- tbb-commits - lists.torproject.org

[Git][tpo/applications/firefox-android] Pushed new tag firefox-android-115.2.1-13.0-1-build16
by ma1 (＠ma1) 10 May '24

10 May '24

ma1 pushed new tag firefox-android-115.2.1-13.0-1-build16 at The Tor Project / Applications / firefox-android -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/tree/firef… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 4 commits: Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan
by ma1 (＠ma1) 10 May '24

10 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 60bae6b6 by Kershaw Chang at 2024-05-11T00:28:11+02:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - ebdf71f2 by Nika Layzell at 2024-05-11T00:28:14+02:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - d1a143b3 by Jonathan Kew at 2024-05-11T00:28:15+02:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - f6ebda2a by alwu at 2024-05-11T00:28:16+02:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 7 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/da… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/da… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 4 commits: Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan
by ma1 (＠ma1) 10 May '24

10 May '24

ma1 pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 8584ab91 by Kershaw Chang at 2024-05-11T00:21:58+02:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - 328452de by Nika Layzell at 2024-05-11T00:22:00+02:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - a593aa4b by Jonathan Kew at 2024-05-11T00:22:01+02:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - 45188fff by alwu at 2024-05-11T00:22:02+02:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 7 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d69874… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/d69874… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 4 commits: Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan
by ma1 (＠ma1) 10 May '24

10 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 9dec2654 by Kershaw Chang at 2024-05-11T00:17:10+02:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - 8e8da2bf by Nika Layzell at 2024-05-11T00:17:15+02:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - 4fd209ef by Jonathan Kew at 2024-05-11T00:17:16+02:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - ca21ab0c by alwu at 2024-05-11T00:17:17+02:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 7 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12787,6 +12787,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e6f7f1… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e6f7f1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.11.0esr-13.0-1-build2
by richard (＠richard) 10 May '24

10 May '24

richard pushed new tag mullvad-browser-115.11.0esr-13.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Deleted tag mullvad-browser-115.11.0esr-13.0-1-build2
by richard (＠richard) 10 May '24

10 May '24

richard deleted tag mullvad-browser-115.11.0esr-13.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.11.0esr-13.0-1-build2
by richard (＠richard) 10 May '24

10 May '24

richard pushed new tag base-browser-115.11.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.11.0esr-13.0-1-build2
by richard (＠richard) 10 May '24

10 May '24

richard pushed new tag tor-browser-115.11.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.11.0esr-13.0-1-build2
by richard (＠richard) 10 May '24

