* This layout doesn't want the header or content text. */ +#header, #content { + display: none; +} + +#blurb { + font-size: 20px; +} + +/* The footer goes in the bottom right corner. */ +#footer { + position: fixed; + right: 50px; + bottom: 59px; +} diff --git a/browser/branding/alpha/stubinstaller/profile_cleanup_page.css b/browser/branding/alpha/stubinstaller/profile_cleanup_page.css new file mode 100644 index 000000000000..2d9c3ad1891e --- /dev/null +++ b/browser/branding/alpha/stubinstaller/profile_cleanup_page.css @@ -0,0 +1,42 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +body { + color: white; +} + +#header, +#refreshCheckboxContainer, +#refreshButtonContainer { + text-align: center; + margin-left: 40px; + margin-right: 40px; + margin-bottom: 30px; +} + +#header { + font-size: 35px; + font-weight: normal; + margin-top: 45px; +} + +#refreshCheckbox { + vertical-align: middle; +} + +#checkboxLabel { + font-size: 13px; +} + +#refreshButton { + padding: 8px 40px; + font-size: 15px; +} + +/* The footer goes in the bottom right corner. */ +#footer { + position: fixed; + right: 50px; + bottom: 59px; +} diff --git a/browser/branding/alpha/wizHeader.bmp b/browser/branding/alpha/wizHeader.bmp new file mode 100644 index 000000000000..a754d2db1e11 Binary files /dev/null and b/browser/branding/alpha/wizHeader.bmp differ diff --git a/browser/branding/alpha/wizHeaderRTL.bmp b/browser/branding/alpha/wizHeaderRTL.bmp new file mode 100644 index 000000000000..c944205be23f Binary files /dev/null and b/browser/branding/alpha/wizHeaderRTL.bmp differ diff --git a/browser/branding/alpha/wizWatermark.bmp b/browser/branding/alpha/wizWatermark.bmp new file mode 100644 index 000000000000..9e523b5fa196 Binary files /dev/null and b/browser/branding/alpha/wizWatermark.bmp differ diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/branding-common.mozbuild index 908553b8b95c..95cebf735920 100644 --- a/browser/branding/branding-common.mozbuild +++ b/browser/branding/branding-common.mozbuild @@ -27,7 +27,9 @@ def FirefoxBranding(): FINAL_TARGET_FILES.chrome.icons.default += [ 'default128.png', 'default16.png', + 'default256.png', 'default32.png', 'default48.png', + 'default512.png', 'default64.png', ] diff --git a/browser/branding/nightly/VisualElements_150.png b/browser/branding/nightly/VisualElements_150.png index fa2191146174..a29d863d1766 100644 Binary files a/browser/branding/nightly/VisualElements_150.png and b/browser/branding/nightly/VisualElements_150.png differ diff --git a/browser/branding/nightly/VisualElements_70.png b/browser/branding/nightly/VisualElements_70.png index cefb95b1c3d2..ccd90b8cf748 100644 Binary files a/browser/branding/nightly/VisualElements_70.png and b/browser/branding/nightly/VisualElements_70.png differ diff --git a/browser/branding/nightly/configure.sh b/browser/branding/nightly/configure.sh index 7c7f2cf8c820..243091484f75 100644 --- a/browser/branding/nightly/configure.sh +++ b/browser/branding/nightly/configure.sh @@ -2,5 +2,4 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -MOZ_APP_DISPLAYNAME="Firefox Nightly" -MOZ_MACBUNDLE_ID=nightly +MOZ_APP_DISPLAYNAME="Tor Browser" diff --git a/browser/branding/nightly/content/identity-icons-brand.svg b/browser/branding/nightly/content/identity-icons-brand.svg index fc8b1a356768..fc1d9c997aeb 100644 --- a/browser/branding/nightly/content/identity-icons-brand.svg +++ b/browser/branding/nightly/content/identity-icons-brand.svg @@ -1,3 +1,29 @@ -<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"> - <path fill="context-fill" fill-opacity="context-fill-opacity" d="M15.424 5.366A4.384 4.384 0 0 0 13.817 3.4a7.893 7.893 0 0 1 .811 2.353v.017c-.9-2.185-2.441-3.066-3.7-4.984l-.189-.3c-.035-.059-.063-.112-.088-.161a1.341 1.341 0 0 1-.119-.306.022.022 0 0 0-.013-.019.026.026 0 0 0-.019 0h-.006a5.629 5.629 0 0 0-2.755 4.308c.094-.006.187-.014.282-.014a4.069 4.069 0 0 1 3.51 1.983A2.838 2.838 0 0 0 9.6 5.824a3.2 3.2 0 0 1-1.885 6.013 3.651 3.651 0 0 1-1.042-.2c-.078-.028-.157-.059-.235-.093-.046-.02-.091-.04-.135-.062A3.282 3.282 0 0 1 4.415 8.95s.369-1.334 2.647-1.334a1.91 1.91 0 0 0 .964-.857 12.756 12.756 0 0 1-1.941-1.118c-.29-.277-.428-.411-.551-.511-.066-.054-.128-.1-.207-.152a3.481 3.481 0 0 1-.022-1.894 5.915 5.915 0 0 0-1.929 1.442A4.108 4.108 0 0 1 3.1 2.584a1.561 1.561 0 0 0-.267.138 5.767 5.767 0 0 0-.783.649 6.9 6.9 0 0 0-.748.868 6.446 6.446 0 0 0-1.08 2.348c0 .009-.076.325-.131.715l-.025.182c-.019.117-.033.245-.048.444v.023c-.005.076-.011.16-.016.258v.04A7.884 7.884 0 0 0 8.011 16a7.941 7.941 0 0 0 7.9-6.44l.036-.3a7.724 7.724 0 0 0-.523-3.894z" /> -</svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="-17 -17 546 546" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="25.1281738%" y1="5.44281006%" x2="54.3792725%" y2="100%" id="linearGradient-1"> + <stop stop-color="#00E1E8" offset="0%"></stop> + <stop stop-color="#3500FF" offset="100%"></stop> + </linearGradient> + <linearGradient x1="25.1281738%" y1="5.44281006%" x2="54.3792725%" y2="100%" id="linearGradient-2"> + <stop stop-color="#00E1E8" offset="0%"></stop> + <stop stop-color="#3500FF" offset="100%"></stop> + </linearGradient> + <path d="M25,25 C152.50841,25 255.874399,127.979815 255.874399,255.011855 C255.874399,382.043895 152.50841,485.02371 25,485.02371 L25,25 Z" id="path-3"></path> + <filter x="-20.8%" y="-8.7%" width="134.7%" height="117.4%" filterUnits="objectBoundingBox" id="filter-4"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="12" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.0872579578 0 0 0 0 0.00490370801 0 0 0 0 0.234933036 0 0 0 0.5 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Nightly" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g> + <circle id="background" fill-opacity="0.9" fill="#030004" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384044,2.842170 94e-14 256,2.84217094e-14 C114.60886,2.84217094e-14 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.437200, 255.011855) scale(-1, 1) translate(-140.437200, -255.011855) "> + <use fill="black" fill-opacity="1" filter="url(#filter-4)" xlink:href="#path-3"></use> + <use fill="url(#linearGradient-2)" fill-rule="evenodd" xlink:href="#path-3"></use> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/nightly/content/jar.mn b/browser/branding/nightly/content/jar.mn index 68b2bfd8e571..de166fe3636f 100644 --- a/browser/branding/nightly/content/jar.mn +++ b/browser/branding/nightly/content/jar.mn @@ -15,6 +15,8 @@ browser.jar: content/branding/icon48.png (../default48.png) content/branding/icon64.png (../default64.png) content/branding/icon128.png (../default128.png) + content/branding/icon256.png (../default256.png) + content/branding/icon512.png (../default512.png) content/branding/identity-icons-brand.svg content/branding/aboutDialog.css content/branding/horizontal-lockup.svg diff --git a/browser/branding/nightly/default128.png b/browser/branding/nightly/default128.png index 8fe085c56ffc..12998ed018a7 100644 Binary files a/browser/branding/nightly/default128.png and b/browser/branding/nightly/default128.png differ diff --git a/browser/branding/nightly/default16.png b/browser/branding/nightly/default16.png index e01114ba2bb5..737ade977a6b 100644 Binary files a/browser/branding/nightly/default16.png and b/browser/branding/nightly/default16.png differ diff --git a/browser/branding/nightly/default22.png b/browser/branding/nightly/default22.png index 0527dfd563cb..02c87a9e2db6 100644 Binary files a/browser/branding/nightly/default22.png and b/browser/branding/nightly/default22.png differ diff --git a/browser/branding/nightly/default24.png b/browser/branding/nightly/default24.png index 019d020fde05..34cfedb2d908 100644 Binary files a/browser/branding/nightly/default24.png and b/browser/branding/nightly/default24.png differ diff --git a/browser/branding/nightly/default256.png b/browser/branding/nightly/default256.png index d0d8bd01cc1a..f619aecbc6e3 100644 Binary files a/browser/branding/nightly/default256.png and b/browser/branding/nightly/default256.png differ diff --git a/browser/branding/nightly/default32.png b/browser/branding/nightly/default32.png index c0986eae9367..499bc8ff7fc9 100644 Binary files a/browser/branding/nightly/default32.png and b/browser/branding/nightly/default32.png differ diff --git a/browser/branding/nightly/default48.png b/browser/branding/nightly/default48.png index 1980ffb35c80..fc99e3829d5f 100644 Binary files a/browser/branding/nightly/default48.png and b/browser/branding/nightly/default48.png differ diff --git a/browser/branding/nightly/default512.png b/browser/branding/nightly/default512.png new file mode 100644 index 000000000000..4ff5f7fa3495 Binary files /dev/null and b/browser/branding/nightly/default512.png differ diff --git a/browser/branding/nightly/default64.png b/browser/branding/nightly/default64.png index 551c98d44431..5a84a5384942 100644 Binary files a/browser/branding/nightly/default64.png and b/browser/branding/nightly/default64.png differ diff --git a/browser/branding/nightly/document.icns b/browser/branding/nightly/document.icns index 8cb0f7f9dc32..4acf7a5d1a4b 100644 Binary files a/browser/branding/nightly/document.icns and b/browser/branding/nightly/document.icns differ diff --git a/browser/branding/nightly/document.ico b/browser/branding/nightly/document.ico index e5d0d840a7b4..ecb8e3dc6c73 100644 Binary files a/browser/branding/nightly/document.ico and b/browser/branding/nightly/document.ico differ diff --git a/browser/branding/nightly/firefox.VisualElementsManifest.xml b/browser/branding/nightly/firefox.VisualElementsManifest.xml index 85e09dd7a910..a71938708aff 100644 --- a/browser/branding/nightly/firefox.VisualElementsManifest.xml +++ b/browser/branding/nightly/firefox.VisualElementsManifest.xml @@ -8,5 +8,5 @@ Square150x150Logo='browser\VisualElements\VisualElements_150.png' Square70x70Logo='browser\VisualElements\VisualElements_70.png' ForegroundText='light' - BackgroundColor='#20123a'/> + BackgroundColor='#1c191d'/> </Application> diff --git a/browser/branding/nightly/firefox.icns b/browser/branding/nightly/firefox.icns index 643ddd4f5812..4b0adc0f5af7 100644 Binary files a/browser/branding/nightly/firefox.icns and b/browser/branding/nightly/firefox.icns differ diff --git a/browser/branding/nightly/firefox.ico b/browser/branding/nightly/firefox.ico index 240b64298f76..eb28c93ab25f 100644 Binary files a/browser/branding/nightly/firefox.ico and b/browser/branding/nightly/firefox.ico differ diff --git a/browser/branding/nightly/firefox.svg b/browser/branding/nightly/firefox.svg new file mode 100644 index 000000000000..c11b568b8553 --- /dev/null +++ b/browser/branding/nightly/firefox.svg @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="25.1281738%" y1="5.44281006%" x2="54.3792725%" y2="100%" id="linearGradient-1"> + <stop stop-color="#00E1E8" offset="0%"></stop> + <stop stop-color="#3500FF" offset="100%"></stop> + </linearGradient> + <linearGradient x1="25.1281738%" y1="5.44281006%" x2="54.3792725%" y2="100%" id="linearGradient-2"> + <stop stop-color="#00E1E8" offset="0%"></stop> + <stop stop-color="#3500FF" offset="100%"></stop> + </linearGradient> + <path d="M25,25 C152.50841,25 255.874399,127.979815 255.874399,255.011855 C255.874399,382.043895 152.50841,485.02371 25,485.02371 L25,25 Z" id="path-3"></path> + <filter x="-20.8%" y="-8.7%" width="134.7%" height="117.4%" filterUnits="objectBoundingBox" id="filter-4"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="12" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.0872579578 0 0 0 0 0.00490370801 0 0 0 0 0.234933036 0 0 0 0.5 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Nightly" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g> + <circle id="background" fill-opacity="0.9" fill="#030004" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384044,2.842170 94e-14 256,2.84217094e-14 C114.60886,2.84217094e-14 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.437200, 255.011855) scale(-1, 1) translate(-140.437200, -255.011855) "> + <use fill="black" fill-opacity="1" filter="url(#filter-4)" xlink:href="#path-3"></use> + <use fill="url(#linearGradient-2)" fill-rule="evenodd" xlink:href="#path-3"></use> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/nightly/firefox64.ico b/browser/branding/nightly/firefox64.ico index 1f50606af6a1..eb28c93ab25f 100644 Binary files a/browser/branding/nightly/firefox64.ico and b/browser/branding/nightly/firefox64.ico differ diff --git a/browser/branding/nightly/locales/en-US/brand.dtd b/browser/branding/nightly/locales/en-US/brand.dtd index c56df31338b9..0b15c9978e01 100644 --- a/browser/branding/nightly/locales/en-US/brand.dtd +++ b/browser/branding/nightly/locales/en-US/brand.dtd @@ -2,10 +2,10 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> -<!ENTITY brandShorterName "Nightly"> -<!ENTITY brandShortName "Nightly"> -<!ENTITY brandFullName "Firefox Nightly"> +<!ENTITY brandShorterName "Tor Browser"> +<!ENTITY brandShortName "Tor Browser"> +<!ENTITY brandFullName "Tor Browser">  -<!ENTITY brandProductName "Firefox"> +<!ENTITY brandProductName "Tor Browser"> diff --git a/browser/branding/nightly/locales/en-US/brand.ftl b/browser/branding/nightly/locales/en-US/brand.ftl index 5610fc32f559..22d5f837b093 100644 --- a/browser/branding/nightly/locales/en-US/brand.ftl +++ b/browser/branding/nightly/locales/en-US/brand.ftl @@ -19,4 +19,4 @@ # remain unchanged across different versions (Nightly, Beta, etc.). -brand-product-name = Firefox -vendor-short-name = Mozilla -trademarkInfo = { " " } +trademarkInfo = Firefox and the Firefox logos are trademarks of the Mozilla Foundation. diff --git a/browser/branding/nightly/locales/en-US/brand.properties b/browser/branding/nightly/locales/en-US/brand.properties index d93d128b7514..e96b063b9034 100644 --- a/browser/branding/nightly/locales/en-US/brand.properties +++ b/browser/branding/nightly/locales/en-US/brand.properties @@ -2,13 +2,13 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -brandShorterName=Nightly -brandShortName=Nightly -brandFullName=Firefox Nightly +brandShorterName=Tor Browser +brandShortName=Tor Browser +brandFullName=Tor Browser # LOCALIZATION NOTE(brandProductName): # This brand name can be used in messages where the product name needs to # remain unchanged across different versions (Nightly, Beta, etc.). -brandProductName=Firefox -vendorShortName=Mozilla +brandProductName=Tor Browser +vendorShortName=Tor Project syncBrandShortName=Sync diff --git a/browser/branding/nightly/locales/jar.mn b/browser/branding/nightly/locales/jar.mn index c04a7a1cf0f0..d13c2110148f 100644 --- a/browser/branding/nightly/locales/jar.mn +++ b/browser/branding/nightly/locales/jar.mn @@ -4,10 +4,9 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. [localization] @AB_CD@.jar: - branding (en-US/**/*.ftl) + branding (%*.ftl) @AB_CD@.jar: % locale branding @AB_CD@ %locale/branding/ -# Nightly branding only exists in en-US - locale/branding/brand.dtd (en-US/brand.dtd) - locale/branding/brand.properties (en-US/brand.properties) + locale/branding/brand.dtd (%brand.dtd) + locale/branding/brand.properties (%brand.properties) diff --git a/browser/branding/nightly/locales/moz.build b/browser/branding/nightly/locales/moz.build index 8bad13124d5a..eb4454d28f88 100644 --- a/browser/branding/nightly/locales/moz.build +++ b/browser/branding/nightly/locales/moz.build @@ -4,6 +4,4 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -DEFINES['MOZ_DISTRIBUTION_ID_UNQUOTED'] = CONFIG['MOZ_DISTRIBUTION_ID'] - JAR_MANIFESTS += ['jar.mn'] \ No newline at end of file diff --git a/browser/branding/nightly/wizHeader.bmp b/browser/branding/nightly/wizHeader.bmp index 89eaf901254c..a754d2db1e11 100644 Binary files a/browser/branding/nightly/wizHeader.bmp and b/browser/branding/nightly/wizHeader.bmp differ diff --git a/browser/branding/nightly/wizHeaderRTL.bmp b/browser/branding/nightly/wizHeaderRTL.bmp index 451d87c70ef0..c944205be23f 100644 Binary files a/browser/branding/nightly/wizHeaderRTL.bmp and b/browser/branding/nightly/wizHeaderRTL.bmp differ diff --git a/browser/branding/nightly/wizWatermark.bmp b/browser/branding/nightly/wizWatermark.bmp index f9d6a870e952..9e523b5fa196 100644 Binary files a/browser/branding/nightly/wizWatermark.bmp and b/browser/branding/nightly/wizWatermark.bmp differ diff --git a/browser/branding/official/VisualElements_150.png b/browser/branding/official/VisualElements_150.png index f764a48966ca..acc02c97d827 100644 Binary files a/browser/branding/official/VisualElements_150.png and b/browser/branding/official/VisualElements_150.png differ diff --git a/browser/branding/official/VisualElements_70.png b/browser/branding/official/VisualElements_70.png index 197a645b4236..890a227e251a 100644 Binary files a/browser/branding/official/VisualElements_70.png and b/browser/branding/official/VisualElements_70.png differ diff --git a/browser/branding/official/configure.sh b/browser/branding/official/configure.sh index 92ef14e03f40..243091484f75 100644 --- a/browser/branding/official/configure.sh +++ b/browser/branding/official/configure.sh @@ -2,4 +2,4 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -MOZ_APP_DISPLAYNAME=Firefox +MOZ_APP_DISPLAYNAME="Tor Browser" diff --git a/browser/branding/official/content/identity-icons-brand.svg b/browser/branding/official/content/identity-icons-brand.svg index fc8b1a356768..62472ad1826e 100644 --- a/browser/branding/official/content/identity-icons-brand.svg +++ b/browser/branding/official/content/identity-icons-brand.svg @@ -1,3 +1,31 @@ -<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16"> - <path fill="context-fill" fill-opacity="context-fill-opacity" d="M15.424 5.366A4.384 4.384 0 0 0 13.817 3.4a7.893 7.893 0 0 1 .811 2.353v.017c-.9-2.185-2.441-3.066-3.7-4.984l-.189-.3c-.035-.059-.063-.112-.088-.161a1.341 1.341 0 0 1-.119-.306.022.022 0 0 0-.013-.019.026.026 0 0 0-.019 0h-.006a5.629 5.629 0 0 0-2.755 4.308c.094-.006.187-.014.282-.014a4.069 4.069 0 0 1 3.51 1.983A2.838 2.838 0 0 0 9.6 5.824a3.2 3.2 0 0 1-1.885 6.013 3.651 3.651 0 0 1-1.042-.2c-.078-.028-.157-.059-.235-.093-.046-.02-.091-.04-.135-.062A3.282 3.282 0 0 1 4.415 8.95s.369-1.334 2.647-1.334a1.91 1.91 0 0 0 .964-.857 12.756 12.756 0 0 1-1.941-1.118c-.29-.277-.428-.411-.551-.511-.066-.054-.128-.1-.207-.152a3.481 3.481 0 0 1-.022-1.894 5.915 5.915 0 0 0-1.929 1.442A4.108 4.108 0 0 1 3.1 2.584a1.561 1.561 0 0 0-.267.138 5.767 5.767 0 0 0-.783.649 6.9 6.9 0 0 0-.748.868 6.446 6.446 0 0 0-1.08 2.348c0 .009-.076.325-.131.715l-.025.182c-.019.117-.033.245-.048.444v.023c-.005.076-.011.16-.016.258v.04A7.884 7.884 0 0 0 8.011 16a7.941 7.941 0 0 0 7.9-6.44l.036-.3a7.724 7.724 0 0 0-.523-3.894z" /> -</svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="-17 -17 546 546" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/official/content/jar.mn b/browser/branding/official/content/jar.mn index 68b2bfd8e571..de166fe3636f 100644 --- a/browser/branding/official/content/jar.mn +++ b/browser/branding/official/content/jar.mn @@ -15,6 +15,8 @@ browser.jar: content/branding/icon48.png (../default48.png) content/branding/icon64.png (../default64.png) content/branding/icon128.png (../default128.png) + content/branding/icon256.png (../default256.png) + content/branding/icon512.png (../default512.png) content/branding/identity-icons-brand.svg content/branding/aboutDialog.css content/branding/horizontal-lockup.svg diff --git a/browser/branding/official/default128.png b/browser/branding/official/default128.png index b92d78ca6d09..18f3572d0d79 100644 Binary files a/browser/branding/official/default128.png and b/browser/branding/official/default128.png differ diff --git a/browser/branding/official/default16.png b/browser/branding/official/default16.png index fe860e46b1e7..904b84e49871 100644 Binary files a/browser/branding/official/default16.png and b/browser/branding/official/default16.png differ diff --git a/browser/branding/official/default22.png b/browser/branding/official/default22.png index 3aff987a8476..41cc3543d39f 100644 Binary files a/browser/branding/official/default22.png and b/browser/branding/official/default22.png differ diff --git a/browser/branding/official/default24.png b/browser/branding/official/default24.png index cfce6e7d64fd..195cae90d3ed 100644 Binary files a/browser/branding/official/default24.png and b/browser/branding/official/default24.png differ diff --git a/browser/branding/official/default256.png b/browser/branding/official/default256.png index ddc9d4db1f14..809dbad4ab16 100644 Binary files a/browser/branding/official/default256.png and b/browser/branding/official/default256.png differ diff --git a/browser/branding/official/default32.png b/browser/branding/official/default32.png index 67042dbb2b4a..e8e68eb4492c 100644 Binary files a/browser/branding/official/default32.png and b/browser/branding/official/default32.png differ diff --git a/browser/branding/official/default48.png b/browser/branding/official/default48.png index 765ea42459d3..e839211d260b 100644 Binary files a/browser/branding/official/default48.png and b/browser/branding/official/default48.png differ diff --git a/browser/branding/official/default512.png b/browser/branding/official/default512.png new file mode 100644 index 000000000000..23942859673d Binary files /dev/null and b/browser/branding/official/default512.png differ diff --git a/browser/branding/official/default64.png b/browser/branding/official/default64.png index 39e77389022c..147a229fab8b 100644 Binary files a/browser/branding/official/default64.png and b/browser/branding/official/default64.png differ diff --git a/browser/branding/official/disk.icns b/browser/branding/official/disk.icns index 4353ef0965f3..3e2c44f187ce 100644 Binary files a/browser/branding/official/disk.icns and b/browser/branding/official/disk.icns differ diff --git a/browser/branding/official/document.icns b/browser/branding/official/document.icns index 50d9701405a5..27a776a12557 100644 Binary files a/browser/branding/official/document.icns and b/browser/branding/official/document.icns differ diff --git a/browser/branding/official/document.ico b/browser/branding/official/document.ico index fcec7dc15646..3e5d99012f89 100644 Binary files a/browser/branding/official/document.ico and b/browser/branding/official/document.ico differ diff --git a/browser/branding/official/firefox.VisualElementsManifest.xml b/browser/branding/official/firefox.VisualElementsManifest.xml index 85e09dd7a910..3b2f265df644 100644 --- a/browser/branding/official/firefox.VisualElementsManifest.xml +++ b/browser/branding/official/firefox.VisualElementsManifest.xml @@ -8,5 +8,5 @@ Square150x150Logo='browser\VisualElements\VisualElements_150.png' Square70x70Logo='browser\VisualElements\VisualElements_70.png' ForegroundText='light' - BackgroundColor='#20123a'/> + BackgroundColor='#420c5e'/> </Application> diff --git a/browser/branding/official/firefox.icns b/browser/branding/official/firefox.icns index 3cc884734c9d..b9874461e519 100644 Binary files a/browser/branding/official/firefox.icns and b/browser/branding/official/firefox.icns differ diff --git a/browser/branding/official/firefox.ico b/browser/branding/official/firefox.ico index d8ba663ba76e..db0a9af865b6 100644 Binary files a/browser/branding/official/firefox.ico and b/browser/branding/official/firefox.ico differ diff --git a/browser/branding/official/firefox.svg b/browser/branding/official/firefox.svg new file mode 100644 index 000000000000..9240dc6e84ca --- /dev/null +++ b/browser/branding/official/firefox.svg @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/branding/official/firefox64.ico b/browser/branding/official/firefox64.ico index c3a32449d27a..db0a9af865b6 100644 Binary files a/browser/branding/official/firefox64.ico and b/browser/branding/official/firefox64.ico differ diff --git a/browser/branding/official/locales/en-US/brand.dtd b/browser/branding/official/locales/en-US/brand.dtd index d094ad0f8d01..0b15c9978e01 100644 --- a/browser/branding/official/locales/en-US/brand.dtd +++ b/browser/branding/official/locales/en-US/brand.dtd @@ -2,10 +2,10 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> -<!ENTITY brandShorterName "Firefox"> -<!ENTITY brandShortName "Firefox"> -<!ENTITY brandFullName "Mozilla Firefox"> +<!ENTITY brandShorterName "Tor Browser"> +<!ENTITY brandShortName "Tor Browser"> +<!ENTITY brandFullName "Tor Browser">  -<!ENTITY brandProductName "Firefox"> +<!ENTITY brandProductName "Tor Browser"> diff --git a/browser/branding/official/locales/en-US/brand.properties b/browser/branding/official/locales/en-US/brand.properties index 568f227d4cee..e96b063b9034 100644 --- a/browser/branding/official/locales/en-US/brand.properties +++ b/browser/branding/official/locales/en-US/brand.properties @@ -2,13 +2,13 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -brandShorterName=Firefox -brandShortName=Firefox -brandFullName=Mozilla Firefox +brandShorterName=Tor Browser +brandShortName=Tor Browser +brandFullName=Tor Browser # LOCALIZATION NOTE(brandProductName): # This brand name can be used in messages where the product name needs to # remain unchanged across different versions (Nightly, Beta, etc.). -brandProductName=Firefox -vendorShortName=Mozilla +brandProductName=Tor Browser +vendorShortName=Tor Project syncBrandShortName=Sync diff --git a/browser/branding/official/wizHeader.bmp b/browser/branding/official/wizHeader.bmp index 420824226dfe..a754d2db1e11 100644 Binary files a/browser/branding/official/wizHeader.bmp and b/browser/branding/official/wizHeader.bmp differ diff --git a/browser/branding/official/wizHeaderRTL.bmp b/browser/branding/official/wizHeaderRTL.bmp index 7f74929910bd..c944205be23f 100644 Binary files a/browser/branding/official/wizHeaderRTL.bmp and b/browser/branding/official/wizHeaderRTL.bmp differ diff --git a/browser/branding/official/wizWatermark.bmp b/browser/branding/official/wizWatermark.bmp index b3b3c91d327c..9e523b5fa196 100644 Binary files a/browser/branding/official/wizWatermark.bmp and b/browser/branding/official/wizWatermark.bmp differ diff --git a/browser/components/newtab/data/content/activity-stream.bundle.js b/browser/components/newtab/data/content/activity-stream.bundle.js index c8fb360a6724..a49d80f05cf7 100644 --- a/browser/components/newtab/data/content/activity-stream.bundle.js +++ b/browser/components/newtab/data/content/activity-stream.bundle.js @@ -16597,4 +16597,4 @@ class OnboardingMessage_OnboardingCard extends external_React_default.a.PureComp } /***/ }) -/******/ ]); \ No newline at end of file +/******/ ]); diff --git a/browser/extensions/onboarding/content/img/tor-watermark.png b/browser/extensions/onboarding/content/img/tor-watermark.png new file mode 100644 index 000000000000..4c7885e0235b Binary files /dev/null and b/browser/extensions/onboarding/content/img/tor-watermark.png differ diff --git a/browser/themes/shared/identity-block/identity-block.inc.css b/browser/themes/shared/identity-block/identity-block.inc.css index e358a3e23f82..27a990e08bc8 100644 --- a/browser/themes/shared/identity-block/identity-block.inc.css +++ b/browser/themes/shared/identity-block/identity-block.inc.css @@ -61,6 +61,16 @@ -moz-outline-radius: var(--toolbarbutton-border-radius); } +%ifdef MOZ_OFFICIAL_BRANDING +#identity-box[pageproxystate="valid"].chromeUI > #identity-icon-label { + color: #420C5D; +} + +toolbar[brighttext] #identity-box[pageproxystate="valid"].chromeUI > #identity-icon-label { + color: #CC80FF; +} +%endif + #identity-box[pageproxystate="valid"].chromeUI > #identity-icon-label, .urlbar-label { opacity: .6; diff --git a/config/version.mk b/config/version.mk index 883eafed48d3..20569b72d0fe 100644 --- a/config/version.mk +++ b/config/version.mk @@ -15,7 +15,7 @@ ifeq ($(MOZ_WIDGET_TOOLKIT),windows) ifndef RESFILE RCFILE=./module.rc RESFILE=./module.res -_RC_STRING = -QUIET 1 -DEPTH $(DEPTH) -TOPSRCDIR $(MOZILLA_DIR) -OBJDIR . -SRCDIR $(srcdir) -DISPNAME "$(MOZ_APP_DISPLAYNAME)" -APPVERSION $(MOZ_APP_VERSION) +_RC_STRING = -QUIET 1 -DEPTH $(DEPTH) -TOPSRCDIR $(MOZILLA_DIR) -OBJDIR . -SRCDIR $(srcdir) -DISPNAME "$(MOZ_APP_DISPLAYNAME)" -APPVERSION "$(MOZ_APP_VERSION)" ifdef MOZILLA_OFFICIAL _RC_STRING += -OFFICIAL 1 endif diff --git a/devtools/client/themes/images/aboutdebugging-firefox-aurora.svg b/devtools/client/themes/images/aboutdebugging-firefox-aurora.svg index d4c0cdace9fe..9240dc6e84ca 100644 --- a/devtools/client/themes/images/aboutdebugging-firefox-aurora.svg +++ b/devtools/client/themes/images/aboutdebugging-firefox-aurora.svg @@ -1,4 +1,31 @@ - -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><defs><linearGradient x1="42%" y1="-10%" x2="61%" y2="114%" id="f"><stop stop-color="#AAF2FF" offset="0%"/><stop stop-color="#0DF" offset="29%"/><stop stop-color="#0090ED" offset="61%"/><stop stop-color="#0250BB" offset="89%"/></linearGradient><linearGradient x1="38%" y1="0%" x2="63%" y2="124%" id="g"><stop stop-color="#AAF2FF" offset="0%"/><stop stop-color="#0DF" offset="29%"/><stop stop-color="#0090ED" offset="74%"/><stop stop-color="#0250BB" offset="100%"/></linearGradient><linearGradient x1="86%" y1="15%" x2="20%" y2="84%" id="k"><stop stop-color="#80EBFF" stop-opacity=".5" offset="24%"/><stop stop-color="#0DF" stop-opacity="0" offset="70%"/></linearGradient><linearGradient x1="61%" y1="-10%" x2="20%" y2="149%" id="l"><stop stop-color="#BFF3FF" stop-opacity=".9" offset="0%"/><stop stop-color="#80EBFF" stop-opacity=".5" offset="100%"/></linearGradient><linearGradient x1="51%" y1="-2%" x2="48%" y2="139%" id="m"><stop st op-color="#BFF3FF" offset="0%"/><stop stop-color="#0DF" stop-opacity="0" offset="100%"/></linearGradient><linearGradient x1="52%" y1="-4%" x2="47%" y2="143%" id="n"><stop stop-color="#BFF3FF" offset="0%"/><stop stop-color="#AAF2FF" stop-opacity=".5" offset="100%"/></linearGradient><linearGradient x1="53%" y1="-2%" x2="47%" y2="142%" id="o"><stop stop-color="#BFF3FF" offset="0%"/><stop stop-color="#0DF" stop-opacity="0" offset="100%"/></linearGradient><linearGradient x1="49%" y1="-2%" x2="57%" y2="123%" id="p"><stop stop-color="#BFF3FF" stop-opacity=".8" offset="0%"/><stop stop-color="#80EBFF" stop-opacity=".2" offset="100%"/></linearGradient><linearGradient x1="117%" y1="-23%" x2="24%" y2="128%" id="q"><stop stop-color="#BFF3FF" stop-opacity=".8" offset="0%"/><stop stop-color="#80EBFF" stop-opacity=".2" offset="100%"/></linearGradient><linearGradient x1="52%" y1="-1%" x2="47%" y2="137%" id="r"><stop stop-color="#0DF" stop-opacity=".4" offset="0%"/><stop stop-color="#0DF" stop-opacit y="0" offset="100%"/></linearGradient><linearGradient x1="50%" y1="-12%" x2="50%" y2="99%" id="s"><stop stop-color="#BFF3FF" offset="0%"/><stop stop-color="#0DF" stop-opacity="0" offset="100%"/></linearGradient><linearGradient x1="53%" y1="-3%" x2="47%" y2="142%" id="t"><stop stop-color="#BFF3FF" stop-opacity=".8" offset="0%"/><stop stop-color="#0DF" stop-opacity="0" offset="100%"/></linearGradient><radialGradient cx="55%" cy="25%" r="60%" id="a"><stop stop-color="#0DF" stop-opacity=".4" offset="10%"/><stop stop-color="#7542E5" stop-opacity=".25" offset="90%"/></radialGradient><radialGradient cx="49.238%" cy="52.7%" fx="49%" fy="52.7%" r="51%" id="b"><stop stop-color="#7542E5" stop-opacity="0" offset="91%"/><stop stop-color="#0DF" stop-opacity=".4" offset="100%"/></radialGradient><radialGradient cx="86%" cy="-13%" fx="86%" fy="-13%" r="128%" gradientTransform="matrix(.81263 0 0 1 .16 0)" id="c"><stop stop-color="#80EBFF" offset="0%"/><stop stop-color="#0DF" offset="26%"/><stop stop- color="#0090ED" offset="53%"/><stop stop-color="#0060DF" offset="86%"/></radialGradient><radialGradient cx="47.729%" cy="40%" fx="48%" fy="40%" r="128%" gradientTransform="matrix(.81263 0 0 1 .09 0)" id="d"><stop stop-color="#321C64" stop-opacity=".8" offset="30%"/><stop stop-color="#212F83" stop-opacity=".5" offset="37%"/><stop stop-color="#0A47AC" stop-opacity=".14" offset="48%"/><stop stop-color="#0250BB" stop-opacity="0" offset="53%"/></radialGradient><radialGradient cx="90%" cy="-50%" r="210%" gradientTransform="matrix(.83857 0 0 1 .128 0)" id="e"><stop stop-color="#80EBFF" offset="0%"/><stop stop-color="#00B3F4" offset="47%"/><stop stop-color="#0060DF" offset="84%"/><stop stop-color="#592ACB" offset="100%"/></radialGradient><radialGradient cx="208%" cy="-104%" fx="208%" fy="-104%" r="300%" gradientTransform="matrix(1 0 0 .99746 0 -.003)" id="h"><stop stop-color="#0DF" offset="0%"/><stop stop-color="#0090ED" offset="82%"/></radialGradient><radialGradient cx="155%" cy="-45%" fx= "155%" fy="-45%" r="313%" gradientTransform="matrix(.8937 0 0 1 .165 0)" id="i"><stop stop-color="#80EBFF" offset="29%"/><stop stop-color="#00B3F4" offset="100%"/></radialGradient><radialGradient cx="15%" cy="-43%" fx="15%" fy="-43%" r="230%" gradientTransform="matrix(.9814 0 0 1 .003 0)" id="j"><stop stop-color="#AAF2FF" offset="18%"/><stop stop-color="#0DF" offset="43%"/><stop stop-color="#0060DF" offset="69%"/></radialGradient></defs><path fill="#09204d" d="M146.622 289.098l15.141 41.978 22.752 30.697 53.417 10.188 25.555 2.174 43.626-10.899 18.794-18.015-179.285-56.123z"/><path fill="#09204d" d="M372.686 227.178l-5.348-17.744-15.292-28.856-17.493-18.437-18.57-13.258-16.124-6.329-19.347-6.882-31.855-2.027-20.087 3.625-16.39 5.038-29.082 17.02-18.176 20.277-16.76 27.22-6.593 23.164-1.232 35.146 6.285 23.963 13.863 27.282 9.778 13.177 13.52 12.395 16.886 11.423 20.822 9.056 34.846 4.09 18.195.507 26.929-7.585 24.07-13.21 15.486-13.211 12.008-14.326 16.977-33.232 3.748-22.733-1.064- 35.553z"/><path fill="#0e56d7" d="M249.24 149.615l-14.266 14.154 23.271 9.433 17.311-21.467-26.316-2.12z"/><path fill="#1053d1" d="M258.245 173.202l45.053-1.367-27.742-20.1-17.311 21.467z"/><path fill="#0b4fbf" d="M299.951 151.584l-24.395.151 27.742 20.1 25.654-1.675-29.001-18.576z"/><path fill="#0b48b0" d="M328.952 170.16l-14.584-20.11 20.185 12.091-5.601 8.019z"/><path fill="#0c45a7" d="M348.265 182.475l-19.313-12.315 5.601-8.019 13.712 20.334z"/><path fill="#0f46af" d="M328.952 170.16l-3.231 13.777 17.664 7.06-14.433-20.837z"/><path fill="#0c47ad" d="M328.952 170.16l19.313 12.315-4.88 8.522-14.433-20.837z"/><path fill="#0e4fc3" d="M303.298 171.835l25.654-1.675-3.231 13.777-22.423-12.102z"/><path fill="#174dca" d="M303.298 171.835l-20.269 18.347 26.087 12.775-5.818-31.122z"/><path fill="#1650d4" d="M258.245 173.202l45.053-1.367-20.269 18.347-24.784-16.98z"/><path fill="#1246b2" d="M325.721 183.937l12.268 23.791 5.396-16.731-17.664-7.06z"/><path fill="#133ea1" d="M337.989 207.728l5 .396-16.731 12.853 30.569-18.249-13.838z"/><path fill="#103d98" d="M343.385 190.997l19.589 14.346-6.736 16.223-12.853-30.569z"/><path fill="#0b3785" d="M348.265 182.475l3.781-1.897 10.928 24.765-14.709-22.868z"/><path fill="#0b3685" d="M362.974 205.343l4.364 4.091-15.292-28.856 10.928 24.765z"/><path d="M362.974 205.342l-14.709-22.867-4.88 8.525zm-28.421-43.2l13.712 20.334 3.781-1.9z" fill="#0c3b91"/><path fill="#0b3279" d="M371.703 241.042l-4.365-31.608 5.348 17.744-1.054 13.864h.071z"/><path fill="#0f388d" d="M362.974 205.343l8.729 35.699-4.365-31.608-4.364-4.091z"/><path fill="#0d3481" d="M356.238 221.566l15.465 19.476-8.729-35.699-6.736 16.223z"/><path fill="#0b2e71" d="M371.632 241.042l1.054-13.864 1.064 35.553-2.047-21.689h-.071z"/><path fill="#0e2f77" d="M369.111 269.139l4.639-6.408-2.047-21.689-2.592 28.097z"/><path fill="#0e2969" d="M370.002 285.464l-3.709 1.787 7.457-24.52-3.748 22.733z"/><path fill="#0c2a69" d="M366.293 287.251l7.457-24.52-4.639 6.408-2.818 18.112z"/><pat h fill="#123180" d="M369.111 269.139l2.592-28.097-7.945 9.372 5.353 18.725z"/><path fill="#112b70" d="M366.293 287.251l2.818-18.112-15.324 25.753 12.506-7.641z"/><path fill="#12378c" d="M356.238 221.566l15.465 19.476-7.945 9.372-7.52-28.848z"/><path fill="#122e7b" d="M369.111 269.139l-5.353-18.725-8.079 23.064 13.432-4.339z"/><path fill="#11296c" d="M353.025 318.696l13.268-31.445-12.413 22.923-.855 8.522z"/><path fill="#142a72" d="M353.88 310.174l12.413-22.923-12.506 7.641.093 15.282z"/><path d="M366.293 287.251L353.025 318.7 370 285.464zm-25.276 45.771l12.008-14.322.855-8.522zm-15.486 13.211l15.486-13.211-16.366 7.527z" fill="#112768"/><path fill="#1c226a" d="M235.149 355.435l-15.646 3.827.477-10.919 15.169 7.092z"/><path fill="#182b7a" d="M148.162 206.825l4.313-1.598-10.906 24.762 6.593-23.164z"/><path fill="#1f308d" d="M141.569 229.989l8.257-1.536 2.649-23.226-10.906 24.762z"/><path fill="#1e2b7f" d="M142.062 259.728l-.493-29.739 8.257-1.536-7.764 31.275z"/><path d="M325.721 183. 937l-16.605 19.02 28.873 4.771zm-144.9-19.509l21.2-14.5-18.916 9.4z" fill="#1346b5"/><path fill="#1244ac" d="M183.098 159.328l29.082-17.02-10.166 7.619-18.916 9.401"/><path fill="#0e4ab6" d="M202.014 149.927l26.556-12.657-16.39 5.038-10.166 7.619z"/><path d="M303.3 171.835l5.818 31.122 16.605-19.02zm-85.11-23.382l24.738-9.893-14.356-1.29z" fill="#0e4bba"/><path fill="#0a4ebc" d="M248.657 133.645l-20.087 3.625 14.356 1.29 5.731-4.915z"/><path fill="#0c54cc" d="M267.655 138.314l-24.729.246 5.731-4.915"/><path d="M314.368 150.05l-14.417 1.534 29 18.576zm-46.713-11.736l32.2 4.24-19.347-6.882z" fill="#0b4bb4"/><path fill="#0c3889" d="M314.368 150.05l-14.509-7.496 16.124 6.329-1.615 1.167z"/><path d="M146.622 289.1l9.52 7.834-14.079-37.2zm131.394 73.985l8.369-19.7-30.5 8.194zm8.369-19.7l25.5 7.075 1.547-19.716z" fill="#202575"/><path fill="#1b2773" d="M324.651 340.549l-11.222-9.81 27.114-18.018-15.892 27.828z"/><path fill="#15276d" d="M340.544 312.721l-15.893 27.828 16.366-7.527 12.863-22 .848-13.336 2.547z"/><path d="M315.983 148.883l-1.615 1.167 20.185 12.091zm-16.032 2.7l14.417-1.534-14.509-7.5z" fill="#0c409d"/><path d="M248.657 133.645l19 4.669 12.857-2.642zm51.2 8.909l-32.2-4.24 32.3 13.27z" fill="#0b4cb7"/><path fill="#0b55ce" d="M267.655 138.314l7.901 13.421 24.395-.151-32.296-13.27z"/><path fill="#0a52c5" d="M267.655 138.314l7.901 13.421-26.316-2.119 18.415-11.302z"/><path fill="#0951c4" d="M242.926 138.56l6.314 11.056 18.415-11.302-24.729.246z"/><path fill="#0b50c4" d="M218.188 148.453l24.738-9.893 6.314 11.056-31.052-1.163z"/><path d="M202.014 149.927l16.174-1.474 10.382-11.183zm16.174-1.474l16.786 15.316 14.266-14.154z" fill="#0f4dbf"/><path fill="#1546b6" d="M218.188 148.453l-27.326 25.622 11.152-24.148 16.174-1.474z"/><path fill="#1549bd" d="M190.862 174.075l17.437 2.9 9.889-28.522-27.326 25.622z"/><path fill="#144bc3" d="M208.299 176.975l9.889-28.522 16.787 15.316-26.676 13.206z"/><path fill="#173794" d="M164.922 179.605l1.062 10.307 14.834-25.484-15.8 96 15.177z"/><path fill="#192f84" d="M152.475 205.227l12.447-25.622 1.062 10.307-13.509 15.315z"/><path fill="#1a389b" d="M165.984 189.912l14.834-25.484 10.044 9.647-24.878 15.837z"/><path fill="#1d3089" d="M165.086 212.006l.898-22.094-13.509 15.315 12.611 6.779z"/><path fill="#1e389f" d="M165.086 212.006l.898-22.094 17.53 14.231-18.428 7.863z"/><path fill="#1c40af" d="M183.514 204.143l7.348-30.068-24.878 15.837 17.53 14.231z"/><path fill="#1e41b7" d="M183.514 204.143l7.348-30.068 17.437 2.9-24.785 27.168z"/><path fill="#192c7d" d="M149.826 228.453l2.649-23.226 12.611 6.779-15.26 16.447z"/><path d="M278.016 363.083l23.445-3.64 10.42-8.989zm-137.679-97.948l1.726-5.407-.494-29.739zm9.489-36.682l-7.763 31.275 14.079 37.2-6.871-43.1z" fill="#162467"/><path fill="#1a236a" d="M156.141 296.933l11.615 1.628-8.133-18.986-3.482 17.358z"/><path d="M324.651 340.549l-12.77 9.905-10.42 8.989 24.07-13.21zm-68.314 25.972l18.195.507 26.929-7.585-23.445 3.64zm-89.358-48l12.207 2.348-11.43-22.3z" fill ="#132668"/><path d="M219.98 348.343l-20.668-15.908-8.59 8.259 28.778 18.568zM146.622 289.1l13.863 27.282-4.343-19.448zm-6.285-23.963l6.285 23.963-4.559-29.37zm115.547 86.438l-35.9-3.23 15.169 7.093-15.653 3.824-18.834-5.887 20.822 9.056 34.846 4.09 21.679-3.438zm-88.128-53.012l-11.614-1.629 10.837 21.585zm-18.485-44.733l6.871 43.1 3.481-17.358zm29.915 67.035l-12.207-2.348-6.494-2.137 9.778 13.177 13.52 12.395 16.886 11.423-9.947-12.681z" fill="#1b2268"/><path fill="#212a81" d="M149.826 228.453l16.39 25.352-1.13-41.799-15.26 16.447z"/><path fill="#21267a" d="M149.271 253.829l10.352 25.746 6.593-25.77-16.945.024z"/><path fill="#262781" d="M159.623 279.575l6.593-25.77 8.194 20.362-14.787 5.408z"/><path fill="#272379" d="M167.756 298.561l31.424 19.472-24.77-43.866-6.654 24.394z"/><path d="M160.485 316.38l6.494 2.137-10.837-21.585zm69.413 11.2l-9.918 20.759 35.9 3.23zm-62.142-29.023l11.43 22.3 11.536 19.829 8.59-8.259-.132-14.4z" fill="#1e226d"/><path d="M313.428 330.738l-1.547 19.716 1 2.77-9.905zm-54.935-2.829l-2.609 23.664 30.5-8.194-1.086-26.6z" fill="#222475"/><path d="M149.271 253.83l16.944-.025-16.389-25.352zM285.3 316.777l1.086 26.6 27.043-12.641z" fill="#23277d"/><path fill="#1e2776" d="M285.299 316.777l17.405-15.76 10.725 29.722-28.13-13.962z"/><path fill="#222b86" d="M313.429 330.739l13.156-39.844-23.881 10.122 10.725 29.722z"/><path fill="#192974" d="M340.543 312.721l-27.114 18.018 13.156-39.844 13.958 21.826z"/><path fill="#172a75" d="M353.787 294.892l-27.202-3.998 13.959 21.827 13.336-2.547-.093-15.282z"/><path fill="#172d7d" d="M355.679 273.478l-29.094 17.416 27.202 3.998 15.324-25.753-13.432 4.339z"/><path d="M152.475 205.227l12.447-25.622-16.76 27.22zm192.352 31.713l10.852 36.538 8.079-23.064z" fill="#18338a"/><path fill="#153791" d="M363.758 250.414l-7.52-28.848-11.411 15.373 18.931 13.475z"/><path fill="#1b318b" d="M326.585 290.895l29.094-17.417-28.198-12.552-.896 29.969z"/><path fill="#242d8d" d="M326.585 290.895l-26.367-26.642 2.486 36.764 23.8 81-10.122z"/><path fill="#2a2b8f" d="M285.299 316.777l-20.243-17.923 37.648 2.163-17.405 15.76z"/><path d="M167.756 298.561l6.654-24.393-14.787 5.406zm97.3.293l-6.563 29.055 26.807-11.132z" fill="#27267f"/><path fill="#2d2381" d="M223.15 304.797l-19.487-9.905-4.483 23.141 30.718 9.551 28.595.325-35.343-23.112z"/><path fill="#2f2485" d="M258.492 327.909l6.564-29.055-41.906 5.943 35.342 23.112z"/><path fill="#233196" d="M166.216 253.805l8.406-26.833-9.536-14.966 1.13 41.799z"/><path fill="#293cb7" d="M183.514 204.143l36.893-10.754-19.487 39.809-17.406-29.055z"/><path fill="#25339c" d="M326.585 290.895l-26.367-26.642 27.263-3.327-.896 29.969z"/><path fill="#19348f" d="M355.679 273.478l-10.852-36.539-17.346 23.987 28.198 12.552z"/><path fill="#2a309a" d="M302.704 301.017l-30.153-29.154 27.667-7.61 2.486 36.764z"/><path fill="#302b96" d="M265.056 298.854l37.648 2.163-30.153-29.154-7.495 26.991z"/><path fill="#3630a7" d="M265.056 298.854l-20.622-16.791 28.117-10.2-7.495 26.991z"/><path d= "M180.818 164.428l2.28-5.1-18.176 20.277zm157.171 43.3l6.838 29.212 11.411-15.374z" fill="#173da2"/><path fill="#2a36a8" d="M183.514 204.143l17.406 29.055-26.298-6.226 8.892-22.829z"/><path fill="#312e9f" d="M174.622 226.972l26.298 6.226-17.784 28.011-8.514-34.237z"/><path fill="#184dcd" d="M220.407 193.389l14.568-29.62-26.676 13.206 12.108 16.414z"/><path fill="#272986" d="M166.216 253.805l16.92 7.404-8.726 12.958-8.194-20.362z"/><path fill="#2c2584" d="M183.136 261.209l-8.726 12.959 24.77 43.865 4.483-23.141-20.527-33.683z"/><path fill="#32268b" d="M203.663 294.892l2.744-40.752-23.271 7.069 20.527 33.683z"/><path fill="#372999" d="M203.663 294.892l40.771-12.829-38.027-27.923-2.744 40.752z"/><path fill="#392da5" d="M244.434 282.063l-3.973-31.508-34.054 3.585 38.027 27.923z"/><path fill="#3338bc" d="M240.461 250.555l28.757-10.754 3.333 32.062-32.09-21.308z"/><path fill="#362896" d="M223.15 304.797l41.906-5.943-20.622-16.791-21.284 22.734z"/><path fill="#35268f" d="M223.15 304.797l-1 9.487-9.905 40.771-12.829-21.284 22.734z"/><path fill="#2648d3" d="M220.407 193.389l24.973 2.642-10.405-32.262-14.568 29.62z"/><path fill="#1057dc" d="M258.245 173.202l-23.27-9.433 10.405 32.262 12.865-22.829z"/><path fill="#1653da" d="M258.245 173.202l24.784 16.98-37.649 5.849 12.865-22.829z"/><path fill="#2b46d5" d="M245.38 196.031l36.93 19.583-13.092 24.187-23.838-43.77z"/><path fill="#244ad7" d="M282.31 215.614l.719-25.432-37.649 5.849 36.93 19.583z"/><path fill="#2547cf" d="M282.31 215.614l.719-25.432 26.087 12.775-26.806 12.657z"/><path fill="#333cc5" d="M245.38 196.031l23.838 43.77-41.811-20.942 17.973-22.828z"/><path fill="#3833b6" d="M240.461 250.555l28.757-10.754-41.811-20.942 13.054 31.696z"/><path fill="#2a41c6" d="M269.218 239.801l36.876-6.735-23.784-17.452-13.092 24.187z"/><path fill="#2045c1" d="M309.116 202.957l-3.022 30.109-23.784-17.452 26.806-12.657z"/><path fill="#1b43b7" d="M309.116 202.957l17.406 23.638-20.428 6.471 3.022-30.109z"/><path fill="#1742af" d="M337. 989 207.728l-28.873-4.771 17.406 23.638 11.467-18.867z"/><path d="M190.862 174.075l11.152-24.148-21.2 14.5zm147.127 33.653L326.522 226.6l18.305 10.345z" fill="#1740a9"/><path fill="#1b3ca4" d="M327.481 260.926l17.346-23.987-18.305-10.344.959 34.331z"/><path fill="#1f3dad" d="M327.481 260.926l-.959-34.331-20.428 6.471 21.387 27.86z"/><path d="M183.515 204.143l36.892-10.754-12.107-16.414zm85.7 35.658l31 24.452 5.876-31.187z" fill="#2543c3"/><path fill="#2e37b2" d="M272.551 271.863l27.667-7.61-31-24.452 3.333 32.062z"/><path fill="#2d40c7" d="M220.407 193.389l7 25.47 17.973-22.828-24.973-2.642z"/><path fill="#3537b8" d="M220.407 193.389l-19.487 39.809 26.487-14.339-7-25.47z"/><path fill="#3931b0" d="M227.407 218.859l-21 35.281 34.054-3.585-13.054-31.696z"/><path d="M240.461 250.555l3.973 31.508 28.117-10.2zm-34.054 3.585l21-35.28-26.487 14.34z" fill="#3735b8"/><path fill="#342892" d="M183.136 261.209l17.784-28.011 5.487 20.942-23.271 7.069z"/><path d="M200.669 353.375l18.834 5.887-28.7 81-18.568zm-1.357-20.94l20.668 15.908 9.918-20.759-30.718-9.551zm56.572 19.138l2.609-23.664-28.595-.325zm30.5-8.194l-8.369 19.7 33.865-12.629z" fill="#232372"/><path fill="#2a2f96" d="M166.216 253.805l8.406-26.833 8.514 34.237-16.92-7.404z"/><path d="M174.622 226.972l8.893-22.829-18.429 7.863zm131.472 6.094l-5.876 31.187 27.263-3.327z" fill="#2636a5"/><path d="M374.274 262.764v-.055l-1.064-35.547v-.04c0-.013 0-.025-.006-.037s-.006-.032-.01-.047v-.011l-5.345-17.738v-.011l-.011-.029c0-.013-.01-.026-.016-.038l-.007-.016-15.293-28.856-.009-.014-.019-.03-.017-.025-.011-.015-.016-.018-.011-.014-17.503-18.443-.008-.007-.012-.012c-.01-.01-.022-.018-.033-.027l-.023-.02-18.565-13.253h-.009l-.017-.012a.36.36 0 00-.039-.02.3.3 0 00-.04-.02h-.008l-16.113-6.324h-.025l-19.343-6.88h-.018l-.037-.01-.034-.007h-.054l-31.855-2.027h-.055a.455.455 0 00-.052 0h-.02l-20.087 3.625h-.043l-.036.01-16.372 5.033-.036.014c-.014.006-.029.012-.042.019l-.021.01h-.007l-29.082 17.021h-.006l-.024.016-.023.015-.019.017 -.018.014-.02.022-.016.014-.007.008-18.169 20.268-.007.01-.013.015-.012.017-.016.023-.008.01-.006.01-16.772 27.198-.008.016-.016.028-.014.033c0 .013-.01.025-.014.038l-.006.016-6.593 23.165v.076a.26.26 0 00-.005.039v.01l-1.232 35.146v.087a.3.3 0 00.008.043v.036l6.281 23.948v.01l.006.018a.521.521 0 00.02.05c0 .008.006.017.01.025l13.86 27.274.009.013a.492.492 0 00.028.045l.007.013 9.772 13.169.012.015c.009.011.02.02.029.03a.25.25 0 00.022.024l13.52 12.4c.011.01.022.017.034.026l.027.022 16.885 11.422.012.006.04.024.022.01h.007l20.822 9.056.021.007a.353.353 0 00.046.015l.024.007.037.007h.021l34.846 4.091h.047l18.195.506h.019a.569.569 0 00.1-.01l.022-.007h.015l26.929-7.585.016-.006.023-.006.021-.01.015-.007.032-.014.011-.006 24.056-13.2h.007l.01-.006a.348.348 0 00.039-.028l.032-.022 15.486-13.21.016-.017.02-.018.02-.022h.006l12.006-14.323.005-.007a.531.531 0 00.042-.063l.015-.022v-.006l17.012-33.221c0-.007.006-.016.01-.024l.017-.039v-.019a.3.3 0 00.011-.043c0-.009.006-.018.008-.028l3.747- 22.727v-.039zM184.111 341.54l-3.5-3.212 7.877 6.171zm51.108 13.348l-12.307-5.754 29.13 2.62zm4.488-104.781l-32.312 3.4 19.926-33.476zm-11.278-30.148l39.477 19.772-27.152 10.154zM240 251.131l3.756 29.784-35.947-26.4zm3.285 30.742L204.24 294.16l2.627-39.03zm-2.161-30.245l30.265 20.1-26.518 9.62zm.482-.941l27.156-10.155 3.147 30.275zm41.723-34.975l25.171-11.883-2.838 28.271zm21.471 17.056l-34.6 6.32 12.286-22.688zm-35.583 5.932l-22.539-41.385L281.6 215.83zm-1.263-.118l-39.735-19.9 17.081-21.699zM206.6 252.791l-5.063-19.328 24.445-13.233zm-3.35 40.409l-19.312-31.688 21.892-6.65zm39.432-10.038l-19.646 20.985-17.987-9.142zm29.089-10.46l-7.007 25.234-19.279-15.7zm-1.9-31.718l29.206 23.037-26.067 7.169zm.586-.877l34.978-6.389-5.573 29.582zm36.241-7.785l2.802-27.952 16.159 21.946zm19.317-5.018l.894 32.012-19.941-25.976zm-43.154-12.532l.671-23.76 24.368 11.937zm-1.053-.021l-34.786-18.446 35.463-5.509zm-54.17 2.962l-6.519-23.722 23.259 2.46zm-.849.882l-24.674 13.357 18.153-37.084zm-21.02 35.18 8l-21.429 6.509 16.377-25.792zm-3.881 39.205l-26.755-18.954 7.981-11.852zm2.16 2.687l17.98 9.139-22.117 12.216zm40.435-12.9l19.309 15.725-39.239 5.564zm28.339-9.924l28.5 27.556-35.584-2.045zm.756-.731l26.158-7.195 2.35 34.759zm32.816-37.805l20.109 26.2-25.634 3.129zm20.68-6.81l16.983 9.6-16.094 22.253zm.179-1.106l10.517-17.3 6.272 26.791zm-.773-.753l-16.174-21.965 26.83 4.433zm-42.523-35.6l19-17.195 5.454 29.168zm-37.587 5.3l12.052-21.386 23.217 15.907zm-25.159-2.4l13.662-27.779 9.758 30.256zM200.873 232.1l-16.558-27.64 35.1-10.23zm-17.522 27.79l-8.009-32.208 24.739 5.857zm-8.823 13.161l-7.344-18.251 15.164 6.635zm28.554 22.073l-4.147 21.4-22.911-40.574zm19.749 10.449l6.283 21.217-28.6-8.892zm41.544-6.092l-6.229 27.573-33.54-21.933zm37.046 1.988l-16.125 14.6-18.757-16.607zm-.582-35.841l24.827 25.086-22.487 9.531zm.507-.983l25.59-3.124-.841 28.131zm43.281-26.531l10.222 34.42-26.563-11.824zm-5.793-29.086l16.672 12.642-10.425 14.045zm-28.7-6.435l15.475-17.727 11.434 22.173zm-.7-.8l-5.4 16-28.972 20.874 11.266zm-26.45-12.279l-23.114-15.836 42.017-1.275zm-37.472 5.211l-9.691-30.046 21.673 8.785zm-25.2-2.344l-11.222-15.213 24.724-12.24zm-.779.715l-34.373 10.02 23.095-25.316zm-19.708 39.3l-24.5-5.8 8.283-21.265zm-17.462 27.9l-15.508-6.786 7.7-24.594zm-8.647 13.562l-13.34 4.878 5.947-23.247zm23.993 42.645l-29.346-18.185 6.214-22.78zm29.881 10.911l-27.761 4.4-.12-13.071zm-3.533-21.4l32.643 21.349-26.4-.3zm41.312-6.184l18.949 16.777-25.088 10.426zm37.1 2.1l10.014 27.752-26.259-13.032zm.893-.628l22.354-9.475-12.316 37.3zm24.615-39.581l26.558 11.822-27.4 16.4zm17.784-23.472l17.364 12.359-7.411 21.156zm-.2-1.43l10.437-14.061 6.878 26.384zm-6.964-29.288l4.846-15.025 11.542 27.452zm-.728-1.173l-11.043-21.415 15.9 6.355zm-32.714-34.118l23.122-1.51-2.911 12.418zm-45.783.4l16.28-20.189 26.09 18.9zm-.962-.484l-8.382-21.953 24.5 1.973zm-1.087.1l-21.413-8.68 13.126-13.023zm-48.106 3.674l9.207-26.556 15.628 14.26zm-24.7 26.331l6.742-27.593 16 2.662zm-10.006 23.548l-8.646-13.568 16.7 07-7.128zm-.462 1.234l-7.39 23.589-.993-36.745zm-8.509 27.283l-6.027 23.556-9.462-23.533zm-15.73-1.026l.5-23.126 14.936 23.1zm23.825 21.706l-5.99 21.956-7.32-17.089zm24.036 42.707l-18.187 2.576L169.087 300zm.988.921l.118 12.883-18-10.35zm30.333 9.621l-9.207 19.271-19.185-14.764zm1.073.195l24.328 22.457-33.612-3.023zm1.193-.33l26.648.3-2.431 22.053zm53.542-10.568l1.017 24.914-26.117-14.489zm1.058.091l26.356 13.081-25.34 11.845zm40.876-25.533l13.084 20.459-25.416 16.889zm.911-.528l25.192 3.7-12.261 16.518zm.469-.993l26.946-16.13-1.753 19.832zm35.589-38.438l4.758 16.645-11.94 3.857zm-6.331-28.306l13.647 17.186-7.011 8.27zm-12.77-31.3l17.724 12.98-6.091 14.675zm-18.269-8.925l2.857-12.184 12.765 18.428zm-22.6-12.337l-3.076-18.616 26.658 17.076zm-1.17-.621l-25.4-18.412 22.342-.138zm-51.684-21.438l16.587-10.179 7.116 12.089zm-15.927 13.822L219.6 149.031l28.41 1.069zm-27.013 13.342L192 173.731l24.995-23.436zM183.2 203.211l-16.318-13.247 23.158-14.743zm-.693.791l-16.861 7.198.822-20.214zm-16 .868 47.942l-15.149-23.433 14.1-15.2zm-6.563 27.681L156.2 293.96l-5.674-35.6zm.73 1.714l7.1 16.572-10.138-1.421zm18.42 38.807l-10.7-2.059.681-17.5zm20.217 12.395l-7.6 7.31L180.63 322.3zm.907.586l18.258 14.053-25.846-6.757zm59.579-4.375L285 343.209l-28.5 7.657zm53.9 2.845l-1.427 18.18-23.502-6.524zm26.153-17.21l-14.469 25.343-10.221-8.93zm14.288-17.917l.08 13.271-11.58 2.211zm2.9-22.6l11.774-3.8-13.433 22.574zm8.168-23.331l6.685-7.885-2.181 23.639zm-7.5-29.057l6-14.454 7.777 31.805zm-12.763-30.632l4.216-7.362L361 203.245zm-.732-.838l-12.472-18 16.689 10.641zm-41.849-38.064l12.626-1.348 12.773 17.613zm-25.638-.74l-6.956-11.814 28.43 11.681zm-26.428-2.324l-5.6-9.808 21.937-.218zm-1.114.172l-27.631-1.035 22.013-8.8zm-55.843 22.789l9.894-21.422 14.349-1.309zm-1.778 1.339l-9.044-8.687 19.088-13.059zm-.678.807l-22.487 14.316 13.409-23.036zm-25.421 37.155l-11.286-6.068 12.09-13.706zm-.356 1l-13.707 14.774 2.38-20.862zm-15.488 41.43l-5.795 4.742 6.241-25.143zm.145 1.239l5.916 37.113-12.123-3 2.028zm18.317 44.2l-.679 17.44-9.472-18.863zm11.639 22.32l9.621 16.538-19.8-18.5zm40.585 27.409l-.419 9.58-25.251-16.292zm1.036.409l13.1 6.127-13.516 3.306zm34.9 3.048l.407 13.437-19.045-9.965zm30.1-8.035l-7.725 18.189-20.43-10.625zm1.21-.157l23.492 6.518-31.2 11.637zm27.182-12.185l9.954 8.7-11.318 8.785zm27.01-18.633L352.355 311l-25.148 26.135zm13.513-5.071l-.079-12.935 10.585-6.468zm.93-14.783l12.849-21.592-2.356 15.185zm16.385-46.629l1.5 15.876-3.395 4.69zm-7.8-39.771l2.936 2.753 2.937 21.265zm-14.882-24.255l2.763-1.386 7.987 18.1zm-19.32-12.67l4.849-6.942 11.869 17.6zm-.753-.759L316.3 151.821l17.5 10.479zM300.472 151l-.078-7.579 12.177 6.291zm-1.055-.205l-27.832-11.435 27.752 3.654zm-55.054-12.775l4.431-3.8 14.693 3.612zm-24.2 9.076l8.616-9.281 11.914 1.071zm-2.226.851l-13.047 1.19 21.422-10.211zm-35.88 14.994l1.443-3.228 11.974-5.951zM166.34 188.25l-.87-8.444 13.03-12.434zm-.905 1.487l-10.8 12.244 9.951-20.485zm-16.09 38.27l-6.9 1.283 9.107-20.678zm-.229 1.111l-6.6 26.572-.419- 25.267zm5.832 66.152l-7.839-6.451-3.754-24.183zm10.991 22.352l-5.007-1.649-3.349-14.994zm21.4 20.632l-16.633-9.054-2.67-8.975zm3.034 2.848l7.2 9.181-22.015-17.245zm2.694 1.73l22.9 14.774-14.985-4.684zm42.013 13.16l17.8 9.311-30.938-6.1zm21.356-3.54l19.923 10.361-19.515 3.095zm52.882-.483l-8.088 6.977-18.2 2.826zm14.949-10.458l.673 4.353-10.454 3.236zm27.127-28l-10.754 19.1-13.682 6.293zm3-3.184l7.2-13.3-7.7 18.243zm15.219-40.987l2.719-3.755-4.371 14.37zm2.615-28.34v-.032l-.039-.279.271-3.56.276 9.219zm-.723-5.242l-2.72-19.7 3.368 11.179zm-8.092-30.726l-4.965-11.251 6.948 13.109zm-14.97-23.232l-9.915-14.7 12.649 13.332zm-33.121-31.789l.663-.479 7.622 5.442zm-1-.574l-5.154-2.663 5.727 2.248zM270.816 138.2l9.658-1.985 14.533 5.17zm-3.151-.425l-13.151-3.232 22.051 1.4zm-24.913.241l-10.258-.922 14.352-2.59zm-36.2 9.164l5.869-4.4 9.461-2.908zm-4.817 2.3l-5.091 2.53 7.827-4.58zm-21.356 14.64l-6.039 5.766 6.905-7.7zm-28.285 40.688l-2.685 1 10.431-16.942zm-3.5 2.416l2.9-1.073-7.327 16.636zm- 7.215 43.167l.154 9.26-.533 1.683zm.5 11.626l2.642 17.019-3.642-13.886zm13.782 35.206l3.393 15.19-10.823-21.313zm10.886 21.707l2.355 7.919-7.002-9.449zm52.607 40.775l.983 1.567-10.288-4.472zm2.643 2.234l-1.208-1.926 22.392 4.412zm54.851 1.892L274.3 366.5l-12.292-.342zm1.631-.258l14.653-2.275-16.831 4.74zm33.857-12.65l8.593-2.658-15.153 8.317zm13.765-5.7l-.675-4.361 12.557-5.775zm27.2-32.6l-.588 5.86-8.258 9.852zm13.6-24.986l2.122-1.022-9.712 19.012zm2.826-2.527l-2.382 1.147 4.788-15.743z" fill="url(#a)"/><path d="M374.274 262.764v-.055l-1.064-35.547v-.04c0-.013 0-.025-.006-.037s-.006-.032-.01-.047v-.011l-5.345-17.738v-.011l-.011-.029c0-.013-.01-.026-.016-.038l-.007-.016-15.293-28.856-.009-.014-.019-.03-.017-.025-.011-.015-.016-.018-.011-.014-17.503-18.443-.008-.007-.012-.012c-.01-.01-.022-.018-.033-.027l-.023-.02-18.565-13.253h-.009l-.017-.012a.36.36 0 00-.039-.02.3.3 0 00-.04-.02h-.008l-16.113-6.324h-.025l-19.343-6.88h-.018l-.037-.01-.034-.007h-.054l-31.855-2.027h-.055a.455.455 0 0 0-.052 0h-.02l-20.087 3.625h-.043l-.036.01-16.372 5.033-.036.014c-.014.006-.029.012-.042.019l-.021.01h-.007l-29.082 17.021h-.006l-.024.016-.023.015-.019.017-.018.014-.02.022-.016.014-.007.008-18.169 20.268-.007.01-.013.015-.012.017-.016.023-.008.01-.006.01-16.772 27.198-.008.016-.016.028-.014.033c0 .013-.01.025-.014.038l-.006.016-6.593 23.165v.076a.26.26 0 00-.005.039v.01l-1.232 35.146v.087a.3.3 0 00.008.043v.036l6.281 23.948v.01l.006.018a.521.521 0 00.02.05c0 .008.006.017.01.025l13.86 27.274.009.013a.492.492 0 00.028.045l.007.013 9.772 13.169.012.015c.009.011.02.02.029.03a.25.25 0 00.022.024l13.52 12.4c.011.01.022.017.034.026l.027.022 16.885 11.422.012.006.04.024.022.01h.007l20.822 9.056.021.007a.353.353 0 00.046.015l.024.007.037.007h.021l34.846 4.091h.047l18.195.506h.019a.569.569 0 00.1-.01l.022-.007h.015l26.929-7.585.016-.006.023-.006.021-.01.015-.007.032-.014.011-.006 24.056-13.2h.007l.01-.006a.348.348 0 00.039-.028l.032-.022 15.486-13.21.016-.017.02-.018.02-.022h.006l12.006-14. 323.005-.007a.531.531 0 00.042-.063l.015-.022v-.006l17.012-33.221c0-.007.006-.016.01-.024l.017-.039v-.019a.3.3 0 00.011-.043c0-.009.006-.018.008-.028l3.747-22.727v-.039zM184.111 341.54l-3.5-3.212 7.877 6.171zm51.108 13.348l-12.307-5.754 29.13 2.62zm4.488-104.781l-32.312 3.4 19.926-33.476zm-11.278-30.148l39.477 19.772-27.152 10.154zM240 251.131l3.756 29.784-35.947-26.4zm3.285 30.742L204.24 294.16l2.627-39.03zm-2.161-30.245l30.265 20.1-26.518 9.62zm.482-.941l27.156-10.155 3.147 30.275zm41.723-34.975l25.171-11.883-2.838 28.271zm21.471 17.056l-34.6 6.32 12.286-22.688zm-35.583 5.932l-22.539-41.385L281.6 215.83zm-1.263-.118l-39.735-19.9 17.081-21.699zM206.6 252.791l-5.063-19.328 24.445-13.233zm-3.35 40.409l-19.312-31.688 21.892-6.65zm39.432-10.038l-19.646 20.985-17.987-9.142zm29.089-10.46l-7.007 25.234-19.279-15.7zm-1.9-31.718l29.206 23.037-26.067 7.169zm.586-.877l34.978-6.389-5.573 29.582zm36.241-7.785l2.802-27.952 16.159 21.946zm19.317-5.018l.894 32.012-19.941-25.976zm-43.154-12.532l.67 1-23.76 24.368 11.937zm-1.053-.021l-34.786-18.446 35.463-5.509zm-54.17 2.962l-6.519-23.722 23.259 2.46zm-.849.882l-24.674 13.357 18.153-37.084zm-21.02 35.188l-21.429 6.509 16.377-25.792zm-3.881 39.205l-26.755-18.954 7.981-11.852zm2.16 2.687l17.98 9.139-22.117 12.216zm40.435-12.9l19.309 15.725-39.239 5.564zm28.339-9.924l28.5 27.556-35.584-2.045zm.756-.731l26.158-7.195 2.35 34.759zm32.816-37.805l20.109 26.2-25.634 3.129zm20.68-6.81l16.983 9.6-16.094 22.253zm.179-1.106l10.517-17.3 6.272 26.791zm-.773-.753l-16.174-21.965 26.83 4.433zm-42.523-35.6l19-17.195 5.454 29.168zm-37.587 5.3l12.052-21.386 23.217 15.907zm-25.159-2.4l13.662-27.779 9.758 30.256zM200.873 232.1l-16.558-27.64 35.1-10.23zm-17.522 27.79l-8.009-32.208 24.739 5.857zm-8.823 13.161l-7.344-18.251 15.164 6.635zm28.554 22.073l-4.147 21.4-22.911-40.574zm19.749 10.449l6.283 21.217-28.6-8.892zm41.544-6.092l-6.229 27.573-33.54-21.933zm37.046 1.988l-16.125 14.6-18.757-16.607zm-.582-35.841l24.827 25.086-22.487 9.531zm.507-.983l25.59- 3.124-.841 28.131zm43.281-26.531l10.222 34.42-26.563-11.824zm-5.793-29.086l16.672 12.642-10.425 14.045zm-28.7-6.435l15.475-17.727 11.434 22.173zm-.7-.8l-5.416-28.972 20.874 11.266zm-26.45-12.279l-23.114-15.836 42.017-1.275zm-37.472 5.211l-9.691-30.046 21.673 8.785zm-25.2-2.344l-11.222-15.213 24.724-12.24zm-.779.715l-34.373 10.02 23.095-25.316zm-19.708 39.3l-24.5-5.8 8.283-21.265zm-17.462 27.9l-15.508-6.786 7.7-24.594zm-8.647 13.562l-13.34 4.878 5.947-23.247zm23.993 42.645l-29.346-18.185 6.214-22.78zm29.881 10.911l-27.761 4.4-.12-13.071zm-3.533-21.4l32.643 21.349-26.4-.3zm41.312-6.184l18.949 16.777-25.088 10.426zm37.1 2.1l10.014 27.752-26.259-13.032zm.893-.628l22.354-9.475-12.316 37.3zm24.615-39.581l26.558 11.822-27.4 16.4zm17.784-23.472l17.364 12.359-7.411 21.156zm-.2-1.43l10.437-14.061 6.878 26.384zm-6.964-29.288l4.846-15.025 11.542 27.452zm-.728-1.173l-11.043-21.415 15.9 6.355zm-32.714-34.118l23.122-1.51-2.911 12.418zm-45.783.4l16.28-20.189 26.09 18.9zm-.962-.484l-8.382-21.953 24. 5 1.973zm-1.087.1l-21.413-8.68 13.126-13.023zm-48.106 3.674l9.207-26.556 15.628 14.26zm-24.7 26.331l6.742-27.593 16 2.662zm-10.006 23.548l-8.646-13.568 16.707-7.128zm-.462 1.234l-7.39 23.589-.993-36.745zm-8.509 27.283l-6.027 23.556-9.462-23.533zm-15.73-1.026l.5-23.126 14.936 23.1zm23.825 21.706l-5.99 21.956-7.32-17.089zm24.036 42.707l-18.187 2.576L169.087 300zm.988.921l.118 12.883-18-10.35zm30.333 9.621l-9.207 19.271-19.185-14.764zm1.073.195l24.328 22.457-33.612-3.023zm1.193-.33l26.648.3-2.431 22.053zm53.542-10.568l1.017 24.914-26.117-14.489zm1.058.091l26.356 13.081-25.34 11.845zm40.876-25.533l13.084 20.459-25.416 16.889zm.911-.528l25.192 3.7-12.261 16.518zm.469-.993l26.946-16.13-1.753 19.832zm35.589-38.438l4.758 16.645-11.94 3.857zm-6.331-28.306l13.647 17.186-7.011 8.27zm-12.77-31.3l17.724 12.98-6.091 14.675zm-18.269-8.925l2.857-12.184 12.765 18.428zm-22.6-12.337l-3.076-18.616 26.658 17.076zm-1.17-.621l-25.4-18.412 22.342-.138zm-51.684-21.438l16.587-10.179 7.116 12.089zm-15.927 13. 822L219.6 149.031l28.41 1.069zm-27.013 13.342L192 173.731l24.995-23.436zM183.2 203.211l-16.318-13.247 23.158-14.743zm-.693.791l-16.861 7.198.822-20.214zm-16.868 47.942l-15.149-23.433 14.1-15.2zm-6.563 27.681L156.2 293.96l-5.674-35.6zm.73 1.714l7.1 16.572-10.138-1.421zm18.42 38.807l-10.7-2.059.681-17.5zm20.217 12.395l-7.6 7.31L180.63 322.3zm.907.586l18.258 14.053-25.846-6.757zm59.579-4.375L285 343.209l-28.5 7.657zm53.9 2.845l-1.427 18.18-23.502-6.524zm26.153-17.21l-14.469 25.343-10.221-8.93zm14.288-17.917l.08 13.271-11.58 2.211zm2.9-22.6l11.774-3.8-13.433 22.574zm8.168-23.331l6.685-7.885-2.181 23.639zm-7.5-29.057l6-14.454 7.777 31.805zm-12.763-30.632l4.216-7.362L361 203.245zm-.732-.838l-12.472-18 16.689 10.641zm-41.849-38.064l12.626-1.348 12.773 17.613zm-25.638-.74l-6.956-11.814 28.43 11.681zm-26.428-2.324l-5.6-9.808 21.937-.218zm-1.114.172l-27.631-1.035 22.013-8.8zm-55.843 22.789l9.894-21.422 14.349-1.309zm-1.778 1.339l-9.044-8.687 19.088-13.059zm-.678.807l-22.487 14.316 13.409-23.0 36zm-25.421 37.155l-11.286-6.068 12.09-13.706zm-.356 1l-13.707 14.774 2.38-20.862zm-15.488 41.43l-5.795 4.742 6.241-25.143zm.145 1.239l5.916 37.113-12.123-32.028zm18.317 44.2l-.679 17.44-9.472-18.863zm11.639 22.32l9.621 16.538-19.8-18.5zm40.585 27.409l-.419 9.58-25.251-16.292zm1.036.409l13.1 6.127-13.516 3.306zm34.9 3.048l.407 13.437-19.045-9.965zm30.1-8.035l-7.725 18.189-20.43-10.625zm1.21-.157l23.492 6.518-31.2 11.637zm27.182-12.185l9.954 8.7-11.318 8.785zm27.01-18.633L352.355 311l-25.148 26.135zm13.513-5.071l-.079-12.935 10.585-6.468zm.93-14.783l12.849-21.592-2.356 15.185zm16.385-46.629l1.5 15.876-3.395 4.69zm-7.8-39.771l2.936 2.753 2.937 21.265zm-14.882-24.255l2.763-1.386 7.987 18.1zm-19.32-12.67l4.849-6.942 11.869 17.6zm-.753-.759L316.3 151.821l17.5 10.479zM300.472 151l-.078-7.579 12.177 6.291zm-1.055-.205l-27.832-11.435 27.752 3.654zm-55.054-12.775l4.431-3.8 14.693 3.612zm-24.2 9.076l8.616-9.281 11.914 1.071zm-2.226.851l-13.047 1.19 21.422-10.211zm-35.88 14.994l1.443-3.228 11. 974-5.951zM166.34 188.25l-.87-8.444 13.03-12.434zm-.905 1.487l-10.8 12.244 9.951-20.485zm-16.09 38.27l-6.9 1.283 9.107-20.678zm-.229 1.111l-6.6 26.572-.419-25.267zm5.832 66.152l-7.839-6.451-3.754-24.183zm10.991 22.352l-5.007-1.649-3.349-14.994zm21.4 20.632l-16.633-9.054-2.67-8.975zm3.034 2.848l7.2 9.181-22.015-17.245zm2.694 1.73l22.9 14.774-14.985-4.684zm42.013 13.16l17.8 9.311-30.938-6.1zm21.356-3.54l19.923 10.361-19.515 3.095zm52.882-.483l-8.088 6.977-18.2 2.826zm14.949-10.458l.673 4.353-10.454 3.236zm27.127-28l-10.754 19.1-13.682 6.293zm3-3.184l7.2-13.3-7.7 18.243zm15.219-40.987l2.719-3.755-4.371 14.37zm2.615-28.34v-.032l-.039-.279.271-3.56.276 9.219zm-.723-5.242l-2.72-19.7 3.368 11.179zm-8.092-30.726l-4.965-11.251 6.948 13.109zm-14.97-23.232l-9.915-14.7 12.649 13.332zm-33.121-31.789l.663-.479 7.622 5.442zm-1-.574l-5.154-2.663 5.727 2.248zM270.816 138.2l9.658-1.985 14.533 5.17zm-3.151-.425l-13.151-3.232 22.051 1.4zm-24.913.241l-10.258-.922 14.352-2.59zm-36.2 9.164l5.869-4.4 9.461 -2.908zm-4.817 2.3l-5.091 2.53 7.827-4.58zm-21.356 14.64l-6.039 5.766 6.905-7.7zm-28.285 40.688l-2.685 1 10.431-16.942zm-3.5 2.416l2.9-1.073-7.327 16.636zm-7.215 43.167l.154 9.26-.533 1.683zm.5 11.626l2.642 17.019-3.642-13.886zm13.782 35.206l3.393 15.19-10.823-21.313zm10.886 21.707l2.355 7.919-7.002-9.449zm52.607 40.775l.983 1.567-10.288-4.472zm2.643 2.234l-1.208-1.926 22.392 4.412zm54.851 1.892L274.3 366.5l-12.292-.342zm1.631-.258l14.653-2.275-16.831 4.74zm33.857-12.65l8.593-2.658-15.153 8.317zm13.765-5.7l-.675-4.361 12.557-5.775zm27.2-32.6l-.588 5.86-8.258 9.852zm13.6-24.986l2.122-1.022-9.712 19.012zm2.826-2.527l-2.382 1.147 4.788-15.743z" fill="url(#b)"/><path d="M478.979 166.36c-10.457-25.124-31.636-52.248-48.267-60.82 13.536 26.5 21.369 53.092 24.363 72.934 0-.057.011.049.036.226.012.086.027.174.04.26 22.7 61.468 10.334 123.975-7.487 162.171-27.572 59.1-94.325 119.668-198.808 116.713-112.89-3.192-212.335-86.853-230.9-196.43-3.382-17.279 0-26.053 1.7-40.083-2.074 10.816-2.863 13 .94-3.9 33.157 0 .41-.025.816-.025 1.227C15.732 388.421 123.453 496 256.335 496a240.565 240.565 0 00237.156-199.626c.408-3.076.734-6.168 1.094-9.27 4.783-41.21-.531-84.524-15.606-120.744z" fill="url(#c)"/><path d="M478.979 166.36c-10.457-25.124-31.636-52.248-48.267-60.82 13.536 26.5 21.369 53.092 24.363 72.934 0-.057.011.049.036.226.012.086.027.174.04.26 22.7 61.468 10.334 123.975-7.487 162.171-27.572 59.1-94.325 119.668-198.808 116.713-112.89-3.192-212.335-86.853-230.9-196.43-3.382-17.279 0-26.053 1.7-40.083-2.074 10.816-2.863 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C15.732 388.421 123.453 496 256.335 496a240.565 240.565 0 00237.156-199.626c.408-3.076.734-6.168 1.094-9.27 4.783-41.21-.531-84.524-15.606-120.744z" fill="url(#d)"/><path d="M17.957 261.414c18.564 109.577 118.009 193.238 230.9 196.43 104.483 2.955 171.236-57.618 198.808-116.713 17.821-38.2 30.188-100.7 7.487-162.171l-.008-.026-.032-.234c-.025-.177-.041-.283-.036-.226 0 .04.015.136.047.4 8.533 55.66-19.813 109.581-64.1 26 146.04-.079.189-.133.313-.133.313-86.345 70.222-168.97 42.368-185.7 30.966a137.192 137.192 0 01-3.5-1.743c-50.34-24.029-71.137-69.837-66.678-109.122-42.506 0-57-35.808-57-35.808s38.163-27.179 88.461-3.541c46.583 21.893 90.332 3.543 90.337 3.541-.09-1.952-41.965-18.589-58.291-34.655-8.723-8.585-12.865-12.723-16.533-15.828a71.492 71.492 0 00-6.232-4.7 281.912 281.912 0 00-4.987-3.3c-17.548-11.392-52.448-10.764-53.6-10.735h-.112c-9.538-12.066-8.865-51.871-8.321-60.182-.115-.516-7.116 3.63-8.033 4.254A175.239 175.239 0 0077.156 104.5a210.379 210.379 0 00-22.469 26.912c0 .012-.007.025-.011.037 0-.012.007-.025.011-.038a202.707 202.707 0 00-32.284 72.8c-.116.527-8.661 37.847-4.446 57.203z" fill="url(#e)"/><path d="M341.214 166.593a130.73 130.73 0 0122.336 29.112c1.325.994 2.561 1.985 3.612 2.952 54.545 50.2 25.967 121.2 23.834 126.257 44.313-36.459 72.659-90.38 64.126-146.04-27.207-67.731-73.339-95.043-111.015-154.509-1.905-3.007-3.809-6.022-5.667-9.2a73.154 73.154 0 01-2.649-4.971A43.7 4 43.74 0 01332.2.688a.627.627 0 00-.546-.645.822.822 0 00-.452 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1-9.306 4.428-64.484 91.692 10.308 166.385z" fill="url(#f)"/><path d="M248.657 133.645l31.855 2.027 19.347 6.882 16.124 6.329 18.57 13.258 17.493 18.437 6.077 11.467c.816.5 2.5 1.586 3.932 2.558.525.368 1 .735 1.5 1.1a130.73 130.73 0 00-22.336-29.112C266.422 91.9 321.6 4.636 330.908.2c.027-.036.083-.117.1-.136-60.44 35.356-80.944 100.759-82.828 133.482l-.009.183z" fill="url(#g)"/><path d="M170.74 151.043a243.329 243.329 0 014.987 3.3 111.208 111.208 0 01-.675-58.731c-24.716 11.241-43.941 29.01-57.916 44.7 1.156-.033 36.056-.661 53.604 10.731z" fill="url(#h)"/><path d="M148.32 277.45s11.11-41.34 79.53-41.34c7.4 0 28.54-20.61 28.93-26.59 0 0-43.75 18.35-90.33-3.54-50.3-23.64-88.45 3.54-88.45 3.54s14.5 35.81 57 35.81c-4.45 39.28 16.34 85.09 66.68 109.12 1.13.54 2.19 1.12 3.34 1.64-29.4-15.17-53.66-43.83-56.7-78.64z" fill="url(#i)"/><path d="M367.162 198.657c-1.051-.967-2.2 87-1.958-3.612-2.952-.49-.367-.97-.734-1.5-1.1-12.847-9.014-35.851-17.917-58.014-14.067 86.541 43.213 63.308 192.023-56.611 186.4a106.974 106.974 0 01-31.307-6.03 133.003 133.003 0 01-7.067-2.886c-1.358-.619-2.714-1.243-4.055-1.936.048.034.114.071.163.1 16.729 11.4 99.354 39.256 185.7-30.966 0 0 .054-.124.133-.313 2.137-5.048 30.715-76.05-23.83-126.25z" fill="url(#j)"/><path d="M478.959 166.35c-10.457-25.124-31.637-52.248-48.268-60.82 13.536 26.5 21.37 53.092 24.364 72.934 0 .04.015.136.047.4-27.202-67.731-73.34-95.043-111.015-154.509-1.9-3.008-3.809-6.022-5.668-9.2a73.11 73.11 0 01-2.648-4.971 43.755 43.755 0 01-3.589-9.5.626.626 0 00-.547-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.026-.036.083-.117.1-.136-60.44 35.356-80.933 100.952-82.817 133.675l.488-.088 31.855 2.027 17.928 6.377 17.543 6.834 18.57 13.258 17.472 18.427s6.014 11.287 6.1 11.477c-13.944-8.293-34.208-14.975-54.1-11.519 86.541 43.213 63.308 192.023-56.611 186.4A106.936 106.936 0 0121 6.1 360.9a131.807 131.807 0 01-7.067-2.885c-1.358-.619-2.714-1.244-4.055-1.936.048.034.114.071.163.105a137.192 137.192 0 01-3.5-1.743c1.125.537 2.183 1.123 3.338 1.638-29.384-15.167-53.646-43.832-56.677-78.641 0 0 11.106-41.334 79.524-41.334 7.4 0 28.542-20.614 28.935-26.593-.09-1.952-41.966-18.589-58.291-34.655-8.723-8.585-12.865-12.723-16.533-15.828a71.492 71.492 0 00-6.232-4.7 111.208 111.208 0 01-.675-58.731c-24.716 11.241-43.941 29.01-57.917 44.7h-.111c-9.538-12.066-8.865-51.871-8.322-60.182-.114-.516-7.115 3.63-8.033 4.254a175.3 175.3 0 00-23.513 20.12A210.463 210.463 0 0054.666 131.4a.259.259 0 01-.011.037.272.272 0 00.011-.038 202.724 202.724 0 00-32.284 72.8c-.115.521-.212 1.061-.325 1.586-.452 2.116-2.488 12.852-2.772 15.156-.022.176.021-.177 0 0a279.127 279.127 0 00-3.548 33.529c0 .41-.026.816-.026 1.227 0 132.705 107.722 240.285 240.6 240.285a240.568 240.568 0 00237.16-199.618c.408-3.076.734-6.168 1.094-9.27 4.782-41.21-.531-84.524-15.606-120.744zm-23.868 12.34c.012.086. 027.174.04.26l-.009-.026c-.011-.083-.022-.157-.031-.234z" fill="url(#k)"/><path d="M256.78 209.522s-1.02.427-2.9 1.071c-4.7 7.943-21.409 23.1-27.8 23.075-68.418-.3-79.7 40.587-79.7 40.587a87.34 87.34 0 0013.4 39.263 88.025 88.025 0 01-11.456-36.069s11.106-41.334 79.525-41.334c7.4 0 28.541-20.614 28.935-26.593z" fill="url(#l)"/><path d="M455.152 178.958l-.009-.024c-.012-.082-.021-.157-.033-.233a2.116 2.116 0 00-.033-.227 5.804 5.804 0 00.045.4 239.04 239.04 0 00-5.168-11.9c-.612-1.314-1.269-2.543-1.9-3.826-1.2-2.465-2.4-4.935-3.657-7.293-.775-1.456-1.59-2.837-2.383-4.254-1.163-2.076-2.316-4.165-3.515-6.166-.879-1.463-1.787-2.864-2.68-4.29-1.169-1.862-2.334-3.73-3.533-5.534-.948-1.429-1.92-2.813-2.886-4.208-1.193-1.723-2.386-3.448-3.6-5.128-1.008-1.387-2.032-2.743-3.052-4.1a349.149 349.149 0 00-3.673-4.825q-1.589-2.034-3.2-4.033a486.632 486.632 0 00-3.751-4.619q-1.644-1.989-3.307-3.963c-.6-.714-1.2-1.447-1.8-2.159.26.309.511.63.769.942-20.846-24.591-43.47-47.254-63.674-79.15-1.908-3.0 06-3.812-6.021-5.668-9.2a72.064 72.064 0 01-2.649-4.971 49.1 49.1 0 01-3.31-8.434c-.042-.155-.118-.391-.145-.509-.082-.318-.133-.56-.133-.56a.63.63 0 00-.548-.645.847.847 0 00-.451 0c-.034.012-.085.052-.122.067s-.118.067-.175.094a7.406 7.406 0 00-1.46 1.072 17.267 17.267 0 00-.348.311A25.044 25.044 0 00327.2 3.6c-.024.027-.043.042-.067.069.006-.006.012-.006.018-.012-14.415 16.944-51.226 90.584 8.1 156.635-55.543-65.345-20.542-135.964-5.33-154.464a53.657 53.657 0 002.964 7.268 74.305 74.305 0 002.649 4.971c1.856 3.182 3.761 6.2 5.668 9.2 37.675 59.466 83.806 86.779 111.013 154.51a9.121 9.121 0 01-.045-.4 1.707 1.707 0 01.033.227c.012.076.021.152.033.233l.01.025c22.7 61.47 10.333 123.975-7.488 162.171a199.358 199.358 0 01-38.217 54.8 199.8 199.8 0 0041.124-57.7c17.821-38.199 30.186-100.704 7.487-162.175z" fill="url(#m)"/><path d="M330.908.2c.027-.036.083-.117.1-.136-54.445 31.849-76.48 88.075-81.693 122.836 5.988-32.116 26.574-81.173 72.71-112.144 3.797-5.996 7.143-9.723 8.883-10.556z " fill="url(#n)"/><path d="M390.863 325.227s.054-.124.133-.313c2.133-5.055 30.711-76.057-23.834-126.257-1.051-.967-2.287-1.958-3.612-2.952-.49-.367-.97-.734-1.5-1.1-12.415-8.711-34.316-17.316-55.776-14.41l-.052.006q-1.093.15-2.186.337c85.565 42.726 63.813 188.673-52.595 186.529.316.015.633.04.948.053 118.009 4.618 141.259-140.089 59.271-185.457 17.768-.174 34.954 6.314 45.567 13.158.539.347 1.034.694 1.537 1.042 1.363.941 2.637 1.883 3.725 2.809 56.473 48.028 30.696 120.09 28.763 125.228a72.283 72.283 0 01-.12.318" fill="url(#o)"/><path d="M167.09 208.38c39.38 17.06 75.93 6.22 87 2.14-10.2 3.52-47.89 14.14-87.64-4.54-45.22-21.25-80.62-1.44-87.32 2.78l-.32.2-.26.17-.2.13-.13.08-.09.06.12.26.14.31v.06l.21.45c.34.72.86 1.75 1.58 3 5.34 9.45 21.43 31.63 54.89 31.63-4.32 38.11 15.12 82.35 62.24 106.9-45-26-64-73-58.7-110.49-34.76-.92-50.31-21.76-54.75-30.59 12.64-6.7 44.73-19.23 83.23-2.55z" fill="url(#p)"/><path d="M175.69 154.205q-.568-.333-1.176-.684.628.42 1.213.818c-.013-.045-.027-. 089-.037-.134zm-.247-.882a111.35 111.35 0 01-.391-57.715c-23.43 10.656-41.917 27.176-55.684 42.233 13.11-12.77 30.093-26.473 50.778-35.862-1.28 9.821-2.383 29.926 5.297 51.344z" fill="url(#q)"/><path d="M23.758 286.6c-.067-.229-.126-.459-.191-.689a220.739 220.739 0 01-5.61-24.5c-1.836-8.43-1.25-20.266 0-30.987-.929 5.565-1.511 11.221-2.2 24.061 0 .41-.025.816-.025 1.227C15.732 360.731 83.2 450 177.2 482.683 95.716 451.478 35.35 376.8 23.758 286.6z" fill="url(#r)"/><path d="M21.832 262.383c-4.214-19.356 4.331-56.676 4.446-57.2a202.7 202.7 0 0132.284-72.8l-.011.038c0-.012.007-.025.011-.037a210.463 210.463 0 0122.47-26.912 175.229 175.229 0 0123.513-20.12 29.207 29.207 0 011.015-.634c-.083 18.28.954 49.124 9.423 59.237h.111c1.16-.06 36.177-1.605 54.092 9.322a273.279 273.279 0 015.092 3.164 71.848 71.848 0 016.378 4.532c3.764 3.008 8.03 7.036 17.012 15.389 13 12.091 41.356 24.121 53.6 29.852-11.929-6.009-40.077-18.848-52.774-31.343-8.723-8.585-12.865-12.723-16.533-15.828a71.492 71.492 0 00-6.232-4.7 281.912 281.912 0 00-4.987-3.3c-17.548-11.392-52.448-10.765-53.6-10.735h-.112c-8.718-11.028-8.905-45.214-8.458-57.362.018-.468.036-.9.054-1.3l.021-.429a119.792 119.792 0 01.018-.356c.015-.262.029-.515.044-.734-.007-.031-.042-.043-.095-.042-.018 0-.048.009-.071.012a1.022 1.022 0 00-.151.034c-.039.011-.087.03-.132.046a4.265 4.265 0 00-.39.157l-.234.106a16.595 16.595 0 00-.495.24l-.3.151-.245.128-.359.188-.2.109c-2.121 1.141-4.813 2.754-5.358 3.125A175.239 175.239 0 0077.156 104.5a210.379 210.379 0 00-22.469 26.912c0 .012-.007.025-.011.037 0-.012.007-.025.011-.038a202.707 202.707 0 00-32.284 72.8c-.116.521-8.661 37.841-4.446 57.2 15.8 93.251 90.176 167.72 181.563 189.812-89.608-23.234-162.113-96.911-177.688-188.84z" fill="url(#s)"/><path d="M478.979 166.36c-9.226-22.167-26.8-45.883-42.231-57.048l-.425-.3q-.717-.508-1.428-.982-.27-.18-.54-.356-.675-.435-1.341-.834c-.172-.1-.345-.212-.517-.312a42.518 42.518 0 00-1.786-.986c.65 1.272 1.275 2.544 1.9 3.816a394.886 394.886 0 0 11.148 2.373c11.668 24.415 18.557 48.448 21.317 66.745 0 .04.015.136.047.4 8.533 55.66-19.813 109.581-64.126 146.04-.079.189-.133.313-.133.313-55.08 44.8-108.642 49.678-144.555 44.383 35.786 6.684 92.233 3.866 150.369-43.414l.133-.313c44.312-36.459 72.659-90.381 64.126-146.04a12.553 12.553 0 01-.047-.4c-2.451-16.242-8.159-37.005-17.57-58.54a159 159 0 0126.316 37.486c17.047 34.76 24.739 77.04 22.235 117.816-.188 3.07-.343 6.128-.58 9.174-13.068 112.5-106.967 202.843-225.783 209.5a245.659 245.659 0 01-47.5-1.93A242.635 242.635 0 00256.335 496c119 0 217.812-86.287 237.156-199.626.408-3.076.734-6.168 1.094-9.27 4.783-41.21-.531-84.524-15.606-120.744zm-23.828 12.6l-.008-.026-.032-.234c.012.086.027.174.04.26z" fill="url(#t)"/></svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/devtools/client/themes/images/aboutdebugging-firefox-beta.svg b/devtools/client/themes/images/aboutdebugging-firefox-beta.svg index 8ece78c5c1cd..9240dc6e84ca 100644 --- a/devtools/client/themes/images/aboutdebugging-firefox-beta.svg +++ b/devtools/client/themes/images/aboutdebugging-firefox-beta.svg @@ -1,4 +1,31 @@ - -<svg xmlns="http://www.w3.org/2000/svg" width="512" height="512"><defs><radialGradient id="c" cx="87.4%" cy="-12.9%" r="128%" gradientTransform="matrix(.8 0 0 1 .178 .129)"><stop offset=".13" stop-color="#ffbd4f"/><stop offset=".28" stop-color="#ff980e"/><stop offset=".47" stop-color="#ff3750"/><stop offset=".78" stop-color="#eb0878"/><stop offset=".86" stop-color="#e50080"/></radialGradient><radialGradient id="d" cx="49%" cy="40%" r="128%" gradientTransform="matrix(.82 0 0 1 .088 0)"><stop offset=".3" stop-color="#960e18"/><stop offset=".35" stop-color="#b11927" stop-opacity=".74"/><stop offset=".43" stop-color="#db293d" stop-opacity=".34"/><stop offset=".5" stop-color="#f5334b" stop-opacity=".09"/><stop offset=".53" stop-color="#ff3750" stop-opacity="0"/></radialGradient><radialGradient id="e" cx="48%" cy="-12%" r="140%"><stop offset=".13" stop-color="#fff44f"/><stop offset=".53" stop-color="#ff980e"/></radialGradient><radialGradient id="f" cx="22.76%" cy="110.11%" r="100%"><stop offset=".35" stop-color="#3a8ee6"/><stop offset=".67" stop-color="#9059ff"/><stop offset="1" stop-color="#c139e6"/></radialGradient><radialGradient id="g" cx="52%" cy="33%" r="59%" gradientTransform="scale(.9 1)"><stop offset=".21" stop-color="#9059ff" stop-opacity="0"/><stop offset=".97" stop-color="#6e008b" stop-opacity=".6"/></radialGradient><radialGradient id="h" cx="210%" cy="-100%" r="290%"><stop offset=".1" stop-color="#ffe226"/><stop offset=".79" stop-color="#ff7139"/></radialGradient><radialGradient id="i" cx="84%" cy="-41%" r="180%"><stop offset=".11" stop-color="#fff44f"/><stop offset=".46" stop-color="#ff980e"/><stop offset=".72" stop-color="#ff3647"/><stop offset=".9" stop-color="#e31587"/></radialGradient><radialGradient id="j" cx="16.1%" cy="-18.6%" r="348.8%" gradientTransform="matrix(.10453 .46743 -.99452 .04913 -.046 -.255)"><stop offset="0" stop-color="#fff44f"/><stop offset=".3" stop-color="#ff980e"/><stop offset=".57" stop-color="#ff3647"/><stop offset=".74" sto p-color="#e31587"/></radialGradient><radialGradient id="k" cx="18.9%" cy="-42.5%" r="238.4%"><stop offset=".14" stop-color="#fff44f"/><stop offset=".48" stop-color="#ff980e"/><stop offset=".66" stop-color="#ff3647"/><stop offset=".9" stop-color="#e31587"/></radialGradient><radialGradient id="l" cx="159.3%" cy="-44.72%" r="313.1%"><stop offset=".09" stop-color="#fff44f"/><stop offset=".63" stop-color="#ff980e"/></radialGradient><linearGradient id="b" x1="87.25%" y1="15.5%" x2="9.4%" y2="93.1%"><stop offset=".05" stop-color="#fff44f"/><stop offset=".37" stop-color="#ff980e"/><stop offset=".53" stop-color="#ff3647"/><stop offset=".7" stop-color="#e31587"/></linearGradient><linearGradient id="m" x1="80%" y1="14%" x2="18%" y2="84%"><stop offset=".17" stop-color="#fff44f" stop-opacity=".8"/><stop offset=".6" stop-color="#fff44f" stop-opacity="0"/></linearGradient><linearGradient id="a" x1="446.053" y1="434.456" x2="385.267" y2="376.907" gradientUnits="userSpaceOnUse"><stop offset="0" stop -color="#054096" stop-opacity=".5"/><stop offset=".054" stop-color="#0f3d9c" stop-opacity=".441"/><stop offset=".261" stop-color="#2f35b1" stop-opacity=".249"/><stop offset=".466" stop-color="#462fbf" stop-opacity=".111"/><stop offset=".669" stop-color="#542bc8" stop-opacity=".028"/><stop offset=".864" stop-color="#592acb" stop-opacity="0"/></linearGradient><linearGradient id="n" x1="280.371" y1="377.927" x2="499.809" y2="470.777" gradientUnits="userSpaceOnUse"><stop offset=".001" stop-color="#54ffbd"/><stop offset="1" stop-color="#0df"/></linearGradient><filter id="o" x="-1" y="-1" width="300%" height="300%"><feOffset result="offOut" in="SourceGraphic" dx="-4" dy="-4"/><feColorMatrix result="matrixOut" in="offOut" values=".01 0 0 0 0 0 0 0 0 0 0 .2 0 0 0 0 0 0 .2 0"/><feGaussianBlur result="blurOut" in="matrixOut" stdDeviation="8"/><feBlend in="SourceGraphic" in2="blurOut"/></filter></defs><path d="M450.683 326.634h-175.61a9.366 9.366 0 00-9.366 9.366v28.1a74.926 74.926 0 0074.927 74.926h97.171A56.2 56.2 0 00494 382.829v-24.585c0-14.044-14.049-31.61-43.317-31.61z" fill="#008787"/><path d="M450.683 326.634h-175.61a9.366 9.366 0 00-9.366 9.366v28.1a74.926 74.926 0 0074.927 74.926h97.171A56.2 56.2 0 00494 382.829v-24.585c0-14.044-14.049-31.61-43.317-31.61z" fill="url(#a)" opacity=".9"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136.047.4C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484a120.249 120.249 0 00-66.142 25.488 71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00 -22.442 26.913c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.08 12.7-2.365 15-.022.177-.032.347-.053.524a229.066 229.066 0 00-3.9 33.157c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zM201.716 354.447c1.124.537 2.18 1.124 3.334 1.639.048.033.114.07.163.1a126.191 126.191 0 01-3.497-1.739zm55.053-144.93zm198.131-30.59l-.032-.233c.012.085.027.174.04.259z" fill="url(#b)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.071 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217 .56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#c)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.071 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#d)"/><path d="M361.922 194.6c.524.368 1 .734 1.493 1.1a130.706 130.706 0 00-22.31-29.112C266.4 91.892 321.516 4.626 330.811.194c.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.051 0 84.289 24.77 105.301 61.487z" fill="url(#e)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" fill="url(#f)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" fill="url(#g)"/><path d="M170.829 151.036a244.042 244.042 0 014.981 3.3 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7 1.155-.033 36.014-.66 53.543 10.732z" fill="url(#h)"/><path d="M18.223 261.41C36.766 370.988 136.1 454.651 248.855 457.844c104.361 2.954 171.037-57.62 198.576-116.716 17.8-38.2 30.154-100.7 7.479-162.175l-.008-.026-.032-.233c-.025-.178-.04-.284-.036-.226 0 .039.015.136.047.4 8.524 55.661-19.79 109.584-64.051 146.044l-.133.313c-86.245 70.223-168.774 42.368-185.484 30.966a144.108 144.108 0 01-3.5-1.743c-50.282-24.029-71.054-69.838-66.6-109.124-42.457 0-56.934-35.809-56.934-35.809s38.119-27.179 88.358-3.541c46.53 21.893 90.228 3.543 90.233 3.541-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 282.929 282.929 0 00-4.981-3.3c-17.528-11.392-52.388-10.765-53.543-10.735h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.442 26.919c0 .012-.007.026-.011.038 0- .013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-8.65 37.842-4.44 57.199z" fill="url(#i)"/><path d="M341.105 166.587a130.706 130.706 0 0122.31 29.112c1.323.994 2.559 1.985 3.608 2.952 54.482 50.2 25.936 121.2 23.807 126.26 44.261-36.46 72.575-90.383 64.051-146.044C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1-9.291 4.428-64.407 91.694 10.298 166.389z" fill="url(#j)"/><path d="M367.023 198.651c-1.049-.967-2.285-1.958-3.608-2.952-.489-.368-.969-.734-1.493-1.1-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1 16.71 11.4 99.239 39.257 185.484-30.966l.133-.313c2.129-5.054 30.675-76.057-23.807-126.258z" fill="url(#k)"/><path d="M148.439 277.4 43s11.093-41.335 79.432-41.335c7.388 0 28.509-20.615 28.9-26.593s-43.7 18.352-90.233-3.541c-50.239-23.638-88.358 3.541-88.358 3.541s14.477 35.809 56.934 35.809c-4.453 39.286 16.319 85.1 66.6 109.124 1.124.537 2.18 1.124 3.334 1.639-29.348-15.169-53.582-43.834-56.609-78.644z" fill="url(#l)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136.047.4C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.053 0 84.291 24.77 105.3 61.484-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1a144.108 144.1 08 0 01-3.5-1.743c1.124.537 2.18 1.124 3.334 1.639-29.35-15.168-53.584-43.833-56.611-78.643 0 0 11.093-41.335 79.432-41.335 7.388 0 28.509-20.615 28.9-26.593-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.435 26.916c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.486 12.853-2.77 15.156-.022.177.021-.176 0 0a279.565 279.565 0 00-3.544 33.53c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zm-23.841 12.341c.012.085.027.174.04.259l-.008-.026-.032-.233z" fill="url(#m)"/><path d="M484.634 367.61H323.189A69.189 69.189 0 00254 436. 8v33.835a9.366 9.366 0 009.366 9.365h161.445A69.189 69.189 0 00494 410.811v-52.567a9.366 9.366 0 01-9.366 9.366z" fill="url(#n)" filter="url(#o)"/><path d="M326.241 423.168a10.264 10.264 0 005.349-9.424c0-8.342-5.795-12.991-16.11-12.991h-19.232v46.486h19.359c10.315 0 16.684-4.584 16.684-13.755 0-4.839-2.166-8.341-6.05-10.316zM305.1 408.713h10.57c4.713 0 6.941 1.975 6.941 5.223 0 3.183-2.038 5.539-6.813 5.539H305.1zm10.635 30.439H305.1v-11.59h10.253c5.667 0 7.833 2.1 7.833 5.731s-2.548 5.859-7.452 5.859zm25.15 8.087h31.265v-8.532h-22.287v-10.572h22.287v-8.469h-22.287v-10.444h22.287v-8.469h-31.266zm73.548-46.486h-34.58v8.278h12.928v38.208h8.851v-38.208h12.8zm24.069 0h-8.852l-17.576 46.486h9.234l3.056-8.469h19.422l3.058 8.469h9.233zm-11.144 29.866l6.75-18.467 6.686 18.467z" fill="#20123a"/></svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/devtools/client/themes/images/aboutdebugging-firefox-logo.svg b/devtools/client/themes/images/aboutdebugging-firefox-logo.svg index fe4d116b1660..d7895f1107c5 100644 --- a/devtools/client/themes/images/aboutdebugging-firefox-logo.svg +++ b/devtools/client/themes/images/aboutdebugging-firefox-logo.svg @@ -1,6 +1,5 @@ - -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"> - <path fill="context-fill #20123a" d="M190.368 150.591c0.157 0.009 0.079 0.003 0 0zm-57.874-28.933c0.158 0.008 0.079 0.003 0 0zm346.228 44.674c-10.445-25.123-31.6-52.248-48.211-60.82 13.52 26.5 21.345 53.093 24.335 72.935 0 0.04 0.015 0.136 0.047 0.4-27.175-67.732-73.254-95.047-110.886-154.512-1.9-3.008-3.805-6.022-5.661-9.2a73.237 73.237 0 0 1-2.646-4.972 43.757 43.757 0 0 1-3.585-9.5 0.625 0.625 0 0 0-0.546-0.644 0.8 0.8 0 0 0-0.451 0c-0.033 0.011-0.084 0.051-0.119 0.065-0.053 0.02-0.12 0.069-0.176 0.095 0.026-0.036 0.083-0.117 0.1-0.135-53.437 31.3-75.587 86.093-81.282 120.97a128.057 128.057 0 0 0-47.624 12.153 6.144 6.144 0 0 0-3.041 7.63 6.034 6.034 0 0 0 8.192 3.525 116.175 116.175 0 0 1 41.481-10.826c0.468-0.033 0.937-0.062 1.405-0.1a117.624 117.624 0 0 1 5.932-0.211 120.831 120.831 0 0 1 34.491 4.777c0.654 0.192 1.295 0.414 1.946 0.616a120.15 120.15 0 0 1 5.539 1.842 121.852 121.852 0 0 1 3.992 1.564c1.074 0.434 2.148 0.868 3.206 1.331a118.453 118.453 0 0 1 4.9 2.307c0.743 0.368 1.485 0.735 2.217 1.117a120.535 120.535 0 0 1 4.675 2.587 107.785 107.785 0 0 1 2.952 1.776 123.018 123.018 0 0 1 42.028 43.477c-12.833-9.015-35.81-17.918-57.947-14.068 86.441 43.214 63.234 192.027-56.545 186.408a106.7 106.7 0 0 1-31.271-6.031 132.461 132.461 0 0 1-7.059-2.886c-1.356-0.618-2.711-1.243-4.051-1.935-29.349-15.168-53.583-43.833-56.611-78.643 0 0 11.093-41.335 79.433-41.335 7.388 0 28.508-20.614 28.9-26.593-0.09-1.953-41.917-18.59-58.223-34.656-8.714-8.585-12.851-12.723-16.514-15.829a71.7 71.7 0 0 0-6.225-4.7 111.335 111.335 0 0 1-0.675-58.733c-24.687 11.242-43.89 29.011-57.849 44.7h-0.111c-9.528-12.067-8.855-51.873-8.312-60.184-0.114-0.516-7.107 3.63-8.024 4.254a175.21 175.21 0 0 0-23.486 20.12 210.5 210.5 0 0 0-22.443 26.913c0 0.012-0.007 0.025-0.011 0.037 0-0.012 0.007-0.025 0.011-0.038a202.837 202.837 0 0 0-32.244 72.81c-0.058 0.265-2.29 10.054-3.92 22.147a265.794 265.794 0 0 0-0.769 5.651c-0.558 3.636-0.992 7.6-1.42 13.767-0.019 0.239-0.031 0.474-0.048 0.712a5 91.152 591.152 0 0 0-0.481 7.995c0 0.411-0.025 0.816-0.025 1.227 0 132.709 107.6 240.29 240.324 240.29 118.865 0 217.559-86.288 236.882-199.63 0.407-3.075 0.732-6.168 1.092-9.27 4.777-41.21-0.53-84.525-15.588-120.747zm-164.068 72.1z" /> -</svg> +<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"> + <g fill="context-fill" fill-opacity="context-fill-opacity" fill-rule="nonzero"> + <path d="M12.0246161,21.8174863 L12.0246161,20.3628098 C16.6324777,20.3495038 20.3634751,16.6108555 20.3634751,11.9996673 C20.3634751,7.38881189 16.6324777,3.65016355 12.0246161,3.63685757 L12.0246161,2.18218107 C17.4358264,2.1958197 21.8178189,6.58546322 21.8178189,11.9996673 C21.8178189,17.4142042 17.4358264,21.8041803 12.0246161,21.8174863 L12.0246161,21.8174863 Z M12.0246161,16.7259522 C14.623607,16.7123136 16.7272828,14.6023175 16.7272828,11.9996673 C16.7272828,9.39734991 14.623607,7.28735377 12.0246161,7.27371516 L12.0246161,5.81937131 C15.4272884,5.8326773 18.1819593,8.59400123 18.1819593,11.9996673 C18.1819593,15.4056661 15.4272884,18.1669901 12.0246161,18.1802961 L12.0246161,16.7259522 Z M12.0246161,9.45556355 C13.4187503,9.46886953 14.5454344,10.6022066 14.5454344,11.9996673 C14.5454344,13.3974608 13.4187503,14.5307978 12.0246161,14.5441038 L12.0246161,9.45556355 Z M0,11.9996673 C0,18.6273771 5.37229031,24 12,24 C18.6273771,24 24,18.6273771 24,11.9996673 C24,5.37229031 18.6273771,0 12,0 C5.37229031,0 0,5.37229031 0,11.9996673 Z"/> + </g> +</svg> \ No newline at end of file diff --git a/devtools/client/themes/images/aboutdebugging-firefox-nightly.svg b/devtools/client/themes/images/aboutdebugging-firefox-nightly.svg index dbc7b084d6c0..9240dc6e84ca 100644 --- a/devtools/client/themes/images/aboutdebugging-firefox-nightly.svg +++ b/devtools/client/themes/images/aboutdebugging-firefox-nightly.svg @@ -1,4 +1,31 @@ - -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><defs><radialGradient id="b" cx="-9227.187" cy="-9815.121" r="80.797" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".108" stop-color="#3fe1b0"/><stop offset=".122" stop-color="#3bdcb3"/><stop offset=".254" stop-color="#1bb3d3"/><stop offset=".358" stop-color="#0799e6"/><stop offset=".42" stop-color="#0090ed"/><stop offset=".487" stop-color="#2482f1"/><stop offset=".64" stop-color="#7165fb"/><stop offset=".71" stop-color="#9059ff"/><stop offset=".795" stop-color="#7d49ed"/><stop offset=".86" stop-color="#7542e5"/></radialGradient><radialGradient id="c" cx="-9256.711" cy="-9782.089" r="80.797" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".3" stop-color="#45278d"/><stop offset=".341" stop-color="#562896" stop-opacity=".787"/><stop offset=".43" stop-color="#782aa9" stop-opacity=".364"/><stop offset=".495" sto p-color="#8d2bb5" stop-opacity=".1"/><stop offset=".53" stop-color="#952bb9" stop-opacity="0"/></radialGradient><radialGradient id="d" cx="-9246.97" cy="-9833.457" r="58.534" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".132" stop-color="#3fe1b0"/><stop offset=".289" stop-color="#28d0c8"/><stop offset=".526" stop-color="#00b3f4"/></radialGradient><radialGradient id="e" cx="-9265.648" cy="-9760.984" r="38.471" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".287" stop-color="#0060df"/><stop offset=".417" stop-color="#2357e1"/><stop offset=".604" stop-color="#4f4ce3"/><stop offset=".748" stop-color="#6b45e4"/><stop offset=".833" stop-color="#7542e5"/></radialGradient><radialGradient id="f" cx="-9255.62" cy="-9791.546" r="20.397" gradientTransform="matrix(6.027 -1.458 1.708 7.059 72758.651 55821.181)" gradientUnits="userSpaceOnUse"><stop offset=".206" stop-color="#45278d " stop-opacity="0"/><stop offset=".251" stop-color="#44268a" stop-opacity=".055"/><stop offset=".725" stop-color="#371f6f" stop-opacity=".591"/><stop offset=".956" stop-color="#321c64" stop-opacity=".8"/></radialGradient><radialGradient id="g" cx="-9257.731" cy="-9818.427" r="27.676" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#0df"/><stop offset=".235" stop-color="#00d6fd"/><stop offset=".572" stop-color="#00c3f8"/><stop offset=".792" stop-color="#00b3f4"/></radialGradient><radialGradient id="h" cx="-9235.977" cy="-9835.981" r="118.081" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".126" stop-color="#3fe1b0"/><stop offset=".429" stop-color="#0df"/><stop offset=".479" stop-color="#1ec1ff"/><stop offset=".624" stop-color="#7077ff"/><stop offset=".69" stop-color="#9059ff"/><stop offset=".904" stop-color="#b833e1"/></radialGradient><radialGradient id="i " cx="-9247.165" cy="-9822.859" r="86.499" gradientTransform="matrix(.649 6.166 -4.046 .426 -33440.427 61207.861)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#54ffbd"/><stop offset=".095" stop-color="#4cf3b8"/><stop offset=".197" stop-color="#3fe1b0"/><stop offset=".257" stop-color="#33d8bd"/><stop offset=".369" stop-color="#12c0e1"/><stop offset=".423" stop-color="#00b3f4"/><stop offset=".737" stop-color="#0060df"/></radialGradient><radialGradient id="j" cx="-9258.383" cy="-9808.176" r="73.72" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offset=".137" stop-color="#3fe1b0"/><stop offset=".435" stop-color="#0df"/><stop offset=".484" stop-color="#1ec1ff"/><stop offset=".622" stop-color="#7077ff"/><stop offset=".685" stop-color="#9059ff"/></radialGradient><radialGradient id="k" cx="-9238.923" cy="-9803.861" r="80.686" gradientTransform="matrix(6.201 0 0 6.2 57644.994 60908.8)" gradientUnits="userSpaceOnUse"><stop offs et=".094" stop-color="#54ffbd"/><stop offset=".242" stop-color="#41f7cc"/><stop offset=".543" stop-color="#0fe3f3"/><stop offset=".626" stop-color="#0df"/></radialGradient><linearGradient id="a" x1="471.8" y1="127.352" x2="55.983" y2="389.284" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#3fe1b0"/><stop offset=".406" stop-color="#00b3f4"/><stop offset=".421" stop-color="#03b0f4"/><stop offset=".818" stop-color="#5561e9"/><stop offset="1" stop-color="#7542e5"/></linearGradient><linearGradient id="l" x1="442.084" y1="74.772" x2="102.645" y2="414.21" gradientUnits="userSpaceOnUse"><stop offset=".167" stop-color="#54ffbd" stop-opacity=".8"/><stop offset=".236" stop-color="#43f8ca" stop-opacity=".639"/><stop offset=".361" stop-color="#27ede1" stop-opacity=".368"/><stop offset=".466" stop-color="#12e4f1" stop-opacity=".169"/><stop offset=".545" stop-color="#05dffb" stop-opacity=".046"/><stop offset=".589" stop-color="#0df" stop-opacity="0"/></linearGradient></defs><path d=" M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136.047.4C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484a120.249 120.249 0 00-66.142 25.488 71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.442 26.913c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.08 12.7-2.365 15-.022.177-.032.347-.053.524a229.066 229.066 0 00-3.9 33.157c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.6 3.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zM201.716 354.447c1.124.537 2.18 1.124 3.334 1.639.048.033.114.07.163.1a126.191 126.191 0 01-3.497-1.739zm55.053-144.93zm198.131-30.59l-.032-.233c.012.085.027.174.04.259z" fill="url(#a)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.071 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#b)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.071 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#c)"/><path d="M361.922 194.6c.524.368 1 .734 1.493 1.1a130.706 130.706 0 00-22.31-29.112C266.4 91.892 321.516 4.626 330.811.194c.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.051 0 84.289 24.77 105.301 61.487z" fill="url(#d)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429 a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" fill="url(#e)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" fill="url(#f)"/><path d="M170.829 151.036a244.042 244.042 0 014.981 3.3 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7 1.155-.033 36.014-.66 53.543 10.732z" fill="url(#g)"/><path d="M18.223 261.41C36.766 370.988 136.1 454.651 248.855 457.844c104.361 2.954 171.037-57.62 198.576-116.716 17.8-38.2 30.154-100.7 7.479-162.175l-.008-.026-.032-.233 c-.025-.178-.04-.284-.036-.226 0 .039.015.136.047.4 8.524 55.661-19.79 109.584-64.051 146.044l-.133.313c-86.245 70.223-168.774 42.368-185.484 30.966a144.108 144.108 0 01-3.5-1.743c-50.282-24.029-71.054-69.838-66.6-109.124-42.457 0-56.934-35.809-56.934-35.809s38.119-27.179 88.358-3.541c46.53 21.893 90.228 3.543 90.233 3.541-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 282.929 282.929 0 00-4.981-3.3c-17.528-11.392-52.388-10.765-53.543-10.735h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.442 26.919c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-8.65 37.842-4.44 57.199z" fill="url(#h)"/><path d="M341.105 166.587a130.706 130.706 0 0122.31 29.112c1.323.994 2.559 1.985 3.608 2.952 54.482 50.2 25.936 121.2 23.807 126.26 44.261-36.46 72.575-90.383 64.051-146.044C427.706 111.135 381.627 83.823 34 4 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1-9.291 4.428-64.407 91.694 10.298 166.389z" fill="url(#i)"/><path d="M367.023 198.651c-1.049-.967-2.285-1.958-3.608-2.952-.489-.368-.969-.734-1.493-1.1-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1 16.71 11.4 99.239 39.257 185.484-30.966l.133-.313c2.129-5.054 30.675-76.057-23.807-126.258z" fill="url(#j)"/><path d="M148.439 277.443s11.093-41.335 79.432-41.335c7.388 0 28.509-20.615 28.9-26.593s-43.7 18.352-90.233-3.541c-50.239-23.638-88.358 3.541-88.358 3.541s14.477 35.809 56.934 35.809c-4.453 39.286 16.319 85.1 66.6 109.124 1.124.537 2.18 1.124 3.334 1.639-29.348-15.169-53.582-43.834-56.609-78.644z" fill="url(#k)"/><path d="M478.711 166.353 c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136.047.4C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.053 0 84.291 24.77 105.3 61.484-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1a144.108 144.108 0 01-3.5-1.743c1.124.537 2.18 1.124 3.334 1.639-29.35-15.168-53.584-43.833-56.611-78.643 0 0 11.093-41.335 79.432-41.335 7.388 0 28.509-20.615 28.9-26.593-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.435 26.916c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.486 12.853-2.77 15.156-.022.177.021-.176 0 0a279.565 279.565 0 00-3.544 33.53c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zm-23.841 12.341c.012.085.027.174.04.259l-.008-.026-.032-.233z" fill="url(#l)"/></svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/devtools/client/themes/images/aboutdebugging-firefox-release.svg b/devtools/client/themes/images/aboutdebugging-firefox-release.svg index 4c195cf17c85..9240dc6e84ca 100644 --- a/devtools/client/themes/images/aboutdebugging-firefox-release.svg +++ b/devtools/client/themes/images/aboutdebugging-firefox-release.svg @@ -1,4 +1,31 @@ - -<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><defs><radialGradient id="b" cx="87.4%" cy="-12.9%" r="128%" gradientTransform="matrix(.8 0 0 1 .178 .129)"><stop offset=".13" stop-color="#ffbd4f"/><stop offset=".28" stop-color="#ff980e"/><stop offset=".47" stop-color="#ff3750"/><stop offset=".78" stop-color="#eb0878"/><stop offset=".86" stop-color="#e50080"/></radialGradient><radialGradient id="c" cx="49%" cy="40%" r="128%" gradientTransform="matrix(.82 0 0 1 .088 0)"><stop offset=".3" stop-color="#960e18"/><stop offset=".35" stop-color="#b11927" stop-opacity=".74"/><stop offset=".43" stop-color="#db293d" stop-opacity=".34"/><stop offset=".5" stop-color="#f5334b" stop-opacity=".09"/><stop offset=".53" stop-color="#ff3750" stop-opacity="0"/></radialGradient><radialGradient id="d" cx="48%" cy="-12%" r="140%"><stop offset=".13" stop-color="#fff44f"/><stop offset=".53" stop-color="#ff980e"/></radialGradient><radialGradient id="e" cx="22.76%" cy="110.11%" r="100%"><stop off set=".35" stop-color="#3a8ee6"/><stop offset=".67" stop-color="#9059ff"/><stop offset="1" stop-color="#c139e6"/></radialGradient><radialGradient id="f" cx="52%" cy="33%" r="59%" gradientTransform="scale(.9 1)"><stop offset=".21" stop-color="#9059ff" stop-opacity="0"/><stop offset=".97" stop-color="#6e008b" stop-opacity=".6"/></radialGradient><radialGradient id="g" cx="210%" cy="-100%" r="290%"><stop offset=".1" stop-color="#ffe226"/><stop offset=".79" stop-color="#ff7139"/></radialGradient><radialGradient id="h" cx="84%" cy="-41%" r="180%"><stop offset=".11" stop-color="#fff44f"/><stop offset=".46" stop-color="#ff980e"/><stop offset=".72" stop-color="#ff3647"/><stop offset=".9" stop-color="#e31587"/></radialGradient><radialGradient id="i" cx="16.1%" cy="-18.6%" r="348.8%" gradientTransform="matrix(.10453 .46743 -.99452 .04913 -.046 -.255)"><stop offset="0" stop-color="#fff44f"/><stop offset=".3" stop-color="#ff980e"/><stop offset=".57" stop-color="#ff3647"/><stop offset=".74" stop-c olor="#e31587"/></radialGradient><radialGradient id="j" cx="18.9%" cy="-42.5%" r="238.4%"><stop offset=".14" stop-color="#fff44f"/><stop offset=".48" stop-color="#ff980e"/><stop offset=".66" stop-color="#ff3647"/><stop offset=".9" stop-color="#e31587"/></radialGradient><radialGradient id="k" cx="159.3%" cy="-44.72%" r="313.1%"><stop offset=".09" stop-color="#fff44f"/><stop offset=".63" stop-color="#ff980e"/></radialGradient><linearGradient id="a" x1="87.25%" y1="15.5%" x2="9.4%" y2="93.1%"><stop offset=".05" stop-color="#fff44f"/><stop offset=".37" stop-color="#ff980e"/><stop offset=".53" stop-color="#ff3647"/><stop offset=".7" stop-color="#e31587"/></linearGradient><linearGradient id="l" x1="80%" y1="14%" x2="18%" y2="84%"><stop offset=".17" stop-color="#fff44f" stop-opacity=".8"/><stop offset=".6" stop-color="#fff44f" stop-opacity="0"/></linearGradient></defs><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136. 047.4C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484a120.249 120.249 0 00-66.142 25.488 71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.442 26.913c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.08 12.7-2.365 15-.022.177-.032.347-.053.524a229.066 229.066 0 00-3.9 33.157c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zM201.716 354.447c1.124.537 2.18 1.124 3.33 4 1.639.048.033.114.07.163.1a126.191 126.191 0 01-3.497-1.739zm55.053-144.93zm198.131-30.59l-.032-.233c.012.085.027.174.04.259z" fill="url(#a)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.071 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#b)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0-.058.011.048.036.226.012.085.027.174.04.259 22.675 61.47 10.322 123.978-7.479 162.175-27.539 59.1-94.215 119.67-198.576 116.716C136.1 454.651 36.766 370.988 18.223 261.41c-3.379-17.28 0-26.054 1.7-40.084-2.0 71 10.816-2.86 13.94-3.9 33.157 0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746z" fill="url(#c)"/><path d="M361.922 194.6c.524.368 1 .734 1.493 1.1a130.706 130.706 0 00-22.31-29.112C266.4 91.892 321.516 4.626 330.811.194c.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.051 0 84.289 24.77 105.301 61.487z" fill="url(#d)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" f ill="url(#e)"/><path d="M256.772 209.514c-.393 5.978-21.514 26.593-28.9 26.593-68.339 0-79.432 41.335-79.432 41.335 3.027 34.81 27.261 63.475 56.611 78.643 1.339.692 2.694 1.317 4.05 1.935a132.768 132.768 0 007.059 2.886 106.743 106.743 0 0031.271 6.031c119.78 5.618 142.986-143.194 56.545-186.408 22.137-3.85 45.115 5.053 57.947 14.067-21.012-36.714-60.25-61.484-105.3-61.484-2.85 0-5.641.235-8.442.429a120.249 120.249 0 00-66.142 25.488c3.664 3.1 7.8 7.244 16.514 15.828 16.302 16.067 58.13 32.705 58.219 34.657z" fill="url(#f)"/><path d="M170.829 151.036a244.042 244.042 0 014.981 3.3 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7 1.155-.033 36.014-.66 53.543 10.732z" fill="url(#g)"/><path d="M18.223 261.41C36.766 370.988 136.1 454.651 248.855 457.844c104.361 2.954 171.037-57.62 198.576-116.716 17.8-38.2 30.154-100.7 7.479-162.175l-.008-.026-.032-.233c-.025-.178-.04-.284-.036-.226 0 .039.015.136.047.4 8.524 55.661-19.79 109.584-64.051 146.044l-.133.313c-86.245 70 .223-168.774 42.368-185.484 30.966a144.108 144.108 0 01-3.5-1.743c-50.282-24.029-71.054-69.838-66.6-109.124-42.457 0-56.934-35.809-56.934-35.809s38.119-27.179 88.358-3.541c46.53 21.893 90.228 3.543 90.233 3.541-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 282.929 282.929 0 00-4.981-3.3c-17.528-11.392-52.388-10.765-53.543-10.735h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.442 26.919c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-8.65 37.842-4.44 57.199z" fill="url(#h)"/><path d="M341.105 166.587a130.706 130.706 0 0122.31 29.112c1.323.994 2.559 1.985 3.608 2.952 54.482 50.2 25.936 121.2 23.807 126.26 44.261-36.46 72.575-90.383 64.051-146.044C427.706 111.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.54 6-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1-9.291 4.428-64.407 91.694 10.298 166.389z" fill="url(#i)"/><path d="M367.023 198.651c-1.049-.967-2.285-1.958-3.608-2.952-.489-.368-.969-.734-1.493-1.1-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1 16.71 11.4 99.239 39.257 185.484-30.966l.133-.313c2.129-5.054 30.675-76.057-23.807-126.258z" fill="url(#j)"/><path d="M148.439 277.443s11.093-41.335 79.432-41.335c7.388 0 28.509-20.615 28.9-26.593s-43.7 18.352-90.233-3.541c-50.239-23.638-88.358 3.541-88.358 3.541s14.477 35.809 56.934 35.809c-4.453 39.286 16.319 85.1 66.6 109.124 1.124.537 2.18 1.124 3.334 1.639-29.348-15.169-53.582-43.834-56.609-78.644z" fill="url(#k)"/><path d="M478.711 166.353c-10.445-25.124-31.6-52.248-48.212-60.821 13.52 26.505 21.345 53.093 24.335 72.936 0 .039.015.136.047.4C427.706 11 1.135 381.627 83.823 344 24.355c-1.9-3.007-3.805-6.022-5.661-9.2a73.716 73.716 0 01-2.646-4.972A43.7 43.7 0 01332.1.677a.626.626 0 00-.546-.644.818.818 0 00-.451 0c-.034.012-.084.051-.12.065-.053.021-.12.069-.176.1.027-.036.083-.117.1-.136-60.37 35.356-80.85 100.761-82.732 133.484 2.8-.194 5.592-.429 8.442-.429 45.053 0 84.291 24.77 105.3 61.484-12.832-9.014-35.81-17.917-57.947-14.067 86.441 43.214 63.235 192.026-56.545 186.408a106.743 106.743 0 01-31.271-6.031 134.51 134.51 0 01-7.059-2.886c-1.356-.618-2.711-1.243-4.05-1.935.048.033.114.07.163.1a144.108 144.108 0 01-3.5-1.743c1.124.537 2.18 1.124 3.334 1.639-29.35-15.168-53.584-43.833-56.611-78.643 0 0 11.093-41.335 79.432-41.335 7.388 0 28.509-20.615 28.9-26.593-.089-1.952-41.917-18.59-58.223-34.656-8.713-8.584-12.85-12.723-16.514-15.828a71.355 71.355 0 00-6.225-4.7 111.338 111.338 0 01-.674-58.732c-24.688 11.241-43.89 29.01-57.85 44.7h-.111c-9.527-12.067-8.855-51.873-8.312-60.184-.114-.515-7.107 3.63-8.023 4.255a175.073 175.073 0 00-23.486 20.12 210.478 210.478 0 00-22.435 26.916c0 .012-.007.026-.011.038 0-.013.007-.026.011-.038a202.838 202.838 0 00-32.247 72.805c-.115.521-.212 1.061-.324 1.586-.452 2.116-2.486 12.853-2.77 15.156-.022.177.021-.176 0 0a279.565 279.565 0 00-3.544 33.53c0 .41-.025.816-.025 1.227C16 388.418 123.6 496 256.324 496c118.865 0 217.56-86.288 236.882-199.63.407-3.076.733-6.168 1.092-9.271 4.777-41.21-.53-84.525-15.587-120.746zm-23.841 12.341c.012.085.027.174.04.259l-.008-.026-.032-.233z" fill="url(#l)"/></svg> +<?xml version="1.0" encoding="UTF-8"?> +<svg width="512px" height="512px" viewBox="0 0 512 512" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <defs> + <linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1"> + <stop stop-color="#420C5D" offset="0%"></stop> + <stop stop-color="#951AD1" offset="100%"></stop> + </linearGradient> + <path d="M25,29 C152.577777,29 256,131.974508 256,259 C256,386.025492 152.577777,489 25,489 L25,29 Z" id="path-2"></path> + <filter x="-18.2%" y="-7.4%" width="129.4%" height="114.8%" filterUnits="objectBoundingBox" id="filter-3"> + <feOffset dx="-8" dy="0" in="SourceAlpha" result="shadowOffsetOuter1"></feOffset> + <feGaussianBlur stdDeviation="10" in="shadowOffsetOuter1" result="shadowBlurOuter1"></feGaussianBlur> + <feColorMatrix values="0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0 0.250980392 0 0 0 0.2 0" type="matrix" in="shadowBlurOuter1"></feColorMatrix> + </filter> + </defs> + <g id="Assets" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="icon_512x512"> + <g id="Group"> + <g id="tb_icon/Stable"> + <g id="Stable"> + <circle id="background" fill="#F2E4FF" fill-rule="nonzero" cx="256" cy="256" r="246"></circle> + <path d="M256.525143,465.439707 L256.525143,434.406609 C354.826191,434.122748 434.420802,354.364917 434.420802,255.992903 C434.420802,157.627987 354.826191,77.8701558 256.525143,77.5862948 L256.525143,46.5531962 C371.964296,46.8441537 465.446804,140.489882 465.446804,255.992903 C465.446804,371.503022 371.964296,465.155846 256.525143,465.439707 Z M256.525143,356.820314 C311.970283,356.529356 356.8487,311.516106 356.8487,255.992903 C356.8487,200.476798 311.970283,155.463547 256.525143,155.17259 L256.525143,124.146588 C329.115485,124.430449 387.881799,183.338693 387.881799,255.992903 C387.881799,328.654211 329.115485,387.562455 256.525143,387.846316 L256.525143,356.820314 Z M256.525143,201.718689 C286.266674,202.00255 310.3026,226.180407 310.3026,255.992903 C310.3026,285.812497 286.266674,309.990353 256.525143,310.274214 L256.525143,201.718689 Z M0,255.992903 C0,397.384044 114.60886,512 256,512 C397.384044,512 512,397.384044 512,255.992903 C512,114.60886 397.384 044,0 256,0 C114.60886,0 0,114.60886 0,255.992903 Z" id="center" fill="url(#linearGradient-1)"></path> + <g id="half" transform="translate(140.500000, 259.000000) scale(-1, 1) translate(-140.500000, -259.000000) "> + <use fill="black" fill-opacity="1" filter="url(#filter-3)" xlink:href="#path-2"></use> + <use fill="url(#linearGradient-1)" fill-rule="evenodd" xlink:href="#path-2"></use> + </g> + </g> + </g> + </g> + </g> + </g> +</svg> \ No newline at end of file diff --git a/intl/l10n/L10nRegistry.jsm b/intl/l10n/L10nRegistry.jsm index fc0cd5f4ee23..684502ad9002 100644 --- a/intl/l10n/L10nRegistry.jsm +++ b/intl/l10n/L10nRegistry.jsm @@ -139,6 +139,12 @@ class L10nRegistryService { async* generateBundles(requestedLangs, resourceIds) { const resourceIdsDedup = Array.from(new Set(resourceIds)); const sourcesOrder = Array.from(this.sources.keys()).reverse(); + // Always prioritize torbutton sources (keep in sync with generateBundlesSync) + const idxTB = sourcesOrder.indexOf("torbutton"); + if (idxTB > 0) { + sourcesOrder.splice(idxTB, 1); + sourcesOrder.unshift("torbutton"); + } const pseudoStrategy = Services.prefs.getStringPref("intl.l10n.pseudo", ""); for (const locale of requestedLangs) { for await (const dataSets of generateResourceSetsForLocale(locale, sourcesOrder, resourceIdsDedup)) { @@ -172,6 +178,12 @@ class L10nRegistryService { * generateBundlesSync(requestedLangs, resourceIds) { const resourceIdsDedup = Array.from(new Set(resourceIds)); const sourcesOrder = Array.from(this.sources.keys()).reverse(); + // Always prioritize torbutton sources (keep in sync with generateBundles) + const idxTB = sourcesOrder.indexOf("torbutton"); + if (idxTB > 0) { + sourcesOrder.splice(idxTB, 1); + sourcesOrder.unshift("torbutton"); + } const pseudoStrategy = Services.prefs.getStringPref("intl.l10n.pseudo", ""); for (const locale of requestedLangs) { for (const dataSets of generateResourceSetsForLocaleSync(locale, sourcesOrder, resourceIdsDedup)) { @@ -293,7 +305,9 @@ class L10nRegistryService { for (const source of this.sources.values()) { for (const locale of source.locales) { - locales.add(locale); + if (!source.skipForAvailableLocales) { + locales.add(locale); + } } } return Array.from(locales); @@ -495,10 +509,11 @@ class FileSource { * * @returns {FileSource} */ - constructor(name, locales, prePath) { + constructor(name, locales, prePath, skipForAvailableLocales = false) { this.name = name; this.locales = locales; this.prePath = prePath; + this.skipForAvailableLocales = skipForAvailableLocales; this.indexed = false; // The cache object stores information about the resources available

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Bug 4234: Use the Firefox Update Process for Tor Browser.
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 13554778a23e1bae6fa36eaab552f17843854e4e Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Jan 13 11:40:24 2017 -0500 Bug 4234: Use the Firefox Update Process for Tor Browser. The following files are never updated: TorBrowser/Data/Browser/profiles.ini TorBrowser/Data/Browser/profile.default/bookmarks.html TorBrowser/Data/Tor/torrc Mac OS: Store update metadata under TorBrowser/UpdateInfo. Removed the %OS_VERSION% component from the update URL (13047) and added support for minSupportedOSVersion, an attribute of the <update> element that may be used to trigger Firefox's "unsupported platform" behavior. Hide the "What's new" links (set app.releaseNotesURL value to about:blank). Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix Bug 26049: reduce the delay before the update prompt is displayed. Instead of Firefox's 2 days, we use 1 hour (after which time the update doorhanger will be displayed). Also fix bug 27221: purge the startup cache if the Tor Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Tor Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Tor Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. Use a localized string from Torbutton for the app menu's "Downloading update" message. This is a temporary fix that can be removed once Tor Browser is based on Firefox 79 or newer (at which point the localized string will be included in the Firefox language packs). --- browser/app/Makefile.in | 2 + browser/app/profile/000-tor-browser.js | 16 +- browser/app/profile/firefox.js | 10 +- .../base/content/aboutDialog-appUpdater-legacy.js | 2 +- browser/base/content/aboutDialog-appUpdater.js | 2 +- browser/base/content/aboutDialog.js | 12 +- browser/components/BrowserContentHandler.jsm | 39 ++- .../customizableui/content/panelUI.inc.xhtml | 8 +- .../components/customizableui/content/panelUI.js | 22 ++ browser/confvars.sh | 35 +-- browser/installer/package-manifest.in | 2 + build/application.ini.in | 2 +- build/moz.configure/init.configure | 3 +- config/createprecomplete.py | 17 +- .../client/aboutdebugging/src/actions/runtimes.js | 5 + toolkit/modules/UpdateUtils.jsm | 34 +-- toolkit/mozapps/extensions/AddonManager.jsm | 24 ++ toolkit/mozapps/extensions/test/browser/head.js | 1 + .../extensions/test/xpcshell/head_addons.js | 1 + toolkit/mozapps/update/UpdateService.jsm | 127 +++++++- toolkit/mozapps/update/UpdateServiceStub.jsm | 4 + toolkit/mozapps/update/common/updatehelper.cpp | 8 + toolkit/mozapps/update/moz.build | 5 +- toolkit/mozapps/update/updater/launchchild_osx.mm | 2 + toolkit/mozapps/update/updater/moz.build | 2 +- toolkit/mozapps/update/updater/updater.cpp | 339 ++++++++++++++++++--- toolkit/xre/MacLaunchHelper.h | 2 + toolkit/xre/MacLaunchHelper.mm | 2 + toolkit/xre/nsAppRunner.cpp | 22 +- toolkit/xre/nsUpdateDriver.cpp | 109 ++++++- toolkit/xre/nsXREDirProvider.cpp | 42 ++- tools/update-packaging/common.sh | 76 +++-- tools/update-packaging/make_full_update.sh | 26 ++ tools/update-packaging/make_incremental_update.sh | 74 ++++- 34 files changed, 912 insertions(+), 165 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 6770319f1866..7263b8e1dde7 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -98,10 +98,12 @@ tools repackage:: $(DIST)/bin/$(MOZ_APP_NAME) rsync -aL $(DIST)/bin/$(MOZ_APP_NAME) '$(dist_dest)/Contents/MacOS' cp -RL $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/firefox.icns '$(dist_dest)/Contents/Resources/firefox.icns' cp -RL $(topsrcdir)/$(MOZ_BRANDING_DIRECTORY)/document.icns '$(dist_dest)/Contents/Resources/document.icns' +ifndef TOR_BROWSER_UPDATE $(MKDIR) -p '$(dist_dest)/Contents/Library/LaunchServices' ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' +endif endif printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 3b3bbfd1889b..5ebb6c56fe24 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -7,7 +7,6 @@ // Disable initial homepage notifications pref("browser.search.update", false); pref("browser.rights.3.shown", true); -pref("browser.startup.homepage_override.mstone", "ignore"); pref("startup.homepage_welcome_url", ""); pref("startup.homepage_welcome_url.additional", ""); @@ -20,9 +19,17 @@ pref("startup.homepage_override_url", "https://blog.torproject.org/category/tags // Try to nag a bit more about updates: Pop up a restart dialog an hour after the initial dialog pref("app.update.promptWaitTime", 3600); - -#ifdef XP_WIN -// For now, disable staged updates on Windows (see #18292). +pref("app.update.notifyDuringDownload", true); +pref("app.update.url.manual", "https://www.torproject.org/download/languages/"); +pref("app.update.url.details", "https://www.torproject.org/download/"); +pref("app.update.badgeWaitTime", 0); +pref("app.releaseNotesURL", "about:blank"); + +#ifndef XP_MACOSX +// Disable staged updates on platforms other than macOS. +// Staged updates do not work on Windows due to #18292. +// Also, on Windows and Linux any changes that are made to the browser profile +// or Tor data after an update is staged will be lost. pref("app.update.staging.enabled", false); #endif @@ -82,6 +89,7 @@ pref("datareporting.policy.dataSubmissionEnabled", false); // Make sure Unified Telemetry is really disabled, see: #18738. pref("toolkit.telemetry.unified", false); pref("toolkit.telemetry.enabled", false); +pref("toolkit.telemetry.updatePing.enabled", false); // Make sure updater telemetry is disabled; see #25909. #ifdef XP_WIN // Defense-in-depth: ensure that the Windows default browser agent will // not ping Mozilla if it is somehow present (we omit it at build time). diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index b04fd2dd30f0..fb2d10c0a305 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -136,14 +136,8 @@ pref("app.update.elevation.promptMaxAttempts", 2); pref("app.update.notifyDuringDownload", false); // If set to true, the Update Service will automatically download updates if the -// user can apply updates. This pref is no longer used on Windows, except as the -// default value to migrate to the new location that this data is now stored -// (which is in a file in the update directory). Because of this, this pref -// should no longer be used directly. Instead, getAppUpdateAutoEnabled and -// getAppUpdateAutoEnabled from UpdateUtils.jsm should be used. -#ifndef XP_WIN - pref("app.update.auto", true); -#endif +// user can apply updates. +pref("app.update.auto", true); // If set to true, the Update Service will apply updates in the background // when it finishes downloading them. diff --git a/browser/base/content/aboutDialog-appUpdater-legacy.js b/browser/base/content/aboutDialog-appUpdater-legacy.js index 0629e8eaf41a..9f96e2263295 100644 --- a/browser/base/content/aboutDialog-appUpdater-legacy.js +++ b/browser/base/content/aboutDialog-appUpdater-legacy.js @@ -192,7 +192,7 @@ appUpdater.prototype = { if (aChildID == "downloadAndInstall") { let updateVersion = gAppUpdater.update.displayVersion; // Include the build ID if this is an "a#" (nightly or aurora) build - if (/a\d+$/.test(updateVersion)) { + if (!AppConstants.TOR_BROWSER_UPDATE && /a\d+$/.test(updateVersion)) { let buildID = gAppUpdater.update.buildID; let year = buildID.slice(0, 4); let month = buildID.slice(4, 6); diff --git a/browser/base/content/aboutDialog-appUpdater.js b/browser/base/content/aboutDialog-appUpdater.js index 79828e5a279f..71de80626b89 100644 --- a/browser/base/content/aboutDialog-appUpdater.js +++ b/browser/base/content/aboutDialog-appUpdater.js @@ -147,7 +147,7 @@ appUpdater.prototype = { if (aChildID == "downloadAndInstall") { let updateVersion = gAppUpdater.update.displayVersion; // Include the build ID if this is an "a#" (nightly or aurora) build - if (/a\d+$/.test(updateVersion)) { + if (!AppConstants.TOR_BROWSER_UPDATE && /a\d+$/.test(updateVersion)) { let buildID = gAppUpdater.update.buildID; let year = buildID.slice(0, 4); let month = buildID.slice(4, 6); diff --git a/browser/base/content/aboutDialog.js b/browser/base/content/aboutDialog.js index 19f0d6f16c6c..13dfe0e37ca2 100644 --- a/browser/base/content/aboutDialog.js +++ b/browser/base/content/aboutDialog.js @@ -50,15 +50,13 @@ async function init(aEvent) { bits: Services.appinfo.is64Bit ? 64 : 32, }; + // Adjust version text to show the Tor Browser version + versionAttributes.version = AppConstants.TOR_BROWSER_VERSION + + " (based on Mozilla Firefox " + + AppConstants.MOZ_APP_VERSION_DISPLAY + ")"; + let version = Services.appinfo.version; if (/a\d+$/.test(version)) { - versionId = "aboutDialog-version-nightly"; - let buildID = Services.appinfo.appBuildID; - let year = buildID.slice(0, 4); - let month = buildID.slice(4, 6); - let day = buildID.slice(6, 8); - versionAttributes.isodate = `${year}-${month}-${day}`; - document.getElementById("experimental").hidden = false; document.getElementById("communityDesc").hidden = true; } diff --git a/browser/components/BrowserContentHandler.jsm b/browser/components/BrowserContentHandler.jsm index 8d5c4e970cd9..9f5b6ab0218c 100644 --- a/browser/components/BrowserContentHandler.jsm +++ b/browser/components/BrowserContentHandler.jsm @@ -46,6 +46,8 @@ XPCOMUtils.defineLazyGlobalGetters(this, [URL]); const NEWINSTALL_PAGE = "about:newinstall"; +const kTBSavedVersionPref = "browser.startup.homepage_override.torbrowser.version"; + // One-time startup homepage override configurations const ONCE_DOMAINS = ["mozilla.org", "firefox.com"]; const ONCE_PREF = "browser.startup.homepage_override.once"; @@ -105,7 +107,8 @@ const OVERRIDE_ALTERNATE_PROFILE = 4; * Returns: * OVERRIDE_NEW_PROFILE if this is the first run with a new profile. * OVERRIDE_NEW_MSTONE if this is the first run with a build with a different - * Gecko milestone (i.e. right after an upgrade). + * Gecko milestone or Tor Browser version (i.e. right + * after an upgrade). * OVERRIDE_NEW_BUILD_ID if this is the first run with a new build ID of the * same Gecko milestone (i.e. after a nightly upgrade). * OVERRIDE_NONE otherwise. @@ -128,6 +131,11 @@ function needHomepageOverride(prefb) { var mstone = Services.appinfo.platformVersion; + var savedTBVersion = null; + try { + savedTBVersion = prefb.getCharPref(kTBSavedVersionPref); + } catch (e) {} + var savedBuildID = prefb.getCharPref( "browser.startup.homepage_override.buildID", "" @@ -146,7 +154,22 @@ function needHomepageOverride(prefb) { prefb.setCharPref("browser.startup.homepage_override.mstone", mstone); prefb.setCharPref("browser.startup.homepage_override.buildID", buildID); - return savedmstone ? OVERRIDE_NEW_MSTONE : OVERRIDE_NEW_PROFILE; + prefb.setCharPref(kTBSavedVersionPref, AppConstants.TOR_BROWSER_VERSION); + + // After an upgrade from an older release of Tor Browser (<= 5.5a1), the + // savedmstone will be undefined because those releases included the + // value "ignore" for the browser.startup.homepage_override.mstone pref. + // To correctly detect an upgrade vs. a new profile, we check for the + // presence of the "app.update.postupdate" pref. + let updated = prefb.prefHasUserValue("app.update.postupdate"); + return (savedmstone || updated) ? OVERRIDE_NEW_MSTONE + : OVERRIDE_NEW_PROFILE; + } + + if (AppConstants.TOR_BROWSER_VERSION != savedTBVersion) { + prefb.setCharPref("browser.startup.homepage_override.buildID", buildID); + prefb.setCharPref(kTBSavedVersionPref, AppConstants.TOR_BROWSER_VERSION); + return OVERRIDE_NEW_MSTONE; } if (buildID != savedBuildID) { @@ -645,6 +668,13 @@ nsBrowserContentHandler.prototype = { "browser.startup.homepage_override.buildID", "unknown" ); + + // We do the same for the Tor Browser version. + let old_tbversion = null; + try { + old_tbversion = prefb.getCharPref(kTBSavedVersionPref); + } catch (e) {} + override = needHomepageOverride(prefb); if (override != OVERRIDE_NONE) { switch (override) { @@ -677,9 +707,10 @@ nsBrowserContentHandler.prototype = { "startup.homepage_override_url" ); let update = UpdateManager.activeUpdate; + let old_version = old_tbversion ? old_tbversion: old_mstone; if ( update && - Services.vc.compare(update.appVersion, old_mstone) > 0 + Services.vc.compare(update.appVersion, old_version) > 0 ) { overridePage = getPostUpdateOverridePage(update, overridePage); // Send the update ping to signal that the update was successful. @@ -687,6 +718,8 @@ nsBrowserContentHandler.prototype = { } overridePage = overridePage.replace("%OLD_VERSION%", old_mstone); + overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%", + old_tbversion); break; case OVERRIDE_NEW_BUILD_ID: if (UpdateManager.activeUpdate) { diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index bdb8a7c227cf..719eee14e681 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -143,14 +143,15 @@ <popupnotification id="appMenu-update-restart-notification" popupid="update-restart" data-lazy-l10n-id="appmenu-update-restart" - data-l10n-attrs="buttonlabel, buttonaccesskey, secondarybuttonlabel, secondarybuttonaccesskey" + data-l10n-attrs="buttonaccesskey, secondarybuttonlabel, secondarybuttonaccesskey" + buttonlabel="&updateRestart.panelUI.label2;" closebuttonhidden="true" dropmarkerhidden="true" checkboxhidden="true" buttonhighlight="true" hidden="true"> <popupnotificationcontent id="update-restart-notification-content" orient="vertical"> - <description id="update-restart-description" data-lazy-l10n-id="appmenu-update-restart-message"></description> + <description id="update-restart-description"> </description> </popupnotificationcontent> </popupnotification> @@ -223,8 +224,7 @@ <vbox class="panel-subview-body"> <vbox id="appMenu-addon-banners"/> <toolbarbutton id="appMenu-update-banner" class="panel-banner-item" - data-l10n-id="appmenuitem-update-banner" - data-l10n-attrs="label-update-downloading" + label-update-downloading="Downloading update" label-update-available="&updateAvailable.panelUI.label;" label-update-manual="&updateManual.panelUI.label;" label-update-unsupported="&updateUnsupported.panelUI.label;" diff --git a/browser/components/customizableui/content/panelUI.js b/browser/components/customizableui/content/panelUI.js index a81be30f3ec7..1f1d39aa23ec 100644 --- a/browser/components/customizableui/content/panelUI.js +++ b/browser/components/customizableui/content/panelUI.js @@ -59,6 +59,7 @@ const PanelUI = { init() { this._initElements(); + this._initUpdaterStrings(); this.menuButton.addEventListener("mousedown", this); this.menuButton.addEventListener("keypress", this); @@ -147,6 +148,27 @@ const PanelUI = { } }, + _initUpdaterStrings() { + // If Torbutton is installed and enabled, replace the "Downloading update" + // string with one from torbutton.properties (to facilitate localization). + // This function can be removed when Tor Browser is based on Firefox 79 + // or newer (where the localized string is included in the Firefox + // language packs). + try { + let brands = Services.strings.createBundle( + "chrome://branding/locale/brand.properties"); + let stringArgs = [brands.GetStringFromName("brandShortName")]; + let torbuttonBundle = Services.strings.createBundle( + "chrome://torbutton/locale/torbutton.properties"); + let label = torbuttonBundle.formatStringFromName( + "updateDownloadingPanelUILabel", stringArgs, 1); + let elem = document.getElementById("appMenu-update-banner"); + if (elem) { + elem.setAttribute("label-update-downloading", label); + } + } catch (e) {} + }, + _eventListenersAdded: false, _ensureEventListenersAdded() { if (this._eventListenersAdded) { diff --git a/browser/confvars.sh b/browser/confvars.sh index 31f28736606d..f994783f9c65 100755 --- a/browser/confvars.sh +++ b/browser/confvars.sh @@ -7,26 +7,6 @@ MOZ_APP_BASENAME=Firefox MOZ_APP_VENDOR=Mozilla MOZ_UPDATER=1 -if test "$OS_ARCH" = "WINNT"; then - if ! test "$HAVE_64BIT_BUILD"; then - if test "$MOZ_UPDATE_CHANNEL" = "nightly" -o \ - "$MOZ_UPDATE_CHANNEL" = "nightly-try" -o \ - "$MOZ_UPDATE_CHANNEL" = "aurora" -o \ - "$MOZ_UPDATE_CHANNEL" = "beta" -o \ - "$MOZ_UPDATE_CHANNEL" = "release"; then - if ! test "$MOZ_DEBUG"; then - if ! test "$USE_STUB_INSTALLER"; then - # Expect USE_STUB_INSTALLER from taskcluster for downstream task consistency - echo "ERROR: STUB installer expected to be enabled but" - echo "ERROR: USE_STUB_INSTALLER is not specified in the environment" - exit 1 - fi - MOZ_STUB_INSTALLER=1 - fi - fi - fi -fi - BROWSER_CHROME_URL=chrome://browser/content/browser.xhtml # MOZ_APP_DISPLAYNAME will be set by branding/configure.sh @@ -39,6 +19,21 @@ MOZ_BRANDING_DIRECTORY=browser/branding/unofficial MOZ_OFFICIAL_BRANDING_DIRECTORY=browser/branding/official MOZ_APP_ID={ec8030f7-c20a-464f-9b0e-13a3a9e97384} +# ACCEPTED_MAR_CHANNEL_IDS should usually be the same as the value MAR_CHANNEL_ID. +# If more than one ID is needed, then you should use a comma separated list +# of values. +# The MAR_CHANNEL_ID must not contain the following 3 characters: ",\t " +if test "$MOZ_UPDATE_CHANNEL" = "alpha"; then + ACCEPTED_MAR_CHANNEL_IDS=torbrowser-torproject-alpha + MAR_CHANNEL_ID=torbrowser-torproject-alpha +elif test "$MOZ_UPDATE_CHANNEL" = "nightly"; then + ACCEPTED_MAR_CHANNEL_IDS=torbrowser-torproject-nightly + MAR_CHANNEL_ID=torbrowser-torproject-nightly +else + ACCEPTED_MAR_CHANNEL_IDS=torbrowser-torproject-release + MAR_CHANNEL_ID=torbrowser-torproject-release +fi + MOZ_PROFILE_MIGRATOR=1 # Include the DevTools client, not just the server (which is the default) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 3722bf2ee22b..792acb870afa 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -36,8 +36,10 @@ ; Mac bundle stuff @APPNAME@/Contents/Info.plist #ifdef MOZ_UPDATER +#ifndef TOR_BROWSER_UPDATE @APPNAME@/Contents/Library/LaunchServices #endif +#endif @APPNAME@/Contents/PkgInfo @RESPATH@/firefox.icns @RESPATH@/document.icns diff --git a/build/application.ini.in b/build/application.ini.in index a6141de0be15..96faf3775588 100644 --- a/build/application.ini.in +++ b/build/application.ini.in @@ -52,5 +52,5 @@ ServerURL=https://crash-reports.mozilla.com/submit?id=@MOZ_APP_ID@&version=… #if MOZ_UPDATER [AppUpdate] -URL=https://@MOZ_APPUPDATE_HOST@/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml +URL=https://aus1.torproject.org/torbrowser/update_3/%CHANNEL%/%BUILD_TARGET%/%VERSION%/%LOCALE% #endif diff --git a/build/moz.configure/init.configure b/build/moz.configure/init.configure index b887153321ab..d02ed4303ec1 100644 --- a/build/moz.configure/init.configure +++ b/build/moz.configure/init.configure @@ -1161,7 +1161,6 @@ def version_path(path): # set RELEASE_OR_BETA and NIGHTLY_BUILD variables depending on the cycle we're in # The logic works like this: # - if we have "a1" in GRE_MILESTONE, we're building Nightly (define NIGHTLY_BUILD) -# - otherwise, if we have "a" in GRE_MILESTONE, we're building Nightly or Aurora # - otherwise, we're building Release/Beta (define RELEASE_OR_BETA) @depends(check_build_environment, build_project, version_path, '--help') @imports(_from='__builtin__', _import='open') @@ -1208,7 +1207,7 @@ def milestone(build_env, build_project, version_path, _): if 'a1' in milestone: is_nightly = True - elif 'a' not in milestone: + else: is_release_or_beta = True major_version = milestone.split('.')[0] diff --git a/config/createprecomplete.py b/config/createprecomplete.py index fadd796aa21f..73793c8e8b19 100644 --- a/config/createprecomplete.py +++ b/config/createprecomplete.py @@ -5,6 +5,7 @@ # update instructions which is used to remove files and directories that are no # longer present in a complete update. The current working directory is used for # the location to enumerate and to create the precomplete file. +# For symlinks, remove instructions are always generated. from __future__ import absolute_import from __future__ import unicode_literals @@ -13,9 +14,17 @@ import os import io +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove all lines in this file that contain: +# TorBrowser/Data + def get_build_entries(root_path): """ Iterates through the root_path, creating a list for each file and directory. Excludes any file paths ending with channel-prefs.js. + To support Tor Browser updates, excludes: + TorBrowser/Data/Browser/profiles.ini + TorBrowser/Data/Browser/profile.default/bookmarks.html + TorBrowser/Data/Tor/torrc """ rel_file_path_set = set() rel_dir_path_set = set() @@ -26,6 +35,9 @@ def get_build_entries(root_path): rel_path_file = rel_path_file.replace("\\", "/") if not (rel_path_file.endswith("channel-prefs.js") or rel_path_file.endswith("update-settings.ini") or + rel_path_file == "TorBrowser/Data/Browser/profiles.ini" or + rel_path_file == "TorBrowser/Data/Browser/profile.default/bookmarks.html" or + rel_path_file == "TorBrowser/Data/Tor/torrc" or rel_path_file.find("distribution/") != -1): rel_file_path_set.add(rel_path_file) @@ -34,7 +46,10 @@ def get_build_entries(root_path): rel_path_dir = os.path.join(parent_dir_rel_path, dir_name) rel_path_dir = rel_path_dir.replace("\\", "/")+"/" if rel_path_dir.find("distribution/") == -1: - rel_dir_path_set.add(rel_path_dir) + if (os.path.islink(rel_path_dir[:-1])): + rel_file_path_set.add(rel_path_dir[:-1]) + else: + rel_dir_path_set.add(rel_path_dir) rel_file_path_list = list(rel_file_path_set) rel_file_path_list.sort(reverse=True) diff --git a/devtools/client/aboutdebugging/src/actions/runtimes.js b/devtools/client/aboutdebugging/src/actions/runtimes.js index b96f93e244b7..4c1e87a0818a 100644 --- a/devtools/client/aboutdebugging/src/actions/runtimes.js +++ b/devtools/client/aboutdebugging/src/actions/runtimes.js @@ -70,6 +70,11 @@ async function getRuntimeIcon(runtime, channel) { } } + // Use the release build skin for devtools within Tor Browser alpha releases. + if (channel === "alpha") { + return "chrome://devtools/skin/images/aboutdebugging-firefox-release.svg"; + } + return channel === "release" || channel === "beta" || channel === "aurora" ? `chrome://devtools/skin/images/aboutdebugging-firefox-${channel}.svg` : "chrome://devtools/skin/images/aboutdebugging-firefox-nightly.svg"; diff --git a/toolkit/modules/UpdateUtils.jsm b/toolkit/modules/UpdateUtils.jsm index d2b695b47442..883928472732 100644 --- a/toolkit/modules/UpdateUtils.jsm +++ b/toolkit/modules/UpdateUtils.jsm @@ -103,7 +103,7 @@ var UpdateUtils = { case "PRODUCT": return Services.appinfo.name; case "VERSION": - return Services.appinfo.version; + return AppConstants.TOR_BROWSER_VERSION; case "BUILD_ID": return Services.appinfo.appBuildID; case "BUILD_TARGET": @@ -167,25 +167,17 @@ var UpdateUtils = { * downloads and installs updates. This corresponds to whether or not the user * has selected "Automatically install updates" in about:preferences. * - * On Windows, this setting is shared across all profiles for the installation + * On Windows (except in Tor Browser), this setting is shared across all profiles + * for the installation * and is read asynchronously from the file. On other operating systems, this * setting is stored in a pref and is thus a per-profile setting. * * @return A Promise that resolves with a boolean. */ getAppUpdateAutoEnabled() { - if (Services.policies) { - if (!Services.policies.isAllowed("app-auto-updates-off")) { - // We aren't allowed to turn off auto-update - it is forced on. - return Promise.resolve(true); - } - if (!Services.policies.isAllowed("app-auto-updates-on")) { - // We aren't allowed to turn on auto-update - it is forced off. - return Promise.resolve(false); - } - } - if (AppConstants.platform != "win") { - // On platforms other than Windows the setting is stored in a preference. + if (AppConstants.TOR_BROWSER_UPDATE || (AppConstants.platform != "win")) { + // On platforms other than Windows and always in Tor Browser the setting + // is stored in a preference. let prefValue = Services.prefs.getBoolPref( PREF_APP_UPDATE_AUTO, DEFAULT_APP_UPDATE_AUTO @@ -256,7 +248,8 @@ var UpdateUtils = { * updates" and "Check for updates but let you choose to install them" options * in about:preferences. * - * On Windows, this setting is shared across all profiles for the installation + * On Windows (except in Tor Browser), this setting is shared across all profiles + * for the installation * and is written asynchronously to the file. On other operating systems, this * setting is stored in a pref and is thus a per-profile setting. * @@ -276,14 +269,9 @@ var UpdateUtils = { * this operation simply sets a pref. */ setAppUpdateAutoEnabled(enabledValue) { - if (this.appUpdateAutoSettingIsLocked()) { - return Promise.reject( - "setAppUpdateAutoEnabled: Unable to change value of setting because " + - "it is locked by policy" - ); - } - if (AppConstants.platform != "win") { - // Only in Windows do we store the update config in the update directory + if (AppConstants.TOR_BROWSER_UPDATE || (AppConstants.platform != "win")) { + // Only in Windows (but never for Tor Browser) do we store the update config + // in the update directory let prefValue = !!enabledValue; Services.prefs.setBoolPref(PREF_APP_UPDATE_AUTO, prefValue); // Rather than call maybeUpdateAutoConfigChanged, a pref observer has diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm index 3b8df7bf70aa..8a46ae03951a 100644 --- a/toolkit/mozapps/extensions/AddonManager.jsm +++ b/toolkit/mozapps/extensions/AddonManager.jsm @@ -23,6 +23,7 @@ const { AppConstants } = ChromeUtils.import( const MOZ_COMPATIBILITY_NIGHTLY = ![ "aurora", + "alpha", "beta", "release", "esr", @@ -37,6 +38,7 @@ const PREF_EM_AUTOUPDATE_DEFAULT = "extensions.update.autoUpdateDefault"; const PREF_EM_STRICT_COMPATIBILITY = "extensions.strictCompatibility"; const PREF_EM_CHECK_UPDATE_SECURITY = "extensions.checkUpdateSecurity"; const PREF_SYS_ADDON_UPDATE_ENABLED = "extensions.systemAddon.update.enabled"; +const PREF_EM_LAST_TORBROWSER_VERSION = "extensions.lastTorBrowserVersion"; const PREF_MIN_WEBEXT_PLATFORM_VERSION = "extensions.webExtensionsMinPlatformVersion"; @@ -682,6 +684,28 @@ var AddonManagerInternal = { ); } + // To ensure that extension and plugin code gets a chance to run + // after each browser update, set appChanged = true when the + // Tor Browser version has changed even if the Mozilla app + // version has not changed. + let tbChanged = undefined; + try { + tbChanged = AppConstants.TOR_BROWSER_VERSION != + Services.prefs.getCharPref(PREF_EM_LAST_TORBROWSER_VERSION); + } + catch (e) { } + if (tbChanged !== false) { + // Because PREF_EM_LAST_TORBROWSER_VERSION was not present in older + // versions of Tor Browser, an app change is indicated when tbChanged + // is undefined or true. + if (appChanged === false) { + appChanged = true; + } + + Services.prefs.setCharPref(PREF_EM_LAST_TORBROWSER_VERSION, + AppConstants.TOR_BROWSER_VERSION); + } + if (!MOZ_COMPATIBILITY_NIGHTLY) { PREF_EM_CHECK_COMPATIBILITY = PREF_EM_CHECK_COMPATIBILITY_BASE + diff --git a/toolkit/mozapps/extensions/test/browser/head.js b/toolkit/mozapps/extensions/test/browser/head.js index fddea608fcad..745fdaca6735 100644 --- a/toolkit/mozapps/extensions/test/browser/head.js +++ b/toolkit/mozapps/extensions/test/browser/head.js @@ -43,6 +43,7 @@ var PREF_CHECK_COMPATIBILITY; var channel = Services.prefs.getCharPref("app.update.channel", "default"); if ( channel != "aurora" && + channel != "alpha" && channel != "beta" && channel != "release" && channel != "esr" diff --git a/toolkit/mozapps/extensions/test/xpcshell/head_addons.js b/toolkit/mozapps/extensions/test/xpcshell/head_addons.js index ee5d06f16d49..adb43b70c301 100644 --- a/toolkit/mozapps/extensions/test/xpcshell/head_addons.js +++ b/toolkit/mozapps/extensions/test/xpcshell/head_addons.js @@ -379,6 +379,7 @@ function isNightlyChannel() { return ( channel != "aurora" && + channel != "alpha" && channel != "beta" && channel != "release" && channel != "esr" diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index ead961ab5252..2c565cecadd7 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -32,11 +32,15 @@ XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser", "XMLHttpRequest"]); XPCOMUtils.defineLazyModuleGetters(this, { AsyncShutdown: "resource://gre/modules/AsyncShutdown.jsm", CertUtils: "resource://gre/modules/CertUtils.jsm", +#ifdef XP_WIN ctypes: "resource://gre/modules/ctypes.jsm", +#endif DeferredTask: "resource://gre/modules/DeferredTask.jsm", OS: "resource://gre/modules/osfile.jsm", UpdateUtils: "resource://gre/modules/UpdateUtils.jsm", +#if !defined(TOR_BROWSER_UPDATE) WindowsRegistry: "resource://gre/modules/WindowsRegistry.jsm", +#endif }); const UPDATESERVICE_CID = Components.ID( @@ -296,6 +300,7 @@ function testWriteAccess(updateTestFile, createDirectory) { updateTestFile.remove(false); } +#ifdef XP_WIN /** * Windows only function that closes a Win32 handle. * @@ -388,6 +393,7 @@ function getPerInstallationMutexName(aGlobal = true) { (aGlobal ? "Global\\" : "") + "MozillaUpdateMutex-" + hasher.finish(true) ); } +#endif /** * Whether or not the current instance has the update mutex. The update mutex @@ -398,6 +404,7 @@ function getPerInstallationMutexName(aGlobal = true) { * @return true if this instance holds the update mutex */ function hasUpdateMutex() { +#ifdef XP_WIN if (AppConstants.platform != "win") { return true; } @@ -405,6 +412,9 @@ function hasUpdateMutex() { gUpdateMutexHandle = createMutex(getPerInstallationMutexName(true), false); } return !!gUpdateMutexHandle; +#else + return true; +#endif } /** @@ -435,6 +445,11 @@ function areDirectoryEntriesWriteable(aDir) { * @return true if elevation is required, false otherwise */ function getElevationRequired() { +#if defined(TOR_BROWSER_UPDATE) + // To avoid potential security holes associated with running the updater + // process with elevated privileges, Tor Browser does not support elevation. + return false; +#else if (AppConstants.platform != "macosx") { return false; } @@ -469,6 +484,7 @@ function getElevationRequired() { "not required" ); return false; +#endif } /** @@ -501,6 +517,7 @@ function getCanApplyUpdates() { return false; } +#if !defined(TOR_BROWSER_UPDATE) if (AppConstants.platform == "macosx") { LOG( "getCanApplyUpdates - bypass the write since elevation can be used " + @@ -516,6 +533,7 @@ function getCanApplyUpdates() { ); return true; } +#endif try { if (AppConstants.platform == "win") { @@ -1203,6 +1221,9 @@ function handleUpdateFailure(update, errorCode) { cancelations++; Services.prefs.setIntPref(PREF_APP_UPDATE_CANCELATIONS, cancelations); if (AppConstants.platform == "macosx") { +#if defined(TOR_BROWSER_UPDATE) + cleanupActiveUpdate(); +#else let osxCancelations = Services.prefs.getIntPref( PREF_APP_UPDATE_CANCELATIONS_OSX, 0 @@ -1226,6 +1247,7 @@ function handleUpdateFailure(update, errorCode) { (update.state = STATE_PENDING_ELEVATE) ); } +#endif update.statusText = gUpdateBundle.GetStringFromName("elevationFailure"); } else { writeStatusFile(getUpdatesDir(), (update.state = STATE_PENDING)); @@ -1752,7 +1774,26 @@ function Update(update) { this._patches.push(patch); } - if (!this._patches.length && !update.hasAttribute("unsupported")) { + if (update.hasAttribute("unsupported")) { + this.unsupported = ("true" == update.getAttribute("unsupported")); + } else if (update.hasAttribute("minSupportedOSVersion")) { + let minOSVersion = update.getAttribute("minSupportedOSVersion"); + try { + let osVersion = Services.sysinfo.getProperty("version"); + this.unsupported = (Services.vc.compare(osVersion, minOSVersion) < 0); + } catch (e) {} + } + if (!this.unsupported && update.hasAttribute("minSupportedInstructionSet")) { + let minInstructionSet = update.getAttribute("minSupportedInstructionSet"); + if (['MMX', 'SSE', 'SSE2', 'SSE3', + 'SSE4A', 'SSE4_1', 'SSE4_2'].indexOf(minInstructionSet) >= 0) { + try { + this.unsupported = !Services.sysinfo.getProperty("has" + minInstructionSet); + } catch (e) {} + } + } + + if (!this._patches.length && !this.unsupported) { throw Components.Exception("", Cr.NS_ERROR_ILLEGAL_VALUE); } @@ -1790,9 +1831,7 @@ function Update(update) { if (!isNaN(attr.value)) { this.promptWaitTime = parseInt(attr.value); } - } else if (attr.name == "unsupported") { - this.unsupported = attr.value == "true"; - } else { + } else if (attr.name != "unsupported") { switch (attr.name) { case "appVersion": case "buildID": @@ -1817,7 +1856,11 @@ function Update(update) { } if (!this.previousAppVersion) { +#ifdef TOR_BROWSER_UPDATE + this.previousAppVersion = AppConstants.TOR_BROWSER_VERSION; +#else this.previousAppVersion = Services.appinfo.version; +#endif } if (!this.elevationFailure) { @@ -2200,6 +2243,7 @@ UpdateService.prototype = { Services.obs.removeObserver(this, topic); Services.prefs.removeObserver(PREF_APP_UPDATE_LOG, this); +#ifdef XP_WIN if (AppConstants.platform == "win" && gUpdateMutexHandle) { // If we hold the update mutex, let it go! // The OS would clean this up sometime after shutdown, @@ -2207,6 +2251,7 @@ UpdateService.prototype = { closeHandle(gUpdateMutexHandle); gUpdateMutexHandle = null; } +#endif if (this._retryTimer) { this._retryTimer.cancel(); } @@ -2240,6 +2285,7 @@ UpdateService.prototype = { } break; case "test-close-handle-update-mutex": +#ifdef XP_WIN if (Cu.isInAutomation) { if (AppConstants.platform == "win" && gUpdateMutexHandle) { LOG("UpdateService:observe - closing mutex handle for testing"); @@ -2247,6 +2293,7 @@ UpdateService.prototype = { gUpdateMutexHandle = null; } } +#endif break; } }, @@ -2277,6 +2324,9 @@ UpdateService.prototype = { return; } gUpdateFileWriteInfo = { phase: "startup", failure: false }; +#if defined(TOR_BROWSER_UPDATE) && !defined(XP_MACOSX) + this._removeOrphanedTorBrowserFiles(); +#endif if (!this.canCheckForUpdates) { LOG( "UpdateService:_postUpdateProcessing - unable to check for " + @@ -2513,6 +2563,42 @@ UpdateService.prototype = { } }, +#if defined(TOR_BROWSER_UPDATE) && !defined(XP_MACOSX) + /** + * When updating from an earlier version to Tor Browser 6.0 or later, old + * update info files are left behind on Linux and Windows. Remove them. + */ + _removeOrphanedTorBrowserFiles: function AUS__removeOrphanedTorBrowserFiles() { + try { + let oldUpdateInfoDir = getAppBaseDir(); // aka the Browser directory. + +#ifdef XP_WIN + // On Windows, the updater files were stored under + // Browser/TorBrowser/Data/Browser/Caches/firefox/ + oldUpdateInfoDir.appendRelativePath( + "TorBrowser\\Data\\Browser\\Caches\\firefox"); +#endif + + // Remove the updates directory. + let updatesDir = oldUpdateInfoDir.clone(); + updatesDir.append("updates"); + if (updatesDir.exists() && updatesDir.isDirectory()) { + updatesDir.remove(true); + } + + // Remove files: active-update.xml and updates.xml + let filesToRemove = [ "active-update.xml", "updates.xml" ]; + filesToRemove.forEach(function(aFileName) { + let f = oldUpdateInfoDir.clone(); + f.append(aFileName); + if (f.exists()) { + f.remove(false); + } + }); + } catch (e) {} + }, +#endif + /** * Register an observer when the network comes online, so we can short-circuit * the app.update.interval when there isn't connectivity @@ -2873,9 +2959,14 @@ UpdateService.prototype = { updates.forEach(function(aUpdate) { // Ignore updates for older versions of the application and updates for // the same version of the application with the same build ID. - if ( - vc.compare(aUpdate.appVersion, Services.appinfo.version) < 0 || - (vc.compare(aUpdate.appVersion, Services.appinfo.version) == 0 && +#ifdef TOR_BROWSER_UPDATE + let compatVersion = AppConstants.TOR_BROWSER_VERSION; +#else + let compatVersion = Services.appinfo.version; +#endif + let rc = vc.compare(aUpdate.appVersion, compatVersion); + if (rc < 0 || + (rc == 0 && aUpdate.buildID == Services.appinfo.appBuildID) ) { LOG( @@ -3228,20 +3319,32 @@ UpdateService.prototype = { // current application's version or the update's version is the same as the // application's version and the build ID is the same as the application's // build ID. +#ifdef TOR_BROWSER_UPDATE + let compatVersion = AppConstants.TOR_BROWSER_VERSION; +#else + let compatVersion = Services.appinfo.version; +#endif if ( update.appVersion && - (Services.vc.compare(update.appVersion, Services.appinfo.version) < 0 || + (Services.vc.compare(update.appVersion, compatVersion) < 0 || (update.buildID && update.buildID == Services.appinfo.appBuildID && - update.appVersion == Services.appinfo.version)) + update.appVersion == compatVersion)) ) { LOG( "UpdateService:downloadUpdate - canceling download of update since " + "it is for an earlier or same application version and build ID.\n" + +#ifdef TOR_BROWSER_UPDATE + "current Tor Browser version: " + + compatVersion + + "\n" + + "update Tor Browser version : " + +#else "current application version: " + - Services.appinfo.version + + compatVersion + "\n" + "update application version : " + +#endif update.appVersion + "\n" + "current build ID: " + @@ -3819,6 +3922,7 @@ Checker.prototype = { */ _callback: null, +#if !defined(TOR_BROWSER_UPDATE) _getCanMigrate: function UC__getCanMigrate() { if (AppConstants.platform != "win") { return false; @@ -3888,6 +3992,7 @@ Checker.prototype = { LOG("Checker:_getCanMigrate - no registry entries for this installation"); return false; }, +#endif // !defined(TOR_BROWSER_UPDATE) /** * The URL of the update service XML file to connect to that contains details @@ -3916,9 +4021,11 @@ Checker.prototype = { url += (url.includes("?") ? "&" : "?") + "force=1"; } +#if !defined(TOR_BROWSER_UPDATE) if (this._getCanMigrate()) { url += (url.includes("?") ? "&" : "?") + "mig64=1"; } +#endif LOG("Checker:getUpdateURL - update URL: " + url); return url; diff --git a/toolkit/mozapps/update/UpdateServiceStub.jsm b/toolkit/mozapps/update/UpdateServiceStub.jsm index 9524a8f61bfa..d44d0f9d7ad1 100644 --- a/toolkit/mozapps/update/UpdateServiceStub.jsm +++ b/toolkit/mozapps/update/UpdateServiceStub.jsm @@ -78,8 +78,12 @@ function UpdateServiceStub() { // contains the status file's path // We may need to migrate update data + // In Tor Browser we skip this because we do not use an update agent and we + // do not want to store any data outside of the browser installation directory. + // For more info, see https://bugzilla.mozilla.org/show_bug.cgi?id=1458314 if ( AppConstants.platform == "win" && + !AppConstants.TOR_BROWSER_UPDATE && !Services.prefs.getBoolPref(prefUpdateDirMigrated, false) ) { migrateUpdateDirectory(); diff --git a/toolkit/mozapps/update/common/updatehelper.cpp b/toolkit/mozapps/update/common/updatehelper.cpp index b094d9eb75e9..b9d45c70c3d3 100644 --- a/toolkit/mozapps/update/common/updatehelper.cpp +++ b/toolkit/mozapps/update/common/updatehelper.cpp @@ -66,6 +66,13 @@ BOOL PathGetSiblingFilePath(LPWSTR destinationBuffer, LPCWSTR siblingFilePath, * @return TRUE if successful */ BOOL GetSecureOutputDirectoryPath(LPWSTR outBuf) { +# ifdef TOR_BROWSER_UPDATE + // This function is used to support the maintenance service and elevated + // updates and is therefore not called by Tor Browser's updater. We stub + // it out to avoid any chance that the Tor Browser updater will create + // files under C:\Program Files (x86)\ or a similar location. + return FALSE; +# else PWSTR progFilesX86; if (FAILED(SHGetKnownFolderPath(FOLDERID_ProgramFilesX86, KF_FLAG_CREATE, nullptr, &progFilesX86))) { @@ -99,6 +106,7 @@ BOOL GetSecureOutputDirectoryPath(LPWSTR outBuf) { } return TRUE; +# endif } /** diff --git a/toolkit/mozapps/update/moz.build b/toolkit/mozapps/update/moz.build index ddfda4571c31..d0c93895c1ec 100644 --- a/toolkit/mozapps/update/moz.build +++ b/toolkit/mozapps/update/moz.build @@ -22,11 +22,14 @@ EXTRA_COMPONENTS += [ EXTRA_JS_MODULES += [ 'UpdateListener.jsm', - 'UpdateService.jsm', 'UpdateServiceStub.jsm', 'UpdateTelemetry.jsm', ] +EXTRA_PP_JS_MODULES += [ + 'UpdateService.jsm', +] + XPCOM_MANIFESTS += [ 'components.conf', ] diff --git a/toolkit/mozapps/update/updater/launchchild_osx.mm b/toolkit/mozapps/update/updater/launchchild_osx.mm index 5544c8a9878b..a86c9ca23905 100644 --- a/toolkit/mozapps/update/updater/launchchild_osx.mm +++ b/toolkit/mozapps/update/updater/launchchild_osx.mm @@ -372,6 +372,7 @@ bool ObtainUpdaterArguments(int* argc, char*** argv) { @end +#ifndef TOR_BROWSER_UPDATE bool ServeElevatedUpdate(int argc, const char** argv) { MacAutoreleasePool pool; @@ -387,6 +388,7 @@ bool ServeElevatedUpdate(int argc, const char** argv) { [updater release]; return didSucceed; } +#endif bool IsOwnedByGroupAdmin(const char* aAppBundle) { MacAutoreleasePool pool; diff --git a/toolkit/mozapps/update/updater/moz.build b/toolkit/mozapps/update/updater/moz.build index a0eff9a3b7cd..ecc634c87037 100644 --- a/toolkit/mozapps/update/updater/moz.build +++ b/toolkit/mozapps/update/updater/moz.build @@ -49,7 +49,7 @@ xpcshell_cert.script = 'gen_cert_header.py:create_header' dep1_cert.script = 'gen_cert_header.py:create_header' dep2_cert.script = 'gen_cert_header.py:create_header' -if CONFIG['MOZ_UPDATE_CHANNEL'] in ('beta', 'release', 'esr'): +if CONFIG['MOZ_UPDATE_CHANNEL'] in ('alpha', 'beta', 'release', 'esr'): primary_cert.inputs += ['release_primary.der'] secondary_cert.inputs += ['release_secondary.der'] elif CONFIG['MOZ_UPDATE_CHANNEL'] in ('nightly', 'aurora', 'nightly-elm', diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 40b806b067e1..9a95c3b17761 100644 --- a/toolkit/mozapps/update/updater/updater.cpp +++ b/toolkit/mozapps/update/updater/updater.cpp @@ -16,7 +16,7 @@ * updatev3.manifest * ----------------- * method = "add" | "add-if" | "add-if-not" | "patch" | "patch-if" | - * "remove" | "rmdir" | "rmrfdir" | type + * "remove" | "rmdir" | "rmrfdir" | "addsymlink" | type * * 'add-if-not' adds a file if it doesn't exist. * @@ -78,7 +78,9 @@ bool IsRecursivelyWritable(const char* aPath); void LaunchChild(int argc, const char** argv); void LaunchMacPostProcess(const char* aAppBundle); bool ObtainUpdaterArguments(int* argc, char*** argv); +# ifndef TOR_BROWSER_UPDATE bool ServeElevatedUpdate(int argc, const char** argv); +# endif void SetGroupOwnershipAndPermissions(const char* aAppBundle); struct UpdateServerThreadArgs { int argc; @@ -475,9 +477,12 @@ static const NS_tchar* get_relative_path(const NS_tchar* fullpath) { * The line from the manifest that contains the path. * @param isdir * Whether the path is a directory path. Defaults to false. + * @param islinktarget + * Whether the path is a symbolic link target. Defaults to false. * @return valid filesystem path or nullptr if the path checks fail. */ -static NS_tchar* get_valid_path(NS_tchar** line, bool isdir = false) { +static NS_tchar* get_valid_path(NS_tchar** line, bool isdir = false, + bool islinktarget = false) { NS_tchar* path = mstrtok(kQuote, line); if (!path) { LOG(("get_valid_path: unable to determine path: " LOG_S, *line)); @@ -513,10 +518,12 @@ static NS_tchar* get_valid_path(NS_tchar** line, bool isdir = false) { path[NS_tstrlen(path) - 1] = NS_T('\0'); } - // Don't allow relative paths that resolve to a parent directory. - if (NS_tstrstr(path, NS_T("..")) != nullptr) { - LOG(("get_valid_path: paths must not contain '..': " LOG_S, path)); - return nullptr; + if (!islinktarget) { + // Don't allow relative paths that resolve to a parent directory. + if (NS_tstrstr(path, NS_T("..")) != nullptr) { + LOG(("get_valid_path: paths must not contain '..': " LOG_S, path)); + return nullptr; + } } return path; @@ -556,7 +563,7 @@ static void ensure_write_permissions(const NS_tchar* path) { (void)_wchmod(path, _S_IREAD | _S_IWRITE); #else struct stat fs; - if (!stat(path, &fs) && !(fs.st_mode & S_IWUSR)) { + if (!lstat(path, &fs) && !S_ISLNK(fs.st_mode) && !(fs.st_mode & S_IWUSR)) { (void)chmod(path, fs.st_mode | S_IWUSR); } #endif @@ -743,11 +750,9 @@ static int ensure_copy(const NS_tchar* path, const NS_tchar* dest) { return READ_ERROR; } -# ifdef XP_UNIX if (S_ISLNK(ss.st_mode)) { return ensure_copy_symlink(path, dest); } -# endif AutoFile infile(ensure_open(path, NS_T("rb"), ss.st_mode)); if (!infile) { @@ -834,12 +839,19 @@ static int ensure_copy_recursive(const NS_tchar* path, const NS_tchar* dest, return READ_ERROR; } -#ifdef XP_UNIX +#ifndef XP_WIN if (S_ISLNK(sInfo.st_mode)) { return ensure_copy_symlink(path, dest); } #endif +#ifdef XP_UNIX + // Ignore Unix domain sockets. See #20691. + if (S_ISSOCK(sInfo.st_mode)) { + return 0; + } +#endif + if (!S_ISDIR(sInfo.st_mode)) { return ensure_copy(path, dest); } @@ -896,7 +908,7 @@ static int rename_file(const NS_tchar* spath, const NS_tchar* dpath, } struct NS_tstat_t spathInfo; - rv = NS_tstat(spath, &spathInfo); + rv = NS_tlstat(spath, &spathInfo); // Get info about file or symlink. if (rv) { LOG(("rename_file: failed to read file status info: " LOG_S ", " "err: %d", @@ -904,7 +916,12 @@ static int rename_file(const NS_tchar* spath, const NS_tchar* dpath, return READ_ERROR; } - if (!S_ISREG(spathInfo.st_mode)) { +#ifdef XP_WIN + if (!S_ISREG(spathInfo.st_mode)) +#else + if (!S_ISREG(spathInfo.st_mode) && !S_ISLNK(spathInfo.st_mode)) +#endif + { if (allowDirs && !S_ISDIR(spathInfo.st_mode)) { LOG(("rename_file: path present, but not a file: " LOG_S ", err: %d", spath, errno)); @@ -913,7 +930,12 @@ static int rename_file(const NS_tchar* spath, const NS_tchar* dpath, LOG(("rename_file: proceeding to rename the directory")); } - if (!NS_taccess(dpath, F_OK)) { +#ifdef XP_WIN + if (!NS_taccess(dpath, F_OK)) +#else + if (!S_ISLNK(spathInfo.st_mode) && !NS_taccess(dpath, F_OK)) +#endif + { if (ensure_remove(dpath)) { LOG( ("rename_file: destination file exists and could not be " @@ -933,7 +955,7 @@ static int rename_file(const NS_tchar* spath, const NS_tchar* dpath, return OK; } -#ifdef XP_WIN +#if defined(XP_WIN) && !defined(TOR_BROWSER_UPDATE) // Remove the directory pointed to by path and all of its files and // sub-directories. If a file is in use move it to the tobedeleted directory // and attempt to schedule removal of the file on reboot @@ -1032,7 +1054,19 @@ static int backup_restore(const NS_tchar* path, const NS_tchar* relPath) { NS_tsnprintf(relBackup, sizeof(relBackup) / sizeof(relBackup[0]), NS_T("%s") BACKUP_EXT, relPath); - if (NS_taccess(backup, F_OK)) { + bool isLink = false; +#ifndef XP_WIN + struct stat linkInfo; + int rv = lstat(backup, &linkInfo); + if (rv) { + LOG(("backup_restore: cannot get info for backup file: " LOG_S ", err: %d", + relBackup, errno)); + return OK; + } + isLink = S_ISLNK(linkInfo.st_mode); +#endif + + if (!isLink && NS_taccess(backup, F_OK)) { LOG(("backup_restore: backup file doesn't exist: " LOG_S, relBackup)); return OK; } @@ -1050,8 +1084,18 @@ static int backup_discard(const NS_tchar* path, const NS_tchar* relPath) { NS_tsnprintf(relBackup, sizeof(relBackup) / sizeof(relBackup[0]), NS_T("%s") BACKUP_EXT, relPath); + bool isLink = false; +#ifndef XP_WIN + struct stat linkInfo; + int rv2 = lstat(backup, &linkInfo); + if (rv2) { + return OK; // File does not exist; nothing to do. + } + isLink = S_ISLNK(linkInfo.st_mode); +#endif + // Nothing to discard - if (NS_taccess(backup, F_OK)) { + if (!isLink && NS_taccess(backup, F_OK)) { return OK; } @@ -1066,6 +1110,8 @@ static int backup_discard(const NS_tchar* path, const NS_tchar* relPath) { relBackup, relPath)); return WRITE_ERROR_DELETE_BACKUP; } + +# if !defined(TOR_BROWSER_UPDATE) // The MoveFileEx call to remove the file on OS reboot will fail if the // process doesn't have write access to the HKEY_LOCAL_MACHINE registry key // but this is ok since the installer / uninstaller will delete the @@ -1082,6 +1128,7 @@ static int backup_discard(const NS_tchar* path, const NS_tchar* relPath) { "file: " LOG_S, relPath)); } +# endif } #else if (rv) { @@ -1136,7 +1183,7 @@ class Action { class RemoveFile : public Action { public: - RemoveFile() : mSkip(0) {} + RemoveFile() : mSkip(0), mIsLink(0) {} int Parse(NS_tchar* line) override; int Prepare() override; @@ -1147,6 +1194,7 @@ class RemoveFile : public Action { mozilla::UniquePtr<NS_tchar[]> mFile; mozilla::UniquePtr<NS_tchar[]> mRelPath; int mSkip; + int mIsLink; }; int RemoveFile::Parse(NS_tchar* line) { @@ -1169,28 +1217,39 @@ int RemoveFile::Parse(NS_tchar* line) { } int RemoveFile::Prepare() { - // Skip the file if it already doesn't exist. - int rv = NS_taccess(mFile.get(), F_OK); - if (rv) { - mSkip = 1; - mProgressCost = 0; - return OK; + int rv; +#ifndef XP_WIN + struct stat linkInfo; + rv = lstat(mFile.get(), &linkInfo); + mIsLink = ((0 == rv) && S_ISLNK(linkInfo.st_mode)); +#endif + + if (!mIsLink) { + // Skip the file if it already doesn't exist. + rv = NS_taccess(mFile.get(), F_OK); + if (rv) { + mSkip = 1; + mProgressCost = 0; + return OK; + } } LOG(("PREPARE REMOVEFILE " LOG_S, mRelPath.get())); - // Make sure that we're actually a file... - struct NS_tstat_t fileInfo; - rv = NS_tstat(mFile.get(), &fileInfo); - if (rv) { - LOG(("failed to read file status info: " LOG_S ", err: %d", mFile.get(), - errno)); - return READ_ERROR; - } + if (!mIsLink) { + // Make sure that we're actually a file... + struct NS_tstat_t fileInfo; + rv = NS_tstat(mFile.get(), &fileInfo); + if (rv) { + LOG(("failed to read file status info: " LOG_S ", err: %d", mFile.get(), + errno)); + return READ_ERROR; + } - if (!S_ISREG(fileInfo.st_mode)) { - LOG(("path present, but not a file: " LOG_S, mFile.get())); - return DELETE_ERROR_EXPECTED_FILE; + if (!S_ISREG(fileInfo.st_mode)) { + LOG(("path present, but not a file: " LOG_S, mFile.get())); + return DELETE_ERROR_EXPECTED_FILE; + } } NS_tchar* slash = (NS_tchar*)NS_tstrrchr(mFile.get(), NS_T('/')); @@ -1219,7 +1278,13 @@ int RemoveFile::Execute() { // The file is checked for existence here and in Prepare since it might have // been removed by a separate instruction: bug 311099. - int rv = NS_taccess(mFile.get(), F_OK); + int rv = 0; + if (mIsLink) { + struct NS_tstat_t linkInfo; + rv = NS_tlstat(mFile.get(), &linkInfo); + } else { + rv = NS_taccess(mFile.get(), F_OK); + } if (rv) { LOG(("file cannot be removed because it does not exist; skipping")); mSkip = 1; @@ -1942,6 +2007,92 @@ void PatchIfFile::Finish(int status) { PatchFile::Finish(status); } +#ifndef XP_WIN +class AddSymlink : public Action { + public: + AddSymlink() : mAdded(false) {} + + virtual int Parse(NS_tchar* line); + virtual int Prepare(); + virtual int Execute(); + virtual void Finish(int status); + + private: + mozilla::UniquePtr<NS_tchar[]> mLinkPath; + mozilla::UniquePtr<NS_tchar[]> mRelPath; + mozilla::UniquePtr<NS_tchar[]> mTarget; + bool mAdded; +}; + +int AddSymlink::Parse(NS_tchar* line) { + // format "<linkname>" "target" + + NS_tchar* validPath = get_valid_path(&line); + if (!validPath) return PARSE_ERROR; + + mRelPath = mozilla::MakeUnique<NS_tchar[]>(MAXPATHLEN); + NS_tstrcpy(mRelPath.get(), validPath); + mLinkPath.reset(get_full_path(validPath)); + if (!mLinkPath) { + return PARSE_ERROR; + } + + // consume whitespace between args + NS_tchar* q = mstrtok(kQuote, &line); + if (!q) return PARSE_ERROR; + + validPath = get_valid_path(&line, false, true); + if (!validPath) return PARSE_ERROR; + + mTarget = mozilla::MakeUnique<NS_tchar[]>(MAXPATHLEN); + NS_tstrcpy(mTarget.get(), validPath); + + return OK; +} + +int AddSymlink::Prepare() { + LOG(("PREPARE ADDSYMLINK " LOG_S " -> " LOG_S, mRelPath.get(), + mTarget.get())); + + return OK; +} + +int AddSymlink::Execute() { + LOG(("EXECUTE ADDSYMLINK " LOG_S " -> " LOG_S, mRelPath.get(), + mTarget.get())); + + // First make sure that we can actually get rid of any existing file or link. + struct stat linkInfo; + int rv = lstat(mLinkPath.get(), &linkInfo); + if ((0 == rv) && !S_ISLNK(linkInfo.st_mode)) { + rv = NS_taccess(mLinkPath.get(), F_OK); + } + if (rv == 0) { + rv = backup_create(mLinkPath.get()); + if (rv) return rv; + } else { + rv = ensure_parent_dir(mLinkPath.get()); + if (rv) return rv; + } + + // Create the link. + rv = symlink(mTarget.get(), mLinkPath.get()); + if (!rv) { + mAdded = true; + } + + return rv; +} + +void AddSymlink::Finish(int status) { + LOG(("FINISH ADDSYMLINK " LOG_S " -> " LOG_S, mRelPath.get(), mTarget.get())); + // When there is an update failure and a link has been added it is removed + // here since there might not be a backup to replace it. + if (status && mAdded) NS_tremove(mLinkPath.get()); + backup_finish(mLinkPath.get(), mRelPath.get(), status); +} +#endif + //----------------------------------------------------------------------------- #ifdef XP_WIN @@ -2279,14 +2430,29 @@ static bool IsSecureUpdateStatusSucceeded(bool& isSucceeded) { */ static int CopyInstallDirToDestDir() { // These files should not be copied over to the updated app -#ifdef XP_WIN -# define SKIPLIST_COUNT 3 -#elif XP_MACOSX -# define SKIPLIST_COUNT 0 +#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) +# ifdef XP_WIN +# define SKIPLIST_COUNT 6 +# else +# define SKIPLIST_COUNT 5 +# endif #else -# define SKIPLIST_COUNT 2 +# ifdef XP_WIN +# define SKIPLIST_COUNT 3 +# elif XP_MACOSX +# define SKIPLIST_COUNT 0 +# else +# define SKIPLIST_COUNT 2 +# endif #endif copy_recursive_skiplist<SKIPLIST_COUNT> skiplist; +#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) +# ifdef XP_MACOSX + skiplist.append(0, gInstallDirPath, NS_T("Updated.app")); + skiplist.append(1, gInstallDirPath, NS_T("TorBrowser/UpdateInfo/updates/0")); +# endif +#endif + #ifndef XP_MACOSX skiplist.append(0, gInstallDirPath, NS_T("updated")); skiplist.append(1, gInstallDirPath, NS_T("updates/0")); @@ -2295,6 +2461,19 @@ static int CopyInstallDirToDestDir() { # endif #endif +#if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) +# ifdef XP_WIN + skiplist.append(SKIPLIST_COUNT - 3, gInstallDirPath, + NS_T("TorBrowser/Data/Browser/profile.default/parent.lock")); +# else + skiplist.append(SKIPLIST_COUNT - 3, gInstallDirPath, + NS_T("TorBrowser/Data/Browser/profile.default/.parentlock")); +# endif + + skiplist.append(SKIPLIST_COUNT - 1, gInstallDirPath, + NS_T("TorBrowser/Data/Tor/lock")); +#endif + return ensure_copy_recursive(gInstallDirPath, gWorkingDirPath, skiplist); } @@ -2432,7 +2611,9 @@ static int ProcessReplaceRequest() { if (NS_taccess(deleteDir, F_OK)) { NS_tmkdir(deleteDir, 0755); } +# if !defined(TOR_BROWSER_UPDATE) remove_recursive_on_reboot(tmpDir, deleteDir); +# endif #endif } @@ -2440,8 +2621,45 @@ static int ProcessReplaceRequest() { // On OS X, we we need to remove the staging directory after its Contents // directory has been moved. NS_tchar updatedAppDir[MAXPATHLEN]; +# if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + NS_tsnprintf(updatedAppDir, sizeof(updatedAppDir) / sizeof(updatedAppDir[0]), + NS_T("%s/Updated.app"), gInstallDirPath); + // For Tor Browser on OS X, we also need to copy everything else that is + // inside Updated.app. + NS_tDIR* dir = NS_topendir(updatedAppDir); + if (dir) { + NS_tdirent* entry; + while ((entry = NS_treaddir(dir)) != 0) { + if (NS_tstrcmp(entry->d_name, NS_T(".")) && + NS_tstrcmp(entry->d_name, NS_T(".."))) { + NS_tchar childSrcPath[MAXPATHLEN]; + NS_tsnprintf(childSrcPath, + sizeof(childSrcPath) / sizeof(childSrcPath[0]), + NS_T("%s/%s"), updatedAppDir, entry->d_name); + NS_tchar childDstPath[MAXPATHLEN]; + NS_tsnprintf(childDstPath, + sizeof(childDstPath) / sizeof(childDstPath[0]), + NS_T("%s/%s"), gInstallDirPath, entry->d_name); + ensure_remove_recursive(childDstPath); + rv = rename_file(childSrcPath, childDstPath, true); + if (rv) { + LOG(("Moving " LOG_S " to " LOG_S " failed, err: %d", childSrcPath, + childDstPath, errno)); + } + } + } + + NS_tclosedir(dir); + } else { + LOG(("Updated.app dir can't be found: " LOG_S ", err: %d", updatedAppDir, + errno)); + } +# else NS_tsnprintf(updatedAppDir, sizeof(updatedAppDir) / sizeof(updatedAppDir[0]), NS_T("%s/Updated.app"), gPatchDirPath); +# endif + + // Remove the Updated.app directory. ensure_remove_recursive(updatedAppDir); #endif @@ -2620,11 +2838,15 @@ static void UpdateThreadFunc(void* param) { #ifdef XP_MACOSX static void ServeElevatedUpdateThreadFunc(void* param) { +# ifdef TOR_BROWSER_UPDATE + WriteStatusFile(ELEVATION_CANCELED); +# else UpdateServerThreadArgs* threadArgs = (UpdateServerThreadArgs*)param; gSucceeded = ServeElevatedUpdate(threadArgs->argc, threadArgs->argv); if (!gSucceeded) { WriteStatusFile(ELEVATION_CANCELED); } +# endif QuitProgressUI(); } @@ -2648,7 +2870,7 @@ int LaunchCallbackAndPostProcessApps(int argc, NS_tchar** argv, #endif ) { if (argc > callbackIndex) { -#if defined(XP_WIN) +#if defined(XP_WIN) && !defined(TOR_BROWSER_UPDATE) if (gSucceeded) { if (!LaunchWinPostProcess(gInstallDirPath, gPatchDirPath)) { fprintf(stderr, "The post update process was not launched"); @@ -2703,8 +2925,12 @@ int NS_main(int argc, NS_tchar** argv) { UmaskContext umaskContext(0); bool isElevated = +# ifdef TOR_BROWSER_UPDATE + false; +# else strstr(argv[0], "/Library/PrivilegedHelperTools/org.mozilla.updater") != 0; +# endif if (isElevated) { if (!ObtainUpdaterArguments(&argc, &argv)) { // Won't actually get here because ObtainUpdaterArguments will terminate @@ -3348,6 +3574,26 @@ int NS_main(int argc, NS_tchar** argv) { // using the service is because we are testing. if (!useService && !noServiceFallback && updateLockFileHandle == INVALID_HANDLE_VALUE) { +# ifdef TOR_BROWSER_UPDATE +# ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + // Because the TorBrowser-Data directory that contains the user's + // profile is a sibling of the Tor Browser installation directory, + // the user probably has permission to apply updates. Therefore, to + // avoid potential security issues such as CVE-2015-0833, do not + // attempt to elevate privileges. Instead, write a "failed" message + // to the update status file (this function will return immediately + // after the CloseHandle(elevatedFileHandle) call below). +# else + // Because the user profile is contained within the Tor Browser + // installation directory, the user almost certainly has permission to + // apply updates. Therefore, to avoid potential security issues such + // as CVE-2015-0833, do not attempt to elevate privileges. Instead, + // write a "failed" message to the update status file (this function + // will return immediately after the CloseHandle(elevatedFileHandle) + // call below). +# endif + WriteStatusFile(WRITE_ERROR_ACCESS_DENIED); +# else // Get the secure ID before trying to update so it is possible to // determine if the updater has created a new one. char uuidStringBefore[UUID_LEN] = {'\0'}; @@ -3393,6 +3639,7 @@ int NS_main(int argc, NS_tchar** argv) { gCopyOutputFiles = false; WriteStatusFile(ELEVATION_CANCELED); } +# endif } // Note: The PostUpdate process is launched by the elevated updater which @@ -3727,6 +3974,7 @@ int NS_main(int argc, NS_tchar** argv) { if (!sStagedUpdate && !sReplaceRequest && _wrmdir(gDeleteDirPath)) { LOG(("NS_main: unable to remove directory: " LOG_S ", err: %d", DELETE_DIR, errno)); +# if !defined(TOR_BROWSER_UPDATE) // The directory probably couldn't be removed due to it containing files // that are in use and will be removed on OS reboot. The call to remove the // directory on OS reboot is done after the calls to remove the files so the @@ -3745,6 +3993,7 @@ int NS_main(int argc, NS_tchar** argv) { "directory: " LOG_S, DELETE_DIR)); } +# endif } #endif /* XP_WIN */ @@ -4386,7 +4635,13 @@ int DoUpdate() { action = new AddIfNotFile(); } else if (NS_tstrcmp(token, NS_T("patch-if")) == 0) { // Patch if exists action = new PatchIfFile(); - } else { + } +#ifndef XP_WIN + else if (NS_tstrcmp(token, NS_T("addsymlink")) == 0) { + action = new AddSymlink(); + } +#endif + else { LOG(("DoUpdate: unknown token: " LOG_S, token)); free(buf); return PARSE_ERROR; diff --git a/toolkit/xre/MacLaunchHelper.h b/toolkit/xre/MacLaunchHelper.h index f8dc75ee4d08..ce816acd83e2 100644 --- a/toolkit/xre/MacLaunchHelper.h +++ b/toolkit/xre/MacLaunchHelper.h @@ -17,7 +17,9 @@ extern "C" { * pid of the terminated process to confirm that it executed successfully. */ void LaunchChildMac(int aArgc, char** aArgv, pid_t* aPid = 0); +#ifndef TOR_BROWSER_UPDATE bool LaunchElevatedUpdate(int aArgc, char** aArgv, pid_t* aPid = 0); +#endif } #endif diff --git a/toolkit/xre/MacLaunchHelper.mm b/toolkit/xre/MacLaunchHelper.mm index ec570ffab124..da2917c2a99e 100644 --- a/toolkit/xre/MacLaunchHelper.mm +++ b/toolkit/xre/MacLaunchHelper.mm @@ -40,6 +40,7 @@ void LaunchChildMac(int aArgc, char** aArgv, pid_t* aPid) { } } +#ifndef TOR_BROWSER_UPDATE BOOL InstallPrivilegedHelper() { AuthorizationRef authRef = NULL; OSStatus status = AuthorizationCreate( @@ -116,3 +117,4 @@ bool LaunchElevatedUpdate(int aArgc, char** aArgv, pid_t* aPid) { } return didSucceed; } +#endif diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 69006b49250e..195b3637ca78 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -2666,6 +2666,11 @@ static bool CheckCompatibility(nsIFile* aProfileDir, const nsCString& aVersion, gLastAppBuildID.Assign(gAppData->buildID); nsAutoCString buf; + + nsAutoCString tbVersion(TOR_BROWSER_VERSION_QUOTED); + rv = parser.GetString("Compatibility", "LastTorBrowserVersion", buf); + if (NS_FAILED(rv) || !tbVersion.Equals(buf)) return false; + rv = parser.GetString("Compatibility", "LastOSABI", buf); if (NS_FAILED(rv) || !aOSABI.Equals(buf)) return false; @@ -2751,6 +2756,12 @@ static void WriteVersion(nsIFile* aProfileDir, const nsCString& aVersion, PR_Write(fd, kHeader, sizeof(kHeader) - 1); PR_Write(fd, aVersion.get(), aVersion.Length()); + nsAutoCString tbVersion(TOR_BROWSER_VERSION_QUOTED); + static const char kTorBrowserVersionHeader[] = + NS_LINEBREAK "LastTorBrowserVersion="; + PR_Write(fd, kTorBrowserVersionHeader, sizeof(kTorBrowserVersionHeader) - 1); + PR_Write(fd, tbVersion.get(), tbVersion.Length()); + static const char kOSABIHeader[] = NS_LINEBREAK "LastOSABI="; PR_Write(fd, kOSABIHeader, sizeof(kOSABIHeader) - 1); PR_Write(fd, aOSABI.get(), aOSABI.Length()); @@ -4198,8 +4209,17 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { if (CheckArg("test-process-updates")) { SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1"); } +# ifdef TOR_BROWSER_UPDATE + nsAutoCString compatVersion(TOR_BROWSER_VERSION_QUOTED); +# endif ProcessUpdates(mDirProvider.GetGREDir(), exeDir, updRoot, gRestartArgc, - gRestartArgv, mAppData->version); + gRestartArgv, +# ifdef TOR_BROWSER_UPDATE + compatVersion.get() +# else + mAppData->version +# endif + ); if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) { SaveToEnv("MOZ_TEST_PROCESS_UPDATES="); *aExitFlag = true; diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp index 6af227711642..55d1982504ed 100644 --- a/toolkit/xre/nsUpdateDriver.cpp +++ b/toolkit/xre/nsUpdateDriver.cpp @@ -159,6 +159,13 @@ static nsresult GetInstallDirPath(nsIFile* appDir, nsACString& installDirPath) { return NS_OK; } +#ifdef DEBUG +static void dump_argv(const char* aPrefix, char** argv, int argc) { + printf("%s - %d args\n", aPrefix, argc); + for (int i = 0; i < argc; ++i) printf(" %d: %s\n", i, argv[i]); +} +#endif + static bool GetFile(nsIFile* dir, const nsACString& name, nsCOMPtr<nsIFile>& result) { nsresult rv; @@ -220,6 +227,34 @@ typedef enum { eAppliedService, } UpdateStatus; +#ifdef DEBUG +static const char* UpdateStatusToString(UpdateStatus aStatus) { + const char* rv = "unknown"; + switch (aStatus) { + case eNoUpdateAction: + rv = "NoUpdateAction"; + break; + case ePendingUpdate: + rv = "PendingUpdate"; + break; + case ePendingService: + rv = "PendingService"; + break; + case ePendingElevate: + rv = "PendingElevate"; + break; + case eAppliedUpdate: + rv = "AppliedUpdate"; + break; + case eAppliedService: + rv = "AppliedService"; + break; + } + + return rv; +} +#endif + /** * Returns a value indicating what needs to be done in order to handle an * update. @@ -292,9 +327,39 @@ static bool IsOlderVersion(nsIFile* versionFile, const char* appVersion) { return false; } +#ifdef DEBUG + printf("IsOlderVersion checking appVersion %s against updateVersion %s\n", + appVersion, buf); +#endif + return mozilla::Version(appVersion) > buf; } +#ifndef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +# if defined(TOR_BROWSER_UPDATE) && defined(XP_MACOSX) +static nsresult GetUpdateDirFromAppDir(nsIFile* aAppDir, nsIFile** aResult) { + // On Mac OSX, we stage the update to an Updated.app directory that is + // directly below the main Tor Browser.app directory (two levels up from + // the appDir). + NS_ENSURE_ARG_POINTER(aAppDir); + NS_ENSURE_ARG_POINTER(aResult); + nsCOMPtr<nsIFile> parentDir1, parentDir2; + nsresult rv = aAppDir->GetParent(getter_AddRefs(parentDir1)); + NS_ENSURE_SUCCESS(rv, rv); + rv = parentDir1->GetParent(getter_AddRefs(parentDir2)); + NS_ENSURE_SUCCESS(rv, rv); + + nsCOMPtr<nsIFile> updatedDir; + if (!GetFile(parentDir2, NS_LITERAL_CSTRING("Updated.app"), updatedDir)) { + return NS_ERROR_FAILURE; + } + + updatedDir.forget(aResult); + return NS_OK; +} +# endif +#endif + /** * Applies, switches, or stages an update. * @@ -442,7 +507,12 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir, } else { // Get the directory where the update is staged or will be staged. #if defined(XP_MACOSX) +# if defined(TOR_BROWSER_UPDATE) && !defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + rv = GetUpdateDirFromAppDir(appDir, getter_AddRefs(updatedDir)); + if (NS_FAILED(rv)) { +# else if (!GetFile(updateDir, NS_LITERAL_CSTRING("Updated.app"), updatedDir)) { +# endif #else if (!GetFile(appDir, NS_LITERAL_CSTRING("updated"), updatedDir)) { #endif @@ -537,6 +607,9 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir, } LOG(("spawning updater process [%s]\n", updaterPath.get())); +#ifdef DEBUG + dump_argv("ApplyUpdate updater", argv, argc); +#endif #if defined(XP_UNIX) && !defined(XP_MACOSX) // We use execv to spawn the updater process on all UNIX systems except Mac @@ -574,6 +647,10 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir, } #elif defined(XP_MACOSX) UpdateDriverSetupMacCommandLine(argc, argv, restart); +# ifdef DEBUG +dump_argv("ApplyUpdate after SetupMacCommandLine", argv, argc); +# endif +# ifndef TOR_BROWSER_UPDATE // We need to detect whether elevation is required for this update. This can // occur when an admin user installs the application, but another admin // user attempts to update (see bug 394984). @@ -586,6 +663,7 @@ if (restart && !IsRecursivelyWritable(installDirPath.get())) { } exit(0); } +# endif if (isStaged) { // Launch the updater to replace the installation with the staged updated. @@ -656,9 +734,27 @@ static bool ProcessHasTerminated(ProcessType pt) { nsresult ProcessUpdates(nsIFile* greDir, nsIFile* appDir, nsIFile* updRootDir, int argc, char** argv, const char* appVersion, bool restart, ProcessType* pid) { +#if defined(XP_WIN) && defined(TOR_BROWSER_UPDATE) + // Try to remove the "tobedeleted" directory which, if present, contains + // files that could not be removed during a previous update (e.g., DLLs + // that were in use and therefore locked by Windows). + nsCOMPtr<nsIFile> deleteDir; + nsresult winrv = appDir->Clone(getter_AddRefs(deleteDir)); + if (NS_SUCCEEDED(winrv)) { + winrv = deleteDir->AppendNative(NS_LITERAL_CSTRING("tobedeleted")); + if (NS_SUCCEEDED(winrv)) { + winrv = deleteDir->Remove(true); + } + } +#endif + nsresult rv; nsCOMPtr<nsIFile> updatesDir; +#ifdef DEBUG + printf("ProcessUpdates updateRootDir: %s appVersion: %s\n", + updRootDir->HumanReadablePath().get(), appVersion); +#endif rv = updRootDir->Clone(getter_AddRefs(updatesDir)); NS_ENSURE_SUCCESS(rv, rv); rv = updatesDir->AppendNative(NS_LITERAL_CSTRING("updates")); @@ -678,6 +774,12 @@ nsresult ProcessUpdates(nsIFile* greDir, nsIFile* appDir, nsIFile* updRootDir, nsCOMPtr<nsIFile> statusFile; UpdateStatus status = GetUpdateStatus(updatesDir, statusFile); +#ifdef DEBUG + printf("ProcessUpdates status: %s (%d)\n", UpdateStatusToString(status), + status); + printf("ProcessUpdates updatesDir: %s\n", + updatesDir->HumanReadablePath().get()); +#endif switch (status) { case ePendingUpdate: case ePendingService: { @@ -741,13 +843,16 @@ nsUpdateProcessor::ProcessUpdate() { NS_ENSURE_SUCCESS(rv, rv); } + nsAutoCString appVersion; +#ifdef TOR_BROWSER_UPDATE + appVersion = TOR_BROWSER_VERSION_QUOTED; +#else nsCOMPtr<nsIXULAppInfo> appInfo = do_GetService("@mozilla.org/xre/app-info;1", &rv); NS_ENSURE_SUCCESS(rv, rv); - - nsAutoCString appVersion; rv = appInfo->GetVersion(appVersion); NS_ENSURE_SUCCESS(rv, rv); +#endif // Copy the parameters to the StagedUpdateInfo structure shared with the // watcher thread. diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 335a340ea3e9..f024e26ddbba 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -1265,6 +1265,41 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, } #endif nsCOMPtr<nsIFile> updRoot; +#if defined(TOR_BROWSER_UPDATE) + // For Tor Browser, we store update history, etc. within the UpdateInfo + // directory under the user data directory. + nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(updRoot)); + NS_ENSURE_SUCCESS(rv, rv); + rv = updRoot->AppendNative(NS_LITERAL_CSTRING("UpdateInfo")); + NS_ENSURE_SUCCESS(rv, rv); +# if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + // Since the TorBrowser-Data directory may be shared among different + // installations of the application, embed the app path in the update dir + // so that the update history is partitioned. This is much less likely to + // be an issue on Linux or Windows because the Tor Browser packages for + // those platforms include a "container" folder that provides partitioning + // by default, and we do not support use of a shared, OS-recommended area + // for user data on those platforms. + nsCOMPtr<nsIFile> appFile; + bool per = false; + rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(appFile)); + NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr<nsIFile> appRootDirFile; + nsAutoString appDirPath; + if (NS_FAILED(appFile->GetParent(getter_AddRefs(appRootDirFile))) || + NS_FAILED(appRootDirFile->GetPath(appDirPath))) { + return NS_ERROR_FAILURE; + } + + int32_t dotIndex = appDirPath.RFind(".app"); + if (dotIndex == kNotFound) { + dotIndex = appDirPath.Length(); + } + appDirPath = Substring(appDirPath, 1, dotIndex - 1); + rv = updRoot->AppendRelativePath(appDirPath); + NS_ENSURE_SUCCESS(rv, rv); +# endif +#else // ! TOR_BROWSER_UPDATE nsCOMPtr<nsIFile> appFile; bool per = false; nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(appFile)); @@ -1272,7 +1307,7 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, rv = appFile->GetParent(getter_AddRefs(updRoot)); NS_ENSURE_SUCCESS(rv, rv); -#ifdef XP_MACOSX +# ifdef XP_MACOSX nsCOMPtr<nsIFile> appRootDirFile; nsCOMPtr<nsIFile> localDir; nsAutoString appDirPath; @@ -1306,7 +1341,7 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, localDir.forget(aResult); return NS_OK; -#elif XP_WIN +# elif XP_WIN nsAutoString installPath; rv = updRoot->GetPath(installPath); NS_ENSURE_SUCCESS(rv, rv); @@ -1335,7 +1370,8 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult, nsAutoString updatePathStr; updatePathStr.Assign(updatePath.get()); updRoot->InitWithPath(updatePathStr); -#endif // XP_WIN +# endif // XP_WIN +#endif // ! TOR_BROWSER_UPDATE updRoot.forget(aResult); return NS_OK; } diff --git a/tools/update-packaging/common.sh b/tools/update-packaging/common.sh index 69aef38c5ccc..78a8bdeb634b 100755 --- a/tools/update-packaging/common.sh +++ b/tools/update-packaging/common.sh @@ -8,6 +8,10 @@ # Author: Darin Fisher # +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove all lines in this file that contain: +# TorBrowser/Data + # ----------------------------------------------------------------------------- QUIET=0 @@ -85,22 +89,10 @@ make_add_instruction() { forced= fi - is_extension=$(echo "$f" | grep -c 'distribution/extensions/.*/') - if [ $is_extension = "1" ]; then - # Use the subdirectory of the extensions folder as the file to test - # before performing this add instruction. - testdir=$(echo "$f" | sed 's/$.*distribution\/extensions\/[^\/]*$\/.*/\1/') - verbose_notice " add-if \"$testdir\" \"$f\"" - echo "add-if \"$testdir\" \"$f\"" >> "$filev2" - if [ ! $filev3 = "" ]; then - echo "add-if \"$testdir\" \"$f\"" >> "$filev3" - fi - else - verbose_notice " add \"$f\"$forced" - echo "add \"$f\"" >> "$filev2" - if [ ! "$filev3" = "" ]; then - echo "add \"$f\"" >> "$filev3" - fi + verbose_notice " add \"$f\"$forced" + echo "add \"$f\"" >> "$filev2" + if [ ! "$filev3" = "" ]; then + echo "add \"$f\"" >> "$filev3" fi } @@ -135,24 +127,25 @@ make_add_if_not_instruction() { echo "add-if-not \"$f\" \"$f\"" >> "$filev3" } +make_addsymlink_instruction() { + link="$1" + target="$2" + filev2="$3" + filev3="$4" + + verbose_notice " addsymlink: $link -> $target" + echo "addsymlink \"$link\" \"$target\"" >> "$filev2" + echo "addsymlink \"$link\" \"$target\"" >> "$filev3" +} + make_patch_instruction() { f="$1" filev2="$2" filev3="$3" - is_extension=$(echo "$f" | grep -c 'distribution/extensions/.*/') - if [ $is_extension = "1" ]; then - # Use the subdirectory of the extensions folder as the file to test - # before performing this add instruction. - testdir=$(echo "$f" | sed 's/$.*distribution\/extensions\/[^\/]*$\/.*/\1/') - verbose_notice " patch-if \"$testdir\" \"$f.patch\" \"$f\"" - echo "patch-if \"$testdir\" \"$f.patch\" \"$f\"" >> "$filev2" - echo "patch-if \"$testdir\" \"$f.patch\" \"$f\"" >> "$filev3" - else - verbose_notice " patch \"$f.patch\" \"$f\"" - echo "patch \"$f.patch\" \"$f\"" >> "$filev2" - echo "patch \"$f.patch\" \"$f\"" >> "$filev3" - fi + verbose_notice " patch \"$f.patch\" \"$f\"" + echo "patch \"$f.patch\" \"$f\"" >> "$filev2" + echo "patch \"$f.patch\" \"$f\"" >> "$filev3" } append_remove_instructions() { @@ -201,6 +194,10 @@ append_remove_instructions() { # List all files in the current directory, stripping leading "./" # Pass a variable name and it will be filled as an array. +# To support Tor Browser updates, skip the following files: +# TorBrowser/Data/Browser/profiles.ini +# TorBrowser/Data/Browser/profile.default/bookmarks.html +# TorBrowser/Data/Tor/torrc list_files() { count=0 temp_filelist=$(mktemp) @@ -211,6 +208,11 @@ list_files() { | sed 's/\.\/$.*$/\1/' \ | sort -r > "${temp_filelist}" while read file; do + if [ "$file" = "TorBrowser/Data/Browser/profiles.ini" -o \ + "$file" = "TorBrowser/Data/Browser/profile.default/bookmarks.html" -o \ + "$file" = "TorBrowser/Data/Tor/torrc" ]; then + continue; + fi eval "${1}[$count]=\"$file\"" (( count++ )) done < "${temp_filelist}" @@ -232,3 +234,19 @@ list_dirs() { done < "${temp_dirlist}" rm "${temp_dirlist}" } + +# List all symbolic links in the current directory, stripping leading "./" +list_symlinks() { + count=0 + + find . -type l \ + | sed 's/\.\/$.*$/\1/' \ + | sort -r > "temp-symlinklist" + while read symlink; do + target=$(readlink "$symlink") + eval "${1}[$count]=\"$symlink\"" + eval "${2}[$count]=\"$target\"" + (( count++ )) + done < "temp-symlinklist" + rm "temp-symlinklist" +} diff --git a/tools/update-packaging/make_full_update.sh b/tools/update-packaging/make_full_update.sh index a79a1839147c..fcf143339a1c 100755 --- a/tools/update-packaging/make_full_update.sh +++ b/tools/update-packaging/make_full_update.sh @@ -69,6 +69,7 @@ if [ ! -f "precomplete" ]; then fi list_files files +list_symlinks symlinks symlink_targets popd @@ -81,6 +82,22 @@ notice " type complete" echo "type \"complete\"" >> "$updatemanifestv2" echo "type \"complete\"" >> "$updatemanifestv3" +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove the following lines: +# If removal of any old, existing directories is desired, emit the appropriate +# rmrfdir commands. +notice "" +notice "Adding directory removal instructions to update manifests" +for dir_to_remove in $directories_to_remove; do + # rmrfdir requires a trailing slash; if slash is missing, add one. + if ! [[ "$dir_to_remove" =~ /$ ]]; then + dir_to_remove="${dir_to_remove}/" + fi + echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv2" + echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv3" +done +# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal + notice "" notice "Adding file add instructions to update manifests" num_files=${#files[*]} @@ -109,6 +126,15 @@ for ((i=0; $i<$num_files; i=$i+1)); do targetfiles="$targetfiles \"$f\"" done +notice "" +notice "Adding symlink add instructions to update manifests" +num_symlinks=${#symlinks[*]} +for ((i=0; $i<$num_symlinks; i=$i+1)); do + link="${symlinks[$i]}" + target="${symlink_targets[$i]}" + make_addsymlink_instruction "$link" "$target" "$updatemanifestv2" "$updatemanifestv3" +done + # Append remove instructions for any dead files. notice "" notice "Adding file and directory remove instructions from file 'removed-files'" diff --git a/tools/update-packaging/make_incremental_update.sh b/tools/update-packaging/make_incremental_update.sh index 7b30cb5165fa..5ff620a667d5 100755 --- a/tools/update-packaging/make_incremental_update.sh +++ b/tools/update-packaging/make_incremental_update.sh @@ -78,7 +78,11 @@ if [ $# = 0 ]; then exit 1 fi -requested_forced_updates='Contents/MacOS/firefox' +# Firefox uses requested_forced_updates='Contents/MacOS/firefox' due to +# 770996 but in Tor Browser we do not need that fix. +requested_forced_updates="" +directories_to_remove="" +extra_files_to_remove="" while getopts "hqf:" flag do @@ -113,6 +117,28 @@ updatemanifestv2="$workdir/updatev2.manifest" updatemanifestv3="$workdir/updatev3.manifest" archivefiles="updatev2.manifest updatev3.manifest" +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove the following lines: +# If the NoScript extension has changed between +# releases, add it to the "force updates" list. +ext_path='TorBrowser/Data/Browser/profile.default/extensions' +if [ -d "$newdir/$ext_path" ]; then + noscript='{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi' + + # NoScript is a packed extension, so we simply compare the old and the new + # .xpi files. + noscript_path="$ext_path/$noscript" + diff -a "$olddir/$noscript_path" "$newdir/$noscript_path" > /dev/null + rc=$? + if [ $rc -gt 1 ]; then + notice "Unexpected exit $rc from $noscript_path diff command" + exit 2 + elif [ $rc -eq 1 ]; then + requested_forced_updates="$requested_forced_updates $noscript_path" + fi +fi +# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal + mkdir -p "$workdir" # Generate a list of all files in the target directory. @@ -123,6 +149,7 @@ fi list_files oldfiles list_dirs olddirs +list_symlinks oldsymlinks oldsymlink_targets popd @@ -140,6 +167,7 @@ fi list_dirs newdirs list_files newfiles +list_symlinks newsymlinks newsymlink_targets popd @@ -152,6 +180,23 @@ notice " type partial" echo "type \"partial\"" >> $updatemanifestv2 echo "type \"partial\"" >> $updatemanifestv3 +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove the following lines: +# If removal of any old, existing directories is desired, emit the appropriate +# rmrfdir commands. +notice "" +notice "Adding directory removal instructions to update manifests" +for dir_to_remove in $directories_to_remove; do + # rmrfdir requires a trailing slash, so add one if missing. + if ! [[ "$dir_to_remove" =~ /$ ]]; then + dir_to_remove="${dir_to_remove}/" + fi + echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv2" + echo "rmrfdir \"$dir_to_remove\"" >> "$updatemanifestv3" +done +# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal + + notice "" notice "Adding file patch and add instructions to update manifests" @@ -274,6 +319,24 @@ for ((i=0; $i<$num_oldfiles; i=$i+1)); do fi done +# Remove and re-add symlinks +notice "" +notice "Adding symlink remove/add instructions to update manifests" +num_oldsymlinks=${#oldsymlinks[*]} +for ((i=0; $i<$num_oldsymlinks; i=$i+1)); do + link="${oldsymlinks[$i]}" + verbose_notice " remove: $link" + echo "remove \"$link\"" >> "$updatemanifestv2" + echo "remove \"$link\"" >> "$updatemanifestv3" +done + +num_newsymlinks=${#newsymlinks[*]} +for ((i=0; $i<$num_newsymlinks; i=$i+1)); do + link="${newsymlinks[$i]}" + target="${newsymlink_targets[$i]}" + make_addsymlink_instruction "$link" "$target" "$updatemanifestv2" "$updatemanifestv3" +done + # Newly added files notice "" notice "Adding file add instructions to update manifests" @@ -323,6 +386,15 @@ notice "" notice "Adding file and directory remove instructions from file 'removed-files'" append_remove_instructions "$newdir" "$updatemanifestv2" "$updatemanifestv3" +# TODO When TOR_BROWSER_DATA_OUTSIDE_APP_DIR is used on all platforms, +# we should remove the following lines: +for f in $extra_files_to_remove; do + notice " remove \"$f\"" + echo "remove \"$f\"" >> "$updatemanifestv2" + echo "remove \"$f\"" >> "$updatemanifestv3" +done +# END TOR_BROWSER_DATA_OUTSIDE_APP_DIR removal + notice "" notice "Adding directory remove instructions for directories that no longer exist" num_olddirs=${#olddirs[*]}