10 May '24

richard pushed new tag mullvad-browser-115.11.0esr-13.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: a87825b0 by Kershaw Chang at 2024-05-10T22:07:35+00:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - f98bc25e by Kershaw Chang at 2024-05-10T22:07:35+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - e1f9025e by Nika Layzell at 2024-05-10T22:07:35+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - a04f2066 by Jonathan Kew at 2024-05-10T22:07:35+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - 0d13381c by alwu at 2024-05-10T22:07:36+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b4… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/b4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch base-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: f7e4ecc5 by Kershaw Chang at 2024-05-10T22:02:56+00:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - 950e0948 by Kershaw Chang at 2024-05-10T22:02:56+00:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - e774ee7b by Nika Layzell at 2024-05-10T22:02:56+00:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - 6b293703 by Jonathan Kew at 2024-05-10T22:02:57+00:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - 8eb85f10 by alwu at 2024-05-10T22:02:57+00:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12779,6 +12779,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a728a… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8a728a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] 5 commits: Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers, valentin
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 51f80eb6 by Kershaw Chang at 2024-05-10T22:22:15+02:00 Bug 1870579 - Use PK11_GenerateRandom to generate random number, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D204755 - - - - - cb7f8ec0 by Kershaw Chang at 2024-05-10T22:22:56+02:00 Bug 1892449 - Set network.http.digest_auth_cnonce_length to 16, a=dmeehan Apparently, setting this value to 64 breaks some sites. We should use the same length as Chrome. Original Revision: https://phabricator.services.mozilla.com/D208103 Differential Revision: https://phabricator.services.mozilla.com/D208119 - - - - - 2e33d3b5 by Nika Layzell at 2024-05-10T22:37:57+02:00 Bug 1875248 - Check for network error preventing ExternalHelperAppService before DONT_RETARGET, r=smaug This reverts the change from 30cde47f9364e5c7da78fd08fa8ab21737d22399, and instead re-orders the NS_ERROR_FILE_NOT_FOUND check before DONT_RETARGET. Testing suggests that a-download-click-404.html behaviour isn't impacted, and this improves the handling of this edge-case when doing process switching. Differential Revision: https://phabricator.services.mozilla.com/D202007 - - - - - bbb3af71 by Jonathan Kew at 2024-05-10T23:19:01+02:00 Bug 1886598 - Struct with Pointer member may not be memmove-able. r=gfx-reviewers,lsalzman Differential Revision: https://phabricator.services.mozilla.com/D206633 - - - - - f87ae3f1 by alwu at 2024-05-10T23:34:34+02:00 Bug 1644383 - add mutexs to avoid data race. r=media-playback-reviewers,padenot Differential Revision: https://phabricator.services.mozilla.com/D206943 - - - - - 8 changed files: - dom/media/ipc/RemoteMediaDataDecoder.cpp - dom/media/ipc/RemoteMediaDataDecoder.h - dom/media/platforms/wrappers/MediaChangeMonitor.cpp - dom/media/platforms/wrappers/MediaChangeMonitor.h - gfx/thebes/gfxPlatformFontList.h - modules/libpref/init/StaticPrefList.yaml - netwerk/protocol/http/nsHttpDigestAuth.cpp - uriloader/base/nsURILoader.cpp Changes: ===================================== dom/media/ipc/RemoteMediaDataDecoder.cpp ===================================== @@ -18,7 +18,12 @@ namespace mozilla { ##__VA_ARGS__) RemoteMediaDataDecoder::RemoteMediaDataDecoder(RemoteDecoderChild* aChild) - : mChild(aChild) { + : mChild(aChild), + mDescription("RemoteMediaDataDecoder"_ns), + mProcessName("unknown"_ns), + mCodecName("unknown"_ns), + mIsHardwareAccelerated(false), + mConversion(ConversionRequired::kNeedNone) { LOG("%p is created", this); } @@ -48,6 +53,7 @@ RefPtr<MediaDataDecoder::InitPromise> RemoteMediaDataDecoder::Init() { ->Then( RemoteDecoderManagerChild::GetManagerThread(), __func__, [self, this](TrackType aTrack) { + MutexAutoLock lock(mMutex); // If shutdown has started in the meantime shutdown promise may // be resloved before this task. In this case mChild will be null // and the init promise has to be canceled. @@ -127,6 +133,7 @@ RefPtr<ShutdownPromise> RemoteMediaDataDecoder::Shutdown() { bool RemoteMediaDataDecoder::IsHardwareAccelerated( nsACString& aFailureReason) const { + MutexAutoLock lock(mMutex); aFailureReason = mHardwareAcceleratedReason; return mIsHardwareAccelerated; } @@ -145,18 +152,24 @@ void RemoteMediaDataDecoder::SetSeekThreshold(const media::TimeUnit& aTime) { MediaDataDecoder::ConversionRequired RemoteMediaDataDecoder::NeedsConversion() const { + MutexAutoLock lock(mMutex); return mConversion; } nsCString RemoteMediaDataDecoder::GetDescriptionName() const { + MutexAutoLock lock(mMutex); return mDescription; } nsCString RemoteMediaDataDecoder::GetProcessName() const { + MutexAutoLock lock(mMutex); return mProcessName; } -nsCString RemoteMediaDataDecoder::GetCodecName() const { return mCodecName; } +nsCString RemoteMediaDataDecoder::GetCodecName() const { + MutexAutoLock lock(mMutex); + return mCodecName; +} #undef LOG ===================================== dom/media/ipc/RemoteMediaDataDecoder.h ===================================== @@ -53,14 +53,16 @@ class RemoteMediaDataDecoder final // destructor when we can guarantee no other threads are accessing it). Only // read from the manager thread. RefPtr<RemoteDecoderChild> mChild; + + mutable Mutex mMutex{"RemoteMediaDataDecoder"}; + // Only ever written/modified during decoder initialisation. - // As such can be accessed from any threads after that. - nsCString mDescription = "RemoteMediaDataDecoder"_ns; - nsCString mProcessName = "unknown"_ns; - nsCString mCodecName = "unknown"_ns; - bool mIsHardwareAccelerated = false; - nsCString mHardwareAcceleratedReason; - ConversionRequired mConversion = ConversionRequired::kNeedNone; + nsCString mDescription MOZ_GUARDED_BY(mMutex); + nsCString mProcessName MOZ_GUARDED_BY(mMutex); + nsCString mCodecName MOZ_GUARDED_BY(mMutex); + bool mIsHardwareAccelerated MOZ_GUARDED_BY(mMutex); + nsCString mHardwareAcceleratedReason MOZ_GUARDED_BY(mMutex); + ConversionRequired mConversion MOZ_GUARDED_BY(mMutex); }; } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.cpp ===================================== @@ -668,6 +668,7 @@ RefPtr<ShutdownPromise> MediaChangeMonitor::ShutdownDecoder() { AssertOnThread(); mConversionRequired.reset(); if (mDecoder) { + MutexAutoLock lock(mMutex); RefPtr<MediaDataDecoder> decoder = std::move(mDecoder); return decoder->Shutdown(); } @@ -715,6 +716,7 @@ MediaChangeMonitor::CreateDecoder() { ->Then( GetCurrentSerialEventTarget(), __func__, [self = RefPtr{this}, this](RefPtr<MediaDataDecoder>&& aDecoder) { + MutexAutoLock lock(mMutex); mDecoder = std::move(aDecoder); DDLINKCHILD("decoder", mDecoder.get()); return CreateDecoderPromise::CreateAndResolve(true, __func__); @@ -963,6 +965,11 @@ void MediaChangeMonitor::FlushThenShutdownDecoder( ->Track(mFlushRequest); } +MediaDataDecoder* MediaChangeMonitor::GetDecoderOnNonOwnerThread() const { + MutexAutoLock lock(mMutex); + return mDecoder; +} + #undef LOG } // namespace mozilla ===================================== dom/media/platforms/wrappers/MediaChangeMonitor.h ===================================== @@ -41,34 +41,34 @@ class MediaChangeMonitor final RefPtr<ShutdownPromise> Shutdown() override; bool IsHardwareAccelerated(nsACString& aFailureReason) const override; nsCString GetDescriptionName() const override { - if (mDecoder) { - return mDecoder->GetDescriptionName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetDescriptionName(); } return "MediaChangeMonitor decoder (pending)"_ns; } nsCString GetProcessName() const override { - if (mDecoder) { - return mDecoder->GetProcessName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetProcessName(); } return "MediaChangeMonitor"_ns; } nsCString GetCodecName() const override { - if (mDecoder) { - return mDecoder->GetCodecName(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->GetCodecName(); } return "MediaChangeMonitor"_ns; } void SetSeekThreshold(const media::TimeUnit& aTime) override; bool SupportDecoderRecycling() const override { - if (mDecoder) { - return mDecoder->SupportDecoderRecycling(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->SupportDecoderRecycling(); } return false; } ConversionRequired NeedsConversion() const override { - if (mDecoder) { - return mDecoder->NeedsConversion(); + if (RefPtr<MediaDataDecoder> decoder = GetDecoderOnNonOwnerThread()) { + return decoder->NeedsConversion(); } // Default so no conversion is performed. return ConversionRequired::kNeedNone; @@ -97,6 +97,9 @@ class MediaChangeMonitor final MOZ_ASSERT(!mThread || mThread->IsOnCurrentThread()); } + // This is used for getting decoder debug info on other threads. Thread-safe. + MediaDataDecoder* GetDecoderOnNonOwnerThread() const; + bool CanRecycleDecoder() const; typedef MozPromise<bool, MediaResult, true /* exclusive */> @@ -137,6 +140,13 @@ class MediaChangeMonitor final const CreateDecoderParamsForAsync