1 0

[tor-browser/tor-browser-78.14.0esr-11.0-1] Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 3ddffa7b4ebcad33e5a87957547c53e3c6f3defe Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Fri May 5 03:41:57 2017 -0700 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. --- browser/app/profile/000-tor-browser.js | 9 +- .../search/extensions/ddg-onion/favicon.ico | Bin 0 -> 973 bytes .../search/extensions/ddg-onion/manifest.json | 26 ++++ .../components/search/extensions/ddg/favicon.ico | Bin 5430 -> 0 bytes .../components/search/extensions/ddg/favicon.png | Bin 0 -> 1150 bytes .../components/search/extensions/ddg/manifest.json | 40 +----- .../extensions/google/_locales/b-1-d/messages.json | 23 ---- .../extensions/google/_locales/b-1-e/messages.json | 23 ---- .../extensions/google/_locales/b-d/messages.json | 23 ---- .../extensions/google/_locales/b-e/messages.json | 23 ---- .../extensions/google/_locales/en/messages.json | 24 ---- .../search/extensions/google/manifest.json | 17 ++- browser/components/search/extensions/list.json | 141 ++++++--------------- .../search/extensions/startpage/favicon.png | Bin 0 -> 1150 bytes .../search/extensions/startpage/manifest.json | 26 ++++ .../search/extensions/twitter/favicon.ico | Bin 0 -> 1650 bytes .../search/extensions/twitter/manifest.json | 26 ++++ .../extensions/wikipedia/_locales/NN/messages.json | 20 --- .../extensions/wikipedia/_locales/NO/messages.json | 20 --- .../extensions/wikipedia/_locales/af/messages.json | 20 --- .../extensions/wikipedia/_locales/an/messages.json | 20 --- .../extensions/wikipedia/_locales/ar/messages.json | 20 --- .../wikipedia/_locales/ast/messages.json | 20 --- .../extensions/wikipedia/_locales/az/messages.json | 20 --- .../wikipedia/_locales/be-tarask/messages.json | 20 --- .../extensions/wikipedia/_locales/be/messages.json | 20 --- .../extensions/wikipedia/_locales/bg/messages.json | 20 --- .../extensions/wikipedia/_locales/bn/messages.json | 20 --- .../extensions/wikipedia/_locales/br/messages.json | 20 --- .../extensions/wikipedia/_locales/bs/messages.json | 20 --- .../extensions/wikipedia/_locales/ca/messages.json | 20 --- .../extensions/wikipedia/_locales/cy/messages.json | 20 --- .../extensions/wikipedia/_locales/cz/messages.json | 20 --- .../extensions/wikipedia/_locales/da/messages.json | 20 --- .../extensions/wikipedia/_locales/de/messages.json | 20 --- .../wikipedia/_locales/dsb/messages.json | 20 --- .../extensions/wikipedia/_locales/el/messages.json | 20 --- .../extensions/wikipedia/_locales/en/messages.json | 20 --- .../extensions/wikipedia/_locales/eo/messages.json | 20 --- .../extensions/wikipedia/_locales/es/messages.json | 20 --- .../extensions/wikipedia/_locales/et/messages.json | 20 --- .../extensions/wikipedia/_locales/eu/messages.json | 20 --- .../extensions/wikipedia/_locales/fa/messages.json | 20 --- .../extensions/wikipedia/_locales/fi/messages.json | 20 --- .../extensions/wikipedia/_locales/fr/messages.json | 20 --- .../wikipedia/_locales/fy-NL/messages.json | 20 --- .../wikipedia/_locales/ga-IE/messages.json | 20 --- .../extensions/wikipedia/_locales/gd/messages.json | 20 --- .../extensions/wikipedia/_locales/gl/messages.json | 20 --- .../extensions/wikipedia/_locales/gn/messages.json | 20 --- .../extensions/wikipedia/_locales/gu/messages.json | 20 --- .../extensions/wikipedia/_locales/he/messages.json | 20 --- .../extensions/wikipedia/_locales/hi/messages.json | 20 --- .../extensions/wikipedia/_locales/hr/messages.json | 20 --- .../wikipedia/_locales/hsb/messages.json | 20 --- .../extensions/wikipedia/_locales/hu/messages.json | 20 --- .../extensions/wikipedia/_locales/hy/messages.json | 20 --- .../extensions/wikipedia/_locales/ia/messages.json | 20 --- .../extensions/wikipedia/_locales/id/messages.json | 20 --- .../extensions/wikipedia/_locales/is/messages.json | 20 --- .../extensions/wikipedia/_locales/it/messages.json | 20 --- .../extensions/wikipedia/_locales/ja/messages.json | 20 --- .../extensions/wikipedia/_locales/ka/messages.json | 20 --- .../wikipedia/_locales/kab/messages.json | 20 --- .../extensions/wikipedia/_locales/kk/messages.json | 20 --- .../extensions/wikipedia/_locales/km/messages.json | 20 --- .../extensions/wikipedia/_locales/kn/messages.json | 20 --- .../extensions/wikipedia/_locales/kr/messages.json | 20 --- .../wikipedia/_locales/lij/messages.json | 20 --- .../extensions/wikipedia/_locales/lo/messages.json | 20 --- .../extensions/wikipedia/_locales/lt/messages.json | 20 --- .../wikipedia/_locales/ltg/messages.json | 20 --- .../extensions/wikipedia/_locales/lv/messages.json | 20 --- .../extensions/wikipedia/_locales/mk/messages.json | 20 --- .../extensions/wikipedia/_locales/mr/messages.json | 20 --- .../extensions/wikipedia/_locales/ms/messages.json | 20 --- .../extensions/wikipedia/_locales/my/messages.json | 20 --- .../extensions/wikipedia/_locales/ne/messages.json | 20 --- .../extensions/wikipedia/_locales/nl/messages.json | 20 --- .../extensions/wikipedia/_locales/oc/messages.json | 20 --- .../extensions/wikipedia/_locales/pa/messages.json | 20 --- .../extensions/wikipedia/_locales/pl/messages.json | 20 --- .../extensions/wikipedia/_locales/pt/messages.json | 20 --- .../extensions/wikipedia/_locales/rm/messages.json | 20 --- .../extensions/wikipedia/_locales/ro/messages.json | 20 --- .../extensions/wikipedia/_locales/ru/messages.json | 20 --- .../extensions/wikipedia/_locales/si/messages.json | 20 --- .../extensions/wikipedia/_locales/sk/messages.json | 20 --- .../extensions/wikipedia/_locales/sl/messages.json | 20 --- .../extensions/wikipedia/_locales/sq/messages.json | 20 --- .../extensions/wikipedia/_locales/sr/messages.json | 20 --- .../wikipedia/_locales/sv-SE/messages.json | 20 --- .../extensions/wikipedia/_locales/ta/messages.json | 20 --- .../extensions/wikipedia/_locales/te/messages.json | 20 --- .../extensions/wikipedia/_locales/th/messages.json | 20 --- .../extensions/wikipedia/_locales/tl/messages.json | 20 --- .../extensions/wikipedia/_locales/tr/messages.json | 20 --- .../extensions/wikipedia/_locales/uk/messages.json | 20 --- .../extensions/wikipedia/_locales/ur/messages.json | 20 --- .../extensions/wikipedia/_locales/uz/messages.json | 20 --- .../extensions/wikipedia/_locales/vi/messages.json | 20 --- .../extensions/wikipedia/_locales/wo/messages.json | 20 --- .../wikipedia/_locales/zh-CN/messages.json | 20 --- .../wikipedia/_locales/zh-TW/messages.json | 20 --- .../search/extensions/wikipedia/manifest.json | 17 ++- .../components/search/extensions/yahoo/favicon.ico | Bin 0 -> 5430 bytes .../search/extensions/yahoo/manifest.json | 28 ++++ .../search/extensions/youtube/favicon.ico | Bin 0 -> 1150 bytes .../search/extensions/youtube/manifest.json | 26 ++++ tbb-tests/browser_tor_omnibox.js | 14 ++ 110 files changed, 209 insertions(+), 2017 deletions(-) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 5ebb6c56fe24..96f35ddde46d 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -299,15 +299,20 @@ pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed- // Putting the search engine prefs into this file to fix #11236. // Default search engine -pref("browser.search.defaultenginename", "Search"); +pref("browser.search.defaultenginename", "data:text/plain,browser.search.defaultenginename=DuckDuckGo"); +// Make sure we use the same search engine regardless of locale +pref("browser.search.geoSpecificDefaults", false); // Search engine order (order displayed in the search bar dropdown) // Somewhat surprisingly we get some random behavior if we specify more than // two search engines as below. See // https://bugzilla.mozilla.org/show_bug.cgi?id=1126722 for details. -pref("browser.search.order.extra.1", "Search"); +pref("browser.search.order.extra.1", "DuckDuckGo"); pref("browser.search.order.extra.2", "YouTube"); +// Use old search config based on list.json +pref("browser.search.modernConfig", false); + // Enforce certificate pinning, see: https://bugs.torproject.org/16206 pref("security.cert_pinning.enforcement_level", 2); diff --git a/browser/components/search/extensions/ddg-onion/favicon.ico b/browser/components/search/extensions/ddg-onion/favicon.ico new file mode 100644 index 000000000000..13c325f6585f Binary files /dev/null and b/browser/components/search/extensions/ddg-onion/favicon.ico differ diff --git a/browser/components/search/extensions/ddg-onion/manifest.json b/browser/components/search/extensions/ddg-onion/manifest.json new file mode 100644 index 000000000000..49f3c116106b --- /dev/null +++ b/browser/components/search/extensions/ddg-onion/manifest.json @@ -0,0 +1,26 @@ +{ + "name": "DuckDuckGoOnion", + "description": "Duck Duck Go Onion", + "manifest_version": 2, + "version": "1.0", + "applications": { + "gecko": { + "id": "ddg-onion(a)search.mozilla.org" + } + }, + "hidden": true, + "icons": { + "16": "favicon.ico" + }, + "web_accessible_resources": [ + "favicon.ico" + ], + "chrome_settings_overrides": { + "search_provider": { + "name": "DuckDuckGoOnion", + "search_url": "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion", + "search_form": "https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/?q={…", + "search_url_get_params": "q={searchTerms}" + } + } +} diff --git a/browser/components/search/extensions/ddg/favicon.ico b/browser/components/search/extensions/ddg/favicon.ico deleted file mode 100644 index dda80dfd88d5..000000000000 Binary files a/browser/components/search/extensions/ddg/favicon.ico and /dev/null differ diff --git a/browser/components/search/extensions/ddg/favicon.png b/browser/components/search/extensions/ddg/favicon.png new file mode 100644 index 000000000000..c853b95b89ef Binary files /dev/null and b/browser/components/search/extensions/ddg/favicon.png differ diff --git a/browser/components/search/extensions/ddg/manifest.json b/browser/components/search/extensions/ddg/manifest.json index b15330b16bf5..510542faa4eb 100644 --- a/browser/components/search/extensions/ddg/manifest.json +++ b/browser/components/search/extensions/ddg/manifest.json @@ -10,51 +10,19 @@ }, "hidden": true, "icons": { - "16": "favicon.ico" + "16": "favicon.png" }, "web_accessible_resources": [ - "favicon.ico" + "favicon.png" ], "chrome_settings_overrides": { "search_provider": { "name": "DuckDuckGo", - "search_url": "https://duckduckgo.com/", + "search_url": "https://duckduckgo.com", "search_form": "https://duckduckgo.com/?q={searchTerms}", "search_url_get_params": "q={searchTerms}", - "params": [ - { - "name": "t", - "condition": "purpose", - "purpose": "contextmenu", - "value": "ffcm" - }, - { - "name": "t", - "condition": "purpose", - "purpose": "keyword", - "value": "ffab" - }, - { - "name": "t", - "condition": "purpose", - "purpose": "searchbar", - "value": "ffsb" - }, - { - "name": "t", - "condition": "purpose", - "purpose": "homepage", - "value": "ffhp" - }, - { - "name": "t", - "condition": "purpose", - "purpose": "newtab", - "value": "ffnt" - } - ], "suggest_url": "https://ac.duckduckgo.com/ac/", "suggest_url_get_params": "q={searchTerms}&type=list" } } -} \ No newline at end of file +} diff --git a/browser/components/search/extensions/google/_locales/b-1-d/messages.json b/browser/components/search/extensions/google/_locales/b-1-d/messages.json deleted file mode 100644 index 1b9d05307d64..000000000000 --- a/browser/components/search/extensions/google/_locales/b-1-d/messages.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "extensionName": { - "message": "Google" - }, - "extensionDescription": { - "message": "Google Search" - }, - "searchUrl": { - "message": "https://www.google.com/search" - }, - "searchForm": { - "message": "https://www.google.com/search?client=firefox-b-1-d&q={searchTerms}" - }, - "suggestUrl": { - "message": "https://www.google.com/complete/search?client=firefox&q={searchTerms}" - }, - "searchUrlGetParams": { - "message": "client=firefox-b-1-d&q={searchTerms}" - }, - "channelPref": { - "message": "google_channel_us" - } -} diff --git a/browser/components/search/extensions/google/_locales/b-1-e/messages.json b/browser/components/search/extensions/google/_locales/b-1-e/messages.json deleted file mode 100644 index b470cd844331..000000000000 --- a/browser/components/search/extensions/google/_locales/b-1-e/messages.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "extensionName": { - "message": "Google" - }, - "extensionDescription": { - "message": "Google Search" - }, - "searchUrl": { - "message": "https://www.google.com/search" - }, - "searchForm": { - "message": "https://www.google.com/search?client=firefox-b-1-e&q={searchTerms}" - }, - "suggestUrl": { - "message": "https://www.google.com/complete/search?client=firefox&q={searchTerms}" - }, - "searchUrlGetParams": { - "message": "client=firefox-b-1-e&q={searchTerms}" - }, - "channelPref": { - "message": "google_channel_us" - } -} diff --git a/browser/components/search/extensions/google/_locales/b-d/messages.json b/browser/components/search/extensions/google/_locales/b-d/messages.json deleted file mode 100644 index a6423089d9f9..000000000000 --- a/browser/components/search/extensions/google/_locales/b-d/messages.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "extensionName": { - "message": "Google" - }, - "extensionDescription": { - "message": "Google Search" - }, - "searchUrl": { - "message": "https://www.google.com/search" - }, - "searchForm": { - "message": "https://www.google.com/search?client=firefox-b-d&q={searchTerms}" - }, - "suggestUrl": { - "message": "https://www.google.com/complete/search?client=firefox&q={searchTerms}" - }, - "searchUrlGetParams": { - "message": "client=firefox-b-d&q={searchTerms}" - }, - "channelPref": { - "message": "google_channel_row" - } -} diff --git a/browser/components/search/extensions/google/_locales/b-e/messages.json b/browser/components/search/extensions/google/_locales/b-e/messages.json deleted file mode 100644 index 70939ee00074..000000000000 --- a/browser/components/search/extensions/google/_locales/b-e/messages.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "extensionName": { - "message": "Google" - }, - "extensionDescription": { - "message": "Google Search" - }, - "searchUrl": { - "message": "https://www.google.com/search" - }, - "searchForm": { - "message": "https://www.google.com/search?client=firefox-b-e&q={searchTerms}" - }, - "suggestUrl": { - "message": "https://www.google.com/complete/search?client=firefox&q={searchTerms}" - }, - "searchUrlGetParams": { - "message": "client=firefox-b-e&q={searchTerms}" - }, - "channelPref": { - "message": "google_channel_row" - } -} diff --git a/browser/components/search/extensions/google/_locales/en/messages.json b/browser/components/search/extensions/google/_locales/en/messages.json deleted file mode 100644 index aeca0ef128b3..000000000000 --- a/browser/components/search/extensions/google/_locales/en/messages.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "extensionName": { - "message": "Google" - }, - "extensionDescription": { - "message": "Google Search" - }, - "searchUrl": { - "message": "https://www.google.com/search" - }, - "searchForm": { - "message": "https://www.google.com/search?client=firefox-b-d&q={searchTerms}" - }, - "suggestUrl": { - "message": "https://www.google.com/complete/search?client=firefox&q={searchTerms}" - }, - "searchUrlGetParams": { - "message": "client=firefox-b-d&q={searchTerms}" - }, - "channelPref": { - "message": "google_channel_row" - } - -} diff --git a/browser/components/search/extensions/google/manifest.json b/browser/components/search/extensions/google/manifest.json index d51213b52d22..b62de30cb7fa 100644 --- a/browser/components/search/extensions/google/manifest.json +++ b/browser/components/search/extensions/google/manifest.json @@ -1,6 +1,6 @@ { - "name": "__MSG_extensionName__", - "description": "__MSG_extensionDescription__", + "name": "Google", + "description": "Google Search", "manifest_version": 2, "version": "1.0", "applications": { @@ -9,7 +9,6 @@ } }, "hidden": true, - "default_locale": "en", "icons": { "16": "favicon.ico" }, @@ -18,18 +17,18 @@ ], "chrome_settings_overrides": { "search_provider": { - "name": "__MSG_extensionName__", - "search_url": "__MSG_searchUrl__", - "search_form": "__MSG_searchForm__", - "suggest_url": "__MSG_suggestUrl__", + "name": "Google", + "search_url": "https://www.google.com/search", + "search_form": "https://www.google.com/search?client=firefox-b-d&q={searchTerms}", + "suggest_url": "https://www.google.com/complete/search?client=firefox&q={searchTerms}", "params": [ { "name": "channel", "condition": "pref", - "pref": "__MSG_channelPref__" + "pref": "google_channel_row" } ], - "search_url_get_params": "__MSG_searchUrlGetParams__" + "search_url_get_params": "client=firefox-b-d&q={searchTerms}" } } } diff --git a/browser/components/search/extensions/list.json b/browser/components/search/extensions/list.json index 52b2da3ada2d..04f198072b3d 100644 --- a/browser/components/search/extensions/list.json +++ b/browser/components/search/extensions/list.json @@ -1,86 +1,20 @@ { "default": { - "searchDefault": "Google", - "searchOrder": ["Google", "Bing"], + "searchDefault": "DuckDuckGo", + "searchOrder": ["DuckDuckGo", "YouTube", "Google"], "visibleDefaultEngines": [ - "google-b-d", "amazondotcom", "bing", "ddg", "ebay", "wikipedia" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "regionOverrides": { - "US": { - "google-b-d": "google-b-1-d" - }, - "CA": { - "ebay": "ebay-ca", - "ebay-fr": "ebay-ca", - "amazondotcom": "amazon-ca", - "amazon-france": "amazon-ca" - }, - "AT": { - "ebay-de": "ebay-at" - }, - "AU": { - "ebay": "ebay-au", - "ebay-uk": "ebay-au", - "amazondotcom": "amazon-au", - "amazon-en-GB": "amazon-au" - }, - "BE": { - "ebay": "ebay-be", - "ebay-nl": "ebay-be", - "ebay-fr": "ebay-be" - }, - "CH": { - "ebay": "ebay-ch", - "ebay-de": "ebay-ch", - "ebay-fr": "ebay-ch" - }, - "FR": { - "amazondotcom": "amazon-france" - }, - "IE": { - "ebay": "ebay-ie", - "ebay-uk": "ebay-ie" - }, - "NL": { - "ebay": "ebay-nl" - }, - "GB": { - "ebay": "ebay-uk", - "amazondotcom": "amazon-en-GB" - } }, "locales": { "en-US": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazondotcom", "bing", "ddg", "ebay", "wikipedia" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, - "KZ": { - "visibleDefaultEngines": [ - "amazondotcom", "bing", "google-b-d", "wikipedia", "ddg", "yandex-en" - ], - "searchDefault": "Yandex" - }, - "BY": { - "visibleDefaultEngines": [ - "amazondotcom", "bing", "google-b-d", "wikipedia", "ddg", "yandex-en" - ], - "searchDefault": "Yandex" - }, - "RU": { - "visibleDefaultEngines": [ - "amazondotcom", "bing", "google-b-d", "wikipedia", "ddg", "yandex-en" - ], - "searchDefault": "Yandex" - }, - "TR": { - "visibleDefaultEngines": [ - "amazondotcom", "bing", "google-b-d", "wikipedia", "ddg", "yandex-en" - ], - "searchDefault": "Yandex" - }, "experimental-hidden": { "visibleDefaultEngines": [ "amazon-ca", "amazon-au", "yandex-en", "google", "google-b-1-e", "google-b-e" @@ -111,7 +45,7 @@ "ar": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazondotcom", "ddg", "wikipedia-ar" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -207,7 +141,7 @@ "ca": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "diec2", "ddg", "ebay-es", "wikipedia-ca" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -234,9 +168,8 @@ }, "cs": { "default": { - "searchOrder": ["Google", "Seznam"], "visibleDefaultEngines": [ - "google-b-d", "seznam-cz", "ddg", "heureka-cz", "mapy-cz", "wikipedia-cz" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -250,14 +183,14 @@ "da": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazon-en-GB", "ddg", "wikipedia-da" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "de": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazon-de", "bing", "ddg", "ebay-de", "ecosia", "leo_ende_de", "wikipedia-de" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -271,7 +204,7 @@ "el": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazon-en-GB", "bing", "ddg", "wikipedia-el" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -357,7 +290,7 @@ "es-AR": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazondotcom", "drae", "ddg", "mercadolibre-ar", "wikipedia-es" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -371,7 +304,7 @@ "es-ES": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "drae", "ddg", "ebay-es", "wikipedia-es" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -404,7 +337,7 @@ "fa": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazondotcom", "bing", "ddg", "wikipedia-fa" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -425,7 +358,7 @@ "fr": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazon-france", "ddg", "ebay-fr", "qwant", "wikipedia-fr" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -444,7 +377,7 @@ "ga-IE": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazon-en-GB", "ddg", "ebay-ie", "tearma", "wikipedia-ga-IE" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -479,7 +412,7 @@ "he": { "default": { "visibleDefaultEngines": [ - "google-b-d", "ddg", "wikipedia-he", "morfix-dic" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -507,7 +440,7 @@ "hu": { "default": { "visibleDefaultEngines": [ - "google-b-d", "ddg", "vatera", "wikipedia-hu" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -535,44 +468,42 @@ "id": { "default": { "visibleDefaultEngines": [ - "google-b-d", "ddg", "wikipedia-id" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "is": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazondotcom", "ddg", "wikipedia-is" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "it": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazon-it", "ddg", "ebay-it", "wikipedia-it" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ja-JP-macos": { "default": { - "searchOrder": ["Google", "Yahoo! JAPAN", "Bing", "Amazon.co.jp", "楽天市場", "ヤフオク!", "教えて！goo", "Wikipedia (ja)"], "visibleDefaultEngines": [ - "google-b-d", "yahoo-jp", "bing", "amazon-jp", "rakuten", "yahoo-jp-auctions", "oshiete-goo", "wikipedia-ja", "ddg" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ja": { "default": { - "searchOrder": ["Google", "Yahoo! JAPAN", "Bing", "Amazon.co.jp", "楽天市場", "ヤフオク!", "教えて！goo", "Wikipedia (ja)"], "visibleDefaultEngines": [ - "google-b-d", "yahoo-jp", "bing", "amazon-jp", "rakuten", "yahoo-jp-auctions", "oshiete-goo", "wikipedia-ja", "ddg" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ka": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazondotcom", "ddg", "wikipedia-ka" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -619,7 +550,7 @@ "ko": { "default": { "visibleDefaultEngines": [ - "google-b-d", "ddg", "naver-kr", "daum-kr", "wikipedia-kr" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -668,7 +599,7 @@ "mk": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazondotcom", "ddg", "wikipedia-mk" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -696,7 +627,7 @@ "nb-NO": { "default": { "visibleDefaultEngines": [ - "google-b-d", "amazon-en-GB", "bing", "ddg", "gulesider-NO", "bok-NO", "qxl-NO", "wikipedia-NO" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -710,7 +641,7 @@ "nl": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "bolcom-nl", "ddg", "ebay-nl", "marktplaats-nl", "wikipedia-nl" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "experimental-hidden": { @@ -743,14 +674,14 @@ "pl": { "default": { "visibleDefaultEngines": [ - "google-b-d", "allegro-pl", "ddg", "pwn-pl", "wikipedia-pl", "wolnelektury-pl" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "pt-BR": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "ddg", "mercadolivre", "wikipedia-pt" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -771,14 +702,14 @@ "ro": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "amazondotcom", "ddg", "wikipedia-ro" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, "ru": { "default": { "visibleDefaultEngines": [ - "yandex-ru", "google-b-d", "ddg", "ozonru", "priceru", "wikipedia-ru", "mailru" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "RU": { @@ -846,7 +777,7 @@ "sv-SE": { "default": { "visibleDefaultEngines": [ - "google-b-d", "bing", "allaannonser-sv-SE", "ddg", "prisjakt-sv-SE", "tyda-sv-SE", "wikipedia-sv-SE" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -881,7 +812,7 @@ "tr": { "default": { "visibleDefaultEngines": [ - "yandex-tr", "google-b-d", "ddg", "wikipedia-tr" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "TR": { @@ -928,7 +859,7 @@ "vi": { "default": { "visibleDefaultEngines": [ - "google-b-d", "coccoc", "ddg", "wikipedia-vi" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } }, @@ -949,7 +880,7 @@ "zh-CN": { "default": { "visibleDefaultEngines": [ - "baidu", "google-b-d", "bing", "ddg", "wikipedia-zh-CN", "amazondotcn" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] }, "CN": { @@ -959,7 +890,7 @@ "zh-TW": { "default": { "visibleDefaultEngines": [ - "google-b-d", "ddg", "readmoo", "wikipedia-zh-TW" + "ddg", "ddg-onion", "google", "yahoo", "twitter", "wikipedia", "youtube", "startpage" ] } } diff --git a/browser/components/search/extensions/startpage/favicon.png b/browser/components/search/extensions/startpage/favicon.png new file mode 100644 index 000000000000..44b94a986fd2 Binary files /dev/null and b/browser/components/search/extensions/startpage/favicon.png differ diff --git a/browser/components/search/extensions/startpage/manifest.json b/browser/components/search/extensions/startpage/manifest.json new file mode 100644 index 000000000000..c9bd9e1848d0 --- /dev/null +++ b/browser/components/search/extensions/startpage/manifest.json @@ -0,0 +1,26 @@ +{ + "name": "Startpage", + "description": "Start Page", + "manifest_version": 2, + "version": "1.0", + "applications": { + "gecko": { + "id": "startpage(a)search.mozilla.org" + } + }, + "hidden": true, + "icons": { + "16": "favicon.png" + }, + "web_accessible_resources": [ + "favicon.png" + ], + "chrome_settings_overrides": { + "search_provider": { + "name": "Startpage", + "search_url": "https://startpage.com/rto/search", + "search_form": "https://startpage.com/rto/search/", + "search_url_post_params": "q={searchTerms}" + } + } +} \ No newline at end of file diff --git a/browser/components/search/extensions/twitter/favicon.ico b/browser/components/search/extensions/twitter/favicon.ico new file mode 100644 index 000000000000..e5aaff437912 Binary files /dev/null and b/browser/components/search/extensions/twitter/favicon.ico differ diff --git a/browser/components/search/extensions/twitter/manifest.json b/browser/components/search/extensions/twitter/manifest.json new file mode 100644 index 000000000000..59714e0e1045 --- /dev/null +++ b/browser/components/search/extensions/twitter/manifest.json @@ -0,0 +1,26 @@ +{ + "name": "Twitter", + "description": "Realtime Twitter Search", + "manifest_version": 2, + "version": "1.0", + "applications": { + "gecko": { + "id": "twitter(a)search.mozilla.org" + } + }, + "hidden": true, + "icons": { + "16": "favicon.ico" + }, + "web_accessible_resources": [ + "favicon.ico" + ], + "chrome_settings_overrides": { + "search_provider": { + "name": "Twitter", + "search_url": "https://twitter.com/search", + "search_form": "https://twitter.com/search?q={searchTerms}&partner=Firefox&source=desktop-s…", + "search_url_get_params": "q={searchTerms}&partner=Firefox&source=desktop-search" + } + } +} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/NN/messages.json b/browser/components/search/extensions/wikipedia/_locales/NN/messages.json deleted file mode 100644 index e4ee66bc780d..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/NN/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (nn)" - }, - "extensionDescription": { - "message": "Wikipedia, det frie oppslagsverket" - }, - "searchUrl": { - "message": "https://nn.wikipedia.org/wiki/Spesial:Søk" - }, - "searchForm": { - "message": "https://nn.wikipedia.org/wiki/Spesial:Søk?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://nn.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/NO/messages.json b/browser/components/search/extensions/wikipedia/_locales/NO/messages.json deleted file mode 100644 index ec016ac7337e..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/NO/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (no)" - }, - "extensionDescription": { - "message": "Wikipedia, den frie encyklopedi" - }, - "searchUrl": { - "message": "https://no.wikipedia.org/wiki/Spesial:Søk" - }, - "searchForm": { - "message": "https://no.wikipedia.org/wiki/Spesial:Søk?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://no.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/af/messages.json b/browser/components/search/extensions/wikipedia/_locales/af/messages.json deleted file mode 100644 index 8cf9de8ac9b3..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/af/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (af)" - }, - "extensionDescription": { - "message": "Wikipedia, die vrye ensiklopedie" - }, - "searchUrl": { - "message": "https://af.wikipedia.org/wiki/Spesiaal:Soek" - }, - "searchForm": { - "message": "https://af.wikipedia.org/wiki/Spesiaal:Soek?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://af.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/an/messages.json b/browser/components/search/extensions/wikipedia/_locales/an/messages.json deleted file mode 100644 index e8cce665c96e..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/an/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Biquipedia (an)" - }, - "extensionDescription": { - "message": "A enciclopedia Libre" - }, - "searchUrl": { - "message": "https://an.wikipedia.org/wiki/Especial:Mirar" - }, - "searchForm": { - "message": "https://an.wikipedia.org/wiki/Especial:Mirar?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://an.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ar/messages.json b/browser/components/search/extensions/wikipedia/_locales/ar/messages.json deleted file mode 100644 index de90b2a2055e..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ar/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ويكيبيديا (ar)" - }, - "extensionDescription": { - "message": "ويكيبيديا (ar)" - }, - "searchUrl": { - "message": "https://ar.wikipedia.org/wiki/خاص:بحث" - }, - "searchForm": { - "message": "https://ar.wikipedia.org/wiki/خاص:بحث?search={searchTerms}&sourceid=Mozilla…" - }, - "suggestUrl": { - "message": "https://ar.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ast/messages.json b/browser/components/search/extensions/wikipedia/_locales/ast/messages.json deleted file mode 100644 index a127ba07f29b..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ast/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (ast)" - }, - "extensionDescription": { - "message": "La enciclopedia llibre" - }, - "searchUrl": { - "message": "https://ast.wikipedia.org/wiki/Especial:Gueta" - }, - "searchForm": { - "message": "https://ast.wikipedia.org/wiki/Especial:Gueta?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://ast.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/az/messages.json b/browser/components/search/extensions/wikipedia/_locales/az/messages.json deleted file mode 100644 index f551a717e6d3..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/az/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipediya (az)" - }, - "extensionDescription": { - "message": "Vikipediya, açıq ensiklopediya" - }, - "searchUrl": { - "message": "https://az.wikipedia.org/wiki/Xüsusi:Axtar" - }, - "searchForm": { - "message": "https://az.wikipedia.org/wiki/Xüsusi:Axtar?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://az.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/be-tarask/messages.json b/browser/components/search/extensions/wikipedia/_locales/be-tarask/messages.json deleted file mode 100644 index aecfecf2fb19..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/be-tarask/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Вікіпэдыя (be-tarask)" - }, - "extensionDescription": { - "message": "Вікіпэдыя, вольная энцыкляпэдыя" - }, - "searchUrl": { - "message": "https://be-tarask.wikipedia.org/wiki/Спэцыяльныя:Пошук" - }, - "searchForm": { - "message": "https://be-tarask.wikipedia.org/wiki/Спэцыяльныя:Пошук?search={searchTerms}…" - }, - "suggestUrl": { - "message": "https://be-tarask.wikipedia.org/w/api.php?action=opensearch&search={searchT…" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/be/messages.json b/browser/components/search/extensions/wikipedia/_locales/be/messages.json deleted file mode 100644 index 6aa763451e67..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/be/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Вікіпедыя (be)" - }, - "extensionDescription": { - "message": "Вікіпедыя, свабодная энцыклапедыя" - }, - "searchUrl": { - "message": "https://be.wikipedia.org/wiki/Адмысловае:Search" - }, - "searchForm": { - "message": "https://be.wikipedia.org/wiki/Адмысловае:Search?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://be.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/bg/messages.json b/browser/components/search/extensions/wikipedia/_locales/bg/messages.json deleted file mode 100644 index 896a85d66b87..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/bg/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Уикипедия (bg)" - }, - "extensionDescription": { - "message": "Уикипедия, свободната енциклоподия" - }, - "searchUrl": { - "message": "https://bg.wikipedia.org/wiki/Специални:Търсене" - }, - "searchForm": { - "message": "https://bg.wikipedia.org/wiki/Специални:Търсене?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://bg.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/bn/messages.json b/browser/components/search/extensions/wikipedia/_locales/bn/messages.json deleted file mode 100644 index fe9887ed1938..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/bn/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "উইকিপিডিয়া (bn)" - }, - "extensionDescription": { - "message": "উইকিপিডিয়া, মুক্ত বিশ্বকোষ" - }, - "searchUrl": { - "message": "https://bn.wikipedia.org/wiki/বিশেষ:Search" - }, - "searchForm": { - "message": "https://bn.wikipedia.org/wiki/বিশেষ:Search?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://bn.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/br/messages.json b/browser/components/search/extensions/wikipedia/_locales/br/messages.json deleted file mode 100644 index 33869ce8e752..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/br/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (br)" - }, - "extensionDescription": { - "message": "Wikipedia, an holloueziadur digor" - }, - "searchUrl": { - "message": "https://br.wikipedia.org/wiki/Dibar:Klask" - }, - "searchForm": { - "message": "https://br.wikipedia.org/wiki/Dibar:Klask?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://br.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/bs/messages.json b/browser/components/search/extensions/wikipedia/_locales/bs/messages.json deleted file mode 100644 index 746150e3d8e8..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/bs/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (bs)" - }, - "extensionDescription": { - "message": "Slobodna enciklopedija" - }, - "searchUrl": { - "message": "https://bs.wikipedia.org/wiki/Posebno:Pretraga" - }, - "searchForm": { - "message": "https://bs.wikipedia.org/wiki/Posebno:Pretraga?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://bs.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ca/messages.json b/browser/components/search/extensions/wikipedia/_locales/ca/messages.json deleted file mode 100644 index 151ec1a71ba5..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ca/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Viquipèdia (ca)" - }, - "extensionDescription": { - "message": "L'enciclopèdia lliure" - }, - "searchUrl": { - "message": "https://ca.wikipedia.org/wiki/Especial:Cerca" - }, - "searchForm": { - "message": "https://ca.wikipedia.org/wiki/Especial:Cerca?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://ca.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/cy/messages.json b/browser/components/search/extensions/wikipedia/_locales/cy/messages.json deleted file mode 100644 index cfed7c73be34..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/cy/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wicipedia (cy)" - }, - "extensionDescription": { - "message": "Wicipedia, Y Gwyddioniadur Rhydd" - }, - "searchUrl": { - "message": "https://cy.wikipedia.org/wiki/Arbennig:Search" - }, - "searchForm": { - "message": "https://cy.wikipedia.org/wiki/Arbennig:Search?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://cy.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/cz/messages.json b/browser/components/search/extensions/wikipedia/_locales/cz/messages.json deleted file mode 100644 index 12f7eb22d711..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/cz/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedie (cs)" - }, - "extensionDescription": { - "message": "Wikipedia, svobodná encyclopedie" - }, - "searchUrl": { - "message": "https://cs.wikipedia.org/wiki/Speciální:Hledání" - }, - "searchForm": { - "message": "https://cs.wikipedia.org/wiki/Speciální:Hledání?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://cs.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/da/messages.json b/browser/components/search/extensions/wikipedia/_locales/da/messages.json deleted file mode 100644 index 801d5a5183cc..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/da/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (da)" - }, - "extensionDescription": { - "message": "Wikipedia, den frie encyklopædi" - }, - "searchUrl": { - "message": "https://da.wikipedia.org/wiki/Speciel:Søgning" - }, - "searchForm": { - "message": "https://da.wikipedia.org/wiki/Speciel:Søgning?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://da.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/de/messages.json b/browser/components/search/extensions/wikipedia/_locales/de/messages.json deleted file mode 100644 index 0e6bbe8905ca..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/de/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (de)" - }, - "extensionDescription": { - "message": "Wikipedia, die freie Enzyklopädie" - }, - "searchUrl": { - "message": "https://de.wikipedia.org/wiki/Spezial:Suche" - }, - "searchForm": { - "message": "https://de.wikipedia.org/wiki/Spezial:Suche?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://de.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/dsb/messages.json b/browser/components/search/extensions/wikipedia/_locales/dsb/messages.json deleted file mode 100644 index ffca44b5f7fb..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/dsb/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedija (dsb)" - }, - "extensionDescription": { - "message": "Wikipedija, lichotna encyklopedija" - }, - "searchUrl": { - "message": "https://dsb.wikipedia.org/wiki/Specialne:Pytaś" - }, - "searchForm": { - "message": "https://dsb.wikipedia.org/wiki/Specialne:Pytaś?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://dsb.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/el/messages.json b/browser/components/search/extensions/wikipedia/_locales/el/messages.json deleted file mode 100644 index 95b48f3d9ca7..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/el/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (el)" - }, - "extensionDescription": { - "message": "Βικιπαίδεια, η ελεύθερη εγκυκλοπαίδεια" - }, - "searchUrl": { - "message": "https://el.wikipedia.org/wiki/Ειδικό:Αναζήτηση" - }, - "searchForm": { - "message": "https://el.wikipedia.org/wiki/Ειδικό:Αναζήτηση?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://el.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/en/messages.json b/browser/components/search/extensions/wikipedia/_locales/en/messages.json deleted file mode 100644 index 0de3c9a8071a..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/en/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (en)" - }, - "extensionDescription": { - "message": "Wikipedia, the Free Encyclopedia" - }, - "searchUrl": { - "message": "https://en.wikipedia.org/wiki/Special:Search" - }, - "searchForm": { - "message": "https://en.wikipedia.org/wiki/Special:Search?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://en.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/eo/messages.json b/browser/components/search/extensions/wikipedia/_locales/eo/messages.json deleted file mode 100644 index 10aa88dd11ba..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/eo/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipedio (eo)" - }, - "extensionDescription": { - "message": "Vikipedio, la libera enciklopedio" - }, - "searchUrl": { - "message": "https://eo.wikipedia.org/wiki/Specialaĵo:Serĉi" - }, - "searchForm": { - "message": "https://eo.wikipedia.org/wiki/Specialaĵo:Serĉi?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://eo.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/es/messages.json b/browser/components/search/extensions/wikipedia/_locales/es/messages.json deleted file mode 100644 index 09ec1f757657..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/es/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (es)" - }, - "extensionDescription": { - "message": "Wikipedia, la enciclopedia libre" - }, - "searchUrl": { - "message": "https://es.wikipedia.org/wiki/Especial:Buscar" - }, - "searchForm": { - "message": "https://es.wikipedia.org/wiki/Especial:Buscar?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://es.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/et/messages.json b/browser/components/search/extensions/wikipedia/_locales/et/messages.json deleted file mode 100644 index 91363fbb392b..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/et/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipeedia (et)" - }, - "extensionDescription": { - "message": "Vikipeedia, vaba entsüklopeedia" - }, - "searchUrl": { - "message": "https://et.wikipedia.org/wiki/Eri:Otsimine" - }, - "searchForm": { - "message": "https://et.wikipedia.org/wiki/Eri:Otsimine?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://et.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/eu/messages.json b/browser/components/search/extensions/wikipedia/_locales/eu/messages.json deleted file mode 100644 index 1bd7027dec54..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/eu/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (eu)" - }, - "extensionDescription": { - "message": "Wikipedia, entziklopedia askea" - }, - "searchUrl": { - "message": "https://eu.wikipedia.org/wiki/Berezi:Bilatu" - }, - "searchForm": { - "message": "https://eu.wikipedia.org/wiki/Berezi:Bilatu?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://eu.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/fa/messages.json b/browser/components/search/extensions/wikipedia/_locales/fa/messages.json deleted file mode 100644 index 9fdc964a1e0b..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/fa/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ویکی‌پدیا (fa)" - }, - "extensionDescription": { - "message": "ویکی‌پدیا، دانشنامهٔ آزاد" - }, - "searchUrl": { - "message": "https://fa.wikipedia.org/wiki/ویژه:جستجو" - }, - "searchForm": { - "message": "https://fa.wikipedia.org/wiki/ویژه:جستجو?search={searchTerms}&sourceid=Mozi…" - }, - "suggestUrl": { - "message": "https://fa.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/fi/messages.json b/browser/components/search/extensions/wikipedia/_locales/fi/messages.json deleted file mode 100644 index 17a9cbe22c42..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/fi/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (fi)" - }, - "extensionDescription": { - "message": "Wikipedia (fi), vapaa tietosanakirja" - }, - "searchUrl": { - "message": "https://fi.wikipedia.org/wiki/Toiminnot:Haku" - }, - "searchForm": { - "message": "https://fi.wikipedia.org/wiki/Toiminnot:Haku?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://fi.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/fr/messages.json b/browser/components/search/extensions/wikipedia/_locales/fr/messages.json deleted file mode 100644 index 33dcbe9dc502..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/fr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipédia (fr)" - }, - "extensionDescription": { - "message": "Wikipédia, l'encyclopédie libre" - }, - "searchUrl": { - "message": "https://fr.wikipedia.org/wiki/Spécial:Recherche" - }, - "searchForm": { - "message": "https://fr.wikipedia.org/wiki/Spécial:Recherche?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://fr.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/fy-NL/messages.json b/browser/components/search/extensions/wikipedia/_locales/fy-NL/messages.json deleted file mode 100644 index f350162fbbaf..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/fy-NL/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedy (fy)" - }, - "extensionDescription": { - "message": "De fergese ensyklopedy" - }, - "searchUrl": { - "message": "https://fy.wikipedia.org/wiki/Wiki:Sykje" - }, - "searchForm": { - "message": "https://fy.wikipedia.org/wiki/Wiki:Sykje?search={searchTerms}&sourceid=Mozi…" - }, - "suggestUrl": { - "message": "https://fy.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ga-IE/messages.json b/browser/components/search/extensions/wikipedia/_locales/ga-IE/messages.json deleted file mode 100644 index 994ea723c6da..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ga-IE/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vicipéid (ga)" - }, - "extensionDescription": { - "message": "Vicipéid, an Chiclipéid Shaor" - }, - "searchUrl": { - "message": "https://ga.wikipedia.org/wiki/Speisialta:Search" - }, - "searchForm": { - "message": "https://ga.wikipedia.org/wiki/Speisialta:Search?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://ga.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/gd/messages.json b/browser/components/search/extensions/wikipedia/_locales/gd/messages.json deleted file mode 100644 index f16f16fb4a02..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/gd/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Uicipeid (gd)" - }, - "extensionDescription": { - "message": "Wikipedia, An leabhar mòr-eòlais" - }, - "searchUrl": { - "message": "https://gd.wikipedia.org/wiki/Sònraichte:Search" - }, - "searchForm": { - "message": "https://gd.wikipedia.org/wiki/Sònraichte:Search?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://gd.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/gl/messages.json b/browser/components/search/extensions/wikipedia/_locales/gl/messages.json deleted file mode 100644 index 88880bffc3d9..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/gl/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (gl)" - }, - "extensionDescription": { - "message": "Wikipedia, a enciclopedia libre" - }, - "searchUrl": { - "message": "https://gl.wikipedia.org/wiki/Especial:Procurar" - }, - "searchForm": { - "message": "https://gl.wikipedia.org/wiki/Especial:Procurar?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://gl.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/gn/messages.json b/browser/components/search/extensions/wikipedia/_locales/gn/messages.json deleted file mode 100644 index 5efc5ed74a95..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/gn/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipetã (gn)" - }, - "extensionDescription": { - "message": "Vikipetã, opaite tembikuaa hekosãsóva renda" - }, - "searchUrl": { - "message": "https://gn.wikipedia.org/wiki/Mba'echĩchĩ:Buscar" - }, - "searchForm": { - "message": "https://gn.wikipedia.org/wiki/Mba'echĩchĩ:Buscar?search={searchTerms}&sourceid=Mozilla-search" - }, - "suggestUrl": { - "message": "https://gn.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/gu/messages.json b/browser/components/search/extensions/wikipedia/_locales/gu/messages.json deleted file mode 100644 index 3d2f68826fc5..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/gu/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "વિકિપીડિયા (gu)" - }, - "extensionDescription": { - "message": "વીકીપીડિયા, મુક્ત એનસાયક્લોપીડિયા" - }, - "searchUrl": { - "message": "https://gu.wikipedia.org/wiki/વિશેષ:શોધ" - }, - "searchForm": { - "message": "https://gu.wikipedia.org/wiki/વિશેષ:શોધ?search={searchTerms}&sourceid=Mozil…" - }, - "suggestUrl": { - "message": "https://gu.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/he/messages.json b/browser/components/search/extensions/wikipedia/_locales/he/messages.json deleted file mode 100644 index 1f8471e980f0..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/he/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ויקיפדיה" - }, - "extensionDescription": { - "message": "ויקיפדיה" - }, - "searchUrl": { - "message": "https://he.wikipedia.org/wiki/מיוחד:חיפוש" - }, - "searchForm": { - "message": "https://he.wikipedia.org/wiki/מיוחד:חיפוש?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://he.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/hi/messages.json b/browser/components/search/extensions/wikipedia/_locales/hi/messages.json deleted file mode 100644 index f3b7d14eafa0..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/hi/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "विकिपीडिया (hi)" - }, - "extensionDescription": { - "message": "विकिपीडिया (हिन्दी)" - }, - "searchUrl": { - "message": "https://hi.wikipedia.org/wiki/विशेष:खोज" - }, - "searchForm": { - "message": "https://hi.wikipedia.org/wiki/विशेष:खोज?search={searchTerms}&sourceid=Mozil…" - }, - "suggestUrl": { - "message": "https://hi.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/hr/messages.json b/browser/components/search/extensions/wikipedia/_locales/hr/messages.json deleted file mode 100644 index 18a6177efcca..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/hr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedija (hr)" - }, - "extensionDescription": { - "message": "Wikipedija, slobodna enciklopedija" - }, - "searchUrl": { - "message": "https://hr.wikipedia.org/wiki/Posebno:Traži" - }, - "searchForm": { - "message": "https://hr.wikipedia.org/wiki/Posebno:Traži?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://hr.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/hsb/messages.json b/browser/components/search/extensions/wikipedia/_locales/hsb/messages.json deleted file mode 100644 index d4e62836e6e9..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/hsb/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedija (hsb)" - }, - "extensionDescription": { - "message": "Wikipedija, swobodna encyklopedija" - }, - "searchUrl": { - "message": "https://hsb.wikipedia.org/wiki/Specialnje:Pytać" - }, - "searchForm": { - "message": "https://hsb.wikipedia.org/wiki/Specialnje:Pytać?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://hsb.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/hu/messages.json b/browser/components/search/extensions/wikipedia/_locales/hu/messages.json deleted file mode 100644 index 68300c48a6f3..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/hu/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipédia (hu)" - }, - "extensionDescription": { - "message": "Wikipedia, a szabad enciklopédia" - }, - "searchUrl": { - "message": "https://hu.wikipedia.org/wiki/Speciális:Keresés" - }, - "searchForm": { - "message": "https://hu.wikipedia.org/wiki/Speciális:Keresés?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://hu.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/hy/messages.json b/browser/components/search/extensions/wikipedia/_locales/hy/messages.json deleted file mode 100644 index 56c2ae2c641b..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/hy/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (hy)" - }, - "extensionDescription": { - "message": "Վիքիփեդիա՝ ազատ հանրագիտարան" - }, - "searchUrl": { - "message": "https://hy.wikipedia.org/wiki/Սպասարկող:Որոնել" - }, - "searchForm": { - "message": "https://hy.wikipedia.org/wiki/Սպասարկող:Որոնել?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://hy.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ia/messages.json b/browser/components/search/extensions/wikipedia/_locales/ia/messages.json deleted file mode 100644 index 6d997ae8fc81..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ia/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (ia)" - }, - "extensionDescription": { - "message": "Wikipedia, le encyclopedia libere" - }, - "searchUrl": { - "message": "https://ia.wikipedia.org/wiki/Special:Recerca" - }, - "searchForm": { - "message": "https://ia.wikipedia.org/wiki/Special:Recerca?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://ia.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/id/messages.json b/browser/components/search/extensions/wikipedia/_locales/id/messages.json deleted file mode 100644 index 1d35e71b956d..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/id/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (id)" - }, - "extensionDescription": { - "message": "Wikipedia, ensiklopedia bebas" - }, - "searchUrl": { - "message": "https://id.wikipedia.org/wiki/Istimewa:Pencarian" - }, - "searchForm": { - "message": "https://id.wikipedia.org/wiki/Istimewa:Pencarian?search={searchTerms}&sourc…" - }, - "suggestUrl": { - "message": "https://id.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/is/messages.json b/browser/components/search/extensions/wikipedia/_locales/is/messages.json deleted file mode 100644 index f722d88187de..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/is/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (is)" - }, - "extensionDescription": { - "message": "Wikipedia, the free encyclopedia" - }, - "searchUrl": { - "message": "https://is.wikipedia.org/wiki/Kerfissíða:Leit" - }, - "searchForm": { - "message": "https://is.wikipedia.org/wiki/Kerfissíða:Leit?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://is.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/it/messages.json b/browser/components/search/extensions/wikipedia/_locales/it/messages.json deleted file mode 100644 index 2ca645740f87..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/it/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (it)" - }, - "extensionDescription": { - "message": "Wikipedia, l'enciclopedia libera" - }, - "searchUrl": { - "message": "https://it.wikipedia.org/wiki/Speciale:Ricerca" - }, - "searchForm": { - "message": "https://it.wikipedia.org/wiki/Speciale:Ricerca?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://it.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ja/messages.json b/browser/components/search/extensions/wikipedia/_locales/ja/messages.json deleted file mode 100644 index 7215e68768f0..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ja/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (ja)" - }, - "extensionDescription": { - "message": "Wikipedia - フリー百科事典" - }, - "searchUrl": { - "message": "https://ja.wikipedia.org/wiki/特別:検索" - }, - "searchForm": { - "message": "https://ja.wikipedia.org/wiki/特別:検索?search={searchTerms}&sourceid=Mozilla-s…" - }, - "suggestUrl": { - "message": "https://ja.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ka/messages.json b/browser/components/search/extensions/wikipedia/_locales/ka/messages.json deleted file mode 100644 index c460a093e5e4..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ka/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ვიკიპედია (ka)" - }, - "extensionDescription": { - "message": "ვიკიპედია, თავისუფალი ენციკლოპედია" - }, - "searchUrl": { - "message": "https://ka.wikipedia.org/wiki/სპეციალური:ძიება" - }, - "searchForm": { - "message": "https://ka.wikipedia.org/wiki/სპეციალური:ძიება?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://ka.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/kab/messages.json b/browser/components/search/extensions/wikipedia/_locales/kab/messages.json deleted file mode 100644 index 3cf743b616fe..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/kab/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (kab)" - }, - "extensionDescription": { - "message": "Wikipedia, tasanayt tilellit" - }, - "searchUrl": { - "message": "https://kab.wikipedia.org/wiki/Uslig:Search" - }, - "searchForm": { - "message": "https://kab.wikipedia.org/wiki/Uslig:Search?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://kab.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/kk/messages.json b/browser/components/search/extensions/wikipedia/_locales/kk/messages.json deleted file mode 100644 index 0844cca0d7e1..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/kk/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Уикипедия (kk)" - }, - "extensionDescription": { - "message": "Уикипедия (kk)" - }, - "searchUrl": { - "message": "https://kk.wikipedia.org/wiki/Арнайы:Іздеу" - }, - "searchForm": { - "message": "https://kk.wikipedia.org/wiki/Арнайы:Іздеу?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://kk.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/km/messages.json b/browser/components/search/extensions/wikipedia/_locales/km/messages.json deleted file mode 100644 index 0f0a0880e188..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/km/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "វីគីភីឌា (km)" - }, - "extensionDescription": { - "message": "វីគីភីឌា សព្វវចនាធិប្បាយសេរី" - }, - "searchUrl": { - "message": "https://km.wikipedia.org/wiki/ពិសេស:ស្វែងរក" - }, - "searchForm": { - "message": "https://km.wikipedia.org/wiki/ពិសេស:ស្វែងរក?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://km.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/kn/messages.json b/browser/components/search/extensions/wikipedia/_locales/kn/messages.json deleted file mode 100644 index 379ef20085a3..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/kn/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (kn)" - }, - "extensionDescription": { - "message": "Wikipedia, the free encyclopedia" - }, - "searchUrl": { - "message": "https://kn.wikipedia.org/wiki/ವಿಶೇಷ:Search" - }, - "searchForm": { - "message": "https://kn.wikipedia.org/wiki/ವಿಶೇಷ:Search?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://kn.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/kr/messages.json b/browser/components/search/extensions/wikipedia/_locales/kr/messages.json deleted file mode 100644 index 54296cac62bd..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/kr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "위키백과 (ko)" - }, - "extensionDescription": { - "message": "Wikipedia, the free encyclopedia" - }, - "searchUrl": { - "message": "https://ko.wikipedia.org/wiki/특수기능:찾기" - }, - "searchForm": { - "message": "https://ko.wikipedia.org/wiki/특수기능:찾기?search={searchTerms}&sourceid=Mozilla…" - }, - "suggestUrl": { - "message": "https://ko.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/lij/messages.json b/browser/components/search/extensions/wikipedia/_locales/lij/messages.json deleted file mode 100644 index cb90db5e4099..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/lij/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (lij)" - }, - "extensionDescription": { - "message": "Wikipedia, l'enciclopedia libera" - }, - "searchUrl": { - "message": "https://lij.wikipedia.org/wiki/Speçiale:Riçerca" - }, - "searchForm": { - "message": "https://lij.wikipedia.org/wiki/Speçiale:Riçerca?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://lij.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/lo/messages.json b/browser/components/search/extensions/wikipedia/_locales/lo/messages.json deleted file mode 100644 index 712746ec6316..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/lo/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ວິກິພີເດຍ (lo)" - }, - "extensionDescription": { - "message": "ວິກິພີເດຍ, ສາລານຸກົມເສລີ" - }, - "searchUrl": { - "message": "https://lo.wikipedia.org/wiki/ພິເສດ:ຊອກຫາ" - }, - "searchForm": { - "message": "https://lo.wikipedia.org/wiki/ພິເສດ:ຊອກຫາ?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://lo.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/lt/messages.json b/browser/components/search/extensions/wikipedia/_locales/lt/messages.json deleted file mode 100644 index c061bcc5224c..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/lt/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (lt)" - }, - "extensionDescription": { - "message": "Vikipedija, laisvoji enciklopedija" - }, - "searchUrl": { - "message": "https://lt.wikipedia.org/wiki/Specialus:Paieška" - }, - "searchForm": { - "message": "https://lt.wikipedia.org/wiki/Specialus:Paieška?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://lt.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ltg/messages.json b/browser/components/search/extensions/wikipedia/_locales/ltg/messages.json deleted file mode 100644 index 0e02810ef3bf..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ltg/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipedeja (ltg)" - }, - "extensionDescription": { - "message": "Vikipēdija, breivuo eņciklopedeja" - }, - "searchUrl": { - "message": "https://ltg.wikipedia.org/wiki/Seviškuo:Search" - }, - "searchForm": { - "message": "https://ltg.wikipedia.org/wiki/Seviškuo:Search?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://ltg.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/lv/messages.json b/browser/components/search/extensions/wikipedia/_locales/lv/messages.json deleted file mode 100644 index f73814b8574f..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/lv/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipēdija" - }, - "extensionDescription": { - "message": "Vikipēdija, brīvā enciklopēdija" - }, - "searchUrl": { - "message": "https://lv.wikipedia.org/wiki/Special:Search" - }, - "searchForm": { - "message": "https://lv.wikipedia.org/wiki/Special:Search?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://lv.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/mk/messages.json b/browser/components/search/extensions/wikipedia/_locales/mk/messages.json deleted file mode 100644 index de7e06e1ac4a..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/mk/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Википедија (mk)" - }, - "extensionDescription": { - "message": "Википедија, слободната енциклопедија" - }, - "searchUrl": { - "message": "https://mk.wikipedia.org/wiki/Специјална:Барај" - }, - "searchForm": { - "message": "https://mk.wikipedia.org/wiki/Специјална:Барај?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://mk.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/mr/messages.json b/browser/components/search/extensions/wikipedia/_locales/mr/messages.json deleted file mode 100644 index bd46dd83700c..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/mr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "विकिपीडिया (mr)" - }, - "extensionDescription": { - "message": "विकिपीडिया, मोफत माहितीकोष" - }, - "searchUrl": { - "message": "https://mr.wikipedia.org/wiki/विशेष:शोधा" - }, - "searchForm": { - "message": "https://mr.wikipedia.org/wiki/विशेष:शोधा?search={searchTerms}&sourceid=Mozi…" - }, - "suggestUrl": { - "message": "https://mr.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ms/messages.json b/browser/components/search/extensions/wikipedia/_locales/ms/messages.json deleted file mode 100644 index c817e82c7821..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ms/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (ms)" - }, - "extensionDescription": { - "message": "Wikipedia, ensiklopedia bebas" - }, - "searchUrl": { - "message": "https://ms.wikipedia.org/wiki/Khas:Gelintar" - }, - "searchForm": { - "message": "https://ms.wikipedia.org/wiki/Khas:Gelintar?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://ms.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/my/messages.json b/browser/components/search/extensions/wikipedia/_locales/my/messages.json deleted file mode 100644 index 62342d1b90ae..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/my/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (my)" - }, - "extensionDescription": { - "message": "အခမဲ့လွတ်လပ်စွယ်စုံကျမ်း" - }, - "searchUrl": { - "message": "https://my.wikipedia.org/wiki/Special:Search" - }, - "searchForm": { - "message": "https://my.wikipedia.org/wiki/Special:Search?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://my.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ne/messages.json b/browser/components/search/extensions/wikipedia/_locales/ne/messages.json deleted file mode 100644 index eb22344341e4..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ne/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "विकिपीडिया (ne)" - }, - "extensionDescription": { - "message": "विकिपिडिया एक स्वतन्त्र विश्वकोष" - }, - "searchUrl": { - "message": "https://ne.wikipedia.org/wiki/विशेष:Search" - }, - "searchForm": { - "message": "https://ne.wikipedia.org/wiki/विशेष:Search?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://ne.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/nl/messages.json b/browser/components/search/extensions/wikipedia/_locales/nl/messages.json deleted file mode 100644 index c2a810c2ae30..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/nl/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (nl)" - }, - "extensionDescription": { - "message": "De vrije encyclopedie" - }, - "searchUrl": { - "message": "https://nl.wikipedia.org/wiki/Speciaal:Zoeken" - }, - "searchForm": { - "message": "https://nl.wikipedia.org/wiki/Speciaal:Zoeken?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://nl.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/oc/messages.json b/browser/components/search/extensions/wikipedia/_locales/oc/messages.json deleted file mode 100644 index 3cadc3d68f07..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/oc/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipèdia (oc)" - }, - "extensionDescription": { - "message": "Wikipèdia, l'enciclopèdia liura" - }, - "searchUrl": { - "message": "https://oc.wikipedia.org/wiki/Especial:Recèrca" - }, - "searchForm": { - "message": "https://oc.wikipedia.org/wiki/Especial:Recèrca?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://oc.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/pa/messages.json b/browser/components/search/extensions/wikipedia/_locales/pa/messages.json deleted file mode 100644 index dff38c2146fd..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/pa/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (pa)" - }, - "extensionDescription": { - "message": "ਵਿਕਿਪੀਡਿਆ, ਮੁਫ਼ਤ/ਮੁਕਤ ਸ਼ਬਦਕੋਸ਼" - }, - "searchUrl": { - "message": "https://pa.wikipedia.org/wiki/ਖ਼ਾਸ:ਖੋਜੋ" - }, - "searchForm": { - "message": "https://pa.wikipedia.org/wiki/ਖ਼ਾਸ:ਖੋਜੋ?search={searchTerms}&sourceid=Mozil…" - }, - "suggestUrl": { - "message": "https://pa.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/pl/messages.json b/browser/components/search/extensions/wikipedia/_locales/pl/messages.json deleted file mode 100644 index 315aa0d9cbe1..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/pl/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (pl)" - }, - "extensionDescription": { - "message": "Wikipedia, wolna encyklopedia" - }, - "searchUrl": { - "message": "https://pl.wikipedia.org/wiki/Specjalna:Szukaj" - }, - "searchForm": { - "message": "https://pl.wikipedia.org/wiki/Specjalna:Szukaj?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://pl.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/pt/messages.json b/browser/components/search/extensions/wikipedia/_locales/pt/messages.json deleted file mode 100644 index 4beaa97acc88..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/pt/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (pt)" - }, - "extensionDescription": { - "message": "Wikipédia, a enciclopédia livre" - }, - "searchUrl": { - "message": "https://pt.wikipedia.org/wiki/Especial:Pesquisar" - }, - "searchForm": { - "message": "https://pt.wikipedia.org/wiki/Especial:Pesquisar?search={searchTerms}&sourc…" - }, - "suggestUrl": { - "message": "https://pt.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/rm/messages.json b/browser/components/search/extensions/wikipedia/_locales/rm/messages.json deleted file mode 100644 index 8258d5e43451..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/rm/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (rm)" - }, - "extensionDescription": { - "message": "Vichipedia, l'enciclopedia libra" - }, - "searchUrl": { - "message": "https://rm.wikipedia.org/wiki/Spezial:Search" - }, - "searchForm": { - "message": "https://rm.wikipedia.org/wiki/Spezial:Search?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://rm.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ro/messages.json b/browser/components/search/extensions/wikipedia/_locales/ro/messages.json deleted file mode 100644 index 48865fd547e4..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ro/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (ro)" - }, - "extensionDescription": { - "message": "Wikipedia, enciclopedia liberă" - }, - "searchUrl": { - "message": "https://ro.wikipedia.org/wiki/Special:Căutare" - }, - "searchForm": { - "message": "https://ro.wikipedia.org/wiki/Special:Căutare?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://ro.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ru/messages.json b/browser/components/search/extensions/wikipedia/_locales/ru/messages.json deleted file mode 100644 index 569467691d7c..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ru/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Википедия (ru)" - }, - "extensionDescription": { - "message": "Википедия, свободная энциклопедия" - }, - "searchUrl": { - "message": "https://ru.wikipedia.org/wiki/Служебная:Поиск" - }, - "searchForm": { - "message": "https://ru.wikipedia.org/wiki/Служебная:Поиск?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://ru.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/si/messages.json b/browser/components/search/extensions/wikipedia/_locales/si/messages.json deleted file mode 100644 index 0406ae728d71..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/si/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (si)" - }, - "extensionDescription": { - "message": "Wikipedia, the free encyclopedia" - }, - "searchUrl": { - "message": "https://si.wikipedia.org/wiki/විශේෂ:ගවේෂණය" - }, - "searchForm": { - "message": "https://si.wikipedia.org/wiki/විශේෂ:ගවේෂණය?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://si.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/sk/messages.json b/browser/components/search/extensions/wikipedia/_locales/sk/messages.json deleted file mode 100644 index 5c2f75f8b031..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/sk/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipédia (sk)" - }, - "extensionDescription": { - "message": "Wikipédia, slobodná a otvorená encyklopédia" - }, - "searchUrl": { - "message": "https://sk.wikipedia.org/wiki/Špeciálne:Hľadanie" - }, - "searchForm": { - "message": "https://sk.wikipedia.org/wiki/Špeciálne:Hľadanie?search={searchTerms}&sourc…" - }, - "suggestUrl": { - "message": "https://sk.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/sl/messages.json b/browser/components/search/extensions/wikipedia/_locales/sl/messages.json deleted file mode 100644 index 7385a2203474..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/sl/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedija (sl)" - }, - "extensionDescription": { - "message": "Wikipedija, prosta enciklopedija" - }, - "searchUrl": { - "message": "https://sl.wikipedia.org/wiki/Posebno:Iskanje" - }, - "searchForm": { - "message": "https://sl.wikipedia.org/wiki/Posebno:Iskanje?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://sl.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/sq/messages.json b/browser/components/search/extensions/wikipedia/_locales/sq/messages.json deleted file mode 100644 index 68361d8ab294..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/sq/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (sq)" - }, - "extensionDescription": { - "message": "Wikipedia, enciklopedia e lirë" - }, - "searchUrl": { - "message": "https://sq.wikipedia.org/wiki/Speciale:Kërkim" - }, - "searchForm": { - "message": "https://sq.wikipedia.org/wiki/Speciale:Kërkim?search={searchTerms}&sourceid…" - }, - "suggestUrl": { - "message": "https://sq.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/sr/messages.json b/browser/components/search/extensions/wikipedia/_locales/sr/messages.json deleted file mode 100644 index 50ebc0a197a1..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/sr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Википедија (sr)" - }, - "extensionDescription": { - "message": "Претрага Википедије на српском језику" - }, - "searchUrl": { - "message": "https://sr.wikipedia.org/wiki/Посебно:Претражи" - }, - "searchForm": { - "message": "https://sr.wikipedia.org/wiki/Посебно:Претражи?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://sr.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/sv-SE/messages.json b/browser/components/search/extensions/wikipedia/_locales/sv-SE/messages.json deleted file mode 100644 index 1edc3db80d98..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/sv-SE/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (sv)" - }, - "extensionDescription": { - "message": "Wikipedia, den fria encyklopedin" - }, - "searchUrl": { - "message": "https://sv.wikipedia.org/wiki/Special:Sök" - }, - "searchForm": { - "message": "https://sv.wikipedia.org/wiki/Special:Sök?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://sv.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ta/messages.json b/browser/components/search/extensions/wikipedia/_locales/ta/messages.json deleted file mode 100644 index 54397603b028..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ta/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "விக்கிப்பீடியா (ta)" - }, - "extensionDescription": { - "message": "விக்கிப்பீடியா (ta)" - }, - "searchUrl": { - "message": "https://ta.wikipedia.org/wiki/சிறப்பு:Search" - }, - "searchForm": { - "message": "https://ta.wikipedia.org/wiki/சிறப்பு:Search?search={searchTerms}&sourceid=…" - }, - "suggestUrl": { - "message": "https://ta.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/te/messages.json b/browser/components/search/extensions/wikipedia/_locales/te/messages.json deleted file mode 100644 index c474be12a76f..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/te/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "వికీపీడియా (te)" - }, - "extensionDescription": { - "message": "వికీపీడియా (te)" - }, - "searchUrl": { - "message": "https://te.wikipedia.org/wiki/ప్రత్యేక:అన్వేషణ" - }, - "searchForm": { - "message": "https://te.wikipedia.org/wiki/ప్రత్యేక:అన్వేషణ?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://te.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/th/messages.json b/browser/components/search/extensions/wikipedia/_locales/th/messages.json deleted file mode 100644 index 3d6aeb07ca2c..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/th/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "วิกิพีเดีย" - }, - "extensionDescription": { - "message": "วิกิพีเดีย สารานุกรมเสรี" - }, - "searchUrl": { - "message": "https://th.wikipedia.org/wiki/พิเศษ:ค้นหา" - }, - "searchForm": { - "message": "https://th.wikipedia.org/wiki/พิเศษ:ค้นหา?search={searchTerms}&sourceid=Moz…" - }, - "suggestUrl": { - "message": "https://th.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/tl/messages.json b/browser/components/search/extensions/wikipedia/_locales/tl/messages.json deleted file mode 100644 index d55b03131f97..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/tl/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (tl)" - }, - "extensionDescription": { - "message": "Wikipedia, ang malayang ensiklopedya" - }, - "searchUrl": { - "message": "https://tl.wikipedia.org/wiki/Natatangi:Maghanap" - }, - "searchForm": { - "message": "https://tl.wikipedia.org/wiki/Natatangi:Maghanap?search={searchTerms}&sourc…" - }, - "suggestUrl": { - "message": "https://tl.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/tr/messages.json b/browser/components/search/extensions/wikipedia/_locales/tr/messages.json deleted file mode 100644 index 878b28ab68b2..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/tr/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (tr)" - }, - "extensionDescription": { - "message": "Vikipedi, özgür ansiklopedi" - }, - "searchUrl": { - "message": "https://tr.wikipedia.org/wiki/Özel:Ara" - }, - "searchForm": { - "message": "https://tr.wikipedia.org/wiki/Özel:Ara?search={searchTerms}&sourceid=Mozill…" - }, - "suggestUrl": { - "message": "https://tr.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/uk/messages.json b/browser/components/search/extensions/wikipedia/_locales/uk/messages.json deleted file mode 100644 index 2749b86304bf..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/uk/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Вікіпедія (uk)" - }, - "extensionDescription": { - "message": "Вікіпедія, вільна енциклопедія" - }, - "searchUrl": { - "message": "https://uk.wikipedia.org/wiki/Спеціальна:Пошук" - }, - "searchForm": { - "message": "https://uk.wikipedia.org/wiki/Спеціальна:Пошук?search={searchTerms}&sourcei…" - }, - "suggestUrl": { - "message": "https://uk.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/ur/messages.json b/browser/components/search/extensions/wikipedia/_locales/ur/messages.json deleted file mode 100644 index dcc87e0c853c..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/ur/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "ویکیپیڈیا (ur)" - }, - "extensionDescription": { - "message": "ویکیپیڈیا آزاد دائرۃ المعارف" - }, - "searchUrl": { - "message": "https://ur.wikipedia.org/wiki/خاص:تلاش" - }, - "searchForm": { - "message": "https://ur.wikipedia.org/wiki/خاص:تلاش?search={searchTerms}&sourceid=Mozill…" - }, - "suggestUrl": { - "message": "https://ur.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/uz/messages.json b/browser/components/search/extensions/wikipedia/_locales/uz/messages.json deleted file mode 100644 index 89a8f2a89bca..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/uz/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Vikipediya (uz)" - }, - "extensionDescription": { - "message": "Vikipediya, ochiq ensiklopediya" - }, - "searchUrl": { - "message": "https://uz.wikipedia.org/wiki/Maxsus:Search" - }, - "searchForm": { - "message": "https://uz.wikipedia.org/wiki/Maxsus:Search?search={searchTerms}&sourceid=M…" - }, - "suggestUrl": { - "message": "https://uz.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/vi/messages.json b/browser/components/search/extensions/wikipedia/_locales/vi/messages.json deleted file mode 100644 index c0844e4feb14..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/vi/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (vi)" - }, - "extensionDescription": { - "message": "Wikipedia, bách khoa toàn thư mở" - }, - "searchUrl": { - "message": "https://vi.wikipedia.org/wiki/Đặc_biệt:Tìm_kiếm" - }, - "searchForm": { - "message": "https://vi.wikipedia.org/wiki/Đặc_biệt:Tìm_kiếm?search={searchTerms}&source…" - }, - "suggestUrl": { - "message": "https://vi.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/wo/messages.json b/browser/components/search/extensions/wikipedia/_locales/wo/messages.json deleted file mode 100644 index 7efde3b1d0f4..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/wo/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (wo)" - }, - "extensionDescription": { - "message": "Wikipedia, Jimbulang bu Ubbeeku bi" - }, - "searchUrl": { - "message": "https://wo.wikipedia.org/wiki/Jagleel:Ceet" - }, - "searchForm": { - "message": "https://wo.wikipedia.org/wiki/Jagleel:Ceet?search={searchTerms}&sourceid=Mo…" - }, - "suggestUrl": { - "message": "https://wo.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/zh-CN/messages.json b/browser/components/search/extensions/wikipedia/_locales/zh-CN/messages.json deleted file mode 100644 index 29047565a243..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/zh-CN/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "维基百科" - }, - "extensionDescription": { - "message": "维基百科，自由的百科全书" - }, - "searchUrl": { - "message": "https://zh.wikipedia.org/wiki/Special:搜索" - }, - "searchForm": { - "message": "https://zh.wikipedia.org/wiki/Special:搜索?search={searchTerms}&sourceid=Mozi…" - }, - "suggestUrl": { - "message": "https://zh.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/_locales/zh-TW/messages.json b/browser/components/search/extensions/wikipedia/_locales/zh-TW/messages.json deleted file mode 100644 index a0e8d880ea26..000000000000 --- a/browser/components/search/extensions/wikipedia/_locales/zh-TW/messages.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "extensionName": { - "message": "Wikipedia (zh)" - }, - "extensionDescription": { - "message": "維基百科，自由的百科全書" - }, - "searchUrl": { - "message": "https://zh.wikipedia.org/wiki/Special:搜索" - }, - "searchForm": { - "message": "https://zh.wikipedia.org/wiki/Special:搜索?search={searchTerms}&sourceid=Mozi…" - }, - "suggestUrl": { - "message": "https://zh.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}" - }, - "searchUrlGetParams": { - "message": "search={searchTerms}&sourceid=Mozilla-search&variant=zh-tw" - } -} \ No newline at end of file diff --git a/browser/components/search/extensions/wikipedia/manifest.json b/browser/components/search/extensions/wikipedia/manifest.json index 2f3e9aec3843..1bdf45ee3acb 100644 --- a/browser/components/search/extensions/wikipedia/manifest.json +++ b/browser/components/search/extensions/wikipedia/manifest.json @@ -1,6 +1,6 @@ { - "name": "__MSG_extensionName__", - "description": "__MSG_extensionDescription__", + "name": "Wikipedia (en)", + "description": "Wikipedia, the Free Encyclopedia", "manifest_version": 2, "version": "1.0", "applications": { @@ -9,7 +9,6 @@ } }, "hidden": true, - "default_locale": "en", "icons": { "16": "favicon.ico" }, @@ -18,11 +17,11 @@ ], "chrome_settings_overrides": { "search_provider": { - "name": "__MSG_extensionName__", - "search_url": "__MSG_searchUrl__", - "search_form": "__MSG_searchForm__", - "suggest_url": "__MSG_suggestUrl__", - "search_url_get_params": "__MSG_searchUrlGetParams__" + "name": "Wikipedia (en)", + "search_url": "https://en.wikipedia.org/wiki/Special:Search", + "search_form": "https://en.wikipedia.org/wiki/Special:Search?search={searchTerms}&sourceid=…", + "suggest_url": "https://en.wikipedia.org/w/api.php?action=opensearch&search={searchTerms}", + "search_url_get_params": "search={searchTerms}&sourceid=Mozilla-search" } } -} \ No newline at end of file +} diff --git a/browser/components/search/extensions/yahoo/favicon.ico b/browser/components/search/extensions/yahoo/favicon.ico new file mode 100644 index 000000000000..9bd1d9f7c008 Binary files /dev/null and b/browser/components/search/extensions/yahoo/favicon.ico differ diff --git a/browser/components/search/extensions/yahoo/manifest.json b/browser/components/search/extensions/yahoo/manifest.json new file mode 100644 index 000000000000..e1f04a373c2e --- /dev/null +++ b/browser/components/search/extensions/yahoo/manifest.json @@ -0,0 +1,28 @@ +{ + "name": "Yahoo", + "description": "Yahoo Search", + "manifest_version": 2, + "version": "1.0", + "applications": { + "gecko": { + "id": "yahoo(a)search.mozilla.org" + } + }, + "hidden": true, + "icons": { + "16": "favicon.ico" + }, + "web_accessible_resources": [ + "favicon.ico" + ], + "chrome_settings_overrides": { + "search_provider": { + "name": "Yahoo", + "search_url": "https://search.yahoo.com/yhs/search", + "search_form": "https://search.yahoo.com/yhs/search?p={searchTerms}&ei=UTF-8&hspart=mozilla", + "search_url_get_params": "p={searchTerms}&ei=UTF-8&hspart=mozilla", + "suggest_url": "https://search.yahoo.com/sugg/ff", + "suggest_url_get_params": "output=fxjson&appid=ffd&command={searchTerms}" + } + } +} diff --git a/browser/components/search/extensions/youtube/favicon.ico b/browser/components/search/extensions/youtube/favicon.ico new file mode 100644 index 000000000000..977887dbbb84 Binary files /dev/null and b/browser/components/search/extensions/youtube/favicon.ico differ diff --git a/browser/components/search/extensions/youtube/manifest.json b/browser/components/search/extensions/youtube/manifest.json new file mode 100644 index 000000000000..6fbf8745bac2 --- /dev/null +++ b/browser/components/search/extensions/youtube/manifest.json @@ -0,0 +1,26 @@ +{ + "name": "YouTube", + "description": "YouTube - Videos", + "manifest_version": 2, + "version": "1.0", + "applications": { + "gecko": { + "id": "youtube(a)search.mozilla.org" + } + }, + "hidden": true, + "icons": { + "16": "favicon.ico" + }, + "web_accessible_resources": [ + "favicon.ico" + ], + "chrome_settings_overrides": { + "search_provider": { + "name": "YouTube", + "search_url": "https://www.youtube.com/results?search_query={searchTerms}&search=Search", + "search_form": "https://www.youtube.com/index", + "suggest_url": "https://suggestqueries.google.com/complete/search?output=firefox&ds=yt&q={s…" + } + } +} \ No newline at end of file diff --git a/tbb-tests/browser_tor_omnibox.js b/tbb-tests/browser_tor_omnibox.js new file mode 100644 index 000000000000..f3efd0c3da5e --- /dev/null +++ b/tbb-tests/browser_tor_omnibox.js @@ -0,0 +1,14 @@ +// # Test Tor Omnibox +// Check what search engines are installed in the search box. + +add_task(async function() { + // Grab engine IDs. + let browserSearchService = Components.classes["@mozilla.org/browser/search-service;1"] + .getService(Components.interfaces.nsISearchService), + engineIDs = (await browserSearchService.getEngines()).map(e => e.identifier); + + // Check that we have the correct engines installed, in the right order. + is(engineIDs[0], "ddg", "Default search engine is duckduckgo"); + is(engineIDs[1], "youtube", "Secondary search engine is youtube"); + is(engineIDs[2], "google", "Google is third search engine"); +});

1 0

[tor-browser-build/master] Bug 40352: Add desktop-only (Windows/macOS/Linux) Makefile rules
by sysrqb＠torproject.org 07 Sep '21

07 Sep '21

commit 77483e8c27641373328e5a360cb2e5e92f883aa7 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Thu Sep 2 12:01:34 2021 +0200 Bug 40352: Add desktop-only (Windows/macOS/Linux) Makefile rules --- Makefile | 12 ++++++++++++ doc/MAKEFILE.txt | 10 ++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index fbd6e2f..bf0b63b 100644 --- a/Makefile +++ b/Makefile @@ -20,6 +20,9 @@ release-android-x86_64: submodule-update release-android-aarch64: submodule-update $(rbm) build release --target release --target torbrowser-android-aarch64 +release-desktop: submodule-update + $(rbm) build release --target release --target torbrowser-all-desktop + release-linux-x86_64: submodule-update $(rbm) build release --target release --target torbrowser-linux-x86_64 @@ -59,6 +62,9 @@ alpha-android-x86_64: submodule-update alpha-android-aarch64: submodule-update $(rbm) build release --target alpha --target torbrowser-android-aarch64 +alpha-desktop: submodule-update + $(rbm) build release --target alpha --target torbrowser-all-desktop + alpha-linux-x86_64: submodule-update $(rbm) build release --target alpha --target torbrowser-linux-x86_64 @@ -98,6 +104,9 @@ nightly-android-x86_64: submodule-update nightly-android-aarch64: submodule-update $(rbm) build release --target nightly --target torbrowser-android-aarch64 +nightly-desktop: submodule-update + $(rbm) build release --target nightly --target torbrowser-all-desktop + nightly-linux-x86_64: submodule-update $(rbm) build release --target nightly --target torbrowser-linux-x86_64 @@ -137,6 +146,9 @@ testbuild-android-x86_64: submodule-update testbuild-android-aarch64: submodule-update $(rbm) build release --target testbuild --target torbrowser-android-aarch64 +testbuild-desktop: submodule-update + $(rbm) build release --target testbuild --target torbrowser-all-desktop + testbuild-linux-x86_64: submodule-update $(rbm) build release --target testbuild --target torbrowser-linux-x86_64 diff --git a/doc/MAKEFILE.txt b/doc/MAKEFILE.txt index b198985..9603463 100644 --- a/doc/MAKEFILE.txt +++ b/doc/MAKEFILE.txt @@ -8,9 +8,11 @@ Build Tor Browser for the release channel, for all supported platforms. The resulting build can be found in directory release/$version. release-{linux-x86_64,linux-i686,windows-i686,osx-x86_64,android-armv7, - android-x86,android-x86_64,android-aarch64} + android-x86,android-x86_64,android-aarch64,desktop,android} ----------------------------------------------------------------------- -Same as release, for the selected platform only. +Same as release, for the selected platform only. The "desktop" platform +means Linux, Windows and macOS. The "android" platform means android for +all architectures we support. alpha ----- @@ -18,7 +20,7 @@ Build Tor Browser for the alpha channel, for all supported platforms. The resulting build can be found in directory alpha/$version. alpha-{linux-x86_64,linux-i686,windows-i686,osx-x86_64,android-armv7, - android-x86,android-x86_64,android-aarch64} + android-x86,android-x86_64,android-aarch64,desktop,android} --------------------------------------------------------------------- Same as alpha, for the selected platform only. @@ -32,7 +34,7 @@ components. The resulting build can be found in directory nightly/$date nightly-{linux-x86_64,linux-i686,windows-i686,osx-x86_64,android-armv7, - android-x86,android-x86_64,android-aarch64} + android-x86,android-x86_64,android-aarch64,desktop,android} ----------------------------------------------------------------------- Same as nightly, for the selected platform only.