mParams; // Keep any seek threshold set for after decoder creation and initialization. Maybe<media::TimeUnit> mPendingSeekThreshold; + + // This lock is used for mDecoder specifically, but it doens't need to be used + // for every places accessing mDecoder which is mostly on the owner thread. + // However, when requesting decoder debug info, it can happen on other + // threads, so we need this mutex to avoid the data race of + // creating/destroying decoder and accessing decoder's debug info. + mutable Mutex MOZ_ANNOTATED mMutex{"MediaChangeMonitor"}; }; } // namespace mozilla ===================================== gfx/thebes/gfxPlatformFontList.h ===================================== @@ -124,7 +124,7 @@ class ShmemCharMapHashEntry final : public PLDHashEntryHdr { return aCharMap->GetChecksum(); } - enum { ALLOW_MEMMOVE = true }; + enum { ALLOW_MEMMOVE = false }; // because of the Pointer member private: // charMaps are stored in the shared memory that FontList objects point to, ===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -12787,6 +12787,18 @@ value: true mirror: always + # The length of cnonce string used in HTTP digest auth. +- name: network.http.digest_auth_cnonce_length + type: uint32_t + value: 16 + mirror: always + + # If true, HTTP response content-type headers will be parsed using the standards-compliant MimeType parser +- name: network.standard_content_type_parsing.response_headers + type: RelaxedAtomicBool + value: true + mirror: always + # The maximum count that we allow socket prrocess to crash. If this count is # reached, we won't use networking over socket process. - name: network.max_socket_process_failed_count ===================================== netwerk/protocol/http/nsHttpDigestAuth.cpp ===================================== @@ -9,6 +9,7 @@ #include "mozilla/ClearOnShutdown.h" #include "mozilla/Sprintf.h" +#include "mozilla/StaticPrefs_network.h" #include "mozilla/Unused.h" #include "nsHttp.h" @@ -22,6 +23,7 @@ #include "nsCRT.h" #include "nsICryptoHash.h" #include "nsComponentManagerUtils.h" +#include "pk11pub.h" constexpr uint16_t DigestLength(uint16_t aAlgorithm) { if (aAlgorithm & (ALGO_SHA256 | ALGO_SHA256_SESS)) { @@ -321,9 +323,13 @@ nsHttpDigestAuth::GenerateCredentials( // returned Authentication-Info header). also used for session info. // nsAutoCString cnonce; - static const char hexChar[] = "0123456789abcdef"; - for (int i = 0; i < 16; ++i) { - cnonce.Append(hexChar[(int)(15.0 * rand() / (RAND_MAX + 1.0))]); + nsTArray<uint8_t> cnonceBuf; + cnonceBuf.SetLength(StaticPrefs::network_http_digest_auth_cnonce_length() / + 2); + PK11_GenerateRandom(reinterpret_cast<unsigned char*>(cnonceBuf.Elements()), + cnonceBuf.Length()); + for (auto byte : cnonceBuf) { + cnonce.AppendPrintf("%02x", byte); } LOG((" cnonce=%s\n", cnonce.get())); ===================================== uriloader/base/nsURILoader.cpp ===================================== @@ -414,28 +414,28 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) { NS_ASSERTION(!m_targetStreamListener, "If we found a listener, why are we not using it?"); - if (mFlags & nsIURILoader::DONT_RETARGET) { - LOG( - (" External handling forced or (listener not interested and no " - "stream converter exists), and retargeting disallowed -> aborting")); - return NS_ERROR_WONT_HANDLE_CONTENT; - } - // Before dispatching to the external helper app service, check for an HTTP // error page. If we got one, we don't want to handle it with a helper app, // really. - // The WPT a-download-click-404.html requires us to silently handle this - // without displaying an error page, so we just return early here. - // See bug 1604308 for discussion around what the ideal behaviour is. nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(request)); if (httpChannel) { bool requestSucceeded; rv = httpChannel->GetRequestSucceeded(&requestSucceeded); if (NS_FAILED(rv) || !requestSucceeded) { - return NS_OK; + LOG( + (" Returning NS_ERROR_FILE_NOT_FOUND from " + "nsDocumentOpenInfo::DispatchContent due to failed HTTP response")); + return NS_ERROR_FILE_NOT_FOUND; } } + if (mFlags & nsIURILoader::DONT_RETARGET) { + LOG( + (" External handling forced or (listener not interested and no " + "stream converter exists), and retargeting disallowed -> aborting")); + return NS_ERROR_WONT_HANDLE_CONTENT; + } + // Fifth step: // // All attempts to dispatch this content have failed. Just pass it off to View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e4ed3f… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e4ed3f… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Bug 40009: Change the default search engines
by richard (＠richard) 10 May '24