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 24796 - Comment out excess permissions from GeckoView
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit b727578f73568916c3b0a7e3b8b9de91f141ebe0 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Wed Apr 11 17:52:59 2018 +0000 Bug 24796 - Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. --- .../android/geckoview/src/main/AndroidManifest.xml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml b/mobile/android/geckoview/src/main/AndroidManifest.xml index 87ad6dc28047..4c8ab2a9d996 100644 --- a/mobile/android/geckoview/src/main/AndroidManifest.xml +++ b/mobile/android/geckoview/src/main/AndroidManifest.xml @@ -6,20 +6,32 @@ <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="org.mozilla.geckoview"> + +  + <uses-permission android:name="android.permission.INTERNET"/> <uses-permission android:name="android.permission.WAKE_LOCK"/> <uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" /> + +  + <uses-feature android:name="android.hardware.touchscreen" android:required="false"/> + +  +  +  <uses-feature

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit a9572dfee5e413228daf01e0525a899482d12455 Author: Amogh Pradeep <amoghbl1(a)gmail.com> Date: Fri Jun 12 02:07:45 2015 -0400 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review --- .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++++++++++----------- .../java/org/mozilla/gecko/util/BitmapUtils.java | 7 --- .../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++++++- 3 files changed, 59 insertions(+), 41 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java index 995b23316c32..b9ca73bee2eb 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java @@ -1764,39 +1764,41 @@ public class GeckoAppShell { @WrapForJNI private static URLConnection getConnection(final String url) { - try { - String spec; - if (url.startsWith("android://")) { - spec = url.substring(10); - } else { - spec = url.substring(8); - } - - // Check if we are loading a package icon. - try { - if (spec.startsWith("icon/")) { - String[] splits = spec.split("/"); - if (splits.length != 2) { - return null; - } - final String pkg = splits[1]; - final PackageManager pm = getApplicationContext().getPackageManager(); - final Drawable d = pm.getApplicationIcon(pkg); - final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); - return new BitmapConnection(bitmap); - } - } catch (Exception ex) { - Log.e(LOGTAG, "error", ex); - } - - // if the colon got stripped, put it back - int colon = spec.indexOf(':'); - if (colon == -1 || colon > spec.indexOf('/')) { - spec = spec.replaceFirst("/", ":/"); - } - } catch (Exception ex) { - return null; - } + // Bug 31144 - Prevent potential proxy-bypass + + //try { + // String spec; + // if (url.startsWith("android://")) { + // spec = url.substring(10); + // } else { + // spec = url.substring(8); + // } + + // // Check if we are loading a package icon. + // try { + // if (spec.startsWith("icon/")) { + // String[] splits = spec.split("/"); + // if (splits.length != 2) { + // return null; + // } + // final String pkg = splits[1]; + // final PackageManager pm = getApplicationContext().getPackageManager(); + // final Drawable d = pm.getApplicationIcon(pkg); + // final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); + // return new BitmapConnection(bitmap); + // } + // } catch (Exception ex) { + // Log.e(LOGTAG, "error", ex); + // } + + // // if the colon got stripped, put it back + // int colon = spec.indexOf(':'); + // if (colon == -1 || colon > spec.indexOf('/')) { + // spec = spec.replaceFirst("/", ":/"); + // } + //} catch (Exception ex) { + // return null; + //} return null; } diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java index 73a69a3abd66..f795dacffb47 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java @@ -101,13 +101,6 @@ public final class BitmapUtils { public static Bitmap decodeUrl(final URL url) { InputStream stream = null; - try { - stream = url.openStream(); - } catch (IOException e) { - Log.w(LOGTAG, "decodeUrl: IOException downloading " + url); - return null; - } - if (stream == null) { Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url); return null; diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java index 3940d3c84249..9515975f680a 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java @@ -29,6 +29,10 @@ import java.net.URLConnection; import java.util.List; public class ProxySelector { + private static final String TOR_PROXY_ADDRESS = "127.0.0.1"; + private static final int TOR_SOCKS_PROXY_PORT = 9150; + private static final int TOR_HTTP_PROXY_PORT = 8218; + public static URLConnection openConnectionWithProxy(final URI uri) throws IOException { java.net.ProxySelector ps = java.net.ProxySelector.getDefault(); Proxy proxy = Proxy.NO_PROXY; @@ -39,7 +43,26 @@ public class ProxySelector { } } - return uri.toURL().openConnection(proxy); + /* Ignore the proxy we found from the VM, only use Tor. We can probably + * safely use the logic in this class in the future. */ + return uri.toURL().openConnection(getProxy()); + } + + public static Proxy getProxy() { + // TODO make configurable + return new Proxy(Proxy.Type.SOCKS, new InetSocketAddress(TOR_PROXY_ADDRESS, TOR_SOCKS_PROXY_PORT)); + } + + public static String getProxyHostAddress() { + return TOR_PROXY_ADDRESS; + } + + public static int getSocksProxyPort() { + return TOR_SOCKS_PROXY_PORT; + } + + public static int getHttpProxyPort() { + return TOR_HTTP_PROXY_PORT; } public ProxySelector() {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 28125 - Prevent non-Necko network connections
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 283916a9d8748bb2cfb768ec0037e9f9c606a4a9 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Thu Oct 25 19:17:09 2018 +0000 Bug 28125 - Prevent non-Necko network connections --- .../gecko/media/GeckoMediaDrmBridgeV21.java | 49 +--------------------- .../exoplayer2/upstream/DefaultHttpDataSource.java | 47 +-------------------- 2 files changed, 3 insertions(+), 93 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java index 3ba59bfd6776..eb57b1013642 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java @@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm { @Override protected Void doInBackground(final Void... params) { - HttpURLConnection urlConnection = null; - BufferedReader in = null; - try { - URI finalURI = new URI(mURL + "&signedRequest=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8")); - urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI); - urlConnection.setRequestMethod("POST"); - if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString()); - - // Add data - urlConnection.setRequestProperty("Accept", "*/*"); - urlConnection.setRequestProperty("User-Agent", getCDMUserAgent()); - urlConnection.setRequestProperty("Content-Type", "application/json"); - - // Execute HTTP Post Request - urlConnection.connect(); - - int responseCode = urlConnection.getResponseCode(); - if (responseCode == HttpURLConnection.HTTP_OK) { - in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8)); - String inputLine; - StringBuffer response = new StringBuffer(); - - while ((inputLine = in.readLine()) != null) { - response.append(inputLine); - } - in.close(); - mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8); - if (DEBUG) Log.d(LOGTAG, "Provisioning, response received."); - if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length); - } else { - Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode); - } - } catch (IOException e) { - Log.e(LOGTAG, "Got exception during posting provisioning request ...", e); - } catch (URISyntaxException e) { - Log.e(LOGTAG, "Got exception during creating uri ...", e); - } finally { - if (urlConnection != null) { - urlConnection.disconnect(); - } - try { - if (in != null) { - in.close(); - } - } catch (IOException e) { - Log.e(LOGTAG, "Exception during closing in ...", e); - } - } + Log.i(LOGTAG, "This is Tor Browser. Skipping."); return null; } diff --git a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java index fdb44cc2ea1f..7a2044721d2d 100644 --- a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java +++ b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java @@ -395,51 +395,8 @@ public class DefaultHttpDataSource implements HttpDataSource { */ private HttpURLConnection makeConnection(URL url, byte[] postBody, long position, long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException { - /** - * Tor Project modified the way the connection object was created. For the sake of - * simplicity, instead of duplicating the whole file we changed the connection object - * to use the ProxySelector. - */ - HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); - - connection.setConnectTimeout(connectTimeoutMillis); - connection.setReadTimeout(readTimeoutMillis); - if (defaultRequestProperties != null) { - for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - } - for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - if (!(position == 0 && length == C.LENGTH_UNSET)) { - String rangeRequest = "bytes=" + position + "-"; - if (length != C.LENGTH_UNSET) { - rangeRequest += (position + length - 1); - } - connection.setRequestProperty("Range", rangeRequest); - } - connection.setRequestProperty("User-Agent", userAgent); - if (!allowGzip) { - connection.setRequestProperty("Accept-Encoding", "identity"); - } - connection.setInstanceFollowRedirects(followRedirects); - connection.setDoOutput(postBody != null); - if (postBody != null) { - connection.setRequestMethod("POST"); - if (postBody.length == 0) { - connection.connect(); - } else { - connection.setFixedLengthStreamingMode(postBody.length); - connection.connect(); - OutputStream os = connection.getOutputStream(); - os.write(postBody); - os.close(); - } - } else { - connection.connect(); - } - return connection; + Log.i(TAG, "This is Tor Browser. Skipping."); + throw new IOException(); } /**

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 28005: Implement .onion alias urlbar rewrites
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit e805affcc12bcef9cdbdb5fdd90cccc530b8217f Author: Alex Catarineu <acat(a)torproject.org> Date: Thu Feb 13 13:24:33 2020 +0100 Bug 28005: Implement .onion alias urlbar rewrites A custom HTTPS Everywhere update channel is installed, which provides rules for locally redirecting some memorable .tor.onion URLs to non-memorable .onion URLs. When these redirects occur, we also rewrite the URL in the urlbar to display the human-memorable hostname instead of the actual .onion. Bug 34196: Update site info URL with the onion name Bug 40456: Update the SecureDrop HTTPS-Everywhere update channel Bug 40478: Onion alias url rewrite is broken --- browser/actors/ClickHandlerChild.jsm | 20 ++ browser/actors/ClickHandlerParent.jsm | 1 + browser/actors/ContextMenuChild.jsm | 4 + browser/base/content/browser-places.js | 12 +- browser/base/content/browser-siteIdentity.js | 12 +- browser/base/content/browser.js | 43 ++++- browser/base/content/nsContextMenu.js | 18 ++ browser/base/content/pageinfo/pageInfo.js | 2 +- browser/base/content/pageinfo/pageInfo.xhtml | 10 + browser/base/content/pageinfo/security.js | 17 +- browser/base/content/tabbrowser.js | 7 + browser/base/content/utilityOverlay.js | 12 ++ browser/components/BrowserGlue.jsm | 8 + .../onionservices/ExtensionMessaging.jsm | 86 +++++++++ .../onionservices/HttpsEverywhereControl.jsm | 147 +++++++++++++++ .../components/onionservices/OnionAliasStore.jsm | 201 +++++++++++++++++++++ browser/components/onionservices/moz.build | 6 + browser/components/urlbar/UrlbarInput.jsm | 13 +- docshell/base/nsDocShell.cpp | 52 ++++++ docshell/base/nsDocShell.h | 6 + docshell/base/nsDocShellLoadState.cpp | 4 + docshell/base/nsIDocShell.idl | 5 + docshell/base/nsIWebNavigation.idl | 5 + docshell/shistory/SessionHistoryEntry.cpp | 14 ++ docshell/shistory/SessionHistoryEntry.h | 1 + docshell/shistory/nsISHEntry.idl | 5 + docshell/shistory/nsSHEntry.cpp | 22 ++- docshell/shistory/nsSHEntry.h | 1 + dom/interfaces/base/nsIBrowser.idl | 3 +- dom/ipc/BrowserChild.cpp | 2 + dom/ipc/BrowserParent.cpp | 3 +- dom/ipc/PBrowser.ipdl | 1 + modules/libpref/init/StaticPrefList.yaml | 6 + netwerk/dns/effective_tld_names.dat | 2 + netwerk/ipc/DocumentLoadListener.cpp | 10 + toolkit/content/widgets/browser-custom-element.js | 13 +- toolkit/modules/sessionstore/SessionHistory.jsm | 5 + 37 files changed, 757 insertions(+), 22 deletions(-) diff --git a/browser/actors/ClickHandlerChild.jsm b/browser/actors/ClickHandlerChild.jsm index 7dd060e83061..206a8fc97a4d 100644 --- a/browser/actors/ClickHandlerChild.jsm +++ b/browser/actors/ClickHandlerChild.jsm @@ -138,6 +138,26 @@ class ClickHandlerChild extends JSWindowActorChild { json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal; json.triggeringPrincipal = ownerDoc.nodePrincipal; + // Check if the link needs to be opened with .tor.onion urlbar rewrites + // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true + // and the same origin we should allow this. + json.onionUrlbarRewritesAllowed = false; + if (this.docShell.onionUrlbarRewritesAllowed) { + const sm = Services.scriptSecurityManager; + try { + let targetURI = Services.io.newURI(href); + let isPrivateWin = + ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0; + sm.checkSameOriginURI( + docshell.currentDocumentChannel.URI, + targetURI, + false, + isPrivateWin + ); + json.onionUrlbarRewritesAllowed = true; + } catch (e) {} + } + // If a link element is clicked with middle button, user wants to open // the link somewhere rather than pasting clipboard content. Therefore, // when it's clicked with middle button, we should prevent multiple diff --git a/browser/actors/ClickHandlerParent.jsm b/browser/actors/ClickHandlerParent.jsm index 454c0fe69b27..42ab7a0f6e2a 100644 --- a/browser/actors/ClickHandlerParent.jsm +++ b/browser/actors/ClickHandlerParent.jsm @@ -102,6 +102,7 @@ class ClickHandlerParent extends JSWindowActorParent { charset: browser.characterSet, referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo), allowMixedContent: data.allowMixedContent, + onionUrlbarRewritesAllowed: data.onionUrlbarRewritesAllowed, isContentWindowPrivate: data.isContentWindowPrivate, originPrincipal: data.originPrincipal, originStoragePrincipal: data.originStoragePrincipal, diff --git a/browser/actors/ContextMenuChild.jsm b/browser/actors/ContextMenuChild.jsm index 16a3f8ecbc81..1a1b38aa6375 100644 --- a/browser/actors/ContextMenuChild.jsm +++ b/browser/actors/ContextMenuChild.jsm @@ -575,6 +575,9 @@ class ContextMenuChild extends JSWindowActorChild { // The same-origin check will be done in nsContextMenu.openLinkInTab. let parentAllowsMixedContent = !!this.docShell.mixedContentChannel; + let parentAllowsOnionUrlbarRewrites = this.docShell + .onionUrlbarRewritesAllowed; + let disableSetDesktopBackground = null; // Media related cache info parent needs for saving @@ -687,6 +690,7 @@ class ContextMenuChild extends JSWindowActorChild { frameBrowsingContextID, disableSetDesktopBackground, parentAllowsMixedContent, + parentAllowsOnionUrlbarRewrites, }; if (context.inFrame && !context.inSrcdocFrame) { diff --git a/browser/base/content/browser-places.js b/browser/base/content/browser-places.js index d4b71f87da04..9a9bb3e0dad4 100644 --- a/browser/base/content/browser-places.js +++ b/browser/base/content/browser-places.js @@ -452,7 +452,8 @@ var PlacesCommandHook = { */ async bookmarkPage() { let browser = gBrowser.selectedBrowser; - let url = new URL(browser.currentURI.spec); + const uri = browser.currentOnionAliasURI || browser.currentURI; + let url = new URL(uri.spec); let info = await PlacesUtils.bookmarks.fetch({ url }); let isNewBookmark = !info; let showEditUI = !isNewBookmark || StarUI.showForNewBookmarks; @@ -556,7 +557,7 @@ var PlacesCommandHook = { tabs.forEach(tab => { let browser = tab.linkedBrowser; - let uri = browser.currentURI; + let uri = browser.currentOnionAliasURI || browser.currentURI; let title = browser.contentTitle || tab.label; let spec = uri.spec; if (!(spec in uniquePages)) { @@ -1655,14 +1656,17 @@ var BookmarkingUI = { }, onLocationChange: function BUI_onLocationChange() { - if (this._uri && gBrowser.currentURI.equals(this._uri)) { + const uri = + gBrowser.selectedBrowser.currentOnionAliasURI || gBrowser.currentURI; + if (this._uri && uri.equals(this._uri)) { return; } this.updateStarState(); }, updateStarState: function BUI_updateStarState() { - this._uri = gBrowser.currentURI; + this._uri = + gBrowser.selectedBrowser.currentOnionAliasURI || gBrowser.currentURI; this._itemGuids.clear(); let guids = new Set(); diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index b7fa432d9478..539d6d4056a3 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -474,13 +474,13 @@ var gIdentityHandler = { * nsIURI for which the identity UI should be displayed, already * processed by createExposableURI. */ - updateIdentity(state, uri) { + updateIdentity(state, uri, onionAliasURI) { let shouldHidePopup = this._uri && this._uri.spec != uri.spec; this._state = state; // Firstly, populate the state properties required to display the UI. See // the documentation of the individual properties for details. - this.setURI(uri); + this.setURI(uri, onionAliasURI); this._secInfo = gBrowser.securityUI.secInfo; this._isSecureContext = gBrowser.securityUI.isSecureContext; @@ -566,17 +566,18 @@ var gIdentityHandler = { * Attempt to provide proper IDN treatment for host names */ getEffectiveHost() { + let uri = this._onionAliasURI || this._uri; if (!this._IDNService) { this._IDNService = Cc["@mozilla.org/network/idn-service;1"].getService( Ci.nsIIDNService ); } try { - return this._IDNService.convertToDisplayIDN(this._uri.host, {}); + return this._IDNService.convertToDisplayIDN(uri.host, {}); } catch (e) { // If something goes wrong (e.g. host is an IP address) just fail back // to the full domain. - return this._uri.host; + return uri.host; } }, @@ -1000,8 +1001,9 @@ var gIdentityHandler = { this.updateSitePermissions(); }, - setURI(uri) { + setURI(uri, onionAliasURI) { this._uri = uri; + this._onionAliasURI = onionAliasURI; try { // Account for file: urls and catch when "" is the value diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 9f5f0c608536..bd5f10cb6f64 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -77,6 +77,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { TabCrashHandler: "resource:///modules/ContentCrashHandlers.jsm", TelemetryEnvironment: "resource://gre/modules/TelemetryEnvironment.jsm", Translation: "resource:///modules/translation/TranslationParent.jsm", + OnionAliasStore: "resource:///modules/OnionAliasStore.jsm", UITour: "resource:///modules/UITour.jsm", UpdateUtils: "resource://gre/modules/UpdateUtils.jsm", UrlbarInput: "resource:///modules/UrlbarInput.jsm", @@ -2325,6 +2326,7 @@ var gBrowserInit = { // [9]: allowInheritPrincipal (bool) // [10]: csp (nsIContentSecurityPolicy) // [11]: nsOpenWindowInfo + // [12]: onionUrlbarRewritesAllowed (bool) let userContextId = window.arguments[5] != undefined ? window.arguments[5] @@ -2344,7 +2346,8 @@ var gBrowserInit = { // TODO fix allowInheritPrincipal to default to false. // Default to true unless explicitly set to false because of bug 1475201. window.arguments[9] !== false, - window.arguments[10] + window.arguments[10], + window.arguments[12] ); window.focus(); } else { @@ -3230,7 +3233,8 @@ function loadURI( forceAboutBlankViewerInCurrent, triggeringPrincipal, allowInheritPrincipal = false, - csp = null + csp = null, + onionUrlbarRewritesAllowed = false ) { if (!triggeringPrincipal) { throw new Error("Must load with a triggering Principal"); @@ -3248,6 +3252,7 @@ function loadURI( csp, forceAboutBlankViewerInCurrent, allowInheritPrincipal, + onionUrlbarRewritesAllowed, }); } catch (e) { Cu.reportError(e); @@ -5359,11 +5364,24 @@ var XULBrowserWindow = { this.reloadCommand.removeAttribute("disabled"); } + // The onion memorable alias needs to be used in gURLBar.setURI, but also in + // other parts of the code (like the bookmarks UI), so we save it. + if (gBrowser.selectedBrowser.onionUrlbarRewritesAllowed) { + gBrowser.selectedBrowser.currentOnionAliasURI = OnionAliasStore.getShortURI( + aLocationURI + ); + } else { + gBrowser.selectedBrowser.currentOnionAliasURI = null; + } + // We want to update the popup visibility if we received this notification // via simulated locationchange events such as switching between tabs, however // if this is a document navigation then PopupNotifications will be updated // via TabsProgressListener.onLocationChange and we do not want it called twice - gURLBar.setURI(aLocationURI, aIsSimulated); + gURLBar.setURI( + gBrowser.selectedBrowser.currentOnionAliasURI || aLocationURI, + aIsSimulated + ); BookmarkingUI.onLocationChange(); @@ -5534,6 +5552,7 @@ var XULBrowserWindow = { // Don't need to do anything if the data we use to update the UI hasn't // changed let uri = gBrowser.currentURI; + let onionAliasURI = gBrowser.selectedBrowser.currentOnionAliasURI; let spec = uri.spec; if (this._state == aState && this._lastLocation == spec) { // Switching to a tab of the same URL doesn't change most security @@ -5551,7 +5570,7 @@ var XULBrowserWindow = { try { uri = Services.io.createExposableURI(uri); } catch (e) {} - gIdentityHandler.updateIdentity(this._state, uri); + gIdentityHandler.updateIdentity(this._state, uri, onionAliasURI); }, // simulate all change notifications after switching tabs @@ -7011,6 +7030,21 @@ function handleLinkClick(event, href, linkNode) { } catch (e) {} } + // Check if the link needs to be opened with .tor.onion urlbar rewrites + // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true + // and the same origin we should allow this. + let persistOnionUrlbarRewritesAllowedInChildTab = false; + if (where == "tab" && gBrowser.docShell.onionUrlbarRewritesAllowed) { + const sm = Services.scriptSecurityManager; + try { + let tURI = makeURI(href); + let isPrivateWin = + doc.nodePrincipal.originAttributes.privateBrowsingId > 0; + sm.checkSameOriginURI(doc.documentURIObject, tURI, false, isPrivateWin); + persistOnionUrlbarRewritesAllowedInChildTab = true; + } catch (e) {} + } + let frameOuterWindowID = WebNavigationFrames.getFrameId(doc.defaultView); urlSecurityCheck(href, doc.nodePrincipal); @@ -7023,6 +7057,7 @@ function handleLinkClick(event, href, linkNode) { triggeringPrincipal: doc.nodePrincipal, csp: doc.csp, frameOuterWindowID, + onionUrlbarRewritesAllowed: persistOnionUrlbarRewritesAllowedInChildTab, }; // The new tab/window must use the same userContextId diff --git a/browser/base/content/nsContextMenu.js b/browser/base/content/nsContextMenu.js index 354b504ce0b4..ca351c71f1cb 100644 --- a/browser/base/content/nsContextMenu.js +++ b/browser/base/content/nsContextMenu.js @@ -57,6 +57,7 @@ function openContextMenu(aMessage, aBrowser, aActor) { disableSetDesktopBackground: data.disableSetDesktopBackground, loginFillInfo: data.loginFillInfo, parentAllowsMixedContent: data.parentAllowsMixedContent, + parentAllowsOnionUrlbarRewrites: data.parentAllowsOnionUrlbarRewrites, userContextId: data.userContextId, webExtContextData: data.webExtContextData, }; @@ -1059,6 +1060,7 @@ class nsContextMenu { triggeringPrincipal: this.principal, csp: this.csp, frameOuterWindowID: this.contentData.frameOuterWindowID, + onionUrlbarRewritesAllowed: false, }; for (let p in extra) { params[p] = extra[p]; @@ -1082,6 +1084,22 @@ class nsContextMenu { } params.referrerInfo = referrerInfo; + + // Check if the link needs to be opened with .tor.onion urlbar rewrites + // allowed. Only when parent has onionUrlbarRewritesAllowed = true + // and the same origin we should allow this. + if (this.contentData.parentAllowsOnionUrlbarRewrites) { + let referrerURI = this.contentData.documentURIObject; + const sm = Services.scriptSecurityManager; + try { + let targetURI = this.linkURI; + let isPrivateWin = + this.browser.contentPrincipal.originAttributes.privateBrowsingId > 0; + sm.checkSameOriginURI(referrerURI, targetURI, false, isPrivateWin); + params.onionUrlbarRewritesAllowed = true; + } catch (e) {} + } + return params; } diff --git a/browser/base/content/pageinfo/pageInfo.js b/browser/base/content/pageinfo/pageInfo.js index 664dace84d9f..cd03cea3b6d9 100644 --- a/browser/base/content/pageinfo/pageInfo.js +++ b/browser/base/content/pageinfo/pageInfo.js @@ -390,7 +390,7 @@ async function onNonMediaPageInfoLoad(browser, pageInfoData, imageInfo) { ); } onLoadPermission(uri, principal); - securityOnLoad(uri, windowInfo); + securityOnLoad(uri, windowInfo, browser.currentOnionAliasURI); } function resetPageInfo(args) { diff --git a/browser/base/content/pageinfo/pageInfo.xhtml b/browser/base/content/pageinfo/pageInfo.xhtml index f40ffd3778d8..a23f2bb5748c 100644 --- a/browser/base/content/pageinfo/pageInfo.xhtml +++ b/browser/base/content/pageinfo/pageInfo.xhtml @@ -312,6 +312,16 @@ <input id="security-identity-domain-value" readonly="readonly"/> </td> </tr> +  + <tr id="security-view-identity-onionalias-row"> + <th> + <xul:label id="security-view-identity-onionalias" + control="security-view-identity-onionalias-value"/> + </th> + <td> + <input id="security-view-identity-onionalias-value" readonly="true"/> + </td> + </tr>  <tr> <th> diff --git a/browser/base/content/pageinfo/security.js b/browser/base/content/pageinfo/security.js index 4331ebc4b219..29395e96ce57 100644 --- a/browser/base/content/pageinfo/security.js +++ b/browser/base/content/pageinfo/security.js @@ -250,7 +250,7 @@ var security = { }, }; -async function securityOnLoad(uri, windowInfo) { +async function securityOnLoad(uri, windowInfo, onionAliasURI) { await security.init(uri, windowInfo); let info = security.securityInfo; @@ -263,6 +263,21 @@ async function securityOnLoad(uri, windowInfo) { } document.getElementById("securityTab").hidden = false; + if (onionAliasURI) { + setText( + "security-view-identity-onionalias", + gTorButtonBundle.GetStringFromName("pageInfo_OnionName") + ); + setText("security-view-identity-onionalias-value", onionAliasURI.host); + document.getElementById( + "security-view-identity-onionalias-row" + ).hidden = false; + } else { + document.getElementById( + "security-view-identity-onionalias-row" + ).hidden = true; + } + /* Set Identity section text */ setText("security-identity-domain-value", windowInfo.hostName); diff --git a/browser/base/content/tabbrowser.js b/browser/base/content/tabbrowser.js index 8ce4a2710cb8..8c313eaaffcb 100644 --- a/browser/base/content/tabbrowser.js +++ b/browser/base/content/tabbrowser.js @@ -1547,6 +1547,7 @@ var aRelatedToCurrent; var aAllowInheritPrincipal; var aAllowMixedContent; + var aOnionUrlbarRewritesAllowed; var aSkipAnimation; var aForceNotRemote; var aPreferredRemoteType; @@ -1577,6 +1578,7 @@ aRelatedToCurrent = params.relatedToCurrent; aAllowInheritPrincipal = !!params.allowInheritPrincipal; aAllowMixedContent = params.allowMixedContent; + aOnionUrlbarRewritesAllowed = params.onionUrlbarRewritesAllowed; aSkipAnimation = params.skipAnimation; aForceNotRemote = params.forceNotRemote; aPreferredRemoteType = params.preferredRemoteType; @@ -1618,6 +1620,7 @@ relatedToCurrent: aRelatedToCurrent, skipAnimation: aSkipAnimation, allowMixedContent: aAllowMixedContent, + onionUrlbarRewritesAllowed: aOnionUrlbarRewritesAllowed, forceNotRemote: aForceNotRemote, createLazyBrowser: aCreateLazyBrowser, preferredRemoteType: aPreferredRemoteType, @@ -2504,6 +2507,7 @@ { allowInheritPrincipal, allowMixedContent, + onionUrlbarRewritesAllowed, allowThirdPartyFixup, bulkOrderedOpen, charset, @@ -2833,6 +2837,9 @@ if (allowMixedContent) { flags |= Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_MIXED_CONTENT; } + if (onionUrlbarRewritesAllowed) { + flags |= Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES; + } if (!allowInheritPrincipal) { flags |= Ci.nsIWebNavigation.LOAD_FLAGS_DISALLOW_INHERIT_PRINCIPAL; } diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js index a23d6f05e6a7..eb13d5a3435c 100644 --- a/browser/base/content/utilityOverlay.js +++ b/browser/base/content/utilityOverlay.js @@ -367,6 +367,7 @@ function openLinkIn(url, where, params) { var aRelatedToCurrent = params.relatedToCurrent; var aAllowInheritPrincipal = !!params.allowInheritPrincipal; var aAllowMixedContent = params.allowMixedContent; + var aOnionUrlbarRewritesAllowed = params.onionUrlbarRewritesAllowed; var aForceAllowDataURI = params.forceAllowDataURI; var aInBackground = params.inBackground; var aInitiatingDoc = params.initiatingDoc; @@ -482,6 +483,11 @@ function openLinkIn(url, where, params) { ].createInstance(Ci.nsISupportsPRBool); allowThirdPartyFixupSupports.data = aAllowThirdPartyFixup; + var onionUrlbarRewritesAllowed = Cc[ + "@mozilla.org/supports-PRBool;1" + ].createInstance(Ci.nsISupportsPRBool); + onionUrlbarRewritesAllowed.data = aOnionUrlbarRewritesAllowed; + var userContextIdSupports = Cc[ "@mozilla.org/supports-PRUint32;1" ].createInstance(Ci.nsISupportsPRUint32); @@ -498,6 +504,8 @@ function openLinkIn(url, where, params) { sa.appendElement(aTriggeringPrincipal); sa.appendElement(null); // allowInheritPrincipal sa.appendElement(aCsp); + sa.appendElement(null); // nsOpenWindowInfo + sa.appendElement(onionUrlbarRewritesAllowed); const sourceWindow = w || window; let win; @@ -614,6 +622,9 @@ function openLinkIn(url, where, params) { if (aForceAllowDataURI) { flags |= Ci.nsIWebNavigation.LOAD_FLAGS_FORCE_ALLOW_DATA_URI; } + if (aOnionUrlbarRewritesAllowed) { + flags |= Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES; + } let { URI_INHERITS_SECURITY_CONTEXT } = Ci.nsIProtocolHandler; if ( @@ -661,6 +672,7 @@ function openLinkIn(url, where, params) { relatedToCurrent: aRelatedToCurrent, skipAnimation: aSkipTabAnimation, allowMixedContent: aAllowMixedContent, + onionUrlbarRewritesAllowed: aOnionUrlbarRewritesAllowed, userContextId: aUserContextId, originPrincipal: aPrincipal, originStoragePrincipal: aStoragePrincipal, diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 7d147d01d561..d30abff54562 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -703,6 +703,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { TabCrashHandler: "resource:///modules/ContentCrashHandlers.jsm", TabUnloader: "resource:///modules/TabUnloader.jsm", TRRRacer: "resource:///modules/TRRPerformance.jsm", + OnionAliasStore: "resource:///modules/OnionAliasStore.jsm", UIState: "resource://services-sync/UIState.jsm", WebChannel: "resource://gre/modules/WebChannel.jsm", WindowsRegistry: "resource://gre/modules/WindowsRegistry.jsm", @@ -2046,6 +2047,7 @@ BrowserGlue.prototype = { Normandy.uninit(); RFPHelper.uninit(); + OnionAliasStore.uninit(); }, // Set up a listener to enable/disable the screenshots extension @@ -2412,6 +2414,12 @@ BrowserGlue.prototype = { }, }, + { + task: () => { + OnionAliasStore.init(); + }, + }, + { task: () => { Blocklist.loadBlocklistAsync(); diff --git a/browser/components/onionservices/ExtensionMessaging.jsm b/browser/components/onionservices/ExtensionMessaging.jsm new file mode 100644 index 000000000000..b5d69df93807 --- /dev/null +++ b/browser/components/onionservices/ExtensionMessaging.jsm @@ -0,0 +1,86 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +const EXPORTED_SYMBOLS = ["ExtensionMessaging"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { ExtensionUtils } = ChromeUtils.import( + "resource://gre/modules/ExtensionUtils.jsm" +); +const { MessageChannel } = ChromeUtils.import( + "resource://gre/modules/MessageChannel.jsm" +); +const { AddonManager } = ChromeUtils.import( + "resource://gre/modules/AddonManager.jsm" +); + +class ExtensionMessaging { + constructor() { + this._callback = null; + this._handlers = new Map(); + this._messageManager = Services.cpmm; + } + + async sendMessage(msg, extensionId) { + this._init(); + + const addon = await AddonManager.getAddonByID(extensionId); + if (!addon) { + throw new Error(`extension '${extensionId} does not exist`); + } + await addon.startupPromise; + + const channelId = ExtensionUtils.getUniqueId(); + return new Promise((resolve, reject) => { + this._handlers.set(channelId, { resolve, reject }); + this._messageManager.sendAsyncMessage("MessageChannel:Messages", [ + { + messageName: "Extension:Message", + sender: { + id: extensionId, + extensionId, + }, + recipient: { extensionId }, + data: new StructuredCloneHolder(msg), + channelId, + responseType: MessageChannel.RESPONSE_FIRST, + }, + ]); + }); + } + + unload() { + if (this._callback) { + this._handlers.clear(); + this._messageManager.removeMessageListener( + "MessageChannel:Response", + this._callback + ); + this._callback = null; + } + } + + _onMessage({ data }) { + const channelId = data.messageName; + if (this._handlers.has(channelId)) { + const { resolve, reject } = this._handlers.get(channelId); + this._handlers.delete(channelId); + if (data.error) { + reject(new Error(data.error.message)); + } else { + resolve(data.value); + } + } + } + + _init() { + if (this._callback === null) { + this._callback = this._onMessage.bind(this); + this._messageManager.addMessageListener( + "MessageChannel:Response", + this._callback + ); + } + } +} diff --git a/browser/components/onionservices/HttpsEverywhereControl.jsm b/browser/components/onionservices/HttpsEverywhereControl.jsm new file mode 100644 index 000000000000..525ed5233be7 --- /dev/null +++ b/browser/components/onionservices/HttpsEverywhereControl.jsm @@ -0,0 +1,147 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +const EXPORTED_SYMBOLS = ["HttpsEverywhereControl"]; + +const { ExtensionMessaging } = ChromeUtils.import( + "resource:///modules/ExtensionMessaging.jsm" +); +const { setTimeout } = ChromeUtils.import("resource://gre/modules/Timer.jsm"); + +const EXTENSION_ID = "https-everywhere-eff(a)eff.org"; +const SECUREDROP_TOR_ONION_CHANNEL_2020 = { + name: "SecureDropTorOnion", + jwk: { + kty: "RSA", + e: "AQAB", + n: + "p10BbUVc5Xj2S_-MH3bACNBaISo_r9e3PVPyTTjsGsdg2qSXvqUO42fBtpFAy0zUzIGS83v4JjiRdvKJaZTIvbC8AcpymzdsTqujMm8RPTSy3hO_8mXzGa4DEsIB1uNLnUWRBKXvSGCmT9kFyxhTpkYqokNBzafVihTU34tN2Md1xFHnmZGqfYtPtbJLWAa5Z1M11EyR4lIyUxIiPTV9t1XstDbWr3iS83REJrGEFmjG1-BAgx8_lDUTa41799N2yYEhgZud7bL0M3ei8s5OERjiion5uANkUV3-s2QqUZjiVA-XR_HizXjciaUWNd683KqekpNOZ_0STh_UGwpcwU-KwG07QyiCrLrRpz8S_vH8CqGrrcWY3GSzYe9dp34jJdO65oA-G8tK6fMXtvTCFDZI6oNNaXJH71F5J0YbqO2ZqwKYc2WSi0gKVl2wd9roOVjaBmkJqvocntYuNM7t38fDEWHn5KUkmrTbiG68Cy56tDUfpKl3D9Uj4LaMvxJ1tKGvzQ4k_60odT7gIxu6DqYjXUHZpwPsSGBq3njaD7boe4CUXF2K7ViOc87BsKxRNCzDD8OklRjjXzOTOBH3PqFJ93CJ-4ECE5t9STU20aZ8E-2zKB8vjKyCySE4-kcIvBBsnkwVaJTPy9Ft1qYybo-soXEWVEZATANNWklBt8k", + }, + update_path_prefix: "https://securedrop.org/https-everywhere/", + scope: + "^https?:\\/\\/[a-z0-9-]+(?:\\.[a-z0-9-]+)*\\.securedrop\\.tor\\.onion\\/", + replaces_default_rulesets: false, +}; + +const SECUREDROP_TOR_ONION_CHANNEL = { + name: "SecureDropTorOnion2021", + jwk: { + kty: "RSA", + e: "AQAB", + n: + "vsC7BNafkRe8Uh1DUgCkv6RbPQMdJgAKKnWdSqQd7tQzU1mXfmo_k1Py_2MYMZXOWmqSZ9iwIYkykZYywJ2VyMGve4byj1sLn6YQoOkG8g5Z3V4y0S2RpEfmYumNjTzfq8nxtLnwjaYd4sCUd5wa0SzeLrpRQuXo2bF3QuUF2xcbLJloxX1MmlsMMCdBc-qGNonLJ7bpn_JuyXlDWy1Fkeyw1qgjiOdiRIbMC1x302zgzX6dSrBrNB8Cpsh-vCE0ZjUo8M9caEv06F6QbYmdGJHM0ZZY34OHMSNdf-_qUKIV_SuxuSuFE99tkAeWnbWpyI1V-xhVo1sc7NzChP8ci2TdPvI3_0JyAuCvL6zIFqJUJkZibEUghhg6F09-oNJKpy7rhUJq7zZyLXJsvuXnn0gnIxfjRvMcDfZAKUVMZKRdw7fwWzwQril4Ib0MQOVda9vb_4JMk7Gup-TUI4sfuS4NKwsnKoODIO-2U5QpJWdtp1F4AQ1pBv8ajFl1WTrVGvkRGK0woPWaO6pWyJ4kRnhnxrV2FyNNt3JSR-0JEjhFWws47kjBvpr0VRiVRFppKA-plKs4LPlaaCff39TleYmY3mETe3w1GIGc2Lliad32Jpbx496IgDe1K3FMBEoKFZfhmtlRSXft8NKgSzPt2zkatM9bFKfaCYRaSy7akbk", + }, + update_path_prefix: "https://securedrop.org/https-everywhere-2021/", + scope: + "^https?:\\/\\/[a-z0-9-]+(?:\\.[a-z0-9-]+)*\\.securedrop\\.tor\\.onion\\/", + replaces_default_rulesets: false, +}; + +class HttpsEverywhereControl { + constructor() { + this._extensionMessaging = null; + } + + async _sendMessage(type, object) { + return this._extensionMessaging.sendMessage( + { + type, + object, + }, + EXTENSION_ID + ); + } + + static async wait(seconds = 1) { + return new Promise(resolve => setTimeout(resolve, seconds * 1000)); + } + + /** + * Installs the .tor.onion update channel in https-everywhere + */ + async installTorOnionUpdateChannel(retries = 5) { + this._init(); + + // TODO: https-everywhere store is initialized asynchronously, so sending a message + // immediately results in a `store.get is undefined` error. + // For now, let's wait a bit and retry a few times if there is an error, but perhaps + // we could suggest https-everywhere to send a message when that happens and listen + // for that here. + await HttpsEverywhereControl.wait(); + + try { + // Delete the previous channel signing key, and add the new one below. + await this._sendMessage( + "delete_update_channel", + SECUREDROP_TOR_ONION_CHANNEL_2020.name + ); + } catch (e) { + if (retries <= 0) { + throw new Error("Could not uninstall SecureDropTorOnion update channel"); + } + await this.installTorOnionUpdateChannel(retries - 1); + return; + } + + try { + // TODO: we may want a way to "lock" this update channel, so that it cannot be modified + // by the user via UI, but I think this is not possible at the time of writing via + // the existing messages in https-everywhere. + await this._sendMessage( + "create_update_channel", + SECUREDROP_TOR_ONION_CHANNEL.name + ); + } catch (e) { + if (retries <= 0) { + throw new Error("Could not install SecureDropTorOnion update channel"); + } + await this.installTorOnionUpdateChannel(retries - 1); + return; + } + + await this._sendMessage( + "update_update_channel", + SECUREDROP_TOR_ONION_CHANNEL + ); + } + + /** + * Returns the .tor.onion rulesets available in https-everywhere + */ + async getTorOnionRules() { + return this._sendMessage("get_simple_rules_ending_with", ".tor.onion"); + } + + /** + * Returns the timestamp of the last .tor.onion update channel update. + */ + async getRulesetTimestamp() { + const rulesets = await this._sendMessage("get_update_channel_timestamps"); + const securedrop = + rulesets && + rulesets.find(([{ name }]) => name === SECUREDROP_TOR_ONION_CHANNEL.name); + if (securedrop) { + const [ + updateChannel, // This has the same structure as SECUREDROP_TOR_ONION_CHANNEL + lastUpdatedTimestamp, // An integer, 0 if the update channel was never updated + ] = securedrop; + void updateChannel; // Ignore eslint unused warning for ruleset + return lastUpdatedTimestamp; + } + return null; + } + + unload() { + if (this._extensionMessaging) { + this._extensionMessaging.unload(); + this._extensionMessaging = null; + } + } + + _init() { + if (!this._extensionMessaging) { + this._extensionMessaging = new ExtensionMessaging(); + } + } +} diff --git a/browser/components/onionservices/OnionAliasStore.jsm b/browser/components/onionservices/OnionAliasStore.jsm new file mode 100644 index 000000000000..66cf569227bf --- /dev/null +++ b/browser/components/onionservices/OnionAliasStore.jsm @@ -0,0 +1,201 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +const EXPORTED_SYMBOLS = ["OnionAliasStore"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { setTimeout, clearTimeout } = ChromeUtils.import( + "resource://gre/modules/Timer.jsm" +); +const { HttpsEverywhereControl } = ChromeUtils.import( + "resource:///modules/HttpsEverywhereControl.jsm" +); + +// Logger adapted from CustomizableUI.jsm +const kPrefOnionAliasDebug = "browser.onionalias.debug"; +XPCOMUtils.defineLazyPreferenceGetter( + this, + "gDebuggingEnabled", + kPrefOnionAliasDebug, + false, + (pref, oldVal, newVal) => { + if (typeof log != "undefined") { + log.maxLogLevel = newVal ? "all" : "log"; + } + } +); +XPCOMUtils.defineLazyGetter(this, "log", () => { + let scope = {}; + ChromeUtils.import("resource://gre/modules/Console.jsm", scope); + let consoleOptions = { + maxLogLevel: gDebuggingEnabled ? "all" : "log", + prefix: "OnionAlias", + }; + return new scope.ConsoleAPI(consoleOptions); +}); + +function observe(topic, callback) { + let observer = { + observe(aSubject, aTopic, aData) { + if (topic === aTopic) { + callback(aSubject, aData); + } + }, + }; + Services.obs.addObserver(observer, topic); + return () => Services.obs.removeObserver(observer, topic); +} + +class _OnionAliasStore { + static get RULESET_CHECK_INTERVAL() { + return 1000 * 60; // 1 minute + } + + static get RULESET_CHECK_INTERVAL_FAST() { + return 1000 * 5; // 5 seconds + } + + constructor() { + this._onionMap = new Map(); + this._rulesetTimeout = null; + this._removeObserver = () => {}; + this._canLoadRules = false; + this._rulesetTimestamp = null; + this._updateChannelInstalled = false; + } + + async _periodicRulesetCheck() { + // TODO: it would probably be preferable to listen to some message broadcasted by + // the https-everywhere extension when some update channel is updated, instead of + // polling every N seconds. + log.debug("Checking for new rules"); + const ts = await this.httpsEverywhereControl.getRulesetTimestamp(); + log.debug( + `Found ruleset timestamp ${ts}, current is ${this._rulesetTimestamp}` + ); + if (ts !== this._rulesetTimestamp) { + this._rulesetTimestamp = ts; + log.debug("New rules found, updating"); + // We clear the mappings even if we cannot load the rules from https-everywhere, + // since we cannot be sure if the stored mappings are correct anymore. + this._clear(); + if (this._canLoadRules) { + await this._loadRules(); + } + } + // If the timestamp is 0, that means the update channel was not yet updated, so + // we schedule a check soon. + this._rulesetTimeout = setTimeout( + () => this._periodicRulesetCheck(), + ts === 0 + ? _OnionAliasStore.RULESET_CHECK_INTERVAL_FAST + : _OnionAliasStore.RULESET_CHECK_INTERVAL + ); + } + + async init() { + this.httpsEverywhereControl = new HttpsEverywhereControl(); + + // Setup .tor.onion rule loading. + // The http observer is a fallback, and is removed in _loadRules() as soon as we are able + // to load some rules from HTTPS Everywhere. + this._loadHttpObserver(); + try { + await this.httpsEverywhereControl.installTorOnionUpdateChannel(); + this._updateChannelInstalled = true; + await this.httpsEverywhereControl.getTorOnionRules(); + this._canLoadRules = true; + } catch (e) { + // Loading rules did not work, probably because "get_simple_rules_ending_with" is not yet + // working in https-everywhere. Use an http observer as a fallback for learning the rules. + log.debug(`Could not load rules: ${e.message}`); + } + + // Setup checker for https-everywhere ruleset updates + if (this._updateChannelInstalled) { + this._periodicRulesetCheck(); + } + } + + /** + * Loads the .tor.onion mappings from https-everywhere. + */ + async _loadRules() { + const rules = await this.httpsEverywhereControl.getTorOnionRules(); + // Remove http observer if we are able to load some rules directly. + if (rules.length) { + this._removeObserver(); + this._removeObserver = () => {}; + } + this._clear(); + log.debug(`Loading ${rules.length} rules`, rules); + for (const rule of rules) { + // Here we are trusting that the securedrop ruleset follows some conventions so that we can + // assume there is a host mapping from `rule.host` to the hostname of the URL in `rule.to`. + try { + const url = new URL(rule.to); + const shortHost = rule.host; + const longHost = url.hostname; + this._addMapping(shortHost, longHost); + } catch (e) { + log.error("Could not process rule:", rule); + } + } + } + + /** + * Loads a http observer to listen for local redirects for populating + * the .tor.onion -> .onion mappings. Should only be used if we cannot ask https-everywhere + * directly for the mappings. + */ + _loadHttpObserver() { + this._removeObserver = observe("http-on-before-connect", channel => { + if ( + channel.isMainDocumentChannel && + channel.originalURI.host.endsWith(".tor.onion") + ) { + this._addMapping(channel.originalURI.host, channel.URI.host); + } + }); + } + + uninit() { + this._clear(); + this._removeObserver(); + this._removeObserver = () => {}; + if (this.httpsEverywhereControl) { + this.httpsEverywhereControl.unload(); + delete this.httpsEverywhereControl; + } + clearTimeout(this._rulesetTimeout); + this._rulesetTimeout = null; + this._rulesetTimestamp = null; + } + + _clear() { + this._onionMap.clear(); + } + + _addMapping(shortOnionHost, longOnionHost) { + this._onionMap.set(longOnionHost, shortOnionHost); + } + + getShortURI(onionURI) { + if ( + (onionURI.schemeIs("http") || onionURI.schemeIs("https")) && + this._onionMap.has(onionURI.host) + ) { + return onionURI + .mutate() + .setHost(this._onionMap.get(onionURI.host)) + .finalize(); + } + return null; + } +} + +let OnionAliasStore = new _OnionAliasStore(); diff --git a/browser/components/onionservices/moz.build b/browser/components/onionservices/moz.build index 7e103239c8d6..e4b6d73f8f40 100644 --- a/browser/components/onionservices/moz.build +++ b/browser/components/onionservices/moz.build @@ -1 +1,7 @@ JAR_MANIFESTS += ['jar.mn'] + +EXTRA_JS_MODULES += [ + 'ExtensionMessaging.jsm', + 'HttpsEverywhereControl.jsm', + 'OnionAliasStore.jsm', +] diff --git a/browser/components/urlbar/UrlbarInput.jsm b/browser/components/urlbar/UrlbarInput.jsm index db1c497bcace..13b1279105f2 100644 --- a/browser/components/urlbar/UrlbarInput.jsm +++ b/browser/components/urlbar/UrlbarInput.jsm @@ -277,7 +277,10 @@ class UrlbarInput { // bar if the user has deleted the URL and we'd just put the same URL // back. See bug 304198. if (value === null) { - uri = uri || this.window.gBrowser.currentURI; + uri = + uri || + this.window.gBrowser.selectedBrowser.currentOnionAliasURI || + this.window.gBrowser.currentURI; // Strip off usernames and passwords for the location bar try { uri = Services.io.createExposableURI(uri); @@ -1541,7 +1544,13 @@ class UrlbarInput { } let uri; - if (this.getAttribute("pageproxystate") == "valid") { + // When we rewrite .onion to an alias, gBrowser.currentURI will be different than + // the URI displayed in the urlbar. We need to use the urlbar value to copy the + // alias instead of the actual .onion URI that is loaded. + if ( + this.getAttribute("pageproxystate") == "valid" && + !this.window.gBrowser.selectedBrowser.currentOnionAliasURI + ) { uri = this.window.gBrowser.currentURI; } else { // The value could be: diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 8731e44dd4eb..bf9639c82612 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -5657,6 +5657,10 @@ void nsDocShell::OnRedirectStateChange(nsIChannel* aOldChannel, return; } + if (!mOnionUrlbarRewritesAllowed && IsTorOnionRedirect(oldURI, newURI)) { + mOnionUrlbarRewritesAllowed = true; + } + // DocumentChannel adds redirect chain to global history in the parent // process. The redirect chain can't be queried from the content process, so // there's no need to update global history here. @@ -8693,6 +8697,20 @@ nsresult nsDocShell::HandleSameDocumentNavigation( return NS_OK; } +/* static */ +bool nsDocShell::IsTorOnionRedirect(nsIURI* aOldURI, nsIURI* aNewURI) { + nsAutoCString oldHost; + nsAutoCString newHost; + if (aOldURI && aNewURI && NS_SUCCEEDED(aOldURI->GetHost(oldHost)) && + StringEndsWith(oldHost, NS_LITERAL_CSTRING(".tor.onion")) && + NS_SUCCEEDED(aNewURI->GetHost(newHost)) && + StringEndsWith(newHost, NS_LITERAL_CSTRING(".onion")) && + !StringEndsWith(newHost, NS_LITERAL_CSTRING(".tor.onion"))) { + return true; + } + return false; + } + nsresult nsDocShell::InternalLoad(nsDocShellLoadState* aLoadState, nsIDocShell** aDocShell, nsIRequest** aRequest) { @@ -8844,6 +8862,30 @@ nsresult nsDocShell::InternalLoad(nsDocShellLoadState* aLoadState, mAllowKeywordFixup = aLoadState->HasLoadFlags(INTERNAL_LOAD_FLAGS_ALLOW_THIRD_PARTY_FIXUP); + + if (mOnionUrlbarRewritesAllowed) { + mOnionUrlbarRewritesAllowed = false; + nsCOMPtr<nsIURI> referrer; + nsIReferrerInfo* referrerInfo = aLoadState->GetReferrerInfo(); + if (referrerInfo) { + referrerInfo->GetOriginalReferrer(getter_AddRefs(referrer)); + bool isPrivateWin = false; + Document* doc = GetDocument(); + if (doc) { + isPrivateWin = + doc->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId > 0; + nsCOMPtr<nsIScriptSecurityManager> secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + mOnionUrlbarRewritesAllowed = + secMan && NS_SUCCEEDED(secMan->CheckSameOriginURI( + aLoadState->URI(), referrer, false, isPrivateWin)); + } + } + } + mOnionUrlbarRewritesAllowed = + mOnionUrlbarRewritesAllowed || + aLoadState->HasLoadFlags(INTERNAL_LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES); + mURIResultedInDocument = false; // reset the clock... // See if this is actually a load between two history entries for the same @@ -10996,6 +11038,7 @@ nsresult nsDocShell::AddToSessionHistory( mDynamicallyCreated, originalURI, resultPrincipalURI, loadReplace, referrerInfo, srcdoc, srcdocEntry, baseURI, saveLayoutState, expired); + entry->SetOnionUrlbarRewritesAllowed(mOnionUrlbarRewritesAllowed); if (root == static_cast<nsIDocShellTreeItem*>(this) && GetSessionHistory()) { bool shouldPersist = ShouldAddToSessionHistory(aURI, aChannel); @@ -12793,3 +12836,12 @@ bool nsDocShell::GetIsAttemptingToNavigate() { return false; } + +NS_IMETHODIMP +nsDocShell::GetOnionUrlbarRewritesAllowed(bool* aOnionUrlbarRewritesAllowed) { + NS_ENSURE_ARG(aOnionUrlbarRewritesAllowed); + *aOnionUrlbarRewritesAllowed = + StaticPrefs::browser_urlbar_onionRewrites_enabled() && + mOnionUrlbarRewritesAllowed; + return NS_OK; +} diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index dcffed8e5537..d403a06f4c9f 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -152,6 +152,9 @@ class nsDocShell final : public nsDocLoader, // Whether the load should go through LoadURIDelegate. INTERNAL_LOAD_FLAGS_BYPASS_LOAD_URI_DELEGATE = 0x2000, + + // Whether rewriting the urlbar to a short .onion alias is allowed. + INTERNAL_LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES = 0x4000, }; // Event type dispatched by RestorePresentation @@ -582,6 +585,8 @@ class nsDocShell final : public nsDocLoader, virtual void DestroyChildren() override; + static bool IsTorOnionRedirect(nsIURI* aOldURI, nsIURI* aNewURI); + // Overridden from nsDocLoader, this provides more information than the // normal OnStateChange with flags STATE_REDIRECTING virtual void OnRedirectStateChange(nsIChannel* aOldChannel, @@ -1264,6 +1269,7 @@ class nsDocShell final : public nsDocLoader, bool mCSSErrorReportingEnabled : 1; bool mAllowAuth : 1; bool mAllowKeywordFixup : 1; + bool mOnionUrlbarRewritesAllowed : 1; bool mIsOffScreenBrowser : 1; bool mDisableMetaRefreshWhenInactive : 1; bool mIsAppTab : 1; diff --git a/docshell/base/nsDocShellLoadState.cpp b/docshell/base/nsDocShellLoadState.cpp index d91bb6034f9d..fe1216bd2509 100644 --- a/docshell/base/nsDocShellLoadState.cpp +++ b/docshell/base/nsDocShellLoadState.cpp @@ -730,6 +730,10 @@ void nsDocShellLoadState::CalculateLoadURIFlags() { mLoadFlags |= nsDocShell::INTERNAL_LOAD_FLAGS_ALLOW_THIRD_PARTY_FIXUP; } + if (oldLoadFlags & nsIWebNavigation::LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES) { + mLoadFlags |= nsDocShell::INTERNAL_LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES; + } + if (oldLoadFlags & nsIWebNavigation::LOAD_FLAGS_FIRST_LOAD) { mLoadFlags |= nsDocShell::INTERNAL_LOAD_FLAGS_FIRST_LOAD; } diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl index 01dc4734eb19..305acfd3a98f 100644 --- a/docshell/base/nsIDocShell.idl +++ b/docshell/base/nsIDocShell.idl @@ -1019,4 +1019,9 @@ interface nsIDocShell : nsIDocShellTreeItem * until session history state is moved into the parent process. */ void persistLayoutHistoryState(); + + /** + * Whether rewriting the urlbar to a short .onion alias is allowed. + */ + [infallible] readonly attribute boolean onionUrlbarRewritesAllowed; }; diff --git a/docshell/base/nsIWebNavigation.idl b/docshell/base/nsIWebNavigation.idl index bbc3eb7583a2..a4cceb52b2a0 100644 --- a/docshell/base/nsIWebNavigation.idl +++ b/docshell/base/nsIWebNavigation.idl @@ -237,6 +237,11 @@ interface nsIWebNavigation : nsISupports */ const unsigned long LOAD_FLAGS_BYPASS_LOAD_URI_DELEGATE = 0x4000000; + /** + * Allow rewriting the urlbar to a short .onion alias. + */ + const unsigned long LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES = 0x8000000; + /** * Loads a given URI. This will give priority to loading the requested URI * in the object implementing this interface. If it can't be loaded here diff --git a/docshell/shistory/SessionHistoryEntry.cpp b/docshell/shistory/SessionHistoryEntry.cpp index 07a28d1291c9..566b7d68fae5 100644 --- a/docshell/shistory/SessionHistoryEntry.cpp +++ b/docshell/shistory/SessionHistoryEntry.cpp @@ -490,6 +490,20 @@ SessionHistoryEntry::SetPersist(bool aPersist) { return NS_OK; } +NS_IMETHODIMP +SessionHistoryEntry::GetOnionUrlbarRewritesAllowed( + bool* aOnionUrlbarRewritesAllowed) { + *aOnionUrlbarRewritesAllowed = mInfo->mOnionUrlbarRewritesAllowed; + return NS_OK; +} + +NS_IMETHODIMP +SessionHistoryEntry::SetOnionUrlbarRewritesAllowed( + bool aOnionUrlbarRewritesAllowed) { + mInfo->mOnionUrlbarRewritesAllowed = aOnionUrlbarRewritesAllowed; + return NS_OK; +} + NS_IMETHODIMP SessionHistoryEntry::GetScrollPosition(int32_t* aX, int32_t* aY) { *aX = mInfo->mScrollPositionX; diff --git a/docshell/shistory/SessionHistoryEntry.h b/docshell/shistory/SessionHistoryEntry.h index fa6108952688..c51682a65b0a 100644 --- a/docshell/shistory/SessionHistoryEntry.h +++ b/docshell/shistory/SessionHistoryEntry.h @@ -58,6 +58,7 @@ class SessionHistoryInfo { bool mIsSrcdocEntry = false; bool mScrollRestorationIsManual = false; bool mPersist = false; + bool mOnionUrlbarRewritesAllowed = false; }; // XXX Not sure that the id shouldn't just live in SessionHistoryInfo. diff --git a/docshell/shistory/nsISHEntry.idl b/docshell/shistory/nsISHEntry.idl index 8bbf2a68687c..bf410bfcc05a 100644 --- a/docshell/shistory/nsISHEntry.idl +++ b/docshell/shistory/nsISHEntry.idl @@ -242,6 +242,11 @@ interface nsISHEntry : nsISupports */ [infallible] attribute boolean persist; + /** + * Whether rewriting the urlbar to a short .onion alias is allowed. + */ + [infallible] attribute boolean onionUrlbarRewritesAllowed; + /** * Set/Get the visual viewport scroll position if session history is * changed through anchor navigation or pushState. diff --git a/docshell/shistory/nsSHEntry.cpp b/docshell/shistory/nsSHEntry.cpp index 229b15eff25d..12d38f4c55fe 100644 --- a/docshell/shistory/nsSHEntry.cpp +++ b/docshell/shistory/nsSHEntry.cpp @@ -44,7 +44,8 @@ nsSHEntry::nsSHEntry(nsISHistory* aSHistory) mIsSrcdocEntry(false), mScrollRestorationIsManual(false), mLoadedInThisProcess(false), - mPersist(true) {} + mPersist(true), + mOnionUrlbarRewritesAllowed(false) {} nsSHEntry::nsSHEntry(const nsSHEntry& aOther) : mShared(aOther.mShared), @@ -70,7 +71,8 @@ nsSHEntry::nsSHEntry(const nsSHEntry& aOther) mIsSrcdocEntry(aOther.mIsSrcdocEntry), mScrollRestorationIsManual(false), mLoadedInThisProcess(aOther.mLoadedInThisProcess), - mPersist(aOther.mPersist) {} + mPersist(aOther.mPersist), + mOnionUrlbarRewritesAllowed(aOther.mOnionUrlbarRewritesAllowed) {} nsSHEntry::~nsSHEntry() { // Null out the mParent pointers on all our kids. @@ -824,6 +826,18 @@ nsSHEntry::SetPersist(bool aPersist) { return NS_OK; } +NS_IMETHODIMP +nsSHEntry::GetOnionUrlbarRewritesAllowed(bool* aOnionUrlbarRewritesAllowed) { + *aOnionUrlbarRewritesAllowed = mOnionUrlbarRewritesAllowed; + return NS_OK; +} + +NS_IMETHODIMP +nsSHEntry::SetOnionUrlbarRewritesAllowed(bool aOnionUrlbarRewritesAllowed) { + mOnionUrlbarRewritesAllowed = aOnionUrlbarRewritesAllowed; + return NS_OK; +} + NS_IMETHODIMP nsSHEntry::CreateLoadInfo(nsDocShellLoadState** aLoadState) { nsCOMPtr<nsIURI> uri = GetURI(); @@ -873,6 +887,10 @@ nsSHEntry::CreateLoadInfo(nsDocShellLoadState** aLoadState) { } else { srcdoc = VoidString(); } + if (GetOnionUrlbarRewritesAllowed()) { + flags |= nsDocShell::InternalLoad:: + INTERNAL_LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES; + } loadState->SetSrcdocData(srcdoc); loadState->SetBaseURI(baseURI); loadState->SetLoadFlags(flags); diff --git a/docshell/shistory/nsSHEntry.h b/docshell/shistory/nsSHEntry.h index 351f6f200a33..6bc9de521437 100644 --- a/docshell/shistory/nsSHEntry.h +++ b/docshell/shistory/nsSHEntry.h @@ -63,6 +63,7 @@ class nsSHEntry : public nsISHEntry { bool mScrollRestorationIsManual; bool mLoadedInThisProcess; bool mPersist; + bool mOnionUrlbarRewritesAllowed; }; #endif /* nsSHEntry_h */ diff --git a/dom/interfaces/base/nsIBrowser.idl b/dom/interfaces/base/nsIBrowser.idl index 300b09e13824..a9ff00e964b7 100644 --- a/dom/interfaces/base/nsIBrowser.idl +++ b/dom/interfaces/base/nsIBrowser.idl @@ -158,7 +158,8 @@ interface nsIBrowser : nsISupports in uint64_t aInnerWindowID, in boolean aHasRequestContextID, in uint64_t aRequestContextID, - in AString aContentType); + in AString aContentType, + in boolean aOnionUrlbarRewritesAllowed); /** * Called by Gecko when it wants to change the process which is currently diff --git a/dom/ipc/BrowserChild.cpp b/dom/ipc/BrowserChild.cpp index 2b17323d8a93..f72aa8faa11d 100644 --- a/dom/ipc/BrowserChild.cpp +++ b/dom/ipc/BrowserChild.cpp @@ -3645,6 +3645,8 @@ NS_IMETHODIMP BrowserChild::OnLocationChange(nsIWebProgress* aWebProgress, docShell->GetMayEnableCharacterEncodingMenu(); locationChangeData->charsetAutodetected() = docShell->GetCharsetAutodetected(); + locationChangeData->onionUrlbarRewritesAllowed() = + docShell->GetOnionUrlbarRewritesAllowed(); locationChangeData->contentPrincipal() = document->NodePrincipal(); locationChangeData->contentStoragePrincipal() = diff --git a/dom/ipc/BrowserParent.cpp b/dom/ipc/BrowserParent.cpp index 7749792cafb4..086ecd95e9e7 100644 --- a/dom/ipc/BrowserParent.cpp +++ b/dom/ipc/BrowserParent.cpp @@ -2698,7 +2698,8 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnLocationChange( aWebProgressData->innerDOMWindowID(), aLocationChangeData->requestContextID().isSome(), aLocationChangeData->requestContextID().valueOr(0), - aLocationChangeData->contentType()); + aLocationChangeData->contentType(), + aLocationChangeData->onionUrlbarRewritesAllowed()); } Unused << managerAsListener->OnLocationChange(webProgress, request, aLocation, diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl index f36e2c6db353..15756e7fef4f 100644 --- a/dom/ipc/PBrowser.ipdl +++ b/dom/ipc/PBrowser.ipdl @@ -142,6 +142,7 @@ struct WebProgressLocationChangeData bool isSyntheticDocument; bool mayEnableCharacterEncodingMenu; bool charsetAutodetected; + bool onionUrlbarRewritesAllowed; nsString contentType; nsString title; nsString charset; diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index fa5628a01c94..1e8dc23fdfd7 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -1077,6 +1077,12 @@ value: true mirror: always + # Whether rewriting the urlbar to a short .onion alias is allowed. +- name: browser.urlbar.onionRewrites.enabled + type: RelaxedAtomicBool + value: true + mirror: always + - name: browser.viewport.desktopWidth type: RelaxedAtomicInt32 value: 980 diff --git a/netwerk/dns/effective_tld_names.dat b/netwerk/dns/effective_tld_names.dat index 0bb881cfa639..fe680911ee0b 100644 --- a/netwerk/dns/effective_tld_names.dat +++ b/netwerk/dns/effective_tld_names.dat @@ -5518,6 +5518,8 @@ pro.om // onion : https://tools.ietf.org/html/rfc7686 onion +tor.onion +securedrop.tor.onion // org : https://en.wikipedia.org/wiki/.org org diff --git a/netwerk/ipc/DocumentLoadListener.cpp b/netwerk/ipc/DocumentLoadListener.cpp index 901ce11b57ca..988ec94a82d4 100644 --- a/netwerk/ipc/DocumentLoadListener.cpp +++ b/netwerk/ipc/DocumentLoadListener.cpp @@ -1856,6 +1856,16 @@ DocumentLoadListener::AsyncOnChannelRedirect( mLoadStateLoadType, nsIWebNavigation::LOAD_FLAGS_ALLOW_MIXED_CONTENT)); } + // Like the code above for allowing mixed content, we need to check this here + // in case the redirect is not handled in the docshell. + nsCOMPtr<nsIURI> oldURI, newURI; + aOldChannel->GetURI(getter_AddRefs(oldURI)); + aNewChannel->GetURI(getter_AddRefs(newURI)); + if (nsDocShell::IsTorOnionRedirect(oldURI, newURI)) { + mLoadStateLoadFlags |= + nsDocShell::INTERNAL_LOAD_FLAGS_ALLOW_ONION_URLBAR_REWRITES; + } + // We need the original URI of the current channel to use to open the real // channel in the content process. Unfortunately we overwrite the original // uri of the new channel with the original pre-redirect URI, so grab diff --git a/toolkit/content/widgets/browser-custom-element.js b/toolkit/content/widgets/browser-custom-element.js index 62a1ab1d6796..67fa1e5645c0 100644 --- a/toolkit/content/widgets/browser-custom-element.js +++ b/toolkit/content/widgets/browser-custom-element.js @@ -261,6 +261,8 @@ this._mayEnableCharacterEncodingMenu = null; + this._onionUrlbarRewritesAllowed = false; + this._charsetAutodetected = false; this._contentPrincipal = null; @@ -686,6 +688,12 @@ } } + get onionUrlbarRewritesAllowed() { + return this.isRemoteBrowser + ? this._onionUrlbarRewritesAllowed + : this.docShell.onionUrlbarRewritesAllowed; + } + get charsetAutodetected() { return this.isRemoteBrowser ? this._charsetAutodetected @@ -1292,7 +1300,8 @@ aInnerWindowID, aHaveRequestContextID, aRequestContextID, - aContentType + aContentType, + aOnionUrlbarRewritesAllowed ) { if (this.isRemoteBrowser && this.messageManager) { if (aCharset != null) { @@ -1316,6 +1325,7 @@ this._contentRequestContextID = aHaveRequestContextID ? aRequestContextID : null; + this._onionUrlbarRewritesAllowed = aOnionUrlbarRewritesAllowed; } } @@ -1708,6 +1718,7 @@ "_contentStoragePrincipal", "_isSyntheticDocument", "_innerWindowID", + "_onionUrlbarRewritesAllowed", ] ); } diff --git a/toolkit/modules/sessionstore/SessionHistory.jsm b/toolkit/modules/sessionstore/SessionHistory.jsm index 6c16ac331659..cc47f437824f 100644 --- a/toolkit/modules/sessionstore/SessionHistory.jsm +++ b/toolkit/modules/sessionstore/SessionHistory.jsm @@ -318,6 +318,7 @@ var SessionHistoryInternal = { } entry.persist = shEntry.persist; + entry.onionUrlbarRewritesAllowed = shEntry.onionUrlbarRewritesAllowed; return entry; }, @@ -601,6 +602,10 @@ var SessionHistoryInternal = { } } + if (entry.onionUrlbarRewritesAllowed) { + shEntry.onionUrlbarRewritesAllowed = entry.onionUrlbarRewritesAllowed; + } + return shEntry; },

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1673237 - Always allow SVGs on about: pages r=acat, tjr, emilio
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit e6813cca6653b9e37cf5d84cad6aea3a40a79431 Author: sanketh <me(a)snkth.com> Date: Tue Nov 3 17:34:20 2020 +0000 Bug 1673237 - Always allow SVGs on about: pages r=acat,tjr,emilio - Updated layout/svg/tests/test_disabled.html to ensure that this doesn't allow rendering SVGs on about:blank and about:srcdoc. Differential Revision: https://phabricator.services.mozilla.com/D95139 --- dom/base/nsNodeInfoManager.cpp | 18 ++++++++++------- layout/svg/tests/file_disabled_iframe.html | 31 +++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 8 deletions(-) diff --git a/dom/base/nsNodeInfoManager.cpp b/dom/base/nsNodeInfoManager.cpp index b0534b661a23..8bc6b0ba2bd6 100644 --- a/dom/base/nsNodeInfoManager.cpp +++ b/dom/base/nsNodeInfoManager.cpp @@ -352,9 +352,12 @@ void nsNodeInfoManager::RemoveNodeInfo(NodeInfo* aNodeInfo) { MOZ_ASSERT(ret, "Can't find mozilla::dom::NodeInfo to remove!!!"); } -static bool IsSystemOrAddonPrincipal(nsIPrincipal* aPrincipal) { +static bool IsSystemOrAddonOrAboutPrincipal(nsIPrincipal* aPrincipal) { return aPrincipal->IsSystemPrincipal() || - BasePrincipal::Cast(aPrincipal)->AddonPolicy(); + BasePrincipal::Cast(aPrincipal)->AddonPolicy() || + // NOTE: about:blank and about:srcdoc inherit the principal of their + // parent, so aPrincipal->SchemeIs("about") returns false for them. + aPrincipal->SchemeIs("about"); } bool nsNodeInfoManager::InternalSVGEnabled() { @@ -375,17 +378,18 @@ bool nsNodeInfoManager::InternalSVGEnabled() { } // We allow SVG (regardless of the pref) if this is a system or add-on - // principal, or if this load was requested for a system or add-on principal - // (e.g. a remote image being served as part of system or add-on UI) + // principal or about: page, or if this load was requested for a system or + // add-on principal or about: page (e.g. a remote image being served as part + // of system or add-on UI or about: page) bool conclusion = - (SVGEnabled || IsSystemOrAddonPrincipal(mPrincipal) || + (SVGEnabled || IsSystemOrAddonOrAboutPrincipal(mPrincipal) || (loadInfo && (loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_IMAGE || loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_OTHER) && - (IsSystemOrAddonPrincipal(loadInfo->GetLoadingPrincipal()) || - IsSystemOrAddonPrincipal(loadInfo->TriggeringPrincipal())))); + (IsSystemOrAddonOrAboutPrincipal(loadInfo->GetLoadingPrincipal()) || + IsSystemOrAddonOrAboutPrincipal(loadInfo->TriggeringPrincipal())))); mSVGEnabled = Some(conclusion); return conclusion; } diff --git a/layout/svg/tests/file_disabled_iframe.html b/layout/svg/tests/file_disabled_iframe.html index 6feae3024730..55eda75fdefb 100644 --- a/layout/svg/tests/file_disabled_iframe.html +++ b/layout/svg/tests/file_disabled_iframe.html @@ -48,5 +48,34 @@ t.firstChild.firstChild.textContent = "1&2<3>4\xA0"; is(t.innerHTML, '<svg><style>1&2<3>4 \u003C/style></svg>'); - SimpleTest.finish(); + // + // Tests for Bug 1673237 + // + + // This test fails if about:blank renders SVGs + t.innerHTML = null; + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", "about:blank") + t.appendChild(iframe); + iframe.appendChild(document.createElementNS("http://www.w3.org/2000/svg", "svg:svg")); + iframe.firstChild.textContent = "<foo>"; + is(iframe.innerHTML, "<svg:svg><foo></svg:svg>"); + + // This test fails if about:blank renders SVGs + var win = window.open("about:blank"); + win.document.body.appendChild(document.createElementNS("http://www.w3.org/2000/svg", "svg:svg")) + win.document.body.firstChild.textContent = "<foo>"; + is(win.document.body.innerHTML, "<svg:svg><foo></svg:svg>"); + win.close(); + + // This test fails if about:srcdoc renders SVGs + t.innerHTML = null; + iframe = document.createElement("iframe"); + iframe.srcdoc = "<svg:svg></svg:svg>"; + iframe.onload = function() { + iframe.contentDocument.body.firstChild.textContent = "<foo>"; + is(iframe.contentDocument.body.innerHTML, "<svg:svg><foo></svg:svg>"); + SimpleTest.finish(); + } + t.appendChild(iframe); </script>

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40073: Disable remote Public Suffix List fetching
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 9cc63eddf63e9a637c24686bed3f61ca50873982 Author: Alex Catarineu <acat(a)torproject.org> Date: Thu Aug 13 11:05:03 2020 +0200 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. --- browser/components/BrowserGlue.jsm | 5 ----- 1 file changed, 5 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index e08e461a27ff..ec38d0ca8b33 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -695,7 +695,6 @@ XPCOMUtils.defineLazyModuleGetters(this, { PluralForm: "resource://gre/modules/PluralForm.jsm", PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm", ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm", - PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm", RemoteSettings: "resource://services-settings/remote-settings.js", RemoteSecuritySettings: "resource://gre/modules/psm/RemoteSecuritySettings.jsm", @@ -2575,10 +2574,6 @@ BrowserGlue.prototype = { this._addBreachesSyncHandler(); }, - () => { - PublicSuffixList.init(); - }, - () => { RemoteSecuritySettings.init(); },

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1650281 - P2: Make sure `gCombinedSizes` won't be underflowed r=gerald
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 63be947e830fb4054cf43fd233585bbd94721775 Author: Chun-Min Chang <chun.m.chang(a)gmail.com> Date: Tue Jul 21 23:39:14 2020 +0000 Bug 1650281 - P2: Make sure `gCombinedSizes` won't be underflowed r=gerald In any case, `gCombinedSizes` should be larger than or equal to the buffer within `MemoryClockCache`. Differential Revision: https://phabricator.services.mozilla.com/D84274 --- dom/media/MemoryBlockCache.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/dom/media/MemoryBlockCache.cpp b/dom/media/MemoryBlockCache.cpp index bf073e6769d0..2848a3f3812c 100644 --- a/dom/media/MemoryBlockCache.cpp +++ b/dom/media/MemoryBlockCache.cpp @@ -52,6 +52,7 @@ MemoryBlockCache::MemoryBlockCache(int64_t aContentLength) } MemoryBlockCache::~MemoryBlockCache() { + MOZ_ASSERT(gCombinedSizes >= mBuffer.Length()); size_t sizes = static_cast<size_t>(gCombinedSizes -= mBuffer.Length()); LOG("~MemoryBlockCache() - destroying buffer of size %zu; combined sizes now " "%zu",

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit d5e199d9f862664f5e290c741f38039ed7f0ce24 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Apr 16 17:07:09 2020 -0400 Bug 32418: Allow updates to be disabled via an enterprise policy. Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } } On Linux, avoid reading policies from /etc/firefox/policies/policies.json --- .../components/enterprisepolicies/EnterprisePolicies.js | 12 ++++++++++++ toolkit/components/enterprisepolicies/moz.build | 4 +++- toolkit/mozapps/update/UpdateService.jsm | 16 ++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/toolkit/components/enterprisepolicies/EnterprisePolicies.js b/toolkit/components/enterprisepolicies/EnterprisePolicies.js index 070d5fe1f16b..adb073a2350c 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePolicies.js +++ b/toolkit/components/enterprisepolicies/EnterprisePolicies.js @@ -2,6 +2,10 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +// To ensure that policies intended for Firefox or another browser will not +// be used, Tor Browser only looks for policies in ${InstallDir}/distribution +#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION + const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); @@ -11,9 +15,11 @@ const { AppConstants } = ChromeUtils.import( ); XPCOMUtils.defineLazyModuleGetters(this, { +#ifndef AVOID_SYSTEM_POLICIES WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm", macOSPoliciesParser: "resource://gre/modules/policies/macOSPoliciesParser.jsm", +#endif Policies: "resource:///modules/policies/Policies.jsm", JsonSchemaValidator: "resource://gre/modules/components-utils/JsonSchemaValidator.jsm", @@ -117,11 +123,13 @@ EnterprisePoliciesManager.prototype = { _chooseProvider() { let platformProvider = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "win") { platformProvider = new WindowsGPOPoliciesProvider(); } else if (AppConstants.platform == "macosx") { platformProvider = new macOSPoliciesProvider(); } +#endif let jsonProvider = new JSONPoliciesProvider(); if (platformProvider && platformProvider.hasPolicies) { if (jsonProvider.hasPolicies) { @@ -470,6 +478,7 @@ class JSONPoliciesProvider { _getConfigurationFile() { let configFile = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "linux") { let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance( Ci.nsIFile @@ -482,6 +491,7 @@ class JSONPoliciesProvider { return systemConfigFile; } } +#endif try { let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false); @@ -563,6 +573,7 @@ class JSONPoliciesProvider { } } +#ifndef AVOID_SYSTEM_POLICIES class WindowsGPOPoliciesProvider { constructor() { this._policies = null; @@ -637,6 +648,7 @@ class macOSPoliciesProvider { return this._failed; } } +#endif class CombinedProvider { constructor(primaryProvider, secondaryProvider) { diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build index 8f7d7d8cfed7..7528f569bb3e 100644 --- a/toolkit/components/enterprisepolicies/moz.build +++ b/toolkit/components/enterprisepolicies/moz.build @@ -19,10 +19,12 @@ TEST_DIRS += [ if CONFIG['MOZ_WIDGET_TOOLKIT'] != "android": EXTRA_COMPONENTS += [ - 'EnterprisePolicies.js', 'EnterprisePolicies.manifest', 'EnterprisePoliciesContent.js', ] + EXTRA_PP_COMPONENTS += [ + 'EnterprisePolicies.js', + ] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows': EXTRA_JS_MODULES.policies += [ diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 2c565cecadd7..1fb397373151 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -3268,6 +3268,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get canApplyUpdates() { + if (this.disabledByPolicy) { + LOG( + "UpdateService.canApplyUpdates - unable to apply updates, " + + "the option has been disabled by the administrator." + ); + return false; + } + return getCanApplyUpdates() && hasUpdateMutex(); }, @@ -3275,6 +3283,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get canStageUpdates() { + if (this.disabledByPolicy) { + LOG( + "UpdateService.canStageUpdates - unable to stage updates, " + + "the option has been disabled by the administrator." + ); + return false; + } + return getCanStageUpdates(); },

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 21952: Implement Onion-Location
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit a16b60e3c0623180bfd4b9b19872a5d55f4374f4 Author: Alex Catarineu <acat(a)torproject.org> Date: Thu Mar 5 22:16:39 2020 +0100 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. --- browser/base/content/browser.js | 12 ++ browser/base/content/browser.xhtml | 3 + browser/components/BrowserGlue.jsm | 9 ++ .../onionservices/OnionLocationChild.jsm | 43 ++++++ .../onionservices/OnionLocationParent.jsm | 161 +++++++++++++++++++++ .../content/onionlocation-notification-icons.css | 5 + .../onionservices/content/onionlocation-urlbar.css | 27 ++++ .../content/onionlocation-urlbar.inc.xhtml | 10 ++ .../onionservices/content/onionlocation.svg | 3 + .../content/onionlocationPreferences.inc.xhtml | 11 ++ .../content/onionlocationPreferences.js | 31 ++++ browser/components/onionservices/jar.mn | 2 + browser/components/onionservices/moz.build | 2 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 17 +++ browser/themes/shared/notification-icons.inc.css | 2 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 34 ++++- dom/base/Document.h | 2 + dom/webidl/Document.webidl | 9 ++ modules/libpref/init/StaticPrefList.yaml | 5 + xpcom/ds/StaticAtoms.py | 1 + 22 files changed, 392 insertions(+), 1 deletion(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index bd5f10cb6f64..04f8752b93f4 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -44,6 +44,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { NetUtil: "resource://gre/modules/NetUtil.jsm", NewTabUtils: "resource://gre/modules/NewTabUtils.jsm", OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PageActions: "resource:///modules/PageActions.jsm", PageThumbs: "resource://gre/modules/PageThumbs.jsm", PanelMultiView: "resource:///modules/PanelMultiView.jsm", @@ -5422,6 +5423,7 @@ var XULBrowserWindow = { Services.obs.notifyObservers(null, "touchbar-location-change", location); UpdateBackForwardCommands(gBrowser.webNavigation); ReaderParent.updateReaderButton(gBrowser.selectedBrowser); + OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser); if (!gMultiProcessBrowser) { // Bug 1108553 - Cannot rotate images with e10s @@ -5964,6 +5966,16 @@ const AccessibilityRefreshBlocker = { var TabsProgressListener = { onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { + // Clear OnionLocation UI + if ( + aStateFlags & Ci.nsIWebProgressListener.STATE_START && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK && + aRequest && + aWebProgress.isTopLevel + ) { + OnionLocationParent.onStateChange(aBrowser); + } + // Collect telemetry data about tab load times. if ( aWebProgress.isTopLevel && diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 4cab5fad6475..c2caecc1a416 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1077,6 +1077,9 @@ onclick="FullZoom.reset();" tooltip="dynamic-shortcut-tooltip" hidden="true"/> + +#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml + <box id="pageActionSeparator" class="urlbar-page-action"/> <image id="pageActionButton" class="urlbar-icon urlbar-page-action" diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index d30abff54562..e08e461a27ff 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -539,6 +539,13 @@ let LEGACY_ACTORS = { observers: ["keyword-uri-fixup"], }, }, + OnionLocation: { + child: { + module: "resource:///modules/OnionLocationChild.jsm", + events: { pageshow: {} }, + messages: ["OnionLocation:Refresh"], + }, + }, }; if (AppConstants.TOR_BROWSER_UPDATE) { @@ -713,6 +720,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { XPCOMUtils.defineLazyModuleGetters(this, { AboutLoginsParent: "resource:///modules/AboutLoginsParent.jsm", AsyncPrefs: "resource://gre/modules/AsyncPrefs.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PluginManager: "resource:///actors/PluginParent.jsm", ReaderParent: "resource:///modules/ReaderParent.jsm", }); @@ -816,6 +824,7 @@ const listeners = { "AboutLogins:VulnerableLogins": ["AboutLoginsParent"], "Reader:FaviconRequest": ["ReaderParent"], "Reader:UpdateReaderButton": ["ReaderParent"], + "OnionLocation:Set": ["OnionLocationParent"], }, observe(subject, topic, data) { diff --git a/browser/components/onionservices/OnionLocationChild.jsm b/browser/components/onionservices/OnionLocationChild.jsm new file mode 100644 index 000000000000..1059eb7d5925 --- /dev/null +++ b/browser/components/onionservices/OnionLocationChild.jsm @@ -0,0 +1,43 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationChild"]; + +const { ActorChild } = ChromeUtils.import( + "resource://gre/modules/ActorChild.jsm" +); + +class OnionLocationChild extends ActorChild { + handleEvent(event) { + this.onPageShow(event); + } + + onPageShow(event) { + if (event.target != this.content.document) { + return; + } + const onionLocationURI = this.content.document.onionLocationURI; + if (onionLocationURI) { + this.mm.sendAsyncMessage("OnionLocation:Set"); + } + } + + receiveMessage(aMessage) { + if (aMessage.name == "OnionLocation:Refresh") { + const doc = this.content.document; + const docShell = this.mm.docShell; + const onionLocationURI = doc.onionLocationURI; + const refreshURI = docShell.QueryInterface(Ci.nsIRefreshURI); + if (onionLocationURI && refreshURI) { + refreshURI.refreshURI( + onionLocationURI, + doc.nodePrincipal, + 0, + false, + true + ); + } + } + } +} diff --git a/browser/components/onionservices/OnionLocationParent.jsm b/browser/components/onionservices/OnionLocationParent.jsm new file mode 100644 index 000000000000..1c79fc07d215 --- /dev/null +++ b/browser/components/onionservices/OnionLocationParent.jsm @@ -0,0 +1,161 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationParent"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); + +// Prefs +const NOTIFICATION_PREF = "privacy.prioritizeonions.showNotification"; +const PRIORITIZE_ONIONS_PREF = "privacy.prioritizeonions.enabled"; + +// Element IDs +const ONIONLOCATION_BOX_ID = "onion-location-box"; +const ONIONLOCATION_BUTTON_ID = "onion-location-button"; +const ONIONLOCATION_LABEL_ID = "onion-label"; + +// Notification IDs +const NOTIFICATION_ID = "onion-location"; +const NOTIFICATION_ANCHOR_ID = "onionlocation"; + +// Strings +const STRING_ONION_AVAILABLE = TorStrings.onionLocation.onionAvailable; +const NOTIFICATION_CANCEL_LABEL = TorStrings.onionLocation.notNow; +const NOTIFICATION_CANCEL_ACCESSKEY = TorStrings.onionLocation.notNowAccessKey; +const NOTIFICATION_OK_LABEL = TorStrings.onionLocation.alwaysPrioritize; +const NOTIFICATION_OK_ACCESSKEY = + TorStrings.onionLocation.alwaysPrioritizeAccessKey; +const NOTIFICATION_TITLE = TorStrings.onionLocation.tryThis; +const NOTIFICATION_DESCRIPTION = TorStrings.onionLocation.description; +const NOTIFICATION_LEARN_MORE_URL = TorStrings.onionLocation.learnMoreURL; + +var OnionLocationParent = { + // Listeners are added in BrowserGlue.jsm + receiveMessage(aMsg) { + switch (aMsg.name) { + case "OnionLocation:Set": + this.setOnionLocation(aMsg.target); + break; + } + }, + + buttonClick(event) { + if (event.button != 0) { + return; + } + const win = event.target.ownerGlobal; + const browser = win.gBrowser.selectedBrowser; + this.redirect(browser); + }, + + redirect(browser) { + browser.messageManager.sendAsyncMessage("OnionLocation:Refresh"); + this.setDisabled(browser); + }, + + onStateChange(browser) { + delete browser._onionLocation; + this.hideNotification(browser); + }, + + setOnionLocation(browser) { + const win = browser.ownerGlobal; + browser._onionLocation = true; + if (browser === win.gBrowser.selectedBrowser) { + this.updateOnionLocationBadge(browser); + } + }, + + hideNotification(browser) { + const win = browser.ownerGlobal; + if (browser._onionLocationPrompt) { + win.PopupNotifications.remove(browser._onionLocationPrompt); + } + }, + + showNotification(browser) { + const mustShow = Services.prefs.getBoolPref(NOTIFICATION_PREF, true); + if (!mustShow) { + return; + } + + const win = browser.ownerGlobal; + Services.prefs.setBoolPref(NOTIFICATION_PREF, false); + + const mainAction = { + label: NOTIFICATION_OK_LABEL, + accessKey: NOTIFICATION_OK_ACCESSKEY, + callback() { + Services.prefs.setBoolPref(PRIORITIZE_ONIONS_PREF, true); + OnionLocationParent.redirect(browser); + win.openPreferences("privacy-onionservices"); + }, + }; + + const cancelAction = { + label: NOTIFICATION_CANCEL_LABEL, + accessKey: NOTIFICATION_CANCEL_ACCESSKEY, + callback: () => {}, + }; + + const options = { + autofocus: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { + if (aTopic === "removed") { + delete browser._onionLocationPrompt; + delete browser.onionpopupnotificationanchor; + } + }, + learnMoreURL: NOTIFICATION_LEARN_MORE_URL, + displayURI: { + hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have a title without extra markup/css. + }, + hideClose: true, + popupIconClass: "onionlocation-notification-icon", + }; + + // A hacky way of setting the popup anchor outside the usual url bar icon box + // onionlocationpopupnotificationanchor comes from `${ANCHOR_ID}popupnotificationanchor` + // From https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c4… + browser.onionlocationpopupnotificationanchor = win.document.getElementById( + ONIONLOCATION_BUTTON_ID + ); + + browser._onionLocationPrompt = win.PopupNotifications.show( + browser, + NOTIFICATION_ID, + NOTIFICATION_DESCRIPTION, + NOTIFICATION_ANCHOR_ID, + mainAction, + [cancelAction], + options + ); + }, + + setEnabled(browser) { + const win = browser.ownerGlobal; + const label = win.document.getElementById(ONIONLOCATION_LABEL_ID); + label.textContent = STRING_ONION_AVAILABLE; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.removeAttribute("hidden"); + }, + + setDisabled(browser) { + const win = browser.ownerGlobal; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.setAttribute("hidden", true); + }, + + updateOnionLocationBadge(browser) { + if (browser._onionLocation) { + this.setEnabled(browser); + this.showNotification(browser); + } else { + this.setDisabled(browser); + } + }, +}; diff --git a/browser/components/onionservices/content/onionlocation-notification-icons.css b/browser/components/onionservices/content/onionlocation-notification-icons.css new file mode 100644 index 000000000000..7c8a6d892c6f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-notification-icons.css @@ -0,0 +1,5 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +.onionlocation-notification-icon { + display: none; +} \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocation-urlbar.css b/browser/components/onionservices/content/onionlocation-urlbar.css new file mode 100644 index 000000000000..91cad5f178d1 --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.css @@ -0,0 +1,27 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +#onion-location-button { + list-style-image: url(chrome://browser/content/onionservices/onionlocation.svg); +} + +#onion-location-box { + border-radius: 3px; + background-color: #6200A4; + padding-left: 5px; + padding-right: 5px; + color: white; + -moz-context-properties: fill; + fill: white; +} + +#onion-location-box:hover { + background-color: #0060DF !important; +} + +toolbar[brighttext] #onion-location-box { + background-color: #9400ff; +} + +toolbar[brighttext] #onion-location-box:hover { + background-color: #0060DF !important; +} diff --git a/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml new file mode 100644 index 000000000000..b612a4236f3c --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml @@ -0,0 +1,10 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<hbox id="onion-location-box" + class="urlbar-icon-wrapper urlbar-page-action" + role="button" + hidden="true" + onclick="OnionLocationParent.buttonClick(event);"> + <image id="onion-location-button" role="presentation"/> + <hbox id="onion-label-container"><label id="onion-label"/></hbox> +</hbox> diff --git a/browser/components/onionservices/content/onionlocation.svg b/browser/components/onionservices/content/onionlocation.svg new file mode 100644 index 000000000000..37f40ac1812f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation.svg @@ -0,0 +1,3 @@ +<svg width="16" height="16" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <path fill="context-fill" fill-opacity="context-fill-opacity" d="m8.016411 14.54499v-0.969784c3.071908-0.0089 5.559239-2.501304 5.559239-5.575429 0-3.073903-2.487331-5.566336-5.559239-5.575206v-0.9697843c3.607473 0.00909 6.528802 2.935521 6.528802 6.544991 0 3.609691-2.921329 6.536342-6.528802 6.545213zm0-3.394356c1.732661-0.0091 3.135111-1.415756 3.135111-3.150857 0-1.734878-1.402451-3.141542-3.135111-3.150634v-0.9695626c2.268448 0.00887 4.104895 1.849753 4.104895 4.120197 0 2.270666-1.836447 4.111549-4.104895 4.120419zm0-4.846926c0.9294227 0.00887 1.680545 0.7644289 1.680545 1.696069 0 0.9318627-0.7511226 1.687421-1.680545 1.696291zm-8.016411 1.696069c0 4.418473 3.581527 8.000222 8 8.000222 4.418251 0 8-3.581749 8-8.000222 0-4.418251-3.581749-7.999778-8-7.999778-4.418473 0-8 3.581527-8 7.999778z" /> +</svg> \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml new file mode 100644 index 000000000000..c285f403f99b --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml @@ -0,0 +1,11 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<groupbox id="onionServicesGroup" data-category="panePrivacy" data-subcategory="onionservices" hidden="true"> + <label><html:h2 id="onionServicesTitle"></html:h2></label> + <label><label class="tail-with-learn-more" id="prioritizeOnionsDesc"></label><label + class="learnMore" is="text-link" id="onionServicesLearnMore"></label></label> + <radiogroup id="prioritizeOnionsRadioGroup" aria-labelledby="prioritizeOnionsDesc" preference="privacy.prioritizeonions.enabled"> + <radio id="onionServicesRadioAlways" value="true"/> + <radio id="onionServicesRadioAsk" value="false"/> + </radiogroup> +</groupbox> diff --git a/browser/components/onionservices/content/onionlocationPreferences.js b/browser/components/onionservices/content/onionlocationPreferences.js new file mode 100644 index 000000000000..aa569b54721c --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.js @@ -0,0 +1,31 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +ChromeUtils.defineModuleGetter( + this, + "TorStrings", + "resource:///modules/TorStrings.jsm" +); + +const OnionLocationPreferences = { + init() { + document.getElementById("onionServicesTitle").textContent = + TorStrings.onionLocation.onionServicesTitle; + document.getElementById("prioritizeOnionsDesc").textContent = + TorStrings.onionLocation.prioritizeOnionsDescription; + const learnMore = document.getElementById("onionServicesLearnMore"); + learnMore.textContent = TorStrings.onionLocation.learnMore; + learnMore.href = TorStrings.onionLocation.learnMoreURL; + document.getElementById("onionServicesRadioAlways").label = + TorStrings.onionLocation.always; + document.getElementById("onionServicesRadioAsk").label = + TorStrings.onionLocation.askEverytime; + }, +}; + +Object.defineProperty(this, "OnionLocationPreferences", { + value: OnionLocationPreferences, + enumerable: true, + writable: false, +}); diff --git a/browser/components/onionservices/jar.mn b/browser/components/onionservices/jar.mn index 9d6ce88d1841..f45b16dc5d29 100644 --- a/browser/components/onionservices/jar.mn +++ b/browser/components/onionservices/jar.mn @@ -7,3 +7,5 @@ browser.jar: content/browser/onionservices/onionservices.css (content/onionservices.css) content/browser/onionservices/savedKeysDialog.js (content/savedKeysDialog.js) content/browser/onionservices/savedKeysDialog.xhtml (content/savedKeysDialog.xhtml) + content/browser/onionservices/onionlocationPreferences.js (content/onionlocationPreferences.js) + content/browser/onionservices/onionlocation.svg (content/onionlocation.svg) diff --git a/browser/components/onionservices/moz.build b/browser/components/onionservices/moz.build index e4b6d73f8f40..dfd664df434e 100644 --- a/browser/components/onionservices/moz.build +++ b/browser/components/onionservices/moz.build @@ -4,4 +4,6 @@ EXTRA_JS_MODULES += [ 'ExtensionMessaging.jsm', 'HttpsEverywhereControl.jsm', 'OnionAliasStore.jsm', + 'OnionLocationChild.jsm', + 'OnionLocationParent.jsm', ] diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index eb7587afa0e1..6e05405079bf 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -14,6 +14,8 @@ <html:h1 data-l10n-id="privacy-header"/> </hbox> +#include ../onionservices/content/onionlocationPreferences.inc.xhtml +  <groupbox id="trackingGroup" data-category="panePrivacy" hidden="true" aria-describedby="contentBlockingDescription"> <label id="contentBlockingHeader"><html:h2 data-l10n-id="content-blocking-enhanced-tracking-protection"/></label> diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 41dda96a14de..92f35dc78d12 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -90,6 +90,12 @@ XPCOMUtils.defineLazyScriptGetter( "chrome://browser/content/securitylevel/securityLevel.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["OnionLocationPreferences"], + "chrome://browser/content/onionservices/onionlocationPreferences.js" +); + XPCOMUtils.defineLazyServiceGetter( this, "listManager", @@ -158,6 +164,9 @@ Preferences.addAll([ // Do not track { id: "privacy.donottrackheader.enabled", type: "bool" }, + // Onion Location + { id: "privacy.prioritizeonions.enabled", type: "bool" }, + // Media { id: "media.autoplay.default", type: "int" }, @@ -300,6 +309,13 @@ var gPrivacyPane = { window.addEventListener("unload", unload); }, + /** + * Show the OnionLocation preferences UI + */ + _initOnionLocation() { + OnionLocationPreferences.init(); + }, + /** * Whether the prompt to restart Firefox should appear when changing the autostart pref. */ @@ -442,6 +458,7 @@ var gPrivacyPane = { this._initTrackingProtectionExtensionControl(); OnionServicesAuthPreferences.init(); this._initSecurityLevel(); + this._initOnionLocation(); Services.telemetry.setEventRecordingEnabled("pwmgr", true); diff --git a/browser/themes/shared/notification-icons.inc.css b/browser/themes/shared/notification-icons.inc.css index 979ae9482244..7aa92d51f4d6 100644 --- a/browser/themes/shared/notification-icons.inc.css +++ b/browser/themes/shared/notification-icons.inc.css @@ -415,3 +415,5 @@ html|*#webRTC-previewVideo { background: #FFE900 url(chrome://browser/skin/notification-icons/update.svg) no-repeat center; border-radius: 50%; } + +%include ../../components/onionservices/content/onionlocation-notification-icons.css \ No newline at end of file diff --git a/browser/themes/shared/urlbar-searchbar.inc.css b/browser/themes/shared/urlbar-searchbar.inc.css index 0b1f69342995..d3cc6bf7f024 100644 --- a/browser/themes/shared/urlbar-searchbar.inc.css +++ b/browser/themes/shared/urlbar-searchbar.inc.css @@ -824,3 +824,5 @@ .searchbar-search-button:hover:not([addengines=true]) > .searchbar-search-icon-overlay:-moz-locale-dir(rtl) { margin-inline: -26px 20px; } + +%include ../../components/onionservices/content/onionlocation-urlbar.css diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index 132c0ecbfdac..afc872569519 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -2542,6 +2542,7 @@ void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, // mDocumentURI. mDocumentBaseURI = nullptr; mChromeXHRDocBaseURI = nullptr; + mOnionLocationURI = nullptr; // Check if the current document is the top-level DevTools document. // For inner DevTools frames, mIsDevToolsDocument will be set when @@ -6026,6 +6027,22 @@ void Document::GetHeaderData(nsAtom* aHeaderField, nsAString& aData) const { } } +static bool IsValidOnionLocation(nsIURI* aDocumentURI, + nsIURI* aOnionLocationURI) { + bool isHttpish; + nsAutoCString host; + return aDocumentURI && aOnionLocationURI && + NS_SUCCEEDED(aDocumentURI->SchemeIs("https", &isHttpish)) && + isHttpish && NS_SUCCEEDED(aDocumentURI->GetAsciiHost(host)) && + !StringEndsWith(host, NS_LITERAL_CSTRING(".onion")) && + ((NS_SUCCEEDED(aOnionLocationURI->SchemeIs("http", &isHttpish)) && + isHttpish) || + (NS_SUCCEEDED(aOnionLocationURI->SchemeIs("https", &isHttpish)) && + isHttpish)) && + NS_SUCCEEDED(aOnionLocationURI->GetAsciiHost(host)) && + StringEndsWith(host, NS_LITERAL_CSTRING(".onion")); +} + void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { if (!aHeaderField) { NS_ERROR("null headerField"); @@ -6101,6 +6118,21 @@ void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { aHeaderField == nsGkAtoms::handheldFriendly) { mViewportType = Unknown; } + + if (aHeaderField == nsGkAtoms::headerOnionLocation && !aData.IsEmpty()) { + nsCOMPtr<nsIURI> onionURI; + if (NS_SUCCEEDED(NS_NewURI(getter_AddRefs(onionURI), aData)) && + IsValidOnionLocation(Document::GetDocumentURI(), onionURI)) { + if (StaticPrefs::privacy_prioritizeonions_enabled()) { + nsCOMPtr<nsIRefreshURI> refresher(mDocumentContainer); + if (refresher) { + refresher->RefreshURI(onionURI, NodePrincipal(), 0, false, true); + } + } else { + mOnionLocationURI = onionURI; + } + } + } } void Document::TryChannelCharset(nsIChannel* aChannel, int32_t& aCharsetSource, @@ -10141,7 +10173,7 @@ void Document::RetrieveRelevantHeaders(nsIChannel* aChannel) { static const char* const headers[] = { "default-style", "content-style-type", "content-language", "content-disposition", "refresh", "x-dns-prefetch-control", - "x-frame-options", + "x-frame-options", "onion-location", // add more http headers if you need // XXXbz don't add content-location support without reading bug // 238654 and its dependencies/dups first. diff --git a/dom/base/Document.h b/dom/base/Document.h index 6d06a8c2a8cd..6e80306e94b5 100644 --- a/dom/base/Document.h +++ b/dom/base/Document.h @@ -3322,6 +3322,7 @@ class Document : public nsINode, void ReleaseCapture() const; void MozSetImageElement(const nsAString& aImageElementId, Element* aElement); nsIURI* GetDocumentURIObject() const; + nsIURI* GetOnionLocationURI() const { return mOnionLocationURI; } // Not const because all the fullscreen goop is not const const char* GetFullscreenError(CallerType); bool FullscreenEnabled(CallerType aCallerType) { @@ -4194,6 +4195,7 @@ class Document : public nsINode, nsCOMPtr<nsIURI> mChromeXHRDocURI; nsCOMPtr<nsIURI> mDocumentBaseURI; nsCOMPtr<nsIURI> mChromeXHRDocBaseURI; + nsCOMPtr<nsIURI> mOnionLocationURI; // The base domain of the document for third-party checks. nsCString mBaseDomain; diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl index 8130db018f47..df3a18eaf266 100644 --- a/dom/webidl/Document.webidl +++ b/dom/webidl/Document.webidl @@ -676,3 +676,12 @@ partial interface Document { [ChromeOnly, Pure] readonly attribute nsIPermissionDelegateHandler permDelegateHandler; }; + + +/** + * Extension to allows chrome JS to know whether the document has a valid + * Onion-Location that we could redirect to. + */ +partial interface Document { + [ChromeOnly] readonly attribute URI? onionLocationURI; +}; diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 1e8dc23fdfd7..5e09aafdbab3 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -8453,6 +8453,11 @@ value: @IS_NIGHTLY_BUILD@ mirror: always +- name: privacy.prioritizeonions.enabled + type: RelaxedAtomicBool + value: false + mirror: always + #--------------------------------------------------------------------------- # Prefs starting with "prompts." #--------------------------------------------------------------------------- diff --git a/xpcom/ds/StaticAtoms.py b/xpcom/ds/StaticAtoms.py index ab5f662575e4..23a5d6f9bb95 100644 --- a/xpcom/ds/StaticAtoms.py +++ b/xpcom/ds/StaticAtoms.py @@ -811,6 +811,7 @@ STATIC_ATOMS = [ Atom("oninputsourceschange","oninputsourceschange"), Atom("oninstall", "oninstall"), Atom("oninvalid", "oninvalid"), + Atom("headerOnionLocation", "onion-location"), Atom("onkeydown", "onkeydown"), Atom("onkeypress", "onkeypress"), Atom("onkeyup", "onkeyup"),

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40475: Include clearing CORS preflight cache
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 85898f8cdd7462c0a619d8b91ba293dc3afe399a Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Sun Jun 6 20:32:23 2021 +0000 Bug 40475: Include clearing CORS preflight cache --- netwerk/protocol/http/nsCORSListenerProxy.cpp | 7 +++++++ netwerk/protocol/http/nsCORSListenerProxy.h | 1 + netwerk/protocol/http/nsHttpHandler.cpp | 2 ++ 3 files changed, 10 insertions(+) diff --git a/netwerk/protocol/http/nsCORSListenerProxy.cpp b/netwerk/protocol/http/nsCORSListenerProxy.cpp index 76870e6cea3f..6d2e160c2a9b 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.cpp +++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp @@ -346,6 +346,13 @@ void nsCORSListenerProxy::Shutdown() { sPreflightCache = nullptr; } +/* static */ +void nsCORSListenerProxy::Clear() { + if (sPreflightCache) { + sPreflightCache->Clear(); + } +} + nsCORSListenerProxy::nsCORSListenerProxy(nsIStreamListener* aOuter, nsIPrincipal* aRequestingPrincipal, bool aWithCredentials) diff --git a/netwerk/protocol/http/nsCORSListenerProxy.h b/netwerk/protocol/http/nsCORSListenerProxy.h index 8c0df2e0ff28..3f76be33f209 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.h +++ b/netwerk/protocol/http/nsCORSListenerProxy.h @@ -54,6 +54,7 @@ class nsCORSListenerProxy final : public nsIStreamListener, NS_DECL_NSITHREADRETARGETABLESTREAMLISTENER static void Shutdown(); + static void Clear(); [[nodiscard]] nsresult Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI); diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index d5e2c61dbec9..c6cb95ca7fcc 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -10,6 +10,7 @@ #include "prsystem.h" #include "AltServiceChild.h" +#include "nsCORSListenerProxy.h" #include "nsError.h" #include "nsHttp.h" #include "nsHttpHandler.h" @@ -2290,6 +2291,7 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, mAltSvcCache->ClearAltServiceMappings(); } } + nsCORSListenerProxy::Clear(); } else if (!strcmp(topic, NS_NETWORK_LINK_TOPIC)) { nsAutoCString converted = NS_ConvertUTF16toUTF8(data); if (!strcmp(converted.get(), NS_NETWORK_LINK_DATA_CHANGED)) {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 5558f2a06e7707b84a262e07d009eaa6c80c1118 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 9 12:55:35 2020 +0200 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots --- browser/app/profile/000-tor-browser.js | 3 +++ browser/components/BrowserGlue.jsm | 14 ++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 2db11b1ea3d7..760c405d06a6 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -325,6 +325,9 @@ pref("security.enterprise_roots.enabled", false); // Don't ping Mozilla for MitM detection, see bug 32321 pref("security.certerrors.mitm.priming.enabled", false); +// Don't automatically enable enterprise roots, see bug 40166 +pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); + // Disable the language pack signing check for now on macOS, see #31942 #ifdef XP_MACOSX pref("extensions.langpacks.signatures.required", false); diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 057a2121533c..3750230a250b 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -1319,6 +1319,20 @@ BrowserGlue.prototype = { // handle any UI migration this._migrateUI(); + // Clear possibly auto enabled enterprise_roots prefs (see bug 40166) + if ( + !Services.prefs.getBoolPref( + "security.certerrors.mitm.auto_enable_enterprise_roots" + ) && + Services.prefs.getBoolPref( + "security.enterprise_roots.auto-enabled", + false + ) + ) { + Services.prefs.clearUserPref("security.enterprise_roots.enabled"); + Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled"); + } + if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) { PdfJs.checkIsDefault(this._isNewProfile); }

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 3b5a4ed80a214153f2dfe897c8a64dbdf0fc6ada Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jul 14 11:15:07 2020 -0400 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. --- browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++ browser/components/aboutlogins/content/aboutLogins.css | 8 +++++++- browser/components/aboutlogins/content/aboutLogins.js | 6 ++++++ .../aboutlogins/content/components/fxaccounts-button.css | 5 +++++ .../components/aboutlogins/content/components/menu-button.css | 10 ++++++++++ 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm index 015ce5f29332..d06d6d0ec6c7 100644 --- a/browser/components/aboutlogins/AboutLoginsParent.jsm +++ b/browser/components/aboutlogins/AboutLoginsParent.jsm @@ -62,6 +62,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync"; const HIDE_MOBILE_FOOTER_PREF = "signon.management.page.hideMobileFooter"; const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF = "signon.management.page.showPasswordSyncNotification"; +const NOCERTDB_PREF = "security.nocertdb"; // about:logins will always use the privileged content process, // even if it is disabled for other consumers such as about:newtab. @@ -431,6 +432,7 @@ class AboutLoginsParent extends JSWindowActorParent { importVisible: Services.policies.isAllowed("profileImport") && AppConstants.platform != "linux", + canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false), }); await AboutLogins._sendAllLoginRelatedObjects( diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css index 7ed29bda8297..dca63da2e649 100644 --- a/browser/components/aboutlogins/content/aboutLogins.css +++ b/browser/components/aboutlogins/content/aboutLogins.css @@ -69,6 +69,11 @@ login-item { grid-area: login; } +/* Do not promote Mozilla Sync in Tor Browser. */ +login-intro { + display: none !important; +} + #branding-logo { flex-basis: var(--sidebar-width); flex-shrink: 0; @@ -83,7 +88,8 @@ login-item { } } -:root:not(.official-branding) #branding-logo { +/* Hide "Firefox LockWise" branding in Tor Browser. */ +#branding-logo { visibility: hidden; } diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js index da7d9016a2eb..361b2b0d02bf 100644 --- a/browser/components/aboutlogins/content/aboutLogins.js +++ b/browser/components/aboutlogins/content/aboutLogins.js @@ -19,6 +19,9 @@ const gElements = { get loginFooter() { return this.loginItem.shadowRoot.querySelector("login-footer"); }, + get createNewLoginButton() { + return this.loginList.shadowRoot.querySelector(".create-login-button"); + }, }; let numberOfLogins = 0; @@ -100,6 +103,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); + if (!event.detail.value.canCreateLogins) { + gElements.createNewLoginButton.disabled = true; + } break; } case "ShowLoginItemError": { diff --git a/browser/components/aboutlogins/content/components/fxaccounts-button.css b/browser/components/aboutlogins/content/components/fxaccounts-button.css index aefda548c84d..a02707980158 100644 --- a/browser/components/aboutlogins/content/components/fxaccounts-button.css +++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css @@ -8,6 +8,11 @@ align-items: center; } +/* Do not promote Mozilla Sync in Tor Browser. */ +.logged-out-view { + display: none !important; +} + .fxaccounts-extra-text { /* Only show at most 3 lines of text to limit the text from overflowing the header. */ diff --git a/browser/components/aboutlogins/content/components/menu-button.css b/browser/components/aboutlogins/content/components/menu-button.css index 3c93d409b2c7..2d7380b2ea37 100644 --- a/browser/components/aboutlogins/content/components/menu-button.css +++ b/browser/components/aboutlogins/content/components/menu-button.css @@ -85,3 +85,13 @@ .menuitem-mobile-android { background-image: url("chrome://browser/skin/logo-android.svg"); } + +/* + * Do not promote LockWise mobile apps in Tor Browser: hide the menu items + * and the separator line that precedes them. + */ +.menuitem-mobile-android, +.menuitem-mobile-ios, +button[data-event-name="AboutLoginsGetHelp"] + hr { + display: none !important; +}

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 33342: Avoid disconnect search addon error after removal.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 7715beeba975f67557edab91bc677d2d60101dbc Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Mar 13 18:19:30 2020 +0100 Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. --- toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 5e467fb4f14c..794c206fb453 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -970,6 +970,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends XPIStateLocation { get enumerable() { return false; } + + restore(saved) { + super.restore(saved); + // Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4. + this.removeAddon("disconnect(a)search.mozilla.org"); + } })(); /**

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 25741 - TBA: Disable GeckoNetworkManager
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 2aaa22b982e946257b7f4610719403bb7b591629 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Thu Apr 26 22:22:51 2018 +0000 Bug 25741 - TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. --- .../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java index ed86dcc5c299..f5587dd7e59c 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java @@ -121,7 +121,9 @@ public final class GeckoRuntime implements Parcelable { mPaused = false; // Monitor network status and send change notifications to Gecko // while active. - GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); + if (BuildConfig.TOR_BROWSER_VERSION == "") { + GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); + } } @OnLifecycleEvent(Lifecycle.Event.ON_PAUSE) @@ -129,7 +131,9 @@ public final class GeckoRuntime implements Parcelable { Log.d(LOGTAG, "Lifecycle: onPause"); mPaused = true; // Stop monitoring network status while inactive. - GeckoNetworkManager.getInstance().stop(); + if (BuildConfig.TOR_BROWSER_VERSION == "") { + GeckoNetworkManager.getInstance().stop(); + } GeckoThread.onPause(); } }

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] 40209: Implement Basic Crypto Safety
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 2bffa45450af4da3c126da12e919542aef295a9b Author: sanketh <me(a)snkth.com> Date: Mon Feb 8 20:12:44 2021 -0500 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names --- browser/actors/CryptoSafetyChild.jsm | 87 ++++++++++++++++ browser/actors/CryptoSafetyParent.jsm | 142 +++++++++++++++++++++++++++ browser/actors/moz.build | 2 + browser/base/content/popup-notifications.inc | 14 +++ browser/components/BrowserGlue.jsm | 17 ++++ browser/modules/TorStrings.jsm | 48 +++++++++ browser/themes/shared/browser.inc.css | 5 + toolkit/content/license.html | 32 ++++++ toolkit/modules/Bech32Decode.jsm | 103 +++++++++++++++++++ toolkit/modules/moz.build | 1 + 10 files changed, 451 insertions(+) diff --git a/browser/actors/CryptoSafetyChild.jsm b/browser/actors/CryptoSafetyChild.jsm new file mode 100644 index 000000000000..87ff261d4915 --- /dev/null +++ b/browser/actors/CryptoSafetyChild.jsm @@ -0,0 +1,87 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* Copyright (c) 2020, The Tor Project, Inc. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +var EXPORTED_SYMBOLS = ["CryptoSafetyChild"]; + +const { Bech32Decode } = ChromeUtils.import( + "resource://gre/modules/Bech32Decode.jsm" +); + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +const kPrefCryptoSafety = "security.cryptoSafety"; + +XPCOMUtils.defineLazyPreferenceGetter( + this, + "isCryptoSafetyEnabled", + kPrefCryptoSafety, + true /* defaults to true */ +); + +function looksLikeCryptoAddress(s) { + // P2PKH and P2SH addresses + // https://stackoverflow.com/a/24205650 + const bitcoinAddr = /^[13][a-km-zA-HJ-NP-Z1-9]{25,39}$/; + if (bitcoinAddr.test(s)) { + return true; + } + + // Bech32 addresses + if (Bech32Decode(s) !== null) { + return true; + } + + // regular addresses + const etherAddr = /^0x[a-fA-F0-9]{40}$/; + if (etherAddr.test(s)) { + return true; + } + + // t-addresses + // https://www.reddit.com/r/zec/comments/8mxj6x/simple_regex_to_validate_a_zca… + const zcashAddr = /^t1[a-zA-Z0-9]{33}$/; + if (zcashAddr.test(s)) { + return true; + } + + // Standard, Integrated, and 256-bit Integrated addresses + // https://monero.stackexchange.com/a/10627 + const moneroAddr = /^4(?:[0-9AB]|[1-9A-HJ-NP-Za-km-z]{12}(?:[1-9A-HJ-NP-Za-km-z]{30})?)[1-9A-HJ-NP-Za-km-z]{93}$/; + if (moneroAddr.test(s)) { + return true; + } + + return false; +} + +class CryptoSafetyChild extends JSWindowActorChild { + handleEvent(event) { + if (isCryptoSafetyEnabled) { + // Ignore non-HTTP addresses + if (!this.document.documentURIObject.schemeIs("http")) { + return; + } + // Ignore onion addresses + if (this.document.documentURIObject.host.endsWith(".onion")) { + return; + } + + if (event.type == "copy" || event.type == "cut") { + this.contentWindow.navigator.clipboard.readText().then(clipText => { + const selection = clipText.trim(); + if (looksLikeCryptoAddress(selection)) { + this.sendAsyncMessage("CryptoSafety:CopiedText", { + selection, + }); + } + }); + } + } + } +} diff --git a/browser/actors/CryptoSafetyParent.jsm b/browser/actors/CryptoSafetyParent.jsm new file mode 100644 index 000000000000..bac151df5511 --- /dev/null +++ b/browser/actors/CryptoSafetyParent.jsm @@ -0,0 +1,142 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* Copyright (c) 2020, The Tor Project, Inc. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +var EXPORTED_SYMBOLS = ["CryptoSafetyParent"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +XPCOMUtils.defineLazyModuleGetters(this, { + TorStrings: "resource:///modules/TorStrings.jsm", +}); + +const kPrefCryptoSafety = "security.cryptoSafety"; + +XPCOMUtils.defineLazyPreferenceGetter( + this, + "isCryptoSafetyEnabled", + kPrefCryptoSafety, + true /* defaults to true */ +); + +class CryptoSafetyParent extends JSWindowActorParent { + getBrowser() { + return this.browsingContext.top.embedderElement; + } + + receiveMessage(aMessage) { + if (isCryptoSafetyEnabled) { + if (aMessage.name == "CryptoSafety:CopiedText") { + showPopup(this.getBrowser(), aMessage.data.selection); + } + } + } +} + +function trimAddress(cryptoAddr) { + if (cryptoAddr.length <= 32) { + return cryptoAddr; + } + return cryptoAddr.substring(0, 32) + "..."; +} + +function showPopup(aBrowser, cryptoAddr) { + const chromeDoc = aBrowser.ownerDocument; + if (chromeDoc) { + const win = chromeDoc.defaultView; + const cryptoSafetyPrompt = new CryptoSafetyPrompt( + aBrowser, + win, + cryptoAddr + ); + cryptoSafetyPrompt.show(); + } +} + +class CryptoSafetyPrompt { + constructor(aBrowser, aWin, cryptoAddr) { + this._browser = aBrowser; + this._win = aWin; + this._cryptoAddr = cryptoAddr; + } + + show() { + const primaryAction = { + label: TorStrings.cryptoSafetyPrompt.primaryAction, + accessKey: TorStrings.cryptoSafetyPrompt.primaryActionAccessKey, + callback: () => { + this._win.torbutton_new_circuit(); + }, + }; + + const secondaryAction = { + label: TorStrings.cryptoSafetyPrompt.secondaryAction, + accessKey: TorStrings.cryptoSafetyPrompt.secondaryActionAccessKey, + callback: () => {}, + }; + + let _this = this; + const options = { + popupIconURL: "chrome://browser/skin/cert-error.svg", + eventCallback(aTopic) { + if (aTopic === "showing") { + _this._onPromptShowing(); + } + }, + }; + + const cryptoWarningText = TorStrings.cryptoSafetyPrompt.cryptoWarning.replace( + "%S", + trimAddress(this._cryptoAddr) + ); + + if (this._win.PopupNotifications) { + this._prompt = this._win.PopupNotifications.show( + this._browser, + "crypto-safety-warning", + cryptoWarningText, + null /* anchor ID */, + primaryAction, + [secondaryAction], + options + ); + } + } + + _onPromptShowing() { + let xulDoc = this._browser.ownerDocument; + + let whatCanHeading = xulDoc.getElementById( + "crypto-safety-warning-notification-what-can-heading" + ); + if (whatCanHeading) { + whatCanHeading.textContent = TorStrings.cryptoSafetyPrompt.whatCanHeading; + } + + let whatCanBody = xulDoc.getElementById( + "crypto-safety-warning-notification-what-can-body" + ); + if (whatCanBody) { + whatCanBody.textContent = TorStrings.cryptoSafetyPrompt.whatCanBody; + } + + let learnMoreElem = xulDoc.getElementById( + "crypto-safety-warning-notification-learnmore" + ); + if (learnMoreElem) { + learnMoreElem.setAttribute( + "value", + TorStrings.cryptoSafetyPrompt.learnMore + ); + learnMoreElem.setAttribute( + "href", + TorStrings.cryptoSafetyPrompt.learnMoreURL + ); + } + } +} diff --git a/browser/actors/moz.build b/browser/actors/moz.build index e70f0f09fe3a..9eb5ca397060 100644 --- a/browser/actors/moz.build +++ b/browser/actors/moz.build @@ -50,6 +50,8 @@ FINAL_TARGET_FILES.actors += [ 'ContentSearchParent.jsm', 'ContextMenuChild.jsm', 'ContextMenuParent.jsm', + 'CryptoSafetyChild.jsm', + 'CryptoSafetyParent.jsm', 'DOMFullscreenChild.jsm', 'DOMFullscreenParent.jsm', 'FormValidationChild.jsm', diff --git a/browser/base/content/popup-notifications.inc b/browser/base/content/popup-notifications.inc index 42e17e90c648..ff6f8cdeca80 100644 --- a/browser/base/content/popup-notifications.inc +++ b/browser/base/content/popup-notifications.inc @@ -114,3 +114,17 @@ </vbox> </popupnotificationfooter> </popupnotification> + + <popupnotification id="crypto-safety-warning-notification" hidden="true"> + <popupnotificationcontent orient="vertical"> + <description id="crypto-safety-warning-notification-desc"/> + <html:div id="crypto-safety-warning-notification-what-can"> + <html:strong id="crypto-safety-warning-notification-what-can-heading" /> + <html:br/> + <html:span id="crypto-safety-warning-notification-what-can-body" /> + </html:div> + <label id="crypto-safety-warning-notification-learnmore" + class="popup-notification-learnmore-link" + is="text-link"/> + </popupnotificationcontent> + </popupnotification> diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3750230a250b..5f708fca3d5c 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -297,6 +297,23 @@ let JSWINDOWACTORS = { allFrames: true, }, + CryptoSafety: { + parent: { + moduleURI: "resource:///actors/CryptoSafetyParent.jsm", + }, + + child: { + moduleURI: "resource:///actors/CryptoSafetyChild.jsm", + group: "browsers", + events: { + copy: { mozSystemGroup: true }, + cut: { mozSystemGroup: true }, + }, + }, + + allFrames: true, + }, + DOMFullscreen: { parent: { moduleURI: "resource:///actors/DOMFullscreenParent.jsm", diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm index e8a8d37ae373..1e08b168e4af 100644 --- a/browser/modules/TorStrings.jsm +++ b/browser/modules/TorStrings.jsm @@ -101,6 +101,54 @@ class TorPropertyStringBundle { Security Level Strings */ var TorStrings = { + /* + CryptoSafetyPrompt Strings + */ + cryptoSafetyPrompt: (function() { + let tsb = new TorPropertyStringBundle( + "chrome://torbutton/locale/torbutton.properties", + "cryptoSafetyPrompt." + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + let retval = { + cryptoWarning: getString( + "cryptoWarning", + "A cryptocurrency address (%S) has been copied from an insecure website. It could have been modified." + ), + whatCanHeading: getString( + "whatCanHeading", + "What can you do about it?" + ), + whatCanBody: getString( + "whatCanBody", + "You can try reconnecting with a new circuit to establish a secure connection, or accept the risk and dismiss this warning." + ), + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://support.torproject.org/${getLocale()}/`, + primaryAction: getString( + "primaryAction", + "Reload Tab with a New Circuit" + ), + primaryActionAccessKey: getString( + "primaryActionAccessKey", + "R" + ), + secondaryAction: getString( + "secondaryAction", + "Dismiss Warning" + ), + secondaryActionAccessKey: getString( + "secondaryActionAccessKey", + "D" + ), + }; + + return retval; + })() /* CryptoSafetyPrompt Strings */, + /* Tor Browser Security Level Strings */ diff --git a/browser/themes/shared/browser.inc.css b/browser/themes/shared/browser.inc.css index 0113466e8e56..4ef27d880754 100644 --- a/browser/themes/shared/browser.inc.css +++ b/browser/themes/shared/browser.inc.css @@ -620,3 +620,8 @@ menupopup::part(drop-indicator) { #sharing-warning-proceed-to-tab:hover { background-color: rgb(0,62,170); } + +#crypto-safety-warning-notification-what-can { + display: block; + margin: 5px; +} diff --git a/toolkit/content/license.html b/toolkit/content/license.html index e44c31ec6d4e..90995236b41b 100644 --- a/toolkit/content/license.html +++ b/toolkit/content/license.html @@ -72,6 +72,7 @@ <li><a href="about:license#arm">ARM License</a></li> <li><a href="about:license#babel">Babel License</a></li> <li><a href="about:license#babylon">Babylon License</a></li> + <li><a href="about:license#bech32">Bech32 License</a></li> <li><a href="about:license#bincode">bincode License</a></li> <li><a href="about:license#bsd2clause">BSD 2-Clause License</a></li> <li><a href="about:license#bsd3clause">BSD 3-Clause License</a></li> @@ -2795,6 +2796,37 @@ furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. +</pre> + + + <hr> + + <h1><a id="bech32"></a>Bech32 License</h1> + + <p>This license applies to the file + <code>toolkit/modules/Bech32Decode.jsm</code>. + </p> + +<pre> +Copyright (c) 2017 Pieter Wuille + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE diff --git a/toolkit/modules/Bech32Decode.jsm b/toolkit/modules/Bech32Decode.jsm new file mode 100644 index 000000000000..3a2bc7ae0a10 --- /dev/null +++ b/toolkit/modules/Bech32Decode.jsm @@ -0,0 +1,103 @@ +// Adapted from the reference implementation of Bech32 +// https://github.com/sipa/bech32 + +// Copyright (c) 2017 Pieter Wuille +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. + +"use strict"; + +/** + * JS module implementation of Bech32 decoding adapted from the reference + * implementation https://github.com/sipa/bech32. + */ + +var EXPORTED_SYMBOLS = ["Bech32Decode"]; + +var CHARSET = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"; +var GENERATOR = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3]; + +function polymod(values) { + var chk = 1; + for (var p = 0; p < values.length; ++p) { + var top = chk >> 25; + chk = ((chk & 0x1ffffff) << 5) ^ values[p]; + for (var i = 0; i < 5; ++i) { + if ((top >> i) & 1) { + chk ^= GENERATOR[i]; + } + } + } + return chk; +} + +function hrpExpand(hrp) { + var ret = []; + var p; + for (p = 0; p < hrp.length; ++p) { + ret.push(hrp.charCodeAt(p) >> 5); + } + ret.push(0); + for (p = 0; p < hrp.length; ++p) { + ret.push(hrp.charCodeAt(p) & 31); + } + return ret; +} + +function verifyChecksum(hrp, data) { + return polymod(hrpExpand(hrp).concat(data)) === 1; +} + +function Bech32Decode(bechString) { + var p; + var has_lower = false; + var has_upper = false; + for (p = 0; p < bechString.length; ++p) { + if (bechString.charCodeAt(p) < 33 || bechString.charCodeAt(p) > 126) { + return null; + } + if (bechString.charCodeAt(p) >= 97 && bechString.charCodeAt(p) <= 122) { + has_lower = true; + } + if (bechString.charCodeAt(p) >= 65 && bechString.charCodeAt(p) <= 90) { + has_upper = true; + } + } + if (has_lower && has_upper) { + return null; + } + bechString = bechString.toLowerCase(); + var pos = bechString.lastIndexOf("1"); + if (pos < 1 || pos + 7 > bechString.length || bechString.length > 90) { + return null; + } + var hrp = bechString.substring(0, pos); + var data = []; + for (p = pos + 1; p < bechString.length; ++p) { + var d = CHARSET.indexOf(bechString.charAt(p)); + if (d === -1) { + return null; + } + data.push(d); + } + if (!verifyChecksum(hrp, data)) { + return null; + } + return { hrp: hrp, data: data.slice(0, data.length - 6) }; +} diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index e1f1eb5759c5..698d2773a7ed 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -160,6 +160,7 @@ EXTRA_JS_MODULES += [ 'ActorManagerParent.jsm', 'AppMenuNotifications.jsm', 'AsyncPrefs.jsm', + 'Bech32Decode.jsm', 'BinarySearch.jsm', 'BrowserUtils.jsm', 'CanonicalJSON.jsm',

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1658881 - When failing to create a channel and an image request, make sure to set the image blocking status appropriately. r=tnikkel
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit d2a3a99d909ae5ec0f0998292ce922a97eaf2ebc Author: Emilio Cobos Álvarez <emilio(a)crisal.io> Date: Wed Sep 9 22:58:29 2020 +0000 Bug 1658881 - When failing to create a channel and an image request, make sure to set the image blocking status appropriately. r=tnikkel This is the same status as we do for known no-data protocols here: https://searchfox.org/mozilla-central/rev/ac142717cc067d875e83e4b1316f004f6… This ensures we treat these two cases the same. Differential Revision: https://phabricator.services.mozilla.com/D89382 --- dom/base/nsImageLoadingContent.cpp | 7 ++++++- layout/reftests/image/reftest.list | 1 + layout/reftests/image/unknown-protocol-ref.html | 1 + layout/reftests/image/unknown-protocol.html | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/dom/base/nsImageLoadingContent.cpp b/dom/base/nsImageLoadingContent.cpp index 23b1fd791c1f..85de63bef02d 100644 --- a/dom/base/nsImageLoadingContent.cpp +++ b/dom/base/nsImageLoadingContent.cpp @@ -1207,7 +1207,12 @@ nsresult nsImageLoadingContent::LoadImage(nsIURI* aNewURI, bool aForce, MOZ_ASSERT(!req, "Shouldn't have non-null request here"); // If we don't have a current URI, we might as well store this URI so people // know what we tried (and failed) to load. - if (!mCurrentRequest) mCurrentURI = aNewURI; + if (!mCurrentRequest) { + mCurrentURI = aNewURI; + if (mImageBlockingStatus == nsIContentPolicy::ACCEPT) { + mImageBlockingStatus = nsIContentPolicy::REJECT_REQUEST; + } + } FireEvent(NS_LITERAL_STRING("error")); FireEvent(NS_LITERAL_STRING("loadend")); diff --git a/layout/reftests/image/reftest.list b/layout/reftests/image/reftest.list index a8a91c13ed3a..3c561fe3a7c8 100644 --- a/layout/reftests/image/reftest.list +++ b/layout/reftests/image/reftest.list @@ -69,3 +69,4 @@ random-if(/^Windows\x20NT\x206\.1/.test(http.oscpu)) == image-srcset-basic-selec pref(dom.image-lazy-loading.enabled,true) == moz-broken-matching-lazy-load.html moz-broken-matching-1-ref.html == img-invalidation-local-transform-1.html img-invalidation-local-transform-1-ref.html +== unknown-protocol.html unknown-protocol-ref.html diff --git a/layout/reftests/image/unknown-protocol-ref.html b/layout/reftests/image/unknown-protocol-ref.html new file mode 100644 index 000000000000..b5bb326eef57 --- /dev/null +++ b/layout/reftests/image/unknown-protocol-ref.html @@ -0,0 +1 @@ +<img src="mailto://foo"> diff --git a/layout/reftests/image/unknown-protocol.html b/layout/reftests/image/unknown-protocol.html new file mode 100644 index 000000000000..ef06881b7bcb --- /dev/null +++ b/layout/reftests/image/unknown-protocol.html @@ -0,0 +1 @@ +<img src="foobar://baz">

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1650281 - P1: Widen `gCombinedSizes` once the buffers grow r=gerald
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit e4d2c98010698e7965aff4f475c6f49abfa2aa45 Author: Chun-Min Chang <chun.m.chang(a)gmail.com> Date: Tue Jul 21 23:38:57 2020 +0000 Bug 1650281 - P1: Widen `gCombinedSizes` once the buffers grow r=gerald The `gCombinedSizes` need to be enlarged once the inner buffer within `MemoryBlockCache` grows. Otherwise, when the `MemoryBlockCache` is released, subtracting the buffer-size of the `MemoryBlockCache` from `gCombinedSizes` lead to a underflow. Differential Revision: https://phabricator.services.mozilla.com/D84273 --- dom/media/MemoryBlockCache.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dom/media/MemoryBlockCache.cpp b/dom/media/MemoryBlockCache.cpp index 2d31119dca0a..bf073e6769d0 100644 --- a/dom/media/MemoryBlockCache.cpp +++ b/dom/media/MemoryBlockCache.cpp @@ -114,6 +114,10 @@ bool MemoryBlockCache::EnsureBufferCanContain(size_t aContentLength) { // possibly bypass some future growths that would fit in this new capacity. mBuffer.SetLength(capacity); } + const size_t newSizes = gCombinedSizes += (extra + extraCapacity); + LOG("EnsureBufferCanContain(%zu) - buffer size %zu + requested %zu + bonus " + "%zu = %zu; combined sizes %zu", + aContentLength, initialLength, extra, extraCapacity, capacity, newSizes); mHasGrown = true; return true; }

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 08113a40ac42d0f446f1a671dcade8ed97b784db Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Sep 4 12:34:35 2020 +0200 Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop This loads HTTPS Everywhere as a builtin addon from a hardcoded resource:// URI in desktop. It also ensures that the non-builtin HTTPS Everywhere addon is always uninstalled on browser startup. The reason of making this desktop-only is that there are some issues when installing a builtin extension from geckoview side, making the extension not available on first startup. So, at least for now we handle the Fenix case separately. See #40118 for a followup for investigating these. --- browser/components/BrowserGlue.jsm | 37 ++++++++++++++++++++++ toolkit/components/extensions/Extension.jsm | 14 ++++++-- .../mozapps/extensions/internal/XPIProvider.jsm | 13 ++++++++ 3 files changed, 61 insertions(+), 3 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index ec38d0ca8b33..057a2121533c 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -56,6 +56,13 @@ XPCOMUtils.defineLazyServiceGetter( "nsIPushService" ); +XPCOMUtils.defineLazyServiceGetters(this, { + resProto: [ + "@mozilla.org/network/protocol;1?name=resource", + "nsISubstitutingProtocolHandler", + ], +}); + const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state"; /** @@ -675,6 +682,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { "resource://gre/modules/ContextualIdentityService.jsm", Corroborate: "resource://gre/modules/Corroborate.jsm", Discovery: "resource:///modules/Discovery.jsm", + ExtensionData: "resource://gre/modules/Extension.jsm", ExtensionsUI: "resource:///modules/ExtensionsUI.jsm", FirefoxMonitor: "resource:///modules/FirefoxMonitor.jsm", FxAccounts: "resource://gre/modules/FxAccounts.jsm", @@ -1330,6 +1338,35 @@ BrowserGlue.prototype = { "resource:///modules/themes/dark/" ); + // Install https-everywhere builtin addon if needed. + (async () => { + const HTTPS_EVERYWHERE_ID = "https-everywhere-eff(a)eff.org"; + const HTTPS_EVERYWHERE_BUILTIN_URL = + "resource://torbutton/content/extensions/https-everywhere/"; + // This does something similar as GeckoViewWebExtension.jsm: it tries + // to load the manifest to retrieve the version of the builtin and + // compares it to the currently installed one to see whether we need + // to install or not. Here we delegate that to + // AddonManager.maybeInstallBuiltinAddon. + try { + const resolvedURI = Services.io.newURI( + resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL)) + ); + const extensionData = new ExtensionData(resolvedURI); + const manifest = await extensionData.loadManifest(); + + await AddonManager.maybeInstallBuiltinAddon( + HTTPS_EVERYWHERE_ID, + manifest.version, + HTTPS_EVERYWHERE_BUILTIN_URL + ); + } catch (e) { + const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader"); + log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter())); + log.error("Could not install https-everywhere extension", e); + } + })(); + if (AppConstants.MOZ_NORMANDY) { Normandy.init(); } diff --git a/toolkit/components/extensions/Extension.jsm b/toolkit/components/extensions/Extension.jsm index 876e636be3db..7dbd888b1710 100644 --- a/toolkit/components/extensions/Extension.jsm +++ b/toolkit/components/extensions/Extension.jsm @@ -211,6 +211,7 @@ const LOGGER_ID_BASE = "addons.webextension."; const UUID_MAP_PREF = "extensions.webextensions.uuids"; const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall"; const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall"; +const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-eff(a)eff.org"]); const COMMENT_REGEXP = new RegExp( String.raw` @@ -331,7 +332,10 @@ var ExtensionAddonObserver = { return; } - if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) { + if ( + !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id) + ) { // Clear browser.storage.local backends. AsyncShutdown.profileChangeTeardown.addBlocker( `Clear Extension Storage ${addon.id} (File Backend)`, @@ -384,7 +388,10 @@ var ExtensionAddonObserver = { ExtensionPermissions.removeAll(addon.id); - if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) { + if ( + !Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id) + ) { // Clear the entry in the UUID map UUIDMap.remove(addon.id); } @@ -2474,7 +2481,8 @@ class Extension extends ExtensionData { ); } else if ( this.startupReason === "ADDON_INSTALL" && - !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) + !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(this.id) ) { // If the extension has been just installed, set it as migrated, // because there will not be any data to migrate. diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 794c206fb453..dc5362bce3d8 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1491,6 +1491,19 @@ var XPIStates = { continue; } + // Uninstall HTTPS Everywhere if it is installed in the user profile. + if ( + id === "https-everywhere-eff(a)eff.org" && + loc.name === KEY_APP_PROFILE + ) { + logger.debug( + "Uninstalling the HTTPS Everywhere extension from user profile." + ); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40025: Remove Mozilla add-on install permissions
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 84b2afbba1b3e7a99532ed28e528ee4d81104c79 Author: Alex Catarineu <acat(a)torproject.org> Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 6 ------ 1 file changed, 6 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index c50a15acd72b..093c0f6c1bf8 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -11,12 +11,6 @@ origin uitour 1 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://private-network.firefox.com -origin install 1 https://fpn.firefox.com

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40002: Remove about:pioneer
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 1be8d89828e6fc51160f474d21364caab2d8556a Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Aug 14 09:06:33 2020 -0400 Bug 40002: Remove about:pioneer Firefox Pioneer is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. --- browser/components/about/AboutRedirector.cpp | 2 -- browser/components/about/components.conf | 1 - 2 files changed, 3 deletions(-) diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 544e21782729..e7c377d655e7 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, - {"pioneer", "chrome://browser/content/pioneer.html", - nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index d78de142e2e4..8e04467c05da 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -14,7 +14,6 @@ pages = [ 'logins', 'newinstall', 'newtab', - 'pioneer', 'pocket-saved', 'pocket-signup', 'policies',

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Adding issue template for bugs.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 68d835c90f177c046511b52588a37a63de2b9a29 Author: Gaba <gaba(a)torproject.org> Date: Mon Jun 28 11:44:16 2021 -0700 Adding issue template for bugs. --- .gitlab/issue_templates/UXBug.md | 29 +++++++++++++++++++++++++++++ .gitlab/issue_templates/bug.md | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) diff --git a/.gitlab/issue_templates/UXBug.md b/.gitlab/issue_templates/UXBug.md new file mode 100644 index 000000000000..8e7cb2a5e163 --- /dev/null +++ b/.gitlab/issue_templates/UXBug.md @@ -0,0 +1,29 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +## Relevant logs and/or screenshots +**Do you have screenshots? Attach them to this ticket please.** + +/label ~tor-ux ~needs-investigation ~bug +/assign @nah diff --git a/.gitlab/issue_templates/bug.md b/.gitlab/issue_templates/bug.md new file mode 100644 index 000000000000..6ce85a4864be --- /dev/null +++ b/.gitlab/issue_templates/bug.md @@ -0,0 +1,32 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +### Environment +**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.** +**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.** + +### Relevant logs and/or screenshots + + +/label ~bug

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40432: Prevent probing installed applications
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 2caca47fbf46ec2de97e019cefcd94f747a3355b Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Mon May 17 18:09:09 2021 +0000 Bug 40432: Prevent probing installed applications --- .../exthandler/nsExternalHelperAppService.cpp | 30 ++++++++++++++++++---- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 0dcc1d3ed6ab..7ff9c5b626a3 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -1002,8 +1002,33 @@ nsresult nsExternalHelperAppService::GetFileTokenForPath( ////////////////////////////////////////////////////////////////////////////////////////////////////// // begin external protocol service default implementation... ////////////////////////////////////////////////////////////////////////////////////////////////////// + +static const char kExternalProtocolPrefPrefix[] = + "network.protocol-handler.external."; +static const char kExternalProtocolDefaultPref[] = + "network.protocol-handler.external-default"; + NS_IMETHODIMP nsExternalHelperAppService::ExternalProtocolHandlerExists( const char* aProtocolScheme, bool* aHandlerExists) { + + // Replicate the same check performed in LoadURI. + // Deny load if the prefs say to do so + nsAutoCString externalPref(kExternalProtocolPrefPrefix); + externalPref += aProtocolScheme; + bool allowLoad = false; + *aHandlerExists = false; + if (NS_FAILED(Preferences::GetBool(externalPref.get(), &allowLoad))) { + // no scheme-specific value, check the default + if (NS_FAILED( + Preferences::GetBool(kExternalProtocolDefaultPref, &allowLoad))) { + return NS_OK; // missing default pref + } + } + + if (!allowLoad) { + return NS_OK; // explicitly denied + } + nsCOMPtr<nsIHandlerInfo> handlerInfo; nsresult rv = GetProtocolHandlerInfo(nsDependentCString(aProtocolScheme), getter_AddRefs(handlerInfo)); @@ -1046,11 +1071,6 @@ NS_IMETHODIMP nsExternalHelperAppService::IsExposedProtocol( return NS_OK; } -static const char kExternalProtocolPrefPrefix[] = - "network.protocol-handler.external."; -static const char kExternalProtocolDefaultPref[] = - "network.protocol-handler.external-default"; - NS_IMETHODIMP nsExternalHelperAppService::LoadURI(nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal,

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1715254 - Deny clone3 to force glibc fallback r=gcp
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 1a70a6ac8a91cab14404db34bcfcf343346fbfb9 Author: Alexandre Lissy <lissyx+mozillians(a)lissyx.dyndns.org> Date: Wed Jun 9 13:45:28 2021 +0000 Bug 1715254 - Deny clone3 to force glibc fallback r=gcp Differential Revision: https://phabricator.services.mozilla.com/D117297 --- security/sandbox/linux/SandboxFilter.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp index b60902e841e4..4ee50a23d461 100644 --- a/security/sandbox/linux/SandboxFilter.cpp +++ b/security/sandbox/linux/SandboxFilter.cpp @@ -633,6 +633,9 @@ class SandboxPolicyCommon : public SandboxPolicyBase { case __NR_clone: return ClonePolicy(InvalidSyscall()); + case __NR_clone3: + return Error(ENOSYS); + // More thread creation. #ifdef __NR_set_robust_list case __NR_set_robust_list: @@ -1311,6 +1314,9 @@ class ContentSandboxPolicy : public SandboxPolicyCommon { case __NR_clone: return ClonePolicy(Error(EPERM)); + case __NR_clone3: + return Error(ENOSYS); + # ifdef __NR_fadvise64 case __NR_fadvise64: return Allow();

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 40416: Add v2 Onion deprecation warnings
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit bce42cd48208e2e85c803b0fc316c47228ade5f2 Author: Richard Pospesel <richard(a)torproject.org> Date: Fri May 21 22:18:23 2021 +0200 Bug 40416: Add v2 Onion deprecation warnings - adds new v2 deprecated warning page (js and styling) that piggy-backs off of the existing added onion service errors - updates identity-icon to onionWarning.svg when visiting a v2 onion site adds warning tooltip; this warning supersedes all other identity states (including mixed-content error) - we determine whether to show the warning page in nsDocShell::DoURILoad() - a new synchonous IPC method is added to ContentChild/ContentParent to determine if the session has loaded the warning page already; worst case scenario, each child process will need to wait on this method to return only once when visiting a v2 onion; nothing is permanently cached with regards to this change - an exception for the new sync method is added to sync-messages.ini (generally, in practice adding new blocking methods is probably bad, but the minimial overhead and frequency this method is called is worth the simpler code) --- browser/base/content/aboutNetError.xhtml | 3 ++ browser/base/content/browser-siteIdentity.js | 12 +++++ browser/base/jar.mn | 2 +- .../content/netError/onionNetError.js | 6 +++ .../content/netError/v2Deprecated.css | 25 +++++++++ .../onionservices/content/netError/v2Deprecated.js | 50 ++++++++++++++++++ browser/components/onionservices/jar.mn | 8 ++- browser/modules/TorStrings.jsm | 8 +++ .../shared/identity-block/identity-block.inc.css | 3 +- browser/themes/shared/onionPattern.inc.xhtml | 4 +- docshell/base/nsDocShell.cpp | 61 ++++++++++++++++++++++ dom/ipc/ContentParent.cpp | 11 ++++ dom/ipc/ContentParent.h | 2 + dom/ipc/PContent.ipdl | 3 ++ ipc/ipdl/sync-messages.ini | 3 ++ js/xpconnect/src/xpc.msg | 1 + xpcom/base/ErrorList.py | 2 + 17 files changed, 200 insertions(+), 4 deletions(-) diff --git a/browser/base/content/aboutNetError.xhtml b/browser/base/content/aboutNetError.xhtml index 957b6f15a0be..4572eb2024f1 100644 --- a/browser/base/content/aboutNetError.xhtml +++ b/browser/base/content/aboutNetError.xhtml @@ -207,7 +207,10 @@ </div> </div> </div> + +#include ../../themes/shared/onionPattern.inc.xhtml </body> + <script src="chrome://browser/content/onionservices/netError/v2Deprecated.js"/> <script src="chrome://browser/content/onionservices/netError/onionNetError.js"/> <script src="chrome://browser/content/aboutNetError.js"/> </html> diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 2a3431172886..27fee74cba5b 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -135,6 +135,15 @@ var gIdentityHandler = { return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; }, + get _uriIsDeprecatedOnionHost() { + const hostIsV2Onion = function(host) { + // matches on v2 onion domains with any number of subdomains + const pattern = /^(.*\.)*[a-z2-7]{16}\.onion/i; + return pattern.test(host); + }; + + return this._uriHasHost ? hostIsV2Onion(this._uri.host) : false; + }, // smart getters get _identityPopup() { delete this._identityPopup; @@ -685,6 +694,9 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); + } else if (this._uriIsDeprecatedOnionHost) { + this._identityBox.className = "onionServiceDeprecated"; + tooltip = TorStrings.onionServices.v2Deprecated.tooltip; } else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate diff --git a/browser/base/jar.mn b/browser/base/jar.mn index df65349796b5..21b07ad9511b 100644 --- a/browser/base/jar.mn +++ b/browser/base/jar.mn @@ -22,7 +22,7 @@ browser.jar: content/browser/logos/send.svg (content/logos/send.svg) content/browser/logos/tracking-protection.svg (content/logos/tracking-protection.svg) content/browser/logos/tracking-protection-dark-theme.svg (content/logos/tracking-protection-dark-theme.svg) - content/browser/aboutNetError.xhtml (content/aboutNetError.xhtml) +* content/browser/aboutNetError.xhtml (content/aboutNetError.xhtml) content/browser/aboutNetError.js (content/aboutNetError.js) content/browser/aboutRobots-icon.png (content/aboutRobots-icon.png) content/browser/aboutFrameCrashed.html (content/aboutFrameCrashed.html) diff --git a/browser/components/onionservices/content/netError/onionNetError.js b/browser/components/onionservices/content/netError/onionNetError.js index 8fabb3f38eb7..254e50bab4a3 100644 --- a/browser/components/onionservices/content/netError/onionNetError.js +++ b/browser/components/onionservices/content/netError/onionNetError.js @@ -38,6 +38,12 @@ var OnionServicesAboutNetError = { const errPrefix = "onionServices."; const errName = err.substring(errPrefix.length); + // tor-browser#40416 - remove this page and updated onionNetErrors with new error once v2 no longer works at all + if (errName === "v2Deprecated") { + V2DeprecatedAboutNetError.initPage(aDoc); + return; + } + this._strings = RPMGetTorStrings(); const stringsObj = this._strings[errName]; diff --git a/browser/components/onionservices/content/netError/v2Deprecated.css b/browser/components/onionservices/content/netError/v2Deprecated.css new file mode 100644 index 000000000000..890468d09761 --- /dev/null +++ b/browser/components/onionservices/content/netError/v2Deprecated.css @@ -0,0 +1,25 @@ +%include ../../../../themes/shared/onionPattern.css + +:root { + --onion-opacity: 1; + --onion-color: var(--card-outline-color); + --onion-radius: 50px; +} + +body { + border: 1.5em solid #FED916; + justify-content: space-between; +} + +div.title { + background-image: url("chrome://browser/skin/onion-warning.svg"); +} + +div#errorPageContainer { + padding-top: 20vh; + width: 66%; +} + +div#learnMoreContainer { + display: block; +} \ No newline at end of file diff --git a/browser/components/onionservices/content/netError/v2Deprecated.js b/browser/components/onionservices/content/netError/v2Deprecated.js new file mode 100644 index 000000000000..195bc187791c --- /dev/null +++ b/browser/components/onionservices/content/netError/v2Deprecated.js @@ -0,0 +1,50 @@ +// Copyright (c) 2021, The Tor Project, Inc. + +"use strict"; + +/* eslint-env mozilla/frame-script */ + +var V2DeprecatedAboutNetError = { + + _selector: { + header: ".title-text", + longDesc: "#errorLongDesc", + learnMoreLink: "#learnMoreLink", + contentContainer: "#errorLongContent", + tryAgainButton: "div#netErrorButtonContainer button.try-again", + }, + + initPage(aDoc) { + this._insertStylesheet(aDoc); + this._populateStrings(aDoc); + }, + + _populateStrings(aDoc) { + // populate strings + const TorStrings = RPMGetTorStrings(); + + aDoc.title = TorStrings.v2Deprecated.pageTitle; + + let headerElem = aDoc.querySelector(this._selector.header); + headerElem.textContent = TorStrings.v2Deprecated.header; + + let longDescriptionElem = aDoc.querySelector(this._selector.longDesc); + longDescriptionElem.textContent = TorStrings.v2Deprecated.longDescription; + + let learnMoreElem = aDoc.querySelector(this._selector.learnMoreLink); + learnMoreElem.setAttribute("href", TorStrings.v2Deprecated.learnMoreURL); + + let tryAgainElem = aDoc.querySelector(this._selector.tryAgainButton); + tryAgainElem.textContent = TorStrings.v2Deprecated.tryAgain; + }, + + _insertStylesheet(aDoc) { + const url = + "chrome://browser/content/onionservices/netError/v2Deprecated.css"; + let linkElem = aDoc.createElement("link"); + linkElem.rel = "stylesheet"; + linkElem.href = url; + linkElem.type = "text/css"; + aDoc.head.appendChild(linkElem); + }, +}; diff --git a/browser/components/onionservices/jar.mn b/browser/components/onionservices/jar.mn index f45b16dc5d29..73258bd9c501 100644 --- a/browser/components/onionservices/jar.mn +++ b/browser/components/onionservices/jar.mn @@ -3,7 +3,13 @@ browser.jar: content/browser/onionservices/authPreferences.js (content/authPreferences.js) content/browser/onionservices/authPrompt.js (content/authPrompt.js) content/browser/onionservices/authUtil.jsm (content/authUtil.jsm) - content/browser/onionservices/netError/ (content/netError/*) + content/browser/onionservices/netError/browser.svg (content/netError/browser.svg) + content/browser/onionservices/netError/network.svg (content/netError/network.svg) + content/browser/onionservices/netError/onionNetError.css (content/netError/onionNetError.css) + content/browser/onionservices/netError/onionNetError.js (content/netError/onionNetError.js) + content/browser/onionservices/netError/onionsite.svg (content/netError/onionsite.svg) +* content/browser/onionservices/netError/v2Deprecated.css (content/netError/v2Deprecated.css) + content/browser/onionservices/netError/v2Deprecated.js (content/netError/v2Deprecated.js) content/browser/onionservices/onionservices.css (content/onionservices.css) content/browser/onionservices/savedKeysDialog.js (content/savedKeysDialog.js) content/browser/onionservices/savedKeysDialog.xhtml (content/savedKeysDialog.xhtml) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm index c086d0fe3117..6eeb2ea06a04 100644 --- a/browser/modules/TorStrings.jsm +++ b/browser/modules/TorStrings.jsm @@ -502,6 +502,14 @@ var TorStrings = { header: getString("introTimedOut.header", "Onionsite Circuit Creation Timed Out"), longDescription: getString("introTimedOut.longDescription", kLongDescFallback), }, + v2Deprecated: { // Deprecation page for v2 Onions + pageTitle: getString("v2Deprecated.pageTitle", "V2 Onion Site Deprecation Warning"), + header: getString("v2Deprecated.header", "Version 2 Onion Sites will be deprecated soon"), + longDescription: getString("v2Deprecated.longDescription", "Tor is ending its support for version 2 onion services beginning in July 2021, and this onion site will no longer be reachable at this address. If you are the site administrator, upgrade to a version 3 onion service soon."), + learnMoreURL: `https://support.torproject.org/${getLocale()}/onionservices/#v2-deprecation`, + tryAgain: getString("v2Deprecated.tryAgain", "Got it"), + tooltip: getString("v2Deprecated.tooltip", "This onion site will not be reachable soon"), + }, authPrompt: { description: getString("authPrompt.description2", "%S is requesting that you authenticate."), diff --git a/browser/themes/shared/identity-block/identity-block.inc.css b/browser/themes/shared/identity-block/identity-block.inc.css index 011fb9f3081c..936ab00d2080 100644 --- a/browser/themes/shared/identity-block/identity-block.inc.css +++ b/browser/themes/shared/identity-block/identity-block.inc.css @@ -181,7 +181,8 @@ toolbar[brighttext] #identity-box[pageproxystate="valid"].chromeUI > #identity-i #identity-box[pageproxystate="valid"].onionMixedDisplayContent > #identity-icon, #identity-box[pageproxystate="valid"].onionMixedDisplayContentLoadedActiveBlocked > #identity-icon, -#identity-box[pageproxystate="valid"].onionCertUserOverridden > #identity-icon { +#identity-box[pageproxystate="valid"].onionCertUserOverridden > #identity-icon, +#identity-box[pageproxystate="valid"].onionServiceDeprecated > #identity-icon { list-style-image: url(chrome://browser/skin/onion-warning.svg); visibility: visible; } diff --git a/browser/themes/shared/onionPattern.inc.xhtml b/browser/themes/shared/onionPattern.inc.xhtml index 6bbde93684a2..0b6b8b072f9a 100644 --- a/browser/themes/shared/onionPattern.inc.xhtml +++ b/browser/themes/shared/onionPattern.inc.xhtml @@ -9,9 +9,11 @@ - most browser windows, typically the two rows of onions will fill the - bottom of the page. On really wide pages, the onions are centered at - the bottom of the page. + - The root onion-pattern-container div is hidden by default, and can be + - enabled by including onionPattern.css --> -<div class="onion-pattern-container"> +<div class="onion-pattern-container" style="display: none">  diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index bf9639c82612..0f315f2f87b4 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7,6 +7,7 @@ #include "nsDocShell.h" #include <algorithm> +#include <regex> #ifdef XP_WIN # include <process.h> @@ -3645,6 +3646,9 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, case NS_ERROR_TOR_ONION_SVC_INTRO_TIMEDOUT: error = "onionServices.introTimedOut"; break; + case NS_ERROR_TOR_ONION_SVC_V2_DEPRECATED: + error = "onionServices.v2Deprecated"; + break; default: break; } @@ -9596,6 +9600,63 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState, return NS_OK; } + // tor-browser#40416 + // we only ever want to show the warning page once per session + const auto shouldShouldShowV2DeprecationPage = []() -> bool { + bool retval = false; + if (XRE_IsContentProcess()) { + auto* cc = ContentChild::GetSingleton(); + cc->SendShouldShowV2DeprecationPage(&retval); + } + return retval; + }; + + const auto uriIsV2Onion = [](nsIURI* uri) -> bool { + if (uri) { + nsAutoCString hostString; + uri->GetHost(hostString); + + const std::string_view host(hostString.BeginReading(), hostString.Length()); + + // matches v2 onions with any number of subdomains + const static std::regex v2OnionPattern{ + "^(.*\\.)*[a-z2-7]{16}\\.onion", + std::regex::icase | std::regex::optimize + }; + + // see if the uri refers to v2 onion host + return std::regex_match( + host.begin(), + host.end(), + v2OnionPattern); + } + return false; + }; + + // only dip in here if this process thinks onion warning page has not been shown + static bool v2DeprecationPageShown = false; + if (!v2DeprecationPageShown) { + // now only advance if the URI we are dealing with + // is a v2 onion address + auto uri = aLoadState->URI(); + if (uriIsV2Onion(uri)) { + // Ok, so we are dealing with a v2 onion, now make + // sure the v2 deprecation page has not been shown in + // in another content process + // + // This is a synchrynous call, so we are blocking until + // we hear back from from the parent process. Each child + // process will need to perform this wait at most once, + // since we are locally caching in v2DeprecationPageShown. + v2DeprecationPageShown = true; + if (shouldShouldShowV2DeprecationPage()) { + DisplayLoadError(NS_ERROR_TOR_ONION_SVC_V2_DEPRECATED, uri, nullptr, nullptr); + return NS_ERROR_LOAD_SHOWED_ERRORPAGE; + } + } + } + + nsCOMPtr<nsIURILoader> uriLoader = components::URILoader::Service(); if (NS_WARN_IF(!uriLoader)) { return NS_ERROR_UNEXPECTED; diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index 4269016ec5d5..9c1c1fddf9e9 100644 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -6515,6 +6515,17 @@ NS_IMETHODIMP ContentParent::GetActor(const nsACString& aName, return NS_OK; } +mozilla::ipc::IPCResult ContentParent::RecvShouldShowV2DeprecationPage(bool* showPage) { + static bool v2DeprecationPageShown = false; + if (v2DeprecationPageShown) { + *showPage = false; + } else { + *showPage = true; + v2DeprecationPageShown = true; + } + return IPC_OK(); +} + } // namespace dom } // namespace mozilla diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h index 4f10832d8e23..83f9caa1dc6c 100644 --- a/dom/ipc/ContentParent.h +++ b/dom/ipc/ContentParent.h @@ -1280,6 +1280,8 @@ class ContentParent final const MaybeDiscarded<BrowsingContext>& aContext, int32_t aOffset, HistoryGoResolver&& aResolveRequestedIndex); + mozilla::ipc::IPCResult RecvShouldShowV2DeprecationPage(bool* showPage); + // Notify the ContentChild to enable the input event prioritization when // initializing. void MaybeEnableRemoteInputEventQueue(); diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl index c4dd750e47a4..09d053c69738 100644 --- a/dom/ipc/PContent.ipdl +++ b/dom/ipc/PContent.ipdl @@ -1678,6 +1678,9 @@ child: // WindowContext is managed using the PWindowGlobal actor's lifecycle. async CreateWindowContext(WindowContextInitializer aInit); async DiscardWindowContext(uint64_t aContextId) returns (bool unused); + +parent: + sync ShouldShowV2DeprecationPage() returns (bool showPage); }; } diff --git a/ipc/ipdl/sync-messages.ini b/ipc/ipdl/sync-messages.ini index 88ad49d169e8..df2acb04c750 100644 --- a/ipc/ipdl/sync-messages.ini +++ b/ipc/ipdl/sync-messages.ini @@ -1040,6 +1040,9 @@ description = Initialization of WebGL contexts is synchronous by spec. description = Synchronous RPC to allow WebGL to run graphics commands in compositor process and return results to be used in JS return values. [PSocketProcess::GetTLSClientCert] description = Synchronously get client certificate and key from parent process. Once bug 696976 has been fixed, this can be removed. +[PContent::ShouldShowV2DeprecationPage] +description = Synchronously determine whether a client process has already displayed the v2 onion deprecation warning page + ############################################################# # AVOID ADDING NEW MESSAGES TO THIS FILE # diff --git a/js/xpconnect/src/xpc.msg b/js/xpconnect/src/xpc.msg index 31e5e75ba35c..7c8cc9ef181c 100644 --- a/js/xpconnect/src/xpc.msg +++ b/js/xpconnect/src/xpc.msg @@ -262,6 +262,7 @@ XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH, "Tor onion service missi XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH , "Tor onion service wrong client authorization") XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_BAD_ADDRESS , "Tor onion service bad address") XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_INTRO_TIMEDOUT , "Tor onion service introduction timed out") +XPC_MSG_DEF(NS_ERROR_TOR_ONION_SVC_V2_DEPRECATED , "Tor v2 onion services are deprecated") /* Profile manager error codes */ XPC_MSG_DEF(NS_ERROR_DATABASE_CHANGED , "Flushing the profiles to disk would have overwritten changes made elsewhere.") diff --git a/xpcom/base/ErrorList.py b/xpcom/base/ErrorList.py index 5f35cf7771f9..6bcd65f9bca9 100755 --- a/xpcom/base/ErrorList.py +++ b/xpcom/base/ErrorList.py @@ -1200,6 +1200,8 @@ with modules["TOR"]: errors["NS_ERROR_TOR_ONION_SVC_BAD_ADDRESS"] = FAILURE(7) # Tor onion service introduction timed out. errors["NS_ERROR_TOR_ONION_SVC_INTRO_TIMEDOUT"] = FAILURE(8) + # Tor v2 onion services are deprecated + errors["NS_ERROR_TOR_ONION_SVC_V2_DEPRECATED"] = FAILURE(9) # ======================================================================= # 51: NS_ERROR_MODULE_GENERAL

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1719146 - Use size_t in breakpad's Linux exception handler. r=gsvelto
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 2876765509423fd9499567bc920e102ceeb07279 Author: Emilio Cobos Álvarez <emilio(a)crisal.io> Date: Mon Jul 5 11:59:34 2021 +0000 Bug 1719146 - Use size_t in breakpad's Linux exception handler. r=gsvelto Differential Revision: https://phabricator.services.mozilla.com/D119083 --- .../crashreporter/breakpad-client/linux/handler/exception_handler.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc b/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc index c8509c2d5363..1365935ba51c 100644 --- a/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc +++ b/toolkit/crashreporter/breakpad-client/linux/handler/exception_handler.cc @@ -145,7 +145,7 @@ void InstallAlternateStackLocked() { // SIGSTKSZ may be too small to prevent the signal handlers from overrunning // the alternative stack. Ensure that the size of the alternative stack is // large enough. - static const unsigned kSigStackSize = std::max(16384, SIGSTKSZ); + static const size_t kSigStackSize = std::max(size_t(16384), size_t(SIGSTKSZ)); // Only set an alternative stack if there isn't already one, or if the current // one is too small.

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 27476: Implement about:torconnect captive portal within Tor Browser
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 89eda798a60a55bb2d64a9011f0b03415470c5bb Author: Richard Pospesel <richard(a)torproject.org> Date: Wed Apr 28 23:09:34 2021 -0500 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds tor connection status to url bar and tweaks UX when not online - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - the onion pattern from about:tor migrated to an .inc.xhtml file now used by both about:tor and about:torconnect - various design tweaks and resusability fixes to onion pattern - adds warning/error box to about:preferences#tor when not connected to tor - explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP) - various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages) --- browser/actors/NetErrorParent.jsm | 8 + browser/base/content/aboutNetError.js | 10 +- browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js | 10 + browser/base/content/browser.xhtml | 2 + browser/components/BrowserGlue.jsm | 59 +++- browser/components/about/AboutRedirector.cpp | 4 + browser/components/about/components.conf | 1 + browser/components/moz.build | 1 + .../onionservices/HttpsEverywhereControl.jsm | 17 +- browser/components/sessionstore/SessionStore.jsm | 16 + browser/components/torconnect/TorConnectChild.jsm | 9 + browser/components/torconnect/TorConnectParent.jsm | 126 ++++++++ .../torconnect/content/aboutTorConnect.css | 151 +++++++++ .../torconnect/content/aboutTorConnect.js | 339 +++++++++++++++++++++ .../torconnect/content/aboutTorConnect.xhtml | 54 ++++ .../components/torconnect/content/onion-slash.svg | 7 + browser/components/torconnect/content/onion.svg | 3 + .../torconnect/content/torBootstrapUrlbar.js | 136 +++++++++ .../torconnect/content/torconnect-urlbar.css | 65 ++++ .../torconnect/content/torconnect-urlbar.inc.xhtml | 11 + browser/components/torconnect/jar.mn | 7 + browser/components/torconnect/moz.build | 6 + .../components/torpreferences/content/torPane.js | 86 ++++++ .../torpreferences/content/torPane.xhtml | 34 +++ .../torpreferences/content/torPreferences.css | 121 ++++++++ browser/components/urlbar/UrlbarInput.jsm | 31 ++ browser/modules/TorConnect.jsm | 62 ++++ browser/modules/TorProcessService.jsm | 12 + browser/modules/TorProtocolService.jsm | 124 +++++++- browser/modules/TorStrings.jsm | 75 +++++ browser/modules/moz.build | 2 + browser/themes/shared/jar.inc.mn | 1 + browser/themes/shared/onionPattern.css | 124 ++++++++ browser/themes/shared/onionPattern.inc.xhtml | 210 +++++++++++++ browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 51 +++- dom/base/nsGlobalWindowOuter.cpp | 2 + toolkit/modules/AsyncPrefs.jsm | 2 + toolkit/modules/RemotePageAccessManager.jsm | 26 ++ toolkit/mozapps/update/UpdateService.jsm | 68 ++++- .../themes/shared/in-content/info-pages.inc.css | 15 +- .../lib/environments/browser-window.js | 4 + 43 files changed, 2080 insertions(+), 16 deletions(-) diff --git a/browser/actors/NetErrorParent.jsm b/browser/actors/NetErrorParent.jsm index 035195391554..fa3cbf23fcb7 100644 --- a/browser/actors/NetErrorParent.jsm +++ b/browser/actors/NetErrorParent.jsm @@ -17,6 +17,10 @@ const { SessionStore } = ChromeUtils.import( ); const { HomePage } = ChromeUtils.import("resource:///modules/HomePage.jsm"); +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + const PREF_SSL_IMPACT_ROOTS = [ "security.tls.version.", "security.ssl3.", @@ -318,6 +322,10 @@ class NetErrorParent extends JSWindowActorParent { break; } } + break; + case "ShouldShowTorConnect": + return TorProtocolService.shouldShowTorConnect(); } + return undefined; } } diff --git a/browser/base/content/aboutNetError.js b/browser/base/content/aboutNetError.js index 60db17f46eb9..6844154e16e3 100644 --- a/browser/base/content/aboutNetError.js +++ b/browser/base/content/aboutNetError.js @@ -194,8 +194,16 @@ async function setErrorPageStrings(err) { document.l10n.setAttributes(titleElement, title); } -function initPage() { +async function initPage() { var err = getErrorCode(); + + // proxyConnectFailure because no-tor running daemon would return this error + if ( + (err === "proxyConnectFailure") && + (await RPMSendQuery("ShouldShowTorConnect")) + ) { + document.location.replace("about:torconnect"); + } // List of error pages with an illustration. let illustratedErrors = [ "malformedURI", diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 539d6d4056a3..2a3431172886 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -57,7 +57,7 @@ var gIdentityHandler = { * RegExp used to decide if an about url should be shown as being part of * the browser UI. */ - _secureInternalUIWhitelist: (AppConstants.TOR_BROWSER_UPDATE ? /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|tbupdate)(?:[?#]|$)/i : /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor)(?:[?#]|$)/i), + _secureInternalUIWhitelist: (AppConstants.TOR_BROWSER_UPDATE ? /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|torconnect|tbupdate)(?:[?#]|$)/i : /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|torconnect)(?:[?#]|$)/i), /** * Whether the established HTTPS connection is considered "broken". diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 04f8752b93f4..916cd69320cb 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -77,6 +77,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { TabModalPrompt: "chrome://global/content/tabprompts.jsm", TabCrashHandler: "resource:///modules/ContentCrashHandlers.jsm", TelemetryEnvironment: "resource://gre/modules/TelemetryEnvironment.jsm", + TorProtocolService: "resource:///modules/TorProtocolService.jsm", Translation: "resource:///modules/translation/TranslationParent.jsm", OnionAliasStore: "resource:///modules/OnionAliasStore.jsm", UITour: "resource:///modules/UITour.jsm", @@ -633,6 +634,7 @@ var gPageIcons = { var gInitialPages = [ "about:tor", + "about:torconnect", "about:blank", "about:newtab", "about:home", @@ -1959,6 +1961,8 @@ var gBrowserInit = { } this._loadHandled = true; + + TorBootstrapUrlbar.init(); }, _cancelDelayedStartup() { @@ -2490,6 +2494,10 @@ var gBrowserInit = { let uri = window.arguments[0]; let defaultArgs = BrowserHandler.defaultArgs; + if (TorProtocolService.shouldShowTorConnect()) { + return "about:torconnect"; + } + // If the given URI is different from the homepage, we want to load it. if (uri != defaultArgs) { AboutNewTab.noteNonDefaultStartup(); @@ -2582,6 +2590,8 @@ var gBrowserInit = { OnionAuthPrompt.uninit(); + TorBootstrapUrlbar.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index c2caecc1a416..032db1967c69 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -112,6 +112,7 @@ Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this); Services.scriptloader.loadSubScript("chrome://torbutton/content/tor-circuit-display.js", this); Services.scriptloader.loadSubScript("chrome://torbutton/content/torbutton.js", this); + Services.scriptloader.loadSubScript("chrome://browser/content/torconnect/torBootstrapUrlbar.js", this); window.onload = gBrowserInit.onLoad.bind(gBrowserInit); window.onunload = gBrowserInit.onUnload.bind(gBrowserInit); @@ -1055,6 +1056,7 @@ data-l10n-id="urlbar-go-button"/> <hbox id="page-action-buttons" context="pageActionContextMenu"> <toolbartabstop/> +#include ../../components/torconnect/content/torconnect-urlbar.inc.xhtml <hbox id="contextual-feature-recommendation" role="button" hidden="true"> <hbox id="cfr-label-container"> <label id="cfr-label"/> diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 5f708fca3d5c..8735783cee2b 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -17,6 +17,31 @@ const { AppConstants } = ChromeUtils.import( "resource://gre/modules/AppConstants.jsm" ); +// TorProtocolService and TorConnect modules need to be lazily-loaded +// here because they will trigger generation of the random password used +// to talk to the tor daemon in tor-launcher. Generating the random +// password will initialize the cryptographic service ( nsNSSComponent ) +// +// If this service is init'd before the profile has been setup, it will +// use the fallback init path which behaves as if security.nocertdb=true +// +// We make these module getters so init happens when they are needed +// (when init'ing the OnionAliasStore). With theze getters, the password +// generation is triggered in torbutton after the 'profile-after-change' +// topic (so after the profile is initialized) + +ChromeUtils.defineModuleGetter( + this, + "TorProtocolService", + "resource:///modules/TorProtocolService.jsm" +); + +ChromeUtils.defineModuleGetter( + this, + "TorConnect", + "resource:///modules/TorConnect.jsm" +); + ChromeUtils.defineModuleGetter( this, "ActorManagerParent", @@ -503,6 +528,20 @@ let JSWINDOWACTORS = { allFrames: true, }, + TorConnect: { + parent: { + moduleURI: "resource:///modules/TorConnectParent.jsm", + }, + child: { + moduleURI: "resource:///modules/TorConnectChild.jsm", + events: { + DOMWindowCreated: {}, + }, + }, + + matches: ["about:torconnect"], + }, + Translation: { parent: { moduleURI: "resource:///modules/translation/TranslationParent.jsm", @@ -2492,7 +2531,25 @@ BrowserGlue.prototype = { { task: () => { - OnionAliasStore.init(); + if (TorProtocolService.isBootstrapDone() || !TorProtocolService.ownsTorDaemon) { + // we will take this path when the user is using the legacy tor launcher or + // when Tor Browser didn't launch its own tor. + OnionAliasStore.init(); + } else { + // this path is taken when using about:torconnect, we wait to init + // after we are bootstrapped and connected to tor + const topic = "torconnect:bootstrap-complete"; + let bootstrapObserver = { + observe(aSubject, aTopic, aData) { + if (aTopic === topic) { + OnionAliasStore.init(); + // we only need to init once, so remove ourselves as an obvserver + Services.obs.removeObserver(this, topic); + } + } + }; + Services.obs.addObserver(bootstrapObserver, topic); + } }, }, diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index e7c377d655e7..db5f3ead4bb8 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -120,6 +120,10 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #endif + {"torconnect", "chrome://browser/content/torconnect/aboutTorConnect.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, }; static nsAutoCString GetAboutModuleName(nsIURI* aURI) { diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index 8e04467c05da..01c99ad4ed0c 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -26,6 +26,7 @@ pages = [ 'robots', 'sessionrestore', 'tabcrashed', + 'torconnect', 'welcome', 'welcomeback', ] diff --git a/browser/components/moz.build b/browser/components/moz.build index b660be047b14..fb90c499c616 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -59,6 +59,7 @@ DIRS += [ 'syncedtabs', 'uitour', 'urlbar', + 'torconnect', 'torpreferences', 'translation', ] diff --git a/browser/components/onionservices/HttpsEverywhereControl.jsm b/browser/components/onionservices/HttpsEverywhereControl.jsm index 525ed5233be7..d673de4cd6e5 100644 --- a/browser/components/onionservices/HttpsEverywhereControl.jsm +++ b/browser/components/onionservices/HttpsEverywhereControl.jsm @@ -41,6 +41,7 @@ const SECUREDROP_TOR_ONION_CHANNEL = { class HttpsEverywhereControl { constructor() { this._extensionMessaging = null; + this._init(); } async _sendMessage(type, object) { @@ -61,7 +62,6 @@ class HttpsEverywhereControl { * Installs the .tor.onion update channel in https-everywhere */ async installTorOnionUpdateChannel(retries = 5) { - this._init(); // TODO: https-everywhere store is initialized asynchronously, so sending a message // immediately results in a `store.get is undefined` error. @@ -143,5 +143,20 @@ class HttpsEverywhereControl { if (!this._extensionMessaging) { this._extensionMessaging = new ExtensionMessaging(); } + + // update all of the existing https-everywhere channels + setTimeout(async () => { + let pinnedChannels = await this._sendMessage("get_pinned_update_channels"); + for(let channel of pinnedChannels.update_channels) { + this._sendMessage("update_update_channel", channel); + } + + let storedChannels = await this._sendMessage("get_stored_update_channels"); + for(let channel of storedChannels.update_channels) { + this._sendMessage("update_update_channel", channel); + } + }, 0); + + } } diff --git a/browser/components/sessionstore/SessionStore.jsm b/browser/components/sessionstore/SessionStore.jsm index 6ab86fd5913e..2d66422abf58 100644 --- a/browser/components/sessionstore/SessionStore.jsm +++ b/browser/components/sessionstore/SessionStore.jsm @@ -213,6 +213,10 @@ ChromeUtils.defineModuleGetter( "resource://gre/modules/sessionstore/SessionHistory.jsm" ); +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + XPCOMUtils.defineLazyServiceGetters(this, { gScreenManager: ["@mozilla.org/gfx/screenmanager;1", "nsIScreenManager"], Telemetry: ["@mozilla.org/base/telemetry;1", "nsITelemetry"], @@ -1888,11 +1892,23 @@ var SessionStoreInternal = { }, "browser-delayed-startup-finished"); }); + let bootstrapPromise = new Promise(resolve => { + if (TorProtocolService.isBootstrapDone() || !TorProtocolService.ownsTorDaemon) { + resolve(); + } else { + Services.obs.addObserver(function obs(subject, topic) { + Services.obs.removeObserver(obs, topic); + resolve(); + }, "torconnect:bootstrap-complete"); + } + }); + // We are ready for initialization as soon as the session file has been // read from disk and the initial window's delayed startup has finished. this._promiseReadyForInitialization = Promise.all([ promise, SessionStartup.onceInitialized, + bootstrapPromise, ]); } diff --git a/browser/components/torconnect/TorConnectChild.jsm b/browser/components/torconnect/TorConnectChild.jsm new file mode 100644 index 000000000000..bd6dd549f156 --- /dev/null +++ b/browser/components/torconnect/TorConnectChild.jsm @@ -0,0 +1,9 @@ +// Copyright (c) 2021, The Tor Project, Inc. + +var EXPORTED_SYMBOLS = ["TorConnectChild"]; + +const { RemotePageChild } = ChromeUtils.import( + "resource://gre/actors/RemotePageChild.jsm" +); + +class TorConnectChild extends RemotePageChild {} diff --git a/browser/components/torconnect/TorConnectParent.jsm b/browser/components/torconnect/TorConnectParent.jsm new file mode 100644 index 000000000000..c34fab76ddbb --- /dev/null +++ b/browser/components/torconnect/TorConnectParent.jsm @@ -0,0 +1,126 @@ +// Copyright (c) 2021, The Tor Project, Inc. + +var EXPORTED_SYMBOLS = ["TorConnectParent"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); +const { TorLauncherUtil } = ChromeUtils.import( + "resource://torlauncher/modules/tl-util.jsm" +); + +const { TorConnect } = ChromeUtils.import( + "resource:///modules/TorConnect.jsm" +); + +const kTorProcessReadyTopic = "TorProcessIsReady"; +const kTorProcessExitedTopic = "TorProcessExited"; +const kTorProcessDidNotStartTopic = "TorProcessDidNotStart"; +const kTorShowProgressPanelTopic = "TorShowProgressPanel"; +const kTorBootstrapStatusTopic = "TorBootstrapStatus"; +const kTorBootstrapErrorTopic = "TorBootstrapError"; +const kTorLogHasWarnOrErrTopic = "TorLogHasWarnOrErr"; + +const gActiveTopics = [ + kTorProcessReadyTopic, + kTorProcessExitedTopic, + kTorProcessDidNotStartTopic, + kTorShowProgressPanelTopic, + kTorBootstrapStatusTopic, + kTorBootstrapErrorTopic, + kTorLogHasWarnOrErrTopic, + "torconnect:bootstrap-complete", +]; + +const gTorLauncherPrefs = { + quickstart: "extensions.torlauncher.quickstart", +} + +class TorConnectParent extends JSWindowActorParent { + constructor(...args) { + super(...args); + + const self = this; + this.gObserver = { + observe(aSubject, aTopic, aData) { + const obj = aSubject?.wrappedJSObject; + if (obj) { + obj.handled = true; + } + self.sendAsyncMessage(aTopic, obj); + }, + }; + + for (const topic of gActiveTopics) { + Services.obs.addObserver(this.gObserver, topic); + } + + this.quickstartObserver = { + observe(aSubject, aTopic, aData) { + if (aTopic === "nsPref:changed" && + aData == gTorLauncherPrefs.quickstart) { + self.sendAsyncMessage("TorQuickstartPrefChanged", Services.prefs.getBoolPref(gTorLauncherPrefs.quickstart)); + } + }, + } + Services.prefs.addObserver(gTorLauncherPrefs.quickstart, this.quickstartObserver); + } + + willDestroy() { + for (const topic of gActiveTopics) { + Services.obs.removeObserver(this.gObserver, topic); + } + } + + + _OpenTorAdvancedPreferences() { + const win = this.browsingContext.top.embedderElement.ownerGlobal; + win.openTrustedLinkIn("about:preferences#tor", "tab"); + } + + _TorCopyLog() { + // Copy tor log messages to the system clipboard. + const chSvc = Cc["@mozilla.org/widget/clipboardhelper;1"].getService( + Ci.nsIClipboardHelper + ); + const countObj = { value: 0 }; + chSvc.copyString(TorProtocolService.getLog(countObj)); + const count = countObj.value; + return TorLauncherUtil.getFormattedLocalizedString( + "copiedNLogMessagesShort", + [count], + 1 + ); + } + + receiveMessage(message) { + switch (message.name) { + case "TorBootstrapErrorOccurred": + return TorProtocolService.torBootstrapErrorOccurred(); + case "TorRetrieveBootstrapStatus": + return TorProtocolService.retrieveBootstrapStatus(); + case "OpenTorAdvancedPreferences": + return this._OpenTorAdvancedPreferences(); + case "GetLocalizedBootstrapStatus": + const { status, keyword } = message.data; + return TorLauncherUtil.getLocalizedBootstrapStatus(status, keyword); + case "TorCopyLog": + return this._TorCopyLog(); + case "TorIsNetworkDisabled": + return TorProtocolService.isNetworkDisabled(); + case "TorStopBootstrap": + return TorProtocolService.torStopBootstrap(); + case "TorConnect": + return TorProtocolService.connect(); + case "GetDirection": + return Services.locale.isAppLocaleRTL ? "rtl" : "ltr"; + case "GetTorStrings": + return TorStrings; + case "TorLogHasWarnOrErr": + return TorProtocolService.torLogHasWarnOrErr(); + } + return undefined; + } +} diff --git a/browser/components/torconnect/content/aboutTorConnect.css b/browser/components/torconnect/content/aboutTorConnect.css new file mode 100644 index 000000000000..a70904ca0b28 --- /dev/null +++ b/browser/components/torconnect/content/aboutTorConnect.css @@ -0,0 +1,151 @@ + +/* Copyright (c) 2021, The Tor Project, Inc. */ + + +@import url("chrome://browser/skin/error-pages.css"); + +:root { + --onion-opacity: 1; + --onion-color: var(--card-outline-color); + --onion-radius: 50px; +} + +/* override firefox's default blue focus coloring */ +:focus { + outline: none!important; + box-shadow: 0 0 0 3px #CD8CED !important; + border: 1px #59316B solid !important; +} + +@media (prefers-color-scheme: dark) +{ + :focus { + box-shadow: 0 0 0 3px #8C689E !important; + } +} + +/* override firefox's default blue border on hover */ +input[type="checkbox"]:not(:disabled):hover { + border-color: #59316B; +} + +/* fix checkbox visibility when dark mode enabled */ +input[type="checkbox"]:checked { + fill: var(--in-content-page-color); +} + +#connectButton { + background-color: #7D4698; +} + +#connectButton:hover { + background-color: #59316B; +} + +#progressBackground { + position:fixed; + padding:0; + margin:0; + top:0; + left:0; + width: 0%; + height: 7px; + background-image: linear-gradient(90deg, rgb(20, 218, 221) 0%, rgb(128, 109, 236) 100%); + border-radius: 0; +} + +#connectPageContainer { + margin-top: 10vh; + width: 50%; +} + +#quickstartCheckbox, #quickstartCheckboxLabel { + vertical-align: middle; +} + +#copyLogButton { + position: relative; +} + +/* mirrors p element spacing */ +#copyLogContainer { + margin: 1em 0; + height: 1.2em; + min-height: 1.2em; +} + +#copyLogLink { + position: relative; + display: inline-block; + color: var(--in-content-link-color); +} + +/* hidden apparently only works if no display is set; who knew? */ +#copyLogLink[hidden="true"] { + display: none; +} + +#copyLogLink:hover { + cursor:pointer; +} + +/* This div: + - is centered over its parent + - centers its child + - has z-index above parent + - ignores mouse events from parent +*/ +#copyLogTooltip { + pointer-events: none; + visibility: hidden; + display: flex; + justify-content: center; + white-space: nowrap; + width: 0; + position: absolute; + + z-index: 1; + left: 50%; + bottom: calc(100% + 0.25em); +} + +/* tooltip content (any content could go here) */ +#copyLogTooltipText { + background-color: #30E60B; + color: #003706; + border-radius: 2px; + padding: 4px; + line-height: 13px; + font: 11px sans-serif; + font-weight: 400; +} + +/* our speech bubble tail */ +#copyLogTooltipText::after { + content: ""; + position: absolute; + top: 100%; + left: 50%; + margin-left: -4px; + border-width: 4px; + border-style: solid; + border-color: #30E60B transparent transparent transparent; +} + +body { + padding: 0px !important; + justify-content: space-between; + background-color: var(--in-content-page-background); +} + +.title { + background-image: url("chrome://browser/content/torconnect/onion.svg"); + -moz-context-properties: fill, fill-opacity; + fill-opacity: 1; + fill: var(--onion-color); +} + +.title.error { + background-image: url("chrome://browser/content/torconnect/onion-slash.svg"); +} + diff --git a/browser/components/torconnect/content/aboutTorConnect.js b/browser/components/torconnect/content/aboutTorConnect.js new file mode 100644 index 000000000000..19fd335ccd13 --- /dev/null +++ b/browser/components/torconnect/content/aboutTorConnect.js @@ -0,0 +1,339 @@ +// Copyright (c) 2021, The Tor Project, Inc. + +/* eslint-env mozilla/frame-script */ + +const kTorProcessReadyTopic = "TorProcessIsReady"; +const kTorProcessExitedTopic = "TorProcessExited"; +const kTorProcessDidNotStartTopic = "TorProcessDidNotStart"; +const kTorBootstrapStatusTopic = "TorBootstrapStatus"; +const kTorBootstrapErrorTopic = "TorBootstrapError"; +const kTorLogHasWarnOrErrTopic = "TorLogHasWarnOrErr"; +const kTorQuickstartPrefChanged = "TorQuickstartPrefChanged"; + +const TorLauncherPrefs = { + quickstart: "extensions.torlauncher.quickstart", + prompt_at_startup: "extensions.torlauncher.prompt_at_startup", +} + +class AboutTorConnect { + log(...args) { + console.log(...args); + } + + logError(...args) { + console.error(...args); + } + + logDebug(...args) { + console.debug(...args); + } + + getElem(id) { + return document.getElementById(id); + } + get elemProgressContent() { + return this.getElem("progressContent"); + } + get elemProgressDesc() { + return this.getElem("connectShortDescText"); + } + get elemProgressMeter() { + return this.getElem("progressBackground"); + } + get elemCopyLogLink() { + return this.getElem("copyLogLink"); + } + get elemCopyLogTooltip() { + return this.getElem("copyLogTooltip"); + } + get elemCopyLogTooltipText() { + return this.getElem("copyLogTooltipText"); + } + get elemQuickstartCheckbox() { + return this.getElem("quickstartCheckbox"); + } + get elemQuickstartLabel() { + return this.getElem("quickstartCheckboxLabel"); + } + get elemConnectButton() { + return this.getElem("connectButton"); + } + get elemAdvancedButton() { + return this.getElem("advancedButton"); + } + get elemCancelButton() { + return this.getElem("cancelButton"); + } + get elemTextContainer() { + return this.getElem("text-container"); + } + get elemTitle() { + return this.elemTextContainer.getElementsByClassName("title")[0]; + } + + static get STATE_INITIAL() { + return "STATE_INITIAL"; + } + + static get STATE_BOOTSTRAPPING() { + return "STATE_BOOTSTRAPPING"; + } + + static get STATE_BOOTSTRAPPED() { + return "STATE_BOOTSTRAPPED"; + } + + static get STATE_BOOTSTRAP_ERROR() { + return "STATE_BOOTSTRAP_ERROR"; + } + + get state() { + return this._state; + } + + setInitialUI() { + this.setTitle(this.torStrings.torConnect.torConnect); + this.elemProgressDesc.textContent = + this.torStrings.settings.torPreferencesDescription; + this.showElem(this.elemConnectButton); + this.elemConnectButton.focus(); + this.showElem(this.elemAdvancedButton); + this.hideElem(this.elemCopyLogLink); + this.hideElem(this.elemCancelButton); + this.hideElem(this.elemProgressContent); + this.hideElem(this.elemProgressMeter); + this.elemTitle.classList.remove("error"); + } + + setBootstrappingUI() { + this.setTitle(this.torStrings.torConnect.torConnecting); + this.hideElem(this.elemConnectButton); + this.hideElem(this.elemAdvancedButton); + this.hideElem(this.elemCopyLogLink); + this.showElem(this.elemCancelButton); + this.elemCancelButton.focus(); + this.showElem(this.elemProgressContent); + this.showElem(this.elemProgressMeter); + this.elemTitle.classList.remove("error"); + } + + setBootstrapErrorUI() { + this.setTitle(this.torStrings.torConnect.torBootstrapFailed); + this.elemConnectButton.textContent = this.torStrings.torConnect.tryAgain; + this.showElem(this.elemConnectButton); + this.hideElem(this.elemCancelButton); + this.showElem(this.elemAdvancedButton); + this.elemAdvancedButton.focus(); + this.showElem(this.elemProgressContent); + this.hideElem(this.elemProgressMeter); + this.elemTitle.classList.add("error"); + } + + set state(state) { + const oldState = this.state; + if (oldState === state) { + return; + } + this._state = state; + switch (this.state) { + case AboutTorConnect.STATE_INITIAL: + this.setInitialUI(); + break; + case AboutTorConnect.STATE_BOOTSTRAPPING: + this.setBootstrappingUI(); + break; + case AboutTorConnect.STATE_BOOTSTRAP_ERROR: + this.setBootstrapErrorUI(); + break; + case AboutTorConnect.STATE_BOOTSTRAPPED: + window.close(); + break; + } + } + + async showErrorMessage(aErrorObj) { + if (aErrorObj && aErrorObj.message) { + this.setTitle(aErrorObj.message); + if (aErrorObj.details) { + this.elemProgressDesc.textContent = aErrorObj.details; + } + } + + this.showCopyLog(); + this.showElem(this.elemConnectButton); + } + + showElem(elem) { + elem.removeAttribute("hidden"); + } + + hideElem(elem) { + elem.setAttribute("hidden", "true"); + } + + async connect() { + // reset the text to original description + // in case we are trying again after an error (clears out error text) + this.elemProgressDesc.textContent = + this.torStrings.settings.torPreferencesDescription; + + this.state = AboutTorConnect.STATE_BOOTSTRAPPING; + const error = await RPMSendQuery("TorConnect"); + if (error) { + if (error.details) { + this.showErrorMessage({ message: error.details }, true); + this.showSaveSettingsError(error.details); + } + } + } + + showCopyLog() { + this.elemCopyLogLink.removeAttribute("hidden"); + } + + async updateBootstrapProgress(status) { + let labelText = await RPMSendQuery("GetLocalizedBootstrapStatus", { + status, + keyword: "TAG", + }); + let percentComplete = status.PROGRESS ? status.PROGRESS : 0; + this.elemProgressMeter.style.width = `${percentComplete}%`; + + if (await RPMSendQuery("TorBootstrapErrorOccurred")) { + this.state = AboutTorConnect.STATE_BOOTSTRAP_ERROR; + return; + } else if (await RPMSendQuery("TorIsNetworkDisabled")) { + // If tor network is not connected, let's go to the initial state, even + // if bootstrap state is greater than 0. + this.state = AboutTorConnect.STATE_INITIAL; + return; + } else if (percentComplete > 0) { + this.state = AboutTorConnect.STATE_BOOTSTRAPPING; + } + + // Due to async, status might have changed. Do not override desc if so. + if (this.state === AboutTorConnect.STATE_BOOTSTRAPPING) { + this.hideElem(this.elemConnectButton); + } + } + + stopTorBootstrap() { + RPMSendAsyncMessage("TorStopBootstrap"); + } + + setTitle(title) { + const titleElement = document.querySelector(".title-text"); + titleElement.textContent = title; + document.title = title; + } + + async initElements() { + this.elemAdvancedButton.textContent = this.torStrings.torConnect.torConfigure; + this.elemAdvancedButton.addEventListener("click", () => { + RPMSendAsyncMessage("OpenTorAdvancedPreferences"); + }); + + // sets the text content while keping the child elements intact + this.elemCopyLogLink.childNodes[0].nodeValue = + this.torStrings.torConnect.copyLog; + this.elemCopyLogLink.addEventListener("click", async (event) => { + const copiedMessage = await RPMSendQuery("TorCopyLog"); + aboutTorConnect.elemCopyLogTooltipText.textContent = copiedMessage; + aboutTorConnect.elemCopyLogTooltip.style.visibility = "visible"; + + // clear previous timeout if one already exists + if (aboutTorConnect.copyLogTimeoutId) { + clearTimeout(aboutTorConnect.copyLogTimeoutId); + } + + // hide tooltip after X ms + const TOOLTIP_TIMEOUT = 2000; + aboutTorConnect.copyLogTimeoutId = setTimeout(function() { + aboutTorConnect.elemCopyLogTooltip.style.visibility = "hidden"; + aboutTorConnect.copyLogTimeoutId = 0; + }, TOOLTIP_TIMEOUT); + }); + + + this.elemQuickstartLabel.textContent = this.torStrings.settings.quickstartCheckbox; + this.elemQuickstartCheckbox.addEventListener("change", () => { + const quickstart = this.elemQuickstartCheckbox.checked; + RPMSetBoolPref(TorLauncherPrefs.quickstart, quickstart); + }); + this.elemQuickstartCheckbox.checked = await RPMGetBoolPref(TorLauncherPrefs.quickstart); + + this.elemConnectButton.textContent = + this.torStrings.torConnect.torConnectButton; + this.elemConnectButton.addEventListener("click", () => { + this.connect(); + }); + + this.elemCancelButton.textContent = this.torStrings.torConnect.cancel; + this.elemCancelButton.addEventListener("click", () => { + this.stopTorBootstrap(); + }); + } + + initObservers() { + RPMAddMessageListener(kTorBootstrapErrorTopic, ({ data }) => { + this.showCopyLog(); + this.stopTorBootstrap(); + this.showErrorMessage(data); + }); + RPMAddMessageListener(kTorLogHasWarnOrErrTopic, () => { + this.showCopyLog(); + }); + RPMAddMessageListener(kTorProcessDidNotStartTopic, ({ data }) => { + this.showErrorMessage(data); + }); + RPMAddMessageListener(kTorBootstrapStatusTopic, ({ data }) => { + this.updateBootstrapProgress(data); + }); + RPMAddMessageListener(kTorQuickstartPrefChanged, ({ data }) => { + // update checkbox with latest quickstart pref value + this.elemQuickstartCheckbox.checked = data; + }); + RPMAddMessageListener("torconnect:bootstrap-complete", () => { + this.state = AboutTorConnect.STATE_BOOTSTRAPPED; + }); + } + + initKeyboardShortcuts() { + document.onkeydown = (evt) => { + // unfortunately it looks like we still haven't standardized keycodes to + // integers, so we must resort to a string compare here :( + // see https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/code for relevant documentation + if (evt.code === "Escape") { + this.stopTorBootstrap(); + } + }; + } + + async init() { + this.torStrings = await RPMSendQuery("GetTorStrings"); + document.documentElement.setAttribute( + "dir", + await RPMSendQuery("GetDirection") + ); + this.initElements(); + this.initObservers(); + this.initKeyboardShortcuts(); + this.state = AboutTorConnect.STATE_INITIAL; + + // Request the most recent bootstrap status info so that a + // TorBootstrapStatus notification is generated as soon as possible. + RPMSendAsyncMessage("TorRetrieveBootstrapStatus"); + + // quickstart is the user set pref for starting tor automatically + // prompt_at_startup will be set to false after successful bootstrap, and true on error + // by tor-launcher, so we want to keep the connect screen up when prompt_at_startup is true + /// even if quickstart is enabled so user can potentially resolve errors on next launch + if (await RPMGetBoolPref(TorLauncherPrefs.quickstart) && + !await RPMGetBoolPref(TorLauncherPrefs.prompt_at_startup)) { + this.connect(); + } + } +} + +const aboutTorConnect = new AboutTorConnect(); +aboutTorConnect.init(); diff --git a/browser/components/torconnect/content/aboutTorConnect.xhtml b/browser/components/torconnect/content/aboutTorConnect.xhtml new file mode 100644 index 000000000000..0a0721afb7db --- /dev/null +++ b/browser/components/torconnect/content/aboutTorConnect.xhtml @@ -0,0 +1,54 @@ + +<!DOCTYPE html> +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta http-equiv="Content-Security-Policy" content="default-src chrome:; object-src 'none'" /> + <link rel="stylesheet" href="chrome://browser/skin/onionPattern.css" type="text/css" media="all" /> + <link rel="stylesheet" href="chrome://browser/content/torconnect/aboutTorConnect.css" type="text/css" media="all" /> + </head> + <body> + <div id="progressBackground"></div> + <div id="connectPageContainer" class="container"> + <div id="text-container"> + <div class="title"> + <h1 class="title-text"/> + </div> + <div id="connectLongContent"> + <div id="connectShortDesc"> + <p id="connectShortDescText" /> + </div> + </div> + + <div id="progressContent" hidden="true"> + <div class="tbb-header" pack="center"> + <image class="tbb-logo"/> + </div> + <div flex="1"> + <div id="progressDesc"/> + </div> + </div> + + <div id="copyLogContainer"> + <span id="copyLogLink" hidden="true"> + <div id="copyLogTooltip"> + <span id="copyLogTooltipText"/> + </div> + </span> + </div> + + <div id="quickstartContainer"> + <input id="quickstartCheckbox" type="checkbox" /> + <label id="quickstartCheckboxLabel" for="quickstartCheckbox"/> + </div> + + <div id="connectButtonContainer" class="button-container"> + <button id="advancedButton" hidden="true"></button> + <button id="cancelButton" hidden="true"></button> + <button id="connectButton" class="primary try-again" hidden="true"></button> + </div> + </div> + </div> +#include ../../../themes/shared/onionPattern.inc.xhtml + </body> + <script src="chrome://browser/content/torconnect/aboutTorConnect.js"/> +</html> diff --git a/browser/components/torconnect/content/onion-slash.svg b/browser/components/torconnect/content/onion-slash.svg new file mode 100644 index 000000000000..efb09700ec0b --- /dev/null +++ b/browser/components/torconnect/content/onion-slash.svg @@ -0,0 +1,7 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <g fill-opacity="context-fill-opacity" fill="context-fill"> + <path d="M3.409559 13.112147C3.409559 13.112147 8.200807 8.103115 8.200807 8.103115C8.200807 8.103115 8.200807 6.516403 8.200807 6.516403C8.620819 6.516403 9.009719 6.703075 9.274171 6.998639C9.274171 6.998639 10.160863 6.080835 10.160863 6.080835C9.663071 5.567487 8.978607 5.256367 8.200807 5.256367C8.200807 5.256367 8.200807 4.400787 8.200807 4.400787C9.196391 4.400787 10.098639 4.805243 10.736435 5.458595C10.736435 5.458595 11.623127 4.540791 11.623127 4.540791C10.751991 3.669655 9.538623 3.125195 8.200807 3.125195C8.200807 3.125195 8.200807 2.269615 8.200807 2.269615C9.756407 2.269615 11.172003 2.907411 12.214255 3.918551C12.214255 3.918551 13.100947 3.000747 13.100947 3.000747C11.825355 1.756267 10.098639 0.994023 8.185251 0.994023C4.311807 0.994023 1.185051 4.120779 1.185051 7.994223C1.185051 10.016503 2.040631 11.836555 3.409559 13.112147C3.409559 13.112147 3.409559 13.112147 3.409559 13.112147"/> + <path d="M14.205423 4.416343C14.205423 4.416343 13.287619 5.380815 13.287619 5.380815C13.692075 6.158615 13.909859 7.045307 13.909859 7.994223C13.909859 11.152091 11.358675 13.718831 8.200807 13.718831C8.200807 13.718831 8.200807 12.863251 8.200807 12.863251C10.891995 12.863251 13.069835 10.669855 13.069835 7.978667C13.069835 7.278647 12.929831 6.625295 12.665379 6.018611C12.665379 6.018611 11.685351 7.045307 11.685351 7.045307C11.763131 7.340871 11.809799 7.651991 11.809799 7.963111C11.809799 9.954279 10.207531 11.556547 8.216363 11.572103C8.216363 11.572103 8.216363 10.716523 8.216363 10.716523C9.725295 10.700967 10.954219 9.472043 10.954219 7.963111C10.954219 7.916443 10.954219 7.854219 10.954219 7.807551C10.954219 7.807551 4.887379 14.169955 4.887379 14.169955C5.867407 14.698859 6.987439 14.994423 8.185251 14.994423C12.058695 14.994423 15.185451 11.867667 15.185451 7.994223C15.185451 6.687519 14.827663 5.474151 14.205423 4.416343C14.205423 4.416343 14.205423 4.416343 14.20542 3 4.416343"/> + <path d="M1.791735 15.461103C1.402835 15.461103 1.045047 15.212207 0.889487 14.838863C0.733927 14.465519 0.827267 14.014395 1.107271 13.734387C1.107271 13.734387 13.458735 0.822907 13.458735 0.822907C13.847635 0.434007 14.454319 0.449563 14.827663 0.838467C15.201007 1.227367 15.216563 1.865163 14.843223 2.269619C14.843223 2.269619 2.491759 15.181099 2.491759 15.181099C2.289531 15.352215 2.040635 15.461107 1.791739 15.461107C1.791739 15.461107 1.791735 15.461103 1.791735 15.461103"/> + </g> +</svg> diff --git a/browser/components/torconnect/content/onion.svg b/browser/components/torconnect/content/onion.svg new file mode 100644 index 000000000000..30cd52ba5c51 --- /dev/null +++ b/browser/components/torconnect/content/onion.svg @@ -0,0 +1,3 @@ +<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"> + <path fill="context-fill" fill-opacity="context-fill-opacity" d="M12.0246161,21.8174863 L12.0246161,20.3628098 C16.6324777,20.3495038 20.3634751,16.6108555 20.3634751,11.9996673 C20.3634751,7.38881189 16.6324777,3.65016355 12.0246161,3.63685757 L12.0246161,2.18218107 C17.4358264,2.1958197 21.8178189,6.58546322 21.8178189,11.9996673 C21.8178189,17.4142042 17.4358264,21.8041803 12.0246161,21.8174863 L12.0246161,21.8174863 Z M12.0246161,16.7259522 C14.623607,16.7123136 16.7272828,14.6023175 16.7272828,11.9996673 C16.7272828,9.39734991 14.623607,7.28735377 12.0246161,7.27371516 L12.0246161,5.81937131 C15.4272884,5.8326773 18.1819593,8.59400123 18.1819593,11.9996673 C18.1819593,15.4056661 15.4272884,18.1669901 12.0246161,18.1802961 L12.0246161,16.7259522 Z M12.0246161,9.45556355 C13.4187503,9.46886953 14.5454344,10.6022066 14.5454344,11.9996673 C14.5454344,13.3974608 13.4187503,14.5307978 12.0246161,14.5441038 L12.0246161,9.45556355 Z M0,11.9996673 C0,18.6273771 5.37229031,24 12,24 C18 .6273771,24 24,18.6273771 24,11.9996673 C24,5.37229031 18.6273771,0 12,0 C5.37229031,0 0,5.37229031 0,11.9996673 Z"/> +</svg> \ No newline at end of file diff --git a/browser/components/torconnect/content/torBootstrapUrlbar.js b/browser/components/torconnect/content/torBootstrapUrlbar.js new file mode 100644 index 000000000000..55a595b2dbab --- /dev/null +++ b/browser/components/torconnect/content/torBootstrapUrlbar.js @@ -0,0 +1,136 @@ +// Copyright (c) 2021, The Tor Project, Inc. + +"use strict"; + + const TorConnectionStatus = { + invalid: -1, + offline: 0, + connecting: 1, + connected: 2, + failure: 3, + }; +var TorBootstrapUrlbar; + +{ + const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" + ); + const { TorLauncherUtil } = ChromeUtils.import( + "resource://torlauncher/modules/tl-util.jsm" + ); + const { TorStrings } = ChromeUtils.import( + "resource:///modules/TorStrings.jsm" + ); + + const kTorProcessReadyTopic = "TorProcessIsReady"; + const kTorProcessExitedTopic = "TorProcessExited"; + const kTorProcessDidNotStartTopic = "TorProcessDidNotStart"; + const kTorBootstrapStatusTopic = "TorBootstrapStatus"; + const kTorBootstrapErrorTopic = "TorBootstrapError"; + + const gActiveTopics = [ + kTorProcessReadyTopic, + kTorProcessExitedTopic, + kTorProcessDidNotStartTopic, + kTorBootstrapStatusTopic, + kTorBootstrapErrorTopic, + ]; + + TorBootstrapUrlbar = { + _connectionStatus: TorConnectionStatus.invalid, + get ConnectionStatus() { + return this._connectionStatus; + }, + + _torConnectBox : null, + get TorConnectBox() { + if (!this._torConnectBox) { + this._torConnectBox = + browser.ownerGlobal.document.getElementById("torconnect-box"); + } + return this._torConnectBox; + }, + + _torConnectLabel : null, + get TorConnectLabel() { + if (!this._torConnectLabel) { + this._torConnectLabel = + browser.ownerGlobal.document.getElementById("torconnect-label"); + } + return this._torConnectLabel; + }, + + _updateConnectionStatus(percentComplete = 0) { + if (TorProtocolService.ownsTorDaemon && + !TorLauncherUtil.useLegacyLauncher) { + if (TorProtocolService.isNetworkDisabled()) { + if (TorProtocolService.torBootstrapErrorOccurred()) { + this._connectionStatus = TorConnectionStatus.failure; + } else { + this._connectionStatus = TorConnectionStatus.offline; + } + } else if (percentComplete < 100) { + this._connectionStatus = TorConnectionStatus.connecting; + } else if (percentComplete === 100) { + this._connectionStatus = TorConnectionStatus.connected; + } + } + else + { + this._connectionStatus = TorConnectionStatus.invalid; + } + + switch(this._connectionStatus) + { + case TorConnectionStatus.failure: + case TorConnectionStatus.offline: + this.TorConnectBox.removeAttribute("hidden"); + this.TorConnectLabel.textContent = TorStrings.torConnect.offline; + gURLBar._inputContainer.setAttribute("torconnect", "offline"); + break; + case TorConnectionStatus.connecting: + this.TorConnectLabel.textContent = + TorStrings.torConnect.torConnectingConcise; + gURLBar._inputContainer.setAttribute("torconnect", "connecting"); + break; + case TorConnectionStatus.connected: + this.TorConnectLabel.textContent = + TorStrings.torConnect.torConnectedConcise; + gURLBar._inputContainer.setAttribute("torconnect", "connected"); + // hide torconnect box after 5 seconds + let self = this; + setTimeout(function() { + self.TorConnectBox.setAttribute("hidden", "true"); + }, 5000); + break; + } + }, + + observe(aSubject, aTopic, aData) { + const obj = aSubject?.wrappedJSObject; + + switch (aTopic) { + case kTorProcessReadyTopic: + case kTorProcessExitedTopic: + case kTorProcessDidNotStartTopic: + case kTorBootstrapErrorTopic: + this._updateConnectionStatus(); + break; + case kTorBootstrapStatusTopic: + let percentComplete = obj.PROGRESS ? obj.PROGRESS : 0; + this._updateConnectionStatus(percentComplete); + break; + } + }, + init() { + for (const topic of gActiveTopics) { + Services.obs.addObserver(this, topic); + } + }, + uninit() { + for (const topic of gActiveTopics) { + Services.obs.removeObserver(this, topic); + } + }, + }; +} diff --git a/browser/components/torconnect/content/torconnect-urlbar.css b/browser/components/torconnect/content/torconnect-urlbar.css new file mode 100644 index 000000000000..db2f1069b22b --- /dev/null +++ b/browser/components/torconnect/content/torconnect-urlbar.css @@ -0,0 +1,65 @@ +/* + ensure our torconnect button is always visible (same rule as for the bookmark button) +*/ +hbox.urlbar-page-action#torconnect-box { + display: -moz-inline-box!important; + margin: 0 6px; + height: 28px; +} +/* disable the button-like default css */ +hbox.urlbar-page-action#torconnect-box:hover, +hbox.urlbar-page-action#torconnect-box:active { + background-color: inherit!important; +} + +label#torconnect-label { + line-height: 28px; + margin: 0; + opacity: 0.6; +} + +/* set appropriate sizes for the non-standard ui densities */ +:root[uidensity=compact] { + hbox.urlbar-page-action#torconnect-box { + margin: 0 4px; + height: 24px; + } + label#torconnect-label { + line-height: 24px; + } +} +:root[uidensity=touch] { + hbox.urlbar-page-action#torconnect-box { + margin: 0 7px; + height: 30px; + } + label#torconnect-label { + line-height: 30px; + } +} + +/* hide when hidden attribute is set */ +hbox.urlbar-page-action#torconnect-box[hidden="true"], +/* hide when user is typing in URL bar */ +#urlbar[usertyping] > #urlbar-input-container > #page-action-buttons > #torconnect-box { + display: none!important; +} + +/* hide urlbar's placeholder text when not connectd to tor */ +hbox#urlbar-input-container[torconnect="offline"] input#urlbar-input::placeholder, +hbox#urlbar-input-container[torconnect="connecting"] input#urlbar-input::placeholder { + opacity: 0; +} + +/* hide search suggestions when not connected to tor */ +hbox#urlbar-input-container[torconnect="offline"] + vbox.urlbarView, +hbox#urlbar-input-container[torconnect="connecting"] + vbox.urlbarView { + display: none!important; +} + +/* hide search icon when we are not connected to tor */ +hbox#urlbar-input-container[torconnect="offline"] > #identity-box[pageproxystate="invalid"] > #identity-icon, +hbox#urlbar-input-container[torconnect="connecting"] > #identity-box[pageproxystate="invalid"] > #identity-icon +{ + display: none!important; +} diff --git a/browser/components/torconnect/content/torconnect-urlbar.inc.xhtml b/browser/components/torconnect/content/torconnect-urlbar.inc.xhtml new file mode 100644 index 000000000000..bdf9d8f0df00 --- /dev/null +++ b/browser/components/torconnect/content/torconnect-urlbar.inc.xhtml @@ -0,0 +1,11 @@ +# Copyright (c) 2021, The Tor Project, Inc. + +<hbox id="torconnect-box" + class="urlbar-icon-wrapper urlbar-page-action" + role="status" + hidden="true"> + <image id="torconnect-button" role="presentation"/> + <hbox id="torconnect-container"> + <label id="torconnect-label"/> + </hbox> +</hbox> \ No newline at end of file diff --git a/browser/components/torconnect/jar.mn b/browser/components/torconnect/jar.mn new file mode 100644 index 000000000000..ed8a4de299b2 --- /dev/null +++ b/browser/components/torconnect/jar.mn @@ -0,0 +1,7 @@ +browser.jar: + content/browser/torconnect/torBootstrapUrlbar.js (content/torBootstrapUrlbar.js) + content/browser/torconnect/aboutTorConnect.css (content/aboutTorConnect.css) +* content/browser/torconnect/aboutTorConnect.xhtml (content/aboutTorConnect.xhtml) + content/browser/torconnect/aboutTorConnect.js (content/aboutTorConnect.js) + content/browser/torconnect/onion.svg (content/onion.svg) + content/browser/torconnect/onion-slash.svg (content/onion-slash.svg) diff --git a/browser/components/torconnect/moz.build b/browser/components/torconnect/moz.build new file mode 100644 index 000000000000..eb29c31a4243 --- /dev/null +++ b/browser/components/torconnect/moz.build @@ -0,0 +1,6 @@ +JAR_MANIFESTS += ['jar.mn'] + +EXTRA_JS_MODULES += [ + 'TorConnectChild.jsm', + 'TorConnectParent.jsm', +] diff --git a/browser/components/torpreferences/content/torPane.js b/browser/components/torpreferences/content/torPane.js index 49054b5dac6a..01609ddda090 100644 --- a/browser/components/torpreferences/content/torPane.js +++ b/browser/components/torpreferences/content/torPane.js @@ -1,5 +1,7 @@ "use strict"; +/* global Services */ + const { TorProtocolService } = ChromeUtils.import( "resource:///modules/TorProtocolService.jsm" ); @@ -51,6 +53,10 @@ const { parsePort, parseBridgeStrings, parsePortList } = ChromeUtils.import( "chrome://browser/content/torpreferences/parseFunctions.jsm" ); +const TorLauncherPrefs = { + quickstart: "extensions.torlauncher.quickstart", +} + /* Tor Pane @@ -62,11 +68,21 @@ const gTorPane = (function() { category: { title: "label#torPreferences-labelCategory", }, + messageBox: { + box: "div#torPreferences-connectMessageBox", + message: "td#torPreferences-connectMessageBox-message", + button: "button#torPreferences-connectMessageBox-button", + }, torPreferences: { header: "h1#torPreferences-header", description: "span#torPreferences-description", learnMore: "label#torPreferences-learnMore", }, + quickstart: { + header: "h2#torPreferences-quickstart-header", + description: "span#torPreferences-quickstart-description", + enableQuickstartCheckbox: "checkbox#torPreferences-quickstart-toggle", + }, bridges: { header: "h2#torPreferences-bridges-header", description: "span#torPreferences-bridges-description", @@ -112,6 +128,10 @@ const gTorPane = (function() { let retval = { // cached frequently accessed DOM elements + _messageBox: null, + _messageBoxMessage: null, + _messageBoxButton: null, + _enableQuickstartCheckbox: null, _useBridgeCheckbox: null, _bridgeSelectionRadiogroup: null, _builtinBridgeOption: null, @@ -161,6 +181,43 @@ const gTorPane = (function() { let prefpane = document.getElementById("mainPrefPane"); + // 'Connect to Tor' Message Bar + + this._messageBox = prefpane.querySelector(selectors.messageBox.box); + this._messageBoxMessage = prefpane.querySelector(selectors.messageBox.message); + this._messageBoxButton = prefpane.querySelector(selectors.messageBox.button); + // wire up connect button + this._messageBoxButton.addEventListener("click", () => { + TorProtocolService.connect(); + let win = Services.wm.getMostRecentWindow("navigator:browser"); + // switch to existing about:torconnect tab or create a new one + win.switchToTabHavingURI("about:torconnect", true); + }); + + let populateMessagebox = () => { + if (TorProtocolService.shouldShowTorConnect()) { + // set messagebox style and text + if (TorProtocolService.torBootstrapErrorOccurred()) { + this._messageBox.className = "error"; + this._messageBoxMessage.innerText = TorStrings.torConnect.tryAgainMessage; + this._messageBoxButton.innerText = TorStrings.torConnect.tryAgain; + } else { + this._messageBox.className = "warning"; + this._messageBoxMessage.innerText = TorStrings.torConnect.connectMessage; + this._messageBoxButton.innerText = TorStrings.torConnect.torConnectButton; + } + } else { + this._messageBox.className = "hidden"; + this._messageBoxMessage.innerText = ""; + this._messageBoxButton.innerText = ""; + } + } + populateMessagebox(); + // update the messagebox whenever we come back to the page + window.addEventListener("focus", val => { + populateMessagebox(); + }); + // Heading prefpane.querySelector(selectors.torPreferences.header).innerText = TorStrings.settings.torPreferencesHeading; @@ -177,6 +234,26 @@ const gTorPane = (function() { ); } + // Quickstart + prefpane.querySelector(selectors.quickstart.header).innerText = + TorStrings.settings.quickstartHeading; + prefpane.querySelector(selectors.quickstart.description).textContent = + TorStrings.settings.quickstartDescription; + + this._enableQuickstartCheckbox = prefpane.querySelector( + selectors.quickstart.enableQuickstartCheckbox + ); + this._enableQuickstartCheckbox.setAttribute( + "label", + TorStrings.settings.quickstartCheckbox + ); + this._enableQuickstartCheckbox.addEventListener("command", e => { + const checked = this._enableQuickstartCheckbox.checked; + Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, checked); + }); + this._enableQuickstartCheckbox.checked = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); + Services.prefs.addObserver(TorLauncherPrefs.quickstart, this); + // Bridge setup prefpane.querySelector(selectors.bridges.header).innerText = TorStrings.settings.bridgesHeading; @@ -537,6 +614,15 @@ const gTorPane = (function() { // Callbacks // + // callback for when the quickstart pref changes + observe(subject, topic, data) { + if (topic != "nsPref:changed") return; + if (data === TorLauncherPrefs.quickstart) { + this._enableQuickstartCheckbox.checked = + Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); + } + }, + // callback when using bridges toggled onToggleBridge(enabled) { this._useBridgeCheckbox.checked = enabled; diff --git a/browser/components/torpreferences/content/torPane.xhtml b/browser/components/torpreferences/content/torPane.xhtml index 3c966b2b3726..7c8071f2cf10 100644 --- a/browser/components/torpreferences/content/torPane.xhtml +++ b/browser/components/torpreferences/content/torPane.xhtml @@ -3,6 +3,29 @@ <script type="application/javascript" src="chrome://browser/content/torpreferences/torPane.js"/> <html:template id="template-paneTor"> + + +<groupbox data-category="paneTor" hidden="true"> + <html:div id="torPreferences-connectMessageBox" + class="subcategory" + data-category="paneTor" + hidden="true"> + <html:table > + <html:tr> + <html:td> + <html:div id="torPreferences-connectMessageBox-icon"/> + </html:td> + <html:td id="torPreferences-connectMessageBox-message"> + </html:td> + <html:td> + <html:button id="torPreferences-connectMessageBox-button"> + </html:button> + </html:td> + </html:tr> + </html:table> + </html:div> +</groupbox> + <hbox id="torPreferencesCategory" class="subcategory" data-category="paneTor" @@ -18,6 +41,17 @@ </description> </groupbox> + +<groupbox id="torPreferences-quickstart-group" + data-category="paneTor" + hidden="true"> + <html:h2 id="torPreferences-quickstart-header"/> + <description flex="1"> + <html:span id="torPreferences-quickstart-description"/> + </description> + <checkbox id="torPreferences-quickstart-toggle"/> +</groupbox> +  <groupbox id="torPreferences-bridges-group" data-category="paneTor" diff --git a/browser/components/torpreferences/content/torPreferences.css b/browser/components/torpreferences/content/torPreferences.css index 4dac2c457823..f125936dac74 100644 --- a/browser/components/torpreferences/content/torPreferences.css +++ b/browser/components/torpreferences/content/torPreferences.css @@ -2,6 +2,127 @@ list-style-image: url("chrome://browser/content/torpreferences/torPreferencesIcon.svg"); } +/* Connect Message Box */ + +#torPreferences-connectMessageBox { + display: block; + position: relative; + + width: auto; + min-height: 32px; + border-radius: 4px; + padding: 4px; +} + +#torPreferences-connectMessageBox.hidden { + display: none; +} + +#torPreferences-connectMessageBox.error { + background-color: var(--red-60); + color: white; +} + +#torPreferences-connectMessageBox.warning { + background-color: var(--yellow-50); + color: var(--yellow-90); +} + +#torPreferences-connectMessageBox table { + border-collapse: collapse; + width: 100%; +} + +#torPreferences-connectMessageBox td { + vertical-align: top; + padding: 0px; +} + +#torPreferences-connectMessageBox td:first-child { + width: 24px; +} + +#torPreferences-connectMessageBox-icon { + display: block; + width: 16px; + height: 16px; + padding: 4px; + + mask-repeat: no-repeat !important; + mask-size: 16px !important; + mask-position: 4px 4px !important; +} + +#torPreferences-connectMessageBox.error #torPreferences-connectMessageBox-icon +{ + mask: url("chrome://browser/skin/onion-slash.svg"); + background-color: white; +} + +#torPreferences-connectMessageBox.warning #torPreferences-connectMessageBox-icon +{ + mask: url("chrome://global/skin/icons/warning.svg"); + background-color: black; +} + +#torPreferences-connectMessageBox-message { + display: block; + line-height: 16px; + font-size: 13px; + margin-right: 8px; + padding-left: 4px!important; + padding-top: 4px!important; +} + +#torPreferences-connectMessageBox-button { + display: block; + width: auto; + height: 24px; + line-height: 24px; + min-height: 24px; + max-height: 24px; + margin: 0px; + + border-radius: 2px; + border: 0; + padding-left: 8px; + padding-right: 8px; + margin-left: auto; + margin-right: 0px; + + font-size: 11px; + font-weight: 400; + white-space: nowrap; +} + +#torPreferences-connectMessageBox.error #torPreferences-connectMessageBox-button { + background-color: var(--red-70); +} + +#torPreferences-connectMessageBox.error #torPreferences-connectMessageBox-button:hover { + background-color: var(--red-80); +} + +#torPreferences-connectMessageBox.error #torPreferences-connectMessageBox-button:active { + background-color: var(--red-90); +} + +#torPreferences-connectMessageBox.warning #torPreferences-connectMessageBox-button { + background-color: var(--yellow-60); +} + +#torPreferences-connectMessageBox.warning #torPreferences-connectMessageBox-button:hover { + background-color: var(--yellow-70); + color: white!important; +} + +#torPreferences-connectMessageBox.warning #torPreferences-connectMessageBox-button:active { + background-color: var(--yellow-80); + color: white!important; +} + +/* Advanced Settings */ + #torPreferences-advanced-grid { display: grid; grid-template-columns: auto 1fr; diff --git a/browser/components/urlbar/UrlbarInput.jsm b/browser/components/urlbar/UrlbarInput.jsm index 13b1279105f2..f727c386701c 100644 --- a/browser/components/urlbar/UrlbarInput.jsm +++ b/browser/components/urlbar/UrlbarInput.jsm @@ -10,6 +10,33 @@ const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + +// in certain scenarios we want user input uris to open in a new tab if they do so from the +// about:torconnect tab +function maybeUpdateOpenLocationForTorConnect(openUILinkWhere, currentURI, destinationURI) { + try { + // only open in new tab if: + if (// user is navigating away from about:torconnect + currentURI === "about:torconnect" && + // we are trying to open in same tab + openUILinkWhere === "current" && + // only if user still has not bootstrapped + TorProtocolService.shouldShowTorConnect() && + // and user is not just navigating to about:torconnect + destinationURI !== "about:torconnect") { + return "tab"; + } + } catch (e) { + // swallow exception and fall through returning original so we don't accidentally break + // anything if an exception is thrown + } + + return openUILinkWhere; +}; + XPCOMUtils.defineLazyModuleGetters(this, { AppConstants: "resource://gre/modules/AppConstants.jsm", BrowserUtils: "resource://gre/modules/BrowserUtils.jsm", @@ -1832,6 +1859,10 @@ class UrlbarInput { // area when the current tab is re-selected. browser.focus(); + openUILinkWhere = maybeUpdateOpenLocationForTorConnect( + openUILinkWhere, + this.window.gBrowser.currentURI.asciiSpec, + url); if (openUILinkWhere != "current") { this.handleRevert(); } diff --git a/browser/modules/TorConnect.jsm b/browser/modules/TorConnect.jsm new file mode 100644 index 000000000000..3125c84558db --- /dev/null +++ b/browser/modules/TorConnect.jsm @@ -0,0 +1,62 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorConnect"]; + +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); + +const { BrowserWindowTracker } = ChromeUtils.import( + "resource:///modules/BrowserWindowTracker.jsm" +); + +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + +// TODO: move the bootstrap state management out of each of the individual +// about:torconnect pages and stick it here +var TorConnect = (() => { + let retval = { + init : function() { + let topics = [ + "TorBootstrapStatus", + ]; + + for(const topic of topics) { + Services.obs.addObserver(this, topic); + } + }, + + observe: function(subject, topic, data) { + switch(topic) { + case "TorBootstrapStatus": + const obj = subject?.wrappedJSObject; + if (obj?.PROGRESS === 100) { + // open home page(s) in new tabs + const win = BrowserWindowTracker.getTopWindow() + const urls = Services.prefs.getStringPref("browser.startup.homepage").split('|'); + + let location="tab"; + for(const url of urls) { + win.openTrustedLinkIn(url, location); + // open subsequent tabs behind first tab + location = "tabshifted"; + } + + Services.obs.notifyObservers(null, "torconnect:bootstrap-complete"); + } + break; + default: + // ignore + break; + } + }, + + shouldShowTorConnect : function() { + return TorProtocolService.shouldShowTorConnect(); + }, + }; + retval.init(); + return retval; +})(); /* TorConnect */ \ No newline at end of file diff --git a/browser/modules/TorProcessService.jsm b/browser/modules/TorProcessService.jsm new file mode 100644 index 000000000000..201e331b2806 --- /dev/null +++ b/browser/modules/TorProcessService.jsm @@ -0,0 +1,12 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorProcessService"]; + +var TorProcessService = { + get isBootstrapDone() { + const svc = Cc["@torproject.org/torlauncher-process-service;1"].getService( + Ci.nsISupports + ).wrappedJSObject; + return svc.mIsBootstrapDone; + }, +}; diff --git a/browser/modules/TorProtocolService.jsm b/browser/modules/TorProtocolService.jsm index b4e6ed9a3253..fc7f2c884aa2 100644 --- a/browser/modules/TorProtocolService.jsm +++ b/browser/modules/TorProtocolService.jsm @@ -1,3 +1,5 @@ +// Copyright (c) 2021, The Tor Project, Inc. + "use strict"; var EXPORTED_SYMBOLS = ["TorProtocolService"]; @@ -11,6 +13,10 @@ var TorProtocolService = { Ci.nsISupports ).wrappedJSObject, + _tlproc: Cc["@torproject.org/torlauncher-process-service;1"].getService( + Ci.nsISupports + ).wrappedJSObject, + // maintain a map of tor settings set by Tor Browser so that we don't // repeatedly set the same key/values over and over // this map contains string keys to primitive or array values @@ -196,11 +202,11 @@ var TorProtocolService = { // writes current tor settings to disk flushSettings() { - this._tlps.TorSendCommand("SAVECONF"); + this.sendCommand("SAVECONF"); }, - getLog() { - let countObj = { value: 0 }; + getLog(countObj) { + countObj = countObj || { value: 0 }; let torLog = this._tlps.TorGetLog(countObj); return torLog; }, @@ -209,4 +215,116 @@ var TorProtocolService = { get ownsTorDaemon() { return TorLauncherUtil.shouldStartAndOwnTor; }, + + // Assumes `ownsTorDaemon` is true + isNetworkDisabled() { + const reply = TorProtocolService._tlps.TorGetConfBool( + "DisableNetwork", + true + ); + if (TorProtocolService._tlps.TorCommandSucceeded(reply)) { + return reply.retVal; + } + return true; + }, + + enableNetwork() { + let settings = {}; + settings.DisableNetwork = false; + let errorObject = {}; + if (!this._tlps.TorSetConfWithReply(settings, errorObject)) { + throw new Error(errorObject.details); + } + }, + + sendCommand(cmd) { + return this._tlps.TorSendCommand(cmd); + }, + + retrieveBootstrapStatus() { + return this._tlps.TorRetrieveBootstrapStatus(); + }, + + _GetSaveSettingsErrorMessage(aDetails) { + try { + return TorLauncherUtil.getSaveSettingsErrorMessage(aDetails); + } catch (e) { + console.log("GetSaveSettingsErrorMessage error", e); + return "Unexpected Error"; + } + }, + + setConfWithReply(settings) { + let result = false; + const error = {}; + try { + result = this._tlps.TorSetConfWithReply(settings, error); + } catch (e) { + console.log("TorSetConfWithReply error", e); + error.details = this._GetSaveSettingsErrorMessage(e.message); + } + return { result, error }; + }, + + isBootstrapDone() { + return this._tlproc.mIsBootstrapDone; + }, + + clearBootstrapError() { + return this._tlproc.TorClearBootstrapError(); + }, + + shouldShowTorConnect() { + return ( + this.ownsTorDaemon && + !TorLauncherUtil.useLegacyLauncher && + (this.isNetworkDisabled() || !this.isBootstrapDone()) + ); + }, + + torBootstrapErrorOccurred() { + return this._tlproc.TorBootstrapErrorOccurred; + }, + + // Resolves to null if ok, or an error otherwise + connect() { + const kTorConfKeyDisableNetwork = "DisableNetwork"; + const settings = {}; + settings[kTorConfKeyDisableNetwork] = false; + const { result, error } = this.setConfWithReply(settings); + if (!result) { + return error; + } + try { + this.sendCommand("SAVECONF"); + this.clearBootstrapError(); + this.retrieveBootstrapStatus(); + } catch (e) { + return error; + } + return null; + }, + + torLogHasWarnOrErr() { + return this._tlps.TorLogHasWarnOrErr; + }, + + torStopBootstrap() { + // Tell tor to disable use of the network; this should stop the bootstrap + // process. + const kErrorPrefix = "Setting DisableNetwork=1 failed: "; + try { + let settings = {}; + settings.DisableNetwork = true; + const { result, error } = this.setConfWithReply(settings); + if (!result) { + console.log( + `Error stopping bootstrap ${kErrorPrefix} ${error.details}` + ); + } + } catch (e) { + console.log(`Error stopping bootstrap ${kErrorPrefix} ${e}`); + } + this.retrieveBootstrapStatus(); + }, }; diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm index 1e08b168e4af..c086d0fe3117 100644 --- a/browser/modules/TorStrings.jsm +++ b/browser/modules/TorStrings.jsm @@ -257,6 +257,9 @@ var TorStrings = { "Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world." ), learnMore: getString("torPreferences.learnMore", "Learn More"), + quickstartHeading: getString("torPreferences.quickstart", "Quickstart"), + quickstartDescription: getString("torPreferences.quickstartDescription", "Quickstart allows Tor Browser to connect automatically."), + quickstartCheckbox : getString("torPreferences.quickstartCheckbox", "Always connect automatically"), bridgesHeading: getString("torPreferences.bridges", "Bridges"), bridgesDescription: getString( "torPreferences.bridgesDescription", @@ -364,6 +367,78 @@ var TorStrings = { return retval; })() /* Tor Network Settings Strings */, + torConnect: (() => { + const tsbNetwork = new TorDTDStringBundle( + ["chrome://torlauncher/locale/network-settings.dtd"], + "" + ); + const tsbLauncher = new TorPropertyStringBundle( + "chrome://torlauncher/locale/torlauncher.properties", + "torlauncher." + ); + const tsbCommon = new TorPropertyStringBundle( + "chrome://global/locale/commonDialogs.properties", + "" + ); + + const getStringNet = tsbNetwork.getString.bind(tsbNetwork); + const getStringLauncher = tsbLauncher.getString.bind(tsbLauncher); + const getStringCommon = tsbCommon.getString.bind(tsbCommon); + + return { + torConnect: getStringNet( + "torsettings.wizard.title.default", + "Connect to Tor" + ), + + torConnecting: getStringNet( + "torsettings.wizard.title.connecting", + "Establishing a Connection" + ), + + torConnectingConcise: getStringNet( + "torConnect.connectingConcise", + "Connecting…" + ), + + torBootstrapFailed: getStringLauncher( + "tor_bootstrap_failed", + "Tor failed to establish a Tor network connection." + ), + + torConfigure: getStringNet( + "torsettings.wizard.title.configure", + "Tor Network Settings" + ), + + copyLog: getStringNet( + "torConnect.copyLog", + "Copy Tor Logs" + ), + + torConnectButton: getStringNet("torSettings.connect", "Connect"), + + cancel: getStringCommon("Cancel", "Cancel"), + + torConnected: getStringLauncher( + "torlauncher.bootstrapStatus.done", + "Connected to the Tor network" + ), + + torConnectedConcise: getStringLauncher( + "torConnect.connectedConcise", + "Connected" + ), + + tryAgain: getStringNet("torConnect.tryAgain", "Try connecting again"), + offline: getStringNet("torConnect.offline", "Offline"), + + // tor connect strings for message box in about:preferences#tor + connectMessage: getStringNet("torConnect.connectMessage", "Changes to Tor Settings will not take effect until you connect to the Tor Network"), + tryAgainMessage: getStringNet("torConnect.tryAgainMessage", "Tor Browser has failed to establish a connection to the Tor Network"), + }; + })(), + /* Tor Onion Services Strings, e.g., for the authentication prompt. */ diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 5fb78d1c07a8..7f091e0e7711 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -155,6 +155,8 @@ EXTRA_JS_MODULES += [ 'TabUnloader.jsm', 'ThemeVariableMap.jsm', 'TopSiteAttribution.jsm', + 'TorConnect.jsm', + 'TorProcessService.jsm', 'TorProtocolService.jsm', 'TorStrings.jsm', 'TransientPrefs.jsm', diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index e4a3c8d2d41c..d38e1001282b 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -8,6 +8,7 @@ # to the location of the actual manifest. skin/classic/browser/aboutNetError.css (../shared/aboutNetError.css) + skin/classic/browser/onionPattern.css (../shared/onionPattern.css) skin/classic/browser/blockedSite.css (../shared/blockedSite.css) skin/classic/browser/error-pages.css (../shared/error-pages.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) diff --git a/browser/themes/shared/onionPattern.css b/browser/themes/shared/onionPattern.css new file mode 100644 index 000000000000..c605a4b4f59e --- /dev/null +++ b/browser/themes/shared/onionPattern.css @@ -0,0 +1,124 @@ +/* Onion pattern */ + +:root { + --sqrt3: 1.73205080757; +} + +.onion-pattern-container { + opacity: var(--onion-opacity, 1); + flex: auto; /* grow to consume remaining space on the page */ + display: flex; + margin: 0 auto; + width: 100%; + height: calc((2 + var(--sqrt3)) * var(--onion-radius, 50px)); /* room for 2 rows of circles */ + max-height: calc((2 + var(--sqrt3)) * var(--onion-radius, 50px)); + direction: ltr; +} + +.onion-pattern-crop { + display: flex; + justify-content: center; + overflow-x: hidden; + pointer-events: none; /* for some reason, elements with overflow-x: hidden set become focusable */ + + margin: 0 auto; +} + +/* Centers horizontally within the root container*/ +.onion-pattern-column { + width: calc(40 * var(--onion-radius, 50px)); /* room for 20 circles in a row */ + height: calc((2 + var(--sqrt3)) * var(--onion-radius, 50px)); /* room for 2 rows of circles */ + flex-shrink: 0; + overflow-x: hidden; /* clip extra circles on the sides */ + pointer-events: none; /* for some reason, elements with overflow-x: hidden set become focusable */ +} + +.onion-pattern-row { + width: calc(40 * var(--onion-radius, 50px)); /* room for 20 circles in a row */ + display: flex; + flex-direction: row; + position: relative; +} + +.onion-pattern-offset-row { + left: calc(-1 * var(--onion-radius, 50px)); + margin-top: calc((var(--sqrt3) - 2.0) * var(--onion-radius, 50px)); +} + +/* With borders, circles are 100x100 pixels*/ +.circle { + position: relative; + min-width: calc(2 * var(--onion-radius, 50px)); + min-height: calc(2 * var(--onion-radius, 50px)); + border-radius: 50%; + box-sizing: border-box; +} + +.inner { + position: absolute; + box-sizing: border-box; + border-radius: 50%; +} + +.inner:nth-child(1){ + width: 100%; + height: 100%; +} + +.inner:nth-child(2){ + transform: translate(20%, 20%); + width: calc(100% * 5/7); + height: calc(100% * 5/7); +} + +.inner:nth-child(3){ + transform: translate(calc(100% * 2/3), calc(100% * 2/3)); + width: calc(100% * 3/7); + height: calc(100% * 3/7); +} + +.inner:nth-child(4){ + transform: translate(300%, 300%); + width: calc(100% * 1/7); + height: calc(100% * 1/7); +} + +.solid { + background-color: var(--onion-color, #000); +} + +.border { + border: 4px solid var(--onion-color, #000); +} + +.dashed { + border: 4px dashed var(--onion-color, #000); +} + +.dotted { + border: 4px dotted var(--onion-color, #000); +} + +.bold { + border: 8px solid var(--onion-color, #000); +} + +.top-half { + width: calc(2 * var(--onion-radius, 50px)); + height: var(--onion-radius, 50px); + border-radius: var(--onion-radius, 50px) var(--onion-radius, 50px) 0 0; + box-sizing: border-box; +} + +.bottom-half { + width: calc(2 * var(--onion-radius, 50px)); + height: var(--onion-radius, 50px); + border-radius: 0 0 var(--onion-radius, 50px) var(--onion-radius, 50px); + box-sizing: border-box; +} + +.scaler { + position: absolute; + left:0; + bottom:0; +} \ No newline at end of file diff --git a/browser/themes/shared/onionPattern.inc.xhtml b/browser/themes/shared/onionPattern.inc.xhtml new file mode 100644 index 000000000000..6bbde93684a2 --- /dev/null +++ b/browser/themes/shared/onionPattern.inc.xhtml @@ -0,0 +1,210 @@ + + +<div class="onion-pattern-container"> +  + <div class="onion-pattern-crop" tabindex="-1"> + <div class="onion-pattern-column" tabindex="-1"> + <div class="onion-pattern-row"> + <div class="circle solid"></div> + + <div class="circle dashed"></div> + + <div class="circle"> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + </div> + + <div class="circle"> + <div class="bottom-half solid"></div> + <div class="bottom-half dotted"></div> + </div> + + <div class="circle border"></div> + + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle solid"></div> + + <div class="circle"> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + </div> + + <div class="circle bold"></div> + + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle"> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + </div> + + <div class="circle bold"></div> + + <div class="circle"> + <div class="bottom-half solid"></div> + <div class="bottom-half solid"></div> + </div> + + <div class="circle"> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + </div> + + <div class="circle dotted"></div> + + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle solid"></div> + + <div class="circle"> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + </div> + + <div class="circle bold"></div> + + <div class="circle dashed"></div> + </div> + + <div class="onion-pattern-row onion-pattern-offset-row"> + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle"> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + </div> + + <div class="circle bold"></div> + + <div class="circle solid"></div> + + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle"> + <div class="top-half solid"></div> + <div class="top-half solid"></div> + </div> + + <div class="circle border"></div> + + <div class="circle dotted"></div> + + <div class="circle"> + <div class="top-half border"></div> + <div class="top-half dashed"></div> + </div> + + <div class="circle"> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + </div> + + <div class="circle"> + <div class="top-half dotted"></div> + <div class="top-half solid"></div> + </div> + + <div class="circle"> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + <div class="inner dashed"></div> + </div> + + <div class="circle dotted"></div> + + <div class="circle bold"></div> + + <div class="circle solid"></div> + + <div class="circle"> + <div class="top-half solid"></div> + <div class="top-half dotted"></div> + </div> + + <div class="circle"> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + </div> + + <div class="circle"> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + <div class="inner dotted"></div> + </div> + + <div class="circle"> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + <div class="inner border"></div> + </div> + + <div class="circle dotted"></div> + + <div class="circle"> + <div class="top-half solid"></div> + <div class="top-half solid"></div> + </div> + + <div class="circle dotted"></div> + </div> + </div> + </div> +</div> \ No newline at end of file diff --git a/browser/themes/shared/urlbar-searchbar.inc.css b/browser/themes/shared/urlbar-searchbar.inc.css index d3cc6bf7f024..297dbcdf444d 100644 --- a/browser/themes/shared/urlbar-searchbar.inc.css +++ b/browser/themes/shared/urlbar-searchbar.inc.css @@ -826,3 +826,5 @@ } %include ../../components/onionservices/content/onionlocation-urlbar.css +%include ../../components/torconnect/content/torconnect-urlbar.css + diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index afc872569519..e74851a6672c 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -16387,9 +16387,56 @@ void Document::RemoveToplevelLoadingDocument(Document* aDoc) { StylePrefersColorScheme Document::PrefersColorScheme( IgnoreRFP aIgnoreRFP) const { + + // tor-browser#27476 + // should this document ignore resist finger-printing settings with regards to + // setting the color scheme + // currently only enabled for about:torconnect but we could expand to other non- + // SystemPrincipal pages if we wish + const auto documentUsesPreferredColorScheme = [](auto const* constDocument) -> bool { + if (auto* document = const_cast<Document*>(constDocument); document != nullptr) { + auto uri = document->GetDocBaseURI(); + + // try and extract out our prepath and filepath portions of the uri to C-strings + nsAutoCString prePathStr, filePathStr; + if(NS_FAILED(uri->GetPrePath(prePathStr)) || + NS_FAILED(uri->GetFilePath(filePathStr))) { + return false; + } + + // stick them in string view for easy comparisons + std::string_view prePath(prePathStr.get(), prePathStr.Length()), + filePath(filePathStr.get(), filePathStr.Length()); + + // these about URIs will have the user's preferred color scheme exposed to them + // we can place other URIs here in the future if we wish + // see nsIURI.idl for URI part definitions + constexpr struct { + std::string_view prePath; + std::string_view filePath; + } allowedURIs[] = { + { "about:", "torconnect" }, + }; + + // check each uri in the allow list against this document's uri + // verify the prepath and the file path match + for(auto const& uri : allowedURIs) { + if (prePath == uri.prePath && + filePath == uri.filePath) { + // positive match means we can apply dark-mode to the page + return true; + } + } + } + + // do not allow if no match or other error + return false; + }; + if (aIgnoreRFP == IgnoreRFP::No && - nsContentUtils::ShouldResistFingerprinting(this)) { - return StylePrefersColorScheme::Light; + nsContentUtils::ShouldResistFingerprinting(this) && + !documentUsesPreferredColorScheme(this)) { + return StylePrefersColorScheme::Light; } if (nsPresContext* pc = GetPresContext()) { diff --git a/dom/base/nsGlobalWindowOuter.cpp b/dom/base/nsGlobalWindowOuter.cpp index abe1e56d9714..759060f131ff 100644 --- a/dom/base/nsGlobalWindowOuter.cpp +++ b/dom/base/nsGlobalWindowOuter.cpp @@ -6082,6 +6082,8 @@ void nsGlobalWindowOuter::CloseOuter(bool aTrustedCaller) { NS_ENSURE_SUCCESS_VOID(rv); if (!StringBeginsWith(url, NS_LITERAL_STRING("about:neterror")) && + // we want about:torconnect pages to be able to close themselves after bootstrap + !StringBeginsWith(url, NS_LITERAL_STRING("about:torconnect")) && !HadOriginalOpener() && !aTrustedCaller) { bool allowClose = mAllowScriptsToClose || diff --git a/toolkit/modules/AsyncPrefs.jsm b/toolkit/modules/AsyncPrefs.jsm index aca86556cd5e..b81ff5e22b9b 100644 --- a/toolkit/modules/AsyncPrefs.jsm +++ b/toolkit/modules/AsyncPrefs.jsm @@ -18,6 +18,8 @@ const kAllowedPrefs = new Set([ "testing.allowed-prefs.some-char-pref", "testing.allowed-prefs.some-int-pref", + "extensions.torlauncher.quickstart", + "narrate.rate", "narrate.voice", diff --git a/toolkit/modules/RemotePageAccessManager.jsm b/toolkit/modules/RemotePageAccessManager.jsm index eceaa7c857de..0927391c2ba7 100644 --- a/toolkit/modules/RemotePageAccessManager.jsm +++ b/toolkit/modules/RemotePageAccessManager.jsm @@ -96,6 +96,7 @@ let RemotePageAccessManager = { RPMPrefIsLocked: ["security.tls.version.min"], RPMAddToHistogram: ["*"], RPMGetTorStrings: ["*"], + RPMSendQuery: ["ShouldShowTorConnect"], }, "about:newinstall": { RPMGetUpdateChannel: ["*"], @@ -179,6 +180,31 @@ let RemotePageAccessManager = { RPMAddMessageListener: ["*"], RPMRemoveMessageListener: ["*"], }, + "about:torconnect": { + RPMAddMessageListener: ["*"], + RPMSendAsyncMessage: [ + "OpenTorAdvancedPreferences", + "TorRetrieveBootstrapStatus", + "TorStopBootstrap", + ], + RPMSendQuery: [ + "GetDirection", + "GetLocalizedBootstrapStatus", + "GetTorStrings", + "TorBootstrapErrorOccurred", + "TorConnect", + "TorCopyLog", + "TorIsNetworkDisabled", + "TorLogHasWarnOrErr", + ], + RPMGetBoolPref: [ + "extensions.torlauncher.quickstart", + "extensions.torlauncher.prompt_at_startup", + ], + RPMSetBoolPref: [ + "extensions.torlauncher.quickstart", + ], + }, }, /** diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 1fb397373151..79881cba42d6 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -12,6 +12,17 @@ const { AppConstants } = ChromeUtils.import( const { AUSTLMY } = ChromeUtils.import( "resource://gre/modules/UpdateTelemetry.jsm" ); + +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + +function _shouldRegisterBootstrapObserver(errorCode) { + return errorCode == PROXY_SERVER_CONNECTION_REFUSED && + !TorProtocolService.isBootstrapDone() && + TorProtocolService.ownsTorDaemon; +}; + const { Bits, BitsRequest, @@ -201,6 +212,7 @@ const INVALID_UPDATER_STATUS_CODE = 99; // Custom update error codes const BACKGROUNDCHECK_MULTIPLE_FAILURES = 110; const NETWORK_ERROR_OFFLINE = 111; +const PROXY_SERVER_CONNECTION_REFUSED = 2152398920; // Error codes should be < 1000. Errors above 1000 represent http status codes const HTTP_ERROR_OFFSET = 1000; @@ -2220,6 +2232,9 @@ UpdateService.prototype = { case "network:offline-status-changed": this._offlineStatusChanged(data); break; + case "torconnect:bootstrap-complete": + this._bootstrapComplete(); + break; case "nsPref:changed": if (data == PREF_APP_UPDATE_LOG || data == PREF_APP_UPDATE_LOG_FILE) { gLogEnabled; // Assigning this before it is lazy-loaded is an error. @@ -2640,6 +2655,35 @@ UpdateService.prototype = { this._attemptResume(); }, + _registerBootstrapObserver: function AUS__registerBootstrapObserver() { + if (this._registeredBootstrapObserver) { + LOG( + "UpdateService:_registerBootstrapObserver - observer already registered" + ); + return; + } + + LOG( + "UpdateService:_registerBootstrapObserver - waiting for tor bootstrap to " + + "be complete, then forcing another check" + ); + + Services.obs.addObserver(this, "torconnect:bootstrap-complete"); + this._registeredBootstrapObserver = true; + }, + + _bootstrapComplete: function AUS__bootstrapComplete() { + Services.obs.removeObserver(this, "torconnect:bootstrap-complete"); + this._registeredBootstrapObserver = false; + + LOG( + "UpdateService:_bootstrapComplete - bootstrapping complete, forcing " + + "another background check" + ); + + this._attemptResume(); + }, + onCheckComplete: function AUS_onCheckComplete(request, updates) { this._selectAndInstallUpdate(updates); }, @@ -2659,6 +2703,11 @@ UpdateService.prototype = { AUSTLMY.pingCheckCode(this._pingSuffix, AUSTLMY.CHK_OFFLINE); } return; + } else if (_shouldRegisterBootstrapObserver(update.errorCode)) { + // Register boostrap observer to try again, but only when we own the + // tor process. + this._registerBootstrapObserver(); + return; } // Send the error code to telemetry @@ -5189,6 +5238,7 @@ Downloader.prototype = { var state = this._patch.state; var shouldShowPrompt = false; var shouldRegisterOnlineObserver = false; + var shouldRegisterBootstrapObserver = false; var shouldRetrySoon = false; var deleteActiveUpdate = false; var retryTimeout = Services.prefs.getIntPref( @@ -5266,7 +5316,18 @@ Downloader.prototype = { ); shouldRegisterOnlineObserver = true; deleteActiveUpdate = false; - + } else if(_shouldRegisterBootstrapObserver(status)) { + // Register a bootstrap observer to try again. + // The bootstrap observer will continue the incremental download by + // calling downloadUpdate on the active update which continues + // downloading the file from where it was. + LOG("Downloader:onStopRequest - not bootstrapped, register bootstrap observer: true"); + AUSTLMY.pingDownloadCode( + this.isCompleteUpdate, + AUSTLMY.DWNLD_RETRY_OFFLINE + ); + shouldRegisterBootstrapObserver = true; + deleteActiveUpdate = false; // Each of NS_ERROR_NET_TIMEOUT, ERROR_CONNECTION_REFUSED, // NS_ERROR_NET_RESET and NS_ERROR_DOCUMENT_NOT_CACHED can be returned // when disconnecting the internet while a download of a MAR is in @@ -5384,7 +5445,7 @@ Downloader.prototype = { // Only notify listeners about the stopped state if we // aren't handling an internal retry. - if (!shouldRetrySoon && !shouldRegisterOnlineObserver) { + if (!shouldRetrySoon && !shouldRegisterOnlineObserver && !shouldRegisterBootstrapObserver) { // Make shallow copy in case listeners remove themselves when called. var listeners = this._listeners.concat(); var listenerCount = listeners.length; @@ -5532,6 +5593,9 @@ Downloader.prototype = { if (shouldRegisterOnlineObserver) { LOG("Downloader:onStopRequest - Registering online observer"); this.updateService._registerOnlineObserver(); + } else if (shouldRegisterBootstrapObserver) { + LOG("Downloader:onStopRequest - Registering bootstrap observer"); + this.updateService._registerBootstrapObserver(); } else if (shouldRetrySoon) { LOG("Downloader:onStopRequest - Retrying soon"); this.updateService._consecutiveSocketErrors++; diff --git a/toolkit/themes/shared/in-content/info-pages.inc.css b/toolkit/themes/shared/in-content/info-pages.inc.css index 6943a3340e35..5b3c911a5aab 100644 --- a/toolkit/themes/shared/in-content/info-pages.inc.css +++ b/toolkit/themes/shared/in-content/info-pages.inc.css @@ -41,10 +41,11 @@ body.wide-container { background-image: url("chrome://global/skin/icons/info.svg"); background-position: left 0; background-repeat: no-repeat; - background-size: 1.6em; - margin-inline-start: -2.3em; - padding-inline-start: 2.3em; - font-size: 2.2em; + background-size: 3.0em; + margin-inline-start: -4.5em; + padding-inline-start: 4.5em; + margin-bottom: -2.0em; + font-size: 1.5em; -moz-context-properties: fill; fill: currentColor; } @@ -56,7 +57,10 @@ body.wide-container { .title-text { font-size: inherit; - padding-bottom: 0.4em; + padding-bottom: 2.0em !important; + line-height: 1.0em; + font-weight: bold; + vertical-align: top; } @media (max-width: 970px) { @@ -68,6 +72,7 @@ body.wide-container { .title-text { padding-top: 0; + vertical-align: middle !important; } } diff --git a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js index 2ff107b553b2..f8fa83574df7 100644 --- a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js +++ b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js @@ -70,6 +70,10 @@ function getGlobalScriptIncludes(scriptPath) { let match = line.match(globalScriptsRegExp); if (match) { let sourceFile = match[1] + .replace( + "chrome://browser/content/torconnect/", + "browser/components/torconnect/content/" + ) .replace( "chrome://browser/content/search/", "browser/components/search/content/"