10 May '24

richard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 2cde370f by Dan Ballard at 2024-05-10T21:15:26+00:00 fixup! Bug 40009: Change the default search engines Bug 42290: update Duckduckgoonion to duckduckgo onion and startpage - - - - - 3 changed files: - android-components/components/feature/search/src/main/assets/search/list.json - android-components/components/feature/search/src/main/assets/searchplugins/ddg-onion.xml - android-components/components/feature/search/src/main/assets/searchplugins/startpage-onion.xml Changes: ===================================== android-components/components/feature/search/src/main/assets/search/list.json ===================================== @@ -1,7 +1,7 @@ { "default": { "searchDefault": "DuckDuckGo", - "searchOrder": ["DuckDuckGo", "DuckDuckGoOnion", "Startpage", "StartpageOnion","Wikipedia"], + "searchOrder": ["DuckDuckGo", "DuckDuckGo Onion", "Startpage", "Startpage Onion","Wikipedia"], "visibleDefaultEngines": [ "ddg", "ddg-onion", "startpage", "startpage-onion", "wikipedia" ] ===================================== android-components/components/feature/search/src/main/assets/searchplugins/ddg-onion.xml ===================================== @@ -1,5 +1,5 @@ <SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -<ShortName>DuckDuckGoOnion</ShortName> +<ShortName>DuckDuckGo Onion</ShortName> <Description>Duck Duck Go Onion</Description> <InputEncoding>UTF-8</InputEncoding> <Image height="16" width="16">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAB8lBMVEUAAADkRQzjPwPjQQXkRQ3iPwTiQQXgPQPeQgrcOwPVNgDVNQDWOgbTMwDRMgDQMwDSMwDRNwTQLgDRJgDSJwDSLgDSNwTjOgDiOADjOQDkPADhQAXzs5v+/fv////0vKbiRQvgPQHpdUr85NzuknPdKgDcIwDnZzj2w7HqeU/gPQLsimb/+PftjWn97Obpb0LdJQDeLQDtjmvsi2jgSBDnbULgOQD/39HgLQDeMgDpeFLgSBH0v670uqbaJQD2qImWvP/G1Ob5+/3u//+fvvXyp47dMwDaLwD0u6v0v6/aNQDiXi/aKQD3qozU7/8gSY2vvtg0ZK/OqLDaKQHYKgLgWTfaNADZMgDZMADZLADzqpD7//+xwdz//9H/5Bn/7Bn//ADofADYMADYMQDZOgPXLgDiZDj//97/0AD3tQDvlgHZOgbXLATXMADWMgDfXjLVLQD///z+0AD/3Rn/yRnwnQDcVjbVMQDyv67wuKTSJwDRHQD+8O/tg3/iQQDwhAHnawHWMADvtKfyva7XQxHga0bQGQD2vbH/u8LXIQCmPQzja07XQxLliGn99fPkcVHvhnGZ5VguvUU5wktBwCcAgxzydVv/8/XmiGngdlL+ysi3+I8LtCE80V6P3YmX4sDleljSNQLzr6D7sKPXNQTSIwAEAbMrAAAAF3RSTlMARqSkRvPz80PTpKRG3fPe3hio9/eoGP50jNsAAAABYktHRB5yCiArAAAAyElEQVQYGQXBvUqCYRiA4fu2V9Tn+UQddI3aCpxaOoU6iU4gcqqpoYbALXBuCuoYmttamqJDiEoh4YP+MOi6BNCh+uYKEGiOVNCXXxA2XDVV/UyfKbRCXTLQWAxbP2vt8Ue/uYDvfim91615sb2um6rqtrr/NFb1cUf1Ybd06areU6lSlYpK79jzK1SyJOkfhOl8JGEcqV5zoKrTRqO6yUzIzNu46ijdM1VV9bhuUJ/nZURExLRzUiPQm3kKXHi4BAEGOmOi78A/L1QoU/VHoTsAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTQtMDEtMTlUMjA6MDE6MTEtMDU6MDAuET6cAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE0LTAxLTE5VDIwOjAxOjExLTA1OjAwX0yGIAAAAABJRU5ErkJggg==</Image> ===================================== android-components/components/feature/search/src/main/assets/searchplugins/startpage-onion.xml ===================================== @@ -1,5 +1,5 @@ <SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -<ShortName>StartpageOnion</ShortName> +<ShortName>Startpage Onion</ShortName> <Description>Start Page Onion</Description> <InputEncoding>UTF-8</InputEncoding> <Image