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1642754 - Update prompts should not depend on how update was initiated r=bytesized
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit ce4a0acd8a97a23fa194184808eefa3c1bd1126f Author: Mark Smith <mcs(a)pearlcrescent.com> Date: Wed Jun 17 19:24:09 2020 +0000 Bug 1642754 - Update prompts should not depend on how update was initiated r=bytesized Show update badge and doorhanger when entering the "pending" state for foreground updates. Differential Revision: https://phabricator.services.mozilla.com/D79903 --- toolkit/mozapps/update/UpdateService.jsm | 10 ++-------- .../browser/browser_aboutDialog_fc_downloadAuto.js | 18 +++++++++++++++++- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 8dd397f628f5..1dc86a073646 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -5002,8 +5002,6 @@ Downloader.prototype = { } } - // XXX ehsan shouldShowPrompt should always be false here. - // But what happens when there is already a UI showing? var state = this._patch.state; var shouldShowPrompt = false; var shouldRegisterOnlineObserver = false; @@ -5044,9 +5042,7 @@ Downloader.prototype = { } else { state = STATE_PENDING; } - if (this.background) { - shouldShowPrompt = !getCanStageUpdates(); - } + shouldShowPrompt = !getCanStageUpdates(); AUSTLMY.pingDownloadCode(this.isCompleteUpdate, AUSTLMY.DWNLD_SUCCESS); // Tell the updater.exe we're ready to apply. @@ -5329,9 +5325,7 @@ Downloader.prototype = { LOG( "Downloader:onStopRequest - failed to stage update. Exception: " + e ); - if (this.background) { - shouldShowPrompt = true; - } + shouldShowPrompt = true; } } } diff --git a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js index 6a8835251dec..be65ce8ddef1 100644 --- a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js +++ b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js @@ -15,7 +15,7 @@ add_task(async function aboutDialog_foregroundCheck_downloadAuto() { // Since the partial should be successful specify an invalid size for the // complete update. - let params = { queryString: "&invalidCompleteSize=1" }; + let params = { queryString: "&invalidCompleteSize=1&promptWaitTime=0" }; await runAboutDialogUpdateTest(params, [ { panelId: "checkingForUpdates", @@ -28,6 +28,22 @@ add_task(async function aboutDialog_foregroundCheck_downloadAuto() { continueFile: CONTINUE_DOWNLOAD, downloadInfo, }, + async function aboutDialog_restart_notification() { + is( + PanelUI.notificationPanel.state, + "closed", + "The window's doorhanger is closed." + ); + ok( + PanelUI.menuButton.hasAttribute("badge-status"), + "The window has a badge." + ); + is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-restart", + "The restart badge is showing for the background window" + ); + }, { panelId: "apply", checkActiveUpdate: { state: STATE_PENDING },

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1642404 - add an option to show that an update is being downloaded r=bytesized, fluent-reviewers, flod
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 829fa204308052b43a3fc8bca4309cd0187e44cf Author: Mark Smith <mcs(a)pearlcrescent.com> Date: Mon Jun 22 20:24:46 2020 +0000 Bug 1642404 - add an option to show that an update is being downloaded r=bytesized,fluent-reviewers,flod Add support for a hidden preference named app.update.notifyDuringDownload that, when set to true, causes a "Downloading update" message to appear in the app menu during a MAR download. Clicking the message opens the about box so the user can see detailed progress information. Differential Revision: https://phabricator.services.mozilla.com/D77688 --- browser/app/profile/firefox.js | 4 ++ browser/components/BrowserGlue.jsm | 1 + .../customizableui/content/panelUI.inc.xhtml | 2 + .../components/customizableui/content/panelUI.js | 5 ++ .../test/browser_panelUINotifications.js | 62 ++++++++++++++++++++++ browser/locales/en-US/browser/appmenu.ftl | 2 + .../themes/shared/customizableui/panelUI.inc.css | 3 ++ browser/themes/shared/notification-icons.inc.css | 1 + browser/themes/shared/toolbarbutton-icons.inc.css | 1 + toolkit/mozapps/update/UpdateListener.jsm | 50 +++++++++++------ toolkit/mozapps/update/UpdateService.jsm | 27 ++++++++++ .../mozapps/update/tests/browser/browser.bits.ini | 1 + toolkit/mozapps/update/tests/browser/browser.ini | 1 + .../update/tests/browser/browser.legacy.bits.ini | 1 + .../update/tests/browser/browser.legacy.ini | 1 + .../browser/browser_aboutDialog_bc_downloading.js | 17 ++++++ .../browser_aboutDialog_bc_downloading_notify.js | 58 ++++++++++++++++++++ toolkit/mozapps/update/tests/data/shared.js | 1 + 18 files changed, 222 insertions(+), 16 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index a7e0bd808254..479c68efdd8c 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -131,6 +131,10 @@ pref("app.update.download.promptMaxAttempts", 2); // download a fresh installer. pref("app.update.elevation.promptMaxAttempts", 2); +// If set to true, a message will be displayed in the hamburger menu while +// an update is being downloaded. +pref("app.update.notifyDuringDownload", false); + // If set to true, the Update Service will automatically download updates if the // user can apply updates. This pref is no longer used on Windows, except as the // default value to migrate to the new location that this data is now stored diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 70f5ad8b85e4..0a3555f26432 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -769,6 +769,7 @@ const global = this; const listeners = { observers: { + "update-downloading": ["UpdateListener"], "update-staged": ["UpdateListener"], "update-downloaded": ["UpdateListener"], "update-available": ["UpdateListener"], diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index e5c9c00c35e4..3a8b74b0a9f3 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -223,6 +223,8 @@ <vbox class="panel-subview-body"> <vbox id="appMenu-addon-banners"/> <toolbarbutton id="appMenu-update-banner" class="panel-banner-item" + data-l10n-id="appmenuitem-update-banner" + data-l10n-attrs="label-update-downloading" label-update-available="&updateAvailable.panelUI.label;" label-update-manual="&updateManual.panelUI.label;" label-update-unsupported="&updateUnsupported.panelUI.label;" diff --git a/browser/components/customizableui/content/panelUI.js b/browser/components/customizableui/content/panelUI.js index 1f6ed5caf839..a81be30f3ec7 100644 --- a/browser/components/customizableui/content/panelUI.js +++ b/browser/components/customizableui/content/panelUI.js @@ -65,6 +65,7 @@ const PanelUI = { Services.obs.addObserver(this, "fullscreen-nav-toolbox"); Services.obs.addObserver(this, "appMenu-notifications"); + Services.obs.addObserver(this, "show-update-progress"); XPCOMUtils.defineLazyPreferenceGetter( this, @@ -182,6 +183,7 @@ const PanelUI = { Services.obs.removeObserver(this, "fullscreen-nav-toolbox"); Services.obs.removeObserver(this, "appMenu-notifications"); + Services.obs.removeObserver(this, "show-update-progress"); window.removeEventListener("MozDOMFullscreen:Entered", this); window.removeEventListener("MozDOMFullscreen:Exited", this); @@ -271,6 +273,9 @@ const PanelUI = { this._notifications = AppMenuNotifications.notifications; this._updateNotifications(true); break; + case "show-update-progress": + openAboutDialog(); + break; } }, diff --git a/browser/components/customizableui/test/browser_panelUINotifications.js b/browser/components/customizableui/test/browser_panelUINotifications.js index 39ae5435c453..cab471bc946f 100644 --- a/browser/components/customizableui/test/browser_panelUINotifications.js +++ b/browser/components/customizableui/test/browser_panelUINotifications.js @@ -156,6 +156,68 @@ add_task(async function testSecondaryActionWorkflow() { }); }); +/** + * This tests that the PanelUI update downloading badge and banner + * notification are correctly displayed and that clicking the banner + * item calls the main action. + */ +add_task(async function testDownloadingBadge() { + let options = { + gBrowser: window.gBrowser, + url: "about:blank", + }; + + await BrowserTestUtils.withNewTab(options, async function(browser) { + let mainActionCalled = false; + let mainAction = { + callback: () => { + mainActionCalled = true; + }, + }; + // The downloading notification is always displayed in a dismissed state. + AppMenuNotifications.showNotification( + "update-downloading", + mainAction, + undefined, + { dismissed: true } + ); + is(PanelUI.notificationPanel.state, "closed", "doorhanger is closed."); + + is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is displaying on PanelUI button." + ); + + await gCUITestUtils.openMainMenu(); + isnot( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is hidden on PanelUI button." + ); + let menuItem = PanelUI.mainView.querySelector(".panel-banner-item"); + is( + menuItem.label, + menuItem.getAttribute("label-update-downloading"), + "Showing correct label (downloading)" + ); + is(menuItem.hidden, false, "update-downloading menu item is showing."); + + await gCUITestUtils.hideMainMenu(); + is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is shown on PanelUI button." + ); + + await gCUITestUtils.openMainMenu(); + menuItem.click(); + ok(mainActionCalled, "Main action callback was called"); + + AppMenuNotifications.removeNotification(/.*/); + }); +}); + /** * We want to ensure a few things with this: * - Adding a doorhanger will make a badge disappear diff --git a/browser/locales/en-US/browser/appmenu.ftl b/browser/locales/en-US/browser/appmenu.ftl index 12fd2bec3e6a..3026b2597287 100644 --- a/browser/locales/en-US/browser/appmenu.ftl +++ b/browser/locales/en-US/browser/appmenu.ftl @@ -4,6 +4,8 @@ ## App Menu +appmenuitem-update-banner = + .label-update-downloading = Downloading { -brand-shorter-name } update appmenuitem-protection-dashboard-title = Protections Dashboard appmenuitem-customize-mode = .label = Customize… diff --git a/browser/themes/shared/customizableui/panelUI.inc.css b/browser/themes/shared/customizableui/panelUI.inc.css index 8a24f03c0ad6..c991daee0759 100644 --- a/browser/themes/shared/customizableui/panelUI.inc.css +++ b/browser/themes/shared/customizableui/panelUI.inc.css @@ -67,6 +67,7 @@ } #PanelUI-menu-button[badge-status="update-available"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, +#PanelUI-menu-button[badge-status="update-downloading"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, #PanelUI-menu-button[badge-status="update-manual"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, #PanelUI-menu-button[badge-status="update-restart"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, #PanelUI-menu-button[badge-status="update-unsupported"] > .toolbarbutton-badge-stack > .toolbarbutton-badge { @@ -80,6 +81,7 @@ } #PanelUI-menu-button[badge-status="update-available"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, +#PanelUI-menu-button[badge-status="update-downloading"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, #PanelUI-menu-button[badge-status="update-manual"] > .toolbarbutton-badge-stack > .toolbarbutton-badge, #PanelUI-menu-button[badge-status="update-restart"] > .toolbarbutton-badge-stack > .toolbarbutton-badge { background: #74BF43 url(chrome://browser/skin/update-badge.svg) no-repeat center; @@ -90,6 +92,7 @@ } .panel-banner-item[notificationid="update-available"]::after, +.panel-banner-item[notificationid="update-downloading"]::after, .panel-banner-item[notificationid="update-manual"]::after, .panel-banner-item[notificationid="update-restart"]::after { background: #74BF43 url(chrome://browser/skin/update-badge.svg) no-repeat center; diff --git a/browser/themes/shared/notification-icons.inc.css b/browser/themes/shared/notification-icons.inc.css index 74d861200f45..f17ddae9dc79 100644 --- a/browser/themes/shared/notification-icons.inc.css +++ b/browser/themes/shared/notification-icons.inc.css @@ -401,6 +401,7 @@ html|*#webRTC-previewVideo { /* UPDATE */ .popup-notification-icon[popupid="update-available"], +.popup-notification-icon[popupid="update-downloading"], .popup-notification-icon[popupid="update-manual"], .popup-notification-icon[popupid="update-restart"] { background: #74BF43 url(chrome://browser/skin/notification-icons/update.svg) no-repeat center; diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css b/browser/themes/shared/toolbarbutton-icons.inc.css index 998537e1f57d..9514eb1d5338 100644 --- a/browser/themes/shared/toolbarbutton-icons.inc.css +++ b/browser/themes/shared/toolbarbutton-icons.inc.css @@ -290,6 +290,7 @@ toolbar[brighttext] { } #PanelUI-menu-button[badge-status="update-available"], +#PanelUI-menu-button[badge-status="update-downloading"], #PanelUI-menu-button[badge-status="update-manual"], #PanelUI-menu-button[badge-status="update-restart"] { list-style-image: url("chrome://browser/skin/menu-badged.svg"); diff --git a/toolkit/mozapps/update/UpdateListener.jsm b/toolkit/mozapps/update/UpdateListener.jsm index 17919e914b11..110640628771 100644 --- a/toolkit/mozapps/update/UpdateListener.jsm +++ b/toolkit/mozapps/update/UpdateListener.jsm @@ -113,16 +113,18 @@ var UpdateListener = { mainAction, beforeShowDoorhanger ) { + const addTelemetry = id => { + // No telemetry for the "downloading" state. + if (type !== "downloading") { + Services.telemetry.getHistogramById(id).add(type); + } + }; let action = { callback(win, fromDoorhanger) { if (fromDoorhanger) { - Services.telemetry - .getHistogramById("UPDATE_NOTIFICATION_MAIN_ACTION_DOORHANGER") - .add(type); + addTelemetry("UPDATE_NOTIFICATION_MAIN_ACTION_DOORHANGER"); } else { - Services.telemetry - .getHistogramById("UPDATE_NOTIFICATION_MAIN_ACTION_MENU") - .add(type); + addTelemetry("UPDATE_NOTIFICATION_MAIN_ACTION_MENU"); } mainAction(win); }, @@ -131,13 +133,10 @@ var UpdateListener = { let secondaryAction = { callback() { - Services.telemetry - .getHistogramById("UPDATE_NOTIFICATION_DISMISSED") - .add(type); + addTelemetry("UPDATE_NOTIFICATION_DISMISSED"); }, dismiss: true, }; - AppMenuNotifications.showNotification( "update-" + type, action, @@ -145,13 +144,9 @@ var UpdateListener = { { dismissed, beforeShowDoorhanger } ); if (dismissed) { - Services.telemetry - .getHistogramById("UPDATE_NOTIFICATION_BADGE_SHOWN") - .add(type); + addTelemetry("UPDATE_NOTIFICATION_BADGE_SHOWN"); } else { - Services.telemetry - .getHistogramById("UPDATE_NOTIFICATION_SHOWN") - .add(type); + addTelemetry("UPDATE_NOTIFICATION_SHOWN"); } }, @@ -205,6 +200,15 @@ var UpdateListener = { } }, + showUpdateDownloadingNotification() { + this.showUpdateNotification("downloading", true, true, () => { + // The user clicked on the "Downloading update" app menu item. + // Code in browser/components/customizableui/content/panelUI.js + // receives the following notification and opens the about dialog. + Services.obs.notifyObservers(null, "show-update-progress"); + }); + }, + handleUpdateError(update, status) { switch (status) { case "download-attempt-failed": @@ -287,6 +291,17 @@ var UpdateListener = { } }, + handleUpdateDownloading(status) { + switch (status) { + case "downloading": + this.showUpdateDownloadingNotification(); + break; + case "idle": + this.reset(); + break; + } + }, + observe(subject, topic, status) { let update = subject && subject.QueryInterface(Ci.nsIUpdate); @@ -299,6 +314,9 @@ var UpdateListener = { } this.handleUpdateAvailable(update, status); break; + case "update-downloading": + this.handleUpdateDownloading(status); + break; case "update-staged": case "update-downloaded": // An update check has found an update and downloaded / staged the diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 0cc26f683078..8dd397f628f5 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -59,6 +59,7 @@ const PREF_APP_UPDATE_ELEVATE_ATTEMPTS = "app.update.elevate.attempts"; const PREF_APP_UPDATE_ELEVATE_MAXATTEMPTS = "app.update.elevate.maxAttempts"; const PREF_APP_UPDATE_LOG = "app.update.log"; const PREF_APP_UPDATE_LOG_FILE = "app.update.log.file"; +const PREF_APP_UPDATE_NOTIFYDURINGDOWNLOAD = "app.update.notifyDuringDownload"; const PREF_APP_UPDATE_PROMPTWAITTIME = "app.update.promptWaitTime"; const PREF_APP_UPDATE_SERVICE_ENABLED = "app.update.service.enabled"; const PREF_APP_UPDATE_SERVICE_ERRORS = "app.update.service.errors"; @@ -4446,6 +4447,24 @@ Downloader.prototype = { return selectedPatch; }, + /** + * Whether or not the user wants to be notified that an update is being + * downloaded. + */ + get _notifyDuringDownload() { + return Services.prefs.getBoolPref( + PREF_APP_UPDATE_NOTIFYDURINGDOWNLOAD, + false + ); + }, + + _notifyDownloadStatusObservers: function Downloader_notifyDownloadStatusObservers() { + if (this._notifyDuringDownload) { + let status = this.updateService.isDownloading ? "downloading" : "idle"; + Services.obs.notifyObservers(this._update, "update-downloading", status); + } + }, + /** * Whether or not we are currently downloading something. */ @@ -4687,6 +4706,9 @@ Downloader.prototype = { .getService(Ci.nsIUpdateManager) .saveUpdates(); } + + this._notifyDownloadStatusObservers(); + return STATE_DOWNLOADING; }, @@ -5193,6 +5215,11 @@ Downloader.prototype = { this._request = null; + // This notification must happen after _request is set to null so that + // the correct this.updateService.isDownloading value is available in + // _notifyDownloadStatusObservers(). + this._notifyDownloadStatusObservers(); + if (state == STATE_DOWNLOAD_FAILED) { var allFailed = true; // If we haven't already, attempt to download without BITS diff --git a/toolkit/mozapps/update/tests/browser/browser.bits.ini b/toolkit/mozapps/update/tests/browser/browser.bits.ini index 9355e22550f2..5a44d1e0f6bf 100644 --- a/toolkit/mozapps/update/tests/browser/browser.bits.ini +++ b/toolkit/mozapps/update/tests/browser/browser.bits.ini @@ -21,6 +21,7 @@ prefs = # About Dialog Application Update Tests [browser_aboutDialog_bc_downloading.js] [browser_aboutDialog_bc_downloading_staging.js] +[browser_aboutDialog_bc_downloading_notify.js] [browser_aboutDialog_bc_downloaded.js] [browser_aboutDialog_bc_downloaded_staging.js] [browser_aboutDialog_bc_downloaded_staged.js] diff --git a/toolkit/mozapps/update/tests/browser/browser.ini b/toolkit/mozapps/update/tests/browser/browser.ini index 5ce14c9c2633..c4f3fd055bbf 100644 --- a/toolkit/mozapps/update/tests/browser/browser.ini +++ b/toolkit/mozapps/update/tests/browser/browser.ini @@ -15,6 +15,7 @@ prefs = # About Dialog Application Update Tests [browser_aboutDialog_bc_downloading.js] [browser_aboutDialog_bc_downloading_staging.js] +[browser_aboutDialog_bc_downloading_notify.js] [browser_aboutDialog_bc_downloaded.js] [browser_aboutDialog_bc_downloaded_staging.js] [browser_aboutDialog_bc_downloaded_stagingFailure.js] diff --git a/toolkit/mozapps/update/tests/browser/browser.legacy.bits.ini b/toolkit/mozapps/update/tests/browser/browser.legacy.bits.ini index 7bf1f706a5b7..555eaea82cd6 100644 --- a/toolkit/mozapps/update/tests/browser/browser.legacy.bits.ini +++ b/toolkit/mozapps/update/tests/browser/browser.legacy.bits.ini @@ -20,6 +20,7 @@ prefs = # About Dialog Application Update Tests [browser_aboutDialog_bc_downloading.js] [browser_aboutDialog_bc_downloading_staging.js] +[browser_aboutDialog_bc_downloading_notify.js] [browser_aboutDialog_bc_downloaded.js] [browser_aboutDialog_bc_downloaded_staging.js] [browser_aboutDialog_bc_downloaded_staged.js] diff --git a/toolkit/mozapps/update/tests/browser/browser.legacy.ini b/toolkit/mozapps/update/tests/browser/browser.legacy.ini index 0cf61d64f42e..e3f681f53236 100644 --- a/toolkit/mozapps/update/tests/browser/browser.legacy.ini +++ b/toolkit/mozapps/update/tests/browser/browser.legacy.ini @@ -14,6 +14,7 @@ prefs = # About Dialog Application Update Tests [browser_aboutDialog_bc_downloading.js] [browser_aboutDialog_bc_downloading_staging.js] +[browser_aboutDialog_bc_downloading_notify.js] [browser_aboutDialog_bc_downloaded.js] [browser_aboutDialog_bc_downloaded_staging.js] [browser_aboutDialog_bc_downloaded_stagingFailure.js] diff --git a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading.js b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading.js index 776d637512ad..67ddd65205da 100644 --- a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading.js +++ b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading.js @@ -6,6 +6,10 @@ // Test for About Dialog background check for updates // with the About Dialog opened during downloading. add_task(async function aboutDialog_backgroundCheck_downloading() { + await SpecialPowers.pushPrefEnv({ + set: [[PREF_APP_UPDATE_NOTIFYDURINGDOWNLOAD, false]], + }); + let downloadInfo = []; if (Services.prefs.getBoolPref(PREF_APP_UPDATE_BITS_ENABLED)) { downloadInfo[0] = { patchType: "partial", bitsResult: "0" }; @@ -21,6 +25,17 @@ add_task(async function aboutDialog_backgroundCheck_downloading() { waitForUpdateState: STATE_DOWNLOADING, }; await runAboutDialogUpdateTest(params, [ + async function aboutDialog_downloading() { + is( + PanelUI.notificationPanel.state, + "closed", + "The window's doorhanger is closed." + ); + ok( + !PanelUI.menuButton.hasAttribute("badge-status"), + "The window does not have a badge." + ); + }, { panelId: "downloading", checkActiveUpdate: { state: STATE_DOWNLOADING }, @@ -33,4 +48,6 @@ add_task(async function aboutDialog_backgroundCheck_downloading() { continueFile: null, }, ]); + + await SpecialPowers.popPrefEnv(); }); diff --git a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading_notify.js b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading_notify.js new file mode 100644 index 000000000000..cf427b149a54 --- /dev/null +++ b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_bc_downloading_notify.js @@ -0,0 +1,58 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +// Test for About Dialog background check for updates with the +// "notify during download" feature turned on. +add_task(async function aboutDialog_backgroundCheck_downloading_notify() { + await SpecialPowers.pushPrefEnv({ + set: [[PREF_APP_UPDATE_NOTIFYDURINGDOWNLOAD, true]], + }); + + let downloadInfo = []; + if (Services.prefs.getBoolPref(PREF_APP_UPDATE_BITS_ENABLED)) { + downloadInfo[0] = { patchType: "partial", bitsResult: "0" }; + } else { + downloadInfo[0] = { patchType: "partial", internalResult: "0" }; + } + + // Since the partial should be successful specify an invalid size for the + // complete update. + let params = { + queryString: "&useSlowDownloadMar=1&invalidCompleteSize=1", + backgroundUpdate: true, + waitForUpdateState: STATE_DOWNLOADING, + }; + await runAboutDialogUpdateTest(params, [ + async function aboutDialog_downloading_notification() { + is( + PanelUI.notificationPanel.state, + "closed", + "The window's doorhanger is closed." + ); + ok( + PanelUI.menuButton.hasAttribute("badge-status"), + "The window has a badge." + ); + is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "The downloading badge is showing for the background window" + ); + }, + { + panelId: "downloading", + checkActiveUpdate: { state: STATE_DOWNLOADING }, + continueFile: CONTINUE_DOWNLOAD, + downloadInfo, + }, + { + panelId: "apply", + checkActiveUpdate: { state: STATE_PENDING }, + continueFile: null, + }, + ]); + + await SpecialPowers.popPrefEnv(); +}); diff --git a/toolkit/mozapps/update/tests/data/shared.js b/toolkit/mozapps/update/tests/data/shared.js index 51d9de99d7f2..5106aa5fc7a2 100644 --- a/toolkit/mozapps/update/tests/data/shared.js +++ b/toolkit/mozapps/update/tests/data/shared.js @@ -40,6 +40,7 @@ const PREF_APP_UPDATE_INTERVAL = "app.update.interval"; const PREF_APP_UPDATE_LASTUPDATETIME = "app.update.lastUpdateTime.background-update-timer"; const PREF_APP_UPDATE_LOG = "app.update.log"; +const PREF_APP_UPDATE_NOTIFYDURINGDOWNLOAD = "app.update.notifyDuringDownload"; const PREF_APP_UPDATE_PROMPTWAITTIME = "app.update.promptWaitTime"; const PREF_APP_UPDATE_RETRYTIMEOUT = "app.update.socket.retryTimeout"; const PREF_APP_UPDATE_SERVICE_ENABLED = "app.update.service.enabled";

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 1585470 - Remove duplicate cpu-features.c definition when building GV without webrtc r=glandium
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 376be5b110ec6c50971f48b7a151094850e20172 Author: Matthew Finkel <Matthew.Finkel(a)gmail.com> Date: Thu Jul 9 19:10:34 2020 +0000 Bug 1585470 - Remove duplicate cpu-features.c definition when building GV without webrtc r=glandium Differential Revision: https://phabricator.services.mozilla.com/D82120 --- media/libaom/moz.build | 5 ----- 1 file changed, 5 deletions(-) diff --git a/media/libaom/moz.build b/media/libaom/moz.build index 2dec3de4581c..0b3ba0707df9 100644 --- a/media/libaom/moz.build +++ b/media/libaom/moz.build @@ -84,11 +84,6 @@ if CONFIG['OS_TARGET'] == 'Android': # the OS they're on, so do it for them. DEFINES['__linux__'] = True - if not CONFIG['MOZ_WEBRTC']: - SOURCES += [ - '%%%s/sources/android/cpufeatures/cpu-features.c' % CONFIG['ANDROID_NDK'], - ] - for f in SOURCES: if f.endswith('sse2.c'): SOURCES[f].flags += CONFIG['SSE2_FLAGS']

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] TB3: Tor Browser's official .mozconfigs.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 39ccb88c03e34821e04b91a9c507afa28bf3be1a Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Mon May 6 15:51:06 2013 -0700 TB3: Tor Browser's official .mozconfigs. Also: Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24 Changes needed to build Mac in 64bit Bug 10715: Enable Webgl for mingw-w64 again. Disable ICU when cross-compiling; clean-up. Bug 15773: Enable ICU on OS X Bug 15990: Don't build the sandbox with mingw-w64 Bug 12761: Switch to ESR 38 for OS X Updating .mozconfig-asan Bug 12516: Compile hardenend Tor Browser with -fwrapv Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 13419: Add back ICU for Windows Bug 21239: Use GTK2 for ESR52 Linux builds Bug 23025: Add hardening flags for macOS Bug 24478: Enable debug assertions and tests in our ASan builds --enable-proxy-bypass-protection Bug 27597: ASan build option in tor-browser-build is broken Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 21849: Don't allow SSL key logging. Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 25741 - TBA: Disable features at compile-time MOZ_NATIVE_DEVICES for casting and the media player MOZ_TELEMETRY_REPORTING for telemetry MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo) Bug 25741 - TBA: Add default configure options in dedicated file Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 29859: Disable HLS support for now Add --disable-tor-launcher build option Add --enable-tor-browser-update build option Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40061: Omit the Windows default browser agent from the build Bug 40107: Adapt .mozconfig-asan for ESR 78 Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files --- .mozconfig | 39 ++++++++++++++++++++++++ .mozconfig-android | 36 ++++++++++++++++++++++ .mozconfig-asan | 45 ++++++++++++++++++++++++++++ .mozconfig-mac | 56 +++++++++++++++++++++++++++++++++++ .mozconfig-mingw | 31 +++++++++++++++++++ browser/base/moz.build | 3 ++ browser/installer/Makefile.in | 8 +++++ browser/moz.configure | 8 ++--- build/moz.configure/old.configure | 6 ++++ mobile/android/confvars.sh | 9 ++++++ mobile/android/geckoview/build.gradle | 1 + mobile/android/moz.configure | 17 +++++++++-- mobile/android/torbrowser.configure | 30 +++++++++++++++++++ old-configure.in | 49 ++++++++++++++++++++++++++++++ security/moz.build | 2 +- security/nss/lib/ssl/Makefile | 2 +- toolkit/modules/AppConstants.jsm | 9 ++++++ toolkit/modules/moz.build | 3 ++ 18 files changed, 346 insertions(+), 8 deletions(-) diff --git a/.mozconfig b/.mozconfig new file mode 100755 index 000000000000..18cd1f9b6487 --- /dev/null +++ b/.mozconfig @@ -0,0 +1,39 @@ +. $topsrcdir/browser/config/mozconfig + +# This mozconfig file is not used in official Tor Browser builds. +# It is only intended to be used when doing incremental Linux builds +# during development. The platform-specific mozconfig configuration +# files used in official Tor Browser releases can be found in the +# tor-browser-build repo: +# https://gitweb.torproject.org/builders/tor-browser-build.git/ +# under: +# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd +ac_add_options --enable-official-branding + +# Let's support GTK3 for ESR60 +ac_add_options --enable-default-toolkit=cairo-gtk3 + +ac_add_options --disable-strip +ac_add_options --disable-install-strip +ac_add_options --disable-tests +ac_add_options --disable-debug +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= + +ac_add_options --disable-tor-launcher +ac_add_options --with-tor-browser-version=dev-build +ac_add_options --disable-tor-browser-update diff --git a/.mozconfig-android b/.mozconfig-android new file mode 100755 index 000000000000..50015ec615ef --- /dev/null +++ b/.mozconfig-android @@ -0,0 +1,36 @@ +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd +ac_add_options --enable-official-branding + +# Android +ac_add_options --enable-application=mobile/android +ac_add_options --target=arm-linux-androideabi +ac_add_options --with-android-ndk="$NDK_BASE" #Enter the android ndk location(ndk r17b) +ac_add_options --with-android-sdk="$SDK_BASE" #Enter the android sdk location +ac_add_options --with-branding=mobile/android/branding/alpha + +# Use Mozilla's Clang blobs +CC="$HOME/.mozbuild/clang/bin/clang" +CXX="$HOME/.mozbuild/clang/bin/clang++" + +#enable ccache to set amount of cache assigned for build. +ac_add_options --with-ccache + +ac_add_options --enable-strip +ac_add_options --disable-tests +ac_add_options --disable-debug +ac_add_options --disable-rust-debug + +ac_add_options --disable-updater +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls + +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-asan b/.mozconfig-asan new file mode 100644 index 000000000000..98ea6ac6f3fe --- /dev/null +++ b/.mozconfig-asan @@ -0,0 +1,45 @@ +. $topsrcdir/browser/config/mozconfig + +export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc" +export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc" +# We need to add -ldl explicitely due to bug 1213698 +export LDFLAGS="-fsanitize=address -ldl" + +# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff +# (which is part of mar-tools and is not distributed to end-users) with +# ASan. See bug 17858. +export HOST_CFLAGS="" +export HOST_CXXFLAGS="" +export HOST_LDFLAGS="-ldl" + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 +export BINDGEN_CFLAGS='--gcc-toolchain=/var/tmp/dist/gcc' + +ac_add_options --enable-address-sanitizer +ac_add_options --disable-jemalloc +ac_add_options --disable-elf-hack +ac_add_options --with-clang-path=/var/tmp/dist/clang/bin/clang + +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd +ac_add_options --enable-official-branding + +# Let's support GTK3 for ESR60 +ac_add_options --enable-default-toolkit=cairo-gtk3 + +ac_add_options --enable-tor-browser-update + +ac_add_options --disable-strip +ac_add_options --disable-install-strip +ac_add_options --disable-tests +ac_add_options --disable-debug +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-mac b/.mozconfig-mac new file mode 100644 index 000000000000..26e2b6b92fdb --- /dev/null +++ b/.mozconfig-mac @@ -0,0 +1,56 @@ +# ld needs libLTO.so from llvm +mk_add_options "export LD_LIBRARY_PATH=$topsrcdir/clang/lib" + +CROSS_CCTOOLS_PATH=$topsrcdir/cctools +CROSS_SYSROOT=$topsrcdir/MacOSX10.7.sdk +CROSS_PRIVATE_FRAMEWORKS=$CROSS_SYSROOT/System/Library/PrivateFrameworks +HARDENING_FLAGS="-Werror=format -Werror=format-security -fstack-protector-strong -D_FORTIFY_SOURCE=2" +FLAGS="-target x86_64-apple-darwin10 -mlinker-version=136 -B $CROSS_CCTOOLS_PATH/bin -isysroot $CROSS_SYSROOT $HARDENING_FLAGS" + +export CC="$topsrcdir/clang/bin/clang $FLAGS" +export CXX="$topsrcdir/clang/bin/clang++ $FLAGS" +export CPP="$topsrcdir/clang/bin/clang $FLAGS -E" +export LLVMCONFIG=$topsrcdir/clang/bin/llvm-config +export LDFLAGS="-Wl,-syslibroot,$CROSS_SYSROOT -Wl,-dead_strip -Wl,-pie" +export TOOLCHAIN_PREFIX=$CROSS_CCTOOLS_PATH/bin/x86_64-apple-darwin10- +#TODO: bug 1184202 - would be nice if these could be detected with TOOLCHAIN_PREFIX automatically +export AR=${TOOLCHAIN_PREFIX}ar +export RANLIB=${TOOLCHAIN_PREFIX}ranlib +export STRIP=${TOOLCHAIN_PREFIX}strip +export OTOOL=${TOOLCHAIN_PREFIX}otool +export DSYMUTIL=$topsrcdir/clang/bin/llvm-dsymutil + +export HOST_CC="$topsrcdir/clang/bin/clang" +export HOST_CXX="$topsrcdir/clang/bin/clang++" +export HOST_CPP="$topsrcdir/clang/bin/clang -E" +export HOST_CFLAGS="-g" +export HOST_CXXFLAGS="-g" +export HOST_LDFLAGS="-g" + +ac_add_options --target=x86_64-apple-darwin +ac_add_options --with-macos-private-frameworks=$CROSS_PRIVATE_FRAMEWORKS + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-macos +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-application=browser +ac_add_options --enable-strip +ac_add_options --enable-official-branding +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd +ac_add_options --disable-debug + +ac_add_options --enable-tor-browser-data-outside-app-dir +ac_add_options --enable-tor-browser-update + +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-tests +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-mingw b/.mozconfig-mingw new file mode 100644 index 000000000000..3ec6ff18a3e9 --- /dev/null +++ b/.mozconfig-mingw @@ -0,0 +1,31 @@ +CROSS_COMPILE=1 + +ac_add_options --enable-application=browser +ac_add_options --target=i686-w64-mingw32 +ac_add_options --with-toolchain-prefix=i686-w64-mingw32- +ac_add_options --enable-default-toolkit=cairo-windows +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-mingw +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --disable-debug +ac_add_options --enable-optimize +ac_add_options --enable-rust-simd +ac_add_options --enable-strip +ac_add_options --enable-official-branding + +ac_add_options --enable-tor-browser-update +ac_add_options --disable-bits-download + +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --disable-crashreporter +ac_add_options --disable-maintenance-service +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-tests +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= +ac_add_options --disable-default-browser-agent diff --git a/browser/base/moz.build b/browser/base/moz.build index e136e0986a3c..ebb4cbf79fd0 100644 --- a/browser/base/moz.build +++ b/browser/base/moz.build @@ -71,4 +71,7 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk', 'cocoa'): if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk'): DEFINES['MENUBAR_CAN_AUTOHIDE'] = 1 +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['TOR_BROWSER_UPDATE'] = 1 + JAR_MANIFESTS += ['jar.mn'] diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in index b861ad214a64..0325f0ffab9a 100644 --- a/browser/installer/Makefile.in +++ b/browser/installer/Makefile.in @@ -82,6 +82,14 @@ endif endif endif +ifdef TOR_BROWSER_DISABLE_TOR_LAUNCHER +DEFINES += -DTOR_BROWSER_DISABLE_TOR_LAUNCHER +endif + +ifdef TOR_BROWSER_UPDATE +DEFINES += -DTOR_BROWSER_UPDATE +endif + ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET))) DEFINES += -DMOZ_SHARED_MOZGLUE=1 endif diff --git a/browser/moz.configure b/browser/moz.configure index a251050feb9b..3b6b377235ca 100644 --- a/browser/moz.configure +++ b/browser/moz.configure @@ -5,11 +5,11 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. imply_option('MOZ_PLACES', True) -imply_option('MOZ_SERVICES_HEALTHREPORT', True) +imply_option('MOZ_SERVICES_HEALTHREPORT', False) imply_option('MOZ_SERVICES_SYNC', True) -imply_option('MOZ_DEDICATED_PROFILES', True) -imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', True) -imply_option('MOZ_NORMANDY', True) +imply_option('MOZ_DEDICATED_PROFILES', False) +imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', False) +imply_option('MOZ_NORMANDY', False) with only_when(target_is_linux & compile_environment): option(env='MOZ_NO_PIE_COMPAT', diff --git a/build/moz.configure/old.configure b/build/moz.configure/old.configure index 136abbcafa69..9b663a1bf4f1 100644 --- a/build/moz.configure/old.configure +++ b/build/moz.configure/old.configure @@ -248,6 +248,12 @@ def old_configure_options(*options): '--with-user-appdir', '--x-includes', '--x-libraries', + + # Tor additions. + '--with-tor-browser-version', + '--enable-tor-browser-update', + '--enable-tor-browser-data-outside-app-dir', + '--enable-tor-launcher', ) def prepare_configure_options(host, target, all_options, *options): # old-configure only supports the options listed in @old_configure_options diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh index 77191834d240..47a6a8dbae1d 100644 --- a/mobile/android/confvars.sh +++ b/mobile/android/confvars.sh @@ -30,9 +30,18 @@ MOZ_ANDROID_BROWSER_INTENT_CLASS=org.mozilla.gecko.BrowserApp MOZ_NO_SMART_CARDS=1 +# Adds MIME-type support for raw video MOZ_RAW=1 # use custom widget for html:select MOZ_USE_NATIVE_POPUP_WINDOWS=1 MOZ_APP_ID={aa3c5121-dab2-40e2-81ca-7ea25febc110} + +### Tor Browser for Android ### + +# Disable telemetry at compile-time +unset MOZ_TELEMETRY_REPORTING + +# Disable data reporting at compile-time +unset MOZ_DATA_REPORTING diff --git a/mobile/android/geckoview/build.gradle b/mobile/android/geckoview/build.gradle index 82d36c179c92..c1b51537031d 100644 --- a/mobile/android/geckoview/build.gradle +++ b/mobile/android/geckoview/build.gradle @@ -92,6 +92,7 @@ android { buildConfigField 'String', "MOZ_APP_DISPLAYNAME", "\"${mozconfig.substs.MOZ_APP_DISPLAYNAME}\""; buildConfigField 'String', "MOZ_APP_UA_NAME", "\"${mozconfig.substs.MOZ_APP_UA_NAME}\""; buildConfigField 'String', "MOZ_UPDATE_CHANNEL", "\"${mozconfig.substs.MOZ_UPDATE_CHANNEL}\""; + buildConfigField 'String', "TOR_BROWSER_VERSION", "\"${mozconfig.substs.TOR_BROWSER_VERSION}\""; // MOZILLA_VERSION is oddly quoted from autoconf, but we don't have to handle it specially in Gradle. buildConfigField 'String', "MOZILLA_VERSION", "\"${mozconfig.substs.MOZILLA_VERSION}\""; diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure index fa510f0a57d3..f7b4df4ac24a 100644 --- a/mobile/android/moz.configure +++ b/mobile/android/moz.configure @@ -10,7 +10,7 @@ project_flag('MOZ_ANDROID_EXCLUDE_FONTS', project_flag('MOZ_ANDROID_HLS_SUPPORT', help='Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)', - default=True) + default=False) option(env='FENNEC_NIGHTLY', help='Enable experimental code for Fennec Nightly users. NOTE: This is *not* equivalent ' @@ -26,9 +26,12 @@ def fennec_nightly(nightly): return bool(nightly) imply_option('MOZ_NORMANDY', False) -imply_option('MOZ_SERVICES_HEALTHREPORT', True) imply_option('MOZ_ANDROID_HISTORY', True) imply_option('--enable-small-chunk-size', True) +# Comment this so we can imply |False| in torbrowser.configure +# The Build system doesn't allow multiple imply_option() +# calls with the same key. +#imply_option('MOZ_SERVICES_HEALTHREPORT', True) @depends(target) def check_target(target): @@ -39,6 +42,8 @@ def check_target(target): 'Build_Instructions/Simple_Firefox_for_Android_build ' 'for more information about the necessary options.') +include('torbrowser.configure') + include('../../toolkit/moz.configure') include('../../build/moz.configure/android-sdk.configure') include('../../build/moz.configure/java.configure') @@ -50,3 +55,11 @@ option(env='MOZ_ANDROID_FAT_AAR_ARCHITECTURES', help='Comma-separated list of Android CPU architectures like "armeabi-v7a,arm64-v8a,x86,x86_64"') set_config('MOZ_ANDROID_FAT_AAR_ARCHITECTURES', depends('MOZ_ANDROID_FAT_AAR_ARCHITECTURES')(lambda x: x)) + +project_flag('MOZ_ANDROID_NETWORK_STATE', + help='Include permission for accessing WiFi/network state on Android', + default=False) + +project_flag('MOZ_ANDROID_LOCATION', + help='Include permission for accessing fine and course-grain Location on Android', + default=False) diff --git a/mobile/android/torbrowser.configure b/mobile/android/torbrowser.configure new file mode 100644 index 000000000000..2ff6215eedc9 --- /dev/null +++ b/mobile/android/torbrowser.configure @@ -0,0 +1,30 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# Set Tor Browser default config + +imply_option('MOZ_ANDROID_EXCLUDE_FONTS', False) + +# Disable uploading crash reports and dump files to an external server +# This is still configured in old-configure. Uncomment when this moves +# to the python config +#imply_option('MOZ_CRASHREPORTER', False) + +# Disable uploading information about the browser configuration and +# performance to an external server +imply_option('MOZ_SERVICES_HEALTHREPORT', False) + +# Disable creating telemetry and data reports that are uploaded to an +# external server +# These aren't actually configure options. These are disabled in +# confvars.sh, but they look like configure options so we'll document +# them here, as well. +#XXX: no confvars.sh here +#imply_option('MOZ_TELEMETRY_REPORTING', False) +#imply_option('MOZ_DATA_REPORTING', False) + +imply_option('MOZ_ANDROID_NETWORK_STATE', False); +imply_option('MOZ_ANDROID_LOCATION', False); diff --git a/old-configure.in b/old-configure.in index dfb072b19cfb..2c3308a27657 100644 --- a/old-configure.in +++ b/old-configure.in @@ -1966,6 +1966,55 @@ if test -n "$MOZ_UPDATER"; then AC_DEFINE(MOZ_UPDATER) fi +dnl ======================================================== +dnl Tor additions +dnl ======================================================== +MOZ_ARG_WITH_STRING(tor-browser-version, +[ --with-tor-browser-version=VERSION + Set Tor Browser version, e.g., 7.0a1], + TOR_BROWSER_VERSION="$withval") + +if test -z "$TOR_BROWSER_VERSION"; then + AC_MSG_ERROR([--with-tor-browser-version is required for Tor Browser.]) +fi + +MOZ_ARG_ENABLE_BOOL(tor-browser-update, +[ --enable-tor-browser-update + Enable Tor Browser update], + TOR_BROWSER_UPDATE=1, + TOR_BROWSER_UPDATE= ) + +if test -n "$TOR_BROWSER_UPDATE"; then + AC_DEFINE(TOR_BROWSER_UPDATE) +fi + +MOZ_ARG_ENABLE_BOOL(tor-browser-data-outside-app-dir, +[ --enable-tor-browser-data-outside-app-dir + Enable Tor Browser data outside of app directory], + TOR_BROWSER_DATA_OUTSIDE_APP_DIR=1, + TOR_BROWSER_DATA_OUTSIDE_APP_DIR= ) + +if test -n "$TOR_BROWSER_DATA_OUTSIDE_APP_DIR"; then + AC_DEFINE(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) +fi + +AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,$TOR_BROWSER_VERSION) +AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION_QUOTED,"$TOR_BROWSER_VERSION") +AC_SUBST(TOR_BROWSER_UPDATE) +AC_SUBST(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + +MOZ_ARG_DISABLE_BOOL(tor-launcher, +[ --disable-tor-launcher + Do not include Tor Launcher], + TOR_BROWSER_DISABLE_TOR_LAUNCHER=1, + TOR_BROWSER_DISABLE_TOR_LAUNCHER=) + +if test -n "$TOR_BROWSER_DISABLE_TOR_LAUNCHER"; then + AC_DEFINE(TOR_BROWSER_DISABLE_TOR_LAUNCHER) +fi + +AC_SUBST(TOR_BROWSER_DISABLE_TOR_LAUNCHER) + dnl ======================================================== dnl parental controls (for Windows Vista) dnl ======================================================== diff --git a/security/moz.build b/security/moz.build index dec6f3ef7e21..f00f9fe5d7a7 100644 --- a/security/moz.build +++ b/security/moz.build @@ -85,7 +85,7 @@ gyp_vars['nss_dist_obj_dir'] = '$PRODUCT_DIR/dist/bin' gyp_vars['disable_tests'] = 1 gyp_vars['disable_dbm'] = 1 gyp_vars['disable_libpkix'] = 1 -gyp_vars['enable_sslkeylogfile'] = 1 +gyp_vars['enable_sslkeylogfile'] = 0 # pkg-config won't reliably find zlib on our builders, so just force it. # System zlib is only used for modutil and signtool unless # SSL zlib is enabled, which we are disabling immediately below this. diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile index 8a8b06f4b508..90571bb3e256 100644 --- a/security/nss/lib/ssl/Makefile +++ b/security/nss/lib/ssl/Makefile @@ -41,7 +41,7 @@ endif # Enable key logging by default in debug builds, but not opt builds. # Logging still needs to be enabled at runtime through env vars. -NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1) +NSS_ALLOW_SSLKEYLOGFILE ?= 0 ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE)) DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1 endif diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index 9b035435aed6..cd8ca2659626 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -341,6 +341,8 @@ this.AppConstants = Object.freeze({ MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@", ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@", + TOR_BROWSER_VERSION: "@TOR_BROWSER_VERSION@", + DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@", MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@", @@ -418,4 +420,11 @@ this.AppConstants = Object.freeze({ #else false, #endif + + TOR_BROWSER_UPDATE: +#ifdef TOR_BROWSER_UPDATE + true, +#else + false, +#endif }); diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index e5858122fa1c..f000f35c126f 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -296,6 +296,9 @@ for var in ('MOZ_ALLOW_ADDON_SIDELOAD', if CONFIG[var]: DEFINES[var] = True +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['TOR_BROWSER_UPDATE'] = 1 + JAR_MANIFESTS += ['jar.mn'] DEFINES['TOPOBJDIR'] = TOPOBJDIR

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 12620: TorBrowser regression tests
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 5e096e9599d40a8c7b33a5c0799ae6ef6baa5b5a Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Aug 27 16:25:00 2014 -0700 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. --- run-tbb-tests | 66 +++++++++++++++++++++++++++++++++++ tbb-tests-ignore.txt | 13 +++++++ tbb-tests/browser.ini | 5 +++ tbb-tests/browser_tor_TB4.js | 35 +++++++++++++++++++ tbb-tests/browser_tor_bug2950.js | 74 ++++++++++++++++++++++++++++++++++++++++ tbb-tests/mochitest.ini | 3 ++ tbb-tests/moz.build | 10 ++++++ tbb-tests/test_tor_bug2874.html | 25 ++++++++++++++ toolkit/toolkit.mozbuild | 3 +- 9 files changed, 233 insertions(+), 1 deletion(-) diff --git a/run-tbb-tests b/run-tbb-tests new file mode 100755 index 000000000000..bc09839f9f05 --- /dev/null +++ b/run-tbb-tests @@ -0,0 +1,66 @@ +#!/bin/bash + +# This script runs all the Mochitest tests that have been added or +# modified since the last ffxbld commit. +# +# It does not currently run XPCShell tests. We should change this if we +# start using this type or other types of tests. +# +# The logs of the tests are stored in the tbb-tests.log file. +# Ignored tests are listed in the tbb-tests-ignore.txt file. +# +# https://trac.torproject.org/projects/tor/ticket/18923 + +IFS=$'\n' + +if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ] +then + echo "Using tests list from file tbb-tests-list.txt" + tests=($(cat tbb-tests-list.txt)) +else + ffxbld_commit=$(git log -500 --format='oneline' | grep "TB3: Tor Browser's official .mozconfigs." \ + | head -1 | cut -d ' ' -f 1) + + tests=($(git diff --name-status "$ffxbld_commit" HEAD | \ + grep -e '^[AM].*/test_[^/]\+\.$html\|xul$$' \ + -e '^[AM].*/browser_[^/]\+\.js$' \ + | sed 's/^[AM]\s\+//')) +fi + +echo 'The following tests will be run:' +for i in "${!tests[@]}" +do + if [ -z "$USE_TESTS_LIST" ] \ + && grep -q "^${tests[$i]}$" tbb-tests-ignore.txt + then + unset "tests[$i]" + continue + fi + echo "- ${tests[$i]}" +done + +if [ -n "$WRITE_TESTS_LIST" ] +then + rm -f tbb-tests-list.txt + for i in "${!tests[@]}" + do + echo "${tests[$i]}" >> tbb-tests-list.txt + done + exit 0 +fi + +rm -f tbb-tests.log +echo $'\n''Starting tests' +# We need `security.nocertdb = false` because of #18087. That pref is +# forced to have the same value as `browser.privatebrowsing.autostart` in +# torbutton, so we just set `browser.privatebrowsing.autostart=false` here. +./mach mochitest --log-tbpl tbb-tests.log \ + --setpref network.file.path_blacklist='' \ + --setpref extensions.torbutton.use_nontor_proxy=true \ + --setpref browser.privatebrowsing.autostart=false \ + "${tests[@]}" + +echo "*************************" +echo "*************************" +echo "Summary of failed tests:" +grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log diff --git a/tbb-tests-ignore.txt b/tbb-tests-ignore.txt new file mode 100644 index 000000000000..ee3927a9e7c4 --- /dev/null +++ b/tbb-tests-ignore.txt @@ -0,0 +1,13 @@ +browser/extensions/onboarding/test/browser/browser_onboarding_accessibility.js +browser/extensions/onboarding/test/browser/browser_onboarding_keyboard.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_2.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_3.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_4.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_5.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_click_auto_complete_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_select_default_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_skip_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_tours.js +browser/extensions/onboarding/test/browser/browser_onboarding_tourset.js +browser/extensions/onboarding/test/browser/browser_onboarding_uitour.js diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini new file mode 100644 index 000000000000..f481660f1417 --- /dev/null +++ b/tbb-tests/browser.ini @@ -0,0 +1,5 @@ +[DEFAULT] + +[browser_tor_bug2950.js] +[browser_tor_omnibox.js] +[browser_tor_TB4.js] diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js new file mode 100644 index 000000000000..8bb12f360e5e --- /dev/null +++ b/tbb-tests/browser_tor_TB4.js @@ -0,0 +1,35 @@ +// # Test for TB4: Tor Browser's Firefox preference overrides +// This is a minimal test to check whether the 000-tor-browser.js +// pref overrides are being used at all or not. More comprehensive +// pref tests are maintained in the tor-browser-bundle-testsuite project. + +function test() { + +let expectedPrefs = [ + // Homepage + ["browser.startup.homepage", "about:tor"], + + // Disable the "Refresh" prompt that is displayed for stale profiles. + ["browser.disableResetPrompt", true], + + // Version placeholder + ["torbrowser.version", "dev-build"], + ]; + +let getPref = function (prefName) { + let type = Services.prefs.getPrefType(prefName); + if (type === Services.prefs.PREF_INT) return Services.prefs.getIntPref(prefName); + if (type === Services.prefs.PREF_BOOL) return Services.prefs.getBoolPref(prefName); + if (type === Services.prefs.PREF_STRING) return Services.prefs.getCharPref(prefName); + // Something went wrong. + throw new Error("Can't access pref " + prefName); +}; + +let testPref = function([key, expectedValue]) { + let foundValue = getPref(key); + is(foundValue, expectedValue, "Pref '" + key + "' should be '" + expectedValue +"'."); +}; + +expectedPrefs.map(testPref); + +} // end function test() diff --git a/tbb-tests/browser_tor_bug2950.js b/tbb-tests/browser_tor_bug2950.js new file mode 100644 index 000000000000..16e41344a3c4 --- /dev/null +++ b/tbb-tests/browser_tor_bug2950.js @@ -0,0 +1,74 @@ +// # Regression tests for tor Bug #2950, Make Permissions Manager memory-only +// Ensures that permissions.sqlite file in profile directory is not written to, +// even when we write a value to Firefox's permissions database. + +// The requisite test() function. +function test() { + +// Needed because of asynchronous part later in the test. +waitForExplicitFinish(); + +// Shortcut +let Ci = Components.interfaces; + +// ## utility functions + +// __principal(spec)__. +// Creates a principal instance from a spec +// (string address such as "https://www.torproject.org"). +let principal = spec => Services.scriptSecurityManager.createContentPrincipalFromOrigin(spec); + +// __setPermission(spec, key, value)__. +// Sets the site permission of type key to value, for the site located at address spec. +let setPermission = (spec, key, value) => SitePermissions.setForPrincipal(principal(spec), key, value); + +// __getPermission(spec, key)__. +// Reads the site permission value for permission type key, for the site +// located at address spec. +let getPermission = (spec, key) => SitePermissions.getForPrincipal(principal(spec), key); + +// __profileDirPath__. +// The Firefox Profile directory. Expected location of various persistent files. +let profileDirPath = Services.dirsvc.get("ProfD", Components.interfaces.nsIFile).path; + +// __fileInProfile(fileName)__. +// Returns an nsIFile instance corresponding to a file in the Profile directory. +let fileInProfile = fileName => FileUtils.File(profileDirPath + "/" + fileName); + +// ## Now let's run the test. + +let SITE = "https://www.torproject.org", + KEY = "popup"; + +let permissionsFile = fileInProfile("permissions.sqlite"), + lastModifiedTime = null, + newModifiedTime = null; +if (permissionsFile.exists()) { + lastModifiedTime = permissionsFile.lastModifiedTime; +} +// Read the original value of the permission. +let originalValue = getPermission(SITE, KEY); + +// We need to delay by at least 1000 ms, because that's the granularity +// of file time stamps, it seems. +window.setTimeout( + function () { + // Set the permission to a new value. + setPermission(SITE, KEY, SitePermissions.BLOCK); + // Now read back the permission value again. + let newReadValue = getPermission(SITE, KEY); + // Compare to confirm that the permission + // value was successfully changed. + Assert.notDeepEqual(originalValue, newReadValue, "Set a value in permissions db (perhaps in memory)."); + // If file existed or now exists, get the current time stamp. + if (permissionsFile.exists()) { + newModifiedTime = permissionsFile.lastModifiedTime; + } + // If file was created or modified since we began this test, + // then permissions db is not memory only. Complain! + is(lastModifiedTime, newModifiedTime, "Don't write to permissions.sqlite file on disk."); + // We are done with the test. + finish(); + }, 1100); + +} // test() diff --git a/tbb-tests/mochitest.ini b/tbb-tests/mochitest.ini new file mode 100644 index 000000000000..cc5172733bbe --- /dev/null +++ b/tbb-tests/mochitest.ini @@ -0,0 +1,3 @@ +[DEFAULT] + +[test_tor_bug2874.html] diff --git a/tbb-tests/moz.build b/tbb-tests/moz.build new file mode 100644 index 000000000000..de8a41a67a5c --- /dev/null +++ b/tbb-tests/moz.build @@ -0,0 +1,10 @@ +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOCHITEST_MANIFESTS += ['mochitest.ini'] + +BROWSER_CHROME_MANIFESTS += [ 'browser.ini' ] + diff --git a/tbb-tests/test_tor_bug2874.html b/tbb-tests/test_tor_bug2874.html new file mode 100644 index 000000000000..c0a956e9f687 --- /dev/null +++ b/tbb-tests/test_tor_bug2874.html @@ -0,0 +1,25 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="utf-8"> + <title>Test for Tor Bug 2874</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + <script type="application/javascript"> + is(typeof Components, 'undefined', "The global window object should not expose a Components property to untrusted content."); + </script> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/2874">Tor Bug 2874</a> +<p id="display"></p> +<div id="content" style="display: none"> + +</div> +<pre id="test"> +</pre> +</body> +</html> diff --git a/toolkit/toolkit.mozbuild b/toolkit/toolkit.mozbuild index d092b8b22346..6e35a4602300 100644 --- a/toolkit/toolkit.mozbuild +++ b/toolkit/toolkit.mozbuild @@ -96,7 +96,8 @@ if CONFIG['MOZ_WEBRTC'] and CONFIG['COMPILE_ENVIRONMENT']: ] if CONFIG['ENABLE_TESTS']: - DIRS += ['/testing/specialpowers'] + DIRS += ['/testing/specialpowers', + '/tbb-tests'] DIRS += [ '/testing/gtest',

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 3547: Block all plugins.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit e2f4640d7ae53932c3dfa65f3f21ac981c17fc24 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index 4e1c1fd53698..cace7d4ef6ba 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -480,6 +480,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath);

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 10760: Integrate TorButton to TorBrowser core
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit b60399b09b25ff7c778875b104b9f3c4e8ce0219 Author: Alex Catarineu <acat(a)torproject.org> Date: Wed Feb 19 23:05:08 2020 +0100 Bug 10760: Integrate TorButton to TorBrowser core Because of the non-restartless nature of Torbutton, it required a two-stage installation process. On mobile, it was a problem, because it was not loading when the user opened the browser for the first time. Moving it to tor-browser and making it a system extension allows it to load when the user opens the browser for first time. Additionally, this patch also fixes Bug 27611. Bug 26321: New Circuit and New Identity menu items Bug 14392: Make about:tor behave like other initial pages. Bug 25013: Add torbutton as a tor-browser submodule --- .gitmodules | 3 ++ browser/base/content/aboutDialog.xhtml | 38 +++++++++++------ browser/base/content/browser-doctype.inc | 6 +++ browser/base/content/browser-menubar.inc | 49 ++++++++++++++++------ browser/base/content/browser-sets.inc | 2 + browser/base/content/browser.js | 1 + browser/base/content/browser.xhtml | 9 ++++ .../controlcenter/content/identityPanel.inc.xhtml | 17 ++++++++ .../customizableui/content/panelUI.inc.xhtml | 17 +++++++- browser/installer/package-manifest.in | 2 + docshell/base/nsAboutRedirector.cpp | 6 ++- docshell/build/components.conf | 1 + mobile/android/installer/package-manifest.in | 4 ++ toolkit/moz.build | 1 + .../mozapps/extensions/internal/XPIProvider.jsm | 9 ++++ toolkit/torproject/torbutton | 1 + .../lib/environments/browser-window.js | 6 ++- 17 files changed, 142 insertions(+), 30 deletions(-) diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000000..2f03bd8e22df --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "toolkit/torproject/torbutton"] + path = toolkit/torproject/torbutton + url = https://git.torproject.org/torbutton.git diff --git a/browser/base/content/aboutDialog.xhtml b/browser/base/content/aboutDialog.xhtml index 69cbf846bbef..5274cbc02831 100644 --- a/browser/base/content/aboutDialog.xhtml +++ b/browser/base/content/aboutDialog.xhtml @@ -7,11 +7,11 @@ <?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/aboutDialog.css" type="text/css"?> <?xml-stylesheet href="chrome://branding/content/aboutDialog.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/aboutDialog.css" type="text/css"?> + <!DOCTYPE window [ -#ifdef XP_MACOSX #include browser-doctype.inc -#endif ]> <window xmlns:html="http://www.w3.org/1999/xhtml" @@ -28,7 +28,7 @@ data-l10n-id="aboutDialog-title" #endif role="dialog" - aria-describedby="version distribution distributionId communityDesc contributeDesc trademark" + aria-describedby="version distribution distributionId projectDesc helpDesc trademark trademarkTor" > #ifdef XP_MACOSX #include macWindow.inc.xhtml @@ -132,24 +132,36 @@ <label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-exp-creditsLink"></label> </description> </vbox> - <description class="text-blurb" id="communityDesc" data-l10n-id="community-2"> - <label is="text-link" href="http://www.mozilla.org/" data-l10n-name="community-mozillaLink"></label> - <label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-creditsLink"></label> +  + <description class="text-blurb" id="communityDesc" data-l10n-id="community-2" hidden="true"></description> + <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus" hidden="true"></description> + <description class="text-blurb" id="projectDesc"> + &project.start; + <label is="text-link" href="https://www.torproject.org/"> + &project.tpoLink; + </label>&project.end; </description> - <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus"> - <label is="text-link" href="https://donate.mozilla.org/?utm_source=firefox&utm_medium=referral&…" data-l10n-name="helpus-donateLink"></label> - <label is="text-link" href="http://www.mozilla.org/contribute/" data-l10n-name="helpus-getInvolvedLink"></label> + <description class="text-blurb" id="helpDesc"> + &help.start; + <label is="text-link" href="https://donate.torproject.org/"> + &help.donateLink; + </label> + &help.or; + <label is="text-link" href="https://community.torproject.org/"> + &help.getInvolvedLink; + </label>&help.end; </description> </vbox> </vbox> </hbox> <vbox id="bottomBox"> - <hbox pack="center"> - <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license" data-l10n-id="bottomLinks-license"></label> - <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:rights" data-l10n-id="bottomLinks-rights"></label> - <label is="text-link" class="bottom-link" href="https://www.mozilla.org/privacy/" data-l10n-id="bottomLinks-privacy"></label> + <hbox id="newBottom" pack="center" position="1"> + <label is="text-link" class="bottom-link" href="https://support.torproject.org/">&bottomLinks.questions;</label> + <label is="text-link" class="bottom-link" href="https://community.torproject.org/relay/">&bottomLinks.grow;</label> + <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license">&bottomLinks.license;</label> </hbox> <description id="trademark" data-l10n-id="trademarkInfo"></description> + <description id="trademarkTor">&tor.TrademarkStatement;</description> </vbox> </vbox> diff --git a/browser/base/content/browser-doctype.inc b/browser/base/content/browser-doctype.inc index 9aa278773158..48cf6cd3eda0 100644 --- a/browser/base/content/browser-doctype.inc +++ b/browser/base/content/browser-doctype.inc @@ -14,3 +14,9 @@ %syncBrandDTD; <!ENTITY % brandingsDTD SYSTEM "chrome://browser/locale/brandings.dtd"> %brandingsDTD; +<!ENTITY % torbuttonDTD SYSTEM "chrome://torbutton/locale/torbutton.dtd"> +%torbuttonDTD; +<!ENTITY % aboutTorDTD SYSTEM "chrome://torbutton/locale/aboutTor.dtd"> +%aboutTorDTD; +<!ENTITY % aboutDialogDTD SYSTEM "chrome://torbutton/locale/aboutDialog.dtd"> +%aboutDialogDTD; diff --git a/browser/base/content/browser-menubar.inc b/browser/base/content/browser-menubar.inc index 267ec91707ba..6f4aa9289c35 100644 --- a/browser/base/content/browser-menubar.inc +++ b/browser/base/content/browser-menubar.inc @@ -33,6 +33,18 @@ command="Tools:NonFissionWindow" accesskey="s" label="New Non-Fission Window"/> #endif + <menuseparator/> + <menuitem id="menu_newIdentity" + accesskey="&torbutton.context_menu.new_identity_key;" + key="torbutton-new-identity-key" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();"/> + <menuitem id="menu_newCircuit" + accesskey="&torbutton.context_menu.new_circuit_key;" + key="torbutton-new-circuit-key" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();"/> + <menuseparator/> <menuitem id="menu_openLocation" hidden="true" command="Browser:OpenLocation" @@ -455,17 +467,28 @@ #endif data-l10n-id="menu-help"> <menupopup id="menu_HelpPopup" onpopupshowing="buildHelpMenu();"> - <menuitem id="menu_openHelp" +  + <box id="feedbackPage"/> + <box id="helpSafeMode"/> + <box id="menu_HelpPopup_reportPhishingtoolmenu"/> + <box id="menu_HelpPopup_reportPhishingErrortoolmenu"/> +  + <menuitem id="torBrowserUserManual" + oncommand="gBrowser.selectedTab = gBrowser.addTab('https://tb-manual.torproject.org/' + Services.locale.requestedLocale, {triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal()});" + label="&aboutTor.torbrowser_user_manual.label;" + accesskey="&aboutTor.torbrowser_user_manual.accesskey;"/> +  +  #else - /> + /> --> #endif - <menuitem id="menu_openTour" - oncommand="openTourPage();" data-l10n-id="menu-help-show-tour"/> +  <menuitem id="help_importFromAnotherBrowser" command="cmd_help_importFromAnotherBrowser" data-l10n-id="menu-help-import-from-another-browser"/> <menuitem id="menu_keyboardShortcuts" @@ -474,22 +497,22 @@ <menuitem id="troubleShooting" oncommand="openTroubleshootingPage()" onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-troubleshooting-info"/> - <menuitem id="feedbackPage" +  +  +  +  <menuseparator id="helpPolicySeparator" hidden="true"/> <menuitem id="helpPolicySupport" diff --git a/browser/base/content/browser-sets.inc b/browser/base/content/browser-sets.inc index aae94e8d4654..fa71bfb37a84 100644 --- a/browser/base/content/browser-sets.inc +++ b/browser/base/content/browser-sets.inc @@ -374,4 +374,6 @@ data-l10n-id="hide-other-apps-shortcut" modifiers="accel,alt"/> #endif + <key id="torbutton-new-identity-key" modifiers="accel shift" key="U" oncommand="torbutton_new_identity()"/> + <key id="torbutton-new-circuit-key" modifiers="accel shift" key="L" oncommand="torbutton_new_circuit()"/> </keyset> diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 5eb38ba78282..3c342dedd5d4 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -620,6 +620,7 @@ var gPageIcons = { }; var gInitialPages = [ + "about:tor", "about:blank", "about:newtab", "about:home", diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 62825bfd206a..229fc2a26dd2 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -29,6 +29,8 @@ <?xml-stylesheet href="chrome://browser/skin/searchbar.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/places/tree-icons.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/places/editBookmark.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/tor-circuit-display.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/torbutton.css" type="text/css"?> # All DTD information is stored in a separate file so that it can be shared by # hiddenWindowMac.xhtml. @@ -105,11 +107,18 @@ Services.scriptloader.loadSubScript("chrome://browser/content/places/places-menupopup.js", this); Services.scriptloader.loadSubScript("chrome://browser/content/search/autocomplete-popup.js", this); Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this); + Services.scriptloader.loadSubScript("chrome://torbutton/content/tor-circuit-display.js", this); + Services.scriptloader.loadSubScript("chrome://torbutton/content/torbutton.js", this); window.onload = gBrowserInit.onLoad.bind(gBrowserInit); window.onunload = gBrowserInit.onUnload.bind(gBrowserInit); window.onclose = WindowIsClosing; + //onLoad Handler + try { + window.addEventListener("load", torbutton_init, false); + } catch (e) {} + window.addEventListener("MozBeforeInitialXULLayout", gBrowserInit.onBeforeInitialXULLayout.bind(gBrowserInit), { once: true }); diff --git a/browser/components/controlcenter/content/identityPanel.inc.xhtml b/browser/components/controlcenter/content/identityPanel.inc.xhtml index 77c0b9b2413f..a8edda858e41 100644 --- a/browser/components/controlcenter/content/identityPanel.inc.xhtml +++ b/browser/components/controlcenter/content/identityPanel.inc.xhtml @@ -60,6 +60,23 @@ oncommand="gIdentityHandler.showSecuritySubView();"/> </hbox> +  + <hbox id="circuit-display-container" class="identity-popup-section"> + <vbox id="circuit-display-content" flex="1" role="group" + aria-labelledby="circuit-display-headline"> + <hbox id="circuit-display-header" align="center"> + <label id="circuit-display-headline" + role="heading" aria-level="2">&torbutton.circuit_display.title;</label> + </hbox> + <html:ul id="circuit-display-nodes" dir="auto"/> + </vbox> + <vbox id="circuit-reload-content" flex="1"> + <html:button id="circuit-reload-button" + onclick="torbutton_new_circuit()">&torbutton.circuit_display.new_circuit;</html:button> + <hbox id="circuit-guard-note-container"/> + </vbox> + </hbox> +  <hbox class="identity-popup-section" when-connection="not-secure secure secure-ev secure-cert-user-overridden file extension cert-error-page"> diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index 3a8b74b0a9f3..bdb8a7c227cf 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -265,7 +265,8 @@ class="subviewbutton subviewbutton-iconic" label="&newPrivateWindow.label;" key="key_privatebrowsing" - command="Tools:PrivateBrowsing"/> + command="Tools:PrivateBrowsing" + hidden="true"/> #ifdef NIGHTLY_BUILD <toolbarbutton id="appMenu-fission-window-button" class="subviewbutton subviewbutton-iconic" @@ -281,7 +282,19 @@ <toolbarbutton id="appMenuRestoreLastSession" label="&appMenuHistory.restoreSession.label;" class="subviewbutton subviewbutton-iconic" - command="Browser:RestoreLastSession"/> + command="Browser:RestoreLastSession" + hidden="true"/> + <toolbarseparator/> + <toolbarbutton id="appMenuNewIdentity" + class="subviewbutton subviewbutton-iconic" + key="torbutton-new-identity-key" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();"/> + <toolbarbutton id="appMenuNewCircuit" + class="subviewbutton subviewbutton-iconic" + key="torbutton-new-circuit-key" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();"/> <toolbarseparator/> <toolbaritem id="appMenu-zoom-controls" class="toolbaritem-combined-buttons" closemenu="none">  diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 582a6e13d607..3722bf2ee22b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -253,6 +253,8 @@ @RESPATH@/browser/chrome/torlauncher/* @RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js #endif +@RESPATH@/chrome/torbutton.manifest +@RESPATH@/chrome/torbutton/* @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/docshell/base/nsAboutRedirector.cpp b/docshell/base/nsAboutRedirector.cpp index 730fd6aea654..051f239c76ac 100644 --- a/docshell/base/nsAboutRedirector.cpp +++ b/docshell/base/nsAboutRedirector.cpp @@ -146,7 +146,11 @@ static const RedirEntry kRedirMap[] = { {"crashcontent", "about:blank", nsIAboutModule::HIDE_FROM_ABOUTABOUT | nsIAboutModule::URI_CAN_LOAD_IN_CHILD | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD}}; + nsIAboutModule::URI_MUST_LOAD_IN_CHILD}, + {"tor", "chrome://torbutton/content/aboutTor/aboutTor.xhtml", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT}}; static const int kRedirTotal = mozilla::ArrayLength(kRedirMap); NS_IMETHODIMP diff --git a/docshell/build/components.conf b/docshell/build/components.conf index 6d7253d01631..2d56ea33389d 100644 --- a/docshell/build/components.conf +++ b/docshell/build/components.conf @@ -27,6 +27,7 @@ about_pages = [ 'srcdoc', 'support', 'telemetry', + 'tor', 'url-classifier', 'webrtc', ] diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in index 17d6471c4742..055eb4717447 100644 --- a/mobile/android/installer/package-manifest.in +++ b/mobile/android/installer/package-manifest.in @@ -137,6 +137,10 @@ @BINPATH@/chrome/devtools@JAREXT@ @BINPATH@/chrome/devtools.manifest +; Torbutton +@BINPATH@/chrome/torbutton@JAREXT@ +@BINPATH@/chrome/torbutton.manifest + ; [Default Preferences] ; All the pref files must be part of base to prevent migration bugs #ifdef MOZ_GECKOVIEW_JAR diff --git a/toolkit/moz.build b/toolkit/moz.build index b6f792da7124..3451334de15c 100644 --- a/toolkit/moz.build +++ b/toolkit/moz.build @@ -23,6 +23,7 @@ DIRS += [ 'pluginproblem', 'profile', 'themes', + 'torproject/torbutton', ] if CONFIG['OS_ARCH'] == 'WINNT' and CONFIG['MOZ_DEFAULT_BROWSER_AGENT']: diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index bcdf6f40d5ed..bf31932b59f1 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,15 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); + // Uninstall torbutton if it is installed in the user profile + if (id === "torbutton(a)torproject.org" && + loc.name === KEY_APP_PROFILE) { + logger.debug("Uninstalling torbutton from user profile."); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + // Since it is now part of the browser, uninstall the Tor Launcher // extension. This will remove the Tor Launcher .xpi from user // profiles on macOS. diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton new file mode 160000 index 000000000000..32c71313e4e1 --- /dev/null +++ b/toolkit/torproject/torbutton @@ -0,0 +1 @@ +Subproject commit 32c71313e4e1da24510402b9051543e144a3129b diff --git a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js index 76e03f2d49bb..2ff107b553b2 100644 --- a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js +++ b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js @@ -75,7 +75,11 @@ function getGlobalScriptIncludes(scriptPath) { "browser/components/search/content/" ) .replace("chrome://browser/content/", "browser/base/content/") - .replace("chrome://global/content/", "toolkit/content/"); + .replace("chrome://global/content/", "toolkit/content/") + .replace( + "chrome://torbutton/content/", + "toolkit/torproject/torbutton/chrome/content/" + ); for (let mapping of Object.getOwnPropertyNames(MAPPINGS)) { if (sourceFile.includes(mapping)) {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 28044: Integrate Tor Launcher into tor-browser
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit b1668d79261138c29d7fb5bc591e323c627b5454 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Feb 26 10:07:17 2019 -0500 Bug 28044: Integrate Tor Launcher into tor-browser Build and package Tor Launcher as part of the browser (similar to how pdfjs is handled). If a Tor Launcher extension is present in the user's profile, it is removed. --- browser/extensions/moz.build | 5 +++++ browser/installer/package-manifest.in | 5 +++++ toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++++++++++ 3 files changed, 20 insertions(+) diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index 4c9fa789d12a..fd2e65d01f02 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -12,3 +12,8 @@ DIRS += [ 'webcompat', 'report-site-issue' ] + +if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: + DIRS += [ + 'tor-launcher', + ] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 7deaf1b51f9a..582a6e13d607 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -248,6 +248,11 @@ @RESPATH@/browser/chrome/browser.manifest @RESPATH@/browser/chrome/pdfjs.manifest @RESPATH@/browser/chrome/pdfjs/* +#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER +@RESPATH@/browser/chrome/torlauncher.manifest +@RESPATH@/browser/chrome/torlauncher/* +@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js +#endif @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index ba67e5f6bee8..bcdf6f40d5ed 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,16 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); + // Since it is now part of the browser, uninstall the Tor Launcher + // extension. This will remove the Tor Launcher .xpi from user + // profiles on macOS. + if (id === "tor-launcher(a)torproject.org") { + logger.debug("Uninstalling the Tor Launcher extension."); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Add TorStrings module for localization
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 37310771350488c077932c3cbb1741910d4fd547 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Jul 24 21:15:20 2020 +0200 Add TorStrings module for localization --- browser/modules/TorStrings.jsm | 490 +++++++++++++++++++++++++++++++++++++++++ browser/modules/moz.build | 1 + 2 files changed, 491 insertions(+) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm new file mode 100644 index 000000000000..e8a8d37ae373 --- /dev/null +++ b/browser/modules/TorStrings.jsm @@ -0,0 +1,490 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorStrings"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); +const { getLocale } = ChromeUtils.import( + "resource://torbutton/modules/utils.js" +); + +XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]); +XPCOMUtils.defineLazyGetter(this, "domParser", () => { + const parser = new DOMParser(); + parser.forceEnableDTD(); + return parser; +}); + +/* + Tor DTD String Bundle + + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorDTDStringBundle { + constructor(aBundleURLs, aPrefix) { + let locations = []; + for (const [index, url] of aBundleURLs.entries()) { + locations.push(`<!ENTITY % dtd_${index} SYSTEM "${url}">%dtd_${index};`); + } + this._locations = locations; + this._prefix = aPrefix; + } + + // copied from testing/marionette/l10n.js + localizeEntity(urls, id) { + // Use the DOM parser to resolve the entity and extract its real value + let header = `<?xml version="1.0"?><!DOCTYPE elem [${this._locations.join( + "" + )}]>`; + let elem = `<elem id="elementID">&${id};</elem>`; + let doc = domParser.parseFromString(header + elem, "text/xml"); + let element = doc.querySelector("elem[id='elementID']"); + + if (element === null) { + throw new Error(`Entity with id='${id}' hasn't been found`); + } + + return element.textContent; + } + + getString(key, fallback) { + if (key) { + try { + return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { + try { + this._bundle = Services.strings.createBundle(aBundleURL); + } catch (e) {} + + this._prefix = aPrefix; + } + + getString(key, fallback) { + if (key) { + try { + return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Security Level Strings +*/ +var TorStrings = { + /* + Tor Browser Security Level Strings + */ + securityLevel: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torbutton/locale/torbutton.dtd"], + "torbutton.prefs.sec_" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + // read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error + let retval = { + securityLevel: getString("caption", "Security Level"), + customWarning: getString("custom_warning", "Custom"), + overview: getString( + "overview", + "Disable certain web features that can be used to attack your security and anonymity." + ), + standard: { + level: getString("standard_label", "Standard"), + tooltip: getString("standard_tooltip", "Security Level : Standard"), + summary: getString( + "standard_description", + "All Tor Browser and website features are enabled." + ), + }, + safer: { + level: getString("safer_label", "Safer"), + tooltip: getString("safer_tooltip", "Security Level : Safer"), + summary: getString( + "safer_description", + "Disables website features that are often dangerous, causing some sites to lose functionality." + ), + description1: getString( + "js_on_https_sites_only", + "JavaScript is disabled on non-HTTPS sites." + ), + description2: getString( + "limit_typography", + "Some fonts and math symbols are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + safest: { + level: getString("safest_label", "Safest"), + tooltip: getString("safest_tooltip", "Security Level : Safest"), + summary: getString( + "safest_description", + "Only allows website features required for static sites and basic services. These changes affect images, media, and scripts." + ), + description1: getString( + "js_disabled", + "JavaScript is disabled by default on all sites." + ), + description2: getString( + "limit_graphics_and_typography", + "Some fonts, icons, math symbols, and images are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + custom: { + summary: getString( + "custom_summary", + "Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels." + ), + }, + learnMore: getString("learn_more_label", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/security-settings/`, + restoreDefaults: getString("restore_defaults", "Restore Defaults"), + advancedSecuritySettings: getString( + "advanced_security_settings", + "Advanced Security Settings\u2026" + ), + }; + return retval; + })() /* Security Level Strings */, + + /* + Tor about:preferences#tor Strings + */ + settings: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torlauncher/locale/network-settings.dtd"], + "" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + let retval = { + categoryTitle: getString("torPreferences.categoryTitle", "Tor"), + torPreferencesHeading: getString( + "torPreferences.torSettings", + "Tor Settings" + ), + torPreferencesDescription: getString( + "torPreferences.torSettingsDescription", + "Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world." + ), + learnMore: getString("torPreferences.learnMore", "Learn More"), + bridgesHeading: getString("torPreferences.bridges", "Bridges"), + bridgesDescription: getString( + "torPreferences.bridgesDescription", + "Bridges help you access the Tor Network in places where Tor is blocked. Depending on where you are, one bridge may work better than another." + ), + useBridge: getString("torPreferences.useBridge", "Use a bridge"), + selectBridge: getString( + "torsettings.useBridges.default", + "Select a bridge" + ), + requestBridgeFromTorProject: getString( + "torsettings.useBridges.bridgeDB", + "Request a bridge from torproject.org" + ), + requestNewBridge: getString( + "torPreferences.requestNewBridge", + "Request a New Bridge\u2026" + ), + provideBridge: getString( + "torPreferences.provideBridge", + "Provide a bridge" + ), + provideBridgeDirections: getString( + "torsettings.useBridges.label", + "Enter bridge information from a trusted source." + ), + provideBridgePlaceholder: getString( + "torsettings.useBridges.placeholder", + "type address:port (one per line)" + ), + advancedHeading: getString("torPreferences.advanced", "Advanced"), + advancedDescription: getString( + "torPreferences.advancedDescription", + "Configure how Tor Browser connects to the internet." + ), + useLocalProxy: getString("torsettings.useProxy.checkbox", "I use a proxy to connect to the Internet"), + proxyType: getString("torsettings.useProxy.type", "Proxy Type"), + proxyTypeSOCKS4: getString("torsettings.useProxy.type.socks4", "SOCKS4"), + proxyTypeSOCKS5: getString("torsettings.useProxy.type.socks5", "SOCKS5"), + proxyTypeHTTP: getString("torsettings.useProxy.type.http", "HTTP/HTTPS"), + proxyAddress: getString("torsettings.useProxy.address", "Address"), + proxyAddressPlaceholder: getString( + "torsettings.useProxy.address.placeholder", + "IP address or hostname" + ), + proxyPort: getString("torsettings.useProxy.port", "Port"), + proxyUsername: getString("torsettings.useProxy.username", "Username"), + proxyPassword: getString("torsettings.useProxy.password", "Password"), + proxyUsernamePasswordPlaceholder: getString( + "torsettings.optional", + "Optional" + ), + useFirewall: getString( + "torsettings.firewall.checkbox", + "This computer goes through a firewall that only allows connections to certain ports" + ), + allowedPorts: getString( + "torsettings.firewall.allowedPorts", + "Allowed Ports" + ), + allowedPortsPlaceholder: getString( + "torPreferences.firewallPortsPlaceholder", + "Comma-seperated values" + ), + requestBridgeDialogTitle: getString( + "torPreferences.requestBridgeDialogTitle", + "Request Bridge" + ), + submitCaptcha: getString( + "torsettings.useBridges.captchaSubmit", + "Submit" + ), + contactingBridgeDB: getString( + "torPreferences.requestBridgeDialogWaitPrompt", + "Contacting BridgeDB. Please Wait." + ), + solveTheCaptcha: getString( + "torPreferences.requestBridgeDialogSolvePrompt", + "Solve the CAPTCHA to request a bridge." + ), + captchaTextboxPlaceholder: getString( + "torsettings.useBridges.captchaSolution.placeholder", + "Enter the characters from the image" + ), + incorrectCaptcha: getString( + "torPreferences.requestBridgeErrorBadSolution", + "The solution is not correct. Please try again." + ), + showTorDaemonLogs: getString( + "torPreferences.viewTorLogs", + "View the Tor logs." + ), + showLogs: getString("torPreferences.viewLogs", "View Logs\u2026"), + torLogDialogTitle: getString( + "torPreferences.torLogsDialogTitle", + "Tor Logs" + ), + copyLog: getString("torsettings.copyLog", "Copy Tor Log to Clipboard"), + + learnMoreTorBrowserURL: `https://tb-manual.torproject.org/${getLocale()}/about/`, + learnMoreBridgesURL: `https://tb-manual.torproject.org/${getLocale()}/bridges/`, + learnMoreNetworkSettingsURL: `about:blank`, + }; + + return retval; + })() /* Tor Network Settings Strings */, + + /* + Tor Onion Services Strings, e.g., for the authentication prompt. + */ + onionServices: (function() { + let tsb = new TorPropertyStringBundle( + "chrome://torbutton/locale/torbutton.properties", + "onionServices." + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const kProblemLoadingSiteFallback = "Problem Loading Onionsite"; + const kLongDescFallback = "Details: %S"; + + let retval = { + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://support.torproject.org/${getLocale()}/onionservices/client-auth/`, + errorPage: { + browser: getString("errorPage.browser", "Browser"), + network: getString("errorPage.network", "Network"), + onionSite: getString("errorPage.onionSite", "Onionsite"), + }, + descNotFound: { // Tor SOCKS error 0xF0 + pageTitle: getString("descNotFound.pageTitle", kProblemLoadingSiteFallback), + header: getString("descNotFound.header", "Onionsite Not Found"), + longDescription: getString("descNotFound.longDescription", kLongDescFallback), + }, + descInvalid: { // Tor SOCKS error 0xF1 + pageTitle: getString("descInvalid.pageTitle", kProblemLoadingSiteFallback), + header: getString("descInvalid.header", "Onionsite Cannot Be Reached"), + longDescription: getString("descInvalid.longDescription", kLongDescFallback), + }, + introFailed: { // Tor SOCKS error 0xF2 + pageTitle: getString("introFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("introFailed.header", "Onionsite Has Disconnected"), + longDescription: getString("introFailed.longDescription", kLongDescFallback), + }, + rendezvousFailed: { // Tor SOCKS error 0xF3 + pageTitle: getString("rendezvousFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("rendezvousFailed.header", "Unable to Connect to Onionsite"), + longDescription: getString("rendezvousFailed.longDescription", kLongDescFallback), + }, + clientAuthMissing: { // Tor SOCKS error 0xF4 + pageTitle: getString("clientAuthMissing.pageTitle", "Authorization Required"), + header: getString("clientAuthMissing.header", "Onionsite Requires Authentication"), + longDescription: getString("clientAuthMissing.longDescription", kLongDescFallback), + }, + clientAuthIncorrect: { // Tor SOCKS error 0xF5 + pageTitle: getString("clientAuthIncorrect.pageTitle", "Authorization Failed"), + header: getString("clientAuthIncorrect.header", "Onionsite Authentication Failed"), + longDescription: getString("clientAuthIncorrect.longDescription", kLongDescFallback), + }, + badAddress: { // Tor SOCKS error 0xF6 + pageTitle: getString("badAddress.pageTitle", kProblemLoadingSiteFallback), + header: getString("badAddress.header", "Invalid Onionsite Address"), + longDescription: getString("badAddress.longDescription", kLongDescFallback), + }, + introTimedOut: { // Tor SOCKS error 0xF7 + pageTitle: getString("introTimedOut.pageTitle", kProblemLoadingSiteFallback), + header: getString("introTimedOut.header", "Onionsite Circuit Creation Timed Out"), + longDescription: getString("introTimedOut.longDescription", kLongDescFallback), + }, + authPrompt: { + description: + getString("authPrompt.description2", "%S is requesting that you authenticate."), + keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your key"), + done: getString("authPrompt.done", "Done"), + doneAccessKey: getString("authPrompt.doneAccessKey", "d"), + invalidKey: getString("authPrompt.invalidKey", "Invalid key"), + failedToSetKey: + getString("authPrompt.failedToSetKey", "Failed to set key"), + }, + authPreferences: { + header: getString("authPreferences.header", "Onion Services Authentication"), + overview: getString("authPreferences.overview", "Some onion services require that you identify yourself with a key"), + savedKeys: getString("authPreferences.savedKeys", "Saved Keys"), + dialogTitle: getString("authPreferences.dialogTitle", "Onion Services Keys"), + dialogIntro: getString("authPreferences.dialogIntro", "Keys for the following onionsites are stored on your computer"), + onionSite: getString("authPreferences.onionSite", "Onionsite"), + onionKey: getString("authPreferences.onionKey", "Key"), + remove: getString("authPreferences.remove", "Remove"), + removeAll: getString("authPreferences.removeAll", "Remove All"), + failedToGetKeys: getString("authPreferences.failedToGetKeys", "Failed to get keys"), + failedToRemoveKey: getString("authPreferences.failedToRemoveKey", "Failed to remove key"), + }, + }; + + return retval; + })() /* Tor Onion Services Strings */, + + /* + OnionLocation + */ + onionLocation: (function() { + const tsb = new TorPropertyStringBundle( + ["chrome://torbutton/locale/torbutton.properties"], + "onionLocation." + ); + const getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const retval = { + alwaysPrioritize: getString( + "alwaysPrioritize", + "Always Prioritize Onionsites" + ), + alwaysPrioritizeAccessKey: getString("alwaysPrioritizeAccessKey", "a"), + notNow: getString("notNow", "Not Now"), + notNowAccessKey: getString("notNowAccessKey", "n"), + description: getString( + "description", + "Website publishers can protect users by adding a security layer. This prevents eavesdroppers from knowing that you are the one visiting that website." + ), + tryThis: getString("tryThis", "Try this: Onionsite"), + onionAvailable: getString("onionAvailable", "Onionsite available"), + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/onion-services/`, + always: getString("always", "Always"), + askEverytime: getString("askEverytime", "Ask you every time"), + prioritizeOnionsDescription: getString( + "prioritizeOnionsDescription", + "Prioritize onionsites when they are available." + ), + onionServicesTitle: getString("onionServicesTitle", "Onion Services"), + }; + + return retval; + })() /* OnionLocation */, + + /* + Tor Deamon Configuration Key Strings + */ + + // TODO: proper camel case + configKeys: { + /* Bridge Conf Settings */ + useBridges: "UseBridges", + bridgeList: "Bridge", + /* Proxy Conf Strings */ + socks4Proxy: "Socks4Proxy", + socks5Proxy: "Socks5Proxy", + socks5ProxyUsername: "Socks5ProxyUsername", + socks5ProxyPassword: "Socks5ProxyPassword", + httpsProxy: "HTTPSProxy", + httpsProxyAuthenticator: "HTTPSProxyAuthenticator", + /* Firewall Conf Strings */ + reachableAddresses: "ReachableAddresses", + + /* BridgeDB Strings */ + clientTransportPlugin: "ClientTransportPlugin", + }, + + /* + about:config preference keys + */ + + preferenceKeys: { + defaultBridgeType: "extensions.torlauncher.default_bridge_type", + recommendedBridgeType: + "extensions.torlauncher.default_bridge_recommended_type", + }, + + /* + about:config preference branches + */ + preferenceBranches: { + defaultBridge: "extensions.torlauncher.default_bridge.", + bridgeDBBridges: "extensions.torlauncher.bridgedb_bridge.", + }, +}; diff --git a/browser/modules/moz.build b/browser/modules/moz.build index cbb94cf736a0..88f2a55d6f49 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -154,6 +154,7 @@ EXTRA_JS_MODULES += [ 'TabUnloader.jsm', 'ThemeVariableMap.jsm', 'TopSiteAttribution.jsm', + 'TorStrings.jsm', 'TransientPrefs.jsm', 'webrtcUI.jsm', 'ZoomUI.jsm',