width="16" height="16">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGAAAABgCAYAAADimHc4AAASsUlEQVR42qSXXWoCQRCElzxKTiOeSMBLhuAZgscQAR/dXU2aBfnggykaIpTTU9aU3fO3OtXro7C1y/LcFY7zvH4Xbsuy/lZ/wzwTgxWIG2rpqxXy+L4u51+89G2soe/vft6rPRdO6/r6fM/3hndQHx5K+IORk9yM3sUoebSMYTLQo8EPrvoFPODXOIH4AHjGhlg52ROu4AUd1EMsr0thzyLUqwT7Iq8qhsJVcNgNWhgVKA06ChfgKdq8NZ4QeBYZvTSatKQJ34V24HMtHLYFeDxen/XBxRP+HlwIhVmjogQKt6fjcVs69RlPzoAxWUMtLDy8a8BLebj+MHa7bXZTdU7hDvUJsMY8eiF4tjR4DxEW2SfMnj6VQHXJX2jw8jxO9XYOiScT0DqSGXnX+JnSf3ZYj681juUvfS//AYfn11TB3XeWJ9JHzn34NRz3yNPCA1090vmaCt72NWfPkW94FihP8Z7n2+RdTCuT/NNS0A7KC5fAjst5mnfuLt65CT1PanHN8PYyPw0mV6tMrCNtTXpgd+KwCI77z5LC6GpreMKHuttXkjFx/FKy8P04JIPGY80L0sJ3Y+Mf9dlTdcf/EGzwqXNcQG/HEftEdTzQ3/94NQsey2EYCPfHHjMzMzMzMzMzMzMzM1HsOyvqKoo+PW+PJFnPTbPJBjyZcfou6JNnQe89DHrzzi+7HfT+Qyuzd9ReIIZDRmKsIpup0T+zLqxbgAJ0pDxQu5yj88GEB3xa/+6DoDv2BZ2+QLT3cNF2vUWbdRZt2F60gVk7860svus1TNTq7tof9N4D3OEwaT+A1QSqD9HnQo/7Po+mAk5+EmPOhAL7gPYofJ+/DLphW9Dew0SbdLJJjlZOesP4HBcg95OFsb/tO0J04/agL16FPNQdRsT/Mws8H9o4QpgZFbUPM/8g4br+e9ux0xaUO1zrrIH9/olZhHQRnbNU9MGjAJTQ27EY3b4+YshyWVXBGJ51Ds/McHy28uZt0KVr4iQ1bFc3+eWONj+Wt4tl+bsYBeSr5uUtuor1ZX3CjgQm5pIDWKg/PMwLDp28w6wcfumUz9s7fzlojyEZlJRw0y61EnrA2gMEpX8Hz10Hip67mOM/CsMMSsj3oYi1D58thRNClK10cuKsBdZtDdrU4KadDyMMSXFn+3W5vvW9ZnPQr19rwoVzsFKmt0LikSGIGmfOy8KkrM/Zws+fg85eInFnlvCSQA1ObgYl7GvFOuaLTpoj+ukzirT6wocjQtnnqEhoKHcCUIP2A2Hn06egMxfahLjwYZPO5clzUk7PXB/aHTdD9MNHTE/TJGZ1kOl5rNGMUuiQimCYYeNbsLjzvwSdu1Q8ePgPxsxq8hzRj59C1WtRj/H5Io2FGB2edP3IORHKpm7aEcrBI7yk0FBCk/1GS+qY385ftNiG+Va/9MmkDgaXrBE+E6LhbvYXgJgVlpcLkIUgYppPzdL3F6+GUlT9qSWUlNkRl2tZhvXLhWzUQfTw8aB8fuFuBtjxoKt8Zis4xPyQ4nvgmKMx2ldBWGU7Pv4ahx88TnTBCtEtu4LuPRR03+Ggm3cGnb9cdMBo0eZd0ogQiBAf5lr3EH36HFiKn1rwYco3oqGcH/EvpqO/dK3HcJLJycptRw4cI7rnUEwn5JGZ+0+f2YKYtoC+KvgTZwv3xT7Dj79gWF5kDaO48G/6Y/nDx0FbdkvDXDn8gf10HiB65GSwwxvZCV/GR3v3Pi5Eq+65MmaxZpZS3cYdRC9c9oQk53KYFdX71i5NR3up55Tzkx907jJh9tGuNiuZOEv05eua4W/mvIvZ1J5Ds2hz/Vjf4O7rV0wdcyqG56nSTZtZ4Sk4Fh15hxEODLdzAcQwJBoXQWzRTKxB+Hqsg9+9fhPsfLBJTvqGhW9nJnV+446il6/57TNT+n2/AMWbVCIRxtCwYXsAeGH2UtLF6Qts8pN2mNK6H0Tl59TLV8HuE0DUKfrlppg+XxzqmZW7F/e+cC2q5UX42bh0v5HiCqDU+gwXw273do3f+f6tu3YmVBN7bXqKRRDMh8cQ/4gFBWVhFQj3acXt8DUG47AOKf1fdVWvXPcv25l1oGbBOhujGIyRaL8JNKZ+Ckknz1K/3L4v0DwDCHJui9JFKMvsSjANdVcEjZ8pGI7R5wVhsZjVy8Lckm49BmcCDZhYujlMd/gQYv0hbFY/A/zP6PikT/3pC6qF+oUr3F/1jwJ8ArH7YHD/nzQS7ACP6QnOhrJeqgRXeSqCuS03wrdkvYaWOyoNccrViHYbFJNgHMKQWUU4oPcYHXbOGDvjSU9yTZEwmDKOmVL6+jrf/f5OT/6GP3nML+V/eFicQ5OxGEsJ2GCcmy57VouWfJKIWSEL4sHVVqpmk2aX8JOkPtLUdZa+KFMTDD98PvlwxYtWMLTQd/gMSc+eB+PQJY56Zoq1FuxAH39u2/eGShB57eaf5Hf81H46pwVdMnNalS9rbt+LDCiKK/tlAVaWHz6RsS341DHzcedxOde3BOGVG/W3SI/99pmRVRdimFb2GUn8u+u34gKkjMIwt1M/UdMGY6eLzlosumiV6Ir1P5s7B5hLliyOdzbevNh+tm3btm3btm3btm1LY+OzdCe1de5MZTv5Tf1zUuPkbJ+tru66X3fX/wivniqSSOTlYE1PyjeuwXheiykoCsH9wMu8pEoYYC4aEQ0e8yY+9+q08NnX01MIp0ydZoLWYcSR95OEsrJrdT0arhHz3GtXdCJxIrcXHHSZr1DXDNCVkKsdA2E9PQ7eoSryA9GZgCIzW3hYkRmX9f1wu6qCC5BOZxTrymv1uK4VK78n749cV/d4hcRcfAWebamznI10bZa37pc8DbAMD2I6DpHAVx+n19K/IUEQ3A0+oZItzMgE8LXxxPmMzOn8HdYv9/cPhocffznc99DzLvrks+/d9+ccV+DKCAUa+GKFcaS2OBYQBpfY5i4DR8JhOn7z3W9hwSU3/T8ttVk8GtX+f42/6bZHZfql1mzgtJSyz6gSW0uVn2KcQovnBwaG4hc5ZEeupbWlIrI1Tz/nOnuwbnrz7U+dmd/ZsldVvI5rKiaqqtLMhswM7unpD1OmtIU//xoR3nzns3D/wy+ES668Mxx3ymVhrwNPC9vtekzYfLtDw/GnXj7jJeisPPKqfIrz/x0+Jiy54jbp4aavPcsvscLWYeSo8bi/r8CwUcRXOf96Im4dZkm8Eb+avQ88PWy01UFhmVW3T9u89scl2rR5XGSZLcIPP/3JFwCVUkGTjel8nBNOuyLBS1ofVP+tW+14RPRtDQAedUW+zv3RcoJpKQ4PKOHmsy9+dGzv2tcWae+DTrdd4NCusAsSyTov24GLLrdldv36