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 14631: Improve profile access error messages.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 0c70f5c1977ed7d58922eaf06cf44fb0ba28355d Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Feb 24 13:50:23 2015 -0500 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. --- .../mozapps/profile/profileSelection.properties | 5 + toolkit/profile/nsToolkitProfileService.cpp | 57 +++++++- toolkit/profile/nsToolkitProfileService.h | 13 +- toolkit/xre/nsAppRunner.cpp | 155 ++++++++++++++++++--- 4 files changed, 207 insertions(+), 23 deletions(-) diff --git a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties index 2be092bf4c4b..922b52cb1385 100644 --- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties +++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties @@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. +# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. +profileProblemTitle=%S Profile Problem +profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. +profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. +profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: ‘%S’ - Path: ‘%S’ diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index a3e50f8c00d3..3f32bd95f9c9 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -1161,9 +1161,10 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; + ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(&argc, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, &wasDefault); + aProfile, aDidCreate, &wasDefault, profileStatus); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1196,7 +1197,8 @@ nsToolkitProfileService::SelectStartupProfile( nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { + aProfileStatus = PROFILE_STATUS_OK; if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1290,6 +1292,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); + aProfileStatus = CheckProfileWriteAccess(lf); + if (PROFILE_STATUS_OK != aProfileStatus) { + NS_ADDREF(*aRootDir = lf); + NS_ADDREF(*aLocalDir = lf); + return NS_ERROR_FAILURE; + } + // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(&exists); @@ -2079,3 +2088,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } + +// Check for write permission to the profile directory by trying to create a +// new file (after ensuring that no file with the same name exists). +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIFile* aProfileDir) { +#if defined(XP_UNIX) + NS_NAMED_LITERAL_STRING(writeTestFileName, ".parentwritetest"); +#else + NS_NAMED_LITERAL_STRING(writeTestFileName, "parent.writetest"); +#endif + + nsCOMPtr<nsIFile> writeTestFile; + nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); + if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); + + if (NS_SUCCEEDED(rv)) { + bool doesExist = false; + rv = writeTestFile->Exists(&doesExist); + if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); + } + + if (NS_SUCCEEDED(rv)) { + rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); + (void)writeTestFile->Remove(true); + } + + ProfileStatus status = + NS_SUCCEEDED(rv) ? PROFILE_STATUS_OK : PROFILE_STATUS_OTHER_ERROR; + if (NS_ERROR_FILE_ACCESS_DENIED == rv) + status = PROFILE_STATUS_ACCESS_DENIED; + else if (NS_ERROR_FILE_READ_ONLY == rv) + status = PROFILE_STATUS_READ_ONLY; + + return status; +} + +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIToolkitProfile* aProfile) { + nsCOMPtr<nsIFile> profileDir; + nsresult rv = aProfile->GetRootDir(getter_AddRefs(profileDir)); + if (NS_FAILED(rv)) return PROFILE_STATUS_OTHER_ERROR; + + return CheckProfileWriteAccess(profileDir); +} diff --git a/toolkit/profile/nsToolkitProfileService.h b/toolkit/profile/nsToolkitProfileService.h index f2a238312b95..cfb1964ee1d7 100644 --- a/toolkit/profile/nsToolkitProfileService.h +++ b/toolkit/profile/nsToolkitProfileService.h @@ -15,6 +15,14 @@ #include "nsProfileLock.h" #include "nsINIParser.h" +enum ProfileStatus { + PROFILE_STATUS_OK, + PROFILE_STATUS_ACCESS_DENIED, + PROFILE_STATUS_READ_ONLY, + PROFILE_STATUS_IS_LOCKED, + PROFILE_STATUS_OTHER_ERROR +}; + class nsToolkitProfile final : public nsIToolkitProfile, public mozilla::LinkedListElement<RefPtr<nsToolkitProfile>> { @@ -79,10 +87,13 @@ class nsToolkitProfileService final : public nsIToolkitProfileService { nsresult SelectStartupProfile(int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection); + bool* aWasDefaultSelection, + ProfileStatus& aProfileStatus); nsresult CreateResetProfile(nsIToolkitProfile** aNewProfile); nsresult ApplyResetProfile(nsIToolkitProfile* aOldProfile); void CompleteStartup(); + static ProfileStatus CheckProfileWriteAccess(nsIToolkitProfile* aProfile); + static ProfileStatus CheckProfileWriteAccess(nsIFile* aProfileDir); private: friend class nsToolkitProfile; diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index e3e7f785ada9..8de43a8c4cfc 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1731,6 +1731,91 @@ nsresult LaunchChild(bool aBlankCommandLine) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } +static nsresult GetOverrideStringBundleForLocale(nsIStringBundleService* aSBS, + const char* aTorbuttonURI, + const char* aLocale, + nsIStringBundle** aResult) { + NS_ENSURE_ARG(aSBS); + NS_ENSURE_ARG(aTorbuttonURI); + NS_ENSURE_ARG(aLocale); + NS_ENSURE_ARG(aResult); + + const char* kFormatStr = + "jar:%s!/chrome/torbutton/locale/%s/torbutton.properties"; + nsPrintfCString strBundleURL(kFormatStr, aTorbuttonURI, aLocale); + nsresult rv = aSBS->CreateBundle(strBundleURL.get(), aResult); + NS_ENSURE_SUCCESS(rv, rv); + + // To ensure that we have a valid string bundle, try to retrieve a string + // that we know exists. + nsAutoString val; + rv = (*aResult)->GetStringFromName("profileProblemTitle", val); + if (!NS_SUCCEEDED(rv)) *aResult = nullptr; // No good. Discard it. + + return rv; +} + +static void GetOverrideStringBundle(nsIStringBundleService* aSBS, + nsIStringBundle** aResult) { + if (!aSBS || !aResult) return; + + *aResult = nullptr; + + // Build Torbutton file URI string by starting from GREDir. + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return; + + nsCOMPtr<nsIFile> greDir = dirProvider->GetGREDir(); + if (!greDir) return; + + // Create file URI, extract as string, and append omni.ja relative path. + nsCOMPtr<nsIURI> uri; + nsAutoCString uriString; + if (NS_FAILED(NS_NewFileURI(getter_AddRefs(uri), greDir)) || + NS_FAILED(uri->GetSpec(uriString))) { + return; + } + + uriString.Append("omni.ja"); + + nsAutoCString userAgentLocale; + if (!NS_SUCCEEDED( + Preferences::GetCString("intl.locale.requested", userAgentLocale))) { + return; + } + + nsresult rv = GetOverrideStringBundleForLocale( + aSBS, uriString.get(), userAgentLocale.get(), aResult); + if (NS_FAILED(rv)) { + // Try again using base locale, e.g., "en" vs. "en-US". + int16_t offset = userAgentLocale.FindChar('-', 1); + if (offset > 0) { + nsAutoCString shortLocale(Substring(userAgentLocale, 0, offset)); + rv = GetOverrideStringBundleForLocale(aSBS, uriString.get(), + shortLocale.get(), aResult); + } + } +} + +static nsresult GetFormattedString(nsIStringBundle* aOverrideBundle, + nsIStringBundle* aMainBundle, + const char* aName, + const nsTArray<nsString>& aParams, + nsAString& aResult) { + NS_ENSURE_ARG(aName); + + nsresult rv = NS_ERROR_FAILURE; + if (aOverrideBundle) { + rv = aOverrideBundle->FormatStringFromName(aName, aParams, aResult); + } + + // If string was not found in override bundle, use main (browser) bundle. + if (NS_FAILED(rv) && aMainBundle) + rv = aMainBundle->FormatStringFromName(aName, aParams, aResult); + + return rv; +} + static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -1779,7 +1864,7 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 2> params = {appName, appName}; // profileMissing @@ -1801,11 +1886,12 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } -static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, - nsIFile* aProfileLocalDir, - nsIProfileUnlocker* aUnlocker, - nsINativeAppSupport* aNative, - nsIProfileLock** aResult) { +static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, + nsIFile* aProfileLocalDir, + ProfileStatus aStatus, + nsIProfileUnlocker* aUnlocker, + nsINativeAppSupport* aNative, + nsIProfileLock** aResult) { nsresult rv; bool exists; @@ -1833,24 +1919,39 @@ static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + nsCOMPtr<nsIStringBundle> overrideSB; + GetOverrideStringBundle(sbs, getter_AddRefs(overrideSB)); + + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 3> params = {appName, appName, appName}; nsAutoString killMessage; #ifndef XP_MACOSX - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlocker" : "restartMessageNoUnlocker2", - params, killMessage); + static const char kRestartUnlocker[] = "restartMessageUnlocker"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlocker2"; + static const char kReadOnly[] = "profileReadOnly"; #else - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlockerMac" : "restartMessageNoUnlockerMac", - params, killMessage); + static const char kRestartUnlocker[] = "restartMessageUnlockerMac"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlockerMac"; + static const char kReadOnly[] = "profileReadOnlyMac"; #endif + static const char kAccessDenied[] = "profileAccessDenied"; + + const char* errorKey = aUnlocker ? kRestartUnlocker : kRestartNoUnlocker; + if (PROFILE_STATUS_READ_ONLY == aStatus) + errorKey = kReadOnly; + else if (PROFILE_STATUS_ACCESS_DENIED == aStatus) + errorKey = kAccessDenied; + rv = GetFormattedString(overrideSB, sb, errorKey, params, killMessage); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); + const char* titleKey = ((PROFILE_STATUS_READ_ONLY == aStatus) || + (PROFILE_STATUS_ACCESS_DENIED == aStatus)) + ? "profileProblemTitle" + : "restartTitle"; params.SetLength(1); nsAutoString killTitle; - rv = sb->FormatStringFromName("restartTitle", params, killTitle); + rv = sb->FormatStringFromName(titleKey, params, killTitle); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); if (gfxPlatform::IsHeadless()) { @@ -2008,6 +2109,13 @@ static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, nsIFile* aLocalDir, nsIToolkitProfile* aProfile, nsIProfileLock** aResult) { + ProfileStatus status = + (aProfile ? nsToolkitProfileService::CheckProfileWriteAccess(aProfile) + : nsToolkitProfileService::CheckProfileWriteAccess(aRootDir)); + if (PROFILE_STATUS_OK != status) + return ProfileErrorDialog(aRootDir, aLocalDir, status, nullptr, aNative, + aResult); + // If you close Firefox and very quickly reopen it, the old Firefox may // still be closing down. Rather than immediately showing the // "Firefox is running but is not responding" message, we spend a few @@ -2034,7 +2142,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, } while (TimeStamp::Now() - start < TimeDuration::FromSeconds(kLockRetrySeconds)); - return ProfileLockedDialog(aRootDir, aLocalDir, unlocker, aNative, aResult); + return ProfileErrorDialog(aRootDir, aLocalDir, PROFILE_STATUS_IS_LOCKED, + unlocker, aNative, aResult); } // Pick a profile. We need to end up with a profile root dir, local dir and @@ -2049,7 +2158,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, nsINativeAppSupport* aNative, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, + nsIProfileLock** aResult) { StartupTimeline::Record(StartupTimeline::SELECT_PROFILE); nsresult rv; @@ -2095,9 +2205,14 @@ static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, // Ask the profile manager to select the profile directories to use. bool didCreate = false; - rv = aProfileSvc->SelectStartupProfile(&gArgc, gArgv, gDoProfileReset, - aRootDir, aLocalDir, aProfile, - &didCreate, aWasDefaultSelection); + ProfileStatus profileStatus = PROFILE_STATUS_OK; + rv = aProfileSvc->SelectStartupProfile( + &gArgc, gArgv, gDoProfileReset, aRootDir, aLocalDir, aProfile, &didCreate, + aWasDefaultSelection, profileStatus); + if (PROFILE_STATUS_OK != profileStatus) { + return ProfileErrorDialog(*aRootDir, *aLocalDir, profileStatus, nullptr, + aNative, aResult); + } if (rv == NS_ERROR_SHOW_PROFILE_MANAGER) { return ShowProfileManager(aProfileSvc, aNative); @@ -3927,7 +4042,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { nsCOMPtr<nsIToolkitProfile> profile; rv = SelectProfile(mProfileSvc, mNativeApp, getter_AddRefs(mProfD), getter_AddRefs(mProfLD), getter_AddRefs(profile), - &wasDefaultSelection); + &wasDefaultSelection, getter_AddRefs(mProfileLock)); if (rv == NS_ERROR_LAUNCHED_CHILD_PROCESS || rv == NS_ERROR_ABORT) { *aExitFlag = true; return 0;

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 2d9a0ab354a7ab302df6933f91880af6b7b3967a Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 18 15:20:06 2013 -0400 Bug 9173: Change the default Firefox profile directory to be TBB-relative. This should eliminate our need to rely on a wrapper script that sets /Users/arthur and launches Firefox with -profile. --- toolkit/profile/nsToolkitProfileService.cpp | 5 +- toolkit/xre/nsAppRunner.cpp | 2 +- toolkit/xre/nsConsoleWriter.cpp | 2 +- toolkit/xre/nsXREDirProvider.cpp | 150 ++++++---------------------- toolkit/xre/nsXREDirProvider.h | 16 +-- xpcom/io/nsAppFileLocationProvider.cpp | 97 +++++++----------- 6 files changed, 84 insertions(+), 188 deletions(-) diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index dc4811313b5e..a3e50f8c00d3 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() { NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!"); nsresult rv; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData)); NS_ENSURE_SUCCESS(rv, rv); - rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData)); + rv = + gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData)); NS_ENSURE_SUCCESS(rv, rv); rv = mAppData->Clone(getter_AddRefs(mProfileDBFile)); diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8b5bce27cdc4..e3e7f785ada9 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3182,7 +3182,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) && NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) { nsCOMPtr<nsIFile> file; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file)); + rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file)); if (NS_SUCCEEDED(rv)) { CrashReporter::SetUserAppDataDirectory(file); } diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp index 0a2c0c342893..46735a293a00 100644 --- a/toolkit/xre/nsConsoleWriter.cpp +++ b/toolkit/xre/nsConsoleWriter.cpp @@ -29,7 +29,7 @@ void WriteConsoleLog() { } else { if (!gLogConsoleErrors) return; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile)); if (NS_FAILED(rv)) return; lfile->AppendNative(NS_LITERAL_CSTRING("console.log")); diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 7641ef683c39..f80cb2827349 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -32,6 +32,7 @@ #include "nsArrayEnumerator.h" #include "nsEnumeratorUtils.h" #include "nsReadableUtils.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #include "SpecialSystemDirectory.h" @@ -249,9 +250,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -267,9 +265,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -1403,7 +1398,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile, nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal) { // Copied from nsAppFileLocationProvider (more or less) - nsresult rv; + NS_ENSURE_ARG_POINTER(aFile); nsCOMPtr<nsIFile> localDir; if (aLocal && gDataDirHomeLocal) { @@ -1413,81 +1408,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } -#if defined(XP_MACOSX) - FSRef fsRef; - OSType folderType; - if (aLocal) { - folderType = kCachedDataFolderType; - } else { -# ifdef MOZ_THUNDERBIRD - folderType = kDomainLibraryFolderType; -# else - folderType = kApplicationSupportFolderType; -# endif - } - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); - - rv = NS_NewNativeLocalFile(EmptyCString(), true, getter_AddRefs(localDir)); + nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(localDir); - NS_ENSURE_TRUE(dirFileMac, NS_ERROR_UNEXPECTED); - - rv = dirFileMac->InitWithFSRef(&fsRef); - NS_ENSURE_SUCCESS(rv, rv); + int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); - localDir = dirFileMac; -#elif defined(XP_IOS) - nsAutoCString userDir; - if (GetUIKitDirectory(aLocal, userDir)) { - rv = NS_NewNativeLocalFile(userDir, true, getter_AddRefs(localDir)); - } else { - rv = NS_ERROR_FAILURE; - } - NS_ENSURE_SUCCESS(rv, rv); -#elif defined(XP_WIN) - nsString path; - if (aLocal) { - rv = GetShellFolderPath(FOLDERID_LocalAppData, path); - if (NS_FAILED(rv)) rv = GetRegWindowsAppDataFolder(aLocal, path); - } - if (!aLocal || NS_FAILED(rv)) { - rv = GetShellFolderPath(FOLDERID_RoamingAppData, path); - if (NS_FAILED(rv)) { - if (!aLocal) rv = GetRegWindowsAppDataFolder(aLocal, path); - } + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + if (didRemove) --levelsToRemove; } - NS_ENSURE_SUCCESS(rv, rv); - rv = NS_NewLocalFile(path, true, getter_AddRefs(localDir)); -#elif defined(XP_UNIX) - const char* homeDir = getenv("HOME"); - if (!homeDir || !*homeDir) return NS_ERROR_FAILURE; + if (!localDir) return NS_ERROR_FAILURE; -# ifdef ANDROID /* We want (ProfD == ProfLD) on Android. */ - aLocal = false; -# endif + rv = localDir->AppendRelativeNativePath( + NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_ENSURE_SUCCESS(rv, rv); if (aLocal) { - // If $XDG_CACHE_HOME is defined use it, otherwise use $HOME/.cache. - const char* cacheHome = getenv("XDG_CACHE_HOME"); - if (cacheHome && *cacheHome) { - rv = NS_NewNativeLocalFile(nsDependentCString(cacheHome), true, - getter_AddRefs(localDir)); - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); - if (NS_SUCCEEDED(rv)) - rv = localDir->AppendNative(NS_LITERAL_CSTRING(".cache")); - } - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); + NS_ENSURE_SUCCESS(rv, rv); } -#else -# error "Don't know how to get product dir on your platform" -#endif NS_IF_ADDREF(*aFile = localDir); return rv; @@ -1670,39 +1623,23 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { } nsAutoCString profile; - nsAutoCString appName; - nsAutoCString vendor; if (gAppData->profile) { profile = gAppData->profile; - } else { - appName = gAppData->name; - vendor = gAppData->vendor; } - nsresult rv = NS_OK; + nsresult rv = NS_ERROR_FAILURE; #if defined(XP_MACOSX) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - // Note that MacOS ignores the vendor when creating the profile hierarchy - - // all application preferences directories live alongside one another in - // ~/Library/Application Support/ - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_WIN) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - if (!vendor.IsEmpty()) { - rv = aFile->AppendNative(vendor); - NS_ENSURE_SUCCESS(rv, rv); - } - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(ANDROID) // The directory used for storing profiles @@ -1712,11 +1649,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { rv = aFile->AppendNative(nsDependentCString("mozilla")); NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_UNIX) - nsAutoCString folder; - // Make it hidden (by starting with "."), except when local (the - // profile is already under ~/.cache or XDG_CACHE_HOME). - if (!aLocal) folder.Assign('.'); - if (!profile.IsEmpty()) { // Skip any leading path characters const char* profileStart = profile.get(); @@ -1724,32 +1656,16 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { // On the off chance that someone wanted their folder to be hidden don't // let it become ".." - if (*profileStart == '.' && !aLocal) profileStart++; + if (*profileStart == '.') profileStart++; + // Make it hidden (by starting with "."). + nsAutoCString folder("."); folder.Append(profileStart); ToLowerCase(folder); rv = AppendProfileString(aFile, folder.BeginReading()); - } else { - if (!vendor.IsEmpty()) { - folder.Append(vendor); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - NS_ENSURE_SUCCESS(rv, rv); - - folder.Truncate(); - } - - // This can be the case in tests. - if (!appName.IsEmpty()) { - folder.Append(appName); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - } + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #else # error "Don't know how to get profile path on your platform" diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index e55b4e153c56..b9678d4ec577 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -63,15 +63,19 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, void DoShutdown(); - static nsresult GetUserAppDataDirectory(nsIFile** aFile) { + nsresult GetUserAppDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, false); } - static nsresult GetUserLocalDataDirectory(nsIFile** aFile) { + nsresult GetUserLocalDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, true); } // GetUserDataDirectory gets the profile path from gAppData. - static nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); + + // This function now calls GetAppDir(), so it cannot be static anymore. + // The same happens with all the functions (in)directly calling this one (the + // rest of Get*Directory functions in this file) + nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); /* make sure you clone it, if you need to do stuff to it */ nsIFile* GetGREDir() { return mGREDir; } @@ -112,9 +116,9 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); - static nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); - static nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); - static nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); + nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); + nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); + nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); #if defined(XP_UNIX) || defined(XP_MACOSX) static nsresult GetSystemExtensionsDirectory(nsIFile** aFile); #endif diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index 915e8bc7361e..81551a8e3893 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -15,6 +15,7 @@ #include "nsSimpleEnumerator.h" #include "prenv.h" #include "nsCRT.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #if defined(MOZ_WIDGET_COCOA) # include <Carbon/Carbon.h> # include "nsILocalFileMac.h" @@ -233,9 +234,8 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla -// Mac : :Documents:Mozilla: +// UNIX and WIN : <App Folder>/TorBrowser/Data/Browser +// Mac : <App Folder>/../../TorBrowser/Data/Browser //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -247,49 +247,45 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool exists; nsCOMPtr<nsIFile> localDir; -#if defined(MOZ_WIDGET_COCOA) - FSRef fsRef; - OSType folderType = - aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType; - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - if (err) { - return NS_ERROR_FAILURE; + rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + NS_ENSURE_SUCCESS(rv, rv); + + int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + + if (didRemove) { + --levelsToRemove; + } } - NS_NewLocalFile(EmptyString(), true, getter_AddRefs(localDir)); + if (!localDir) { return NS_ERROR_FAILURE; } - nsCOMPtr<nsILocalFileMac> localDirMac(do_QueryInterface(localDir)); - rv = localDirMac->InitWithFSRef(&fsRef); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_WIN) - nsCOMPtr<nsIProperties> directoryService = - do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv); - if (NS_FAILED(rv)) { - return rv; - } - const char* prop = aLocal ? NS_WIN_LOCAL_APPDATA_DIR : NS_WIN_APPDATA_DIR; - rv = directoryService->Get(prop, NS_GET_IID(nsIFile), - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_UNIX) - rv = NS_NewNativeLocalFile(nsDependentCString(PR_GetEnv("HOME")), true, - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#else -# error dont_know_how_to_get_product_dir_on_your_platform -#endif - rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR); - if (NS_FAILED(rv)) { - return rv; + rv = localDir->AppendRelativeNativePath( + NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_ENSURE_SUCCESS(rv, rv); + + if (aLocal) { + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); + NS_ENSURE_SUCCESS(rv, rv); } + rv = localDir->Exists(&exists); if (NS_SUCCEEDED(rv) && !exists) { @@ -308,10 +304,6 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, //---------------------------------------------------------------------------------------- // GetDefaultUserProfileRoot - Gets the directory which contains each user // profile dir -// -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla\Profiles -// Mac : :Documents:Mozilla:Profiles: //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( nsIFile** aLocalFile, bool aLocal) { @@ -327,23 +319,6 @@ nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( return rv; } -#if defined(MOZ_WIDGET_COCOA) || defined(XP_WIN) - // These 3 platforms share this part of the path - do them as one - rv = localDir->AppendRelativeNativePath(NS_LITERAL_CSTRING("Profiles")); - if (NS_FAILED(rv)) { - return rv; - } - - bool exists; - rv = localDir->Exists(&exists); - if (NS_SUCCEEDED(rv) && !exists) { - rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0775); - } - if (NS_FAILED(rv)) { - return rv; - } -#endif - localDir.forget(aLocalFile); return rv;

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 16439: Remove screencasting code
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 001d2eb8ff3aeb257db8b4e7ced7cc86b8601e10 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index f000f35c126f..e1f1eb5759c5 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -260,10 +260,11 @@ if 'Android' != CONFIG['OS_TARGET']: ] else: DEFINES['ANDROID'] = True - EXTRA_JS_MODULES += [ - 'secondscreen/RokuApp.jsm', - 'secondscreen/SimpleServiceDiscovery.jsm', - ] + if not CONFIG['TOR_BROWSER_VERSION']: + EXTRA_JS_MODULES += [ + 'secondscreen/RokuApp.jsm', + 'secondscreen/SimpleServiceDiscovery.jsm', + ] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 13028: Prevent potential proxy bypass cases.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 915120d3ed61ad524f531593345fe933cfc971d2 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Mon Sep 29 14:30:19 2014 -0700 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. --- security/nss/lib/certhigh/ocsp.c | 8 ++++++++ .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index cea8456606bf..86fa971cfbef 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port) PRNetAddr addr; char *netdbbuf = NULL; + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host, + port); + goto loser; +#endif + sock = PR_NewTCPSocket(); if (sock == NULL) goto loser; diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index e8698376b5be..85791d84a932 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create( plContext), PKIX_COULDNOTCREATESOCKETOBJECT); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct socket connect\n"); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + socket->isServer = isServer; socket->timeout = timeout; socket->clientSock = NULL; @@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName( localCopyName = PL_strdup(serverName); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort"); PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, + portnum); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 00ffe0da267ef82dda172d57ee2e4c19f79ada57 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Wed Aug 27 15:19:10 2014 -0700 Bug 12974: Disable NTLM and Negotiate HTTP Auth This is technically an embargoed Mozilla bug, so I probably shouldn't provide too many details. Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt very many (or any of them) actually need it. The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421 --- extensions/auth/nsHttpNegotiateAuth.cpp | 4 ++++ netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++ 2 files changed, 7 insertions(+) diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 99720475b9dd..1c08fcf3da7e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -152,6 +152,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel, nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState; *identityInvalid = false; + + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + if (rawModule) { return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 0a30de051014..891aaadfd758 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel, *identityInvalid = false; + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them.

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 13252: Do not store data in the app bundle
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 34e635164586706dc194951d925f539c7ee6091f Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Mar 18 14:20:02 2016 -0400 Bug 13252: Do not store data in the app bundle When --enable-tor-browser-data-outside-app-dir is enabled, all user data is stored in a directory named TorBrowser-Data which is located next to the application directory. Display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. On Mac OS, add support for the --invisible command line option which is used by the meek-http-helper to avoid showing an icon for the helper browser on the dock. --- toolkit/xre/nsAppRunner.cpp | 76 +++++++++++++++--- toolkit/xre/nsXREDirProvider.cpp | 43 +++++----- toolkit/xre/nsXREDirProvider.h | 6 ++ xpcom/io/TorFileUtils.cpp | 142 +++++++++++++++++++++++++++++++++ xpcom/io/TorFileUtils.h | 33 ++++++++ xpcom/io/moz.build | 5 ++ xpcom/io/nsAppFileLocationProvider.cpp | 53 +++++------- 7 files changed, 290 insertions(+), 68 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8de43a8c4cfc..9854332f6917 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1886,6 +1886,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } +// If aUnlocker is NULL, it is also OK for the following arguments to be NULL: +// aProfileDir, aProfileLocalDir, aResult. static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIFile* aProfileLocalDir, ProfileStatus aStatus, @@ -1894,17 +1896,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIProfileLock** aResult) { nsresult rv; - bool exists; - aProfileDir->Exists(&exists); - if (!exists) { - return ProfileMissingDialog(aNative); + if (aProfileDir) { + bool exists; + aProfileDir->Exists(&exists); + if (!exists) { + return ProfileMissingDialog(aNative); + } } ScopedXPCOMStartup xpcom; rv = xpcom.Initialize(); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); + if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); rv = xpcom.SetWindowCreator(aNative); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); @@ -1994,7 +1998,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, } } else { #ifdef MOZ_WIDGET_ANDROID - if (java::GeckoAppShell::UnlockProfile()) { + if (aProfileDir && aProfileLocalDir && aResult && + java::GeckoAppShell::UnlockProfile()) { return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr, aResult); } @@ -2102,6 +2107,23 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false); } +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) { + // Check whether we can write to the directory that will contain + // TorBrowser-Data. + nsCOMPtr<nsIFile> tbDataDir; + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR; + nsresult rv = + dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + nsCOMPtr<nsIFile> tbDataDirParent; + rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); +} +#endif + static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; @@ -3178,6 +3200,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK(); #endif +#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND); + if (hideDockIcon) { + ProcessSerialNumber psn = {0, kCurrentProcess}; + TransformProcessType(&psn, kProcessTransformToBackgroundApplication); + } +#endif + IncreaseDescriptorLimits(); #ifdef USE_GLX_TEST @@ -4026,7 +4056,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { return 0; } +#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \ + defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + nsCOMPtr<nsIFile> exeFile, exeDir; + bool persistent; + rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, 1); + rv = exeFile->GetParent(getter_AddRefs(exeDir)); + NS_ENSURE_SUCCESS(rv, 1); +#endif + rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc)); +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + if (NS_FAILED(rv)) { + // NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error + // if creation of the TorBrowser-Data directory fails due to access denied + // or because of a read-only disk volume. Do an extra check here to detect + // these errors so we can display an informative error message. + ProfileStatus status = CheckTorBrowserDataWriteAccess(exeDir); + if ((PROFILE_STATUS_ACCESS_DENIED == status) || + (PROFILE_STATUS_READ_ONLY == status)) { + ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp, + nullptr); + return 1; + } + } + #endif + if (rv == NS_ERROR_FILE_ACCESS_DENIED) { PR_fprintf(PR_STDERR, "Error: Access was denied while trying to open files in " @@ -4095,7 +4152,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { #if defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID) // Check for and process any available updates nsCOMPtr<nsIFile> updRoot; - bool persistent; rv = mDirProvider.GetFile(XRE_UPDATE_ROOT_DIR, &persistent, getter_AddRefs(updRoot)); // XRE_UPDATE_ROOT_DIR may fail. Fallback to appDir if failed @@ -4131,12 +4187,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { if (CheckArg("test-process-updates")) { SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1"); } - nsCOMPtr<nsIFile> exeFile, exeDir; - rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, - getter_AddRefs(exeFile)); - NS_ENSURE_SUCCESS(rv, 1); - rv = exeFile->GetParent(getter_AddRefs(exeDir)); - NS_ENSURE_SUCCESS(rv, 1); ProcessUpdates(mDirProvider.GetGREDir(), exeDir, updRoot, gRestartArgc, gRestartArgv, mAppData->version); if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) { diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index f80cb2827349..335a340ea3e9 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -51,6 +51,8 @@ # include "nsIPK11Token.h" #endif +#include "TorFileUtils.h" + #include <stdlib.h> #ifdef XP_WIN @@ -1408,34 +1410,18 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } - nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); + nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - if (didRemove) --levelsToRemove; - } - - if (!localDir) return NS_ERROR_FAILURE; - +#if !defined(ANDROID) +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser")); +#else rv = localDir->AppendRelativeNativePath( - NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); +#endif NS_ENSURE_SUCCESS(rv, rv); +#endif if (aLocal) { rv = localDir->AppendNative(NS_LITERAL_CSTRING("Caches")); @@ -1541,6 +1527,15 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) { return NS_OK; } +nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) { + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> exeFile; + bool per = false; + nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + return TorBrowser_GetUserDataDir(exeFile, aFile); +} + nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) { nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700); diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index b9678d4ec577..2aa2face5974 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -113,6 +113,12 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, */ nsresult GetProfileDir(nsIFile** aResult); + /** + * Get the TorBrowser user data directory by calling the + * TorBrowser_GetUserDataDir() utility function. + */ + nsresult GetTorBrowserUserDataDir(nsIFile** aFile); + protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); diff --git a/xpcom/io/TorFileUtils.cpp b/xpcom/io/TorFileUtils.cpp new file mode 100644 index 000000000000..bddf8d7bbd95 --- /dev/null +++ b/xpcom/io/TorFileUtils.cpp @@ -0,0 +1,142 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "TorFileUtils.h" +#include "nsString.h" +#ifdef MOZ_WIDGET_COCOA +#include <Carbon/Carbon.h> +#include "nsILocalFileMac.h" +#endif + +static nsresult GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile); + +//----------------------------------------------------------------------------- +nsresult +TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile) +{ + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> tbDataDir; + +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + nsAutoCString tbDataLeafName(NS_LITERAL_CSTRING("TorBrowser-Data")); + nsCOMPtr<nsIFile> appRootDir; + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(appRootDir)); + NS_ENSURE_SUCCESS(rv, rv); +#ifndef XP_MACOSX + // On all platforms except Mac OS, we always operate in a "portable" mode + // where the TorBrowser-Data directory is located next to the application. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); +#else + // For Mac OS, determine whether we should store user data in the OS's + // standard location (i.e., under ~/Library/Application Support). We use + // the OS location if (1) the application is installed in a directory whose + // path contains "/Applications" or (2) the TorBrowser-Data directory does + // not exist and cannot be created (which probably means we lack write + // permission to the directory that contains the application). + nsAutoString appRootPath; + rv = appRootDir->GetPath(appRootPath); + NS_ENSURE_SUCCESS(rv, rv); + bool useOSLocation = (appRootPath.Find("/Applications", + true /* ignore case */) >= 0); + if (!useOSLocation) { + // We hope to use the portable (aka side-by-side) approach, but before we + // commit to that, let's ensure that we can create the TorBrowser-Data + // directory. If it already exists, we will try to use it; if not and we + // fail to create it, we will switch to ~/Library/Application Support. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + bool exists = false; + rv = tbDataDir->Exists(&exists); + if (NS_SUCCEEDED(rv) && !exists) + rv = tbDataDir->Create(nsIFile::DIRECTORY_TYPE, 0700); + useOSLocation = NS_FAILED(rv); + } + + if (useOSLocation) { + // We are using ~/Library/Application Support/TorBrowser-Data. We do not + // need to create that directory here because the code in nsXREDirProvider + // will do so (and the user should always have write permission for + // ~/Library/Application Support; if they do not we have no more options). + FSRef fsRef; + OSErr err = ::FSFindFolder(kUserDomain, kApplicationSupportFolderType, + kCreateFolder, &fsRef); + NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); + // To convert the FSRef returned by FSFindFolder() into an nsIFile that + // points to ~/Library/Application Support, we first create an empty + // nsIFile object (no path) and then use InitWithFSRef() to set the + // path. + rv = NS_NewNativeLocalFile(EmptyCString(), true, + getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(tbDataDir); + if (!dirFileMac) + return NS_ERROR_UNEXPECTED; + rv = dirFileMac->InitWithFSRef(&fsRef); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + } +#endif + +#elif defined(ANDROID) + // Tor Browser Android stores data in the app home directory. + const char* homeDir = getenv("HOME"); + if (!homeDir || !*homeDir) + return NS_ERROR_FAILURE; + nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, + getter_AddRefs(tbDataDir)); +#else + // User data is embedded within the application directory (i.e., + // TOR_BROWSER_DATA_OUTSIDE_APP_DIR is not defined). + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(NS_LITERAL_CSTRING("TorBrowser")); + NS_ENSURE_SUCCESS(rv, rv); +#endif + + tbDataDir.forget(aFile); + return NS_OK; +} + +static nsresult +GetAppRootDir(nsIFile *aExeFile, nsIFile** aFile) +{ + NS_ENSURE_ARG_POINTER(aExeFile); + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> appRootDir = aExeFile; + + int levelsToRemove = 1; // Remove firefox (the executable file). +#if defined(XP_MACOSX) + levelsToRemove += 2; // On Mac OS, we must also remove Contents/MacOS. +#endif + while (appRootDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + nsresult rv = appRootDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = appRootDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + appRootDir = parentDir; + + if (didRemove) + --levelsToRemove; + } + + if (!appRootDir) + return NS_ERROR_FAILURE; + + appRootDir.forget(aFile); + return NS_OK; +} diff --git a/xpcom/io/TorFileUtils.h b/xpcom/io/TorFileUtils.h new file mode 100644 index 000000000000..d5e86abf9685 --- /dev/null +++ b/xpcom/io/TorFileUtils.h @@ -0,0 +1,33 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef TorFileUtils_h__ +#define TorFileUtils_h__ + +#include "nsIFile.h" + +/** + * TorBrowser_GetUserDataDir + * + * Retrieve the Tor Browser user data directory. + * When built with --enable-tor-browser-data-outside-app-dir, the directory + * is next to the application directory, except on Mac OS where it may be + * there or it may be at ~/Library/Application Support/TorBrowser-Data (the + * latter location is used if the .app bundle is in a directory whose path + * contains /Applications or if we lack write access to the directory that + * contains the .app). + * When built without --enable-tor-browser-data-outside-app-dir, this + * directory is TorBrowser.app/TorBrowser. + * + * @param aExeFile The firefox executable. + * @param aFile Out parameter that is set to the Tor Browser user data + * directory. + * @return NS_OK on success. Error otherwise. + */ +extern nsresult +TorBrowser_GetUserDataDir(nsIFile *aExeFile, nsIFile** aFile); + +#endif // !TorFileUtils_h__ diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build index a165b491bc56..b0eb74f4c56d 100644 --- a/xpcom/io/moz.build +++ b/xpcom/io/moz.build @@ -86,6 +86,7 @@ EXPORTS += [ 'nsUnicharInputStream.h', 'nsWildCard.h', 'SpecialSystemDirectory.h', + 'TorFileUtils.h', ] EXPORTS.mozilla += [ @@ -135,6 +136,10 @@ UNIFIED_SOURCES += [ 'SpecialSystemDirectory.cpp', ] +SOURCES += [ + 'TorFileUtils.cpp', +] + if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': SOURCES += [ 'CocoaFileUtils.mm', diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index 81551a8e3893..9f95e5cbec2d 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -28,6 +28,8 @@ # include <sys/param.h> #endif +#include "TorFileUtils.h" + // WARNING: These hard coded names need to go away. They need to // come from localizable resources @@ -234,8 +236,14 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +// UNIX and WIN : <App Folder>/../TorBrowser-Data/Browser +// Mac : <App Folder>/../../../TorBrowser-Data/Browser OR +// ~/Library/Application Support/TorBrowser-Data/Browser +#else // UNIX and WIN : <App Folder>/TorBrowser/Data/Browser // Mac : <App Folder>/../../TorBrowser/Data/Browser +#endif //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -243,42 +251,25 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, return NS_ERROR_INVALID_ARG; } - nsresult rv; + nsresult rv = NS_ERROR_UNEXPECTED; bool exists; - nsCOMPtr<nsIFile> localDir; + nsCOMPtr<nsIFile> localDir, exeFile; - rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + nsCOMPtr<nsIProperties> directoryService( + do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv)); + NS_ENSURE_SUCCESS(rv, rv); + rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile), + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + rv = TorBrowser_GetUserDataDir(exeFile, getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - - if (didRemove) { - --levelsToRemove; - } - } - - if (!localDir) { - return NS_ERROR_FAILURE; - } - +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative(NS_LITERAL_CSTRING("Browser")); +#else rv = localDir->AppendRelativeNativePath( - NS_LITERAL_CSTRING("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); + NS_LITERAL_CSTRING("Data" XPCOM_FILE_PATH_SEPARATOR "Browser")); +#endif NS_ENSURE_SUCCESS(rv, rv); if (aLocal) {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit f8bee75b83364df61226c6ac97628df24a4f450a Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Apr 21 10:40:26 2016 -0400 Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp Instead of using the local computer's IP address within symlink-based profile lock signatures, always use 127.0.0.1. --- toolkit/profile/nsProfileLock.cpp | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp index 25c4f5a79e56..1942815e3446 100644 --- a/toolkit/profile/nsProfileLock.cpp +++ b/toolkit/profile/nsProfileLock.cpp @@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile, if (!mReplacedLockTime) aLockFile->GetLastModifiedTimeOfLink(&mReplacedLockTime); + // For Tor Browser, avoid a DNS lookup here so the Tor network is not + // bypassed. Instead, always use 127.0.0.1 for the IP address portion + // of the lock signature, which may cause the browser to refuse to + // start in the rare event that all of the following conditions are met: + // 1. The browser profile is on a network file system. + // 2. The file system does not support fcntl() locking. + // 3. Tor Browser is run from two different computers at the same time. + struct in_addr inaddr; inaddr.s_addr = htonl(INADDR_LOOPBACK); - char hostname[256]; - PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname); - if (status == PR_SUCCESS) { - char netdbbuf[PR_NETDB_BUF_SIZE]; - PRHostEnt hostent; - status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, &hostent); - if (status == PR_SUCCESS) memcpy(&inaddr, hostent.h_addr, sizeof inaddr); - } - mozilla::SmprintfPointer signature = mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr), aHaveFcntlLock ? "+" : "", (unsigned long)getpid());

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 18821: Disable libmdns for Android and Desktop
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 6b9ba804da7cad956c77e720b79d719db2f8d6ac Author: Georg Koppen <gk(a)torproject.org> Date: Wed Apr 20 14:34:50 2016 +0000 Bug 18821: Disable libmdns for Android and Desktop There should be no need to remove the OS X support introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this is governed by a preference (which is actually set to `false`). However, we remove it at build time as well (defense in depth). This is basically a backout of the relevant passages of https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d, https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd. Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses) as well. --- dom/presentation/provider/components.conf | 10 ---------- dom/presentation/provider/moz.build | 1 - netwerk/dns/mdns/libmdns/components.conf | 15 --------------- netwerk/dns/mdns/libmdns/moz.build | 28 ---------------------------- 4 files changed, 54 deletions(-) diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf index 04cb28ec757e..56994ed7cd94 100644 --- a/dom/presentation/provider/components.conf +++ b/dom/presentation/provider/components.conf @@ -6,9 +6,6 @@ categories = {} -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'): - categories["presentation-device-provider"] = "MulticastDNSDeviceProvider" - Classes = [ { 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}', @@ -16,11 +13,4 @@ Classes = [ 'jsm': 'resource://gre/modules/PresentationControlService.jsm', 'constructor': 'PresentationControlService', }, - { - 'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}', - 'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'], - 'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider', - 'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'], - 'categories': categories, - }, ] diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build index eaea61af415a..d97b75ddbcf9 100644 --- a/dom/presentation/provider/moz.build +++ b/dom/presentation/provider/moz.build @@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [ UNIFIED_SOURCES += [ 'DeviceProviderHelpers.cpp', - 'MulticastDNSDeviceProvider.cpp', ] XPCOM_MANIFESTS += [ diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf index 6e64140c820e..1b50dbf673a4 100644 --- a/netwerk/dns/mdns/libmdns/components.conf +++ b/netwerk/dns/mdns/libmdns/components.conf @@ -5,20 +5,5 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. Classes = [ - { - 'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'], - 'type': 'mozilla::net::nsDNSServiceInfo', - 'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'], - }, ] -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa': - Classes += [ - { - 'cid': '{f9346d98-f27a-4e89-b744-493843416480}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'], - 'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm', - 'constructor': 'nsDNSServiceDiscovery', - }, - ] diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build index 05dc75eb9eda..a6fc1a8a559a 100644 --- a/netwerk/dns/mdns/libmdns/moz.build +++ b/netwerk/dns/mdns/libmdns/moz.build @@ -4,34 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': - UNIFIED_SOURCES += [ - 'MDNSResponderOperator.cpp', - 'MDNSResponderReply.cpp', - 'nsDNSServiceDiscovery.cpp', - ] - - LOCAL_INCLUDES += [ - '/netwerk/base', - ] - -else: - EXTRA_JS_MODULES += [ - 'DNSServiceDiscovery.jsm', - 'fallback/DataReader.jsm', - 'fallback/DataWriter.jsm', - 'fallback/DNSPacket.jsm', - 'fallback/DNSRecord.jsm', - 'fallback/DNSResourceRecord.jsm', - 'fallback/DNSTypes.jsm', - 'fallback/MulticastDNS.jsm', - ] - - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': - EXTRA_JS_MODULES += [ - 'MulticastDNSAndroid.jsm', - ] - UNIFIED_SOURCES += [ 'nsDNSServiceInfo.cpp', ]

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 16620: Clear window.name when no referrer sent
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 715986980add86ecb560ad003088f5ac82e97f01 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 30 14:28:13 2015 -0400 Bug 16620: Clear window.name when no referrer sent Convert JS implementation (within Torbutton) to a C++ browser patch. --- docshell/base/nsDocShell.cpp | 60 +++++++ docshell/test/mochitest/mochitest.ini | 3 + docshell/test/mochitest/test_tor_bug16620.html | 211 +++++++++++++++++++++++++ docshell/test/mochitest/tor_bug16620.html | 51 ++++++ docshell/test/mochitest/tor_bug16620_form.html | 51 ++++++ 5 files changed, 376 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d0aa79344605..22eb5c4556f6 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7476,11 +7476,71 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI)); } FirePageHideNotification(!mSavingOldViewer); + if (mIsBeingDestroyed) { // Force to stop the newly created orphaned viewer. viewer->Stop(); return NS_ERROR_DOCSHELL_DYING; } + + // Tor bug 16620: Clear window.name of top-level documents if + // there is no referrer. We make an exception for new windows, + // e.g., window.open(url, "MyName"). + bool isNewWindowTarget = false; + nsCOMPtr<nsIPropertyBag2> props(do_QueryInterface(aRequest, &rv)); + if (props) { + props->GetPropertyAsBool(NS_LITERAL_STRING("docshell.newWindowTarget"), + &isNewWindowTarget); + } + + if (!isNewWindowTarget) { + nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aOpenedChannel)); + nsCOMPtr<nsIURI> httpReferrer; + if (httpChannel) { + nsCOMPtr<nsIReferrerInfo> referrerInfo; + rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo)); + NS_ENSURE_SUCCESS(rv, rv); + if (referrerInfo) { + // We want GetComputedReferrer() instead of GetOriginalReferrer(), since + // the former takes into consideration referrer policy, protocol + // whitelisting... + httpReferrer = referrerInfo->GetComputedReferrer(); + } + } + + bool isTopFrame = mBrowsingContext->IsTop(); + +#ifdef DEBUG_WINDOW_NAME + printf("DOCSHELL %p CreateContentViewer - possibly clearing window.name:\n", + this); + printf(" current window.name: \"%s\"\n", + NS_ConvertUTF16toUTF8(mName).get()); + + nsAutoCString curSpec, loadingSpec; + if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec); + if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec); + printf(" current URI: %s\n", curSpec.get()); + printf(" loading URI: %s\n", loadingSpec.get()); + printf(" is top document: %s\n", isTopFrame ? "Yes" : "No"); + + if (!httpReferrer) { + printf(" referrer: None\n"); + } else { + nsAutoCString refSpec; + httpReferrer->GetSpec(refSpec); + printf(" referrer: %s\n", refSpec.get()); + } +#endif + + bool clearName = isTopFrame && !httpReferrer; + if (clearName) SetName(NS_LITERAL_STRING("")); + +#ifdef DEBUG_WINDOW_NAME + printf(" action taken: %s window.name\n", + clearName ? "Cleared" : "Preserved"); +#endif + } + mLoadingURI = nullptr; // Set mFiredUnloadEvent = false so that the unload handler for the diff --git a/docshell/test/mochitest/mochitest.ini b/docshell/test/mochitest/mochitest.ini index 25d3187711fe..663750b7fc8e 100644 --- a/docshell/test/mochitest/mochitest.ini +++ b/docshell/test/mochitest/mochitest.ini @@ -52,6 +52,8 @@ support-files = start_historyframe.html url1_historyframe.html url2_historyframe.html + tor_bug16620.html + tor_bug16620_form.html [test_anchor_scroll_after_document_open.html] [test_bfcache_plus_hash.html] @@ -115,6 +117,7 @@ support-files = file_bug675587.html [test_framedhistoryframes.html] support-files = file_framedhistoryframes.html [test_pushState_after_document_open.html] +[test_tor_bug16620.html] [test_windowedhistoryframes.html] [test_triggeringprincipal_location_seturi.html] [test_bug1507702.html] diff --git a/docshell/test/mochitest/test_tor_bug16620.html b/docshell/test/mochitest/test_tor_bug16620.html new file mode 100644 index 000000000000..46fff5a04711 --- /dev/null +++ b/docshell/test/mochitest/test_tor_bug16620.html @@ -0,0 +1,211 @@ +<!DOCTYPE HTML> +<html> + +<meta charset="utf-8"> +<head> + <title>Test for Tor Bug 16620 - Clear window.name when no referrer sent</title> + <script type="application/javascript" + src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/16620">Tor Bug 16620</a> +<script> +// ## Test constants +const kTestPath = "/tests/docshell/test/mochitest/"; +const kLinkFile = "tor_bug16620.html"; +const kFormFile = "tor_bug16620_form.html"; +const kBaseURL1 = "http://example.com"; +const kBaseURL1_https = "https://example.com"; +const kBaseURL2 = "http://example.net"; +const kSendReferrerPref = "network.http.sendRefererHeader"; +const kSendReferrerNever = 0; +const kSendReferrerForUserAction = 1; +const kSendReferrerAlways = 2; + +let gTests = [ + // Test #1: Same domain; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #2: Same domain; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #3: Same domain; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #4: Different top-level domains; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #5: Different top-level domains; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #6: Different top-level domains; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #7: https -> http transition. + { startURL: kBaseURL1_https, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: true }, + + // Test #8: Same domain, rel="noreferrer" on link. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerOnLink: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #9: Same domain, "no-referrer" meta tag in document. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #10: Like test #9, but reset window.name during unload. + // (similar to http://www.thomasfrank.se/sessvarsTestPage1.html) + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + resetInUnload: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #11: Data URL as destination (no referrer). + { startURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #12: Ensure that window.name is preserved when a dynamically loaded + // iframe is used to perform a form post (regression test for Tor bug 18168). + { startURL: kBaseURL1, + isFormTest: true, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, +]; + +let gCurTest = 0; +let gCurWinName, gChildWin, gDataURL; + +// ## Utility functions +function generateRandomName() +{ + // Generate a random 6 character string using 0-9 and a-z. + return ((1 + Math.random()).toString(36) + '000000').substr(2, 6); +} + +function startNextTest() { + ++gCurTest; + if (gCurTest > gTests.length) { + SimpleTest.finish(); + } else { + let curTest = gTests[gCurTest - 1]; + if ("referrerPref" in curTest) + SpecialPowers.setIntPref(kSendReferrerPref, curTest.referrerPref); + else + SpecialPowers.setIntPref(kSendReferrerPref, kSendReferrerForUserAction); + gCurWinName = generateRandomName(); + let url = curTest.startURL + kTestPath; + if (curTest.isFormTest === true) { + url += kFormFile + "?" + gCurWinName; + gChildWin = window.open(url, undefined); + } else { + url += kLinkFile + "?firstDocLoaded"; + gChildWin = window.open(url, gCurWinName); + } + } +} + +// ## Add a message event listener. +window.addEventListener("message", function(aEvent) { + if (aEvent.source !== gChildWin) + return; + +// console.log("parent received message:" + JSON.stringify(aEvent.data)); + + let proceedToNextTest = false; + let curTest = gTests[gCurTest - 1]; + let state = aEvent.data.state; + let winName = aEvent.data.winName; + if ("firstDocLoaded" == state) { + // Process response from step one of the link-based tests. + let step1Passed = (winName === gCurWinName); + if (!step1Passed) { + ok(step1Passed, "Test #" + gCurTest + + " - first document's name matches window.open parameter"); + proceedToNextTest = true; + } + + // Send an "openURL" message to the loaded document. + let url2 = (curTest.destURL) + ? curTest.destURL + kTestPath + kLinkFile + "?secondDocLoaded" + : gDataURL; + let noReferrerOnLink = (curTest.noReferrerOnLink === true); + let noReferrerInMetaTag = (curTest.noReferrerInMetaTag === true); + let resetInUnload = (curTest.resetInUnload === true); + aEvent.source.postMessage({ action: "openURL", url: url2, + noReferrerOnLink: noReferrerOnLink, + noReferrerInMetaTag: noReferrerInMetaTag, + resetInUnload: resetInUnload }, + "*"); + } else if ("secondDocLoaded" == state) { + // Process response from step two of the link-based tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - second document: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - second document: name was preserved"); + } + proceedToNextTest = true; + } else if ("formPostDone" == state) { + // Process response from the form post tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - iframe form post: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - iframe form post: name was preserved"); + } + proceedToNextTest = true; + + } + + if (proceedToNextTest) { + gChildWin.close(); + startNextTest(); + } + }, false); + + SimpleTest.waitForExplicitFinish(); + + if (SpecialPowers.getBoolPref("security.nocertdb")) { + // Mochitests don't simulate https correctly with "security.nocertdb" + // enabled. See https://bugs.torproject.org/18087 + ok(false, "Please disable the pref `security.nocertdb` before running this test."); + SimpleTest.finish(); + } else { + + // Read file contents, construct a data URL (used by some tests), and + // then start the first test. + let url = kTestPath + kLinkFile; + let xhr = new XMLHttpRequest(); + xhr.open("GET", url); + xhr.onload = function() { + gDataURL = "data:text/html;charset=utf-8," + + encodeURIComponent(this.responseText); + startNextTest(); + } + xhr.send(); + } +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620.html b/docshell/test/mochitest/tor_bug16620.html new file mode 100644 index 000000000000..26b8e406bbff --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Doc for Tor Bug 16620 Tests</title> +</head> +<body> +<a id="link" href="">secondDoc</a> + +<script> +// Extract test state from our query string, defaulting to +// "secondDocLoaded" to support use of this HTML content within +// a data URI (where query strings are not supported). +let state = (location.search.length > 0) ? location.search.substr(1) + : "secondDocLoaded"; + +// Notify the test driver. +opener.postMessage({ state: state, winName: window.name }, "*"); + +// Add a message event listener to process "openURL" actions. +window.addEventListener("message", function(aEvent) { + if (aEvent.data.action == "openURL") { + if (aEvent.data.noReferrerInMetaTag) { + let metaElem = document.createElement("meta"); + metaElem.name = "referrer"; + metaElem.content = "no-referrer"; + document.head.appendChild(metaElem); + } + + let linkElem = document.getElementById("link"); + linkElem.href = aEvent.data.url; + if (aEvent.data.noReferrerOnLink) + linkElem.rel = "noreferrer"; + + if (aEvent.data.resetInUnload) { + let tmpName = window.name; + window.addEventListener("unload", function() { + window.name = tmpName; + }, false); + } + + linkElem.click(); + } +}, false); +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620_form.html b/docshell/test/mochitest/tor_bug16620_form.html new file mode 100644 index 000000000000..279f62e63fab --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620_form.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Form-based Doc for Tor Bug 16620 Tests</title> +</head> +<body> + +<script> +document.addEventListener("DOMContentLoaded", function () { + addPostTarget(); +}, false); + + +function addPostTarget() +{ + let frameName = location.search.substr(1); + let form = document.getElementById("postform"); + let iframe = document.createElement("iframe"); + iframe.style.border = "1px solid red"; + iframe.src = "about:blank"; + form.target = iframe.name = iframe.id = frameName; + document.body.appendChild(iframe); + + let didSubmit = false; + iframe.onload = function() { + if (!didSubmit) { + didSubmit = true; + let submitButton = document.getElementById("submitButton"); + submitButton.click(); + } else { + // Form submission complete. Report iframe's name to test driver. + opener.postMessage({ state: "formPostDone", winName: iframe.name }, "*"); + } + }; +} + +</script> +<form name="postform" id="postform" + action="data:text/plain;charset=utf-8,Hello%20world" + method="POST" enctype="multipart/form-data"> + <input type="hidden" name="field1" value="value1"><br> + <input id="submitButton" type="submit" value="Post It"> +</body> +</html>

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 33406c7e8730e7d2dc0ad22fbb3fd5df407923c8 Author: teor <teor2345(a)gmail.com> Date: Mon Mar 13 23:06:23 2017 +1100 Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. --- browser/app/Makefile.in | 2 +- browser/app/macbuild/Contents/Info.plist.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 1aec6541fc0f..6770319f1866 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -103,5 +103,5 @@ ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' endif - printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo' + printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in index f6791ea48125..95b3bc83905c 100644 --- a/browser/app/macbuild/Contents/Info.plist.in +++ b/browser/app/macbuild/Contents/Info.plist.in @@ -179,7 +179,7 @@ <key>CFBundleShortVersionString</key> <string>%APP_VERSION%</string> <key>CFBundleSignature</key> - <string>MOZB</string> + <string>TORB</string> <key>CFBundleURLTypes</key> <array> <dict>

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit c85c920fe91e352230e87ea8a31631f6ec6e71f5 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jun 28 15:13:05 2016 -0400 Bug 19273: Avoid JavaScript patching of the external app helper dialog. When handling an external URI or downloading a file, invoke Torbutton's external app blocker component (which will present a download warning dialog unless the user has checked the "Automatically download files from now on" box). For e10s compatibility, avoid using a modal dialog and instead use a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton to indicate the user's desire to cancel or continue each request. Other bugs fixed: Bug 21766: Crash with e10s enabled while trying to download a file Bug 21886: Download is stalled in non-e10s mode Bug 22471: Downloading files via the PDF viewer download button is broken Bug 22472: Fix FTP downloads when external helper app dialog is shown Bug 22610: Avoid crashes when canceling external helper app downloads Bug 22618: Downloading pdf file via file:/// is stalling --- .../exthandler/nsExternalHelperAppService.cpp | 202 +++++++++++++++++---- uriloader/exthandler/nsExternalHelperAppService.h | 3 + .../exthandler/nsIExternalHelperAppService.idl | 47 +++++ 3 files changed, 217 insertions(+), 35 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 4ff7ed2e27cc..0dcc1d3ed6ab 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -132,6 +132,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] = static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] = "browser.helperApps.neverAsk.openFile"; +static const char WARNING_DIALOG_CONTRACT_ID[] = + "@torproject.org/torbutton-extAppBlocker;1"; + // Helper functions for Content-Disposition headers /** @@ -388,6 +391,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory, return NS_OK; } +static already_AddRefed<nsIInterfaceRequestor> GetDialogParentAux( + BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) { + nsCOMPtr<nsIInterfaceRequestor> dialogParent = aWindowContext; + + if (!dialogParent && aBrowsingContext) { + dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow()); + } + if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) { + RefPtr<Element> element = aBrowsingContext->Top()->GetEmbedderElement(); + if (element) { + dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); + } + } + return dialogParent.forget(); +} + /** * Structure for storing extension->type mappings. * @see defaultMimeEntries @@ -544,6 +563,111 @@ static const nsDefaultMimeTypeEntry nonDecodableExtensions[] = { {APPLICATION_COMPRESS, "z"}, {APPLICATION_GZIP, "svgz"}}; +////////////////////////////////////////////////////////////////////////////////////////////////////// +// begin nsExternalLoadURIHandler class definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// +class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher { + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER + + nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, + BrowsingContext* aBrowsingContext); + + protected: + ~nsExternalLoadURIHandler(); + + nsCOMPtr<nsIHandlerInfo> mHandlerInfo; + nsCOMPtr<nsIURI> mURI; + nsCOMPtr<nsIPrincipal> mTriggeringPrincipal; + RefPtr<BrowsingContext> mBrowsingContext; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; +}; + +NS_IMPL_ADDREF(nsExternalLoadURIHandler) +NS_IMPL_RELEASE(nsExternalLoadURIHandler) + +NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler) + NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) +NS_INTERFACE_MAP_END + +nsExternalLoadURIHandler::nsExternalLoadURIHandler( + nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext) + : mHandlerInfo(aHandlerInfo), + mURI(aURI), + mTriggeringPrincipal(aTriggeringPrincipal), + mBrowsingContext(aBrowsingContext) + +{ + nsresult rv = NS_OK; + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = + GetDialogParentAux(aBrowsingContext, nullptr); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } +} + +nsExternalLoadURIHandler::~nsExternalLoadURIHandler() {} + +NS_IMETHODIMP nsExternalLoadURIHandler::ContinueRequest() { + MOZ_ASSERT(mURI); + MOZ_ASSERT(mHandlerInfo); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + nsHandlerInfoAction preferredAction; + mHandlerInfo->GetPreferredAction(&preferredAction); + bool alwaysAsk = true; + mHandlerInfo->GetAlwaysAskBeforeHandling(&alwaysAsk); + + nsresult rv = NS_OK; + // If we are not supposed to ask, and the preferred action is to use + // a helper app or the system default, we just launch the URI. + if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || + preferredAction == nsIHandlerInfo::useSystemDefault)) { + rv = mHandlerInfo->LaunchWithURI(mURI, mBrowsingContext); + // We are not supposed to ask, but when file not found the user most likely + // uninstalled the application which handles the uri so we will continue + // by application chooser dialog. + if (rv != NS_ERROR_FILE_NOT_FOUND) { + return rv; + } + } + + nsCOMPtr<nsIContentDispatchChooser> chooser = + do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + + return chooser->Ask(mHandlerInfo, mURI, mTriggeringPrincipal, + mBrowsingContext, + nsIContentDispatchChooser::REASON_CANNOT_HANDLE); +} + +NS_IMETHODIMP nsExternalLoadURIHandler::CancelRequest(nsresult aReason) { + NS_ENSURE_ARG(NS_FAILED(aReason)); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + return NS_OK; +} + static StaticRefPtr<nsExternalHelperAppService> sExtHelperAppSvcSingleton; /** @@ -570,6 +694,9 @@ nsExternalHelperAppService::GetSingleton() { return do_AddRef(sExtHelperAppSvcSingleton); } +////////////////////////////////////////////////////////////////////////////////////////////////////// +// nsExternalHelperAppService definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// NS_IMPL_ISUPPORTS(nsExternalHelperAppService, nsIExternalHelperAppService, nsPIExternalAppLauncher, nsIExternalProtocolService, nsIMIMEService, nsIObserver, nsISupportsWeakReference) @@ -1003,30 +1130,13 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI, rv = GetProtocolHandlerInfo(scheme, getter_AddRefs(handler)); NS_ENSURE_SUCCESS(rv, rv); - nsHandlerInfoAction preferredAction; - handler->GetPreferredAction(&preferredAction); - bool alwaysAsk = true; - handler->GetAlwaysAskBeforeHandling(&alwaysAsk); - - // if we are not supposed to ask, and the preferred action is to use - // a helper app or the system default, we just launch the URI. - if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || - preferredAction == nsIHandlerInfo::useSystemDefault)) { - rv = handler->LaunchWithURI(uri, aBrowsingContext); - // We are not supposed to ask, but when file not found the user most likely - // uninstalled the application which handles the uri so we will continue - // by application chooser dialog. - if (rv != NS_ERROR_FILE_NOT_FOUND) { - return rv; - } + RefPtr<nsExternalLoadURIHandler> h = new nsExternalLoadURIHandler( + handler, uri, aTriggeringPrincipal, aBrowsingContext); + if (!h) { + return NS_ERROR_OUT_OF_MEMORY; } - nsCOMPtr<nsIContentDispatchChooser> chooser = - do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); - NS_ENSURE_SUCCESS(rv, rv); - - return chooser->Ask(handler, uri, aTriggeringPrincipal, aBrowsingContext, - nsIContentDispatchChooser::REASON_CANNOT_HANDLE); + return NS_OK; } ////////////////////////////////////////////////////////////////////////////////////////////////////// @@ -1171,6 +1281,7 @@ NS_INTERFACE_MAP_BEGIN(nsExternalAppHandler) NS_INTERFACE_MAP_ENTRY(nsIStreamListener) NS_INTERFACE_MAP_ENTRY(nsIRequestObserver) NS_INTERFACE_MAP_ENTRY(nsIHelperAppLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) NS_INTERFACE_MAP_ENTRY(nsICancelable) NS_INTERFACE_MAP_ENTRY(nsIBackgroundFileSaverObserver) NS_INTERFACE_MAP_ENTRY(nsINamed) @@ -1532,18 +1643,7 @@ void nsExternalAppHandler::MaybeApplyDecodingForExtension( already_AddRefed<nsIInterfaceRequestor> nsExternalAppHandler::GetDialogParent() { - nsCOMPtr<nsIInterfaceRequestor> dialogParent = mWindowContext; - - if (!dialogParent && mBrowsingContext) { - dialogParent = do_QueryInterface(mBrowsingContext->GetDOMWindow()); - } - if (!dialogParent && mBrowsingContext && XRE_IsParentProcess()) { - RefPtr<Element> element = mBrowsingContext->Top()->GetEmbedderElement(); - if (element) { - dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); - } - } - return dialogParent.forget(); + return GetDialogParentAux(mBrowsingContext, mWindowContext); } NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { @@ -1651,6 +1751,29 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { MOZ_ASSERT(NS_SUCCEEDED(rv)); } + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = GetDialogParent(); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } + + return NS_OK; +} + +NS_IMETHODIMP nsExternalAppHandler::ContinueRequest() { + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + // now that the temp file is set up, find out if we need to invoke a dialog // asking the user what they want us to do with this content... @@ -1736,6 +1859,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { action = nsIMIMEInfo::saveToDisk; } + nsresult rv = NS_OK; if (alwaysAsk) { // Display the dialog mDialog = do_CreateInstance(NS_HELPERAPPLAUNCHERDLG_CONTRACTID, &rv); @@ -1793,6 +1917,14 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { return NS_OK; } +NS_IMETHODIMP nsExternalAppHandler::CancelRequest(nsresult aReason) { + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + + return Cancel(aReason); +} + // Convert error info into proper message text and send OnStatusChange // notification to the dialog progress listener or nsITransfer implementation. void nsExternalAppHandler::SendStatusChange(ErrorType type, nsresult rv, @@ -2456,7 +2588,7 @@ NS_IMETHODIMP nsExternalAppHandler::Cancel(nsresult aReason) { } // Break our reference cycle with the helper app dialog (set up in - // OnStartRequest) + // ContinueRequest) mDialog = nullptr; mRequest = nullptr; diff --git a/uriloader/exthandler/nsExternalHelperAppService.h b/uriloader/exthandler/nsExternalHelperAppService.h index f2bd67f64ccd..8c2d8817ac7b 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.h +++ b/uriloader/exthandler/nsExternalHelperAppService.h @@ -203,6 +203,7 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService, */ class nsExternalAppHandler final : public nsIStreamListener, public nsIHelperAppLauncher, + public nsIHelperAppWarningLauncher, public nsIBackgroundFileSaverObserver, public nsINamed { public: @@ -210,6 +211,7 @@ class nsExternalAppHandler final : public nsIStreamListener, NS_DECL_NSISTREAMLISTENER NS_DECL_NSIREQUESTOBSERVER NS_DECL_NSIHELPERAPPLAUNCHER + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER NS_DECL_NSICANCELABLE NS_DECL_NSIBACKGROUNDFILESAVEROBSERVER NS_DECL_NSINAMED @@ -460,6 +462,7 @@ class nsExternalAppHandler final : public nsIStreamListener, nsCOMPtr<nsITransfer> mTransfer; nsCOMPtr<nsIHelperAppLauncherDialog> mDialog; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; /** diff --git a/uriloader/exthandler/nsIExternalHelperAppService.idl b/uriloader/exthandler/nsIExternalHelperAppService.idl index ea8b9b08f3e6..8b58671f7597 100644 --- a/uriloader/exthandler/nsIExternalHelperAppService.idl +++ b/uriloader/exthandler/nsIExternalHelperAppService.idl @@ -182,3 +182,50 @@ interface nsIHelperAppLauncher : nsICancelable */ readonly attribute uint64_t browsingContextId; }; + +/** + * nsIHelperAppWarningLauncher is implemented by two classes: + * nsExternalLoadURIHandler + * nsExternalAppHandler + */ +[scriptable, uuid(cffd508b-4aaf-43ad-99c6-671d35cbc558)] +interface nsIHelperAppWarningLauncher : nsISupports +{ + /** + * Callback invoked by the external app warning dialog to continue the + * request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + */ + void continueRequest(); + + /** + * Callback invoked by the external app warning dialog to cancel the request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + * + * @param aReason + * Pass a failure code to indicate the reason why this operation is + * being canceled. It is an error to pass a success code. + */ + void cancelRequest(in nsresult aReason); +}; + +/** + * nsIHelperAppWarningDialog is implemented by Torbutton's external app + * blocker (src/components/external-app-blocker.js). + */ +[scriptable, uuid(f4899a3f-0df3-42cc-9db8-bdf599e5a208)] +interface nsIHelperAppWarningDialog : nsISupports +{ + /** + * Possibly show a launch warning dialog (it will not be shown if the user + * has chosen to not see the warning again). + * + * @param aLauncher + * A nsIHelperAppWarningLauncher to be invoked after the user confirms + * or cancels the download. + * @param aWindowContext + * The window associated with the download. + */ + void maybeShow(in nsIHelperAppWarningLauncher aLauncher, + in nsISupports aWindowContext); +};

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 11641: change TBB directory structure to be more like Firefox's
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 50772cd69c36dbcb3b2fe6f2c21dddae6dbae0dd Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Apr 29 13:08:24 2014 -0400 Bug 11641: change TBB directory structure to be more like Firefox's Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. --- toolkit/xre/nsAppRunner.cpp | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 9854332f6917..69006b49250e 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1429,8 +1429,10 @@ static void DumpHelp() { " --migration Start with migration wizard.\n" " --ProfileManager Start with ProfileManager.\n" #ifdef MOZ_HAS_REMOTE - " --no-remote Do not accept or send remote commands; implies\n" + " --no-remote (default) Do not accept or send remote commands; " + "implies\n" " --new-instance.\n" + " --allow-remote Accept and send remote commands.\n" " --new-instance Open new instance, not a new window in running " "instance.\n" #endif @@ -3543,16 +3545,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { gSafeMode); #if defined(MOZ_HAS_REMOTE) + // In Tor Browser, remoting is disabled by default unless -osint is used. + bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND); + bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND); + if (!allowRemote && !isOsint) { + SaveToEnv("MOZ_NO_REMOTE=1"); + } // Handle --no-remote and --new-instance command line arguments. Setup // the environment to better accommodate other components and various // restart scenarios. ar = CheckArg("no-remote"); - if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) { + if ((ar == ARG_FOUND) && allowRemote) { + PR_fprintf(PR_STDERR, + "Error: argument --no-remote is invalid when argument " + "--allow-remote is specified\n"); + return 1; + } + if (EnvHasValue("MOZ_NO_REMOTE")) { mDisableRemoteClient = true; mDisableRemoteServer = true; - if (!EnvHasValue("MOZ_NO_REMOTE")) { - SaveToEnv("MOZ_NO_REMOTE=1"); - } } ar = CheckArg("new-instance");

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 16940: After update, load local change notes.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 29ac8e3c6d992275acbcb9b65f245dbffe6be693 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Nov 25 11:36:20 2015 -0500 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. --- browser/actors/AboutTBUpdateChild.jsm | 53 ++++++++ browser/actors/moz.build | 5 + .../base/content/abouttbupdate/aboutTBUpdate.css | 74 ++++++++++++ .../base/content/abouttbupdate/aboutTBUpdate.js | 10 ++ .../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 ++++++ browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js | 4 + browser/base/jar.mn | 5 + browser/components/BrowserContentHandler.jsm | 55 ++++++--- browser/components/BrowserGlue.jsm | 25 ++++ browser/components/about/AboutRedirector.cpp | 6 + browser/components/about/components.conf | 3 + browser/components/moz.build | 5 +- .../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++ browser/locales/jar.mn | 3 + browser/modules/AboutTBUpdate.jsm | 134 +++++++++++++++++++++ browser/modules/moz.build | 5 + 17 files changed, 420 insertions(+), 16 deletions(-) diff --git a/browser/actors/AboutTBUpdateChild.jsm b/browser/actors/AboutTBUpdateChild.jsm new file mode 100644 index 000000000000..91bb4dbba888 --- /dev/null +++ b/browser/actors/AboutTBUpdateChild.jsm @@ -0,0 +1,53 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"]; + +const {ActorChild} = ChromeUtils.import("resource://gre/modules/ActorChild.jsm"); + +class AboutTBUpdateChild extends ActorChild { + receiveMessage(aMessage) { + if (aMessage.name == "AboutTBUpdate:Update") + this.onUpdate(aMessage.data); + } + + handleEvent(aEvent) { + switch (aEvent.type) { + case "AboutTBUpdateLoad": + this.onPageLoad(); + break; + case "pagehide": + this.onPageHide(aEvent); + break; + } + } + + // aData may contain the following string properties: + // version + // releaseDate + // moreInfoURL + // releaseNotes + onUpdate(aData) { + let doc = this.content.document; + doc.getElementById("version-content").textContent = aData.version; + if (aData.releaseDate) { + doc.body.setAttribute("havereleasedate", "true"); + doc.getElementById("releasedate-content").textContent = aData.releaseDate; + } + if (aData.moreInfoURL) + doc.getElementById("infolink").setAttribute("href", aData.moreInfoURL); + doc.getElementById("releasenotes-content").textContent = aData.releaseNotes; + } + + onPageLoad() { + this.mm.sendAsyncMessage("AboutTBUpdate:RequestUpdate"); + } + + onPageHide(aEvent) { + if (aEvent.target.defaultView.frameElement) { + return; + } + } +} diff --git a/browser/actors/moz.build b/browser/actors/moz.build index 4b903146699e..e70f0f09fe3a 100644 --- a/browser/actors/moz.build +++ b/browser/actors/moz.build @@ -74,3 +74,8 @@ FINAL_TARGET_FILES.actors += [ 'WebRTCChild.jsm', 'WebRTCParent.jsm', ] + +if CONFIG['TOR_BROWSER_UPDATE']: + FINAL_TARGET_FILES.actors += [ + 'AboutTBUpdateChild.jsm', + ] diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css b/browser/base/content/abouttbupdate/aboutTBUpdate.css new file mode 100644 index 000000000000..7c1a34b77f17 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2019, The Tor Project, Inc. + * See LICENSE for licensing information. + * + * vim: set sw=2 sts=2 ts=8 et syntax=css: + */ + +:root { + --abouttor-text-color: white; + --abouttor-bg-toron-color: #420C5D; +} + +body { + font-family: Helvetica, Arial, sans-serif; + color: var(--abouttor-text-color); + background-color: var(--abouttor-bg-toron-color); + background-attachment: fixed; + background-size: 100% 100%; +} + +a { + color: var(--abouttor-text-color); +} + +.two-column-grid { + display: inline-grid; + grid-template-columns: auto auto; + grid-column-gap: 50px; + margin: 10px 0px 0px 50px; +} + +.two-column-grid div { + margin-top: 40px; + align-self: baseline; /* Align baseline of text across the row. */ +} + +.label-column { + font-size: 14px; + font-weight: 400; +} + +/* + * Use a reduced top margin to bring the row that contains the + * "visit our website" link closer to the row that precedes it. This + * looks better because the "visit our website" row does not have a + * label in the left column. + */ +div.more-info-row { + margin-top: 5px; + font-size: 14px; +} + +#version-content { + font-size: 50px; + font-weight: 300; +} + +body:not([havereleasedate]) .release-date-cell { + display: none; +} + +#releasedate-content { + font-size: 17px; +} + +#releasenotes-label { + align-self: start; /* Anchor "Release Notes" label at the top. */ +} + +#releasenotes-content { + font-family: monospace; + font-size: 15px; + white-space: pre; +} diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.js b/browser/base/content/abouttbupdate/aboutTBUpdate.js new file mode 100644 index 000000000000..da7553f0ae81 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.js @@ -0,0 +1,10 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + + +addEventListener("load", () => { + let event = new CustomEvent("AboutTBUpdateLoad", { bubbles: true }); + document.dispatchEvent(event); +}); diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml new file mode 100644 index 000000000000..8489cfef5083 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.xhtml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!DOCTYPE html [ + <!ENTITY % htmlDTD + PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "DTD/xhtml1-strict.dtd"> + %htmlDTD; + <!ENTITY % globalDTD SYSTEM "chrome://global/locale/global.dtd"> + %globalDTD; + <!ENTITY % tbUpdateDTD SYSTEM "chrome://browser/locale/aboutTBUpdate.dtd"> + %tbUpdateDTD; +]> + +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> + <meta http-equiv="Content-Security-Policy" content="default-src chrome:; object-src 'none'" /> + <title>&aboutTBUpdate.changelogTitle;</title> + <link rel="stylesheet" type="text/css" + href="chrome://browser/content/abouttbupdate/aboutTBUpdate.css"/> + <script src="chrome://browser/content/abouttbupdate/aboutTBUpdate.js" + type="text/javascript"/> +</head> +<body dir="&locale.dir;"> +<div class="two-column-grid"> + <div class="label-column">&aboutTBUpdate.version;</div> + <div id="version-content"/> + + <div class="label-column release-date-cell">&aboutTBUpdate.releaseDate;</div> + <div id="releasedate-content" class="release-date-cell"/> + + <div class="more-info-row"/> + <div class="more-info-row">&aboutTBUpdate.linkPrefix;<a id="infolink">&aboutTBUpdate.linkLabel;</a>&aboutTBUpdate.linkSuffix;</div> + + <div id="releasenotes-label" + class="label-column">&aboutTBUpdate.releaseNotes;</div> + <div id="releasenotes-content"></div> +</div> +</body> +</html> diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 29f95ae4129f..1d6f9555b33f 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -57,7 +57,7 @@ var gIdentityHandler = { * RegExp used to decide if an about url should be shown as being part of * the browser UI. */ - _secureInternalUIWhitelist: /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback)(?:[?#]|$)/i, + _secureInternalUIWhitelist: (AppConstants.TOR_BROWSER_UPDATE ? /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor|tbupdate)(?:[?#]|$)/i : /^(?:accounts|addons|cache|certificate|config|crashes|downloads|license|logins|preferences|protections|rights|sessionrestore|support|welcomeback|tor)(?:[?#]|$)/i), /** * Whether the established HTTPS connection is considered "broken". diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 3c342dedd5d4..036d92e131da 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -631,6 +631,10 @@ var gInitialPages = [ "about:newinstall", ]; +if (AppConstants.TOR_BROWSER_UPDATE) { + gInitialPages.push("about:tbupdate"); +} + function isInitialPage(url) { if (!(url instanceof Ci.nsIURI)) { try { diff --git a/browser/base/jar.mn b/browser/base/jar.mn index a2e1f9c259d2..df65349796b5 100644 --- a/browser/base/jar.mn +++ b/browser/base/jar.mn @@ -29,6 +29,11 @@ browser.jar: content/browser/aboutTabCrashed.css (content/aboutTabCrashed.css) content/browser/aboutTabCrashed.js (content/aboutTabCrashed.js) content/browser/aboutTabCrashed.xhtml (content/aboutTabCrashed.xhtml) +#ifdef TOR_BROWSER_UPDATE + content/browser/abouttbupdate/aboutTBUpdate.xhtml (content/abouttbupdate/aboutTBUpdate.xhtml) + content/browser/abouttbupdate/aboutTBUpdate.js (content/abouttbupdate/aboutTBUpdate.js) + content/browser/abouttbupdate/aboutTBUpdate.css (content/abouttbupdate/aboutTBUpdate.css) +#endif * content/browser/browser.css (content/browser.css) content/browser/browser.js (content/browser.js) * content/browser/browser.xhtml (content/browser.xhtml) diff --git a/browser/components/BrowserContentHandler.jsm b/browser/components/BrowserContentHandler.jsm index 9f5b6ab0218c..1cc1015414fc 100644 --- a/browser/components/BrowserContentHandler.jsm +++ b/browser/components/BrowserContentHandler.jsm @@ -650,6 +650,23 @@ nsBrowserContentHandler.prototype = { } } + // Retrieve the home page early so we can compare it against about:tor + // to decide whether or not we need an override page (second tab) after + // an update was applied. + var startPage = ""; + try { + var choice = prefb.getIntPref("browser.startup.page"); + if (choice == 1 || choice == 3) { + startPage = HomePage.get(); + } + } catch (e) { + Cu.reportError(e); + } + + if (startPage == "about:blank") { + startPage = ""; + } + var override; var overridePage = ""; var additionalPage = ""; @@ -701,6 +718,16 @@ nsBrowserContentHandler.prototype = { // into account because that requires waiting for the session file // to be read. If a crash occurs after updating, before restarting, // we may open the startPage in addition to restoring the session. + // + // Tor Browser: Instead of opening the post-update "override page" + // directly, we ensure that about:tor will be opened in a special + // mode that notifies the user that their browser was updated. + // The about:tor page will provide a link to the override page + // where the user can learn more about the update, as well as a + // link to the Tor Browser changelog page (about:tbupdate). The + // override page URL comes from the openURL attribute within the + // updates.xml file or, if no showURL action is present, from the + // startup.homepage_override_url pref. willRestoreSession = SessionStartup.isAutomaticRestoreEnabled(); overridePage = Services.urlFormatter.formatURLPref( @@ -720,6 +747,20 @@ nsBrowserContentHandler.prototype = { overridePage = overridePage.replace("%OLD_VERSION%", old_mstone); overridePage = overridePage.replace("%OLD_TOR_BROWSER_VERSION%", old_tbversion); +#ifdef TOR_BROWSER_UPDATE + if (overridePage) + { + prefb.setCharPref("torbrowser.post_update.url", overridePage); + prefb.setBoolPref("torbrowser.post_update.shouldNotify", true); + // If the user's homepage is about:tor, we will inform them + // about the update on that page; otherwise, we arrange to + // open about:tor in a secondary tab. + if (startPage === "about:tor") + overridePage = ""; + else + overridePage = "about:tor"; + } +#endif break; case OVERRIDE_NEW_BUILD_ID: if (UpdateManager.activeUpdate) { @@ -792,20 +833,6 @@ nsBrowserContentHandler.prototype = { } } - var startPage = ""; - try { - var choice = prefb.getIntPref("browser.startup.page"); - if (choice == 1 || choice == 3) { - startPage = HomePage.get(); - } - } catch (e) { - Cu.reportError(e); - } - - if (startPage == "about:blank") { - startPage = ""; - } - let skipStartPage = (override == OVERRIDE_NEW_PROFILE || override == OVERRIDE_ALTERNATE_PROFILE) && diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 0a3555f26432..3b7d8d6e0309 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -560,6 +560,22 @@ let LEGACY_ACTORS = { }, }; +if (AppConstants.TOR_BROWSER_UPDATE) { + LEGACY_ACTORS["AboutTBUpdate"] = { + child: { + module: "resource:///actors/AboutTBUpdateChild.jsm", + events: { + "AboutTBUpdateLoad": {wantUntrusted: true}, + "pagehide": {capture: true}, + }, + matches: ["about:tbupdate"], + messages: [ + "AboutTBUpdate:Update", + ], + } + }; +} + (function earlyBlankFirstPaint() { if ( AppConstants.platform == "macosx" || @@ -747,6 +763,11 @@ if (AppConstants.MOZ_CRASHREPORTER) { }); } +if (AppConstants.TOR_BROWSER_UPDATE) { + XPCOMUtils.defineLazyModuleGetter(this, "AboutTBUpdate", + "resource:///modules/AboutTBUpdate.jsm"); +} + XPCOMUtils.defineLazyGetter(this, "gBrandBundle", function() { return Services.strings.createBundle( "chrome://branding/locale/brand.properties" @@ -2200,6 +2221,10 @@ BrowserGlue.prototype = { AsanReporter.init(); } + if (AppConstants.TOR_BROWSER_UPDATE) { + AboutTBUpdate.init(); + } + Sanitizer.onStartup(); this._scheduleStartupIdleTasks(); this._lateTasksIdleObserver = (idleService, topic, data) => { diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 1471e10bf0db..933d519bd959 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -120,6 +120,12 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, {"pioneer", "chrome://browser/content/pioneer.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, +#ifdef TOR_BROWSER_UPDATE + {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, +#endif }; static nsAutoCString GetAboutModuleName(nsIURI* aURI) { diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index bf0c6c096847..f31159d30e15 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -32,6 +32,9 @@ pages = [ 'welcomeback', ] +if defined('TOR_BROWSER_UPDATE'): + pages.append('tbupdate') + Classes = [ { 'cid': '{7e4bb6ad-2fc4-4dc6-89ef-23e8e5ccf980}', diff --git a/browser/components/moz.build b/browser/components/moz.build index c75c10b0c92d..cf3f566eba71 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -90,11 +90,14 @@ EXTRA_COMPONENTS += [ ] EXTRA_JS_MODULES += [ - 'BrowserContentHandler.jsm', 'BrowserGlue.jsm', 'distribution.js', ] +EXTRA_PP_JS_MODULES += [ + 'BrowserContentHandler.jsm', +] + BROWSER_CHROME_MANIFESTS += [ 'safebrowsing/content/test/browser.ini', 'tests/browser/browser.ini', diff --git a/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd new file mode 100644 index 000000000000..2d1e59b40eaf --- /dev/null +++ b/browser/locales/en-US/chrome/browser/aboutTBUpdate.dtd @@ -0,0 +1,8 @@ +<!ENTITY aboutTBUpdate.changelogTitle "Tor Browser Changelog"> +<!ENTITY aboutTBUpdate.updated "Tor Browser has been updated."> +<!ENTITY aboutTBUpdate.linkPrefix "For the most up-to-date information about this release, "> +<!ENTITY aboutTBUpdate.linkLabel "visit our website"> +<!ENTITY aboutTBUpdate.linkSuffix "."> +<!ENTITY aboutTBUpdate.version "Version"> +<!ENTITY aboutTBUpdate.releaseDate "Release Date"> +<!ENTITY aboutTBUpdate.releaseNotes "Release Notes"> diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index ca892a187adf..31e2d3d870e6 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -20,6 +20,9 @@ locale/browser/accounts.properties (%chrome/browser/accounts.properties) locale/browser/app-extension-fields.properties (%chrome/browser/app-extension-fields.properties) +#ifdef TOR_BROWSER_UPDATE + locale/browser/aboutTBUpdate.dtd (%chrome/browser/aboutTBUpdate.dtd) +#endif locale/browser/browser.dtd (%chrome/browser/browser.dtd) locale/browser/baseMenuOverlay.dtd (%chrome/browser/baseMenuOverlay.dtd) locale/browser/browser.properties (%chrome/browser/browser.properties) diff --git a/browser/modules/AboutTBUpdate.jsm b/browser/modules/AboutTBUpdate.jsm new file mode 100644 index 000000000000..996e2e8394aa --- /dev/null +++ b/browser/modules/AboutTBUpdate.jsm @@ -0,0 +1,134 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +"use strict"; + +var Cc = Components.classes; +var Ci = Components.interfaces; +var Cu = Components.utils; + +this.EXPORTED_SYMBOLS = [ "AboutTBUpdate" ]; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/NetUtil.jsm"); + +const kRequestUpdateMessageName = "AboutTBUpdate:RequestUpdate"; +const kSendUpdateMessageName = "AboutTBUpdate:Update"; + +#expand const TOR_BROWSER_VERSION = __TOR_BROWSER_VERSION_QUOTED__; + +/** + * This code provides services to the about:tbupdate page. Whenever + * about:tbupdate needs to do something chrome-privileged, it sends a + * message that's handled here. It is modeled after Mozilla's about:home + * implementation. + */ +var AboutTBUpdate = { + init: function() { + Services.mm.addMessageListener(kRequestUpdateMessageName, this); + }, + + receiveMessage: function(aMessage) { + if (aMessage.name == kRequestUpdateMessageName) + this.sendAboutTBUpdateData(aMessage.target); + }, + + sendAboutTBUpdateData: function(aTarget) { + let data = this.releaseNoteInfo; + data.moreInfoURL = this.moreInfoURL; + if (aTarget && aTarget.messageManager) { + aTarget.messageManager.sendAsyncMessage(kSendUpdateMessageName, data); + } else { + Services.mm.broadcastAsyncMessage(kSendUpdateMessageName, data); + } + }, + + get moreInfoURL() { + try { + return Services.prefs.getCharPref("torbrowser.post_update.url"); + } catch (e) {} + + // Use the default URL as a fallback. + return Services.urlFormatter.formatURLPref("startup.homepage_override_url"); + }, + + // Read the text from the beginning of the changelog file that is located + // at TorBrowser/Docs/ChangeLog.txt and return an object that contains + // the following properties: + // version e.g., Tor Browser 8.5 + // releaseDate e.g., March 31 2019 + // releaseNotes details of changes (lines 2 - end of ChangeLog.txt) + // We attempt to parse the first line of ChangeLog.txt to extract the + // version and releaseDate. If parsing fails, we return the entire first + // line in version and omit releaseDate. + // + // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir + // to support Gatekeeper signing, the ChangeLog.txt file is located in + // TorBrowser.app/Contents/Resources/TorBrowser/Docs/. + get releaseNoteInfo() { + let info = {}; + + try { +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + // "XREExeF".parent is the directory that contains firefox, i.e., + // Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/. + let f = Services.dirsvc.get("XREExeF", Ci.nsIFile).parent; +#ifdef XP_MACOSX + f = f.parent; + f.append("Resources"); +#endif + f.append("TorBrowser"); +#else + // "DefProfRt" is .../TorBrowser/Data/Browser + let f = Cc["@mozilla.org/file/directory_service;1"] + .getService(Ci.nsIProperties).get("DefProfRt", Ci.nsIFile); + f = f.parent.parent; // Remove "Data/Browser" +#endif + f.append("Docs"); + f.append("ChangeLog.txt"); + + let fs = Cc["@mozilla.org/network/file-input-stream;1"] + .createInstance(Ci.nsIFileInputStream); + fs.init(f, -1, 0, 0); + let s = NetUtil.readInputStreamToString(fs, fs.available()); + fs.close(); + + // Truncate at the first empty line. + s = s.replace(/[\r\n][\r\n][\s\S]*$/m, ""); + + // Split into first line (version plus releaseDate) and + // remainder (releaseNotes). + // This first match() uses multiline mode with two capture groups: + // first line: (.*$) + // remaining lines: ([\s\S]+) + // [\s\S] matches all characters including end of line. This trick + // is needed because when using JavaScript regex in multiline mode, + // . does not match an end of line character. + let matchArray = s.match(/(.*$)\s*([\s\S]+)/m); + if (matchArray && (matchArray.length == 3)) { + info.releaseNotes = matchArray[2]; + let line1 = matchArray[1]; + // Extract the version and releaseDate. The first line looks like: + // Tor Browser 8.5 -- May 1 2019 + // The regex uses two capture groups: + // text that does not include a hyphen: (^[^-]*) + // remaining text: (.*$) + // In between we match optional whitespace, one or more hyphens, and + // optional whitespace by using: \s*-+\s* + matchArray = line1.match(/(^[^-]*)\s*-+\s*(.*$)/); + if (matchArray && (matchArray.length == 3)) { + info.version = matchArray[1]; + info.releaseDate = matchArray[2]; + } else { + info.version = line1; // Match failed: return entire line in version. + } + } else { + info.releaseNotes = s; // Only one line: use as releaseNotes. + } + } catch (e) {} + + return info; + }, +}; diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 88f2a55d6f49..61fe5371e48f 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -160,6 +160,11 @@ EXTRA_JS_MODULES += [ 'ZoomUI.jsm', ] +if CONFIG['TOR_BROWSER_UPDATE']: + EXTRA_PP_JS_MODULES += [ + 'AboutTBUpdate.jsm', + ] + if CONFIG['MOZ_ASAN_REPORTER']: EXTRA_JS_MODULES += [ 'AsanReporter.jsm',

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 21830: Copying large text from web console leaks to /tmp
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 1b93376bc21dd05c13f50bfb433e3b536dfcd071 Author: Georg Koppen <gk(a)torproject.org> Date: Fri Aug 4 05:55:49 2017 +0000 Bug 21830: Copying large text from web console leaks to /tmp Patch written by Neill Miller --- widget/nsTransferable.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp index 9ccfc8639350..135135ab23a8 100644 --- a/widget/nsTransferable.cpp +++ b/widget/nsTransferable.cpp @@ -33,6 +33,7 @@ Notes to self: #include "nsILoadContext.h" #include "nsXULAppAPI.h" #include "mozilla/UniquePtr.h" +#include "mozilla/Preferences.h" using namespace mozilla; @@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) { if (aContext) { mPrivateData = aContext->UsePrivateBrowsing(); + } else { + // without aContext here to provide PrivateBrowsing information, + // we defer to the active configured setting + mPrivateData = + mozilla::Preferences::GetBool("browser.privatebrowsing.autostart"); } #ifdef DEBUG mInitialized = true;

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 19121: reinstate the update.xml hash check
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 40ca59e0f5eec59cb9772215dde841d3f6382b6c Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Mon Apr 23 15:22:57 2018 -0400 Bug 19121: reinstate the update.xml hash check Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and hashValue attributes from nsIUpdatePatch and code related to these attributes." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. We kept the addition to the AppConstants API in case other JS code references it in the future. --- toolkit/modules/AppConstants.jsm | 7 ++++ toolkit/mozapps/update/UpdateService.jsm | 63 ++++++++++++++++++++++++++++- toolkit/mozapps/update/UpdateTelemetry.jsm | 1 + toolkit/mozapps/update/nsIUpdateService.idl | 11 +++++ 4 files changed, 81 insertions(+), 1 deletion(-) diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index cd8ca2659626..84516f0d4c66 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({ false, #endif + MOZ_VERIFY_MAR_SIGNATURE: +#ifdef MOZ_VERIFY_MAR_SIGNATURE + true, +#else + false, +#endif + MOZ_MAINTENANCE_SERVICE: #ifdef MOZ_MAINTENANCE_SERVICE true, diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 1dc86a073646..ead961ab5252 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -742,6 +742,20 @@ function LOG(string) { } } +/** + * Convert a string containing binary values to hex. + */ +function binaryToHex(input) { + var result = ""; + for (var i = 0; i < input.length; ++i) { + var hex = input.charCodeAt(i).toString(16); + if (hex.length == 1) + hex = "0" + hex; + result += hex; + } + return result; +} + /** * Gets the specified directory at the specified hierarchy under the * update root directory and creates it if it doesn't exist. @@ -1534,6 +1548,8 @@ function UpdatePatch(patch) { } break; case "finalURL": + case "hashFunction": + case "hashValue": case "state": case "type": case "URL": @@ -1553,6 +1569,8 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode", + "hashFunction", + "hashValue", "finalURL", "selected", "size", @@ -1566,6 +1584,8 @@ UpdatePatch.prototype = { */ serialize: function UpdatePatch_serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); + patch.setAttribute("hashFunction", this.hashFunction); + patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -4315,7 +4335,42 @@ Downloader.prototype = { } LOG("Downloader:_verifyDownload downloaded size == expected size."); - return true; + let fileStream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); + fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE, 0); + + let digest; + try { + let hash = Cc["@mozilla.org/security/hash;1"]. + createInstance(Ci.nsICryptoHash); + var hashFunction = Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; + if (hashFunction == undefined) { + throw Cr.NS_ERROR_UNEXPECTED; + } + hash.init(hashFunction); + hash.updateFromStream(fileStream, -1); + // NOTE: For now, we assume that the format of _patch.hashValue is hex + // encoded binary (such as what is typically output by programs like + // sha1sum). In the future, this may change to base64 depending on how + // we choose to compute these hashes. + digest = binaryToHex(hash.finish(false)); + } catch (e) { + LOG("Downloader:_verifyDownload - failed to compute hash of the " + + "downloaded update archive"); + digest = ""; + } + + fileStream.close(); + + if (digest == this._patch.hashValue.toLowerCase()) { + LOG("Downloader:_verifyDownload hashes match."); + return true; + } + + LOG("Downloader:_verifyDownload hashes do not match. "); + AUSTLMY.pingDownloadCode(this.isCompleteUpdate, + AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH); + return false; }, /** @@ -4889,6 +4944,9 @@ Downloader.prototype = { " is higher than patch size: " + this._patch.size ); + // It's important that we use a different code than + // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference + // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_LARGER @@ -4907,6 +4965,9 @@ Downloader.prototype = { " is not equal to expected patch size: " + this._patch.size ); + // It's important that we use a different code than + // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference + // between a hash error and a wrong download error. AUSTLMY.pingDownloadCode( this.isCompleteUpdate, AUSTLMY.DWNLD_ERR_PATCH_SIZE_NOT_EQUAL diff --git a/toolkit/mozapps/update/UpdateTelemetry.jsm b/toolkit/mozapps/update/UpdateTelemetry.jsm index 6f560b07cfe7..b6c71b2ef8d6 100644 --- a/toolkit/mozapps/update/UpdateTelemetry.jsm +++ b/toolkit/mozapps/update/UpdateTelemetry.jsm @@ -180,6 +180,7 @@ var AUSTLMY = { DWNLD_ERR_VERIFY_NO_REQUEST: 13, DWNLD_ERR_VERIFY_PATCH_SIZE_NOT_EQUAL: 14, DWNLD_ERR_WRITE_FAILURE: 15, + DWNLD_ERR_VERIFY_NO_HASH_MATCH: 16, // Temporary failure code to see if there are failures without an update phase DWNLD_UNKNOWN_PHASE_ERR_WRITE_FAILURE: 40, diff --git a/toolkit/mozapps/update/nsIUpdateService.idl b/toolkit/mozapps/update/nsIUpdateService.idl index 5e4cc63c3547..47bb27b17d41 100644 --- a/toolkit/mozapps/update/nsIUpdateService.idl +++ b/toolkit/mozapps/update/nsIUpdateService.idl @@ -39,6 +39,17 @@ interface nsIUpdatePatch : nsISupports */ attribute AString finalURL; + /** + * The hash function to use when determining this file's integrity + */ + attribute AString hashFunction; + + /** + * The value of the hash function named above that should be computed if + * this file is not corrupt. + */ + attribute AString hashValue; + /** * The size of this file, in bytes. */