eDp3xbX3qixoVahd2DkAFTIiDCh8LT29/fHrP5B/bOKXrPPTzy209Gbh3gefUxnFAo40/++wMWG19fYA1Ch+kWW3DN/98EfhuuV8lSu71BXsNN5uu+sJbPMZfyQgKG37JSI+v/Xu5zLVUfth+PLGjp0UNtv20Pp6aU1AkfGJdtj92LQjeX+qoq48KkKkESDImwGtgyITJ7WEldfeNVDgaThaZpXtw2tvfCyEWm6c5v8//46OQv4wrOehx596TbhecohgBNvJrVEmLYg3oBvaVRt1wy0PA1cJSaTFltsqXHPDA6GjozvdU6m3GLcv99U3PgprbLBn0cNfd5N9Q2dnj1cbEy0PRF8j3AdaEOFFGxEMuU2OKui6m+6XtnWiuvED7ah+tK/3hZffM03E7Sf6/Y9h4egTL4kYvsXMNBwX/+CjL2r4peVv5PNr6TFHgQZ4Pefl1z4IC0c1068VcXesE7/Ii6+4M3z48TfRtd0eY7R9sdpmIPTGF9Pd3dfU1Z9+7q1w4OHnmPDE9Xo9rtXV1ev4u43g/3Jfk3P5VMq6TbzOXKPFe9LpV+XwX42Dt6O9TNNoNtrywKadsdJau8w4J65z8kZPPvNGifYieuGBpMOxypRrQtDQ7503OFpaOurCMEEPtCBqJ+DTXEAH5lPzktfacdtdjrYdBYjw18NhTLZ8I8+AjMiIloYGzv3598iw6nq7Kwjg+Owntaa5Rkzwy0igf5y8vo6GGIuYyatSTfBffPVTWGGNnYofuh9SyiHonAtvgkUu3PCe5n1FlfJYIOukI58rRDCylwDcNoKfSGJ68+iHsaU4x4jzzSLfPDz74jsCKlRigoJoldOEgIzcWunmaivJ63/7fVjYYIsDhDD2jGP3SM2K44l4zbKr7RB+/f1fqQkRkksiYezMWClJrRtw4GVIN+74CVPCwUeeaz4gPDDBzzXacocjwtSWDpEOqcbLqRLuUxXxSnPFeW7R3ui0e+jRl0wu5CJU1GyW0scmUdvCXMynhhVOOuMqC2ESZgkxSivU7ZV1qwIjfv0MNfKYiPUGXHjU6Anh5DOvNheEgJG5TwtFeuCRFx2FIcXBevBITcw06cBXLnpEO9PyGuHnX/4OZ553fdwRO88WLWj51XdsWtBX33C/CdfcLpHjS628ncWRXUaZTl/UXSKpBdFVSmjSEt9hzBG6knx49MlXw0FHnGMaE2AEcFTj7YHtvNcJ4a77ngmjx0y0+zV9SSeefmWaU6ckzDFWW8sUBvNrAT5EwoKI0tGDUB+vdDWkL/9Fa0j+fv/JirYv0FJJLrv6rhg/vqIpvPc95MxwyFHnxfjy5eGiy28P9zzwbPjgo6/DxIkthtv4LS2tHdHQOrrYCDziuAvjixwU8V+k9Od6XUvNsYJ7OePnAP5jYeNL++eoOeX8sOFjw6rr7lYCZwZhFmTyuKYBv+R1UJ7SWTfqED4RGmNaZcs7+HROjj/V0Tyqiy+/FbQtusrJW8Tuo0++FXBcUiNmvxVBeboZSMiMwLgPhijg+VKyaY8Y5xg9liYf6vYHKckVGnRrb7yPyRZHdjXX5zh/byXaxIu8HPq3Ne47Glxwjib/fBPKpuMXq6f7HnyGxSPU+p4SWxWU123jncaa7p/DOSKQzW1NaOQHoRyLbW1dFnifadSMWhENtmtufAAQ44BDPAcVlHcGxlU3cu4m3WNI3F82T2XuDs/z9w8fOc7ixgUu8k0t8mYZHFifMezcruZvNb6iDeDpuY86L4dA4rieXwo7es7Hn34XFl9ha48qijkWmbOcIynj/BVA6QXMVL8FEZ5YcOB/4JxDyJKalS6Q0AaUJYTBhV2DIuE23zTsus9JseivB+s7C0EAs5Wjr40YU5oOrhUE2CCv0wKFLUIIMMPt1LOvhbvaa6hdeNntdj+t6fh7RyOoLoUaH65uAa9lhCPcV0wajtrau8Iue51Q5rSzIM4L78yu1ERZjCAgiEV1frVMQIvISypIB5S5TiOiUF5ro73toaqEACOMr7jmzpYyI7S4hlML0lADnpR7AfpFcA7y8OXa2gDzw6qVJC250rYlLnFLy+ffR/iRNRYVBB21IglPumM4eKTtOQS00/gp15osM441DTo0anTnvU/L6hz+Nn6oFaFE14SRz5UrqRqwEkNGV63r++sIlmVFnHHu9ZmcosQz7+jaGx8ocEcrCNK8hgU97pzbKLi3V/PS45YfZComv/ichpTqG8QajvHK0ZI3TRaYjmt1hTphhu3RtJMP17pc3BoqLOfUckUJP9wRzeqbP/4cAYPV7YpOL0D4LIQhJoPzYq4ytvBScOR53T+O62Mc8z/74ocklKU8OOv8G+EJSCQgHOOV16ynAC3QOvQc/zh3jfY16XvCs/vamx+HpVfZvp7oVU/2ssicQZa7pZtu1qG3rTMArb9I8mK+XsvbxxpqL8bltVZnNjqcFmuMLR5giVvmBzrmpEvDl1//LFzw0AJVR10644x02zDhHqafSLqu6W4WvEoP1B+FKHvFHKyZqm9a2zpDX/8g1hJQU9IvqMz092swLqGkzpH3+2Kc/1lDrCnWKno+oEpbr9qq1V3FBa+/fCGDClRl37Ug/bJ1VxnhX8Muq0QQvGDbN9yQItb19CzSc8rHC3jRrAP//TGOVwUuaDWuoUT3IHUeRTQO6xWOk/BVS9jTBS9oXdzi8Pkrw0s9GKG9ZHNQFSarB6ITx7QM0vP9YVPhmsF8O3bYC3gv0y8IhPPC8ICsUBBDEvgpHYRcQ8ooDaVaNdYRQ8I15tp9PrAXcHBBt0RvDpBf8PnTGP3ndUazKrSQvHhenKv5w80X9N/4Rn4CbMgsOUCJ2w2tx3lfrdU452i+/P4U5qKdDhLPfmk0pi1Q2b84edVIU7C1RNW4q5EHYU3BE+fwmtnEGznm6Plunw+P9qwbK1f1f3Fw5Ui/iC0+G6kxr++pr/HbCCXX/WQffFVV/2lS+h/7F/vmLxBPHh7pg0gdiOpo3ki4kItly3zL+w3NRkukd+ILONgg3551eu7/AxK2F7WQPNQ+AAAAAElFTkSuQmCC</Image> View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/2cd… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/2cd… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Enable the connect assist experiments on alpha
by Dan Ballard (＠dan) 09 May '24