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 25658: Replace security slider with security level UI
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit a05bd8319e2156f6e7ec7fce3135326d66adfd2c Author: Richard Pospesel <richard(a)torproject.org> Date: Mon Mar 4 16:09:51 2019 -0800 Bug 25658: Replace security slider with security level UI This patch adds a new 'securitylevel' component to Tor Browser intended to replace the torbutton 'Security Slider'. This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Strings used by this patch are pulled from the torbutton extension, but en-US defaults are provided if there is an error loading from the extension. With this patch applied, the usual work-flow of "./mach build && ./mach run" work as expected, even if the torbutton extension is disabled. --- browser/base/content/browser.js | 10 + browser/base/content/browser.xhtml | 5 + browser/components/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 19 + .../securitylevel/content/securityLevel.js | 501 +++++++++++++++++++++ .../securitylevel/content/securityLevelButton.css | 9 + .../content/securityLevelButton.inc.xhtml | 7 + .../securitylevel/content/securityLevelButton.svg | 21 + .../securitylevel/content/securityLevelPanel.css | 82 ++++ .../content/securityLevelPanel.inc.xhtml | 38 ++ .../content/securityLevelPreferences.css | 26 ++ .../content/securityLevelPreferences.inc.xhtml | 62 +++ browser/components/securitylevel/jar.mn | 6 + browser/components/securitylevel/moz.build | 1 + 16 files changed, 791 insertions(+) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 036d92e131da..a851be586c0c 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -216,6 +216,11 @@ XPCOMUtils.defineLazyScriptGetter( ["DownloadsButton", "DownloadsIndicatorView"], "chrome://browser/content/downloads/indicator.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelButton"], + "chrome://browser/content/securitylevel/securityLevel.js" +); XPCOMUtils.defineLazyScriptGetter( this, "gEditItemOverlay", @@ -1876,6 +1881,9 @@ var gBrowserInit = { // doesn't flicker as the window is being shown. DownloadsButton.init(); + // Init the SecuritySettingsButton + SecurityLevelButton.init(); + // Certain kinds of automigration rely on this notification to complete // their tasks BEFORE the browser window is shown. SessionStore uses it to // restore tabs into windows AFTER important parts like gMultiProcessBrowser @@ -2558,6 +2566,8 @@ var gBrowserInit = { DownloadsButton.uninit(); + SecurityLevelButton.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 229fc2a26dd2..72c415b8f843 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -20,6 +20,8 @@ <?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/tabbrowser.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/downloads/downloads.css" type="text/css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPanel.css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelButton.css"?> <?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/usercontext/usercontext.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/" type="text/css"?> @@ -623,6 +625,7 @@ #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml #include ../../components/downloads/content/downloadsPanel.inc.xhtml #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml +#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml #include browser-allTabsMenu.inc.xhtml <hbox id="downloads-animation-container"> @@ -1136,6 +1139,8 @@ </stack> </toolbarbutton> +#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml + <toolbarbutton id="library-button" class="toolbarbutton-1 chromeclass-toolbar-additional subviewbutton-nav" removable="true" onmousedown="PanelUI.showSubView('appMenu-libraryView', this, event);" diff --git a/browser/components/moz.build b/browser/components/moz.build index cf3f566eba71..8d6d2503e4a0 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -52,6 +52,7 @@ DIRS += [ 'protocolhandler', 'resistfingerprinting', 'search', + 'securitylevel', 'sessionstore', 'shell', 'ssb', diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index c8adb60653b7..3d89ddf00808 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -12,6 +12,7 @@ <?xml-stylesheet href="chrome://browser/skin/preferences/search.css"?> <?xml-stylesheet href="chrome://browser/skin/preferences/containers.css"?> <?xml-stylesheet href="chrome://browser/skin/preferences/privacy.css"?> +<?xml-stylesheet href="chrome://browser/content/securitylevel/securityLevelPreferences.css"?> <!DOCTYPE html> diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 572b0233c8c4..f36145ea80d4 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -913,6 +913,8 @@ <html:h1 data-l10n-id="security-header"/> </hbox> +#include ../securitylevel/content/securityLevelPreferences.inc.xhtml +  <groupbox id="browsingProtectionGroup" data-category="panePrivacy" hidden="true"> <label><html:h2 data-l10n-id="security-browsing-protection"/></label> diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 2cff75726546..949fa84c24ab 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -77,6 +77,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", function() { } }); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelPreferences"], + "chrome://browser/content/securitylevel/securityLevel.js" +); + XPCOMUtils.defineLazyServiceGetter( this, "listManager", @@ -275,6 +281,18 @@ function addCustomBlockingLearnMore() { var gPrivacyPane = { _pane: null, + /** + * Show the Security Level UI + */ + _initSecurityLevel() { + SecurityLevelPreferences.init(); + let unload = () => { + window.removeEventListener("unload", unload); + SecurityLevelPreferences.uninit(); + }; + window.addEventListener("unload", unload); + }, + /** * Whether the prompt to restart Firefox should appear when changing the autostart pref. */ @@ -415,6 +433,7 @@ var gPrivacyPane = { this.trackingProtectionReadPrefs(); this.networkCookieBehaviorReadPrefs(); this._initTrackingProtectionExtensionControl(); + this._initSecurityLevel(); Services.telemetry.setEventRecordingEnabled("pwmgr", true); diff --git a/browser/components/securitylevel/content/securityLevel.js b/browser/components/securitylevel/content/securityLevel.js new file mode 100644 index 000000000000..b47d0cfb545e --- /dev/null +++ b/browser/components/securitylevel/content/securityLevel.js @@ -0,0 +1,501 @@ +"use strict"; + +ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); +ChromeUtils.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetters(this, { + CustomizableUI: "resource:///modules/CustomizableUI.jsm", + PanelMultiView: "resource:///modules/PanelMultiView.jsm", +}); + +ChromeUtils.defineModuleGetter( + this, + "TorStrings", + "resource:///modules/TorStrings.jsm" +); + +/* + Security Level Prefs + + Getters and Setters for relevant torbutton prefs +*/ +const SecurityLevelPrefs = { + security_slider_pref : "extensions.torbutton.security_slider", + security_custom_pref : "extensions.torbutton.security_custom", + + get securitySlider() { + try { + return Services.prefs.getIntPref(this.security_slider_pref); + } catch(e) { + // init pref to 4 (standard) + const val = 4; + Services.prefs.setIntPref(this.security_slider_pref, val); + return val; + } + }, + + set securitySlider(val) { + Services.prefs.setIntPref(this.security_slider_pref, val); + }, + + get securityCustom() { + try { + return Services.prefs.getBoolPref(this.security_custom_pref); + } catch(e) { + // init custom to false + const val = false; + Services.prefs.setBoolPref(this.security_custom_pref, val); + return val; + } + }, + + set securityCustom(val) { + Services.prefs.setBoolPref(this.security_custom_pref, val); + }, +}; /* Security Level Prefs */ + +/* + Security Level Button Code + + Controls init and update of the security level toolbar button +*/ + +const SecurityLevelButton = { + _securityPrefsBranch : null, + + _populateXUL : function(securityLevelButton) { + if (securityLevelButton != null) { + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.securityLevel); + securityLevelButton.setAttribute("label", TorStrings.securityLevel.securityLevel); + } + }, + + _configUIFromPrefs : function(securityLevelButton) { + if (securityLevelButton != null) { + let securitySlider = SecurityLevelPrefs.securitySlider; + let classList = securityLevelButton.classList; + classList.remove("standard", "safer", "safest"); + switch(securitySlider) { + case 4: + classList.add("standard"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.standard.tooltip); + break; + case 2: + classList.add("safer"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safer.tooltip); + break; + case 1: + classList.add("safest"); + securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safest.tooltip); + break; + } + } + }, + + get button() { + let button = document.getElementById("security-level-button"); + if (!button) { + return null; + } + return button; + }, + + get anchor() { + let anchor = this.button.icon; + if (!anchor) { + return null; + } + + anchor.setAttribute("consumeanchor", SecurityLevelButton.button.id); + return anchor; + }, + + init : function() { + // set the initial class based off of the current pref + let button = this.button; + this._populateXUL(button); + this._configUIFromPrefs(button); + + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + + CustomizableUI.addListener(this); + + SecurityLevelPanel.init(); + }, + + uninit : function() { + CustomizableUI.removeListener(this); + + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + + SecurityLevelPanel.uninit(); + }, + + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider") { + this._configUIFromPrefs(this.button); + } + break; + } + }, + + // callback for entering the 'Customize Firefox' screen to set icon + onCustomizeStart : function(window) { + let navigatorToolbox = document.getElementById("navigator-toolbox"); + let button = navigatorToolbox.palette.querySelector("#security-level-button"); + this._populateXUL(button); + this._configUIFromPrefs(button); + }, + + // callback when CustomizableUI modifies DOM + onWidgetAfterDOMChange : function(aNode, aNextNode, aContainer, aWasRemoval) { + if (aNode.id == "security-level-button" && !aWasRemoval) { + this._populateXUL(aNode); + this._configUIFromPrefs(aNode); + } + }, + + // for when the toolbar button needs to be activated and displays the Security Level panel + // + // In the toolbarbutton xul you'll notice we register this callback for both onkeypress and + // onmousedown. We do this to match the behavior of other panel spawning buttons such as Downloads, + // Library, and the Hamburger menus. Using oncommand alone would result in only getting fired + // after onclick, which is mousedown followed by mouseup. + onCommand : function(aEvent) { + // snippet stolen from /browser/components/downloads/indicator.js DownloadsIndicatorView.onCommand(evt) + if ( + (aEvent.type == "mousedown" && aEvent.button != 0) || + (aEvent.type == "keypress" && aEvent.key != " " && aEvent.key != "Enter") + ) { + return; + } + + // we need to set this attribute for the button to be shaded correctly to look like it is pressed + // while the security level panel is open + this.button.setAttribute("open", "true"); + SecurityLevelPanel.show(); + }, +}; /* Security Level Button */ + +/* + Security Level Panel Code + + Controls init and update of the panel in the security level hanger +*/ + +const SecurityLevelPanel = { + _securityPrefsBranch : null, + _panel : null, + _anchor : null, + _populated : false, + + _populateXUL : function() { + // get the panel elements we need to populate + let panelview = document.getElementById("securityLevel-panelview"); + let labelHeader = panelview.querySelector("#securityLevel-header"); + let labelCustomWarning = panelview.querySelector("#securityLevel-customWarning") + let labelLearnMore = panelview.querySelector("#securityLevel-learnMore"); + let buttonRestoreDefaults = panelview.querySelector("#securityLevel-restoreDefaults"); + let buttonAdvancedSecuritySettings = panelview.querySelector("#securityLevel-advancedSecuritySettings"); + + labelHeader.setAttribute("value", TorStrings.securityLevel.securityLevel); + labelCustomWarning.setAttribute("value", TorStrings.securityLevel.customWarning); + labelLearnMore.setAttribute("value", TorStrings.securityLevel.learnMore); + labelLearnMore.setAttribute("href", TorStrings.securityLevel.learnMoreURL); + buttonRestoreDefaults.setAttribute("label", TorStrings.securityLevel.restoreDefaults); + buttonAdvancedSecuritySettings.setAttribute("label", TorStrings.securityLevel.advancedSecuritySettings); + + // rest of the XUL is set based on security prefs + this._configUIFromPrefs(); + + this._populated = true; + }, + + _configUIFromPrefs : function() { + // get security prefs + let securitySlider = SecurityLevelPrefs.securitySlider; + let securityCustom = SecurityLevelPrefs.securityCustom; + + // get the panel elements we need to populate + let panelview = document.getElementById("securityLevel-panelview"); + let labelLevel = panelview.querySelector("#securityLevel-level"); + let labelCustomWarning = panelview.querySelector("#securityLevel-customWarning") + let summary = panelview.querySelector("#securityLevel-summary"); + let buttonRestoreDefaults = panelview.querySelector("#securityLevel-restoreDefaults"); + let buttonAdvancedSecuritySettings = panelview.querySelector("#securityLevel-advancedSecuritySettings"); + + // only visible when user is using custom settings + labelCustomWarning.hidden = !securityCustom; + buttonRestoreDefaults.hidden = !securityCustom; + + // Descriptions change based on security level + switch(securitySlider) { + // standard + case 4: + labelLevel.setAttribute("value", TorStrings.securityLevel.standard.level); + summary.textContent = TorStrings.securityLevel.standard.summary; + break; + // safer + case 2: + labelLevel.setAttribute("value", TorStrings.securityLevel.safer.level); + summary.textContent = TorStrings.securityLevel.safer.summary; + break; + // safest + case 1: + labelLevel.setAttribute("value", TorStrings.securityLevel.safest.level); + summary.textContent = TorStrings.securityLevel.safest.summary; + break; + } + + // override the summary text with custom warning + if (securityCustom) { + summary.textContent = TorStrings.securityLevel.custom.summary; + } + }, + + init : function() { + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + }, + + uninit : function() { + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + }, + + show : function() { + // we have to defer this until after the browser has finished init'ing before + // we can populate the panel + if (!this._populated) { + this._populateXUL(); + } + + let panel = document.getElementById("securityLevel-panel"); + panel.hidden = false; + PanelMultiView.openPopup(panel, SecurityLevelButton.anchor, "bottomcenter topright", + 0, 0, false, null).catch(Cu.reportError); + }, + + hide : function() { + let panel = document.getElementById("securityLevel-panel"); + PanelMultiView.hidePopup(panel); + }, + + restoreDefaults : function() { + SecurityLevelPrefs.securityCustom = false; + // hide and reshow so that layout re-renders properly + this.hide(); + this.show(this._anchor); + }, + + openAdvancedSecuritySettings : function() { + openPreferences("privacy-securitylevel"); + this.hide(); + }, + + // callback when prefs change + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider" || data == "security_custom") { + this._configUIFromPrefs(); + } + break; + } + }, + + // callback when the panel is displayed + onPopupShown : function(event) { + SecurityLevelButton.button.setAttribute("open", "true"); + }, + + // callback when the panel is hidden + onPopupHidden : function(event) { + SecurityLevelButton.button.removeAttribute("open"); + } +}; /* Security Level Panel */ + +/* + Security Level Preferences Code + + Code to handle init and update of security level section in about:preferences#privacy +*/ + +const SecurityLevelPreferences = +{ + _securityPrefsBranch : null, + + _populateXUL : function() { + let groupbox = document.getElementById("securityLevel-groupbox"); + + let labelHeader = groupbox.querySelector("#securityLevel-header"); + labelHeader.textContent = TorStrings.securityLevel.securityLevel; + + let spanOverview = groupbox.querySelector("#securityLevel-overview"); + spanOverview.textContent = TorStrings.securityLevel.overview; + + let labelLearnMore = groupbox.querySelector("#securityLevel-learnMore"); + labelLearnMore.setAttribute("value", TorStrings.securityLevel.learnMore); + labelLearnMore.setAttribute("href", TorStrings.securityLevel.learnMoreURL); + + let radiogroup = document.getElementById("securityLevel-radiogroup"); + radiogroup.addEventListener("command", SecurityLevelPreferences.selectSecurityLevel); + + let populateRadioElements = function(vboxQuery, stringStruct) { + let vbox = groupbox.querySelector(vboxQuery); + + let radio = vbox.querySelector("radio"); + radio.setAttribute("label", stringStruct.level); + + let customWarning = vbox.querySelector("#securityLevel-customWarning"); + customWarning.setAttribute("value", TorStrings.securityLevel.customWarning); + + let labelSummary = vbox.querySelector("#securityLevel-summary"); + labelSummary.textContent = stringStruct.summary; + + let labelRestoreDefaults = vbox.querySelector("#securityLevel-restoreDefaults"); + labelRestoreDefaults.setAttribute("value", TorStrings.securityLevel.restoreDefaults); + labelRestoreDefaults.addEventListener("click", SecurityLevelPreferences.restoreDefaults); + + let description1 = vbox.querySelector("#securityLevel-description1"); + if (description1) { + description1.textContent = stringStruct.description1; + } + let description2 = vbox.querySelector("#securityLevel-description2"); + if (description2) { + description2.textContent = stringStruct.description2; + } + let description3 = vbox.querySelector("#securityLevel-description3"); + if (description3) { + description3.textContent = stringStruct.description3; + } + }; + + populateRadioElements("#securityLevel-vbox-standard", TorStrings.securityLevel.standard); + populateRadioElements("#securityLevel-vbox-safer", TorStrings.securityLevel.safer); + populateRadioElements("#securityLevel-vbox-safest", TorStrings.securityLevel.safest); + }, + + _configUIFromPrefs : function() { + // read our prefs + let securitySlider = SecurityLevelPrefs.securitySlider; + let securityCustom = SecurityLevelPrefs.securityCustom; + + // get our elements + let groupbox = document.getElementById("securityLevel-groupbox"); + + let radiogroup = groupbox.querySelector("#securityLevel-radiogroup"); + let labelStandardCustom = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-customWarning"); + let labelSaferCustom = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-customWarning"); + let labelSafestCustom = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-customWarning"); + let labelStandardRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-restoreDefaults"); + let labelSaferRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-restoreDefaults"); + let labelSafestRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-restoreDefaults"); + + // hide custom label by default until we know which level we're at + labelStandardCustom.hidden = true; + labelSaferCustom.hidden = true; + labelSafestCustom.hidden = true; + + labelStandardRestoreDefaults.hidden = true; + labelSaferRestoreDefaults.hidden = true; + labelSafestRestoreDefaults.hidden = true; + + switch(securitySlider) { + // standard + case 4: + radiogroup.value = "standard"; + labelStandardCustom.hidden = !securityCustom; + labelStandardRestoreDefaults.hidden = !securityCustom; + break; + // safer + case 2: + radiogroup.value = "safer"; + labelSaferCustom.hidden = !securityCustom; + labelSaferRestoreDefaults.hidden = !securityCustom; + break; + // safest + case 1: + radiogroup.value = "safest"; + labelSafestCustom.hidden = !securityCustom; + labelSafestRestoreDefaults.hidden = !securityCustom; + break; + } + }, + + init : function() { + // populate XUL with localized strings + this._populateXUL(); + + // read prefs and populate UI + this._configUIFromPrefs(); + + // register for pref chagnes + this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); + this._securityPrefsBranch.addObserver("", this, false); + }, + + uninit : function() { + // unregister for pref change events + this._securityPrefsBranch.removeObserver("", this); + this._securityPrefsBranch = null; + }, + + // callback for when prefs change + observe : function(subject, topic, data) { + switch(topic) { + case "nsPref:changed": + if (data == "security_slider" || + data == "security_custom") { + this._configUIFromPrefs(); + } + break; + } + }, + + selectSecurityLevel : function() { + // radio group elements + let radiogroup = document.getElementById("securityLevel-radiogroup"); + + // update pref based on selected radio option + switch (radiogroup.value) { + case "standard": + SecurityLevelPrefs.securitySlider = 4; + break; + case "safer": + SecurityLevelPrefs.securitySlider = 2; + break; + case "safest": + SecurityLevelPrefs.securitySlider = 1; + break; + } + + SecurityLevelPreferences.restoreDefaults(); + }, + + restoreDefaults : function() { + SecurityLevelPrefs.securityCustom = false; + }, +}; /* Security Level Prefereces */ + +Object.defineProperty(this, "SecurityLevelButton", { + value: SecurityLevelButton, + enumerable: true, + writable: false +}); + +Object.defineProperty(this, "SecurityLevelPanel", { + value: SecurityLevelPanel, + enumerable: true, + writable: false +}); + +Object.defineProperty(this, "SecurityLevelPreferences", { + value: SecurityLevelPreferences, + enumerable: true, + writable: false +}); diff --git a/browser/components/securitylevel/content/securityLevelButton.css b/browser/components/securitylevel/content/securityLevelButton.css new file mode 100644 index 000000000000..81f2365bae28 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.css @@ -0,0 +1,9 @@ +toolbarbutton#security-level-button.standard { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#standard"); +} +toolbarbutton#security-level-button.safer { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#safer"); +} +toolbarbutton#security-level-button.safest { + list-style-image: url("chrome://browser/content/securitylevel/securityLevelButton.svg#safest"); +} diff --git a/browser/components/securitylevel/content/securityLevelButton.inc.xhtml b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml new file mode 100644 index 000000000000..96ee1ec0ca49 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml @@ -0,0 +1,7 @@ +<toolbarbutton id="security-level-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + badged="true" + removable="true" + onmousedown="SecurityLevelButton.onCommand(event);" + onkeypress="SecurityLevelButton.onCommand(event);" + closemenu="none" + cui-areatype="toolbar"/> diff --git a/browser/components/securitylevel/content/securityLevelButton.svg b/browser/components/securitylevel/content/securityLevelButton.svg new file mode 100644 index 000000000000..8535cdcc531e --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelButton.svg @@ -0,0 +1,21 @@ +<svg width="14px" height="16px" viewBox="0 0 14 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <style> + use:not(:target) { + display: none; + } + </style> + <defs> + <g id="standard_icon" stroke="none" stroke-width="1"> + <path d="M7.0 2.16583509C7.0 2.16583509 2.0 4.24375717 2.0 4.24375717C2.0 4.24375717 2.0 7.27272727 2.0 7.27272727C2.0 10.2413541 4.13435329 13.0576771 7.0 13.9315843C9.8656467 13.0576771 12.0 10.2413541 12.0 7.27272727C12.0 7.27272727 12.0 4.24375717 12.0 4.24375717C12.0 4.24375717 7.0 2.16583509 7.0 2.16583509C7.0 2.16583509 7.0 2.16583509 7.0 2.16583509M7.0 0.0C7.0 0.0 14.0 2.90909091 14.0 2.90909091C14.0 2.90909091 14.0 7.27272727 14.0 7.27272727C14.0 11.3090909 11.0133333 15.0836364 7.0 16.0C2.98666667 15.0836364 0.0 11.3090909 0.0 7.27272727C0.0 7.27272727 0.0 2.90909091 0.0 2.90909091C0.0 2.90909091 7.0 0.0 7.0 0.0C7.0 0.0 7.0 0.0 7.0 0.0" /> + </g> + <g id="safer_icon" stroke="none" stroke-width="1"> + <path fill-rule="nonzero" d="M7.0 2.1658351C7.0 13.931584 7.0 2.1658351 7.0 13.931584C9.8656467 13.057677 12.0 10.241354 12.0 7.2727273C12.0 7.2727273 12.0 4.2437572 12.0 4.2437572C12.0 4.2437572 7.0 2.1658351 7.0 2.1658351C7.0 2.1658351 7.0 2.1658351 7.0 2.1658351M7.0 0.0C7.0 0.0 14.0 2.9090909 14.0 2.9090909C14.0 2.9090909 14.0 7.2727273 14.0 7.2727273C14.0 11.309091 11.013333 15.083636 7.0 16.0C2.9866667 15.083636 0.0 11.309091 0.0 7.2727273C0.0 7.2727273 0.0 2.9090909 0.0 2.9090909C0.0 2.9090909 7.0 0.0 7.0 0.0"/> + </g> + <g id="safest_icon" stroke="none" stroke-width="1"> + <path d="M7.0 0.0C7.0 0.0 14.0 2.90909091 14.0 2.90909091C14.0 2.90909091 14.0 7.27272727 14.0 7.27272727C14.0 11.3090909 11.0133333 15.0836364 7.0 16.0C2.98666667 15.0836364 0.0 11.3090909 0.0 7.27272727C0.0 7.27272727 0.0 2.90909091 0.0 2.90909091C0.0 2.90909091 7.0 0.0 7.0 0.0C7.0 0.0 7.0 0.0 7.0 0.0" /> + </g> + </defs> + <use id="standard" fill="context-fill" fill-opacity="context-fill-opacity" href="#standard_icon" /> + <use id="safer" fill="context-fill" fill-opacity="context-fill-opacity" href="#safer_icon" /> + <use id="safest" fill="context-fill" fill-opacity="context-fill-opacity" href="#safest_icon" /> +</svg> diff --git a/browser/components/securitylevel/content/securityLevelPanel.css b/browser/components/securitylevel/content/securityLevelPanel.css new file mode 100644 index 000000000000..70022e2bd4b2 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPanel.css @@ -0,0 +1,82 @@ +/* Security Level CSS */ + +panel#securityLevel-panel > .panel-arrowcontainer > .panel-arrowcontent { + padding: 0; +} + +panelview#securityLevel-panelview { + width: 20em; +} + +panelview#securityLevel-panelview>vbox.panel-subview-body { + padding: 1em; +} + +label#securityLevel-header { + text-transform: uppercase; + color: var(--panel-disabled-color); + font-size: 0.85em; + margin: 0 0 0.4em 0; + padding: 0; +} + +hbox#securityLevel-levelHbox { + margin-bottom: 1em; +} + +label#securityLevel-level { + font-size: 1.5em; + margin: 0 0.5em 0 0; + padding: 0; +} + +label#securityLevel-customWarning { + border-radius: 2px; + background-color: #ffe845; + text-transform: uppercase; + font-weight: bolder; + font-size: 0.8em; + height: 1em; + line-height: 1em; + vertical-align: middle; + margin: auto; + padding: 0.4em; +} + +panelview#securityLevel-panelview description { + margin: 0 -0.5em 0.5em 0; + padding: 0 !important; +} + +label#securityLevel-learnMore { + margin: 0 0 1.0em 0; + padding: 0; +} + +panelview#securityLevel-panelview button { + -moz-appearance: none; + background-color: var(--arrowpanel-dimmed); +} + +panelview#securityLevel-panelview button:hover { + background-color: var(--arrowpanel-dimmed-further); +} + +panelview#securityLevel-panelview button:active { + background-color: var(--arrowpanel-dimmed-even-further); +} + +button#securityLevel-restoreDefaults { + margin: 0 0 1.0em 0; + padding: 0.45em; + color: inherit !important; +} + +button#securityLevel-advancedSecuritySettings { + margin: 0 -1.0em -1.0em -1.0em; + border-radius: 0; + border-top: 1px solid var(--panel-separator-color); + padding: 0; + height: 3.0em; + color: inherit !important; +} diff --git a/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml new file mode 100644 index 000000000000..4abbb12dd856 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml @@ -0,0 +1,38 @@ +<panel id="securityLevel-panel" + role="group" + type="arrow" + orient="vertical" + level="top" + hidden="true" + class="panel-no-padding" + onpopupshown="SecurityLevelPanel.onPopupShown(event);" + onpopuphidden="SecurityLevelPanel.onPopupHidden(event);" + > + <panelmultiview mainViewId="securityLevel-panelview"> + <panelview id="securityLevel-panelview" descriptionheightworkaround="true"> + <vbox class="panel-subview-body"> + <label id="securityLevel-header"/> + <hbox id="securityLevel-levelHbox"> + <label id="securityLevel-level"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description id="securityLevel-summary"/> + <label + id="securityLevel-learnMore" + class="learnMore text-link" + onclick="SecurityLevelPanel.hide();" + is="text-link"/> + <button + id="securityLevel-restoreDefaults" + oncommand="SecurityLevelPanel.restoreDefaults();"/> + <button + id="securityLevel-advancedSecuritySettings" + oncommand="SecurityLevelPanel.openAdvancedSecuritySettings();"/> + </vbox> + </panelview> + </panelmultiview> +</panel> diff --git a/browser/components/securitylevel/content/securityLevelPreferences.css b/browser/components/securitylevel/content/securityLevelPreferences.css new file mode 100644 index 000000000000..0d1040d177d8 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPreferences.css @@ -0,0 +1,26 @@ +label#securityLevel-customWarning { + border-radius: 2px; + background-color: #ffe845; + text-transform: uppercase; + font-weight: bolder; + font-size: 0.7em; + height: 1em; + line-height: 1em; + padding: 0.35em; +} + +radiogroup#securityLevel-radiogroup radio { + font-weight: bold; +} + +vbox#securityLevel-vbox-standard, +vbox#securityLevel-vbox-safer, +vbox#securityLevel-vbox-safest { + margin-top: 0.4em; +} + +vbox#securityLevel-vbox-standard description.indent, +vbox#securityLevel-vbox-safer description.indent, +vbox#securityLevel-vbox-safest description.indent { + margin-inline-start: 0 !important; +} diff --git a/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml new file mode 100644 index 000000000000..a108d44a7b51 --- /dev/null +++ b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml @@ -0,0 +1,62 @@ +<groupbox id="securityLevel-groupbox" data-category="panePrivacy" hidden="true"> + <label><html:h2 id="securityLevel-header"/></label> + <vbox data-subcategory="securitylevel" flex="1"> + <description flex="1"> + <html:span id="securityLevel-overview" class="tail-with-learn-more"/> + <label id="securityLevel-learnMore" class="learnMore text-link" is="text-link"/> + </description> + <radiogroup id="securityLevel-radiogroup"> + <vbox id="securityLevel-vbox-standard"> + <hbox> + <radio value="standard"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + </vbox> + <vbox id="securityLevel-vbox-safer"> + <hbox> + <radio value="safer"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + <description id="securityLevel-description1" class="indent tip-caption"/> + <description id="securityLevel-description2" class="indent tip-caption"/> + <description id="securityLevel-description3" class="indent tip-caption"/> + </vbox> + <vbox id="securityLevel-vbox-safest"> + <hbox> + <radio value="safest"/> + <vbox> + <spacer flex="1"/> + <label id="securityLevel-customWarning"/> + <spacer flex="1"/> + </vbox> + </hbox> + <description flex="1"> + <html:span id="securityLevel-summary" class="tail-with-learn-more"/> + <label id="securityLevel-restoreDefaults" + class="learnMore text-link"/> + </description> + <description id="securityLevel-description1" class="indent tip-caption"/> + <description id="securityLevel-description2" class="indent tip-caption"/> + <description id="securityLevel-description3" class="indent tip-caption"/> + </vbox> + </radiogroup> + </vbox> +</groupbox> diff --git a/browser/components/securitylevel/jar.mn b/browser/components/securitylevel/jar.mn new file mode 100644 index 000000000000..9ac408083fbc --- /dev/null +++ b/browser/components/securitylevel/jar.mn @@ -0,0 +1,6 @@ +browser.jar: + content/browser/securitylevel/securityLevel.js (content/securityLevel.js) + content/browser/securitylevel/securityLevelPanel.css (content/securityLevelPanel.css) + content/browser/securitylevel/securityLevelButton.css (content/securityLevelButton.css) + content/browser/securitylevel/securityLevelPreferences.css (content/securityLevelPreferences.css) + content/browser/securitylevel/securityLevelButton.svg (content/securityLevelButton.svg) diff --git a/browser/components/securitylevel/moz.build b/browser/components/securitylevel/moz.build new file mode 100644 index 000000000000..7e103239c8d6 --- /dev/null +++ b/browser/components/securitylevel/moz.build @@ -0,0 +1 @@ +JAR_MANIFESTS += ['jar.mn']

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 23104: Add a default line height compensation
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit ef34ef23989bb58148c27f083fdfb2f90cc88e50 Author: Igor Oliveira <igor.oliveira(a)posteo.net> Date: Sun Dec 10 18:16:59 2017 -0200 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height only and only if the frame is outside the chrome. --- layout/generic/ReflowInput.cpp | 19 +++++++++--- layout/generic/test/mochitest.ini | 1 + layout/generic/test/test_tor_bug23104.html | 50 ++++++++++++++++++++++++++++++ 3 files changed, 65 insertions(+), 5 deletions(-) diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index 5b1f6d62043a..5da354f86558 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -30,6 +30,7 @@ #include <algorithm> #include "mozilla/dom/HTMLInputElement.h" #include "nsGridContainerFrame.h" +#include "nsContentUtils.h" using namespace mozilla; using namespace mozilla::css; @@ -2690,7 +2691,8 @@ void ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) { // For risk management, we use preference to control the behavior, and // eNoExternalLeading is the old behavior. -static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { +static nscoord GetNormalLineHeight(nsIContent* aContent, + nsFontMetrics* aFontMetrics) { MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics"); nscoord normalLineHeight; @@ -2698,6 +2700,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { nscoord externalLeading = aFontMetrics->ExternalLeading(); nscoord internalLeading = aFontMetrics->InternalLeading(); nscoord emHeight = aFontMetrics->EmHeight(); + + if (nsContentUtils::ShouldResistFingerprinting() && + !aContent->IsInChromeDocument()) { + return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR); + } + switch (GetNormalLineHeightCalcControl()) { case eIncludeExternalLeading: normalLineHeight = emHeight + internalLeading + externalLeading; @@ -2715,7 +2723,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { return normalLineHeight; } -static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, +static inline nscoord ComputeLineHeight(nsIContent* aContent, + ComputedStyle* aComputedStyle, nsPresContext* aPresContext, nscoord aBlockBSize, float aFontSizeInflation) { @@ -2743,7 +2752,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, RefPtr<nsFontMetrics> fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - return GetNormalLineHeight(fm); + return GetNormalLineHeight(aContent, fm); } nscoord ReflowInput::CalcLineHeight() const { @@ -2765,7 +2774,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, float aFontSizeInflation) { MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle"); - nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext, + nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle, aPresContext, aBlockBSize, aFontSizeInflation); NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up"); @@ -2778,7 +2787,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, if (!lh.IsNormal()) { RefPtr<nsFontMetrics> fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - nscoord normal = GetNormalLineHeight(fm); + nscoord normal = GetNormalLineHeight(aContent, fm); if (lineHeight < normal) { lineHeight = normal; } diff --git a/layout/generic/test/mochitest.ini b/layout/generic/test/mochitest.ini index f6678d8d8e4e..c1602bbbc6b1 100644 --- a/layout/generic/test/mochitest.ini +++ b/layout/generic/test/mochitest.ini @@ -161,3 +161,4 @@ skip-if = debug == true || tsan # the test is slow. tsan: bug 1612707 [test_reframe_for_lazy_load_image.html] support-files = file_reframe_for_lazy_load_image.html +[test_tor_bug23104.html] diff --git a/layout/generic/test/test_tor_bug23104.html b/layout/generic/test/test_tor_bug23104.html new file mode 100644 index 000000000000..8ff1d2190c45 --- /dev/null +++ b/layout/generic/test/test_tor_bug23104.html @@ -0,0 +1,50 @@ +<!DOCTYPE HTML> +<meta charset="UTF-8"> +<html> +<head> + <title>Test for Tor Bug #23104: CSS line-height reveals the platform Tor browser is running</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="application/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <style type="text/css"> + span { + background-color: #000; + color: #fff; + font-size: 16.5px; + } + </style> +</head> +<body> +<span id="test1">Test1</span> +<span id="test2">كلمة</span> +<span id="test3">ação</span> +<script> + +let setPref = async function (key, value) { + await SpecialPowers.pushPrefEnv({"set": [[key, value]]}); +} + +function getStyle(el, styleprop) { + el = document.getElementById(el); + return document.defaultView.getComputedStyle(el, null).getPropertyValue(styleprop); +} + +function validateElement(elementName, isFingerprintResistent) { + var fontSize = getStyle(elementName, 'font-size'); + var lineHeight = getStyle(elementName, 'line-height'); + var validationCb = isFingerprintResistent ? is : isnot; + validationCb(parseFloat(lineHeight), Math.round(parseFloat(fontSize)) * 1.2, 'Line Height validation'); +} + +add_task(async function() { + await setPref("layout.css.line-height.normal-as-resolved-value.enabled", false); + for (let resistFingerprintingValue of [true, false]) { + await setPref("privacy.resistFingerprinting", resistFingerprintingValue); + for (let elementId of ['test1', 'test2', 'test3']) { + validateElement(elementId, resistFingerprintingValue); + } + } +}); + +</script> +</body> +</html>

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 26353: Prevent speculative connect that violated FPI.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit afdea4af23f9f4488adb5d9435c28f9ef81439cb Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Sat Jul 14 08:50:55 2018 -0700 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. --- toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm index ffa42297073e..82c7a3b950c2 100644 --- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm +++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm @@ -74,6 +74,9 @@ class RemoteWebNavigation { fixupFlags |= Services.uriFixup.FIXUP_FLAG_PRIVATE_CONTEXT; } uri = Services.uriFixup.createFixupURI(aURI, fixupFlags); +/******************************************************************************* + TOR BROWSER: Disable the following speculative connect until + we can make it properly obey first-party isolation. // We know the url is going to be loaded, let's start requesting network // connection before the content process asks. @@ -97,6 +100,7 @@ class RemoteWebNavigation { } Services.io.speculativeConnect(uri, principal, null); } +*******************************************************************************/ } catch (ex) { // Can't setup speculative connection for this uri string for some // reason (such as failing to parse the URI), just ignore it.

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 21431: Clean-up system extensions shipped in Firefox
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 6459898f3637c8a4c1ad5f97e2ccb9889c1dc381 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue May 23 17:05:29 2017 -0400 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. --- browser/components/BrowserGlue.jsm | 6 ++++++ browser/extensions/moz.build | 5 ----- browser/installer/package-manifest.in | 1 - browser/locales/Makefile.in | 8 -------- browser/locales/jar.mn | 7 ------- 5 files changed, 6 insertions(+), 21 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3b7d8d6e0309..3363e24a9b56 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2076,6 +2076,9 @@ BrowserGlue.prototype = { const ID = "screenshots(a)mozilla.org"; const _checkScreenshotsPref = async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { + return; + } let disabled = Services.prefs.getBoolPref(PREF, false); if (disabled) { await addon.disable({ allowSystemAddons: true }); @@ -2092,6 +2095,9 @@ BrowserGlue.prototype = { const ID = "webcompat-reporter(a)mozilla.org"; Services.prefs.addObserver(PREF, async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { + return; + } let enabled = Services.prefs.getBoolPref(PREF, false); if (enabled && !addon.isActive) { await addon.enable({ allowSystemAddons: true }); diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index fd2e65d01f02..499c59b8d6a5 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -5,12 +5,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. DIRS += [ - 'doh-rollout', - 'formautofill', 'pdfjs', - 'screenshots', - 'webcompat', - 'report-site-issue' ] if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 53b0b7ddf731..ad7dd023a92e 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -268,7 +268,6 @@ @RESPATH@/browser/chrome/icons/default/default64.png @RESPATH@/browser/chrome/icons/default/default128.png #endif -@RESPATH@/browser/features/* ; [DevTools Startup Files] @RESPATH@/browser/chrome/devtools-startup@JAREXT@ diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in index 05f0242c5248..1fdf34d9460f 100644 --- a/browser/locales/Makefile.in +++ b/browser/locales/Makefile.in @@ -58,10 +58,6 @@ libs-%: @$(MAKE) -C ../../toolkit/locales libs-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$* -endif - @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) libs AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR) @@ -75,14 +71,10 @@ chrome-%: @$(MAKE) -C ../../toolkit/locales chrome-$* @$(MAKE) -C ../../services/sync/locales chrome AB_CD=$* @$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$* -endif @$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$* @$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$* @$(MAKE) chrome AB_CD=$* @$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$* - @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$* package-win32-installer: $(SUBMAKEFILES) $(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index 31e2d3d870e6..ff577dfd4e7c 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -60,10 +60,3 @@ locale/browser/newInstall.dtd (%chrome/browser/newInstall.dtd) locale/browser/brandings.dtd (%chrome/browser/brandings.dtd) locale/browser/fxmonitor.properties (%chrome/browser/fxmonitor.properties) - -#ifdef XPI_NAME -# Bug 1240628, restructure how l10n repacks work with feature addons -# This is hacky, but ensures the chrome.manifest chain is complete -[.] chrome.jar: -% manifest features/chrome.manifest -#endif

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 16285: Exclude ClearKey system for now
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 5abf8dcaef6329fd5196856840065d0794d537a3 Author: Georg Koppen <gk(a)torproject.org> Date: Mon May 22 12:44:40 2017 +0000 Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. --- browser/installer/package-manifest.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 792acb870afa..53b0b7ddf731 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -465,8 +465,8 @@ bin/libfreebl_64int_3.so #endif ; media -@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ -@RESPATH@/gmp-clearkey/0.1/manifest.json +;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ +;@RESPATH@/gmp-clearkey/0.1/manifest.json #ifdef MOZ_DMD ; DMD

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 13379: Sign our MAR files.
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 076b520e4213527fbd47549a999f82610d1809f9 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Dec 17 16:37:11 2014 -0500 Bug 13379: Sign our MAR files. Configure with --enable-verify-mar (when updating, require a valid signature on the MAR file before it is applied). Use the Tor Browser version instead of the Firefox version inside the MAR file info block (necessary to prevent downgrade attacks). Use NSS on all platforms for checking MAR signatures (instead of using OS-native APIs, which Mozilla does on Mac OS and Windows). So that the NSS and NSPR libraries the updater depends on can be found at runtime, we add the firefox directory to the shared library search path on macOS. On Linux, rpath is used by Mozilla to solve that problem, but that approach won't work on macOS because the updater executable is copied during the update process to a location that is under TorBrowser-Data, and the location of TorBrowser-Data varies. Also includes the fix for bug 18900. --- .mozconfig | 1 + .mozconfig-asan | 1 + .mozconfig-mac | 1 + .mozconfig-mingw | 1 + modules/libmar/tool/mar.c | 6 +-- modules/libmar/tool/moz.build | 12 ++++-- modules/libmar/verify/moz.build | 14 +++--- .../mozapps/update/updater/updater-common.build | 24 +++++++++-- toolkit/mozapps/update/updater/updater.cpp | 25 +++++++---- toolkit/xre/moz.build | 3 ++ toolkit/xre/nsUpdateDriver.cpp | 50 ++++++++++++++++++++++ 11 files changed, 113 insertions(+), 25 deletions(-) diff --git a/.mozconfig b/.mozconfig index 18cd1f9b6487..c50c57d410de 100755 --- a/.mozconfig +++ b/.mozconfig @@ -37,3 +37,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING= ac_add_options --disable-tor-launcher ac_add_options --with-tor-browser-version=dev-build ac_add_options --disable-tor-browser-update +ac_add_options --enable-verify-mar diff --git a/.mozconfig-asan b/.mozconfig-asan index 98ea6ac6f3fe..8bee813bfee8 100644 --- a/.mozconfig-asan +++ b/.mozconfig-asan @@ -30,6 +30,7 @@ ac_add_options --enable-official-branding ac_add_options --enable-default-toolkit=cairo-gtk3 ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-strip ac_add_options --disable-install-strip diff --git a/.mozconfig-mac b/.mozconfig-mac index 26e2b6b92fdb..5b4624ef1f67 100644 --- a/.mozconfig-mac +++ b/.mozconfig-mac @@ -43,6 +43,7 @@ ac_add_options --disable-debug ac_add_options --enable-tor-browser-data-outside-app-dir ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-crashreporter ac_add_options --disable-webrtc diff --git a/.mozconfig-mingw b/.mozconfig-mingw index 3ec6ff18a3e9..ce6ace1dad67 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -15,6 +15,7 @@ ac_add_options --enable-strip ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-bits-download # Let's make sure no preference is enabling either Adobe's or Google's CDM. diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 0bf2cb4bd1d4..ea2b79924914 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -65,7 +65,7 @@ static void print_usage() { "signed_input_archive.mar base_64_encoded_signature_file " "changed_signed_output.mar\n"); printf("(i) is the index of the certificate to extract\n"); -# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) +# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) printf("Verify a MAR file:\n"); printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); printf( @@ -149,7 +149,7 @@ int main(int argc, char** argv) { memset((void*)certBuffers, 0, sizeof(certBuffers)); #endif #if !defined(NO_SIGN_VERIFY) && \ - ((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)) + (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) memset(DERFilePaths, 0, sizeof(DERFilePaths)); memset(fileSizes, 0, sizeof(fileSizes)); #endif @@ -181,7 +181,7 @@ int main(int argc, char** argv) { argc -= 2; } #if !defined(NO_SIGN_VERIFY) -# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX) +# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) /* -D DERFilePath, also matches -D[index] DERFilePath We allow an index for verifying to be symmetric with the import and export command line arguments. */ diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build index 19653fb0b073..8953af0bb15c 100644 --- a/modules/libmar/tool/moz.build +++ b/modules/libmar/tool/moz.build @@ -35,15 +35,21 @@ if CONFIG['MOZ_BUILD_APP'] != 'tools/update-packaging': 'verifymar', ] + if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['MAR_NSS'] = True + if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True OS_LIBS += [ 'ws2_32', - 'crypt32', - 'advapi32', ] - elif CONFIG['OS_ARCH'] == 'Darwin': + if not CONFIG['TOR_BROWSER_UPDATE']: + OS_LIBS += [ + 'crypt32', + 'advapi32', + ] + elif CONFIG['OS_ARCH'] == 'Darwin' and not CONFIG['TOR_BROWSER_UPDATE']: OS_LIBS += [ '-framework Security', ] diff --git a/modules/libmar/verify/moz.build b/modules/libmar/verify/moz.build index 9f7dc56f8f8a..e1c6ced31c37 100644 --- a/modules/libmar/verify/moz.build +++ b/modules/libmar/verify/moz.build @@ -16,15 +16,12 @@ FORCE_STATIC_LIB = True if CONFIG['OS_ARCH'] == 'WINNT': USE_STATIC_LIBS = True elif CONFIG['OS_ARCH'] == 'Darwin': - UNIFIED_SOURCES += [ - 'MacVerifyCrypto.cpp', - ] - OS_LIBS += [ - '-framework Security', + USE_LIBS += [ + 'nspr', + 'nss', + 'signmar', ] else: - DEFINES['MAR_NSS'] = True - LOCAL_INCLUDES += ['../sign'] USE_LIBS += [ 'nspr', 'nss', @@ -38,6 +35,9 @@ else: '-Wl,-rpath=\\$$ORIGIN', ] +DEFINES['MAR_NSS'] = True +LOCAL_INCLUDES += ['../sign'] + LOCAL_INCLUDES += [ '../src', ] diff --git a/toolkit/mozapps/update/updater/updater-common.build b/toolkit/mozapps/update/updater/updater-common.build index 5898e92d465d..9f8365df8ade 100644 --- a/toolkit/mozapps/update/updater/updater-common.build +++ b/toolkit/mozapps/update/updater/updater-common.build @@ -4,6 +4,10 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +DEFINES['MAR_NSS'] = True + +link_with_nss = DEFINES['MAR_NSS'] or (CONFIG['OS_ARCH'] == 'Linux' and CONFIG['MOZ_VERIFY_MAR_SIGNATURE']) + srcs = [ 'archivereader.cpp', 'updater.cpp', @@ -36,10 +40,14 @@ if CONFIG['OS_ARCH'] == 'WINNT': 'ws2_32', 'shell32', 'shlwapi', - 'crypt32', - 'advapi32', ] + if not link_with_nss: + OS_LIBS += [ + 'crypt32', + 'advapi32', + ] + USE_LIBS += [ 'bspatch', 'mar', @@ -47,6 +55,13 @@ USE_LIBS += [ 'xz-embedded', ] +if link_with_nss: + USE_LIBS += [ + 'nspr', + 'nss', + 'signmar', + ] + if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'gtk': have_progressui = 1 srcs += [ @@ -61,9 +76,12 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': ] OS_LIBS += [ '-framework Cocoa', - '-framework Security', '-framework SystemConfiguration', ] + if not link_with_nss: + OS_LIBS += [ + '-framework Security', + ] UNIFIED_SOURCES += [ '/toolkit/xre/updaterfileutils_osx.mm', ] diff --git a/toolkit/mozapps/update/updater/updater.cpp b/toolkit/mozapps/update/updater/updater.cpp index 9a95c3b17761..aaec0b38dda0 100644 --- a/toolkit/mozapps/update/updater/updater.cpp +++ b/toolkit/mozapps/update/updater/updater.cpp @@ -106,9 +106,11 @@ struct UpdateServerThreadArgs { # define USE_EXECV #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX) -# include "nss.h" -# include "prerror.h" +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX)) +# include "nss.h" +# include "prerror.h" +# endif #endif #include "crctable.h" @@ -2738,8 +2740,13 @@ static void UpdateThreadFunc(void* param) { if (ReadMARChannelIDs(updateSettingsPath, &MARStrings) != OK) { rv = UPDATE_SETTINGS_FILE_CHANNEL; } else { +# ifdef TOR_BROWSER_UPDATE + const char* appVersion = TOR_BROWSER_VERSION_QUOTED; +# else + const char* appVersion = MOZ_APP_VERSION; +# endif rv = gArchiveReader.VerifyProductInformation(MARStrings.MARChannelID, - MOZ_APP_VERSION); + appVersion); } } } @@ -2940,11 +2947,10 @@ int NS_main(int argc, NS_tchar** argv) { } #endif -#if defined(MOZ_VERIFY_MAR_SIGNATURE) && !defined(XP_WIN) && !defined(XP_MACOSX) - // On Windows and Mac we rely on native APIs to do verifications so we don't - // need to initialize NSS at all there. - // Otherwise, minimize the amount of NSS we depend on by avoiding all the NSS - // databases. +#if defined(MOZ_VERIFY_MAR_SIGNATURE) +# if defined(MAR_NSS) || (!defined(XP_WIN) && !defined(XP_MACOSX)) + // If using NSS for signature verification, initialize NSS but minimize + // the portion we depend on by avoiding all of the NSS databases. if (NSS_NoDB_Init(nullptr) != SECSuccess) { PRErrorCode error = PR_GetError(); fprintf(stderr, "Could not initialize NSS: %s (%d)", PR_ErrorToName(error), @@ -2952,6 +2958,7 @@ int NS_main(int argc, NS_tchar** argv) { _exit(1); } #endif +#endif #ifdef XP_MACOSX if (!isElevated) { diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build index 7ba3be2fe241..6afab145c2b6 100644 --- a/toolkit/xre/moz.build +++ b/toolkit/xre/moz.build @@ -214,6 +214,9 @@ for var in ('APP_VERSION', 'APP_ID'): if CONFIG['MOZ_BUILD_APP'] == 'browser': DEFINES['MOZ_BUILD_APP_IS_BROWSER'] = True +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['MAR_NSS'] = True + LOCAL_INCLUDES += [ '../../other-licenses/nsis/Contrib/CityHash/cityhash', '../components/find', diff --git a/toolkit/xre/nsUpdateDriver.cpp b/toolkit/xre/nsUpdateDriver.cpp index 55d1982504ed..1cbee302719f 100644 --- a/toolkit/xre/nsUpdateDriver.cpp +++ b/toolkit/xre/nsUpdateDriver.cpp @@ -360,6 +360,42 @@ static nsresult GetUpdateDirFromAppDir(nsIFile* aAppDir, nsIFile** aResult) { # endif #endif +#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \ + defined(MAR_NSS) && defined(XP_MACOSX) +/** + * Ideally we would save and restore the original library path value after + * the updater finishes its work (and before firefox is re-launched). + * Doing so would avoid potential problems like the following bug: + * https://bugzilla.mozilla.org/show_bug.cgi?id=1434033 + */ +/** + * Appends the specified path to the library path. + * This is used so that the updater can find libnss3.dylib and other + * shared libs. + * + * @param pathToAppend A new library path to prepend to the dynamic linker's + * search path. + */ +# include "prprf.h" +# define PATH_SEPARATOR ":" +# define LD_LIBRARY_PATH_ENVVAR_NAME "DYLD_LIBRARY_PATH" +static void AppendToLibPath(const char* pathToAppend) { + char* pathValue = getenv(LD_LIBRARY_PATH_ENVVAR_NAME); + if (nullptr == pathValue || '\0' == *pathValue) { + // Leak the string because that is required by PR_SetEnv. + char* s = + Smprintf("%s=%s", LD_LIBRARY_PATH_ENVVAR_NAME, pathToAppend).release(); + PR_SetEnv(s); + } else { + // Leak the string because that is required by PR_SetEnv. + char* s = Smprintf("%s=%s" PATH_SEPARATOR "%s", LD_LIBRARY_PATH_ENVVAR_NAME, + pathToAppend, pathValue) + .release(); + PR_SetEnv(s); + } +} +#endif + /** * Applies, switches, or stages an update. * @@ -606,6 +642,20 @@ static void ApplyUpdate(nsIFile* greDir, nsIFile* updateDir, nsIFile* appDir, PR_SetEnv("MOZ_SAFE_MODE_RESTART=1"); } +#if defined(TOR_BROWSER_UPDATE) && defined(MOZ_VERIFY_MAR_SIGNATURE) && \ + defined(MAR_NSS) && defined(XP_MACOSX) + // On macOS, append the app directory to the shared library search path + // so the system can locate the shared libraries that are needed by the + // updater, e.g., libnss3.dylib). + nsAutoCString appPath; + nsresult rv2 = appDir->GetNativePath(appPath); + if (NS_SUCCEEDED(rv2)) { + AppendToLibPath(appPath.get()); + } else { + LOG(("ApplyUpdate -- appDir->GetNativePath() failed (0x%x)\n", rv2)); + } +#endif + LOG(("spawning updater process [%s]\n", updaterPath.get())); #ifdef DEBUG dump_argv("ApplyUpdate updater", argv, argc);

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 31563: force reloading search extensions if extensions.enabledScopes has changed
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 5d2c03aa3709ad7aa639677f0ea8e580f27e00d3 Author: Alex Catarineu <acat(a)torproject.org> Date: Sat Aug 31 16:23:20 2019 +0200 Bug 31563: force reloading search extensions if extensions.enabledScopes has changed --- toolkit/components/search/SearchService.jsm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/toolkit/components/search/SearchService.jsm b/toolkit/components/search/SearchService.jsm index 46b992bec8ec..608f3c475458 100644 --- a/toolkit/components/search/SearchService.jsm +++ b/toolkit/components/search/SearchService.jsm @@ -975,6 +975,7 @@ SearchService.prototype = { let locale = Services.locale.requestedLocale; let buildID = Services.appinfo.platformBuildID; let appVersion = Services.appinfo.version; + let enabledScopes = Services.prefs.getIntPref("extensions.enabledScopes", -1); // Allows us to force a cache refresh should the cache format change. cache.version = SearchUtils.CACHE_VERSION; @@ -988,6 +989,10 @@ SearchService.prototype = { cache.appVersion = appVersion; cache.locale = locale; + // Bug 31563: we want to force reloading engines if extensions.enabledScopes + // pref changes + cache.enabledScopes = enabledScopes; + if (gModernConfig) { cache.builtInEngineList = this._searchOrder; // For built-in engines we don't want to store all their data in the cache @@ -1049,7 +1054,8 @@ SearchService.prototype = { !cache.engines || cache.version != SearchUtils.CACHE_VERSION || cache.locale != Services.locale.requestedLocale || - cache.buildID != buildID; + cache.buildID != buildID || + cache.enabledScopes != Services.prefs.getIntPref("extensions.enabledScopes", -1); let enginesCorrupted = false; if (!rebuildCache) {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 23247: Communicating security expectations for .onion
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 5eec977ef49d8cbc96e65fb7a97c6a91f8f5b003 Author: Richard Pospesel <richard(a)torproject.org> Date: Fri Jun 8 13:38:40 2018 -0700 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. --- browser/base/content/browser-siteIdentity.js | 39 ++++++++----- browser/base/content/pageinfo/security.js | 64 ++++++++++++++++++---- .../shared/identity-block/identity-block.inc.css | 19 +++++++ .../themes/shared/identity-block/onion-slash.svg | 5 ++ .../themes/shared/identity-block/onion-warning.svg | 6 ++ browser/themes/shared/identity-block/onion.svg | 3 + browser/themes/shared/jar.inc.mn | 3 + dom/base/nsContentUtils.cpp | 19 +++++++ dom/base/nsContentUtils.h | 5 ++ dom/base/nsGlobalWindowOuter.cpp | 3 +- dom/ipc/WindowGlobalActor.cpp | 4 +- dom/ipc/WindowGlobalChild.cpp | 6 +- dom/presentation/PresentationRequest.cpp | 3 +- dom/security/nsMixedContentBlocker.cpp | 16 +++++- security/manager/ssl/nsSecureBrowserUI.cpp | 12 ++++ 15 files changed, 175 insertions(+), 32 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 1d6f9555b33f..71b12374758d 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -131,6 +131,10 @@ var gIdentityHandler = { ); }, + get _uriIsOnionHost() { + return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; + }, + // smart getters get _identityPopup() { delete this._identityPopup; @@ -624,9 +628,9 @@ var gIdentityHandler = { get pointerlockFsWarningClassName() { // Note that the fullscreen warning does not handle _isSecureInternalUI. if (this._uriHasHost && this._isSecureConnection) { - return "verifiedDomain"; + return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; } - return "unknownIdentity"; + return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; }, /** @@ -634,6 +638,10 @@ var gIdentityHandler = { * built-in (returns false) or imported (returns true). */ _hasCustomRoot() { + if (!this._secInfo) { + return false; + } + let issuerCert = null; issuerCert = this._secInfo.succeededCertChain[ this._secInfo.succeededCertChain.length - 1 @@ -676,11 +684,13 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); - } else if (this._uriHasHost && this._isSecureConnection) { + } else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. - this._identityBox.className = "verifiedDomain"; + // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; if (this._isMixedActiveContentBlocked) { - this._identityBox.classList.add("mixedActiveBlocked"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveBlocked" : "mixedActiveBlocked"); } if (!this._isCertUserOverridden) { // It's a normal cert, verifier is the CA Org. @@ -691,17 +701,17 @@ var gIdentityHandler = { } } else if (this._isBrokenConnection) { // This is a secure connection, but something is wrong. - this._identityBox.className = "unknownIdentity"; + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; if (this._isMixedActiveContentLoaded) { - this._identityBox.classList.add("mixedActiveContent"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveContent" : "mixedActiveContent"); } else if (this._isMixedActiveContentBlocked) { - this._identityBox.classList.add( - "mixedDisplayContentLoadedActiveBlocked" - ); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedDisplayContentLoadedActiveBlocked" : "mixedDisplayContentLoadedActiveBlocked"); } else if (this._isMixedPassiveContentLoaded) { - this._identityBox.classList.add("mixedDisplayContent"); + this._identityBox.classList.add(uriIsOnionHost ? "onionMixedDisplayContent" : "mixedDisplayContent"); } else { + // TODO: ignore weak https cipher for onionsites? this._identityBox.classList.add("weakCipher"); } } else if (this._isAboutCertErrorPage) { @@ -713,8 +723,8 @@ var gIdentityHandler = { (gBrowser.selectedBrowser.documentURI.scheme == "about" || gBrowser.selectedBrowser.documentURI.scheme == "chrome")) ) { - // This is a local resource (and shouldn't be marked insecure). - this._identityBox.className = "unknownIdentity"; + // This is a local resource or an onion site (and shouldn't be marked insecure). + this._identityBox.className = this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; } else { // This is an insecure connection. let warnOnInsecure = @@ -738,7 +748,8 @@ var gIdentityHandler = { } if (this._isCertUserOverridden) { - this._identityBox.classList.add("certUserOverridden"); + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.classList.add(uriIsOnionHost ? "onionCertUserOverridden" : "certUserOverridden"); // Cert is trusted because of a security exception, verifier is a special string. tooltip = gNavigatorBundle.getString( "identity.identified.verified_by_you" diff --git a/browser/base/content/pageinfo/security.js b/browser/base/content/pageinfo/security.js index 966d3fdb3901..4331ebc4b219 100644 --- a/browser/base/content/pageinfo/security.js +++ b/browser/base/content/pageinfo/security.js @@ -22,6 +22,13 @@ ChromeUtils.defineModuleGetter( "PluralForm", "resource://gre/modules/PluralForm.jsm" ); +XPCOMUtils.defineLazyGetter( + this, + "gTorButtonBundle", + function() { + return Services.strings.createBundle("chrome://torbutton/locale/torbutton.properties"); + } +); var security = { async init(uri, windowInfo) { @@ -70,6 +77,11 @@ var security = { (Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT | Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT); var isEV = ui.state & Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL; + var isOnion = false; + const hostName = this.windowInfo.hostName; + if (hostName && hostName.endsWith(".onion")) { + isOnion = true; + } let secInfo = await window.opener.gBrowser.selectedBrowser.browsingContext.currentWindowGlobal.getSecurityInfo(); if (secInfo) { @@ -95,6 +107,7 @@ var security = { isBroken, isMixed, isEV, + isOnion, cert, certChain: certChainArray, certificateTransparency: undefined, @@ -154,6 +167,7 @@ var security = { isBroken, isMixed, isEV, + isOnion, cert: null, certificateTransparency: null, }; @@ -350,22 +364,50 @@ async function securityOnLoad(uri, windowInfo) { } msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } else if (info.encryptionStrength > 0) { - hdr = pkiBundle.getFormattedString( - "pageInfo_EncryptionWithBitsAndProtocol", - [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] - ); + if (!info.isOnion) { + hdr = pkiBundle.getFormattedString( + "pageInfo_EncryptionWithBitsAndProtocol", + [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] + ); + } else { + try { + hdr = gTorButtonBundle.formatStringFromName( + "pageInfo_OnionEncryptionWithBitsAndProtocol", + [info.encryptionAlgorithm, info.encryptionStrength + "", info.version] + ); + } catch(err) { + hdr = "Connection Encrypted (Onion Service, " + + info.encryptionAlgorithm + + ", " + + info.encryptionStrength + + " bit keys, " + + info.version + + ")"; + } + } msg1 = pkiBundle.getString("pageInfo_Privacy_Encrypted1"); msg2 = pkiBundle.getString("pageInfo_Privacy_Encrypted2"); } else { - hdr = pkiBundle.getString("pageInfo_NoEncryption"); - if (windowInfo.hostName != null) { - msg1 = pkiBundle.getFormattedString("pageInfo_Privacy_None1", [ - windowInfo.hostName, - ]); + if (!info.isOnion) { + hdr = pkiBundle.getString("pageInfo_NoEncryption"); + if (windowInfo.hostName != null) { + msg1 = pkiBundle.getFormattedString("pageInfo_Privacy_None1", [ + windowInfo.hostName, + ]); + } else { + msg1 = pkiBundle.getString("pageInfo_Privacy_None4"); + } + msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } else { - msg1 = pkiBundle.getString("pageInfo_Privacy_None4"); + try { + hdr = gTorButtonBundle.GetStringFromName("pageInfo_OnionEncryption"); + } catch (err) { + hdr = "Connection Encrypted (Onion Service)"; + } + + msg1 = pkiBundle.getString("pageInfo_Privacy_Encrypted1"); + msg2 = pkiBundle.getString("pageInfo_Privacy_Encrypted2"); } - msg2 = pkiBundle.getString("pageInfo_Privacy_None2"); } setText("security-technical-shortform", hdr); setText("security-technical-longform1", msg1); diff --git a/browser/themes/shared/identity-block/identity-block.inc.css b/browser/themes/shared/identity-block/identity-block.inc.css index 27a990e08bc8..011fb9f3081c 100644 --- a/browser/themes/shared/identity-block/identity-block.inc.css +++ b/browser/themes/shared/identity-block/identity-block.inc.css @@ -172,6 +172,25 @@ toolbar[brighttext] #identity-box[pageproxystate="valid"].chromeUI > #identity-i list-style-image: url(chrome://browser/skin/connection-mixed-active-loaded.svg); } +#identity-box[pageproxystate="valid"].onionUnknownIdentity > #identity-icon, +#identity-box[pageproxystate="valid"].onionVerifiedDomain > #identity-icon, +#identity-box[pageproxystate="valid"].onionMixedActiveBlocked > #identity-icon { + list-style-image: url(chrome://browser/skin/onion.svg); + visibility: visible; +} + +#identity-box[pageproxystate="valid"].onionMixedDisplayContent > #identity-icon, +#identity-box[pageproxystate="valid"].onionMixedDisplayContentLoadedActiveBlocked > #identity-icon, +#identity-box[pageproxystate="valid"].onionCertUserOverridden > #identity-icon { + list-style-image: url(chrome://browser/skin/onion-warning.svg); + visibility: visible; +} + +#identity-box[pageproxystate="valid"].onionMixedActiveContent > #identity-icon { + list-style-image: url(chrome://browser/skin/onion-slash.svg); + visibility: visible; +} + #permissions-granted-icon { list-style-image: url(chrome://browser/skin/permissions.svg); } diff --git a/browser/themes/shared/identity-block/onion-slash.svg b/browser/themes/shared/identity-block/onion-slash.svg new file mode 100644 index 000000000000..e7c98b769482 --- /dev/null +++ b/browser/themes/shared/identity-block/onion-slash.svg @@ -0,0 +1,5 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M3.409559 13.112147C3.409559 13.112147 8.200807 8.103115 8.200807 8.103115C8.200807 8.103115 8.200807 6.516403 8.200807 6.516403C8.620819 6.516403 9.009719 6.703075 9.274171 6.998639C9.274171 6.998639 10.160863 6.080835 10.160863 6.080835C9.663071 5.567487 8.978607 5.256367 8.200807 5.256367C8.200807 5.256367 8.200807 4.400787 8.200807 4.400787C9.196391 4.400787 10.098639 4.805243 10.736435 5.458595C10.736435 5.458595 11.623127 4.540791 11.623127 4.540791C10.751991 3.669655 9.538623 3.125195 8.200807 3.125195C8.200807 3.125195 8.200807 2.269615 8.200807 2.269615C9.756407 2.269615 11.172003 2.907411 12.214255 3.918551C12.214255 3.918551 13.100947 3.000747 13.100947 3.000747C11.825355 1.756267 10.098639 0.994023 8.185251 0.994023C4.311807 0.994023 1.185051 4.120779 1.185051 7.994223C1.185051 10.016503 2.040631 11.836555 3.409559 13.112147C3.409559 13.112147 3.409559 13.112147 3.409559 13.112147" fill-opacity="context-fill-opacity" fill="context-fill" /> + <path d="M14.205423 4.416343C14.205423 4.416343 13.287619 5.380815 13.287619 5.380815C13.692075 6.158615 13.909859 7.045307 13.909859 7.994223C13.909859 11.152091 11.358675 13.718831 8.200807 13.718831C8.200807 13.718831 8.200807 12.863251 8.200807 12.863251C10.891995 12.863251 13.069835 10.669855 13.069835 7.978667C13.069835 7.278647 12.929831 6.625295 12.665379 6.018611C12.665379 6.018611 11.685351 7.045307 11.685351 7.045307C11.763131 7.340871 11.809799 7.651991 11.809799 7.963111C11.809799 9.954279 10.207531 11.556547 8.216363 11.572103C8.216363 11.572103 8.216363 10.716523 8.216363 10.716523C9.725295 10.700967 10.954219 9.472043 10.954219 7.963111C10.954219 7.916443 10.954219 7.854219 10.954219 7.807551C10.954219 7.807551 4.887379 14.169955 4.887379 14.169955C5.867407 14.698859 6.987439 14.994423 8.185251 14.994423C12.058695 14.994423 15.185451 11.867667 15.185451 7.994223C15.185451 6.687519 14.827663 5.474151 14.205423 4.416343C14.205423 4.416343 14.205423 4.416343 14.205423 4.416343" fill-opacity="context-fill-opacity" fill="context-fill" /> + <path d="M1.791735 15.461103C1.402835 15.461103 1.045047 15.212207 0.889487 14.838863C0.733927 14.465519 0.827267 14.014395 1.107271 13.734387C1.107271 13.734387 13.458735 0.822907 13.458735 0.822907C13.847635 0.434007 14.454319 0.449563 14.827663 0.838467C15.201007 1.227367 15.216563 1.865163 14.843223 2.269619C14.843223 2.269619 2.491759 15.181099 2.491759 15.181099C2.289531 15.352215 2.040635 15.461107 1.791739 15.461107C1.791739 15.461107 1.791735 15.461103 1.791735 15.461103" fill="#ff0039" /> +</svg> diff --git a/browser/themes/shared/identity-block/onion-warning.svg b/browser/themes/shared/identity-block/onion-warning.svg new file mode 100644 index 000000000000..d42a7dab7246 --- /dev/null +++ b/browser/themes/shared/identity-block/onion-warning.svg @@ -0,0 +1,6 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M15.8630401732 14.127C15.8630401732 14.127 12.6649598146 7.716 12.6649598146 7.716C12.4469357756 7.279935 12.0003277145 7.0043454 11.5116853046 7.0043454C11.0230428947 7.0043454 10.5764348336 7.279935 10.3584107946 7.716C10.3584107946 7.716 7.1573218938 14.127 7.1573218938 14.127C6.95646770542 14.527294 6.97733695982 15.002669 7.21250176686 15.38393C7.4476665739 15.765191 7.86372750208 15.998191 8.3126020986 16.0C8.3126020986 16.0 14.7077599684 16.0 14.7077599684 16.0C15.1566344646 15.9982 15.572695794 15.765191 15.8078605007 15.38393C16.0430252075 15.002669 16.0638944619 14.527294 15.8630371647 14.127C15.8630371647 14.127 15.8630401732 14.127 15.8630401732 14.127" fill="#ffbf00" /> + <path d="M11.5106824572 8.0C11.6210488221 7.99691 11.7223975832 8.060469 11.7674113916 8.161C11.7674113916 8.161 14.9644889028 14.573 14.9644889028 14.573C15.0126456349 14.66534 15.0076715118 14.776305 14.9514518866 14.864C14.9011992034 14.95041 14.8079143382 15.002854 14.7077599684 15.001048C14.7077599684 15.001048 8.3126020986 15.001048 8.3126020986 15.001048C8.2124480296 15.002854 8.1191607576 14.950409 8.0689101804 14.864C8.0124814615 14.77637 8.0075053327 14.665298 8.0558731642 14.573C8.0558731642 14.573 11.2529506754 8.161 11.2529506754 8.161C11.2981038796 8.0601247 11.3999560701 7.9964997 11.5106824572 8.0M11.5106824572 6.9999751C11.0194557096 6.9969427 10.5701148893 7.2754275 10.3554022524 7.716C10.3554022524 7.716 7.1573218938 14.127 7.1573218938 14.127C6.95646770542 14.527294 6.97733695982 15.002669 7.21250176686 15.38393C7.4476665739 15.765191 7.86372750208 15.998191 8.3126020986 16.0C8.3126020986 16.0 14.7077599684 16.0 14.7077599684 16.0C15.1566344646 15.9982 15.57269 5794 15.765191 15.8078605007 15.38393C16.0430252075 15.002669 16.0638944619 14.527294 15.8630371647 14.127C15.8630371647 14.127 12.6649598146 7.716 12.6649598146 7.716C12.4504036219 7.2757546 12.0015481798 6.9973287 11.5106824572 6.9999751C11.5106824572 6.9999751 11.5106824572 6.9999751 11.5106824572 6.9999751" opacity="0.35" fill="#d76e00" /> + <path d="M11.5327451 12.0C11.8096733867 12.0 12.0341688 11.776142 12.0341688 11.5C12.0341688 11.5 12.0341688 9.5 12.0341688 9.5C12.0341688 9.2238576 11.8096733867 9.0 11.5327451 9.0C11.2558168133 9.0 11.0313214 9.2238576 11.0313214 9.5C11.0313214 9.5 11.0313214 11.5 11.0313214 11.5C11.0313214 11.776142 11.2558168133 12.0 11.5327451 12.0C11.5327451 12.0 11.5327451 12.0 11.5327451 12.0M11.5327451 12.809C11.1500294496 12.809 10.8397775466 13.118371 10.8397775466 13.5C10.8397775466 13.881629 11.1500294496 14.191 11.5327451 14.191C11.9154607504 14.191 12.2257126534 13.881629 12.2257126534 13.5C12.2257126534 13.118371 11.9154607504 12.809 11.5327451 12.809C11.5327451 12.809 11.5327451 12.809 11.5327451 12.809" fill="#ffffff" /> + <path d="M7.08030321348 6.552C7.90163523408 6.56 8.5645173655 7.225 8.5645173655 8.046C8.5645173655 8.866 7.90163523408 9.532 7.08030321348 9.54C7.08030321348 9.54 7.08030321348 6.552 7.08030321348 6.552M6.30610502068 13.756C6.30610502068 13.756 9.4991711423 7.353 9.4991711423 7.353C9.5453021227 7.259 9.6144985933 7.184 9.6716608951 7.098C9.2845617987 6.039 8.2756973143 5.277 7.08030321348 5.271C7.08030321348 5.271 7.08030321348 4.417 7.08030321348 4.417C8.5043465215 4.423 9.7238089599 5.251 10.3164917733 6.443C10.6795225321 6.21 11.1067355245 6.074 11.5519997701 6.074C11.5519997701 6.074 11.5620282441 6.074 11.5620282441 6.074C11.5620282441 6.074 11.5640339389 6.074 11.5640339389 6.074C11.5660396337 6.074 11.5690481759 6.075 11.5710538707 6.075C10.8108955415 4.35 9.0900094031 3.141 7.08030321348 3.135C7.08030321348 3.135 7.08030321348 2.281 7.08030321348 2.281C9.6716608951 2.288 11.8618796167 3.993 12.5889439817 6.34C13.0231769059 6.561 13.3922247491 6.9 13.6088397875 7.344C13.60 88397875 7.344 14.1162805719 8.361 14.1162805719 8.361C14.1202919615 8.256 14.1313232829 8.152 14.1313232829 8.046C14.1313232829 4.155 10.9683425833 1.0 7.06626334988 1.0C3.16318126908 1.0 0.00020056948 4.155 0.00020056948 8.046C0.00020056948 11.603 2.64571201068 14.536 6.08046435568 15.015C6.03633907008 14.595 6.10252699848 14.16 6.30610502068 13.756C6.30610502068 13.756 6.30610502068 13.756 6.30610502068 13.756" fill-opacity="context-fill-opacity" fill="context-fill" /> +</svg> diff --git a/browser/themes/shared/identity-block/onion.svg b/browser/themes/shared/identity-block/onion.svg new file mode 100644 index 000000000000..b123a9786acc --- /dev/null +++ b/browser/themes/shared/identity-block/onion.svg @@ -0,0 +1,3 @@ +<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16"> + <path d="M8.01435945 13.726867125C8.01435945 13.726867125 8.01435945 12.87830525 8.01435945 12.87830525C10.70227825 12.87051775 12.87869375 10.689666 12.87869375 7.9998060125C12.87869375 5.310140275 10.70227825 3.1292621 8.01435945 3.121500325C8.01435945 3.121500325 8.01435945 2.272938975 8.01435945 2.272938975C11.170899375 2.280892725 13.727061375 4.8415202875 13.727061375 7.9998060125C13.727061375 11.158285375 11.170899375 13.719105 8.01435945 13.726867125C8.01435945 13.726867125 8.01435945 13.726867125 8.01435945 13.726867125M8.01435945 10.756805625C9.5304373 10.74884925 10.75758175 9.5180185125 10.75758175 7.9998060125C10.75758175 6.4817875 9.5304373 5.2509564125 8.01435945 5.2430005625C8.01435945 5.2430005625 8.01435945 4.3946332875 8.01435945 4.3946332875C9.999251625 4.4023945375 11.60614275 6.013167425 11.60614275 7.9998060125C11.60614275 9.986639375 9.999251625 11.597411125 8.01435945 11.605172375C8.01435945 11.605172375 8.01435945 10.756805625 8.01435945 10.756805625M8.01 435945 6.5157454625C8.8276046625 6.5235067125 9.484837025 7.184620575 9.484837025 7.9998060125C9.484837025 8.815185875 8.8276046625 9.4762985125 8.01435945 9.4840608125C8.01435945 9.4840608125 8.01435945 6.5157454625 8.01435945 6.5157454625M1.0 7.9998060125C1.0 11.8659705 4.1338360375 15.0 8.0000000875 15.0C11.8659705 15.0 15.0 11.8659705 15.0 7.9998060125C15.0 4.1338360375 11.8659705 1.0 8.0000000875 1.0C4.1338360375 1.0 1.0 4.1338360375 1.0 7.9998060125C1.0 7.9998060125 1.0 7.9998060125 1.0 7.9998060125" fill-rule="even-odd" fill-opacity="context-fill-opacity" fill="context-fill" /> +</svg> diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 8cfe1b69c371..71fea38eb829 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -57,6 +57,9 @@ skin/classic/browser/connection-secure.svg (../shared/identity-block/connection-secure.svg) skin/classic/browser/connection-mixed-passive-loaded.svg (../shared/identity-block/connection-mixed-passive-loaded.svg) skin/classic/browser/connection-mixed-active-loaded.svg (../shared/identity-block/connection-mixed-active-loaded.svg) + skin/classic/browser/onion.svg (../shared/identity-block/onion.svg) + skin/classic/browser/onion-slash.svg (../shared/identity-block/onion-slash.svg) + skin/classic/browser/onion-warning.svg (../shared/identity-block/onion-warning.svg) skin/classic/browser/info.svg (../shared/info.svg) skin/classic/browser/newInstall.css (../shared/newInstall.css) skin/classic/browser/newInstallPage.css (../shared/newInstallPage.css) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index da92cb4967b0..2f090de19231 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -9057,6 +9057,25 @@ bool nsContentUtils::ComputeIsSecureContext(nsIChannel* aChannel) { return principal->GetIsOriginPotentiallyTrustworthy(); } +/* static */ bool nsContentUtils::DocumentHasOnionURI(Document* aDocument) { + if (!aDocument) { + return false; + } + + nsIURI* uri = aDocument->GetDocumentURI(); + if (!uri) { + return false; + } + + nsAutoCString host; + if (NS_SUCCEEDED(uri->GetHost(host))) { + bool hasOnionURI = StringEndsWith(host, NS_LITERAL_CSTRING(".onion")); + return hasOnionURI; + } + + return false; +} + /* static */ void nsContentUtils::TryToUpgradeElement(Element* aElement) { NodeInfo* nodeInfo = aElement->NodeInfo(); diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h index b8dc0092e32b..08a117fc2803 100644 --- a/dom/base/nsContentUtils.h +++ b/dom/base/nsContentUtils.h @@ -2999,6 +2999,11 @@ class nsContentUtils { */ static bool HttpsStateIsModern(Document* aDocument); + /** + * Returns true of the document's URI is a .onion + */ + static bool DocumentHasOnionURI(Document* aDocument); + /** * Returns true if the channel is for top-level window and is over secure * context. diff --git a/dom/base/nsGlobalWindowOuter.cpp b/dom/base/nsGlobalWindowOuter.cpp index da9d56e843a2..abe1e56d9714 100644 --- a/dom/base/nsGlobalWindowOuter.cpp +++ b/dom/base/nsGlobalWindowOuter.cpp @@ -1868,7 +1868,8 @@ bool nsGlobalWindowOuter::ComputeIsSecureContext(Document* aDocument, return false; } - if (nsContentUtils::HttpsStateIsModern(aDocument)) { + if (nsContentUtils::HttpsStateIsModern(aDocument) || + nsContentUtils::DocumentHasOnionURI(aDocument)) { return true; } diff --git a/dom/ipc/WindowGlobalActor.cpp b/dom/ipc/WindowGlobalActor.cpp index 25204e1fc20e..b6dfa63fe664 100644 --- a/dom/ipc/WindowGlobalActor.cpp +++ b/dom/ipc/WindowGlobalActor.cpp @@ -14,6 +14,7 @@ #include "mozilla/dom/JSWindowActorParent.h" #include "mozilla/dom/JSWindowActorChild.h" #include "mozilla/net/CookieJarSettings.h" +#include "mozilla/dom/nsMixedContentBlocker.h" namespace mozilla { namespace dom { @@ -118,7 +119,8 @@ WindowGlobalInit WindowGlobalActor::WindowInitializer( nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(doc->GetDocumentURI()); if (innerDocURI) { mozilla::Get<WindowContext::IDX_IsSecure>(init.context().mFields) = - innerDocURI->SchemeIs("https"); + innerDocURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI); } nsCOMPtr<nsIChannel> mixedChannel; aWindow->GetDocShell()->GetMixedContentChannel(getter_AddRefs(mixedChannel)); diff --git a/dom/ipc/WindowGlobalChild.cpp b/dom/ipc/WindowGlobalChild.cpp index d545661be835..142c35ea4e17 100644 --- a/dom/ipc/WindowGlobalChild.cpp +++ b/dom/ipc/WindowGlobalChild.cpp @@ -38,6 +38,8 @@ #include "nsIHttpChannelInternal.h" #include "nsIURIMutator.h" +#include "mozilla/dom/nsMixedContentBlocker.h" + using namespace mozilla::ipc; using namespace mozilla::dom::ipc; @@ -223,7 +225,9 @@ void WindowGlobalChild::OnNewDocument(Document* aDocument) { nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(aDocument->GetDocumentURI()); if (innerDocURI) { - txn.SetIsSecure(innerDocURI->SchemeIs("https")); + txn.SetIsSecure( + innerDocURI->SchemeIs("https") || + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI)); } nsCOMPtr<nsIChannel> mixedChannel; mWindowGlobal->GetDocShell()->GetMixedContentChannel( diff --git a/dom/presentation/PresentationRequest.cpp b/dom/presentation/PresentationRequest.cpp index 020cbda1c1b1..35c0ae575568 100644 --- a/dom/presentation/PresentationRequest.cpp +++ b/dom/presentation/PresentationRequest.cpp @@ -468,7 +468,8 @@ bool PresentationRequest::IsProhibitMixedSecurityContexts(Document* aDocument) { nsCOMPtr<Document> doc = aDocument; while (doc && !nsContentUtils::IsChromeDoc(doc)) { - if (nsContentUtils::HttpsStateIsModern(doc)) { + if (nsContentUtils::HttpsStateIsModern(doc) || + nsContentUtils::DocumentHasOnionURI(doc)) { return true; } diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index 477c1543ab20..ee0fddeb3e2c 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -587,8 +587,8 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - // Check the parent scheme. If it is not an HTTPS page then mixed content - // restrictions do not apply. + // Check the parent scheme. If it is not an HTTPS or .onion page then mixed + // content restrictions do not apply. nsCOMPtr<nsIURI> innerRequestingLocation = NS_GetInnermostURI(requestingLocation); if (!innerRequestingLocation) { @@ -599,6 +599,17 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, bool parentIsHttps = innerRequestingLocation->SchemeIs("https"); if (!parentIsHttps) { + bool parentIsOnion = IsPotentiallyTrustworthyOnion(innerRequestingLocation); + if (!parentIsOnion) { + *aDecision = ACCEPT; + return NS_OK; + } + } + + bool isHttpScheme = innerContentLocation->SchemeIs("http"); + // .onion URLs are encrypted and authenticated. Don't treat them as mixed + // content if potentially trustworthy (i.e. whitelisted). + if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { *aDecision = ACCEPT; return NS_OK; } @@ -618,7 +629,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } - bool isHttpScheme = innerContentLocation->SchemeIs("http"); if (isHttpScheme && IsPotentiallyTrustworthyOrigin(innerContentLocation)) { *aDecision = ACCEPT; return NS_OK; diff --git a/security/manager/ssl/nsSecureBrowserUI.cpp b/security/manager/ssl/nsSecureBrowserUI.cpp index fd9a26d42b79..0dd53ded3708 100644 --- a/security/manager/ssl/nsSecureBrowserUI.cpp +++ b/security/manager/ssl/nsSecureBrowserUI.cpp @@ -9,6 +9,7 @@ #include "mozilla/Logging.h" #include "mozilla/Unused.h" #include "mozilla/dom/Document.h" +#include "mozilla/dom/nsMixedContentBlocker.h" #include "nsContentUtils.h" #include "nsIChannel.h" #include "nsDocShell.h" @@ -136,6 +137,17 @@ void nsSecureBrowserUI::UpdateForLocationOrMixedContentChange() { } } } + + // any protocol routed over tor is secure + if (!(mState & nsIWebProgressListener::STATE_IS_SECURE)) { + nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(win->GetDocumentURI()); + if (innerDocURI && + nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(innerDocURI)) { + MOZ_LOG(gSecureBrowserUILog, LogLevel::Debug, (" is onion")); + mState = (mState & ~nsIWebProgressListener::STATE_IS_INSECURE) | + nsIWebProgressListener::STATE_IS_SECURE; + } + } } // Add the mixed content flags from the window

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 30541: Disable WebGL readPixel() for web content
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 3ff17b93de8d76601c06a6ea01331efc67bde8f4 Author: Georg Koppen <gk(a)torproject.org> Date: Wed May 29 12:29:19 2019 +0000 Bug 30541: Disable WebGL readPixel() for web content --- dom/canvas/ClientWebGLContext.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp index 42c0b1ba6b80..c7f2559332d3 100644 --- a/dom/canvas/ClientWebGLContext.cpp +++ b/dom/canvas/ClientWebGLContext.cpp @@ -4118,6 +4118,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck( return false; } + // Security check passed, but don't let content readPixel calls through for + // now, if Resist Fingerprinting Mode is enabled. + if (nsContentUtils::ResistFingerprinting(aCallerType)) { + JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode"); + out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); + return false; + } + return true; }

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 32092: Fix Tor Browser Support link in preferences
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit bddb0f15932b09ea801c02e6eb0cc3864f56f06c Author: Alex Catarineu <acat(a)torproject.org> Date: Tue Oct 15 22:54:10 2019 +0200 Bug 32092: Fix Tor Browser Support link in preferences --- browser/components/preferences/preferences.js | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/browser/components/preferences/preferences.js b/browser/components/preferences/preferences.js index 089533f20ade..586e32e277cb 100644 --- a/browser/components/preferences/preferences.js +++ b/browser/components/preferences/preferences.js @@ -121,10 +121,7 @@ function init_all() { gotoPref().then(() => { let helpButton = document.getElementById("helpButton"); - let helpUrl = - Services.urlFormatter.formatURLPref("app.support.baseURL") + - "preferences"; - helpButton.setAttribute("href", helpUrl); + helpButton.setAttribute("href", "https://support.torproject.org/tbb"); document.getElementById("addonsButton").addEventListener("click", e => { if (e.button >= 2) {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 27511: Add new identity button to toolbar
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit f34938b82f8d786e3c44224bb5566f74398f6bfd Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 4 19:08:33 2019 +0200 Bug 27511: Add new identity button to toolbar Also added 'New circuit for this site' button to CustomizableUI, but not visible by default. --- browser/base/content/browser.xhtml | 10 ++++++++++ .../components/customizableui/CustomizableUI.jsm | 21 +++++++++++++++++++++ browser/themes/shared/icons/new_circuit.svg | 8 ++++++++ browser/themes/shared/icons/new_identity.svg | 9 +++++++++ browser/themes/shared/jar.inc.mn | 3 +++ browser/themes/shared/menupanel.inc.css | 8 ++++++++ browser/themes/shared/toolbarbutton-icons.inc.css | 8 ++++++++ 7 files changed, 67 insertions(+) diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 72c415b8f843..ddf5d766126b 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1295,6 +1295,16 @@ ondragenter="newWindowButtonObserver.onDragOver(event)" ondragexit="newWindowButtonObserver.onDragExit(event)"/> + <toolbarbutton id="new-identity-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();" + tooltiptext="&torbutton.context_menu.new_identity;"/> + + <toolbarbutton id="new-circuit-button" class="toolbarbutton-1 chromeclass-toolbar-additional" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();" + tooltiptext="&torbutton.context_menu.new_circuit;"/> + <toolbarbutton id="fullscreen-button" class="toolbarbutton-1 chromeclass-toolbar-additional" observes="View:FullScreen" type="checkbox" diff --git a/browser/components/customizableui/CustomizableUI.jsm b/browser/components/customizableui/CustomizableUI.jsm index e2f006c73464..1c0064249158 100644 --- a/browser/components/customizableui/CustomizableUI.jsm +++ b/browser/components/customizableui/CustomizableUI.jsm @@ -68,6 +68,8 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"]; */ var kVersion = 16; +var kTorVersion = 1; + /** * Buttons removed from built-ins by version they were removed. kVersion must be * bumped any time a new id is added to this. Use the button id as key, and @@ -566,6 +568,20 @@ var CustomizableUIInternal = { navbarPlacements.push("fxa-toolbar-menu-button"); } } + + let currentTorVersion = gSavedState.currentTorVersion; + if (currentTorVersion < 1 && gSavedState.placements) { + let navbarPlacements = gSavedState.placements[CustomizableUI.AREA_NAVBAR]; + if (navbarPlacements) { + let secLevelIndex = navbarPlacements.indexOf("security-level-button"); + if (secLevelIndex === -1) { + let urlbarIndex = navbarPlacements.indexOf("urlbar-container"); + secLevelIndex = urlbarIndex + 1; + navbarPlacements.splice(secLevelIndex, 0, "security-level-button"); + } + navbarPlacements.splice(secLevelIndex + 1, 0, "new-identity-button"); + } + } }, /** @@ -2369,6 +2385,10 @@ var CustomizableUIInternal = { gSavedState.currentVersion = 0; } + if (!("currentTorVersion" in gSavedState)) { + gSavedState.currentTorVersion = 0; + } + gSeenWidgets = new Set(gSavedState.seen || []); gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []); gNewElementCount = gSavedState.newElementCount || 0; @@ -2447,6 +2467,7 @@ var CustomizableUIInternal = { seen: gSeenWidgets, dirtyAreaCache: gDirtyAreaCache, currentVersion: kVersion, + currentTorVersion: kTorVersion, newElementCount: gNewElementCount, }; diff --git a/browser/themes/shared/icons/new_circuit.svg b/browser/themes/shared/icons/new_circuit.svg new file mode 100644 index 000000000000..e0a93cc83502 --- /dev/null +++ b/browser/themes/shared/icons/new_circuit.svg @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <title>Icon / New Circuit(a)1.5x</title> + <g id="Icon-/-New-Circuit" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <path d="M13.4411138,10.1446317 L9.5375349,10.1446317 C8.99786512,10.1446317 8.56164018,10.5818326 8.56164018,11.1205264 C8.56164018,11.6592203 8.99786512,12.0964212 9.5375349,12.0964212 L11.4571198,12.0964212 C10.7554515,13.0479185 9.73466563,13.692009 8.60067597,13.9359827 C8.41818366,13.9720908 8.23276366,14.0033194 8.04734366,14.0218614 C7.97219977,14.0277168 7.89803177,14.0306445 7.82288788,14.0335722 C6.07506044,14.137017 4.290149,13.4499871 3.38647049,11.857327 C2.52280367,10.3349312 2.77263271,8.15966189 3.93687511,6.87343267 C5.12453898,5.56183017 7.44814431,5.04363008 8.21226987,3.38558497 C9.01738301,4.92847451 9.60682342,5.02801577 10.853041,6.15029468 C11.2892659,6.54455615 11.9704404,7.55558307 12.1861132,8.10501179 C12.3051723,8.40949094 12.5013272,9.17947187 12.5013272,9.17947187 L14.2862386,9.17947187 C14.2091429,7.59754654 13.439162,5.96877827 12.2261248,4.93628166 C11.279507,4.13116853 10.5065984,3.84718317 9.77662911,2.8088312 C9.63219669,2.60194152 9.599 99216,2.4565332 9.56290816,2.21646311 C9.53851079,2.00762164 9.54143848,1.78511764 9.62048595,1.53919218 C9.65952174,1.41720534 9.59804037,1.28545955 9.47702943,1.23764071 L6.40296106,0.0167964277 C6.32391359,-0.0134563083 6.23413128,-0.00272146652 6.16679454,0.0480250584 L5.95502539,0.206120002 C5.85743592,0.280288 5.82815908,0.416913259 5.89159223,0.523285783 C6.70060895,1.92564648 6.36978064,2.82542141 5.8984235,3.20211676 C5.4914754,3.4900057 4.99084141,3.72226864 4.63366394,3.95453159 C3.82367132,4.47956294 3.03222071,5.02508808 2.40374451,5.76774396 C0.434388969,8.09427695 0.519291809,12.0046871 2.77165682,14.1077402 C3.65288975,14.9284676 4.70295247,15.4749686 5.81742423,15.7570022 C5.81742423,15.7570022 6.13556591,15.833122 6.21754107,15.8497122 C7.36616915,16.0829511 8.53529102,16.0146384 9.62243774,15.6672199 C9.67416016,15.6525815 9.77174963,15.620377 9.76784605,15.6154975 C10.7730176,15.2700308 11.7049971,14.7010841 12.4652191,13.90573 L12.4652191,15.0241053 C12.4652191, 15.5627992 12.901444,16 13.4411138,16 C13.9798077,16 14.4170085,15.5627992 14.4170085,15.0241053 L14.4170085,11.1205264 C14.4170085,10.5818326 13.9798077,10.1446317 13.4411138,10.1446317" id="Fill-3" fill="context-fill" fill-opacity="context-fill-opacity"></path> + <path d="M5.107,7.462 C4.405,8.078 4,8.946 4,9.839 C4,10.712 4.422,11.57 5.13,12.132 C5.724,12.607 6.627,12.898 7.642,12.949 L7.642,5.8 C7.39,6.029 7.103,6.227 6.791,6.387 C5.993,6.812 5.489,7.133 5.107,7.462" id="Fill-1" fill="context-fill" fill-opacity="context-fill-opacity"></path> + </g> +</svg> diff --git a/browser/themes/shared/icons/new_identity.svg b/browser/themes/shared/icons/new_identity.svg new file mode 100644 index 000000000000..91d5b35f7e80 --- /dev/null +++ b/browser/themes/shared/icons/new_identity.svg @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<svg width="16px" height="16px" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <title>New Identity Icon</title> + <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd"> + <g id="New-Identity-Icon" fill="#000000" fill-rule="nonzero"> + <path d="M4.65687153,14.5532899 L5.79494313,12.0855326 C5.8689125,11.9251399 5.6620883,11.7793527 5.53742729,11.9040137 L3.77194352,13.6694975 L2.32342782,12.2228406 L4.089841,10.4564274 C4.21450201,10.3317664 4.06871482,10.1249422 3.90832206,10.1989116 L1.43773764,11.338287 L0.206601383,10.1087306 C0.0509544211,9.9532834 -0.0167994233,9.75447206 0.00351451705,9.53432844 C0.0238284574,9.31418483 0.154794797,9.13897939 0.330406365,9.0302193 L4.61213917,6.53066101 C4.98542292,6.31331572 5.42541251,6.16259067 5.8659261,6.07796117 C6.63682488,5.92985954 7.40999434,6.06817199 8.09666802,6.42610336 L12.618483,1.910278 C13.0562019,1.47313888 13.7399062,1.45652879 14.1403159,1.87828207 C14.5407256,2.30003536 14.523905,2.96081599 14.0861861,3.39795511 L9.56437119,7.91378047 C9.92258101,8.57753432 10.0391721,9.37155544 9.91292178,10.1416209 C9.85023328,10.5817332 9.67706706,10.9989392 9.45960494,11.3937636 L6.95651989,15.6478297 C6.84761416,15.82321 6.6720026,15.9319701 6.47398108 ,15.9964916 C6.25354962,16.0167745 6.0544801,15.9491049 5.89883314,15.7936577 L4.65687153,14.5532899 L4.65687153,14.5532899 Z M6.35600863,9.57888316 C6.35684236,9.57982492 6.35770616,9.58074275 6.35860024,9.58163642 L7.56801202,10.7899206 C7.78820303,11.010009 8.15567242,10.9533982 8.29166823,10.678253 C8.42766403,10.4031079 8.55818512,10.1511975 8.61427424,9.83946755 C8.73630873,9.14856819 8.51477165,8.45005355 8.01189873,7.92920397 C8.01085853,7.92816425 8.00979562,7.92715687 8.00871022,7.92618158 C8.00773493,7.92509618 8.00672754,7.92403327 8.00568783,7.92299307 C7.48483824,7.42012014 6.7863236,7.19858307 6.09542425,7.32061756 C5.78369428,7.37670668 5.53178393,7.50722777 5.25663877,7.64322357 C4.98149362,7.77921937 4.92488284,8.14668876 5.14497116,8.36687978 L6.35325537,9.57629155 C6.35414904,9.57718564 6.35506687,9.57804944 6.35600863,9.57888316 L6.35600863,9.57888316 Z M3.56503003,4.86094581 C3.44279837,4.85716019 3.33693302,4.76594656 3.31450832,4.6450962 C3.29259157,4.5009814 3 3.24425431,4.36089837 3.1719467,4.23194774 C3.04272848,4.15978087 2.90235166,4.11153221 2.75793184,4.08964745 C2.63678145,4.06729735 2.5453314,3.9616241 2.54155161,3.83961366 C2.53777182,3.71760322 2.62276629,3.61489221 2.74265726,3.59658884 C2.88757581,3.57942626 3.02687427,3.53584537 3.15371096,3.46798665 C3.21938702,3.3436261 3.26061987,3.20700605 3.27529255,3.0651408 C3.29205048,2.94466859 3.39451537,2.85825378 3.5172925,2.86104768 C3.6386065,2.86399065 3.74452528,2.95324633 3.76872081,3.07292141 C3.79288781,3.21715288 3.84342323,3.35694342 3.91777207,3.4852254 C4.04615548,3.55876237 4.18583906,3.60883869 4.32991405,3.63297757 C4.45015386,3.6576218 4.53936117,3.76418021 4.54139495,3.88559216 C4.54342874,4.00700411 4.45770065,4.10814717 4.33816215,4.12536877 C4.1960481,4.14067978 4.05931708,4.18249381 3.9349938,4.24866259 C3.86697751,4.37522253 3.82328954,4.51422019 3.80607564,4.65882867 C3.78847982,4.77811508 3.68677836,4.86339193 3.56503003,4.86094581 Z M14.4103464,14.3126948 C14.2513672,14.307719 14.1137716,14.188804 14.0849193,14.0314492 C14.045996,13.7585014 13.9510862,13.4938971 13.8061961,13.2543814 C13.5663773,13.109665 13.301434,13.0148623 13.0281329,12.9759728 C12.8707684,12.946921 12.75198,12.8095493 12.7470672,12.6509372 C12.7421545,12.492325 12.8525523,12.3587997 13.0082799,12.3350024 C13.2816632,12.3044807 13.5433622,12.2185794 13.7775725,12.0824861 C13.9099238,11.8524988 13.992337,11.5955854 14.0197279,11.3275956 C14.0417134,11.1717293 14.1740126,11.0598594 14.3327736,11.0628895 C14.4905572,11.0667732 14.6282205,11.1831391 14.6593783,11.3389665 C14.703143,11.6110771 14.8017156,11.8740418 14.9490566,12.1117486 C15.1872615,12.2578242 15.450159,12.3559923 15.7221615,12.4004323 C15.8783433,12.4324665 15.9942186,12.5709889 15.9968634,12.7288231 C15.9995083,12.8866572 15.8881575,13.0181443 15.7328877,13.0405352 C15.4641157,13.0669716 15.2064728,13.14931 14.9763475,13.2823129 C14.8406047,13.5164173 14.7548186,13.7777086 14.724105,14.0506041 C14.70 09285,14.2056508 14.5685348,14.3162427 14.4103464,14.3126948 Z M8.37194288,2.75251202 C8.23729358,2.7482977 8.12075529,2.6475812 8.09631849,2.5143077 C8.06335201,2.28313133 7.98296703,2.05902158 7.86025062,1.85616098 C7.65713325,1.73359169 7.43273641,1.65329741 7.2012608,1.62035947 C7.06797908,1.59575373 6.9673698,1.47940513 6.96320889,1.34506671 C6.95904797,1.21072829 7.05255074,1.09763741 7.18444606,1.07748204 C7.41599123,1.0516313 7.6376403,0.978876138 7.83600755,0.863610339 C7.94810399,0.668819911 8.01790485,0.45122403 8.04110388,0.224246882 C8.05972477,0.0922341146 8.17177714,-0.00251545243 8.30624168,5.089704e-05 C8.43987839,0.00334026838 8.55647391,0.101897787 8.58286336,0.233877601 C8.61993042,0.464344927 8.70341768,0.687066016 8.82820981,0.888394549 C9.02996027,1.012115 9.25262444,1.09525963 9.4830002,1.13289867 C9.6152802,1.16003037 9.71342219,1.27735361 9.71566226,1.41103311 C9.71790232,1.5447126 9.62359245,1.65607713 9.49208487,1.67504141 C9.26444525,1.69743199 9.0462315 3,1.76716948 8.85132417,1.87981789 C8.73635526,2.07809534 8.66369764,2.2993991 8.63768445,2.53053117 C8.61805481,2.66184983 8.50592239,2.75551697 8.37194288,2.75251202 Z" id="Shape" fill="context-fill" fill-opacity="context-fill-opacity"></path> + </g> + </g> +</svg> \ No newline at end of file diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 71fea38eb829..e4a3c8d2d41c 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -302,3 +302,6 @@ skin/classic/browser/install-ssb.svg (../shared/install-ssb.svg) skin/classic/browser/critical.svg (../shared/icons/critical.svg) skin/classic/browser/webRTC-indicator.css (../shared/webRTC-indicator.css) + + skin/classic/browser/new_circuit.svg (../shared/icons/new_circuit.svg) + skin/classic/browser/new_identity.svg (../shared/icons/new_identity.svg) diff --git a/browser/themes/shared/menupanel.inc.css b/browser/themes/shared/menupanel.inc.css index c919f32a1454..eae453ec5004 100644 --- a/browser/themes/shared/menupanel.inc.css +++ b/browser/themes/shared/menupanel.inc.css @@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] > #bookmarks-menu-button, -moz-context-properties: fill, fill-opacity; fill-opacity: 0; } + +#appMenuNewIdentity { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#appMenuNewCircuit { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css b/browser/themes/shared/toolbarbutton-icons.inc.css index 9514eb1d5338..cf02f871c9a4 100644 --- a/browser/themes/shared/toolbarbutton-icons.inc.css +++ b/browser/themes/shared/toolbarbutton-icons.inc.css @@ -233,6 +233,14 @@ toolbar[brighttext] { list-style-image: url("chrome://browser/skin/new-tab.svg"); } +#new-identity-button { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#new-circuit-button { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} + #privatebrowsing-button { list-style-image: url("chrome://browser/skin/privateBrowsing.svg"); }

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 28369: Stop shipping pingsender executable
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 300b07d66dbc47578b6b4e32283d4eaa6d920bae Author: Alex Catarineu <acat(a)torproject.org> Date: Wed Apr 10 17:52:51 2019 +0200 Bug 28369: Stop shipping pingsender executable --- browser/app/macbuild/Contents/MacOS-files.in | 1 - browser/installer/package-manifest.in | 4 ---- browser/installer/windows/nsis/shared.nsh | 1 - python/mozbuild/mozbuild/artifacts.py | 2 -- toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +------------------ toolkit/components/telemetry/moz.build | 4 ---- 6 files changed, 1 insertion(+), 30 deletions(-) diff --git a/browser/app/macbuild/Contents/MacOS-files.in b/browser/app/macbuild/Contents/MacOS-files.in index a0cac14ef7e3..38c3766c6375 100644 --- a/browser/app/macbuild/Contents/MacOS-files.in +++ b/browser/app/macbuild/Contents/MacOS-files.in @@ -13,7 +13,6 @@ #if defined(MOZ_CRASHREPORTER) /minidump-analyzer #endif -/pingsender /pk12util /ssltunnel /xpcshell diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index ad7dd023a92e..9e36326dee5b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -444,10 +444,6 @@ bin/libfreebl_64int_3.so @BINPATH@/minidump-analyzer@BIN_SUFFIX@ #endif -; [ Ping Sender ] -; -@BINPATH@/pingsender@BIN_SUFFIX@ - ; Shutdown Terminator @RESPATH@/components/terminator.manifest diff --git a/browser/installer/windows/nsis/shared.nsh b/browser/installer/windows/nsis/shared.nsh index 668fbca98b39..cb61865af70f 100755 --- a/browser/installer/windows/nsis/shared.nsh +++ b/browser/installer/windows/nsis/shared.nsh @@ -1472,7 +1472,6 @@ ${EndIf} Push "crashreporter.exe" Push "default-browser-agent.exe" Push "minidump-analyzer.exe" - Push "pingsender.exe" Push "updater.exe" Push "updateagent.exe" Push "${FileMainEXE}" diff --git a/python/mozbuild/mozbuild/artifacts.py b/python/mozbuild/mozbuild/artifacts.py index d1de6bca15d9..35107ac894fd 100644 --- a/python/mozbuild/mozbuild/artifacts.py +++ b/python/mozbuild/mozbuild/artifacts.py @@ -420,7 +420,6 @@ class LinuxArtifactJob(ArtifactJob): '{product}/{product}', '{product}/{product}-bin', '{product}/minidump-analyzer', - '{product}/pingsender', '{product}/plugin-container', '{product}/updater', '{product}/**/*.so', @@ -482,7 +481,6 @@ class MacArtifactJob(ArtifactJob): 'libosclientcerts.dylib', 'libsoftokn3.dylib', 'minidump-analyzer', - 'pingsender', 'plugin-container.app/Contents/MacOS/plugin-container', 'updater.app/Contents/MacOS/org.mozilla.updater', # 'xpcshell', diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm b/toolkit/components/telemetry/app/TelemetrySend.jsm index f0f61b74026b..502416431b24 100644 --- a/toolkit/components/telemetry/app/TelemetrySend.jsm +++ b/toolkit/components/telemetry/app/TelemetrySend.jsm @@ -1578,23 +1578,6 @@ var TelemetrySendImpl = { }, runPingSender(pings, observer) { - if (AppConstants.platform === "android") { - throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); - } - - const exeName = - AppConstants.platform === "win" ? "pingsender.exe" : "pingsender"; - - let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile); - exe.append(exeName); - - let params = pings.flatMap(ping => [ping.url, ping.path]); - let process = Cc["@mozilla.org/process/util;1"].createInstance( - Ci.nsIProcess - ); - process.init(exe); - process.startHidden = true; - process.noShell = true; - process.runAsync(params, params.length, observer); + throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); }, }; diff --git a/toolkit/components/telemetry/moz.build b/toolkit/components/telemetry/moz.build index 8d9104f632a6..520d2da3acf1 100644 --- a/toolkit/components/telemetry/moz.build +++ b/toolkit/components/telemetry/moz.build @@ -8,10 +8,6 @@ include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' -DIRS = [ - 'pingsender', -] - DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] LOCAL_INCLUDES += [

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 26345: Hide tracking protection UI
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 83ec1a0a497dfa279a22ab53749d455bfc4a3842 Author: Alex Catarineu <acat(a)torproject.org> Date: Tue Sep 10 16:29:31 2019 +0200 Bug 26345: Hide tracking protection UI --- browser/base/content/browser-siteIdentity.js | 4 ++-- browser/components/about/AboutRedirector.cpp | 4 ---- browser/components/about/components.conf | 1 - browser/components/customizableui/content/panelUI.inc.xhtml | 4 ++-- browser/components/moz.build | 1 - browser/themes/shared/preferences/privacy.css | 4 ++++ 6 files changed, 8 insertions(+), 10 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 71b12374758d..b7fa432d9478 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -837,10 +837,10 @@ var gIdentityHandler = { this._refreshPermissionIcons(); - // Hide the shield icon if it is a chrome page. + // Bug 26345: Hide tracking protection UI. gProtectionsHandler._trackingProtectionIconContainer.classList.toggle( "chromeUI", - this._isSecureInternalUI + true ); }, diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 933d519bd959..544e21782729 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,10 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, - {"protections", "chrome://browser/content/protections.html", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | - nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, {"pioneer", "chrome://browser/content/pioneer.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index f31159d30e15..d78de142e2e4 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -20,7 +20,6 @@ pages = [ 'policies', 'preferences', 'privatebrowsing', - 'protections', 'profiling', 'reader', 'restartrequired', diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index 719eee14e681..45f4a10ace7b 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -244,7 +244,7 @@ oncommand="gSync.toggleAccountPanel('PanelUI-fxa', this, event)"/> </toolbaritem> <toolbarseparator class="sync-ui-item"/> - <toolbaritem> + <toolbaritem hidden="true"> <toolbarbutton id="appMenu-protection-report-button" class="subviewbutton subviewbutton-iconic" oncommand="gProtectionsHandler.openProtections(); gProtectionsHandler.recordClick('open_full_report', null, 'app_menu');"> @@ -255,7 +255,7 @@ </label> </toolbarbutton> </toolbaritem> - <toolbarseparator id="appMenu-tp-separator"/> + <toolbarseparator hidden="true" id="appMenu-tp-separator"/> <toolbarbutton id="appMenu-new-window-button" class="subviewbutton subviewbutton-iconic" label="&newNavigatorCmd.label;" diff --git a/browser/components/moz.build b/browser/components/moz.build index 8d6d2503e4a0..cb6eeb9164ef 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -48,7 +48,6 @@ DIRS += [ 'preferences', 'privatebrowsing', 'prompts', - 'protections', 'protocolhandler', 'resistfingerprinting', 'search', diff --git a/browser/themes/shared/preferences/privacy.css b/browser/themes/shared/preferences/privacy.css index 7ac2a5119411..87e3ecc2d4b7 100644 --- a/browser/themes/shared/preferences/privacy.css +++ b/browser/themes/shared/preferences/privacy.css @@ -99,6 +99,10 @@ /* Content Blocking */ +#trackingGroup { + display: none; +} + /* Override styling that sets descriptions as grey */ #trackingGroup description.indent, #trackingGroup .indent > description {

1 0

[tor-browser/tor-browser-78.14.0esr-10.5-1] Bug 31607: App menu items stop working on macOS
by sysrqb＠torproject.org 04 Sep '21

04 Sep '21

commit 6938ac32e0a9b51ba961d312c9739790672d5ab6 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Oct 3 10:53:43 2019 -0400 Bug 31607: App menu items stop working on macOS Avoid re-creating the hidden window, since this causes the nsMenuBarX object that is associated with the app menu to be freed (which in turn causes all of the app menu items to stop working). More detail: There should only be one hidden window. XREMain::XRE_mainRun() contains an explicit call to create the hidden window and that is the normal path by which it is created. However, when Tor Launcher's wizard/progress window is opened during startup, a hidden window is created earlier as a side effect of calls to nsAppShellService::GetHiddenWindow(). Then, when XREMain::XRE_mainRun() creates its hidden window, the original one is freed which also causes the app menu's nsMenuBarX object which is associated with that window to be destroyed. When that happens, the menuGroupOwner property within each Cocoa menu items's MenuItemInfo object is cleared. This breaks the link that is necessary for NativeMenuItemTarget's menuItemHit method to dispatch a menu item event. --- xpfe/appshell/nsAppShellService.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/xpfe/appshell/nsAppShellService.cpp b/xpfe/appshell/nsAppShellService.cpp index 719684ceb072..1600a3fea789 100644 --- a/xpfe/appshell/nsAppShellService.cpp +++ b/xpfe/appshell/nsAppShellService.cpp @@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() { NS_IMETHODIMP nsAppShellService::CreateHiddenWindow() { + if (mHiddenWindow) { + return NS_OK; + } + if (!XRE_IsParentProcess()) { return NS_ERROR_NOT_IMPLEMENTED; }

1 0