09 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: 50c4fb9d by clairehurst at 2024-05-09T14:51:05-06:00 fixup! Enable the connect assist experiments on alpha - - - - - 13 changed files: - fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt - fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/components/Components.kt - fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt - fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt - − fenix/app/src/main/java/org/mozilla/fenix/tor/TorBetaConnectionFeaturesFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorBootstrapFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - fenix/app/src/main/java/org/mozilla/fenix/utils/Settings.kt - − fenix/app/src/main/res/layout/tor_network_settings_beta_connection_features.xml - fenix/app/src/main/res/navigation/nav_graph.xml - fenix/app/src/main/res/values/preference_keys.xml - fenix/app/src/main/res/xml/preferences.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt ===================================== @@ -1186,19 +1186,15 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity, TorIn } open fun navigateToHome() { - if (settings().useNewBootstrap) { - if (settings().useNewBootstrapNativeUi) { - navHost.navController.navigate(NavGraphDirections.actionStartupTorConnectionAssist()) - } else { - navHost.navController.navigate(NavGraphDirections.actionStartupHome()) - openToBrowserAndLoad( - searchTermOrURL = "about:torconnect", - newTab = true, - from = BrowserDirection.FromHome, - ) - } + if (!settings().useHtmlConnectionUi) { + navHost.navController.navigate(NavGraphDirections.actionStartupTorConnectionAssist()) } else { - navHost.navController.navigate(NavGraphDirections.actionStartupTorbootstrap()) + navHost.navController.navigate(NavGraphDirections.actionStartupHome()) + openToBrowserAndLoad( + searchTermOrURL = "about:torconnect", + newTab = true, + from = BrowserDirection.FromHome, + ) } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt ===================================== @@ -1217,12 +1217,7 @@ abstract class BaseBrowserFragment : private fun handleBetaHtmlTorConnect() { val currentTab = getCurrentTab() ?: return if (currentTab.content.url == "about:torconnect") { - if (!requireActivity().settings().useNewBootstrap) { - requireContext().components.useCases.tabsUseCases.removeTab(currentTab.id) - (requireActivity() as HomeActivity).navHost.navController.navigate( - NavGraphDirections.actionStartupTorbootstrap(), - ) - } else if (!requireActivity().settings().useNewBootstrapHtmlUi) { + if (!requireActivity().settings().useHtmlConnectionUi) { requireContext().components.useCases.tabsUseCases.removeTab(currentTab.id) (requireActivity() as HomeActivity).navigateToHome() } else { ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/Components.kt ===================================== @@ -202,7 +202,7 @@ class Components(private val context: Context) { ), ) } - val torController by lazyMonitored { if (settings.useNewBootstrap) TorControllerGV(context) else TorControllerTAS(context) } + val torController by lazyMonitored { TorControllerGV(context) } } /** ===================================== fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt ===================================== @@ -145,7 +145,6 @@ class Core( .shouldShowCookieBannerReEngagementDialog(), torSecurityLevel = context.settings().torSecurityLevel().intRepresentation, spoofEnglish = context.settings().spoofEnglish, - useNewBootstrap = context.settings().useNewBootstrap, ) GeckoEngine( ===================================== fenix/app/src/main/java/org/mozilla/fenix/settings/SettingsFragment.kt ===================================== @@ -40,6 +40,7 @@ import mozilla.components.concept.sync.Profile import mozilla.components.service.glean.private.NoExtras import mozilla.components.support.ktx.android.view.showKeyboard import org.mozilla.fenix.BrowserDirection +import org.mozilla.fenix.BuildConfig import org.mozilla.fenix.Config import org.mozilla.fenix.FeatureFlags import org.mozilla.fenix.GleanMetrics.Addons @@ -738,13 +739,9 @@ class SettingsFragment : PreferenceFragmentCompat() { } } - requirePreference<Preference>(R.string.pref_key_use_new_bootstrap).apply { - setOnPreferenceClickListener { - val directions = - SettingsFragmentDirections.actionSettingsFragmentToBetaConnectionFeaturesFragment() - requireView().findNavController().navigate(directions) - true - } + requirePreference<Preference>(R.string.pref_key_use_html_connection_ui).apply { + onPreferenceChangeListener = object : SharedPreferenceUpdater() {} + isVisible = BuildConfig.DEBUG } requirePreference<Preference>(R.string.pref_key_tor_logs).apply { ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorBetaConnectionFeaturesFragment.kt deleted ===================================== @@ -1,66 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -package org.mozilla.fenix.tor - -import android.os.Bundle -import android.view.LayoutInflater -import android.view.View -import android.view.ViewGroup -import androidx.core.view.children -import androidx.fragment.app.Fragment -import org.mozilla.fenix.databinding.TorNetworkSettingsBetaConnectionFeaturesBinding -import org.mozilla.fenix.ext.components -import org.mozilla.fenix.ext.settings - -/** - * Lets the user customize beta connection features mode. - */ -class TorBetaConnectionFeaturesFragment : Fragment() { - override fun onCreateView( - inflater: LayoutInflater, - container: ViewGroup?, - savedInstanceState: Bundle?, - ): View { - val binding = TorNetworkSettingsBetaConnectionFeaturesBinding.inflate(inflater) - - binding.enableBetaConnectionFeaturesSwitch.run { - isChecked = context.settings().useNewBootstrap - setConnectionAssistUI(binding, isChecked) - - setOnCheckedChangeListener { _, isConnectionAssistEnabled -> - context.settings().useNewBootstrap = isConnectionAssistEnabled - setConnectionAssistUI(binding, isConnectionAssistEnabled) - updateEngineConnectionAssistMode() - } - } - - // Since the beta connection features modes are in a RadioGroup we only need one listener to know of all their changes. - binding.useNewBootstrapWithNativeUiRadioButton.setOnCheckedChangeListener { _, _ -> - updateEngineConnectionAssistMode() - } - - return binding.root - } - - private fun setConnectionAssistUI( - binding: TorNetworkSettingsBetaConnectionFeaturesBinding, - isBetaConnectionAssistEnabled: Boolean, - ) { - if (!isBetaConnectionAssistEnabled) { - binding.enableBetaConnectionFeaturesModes.apply { - clearCheck() - children.forEach { it.isEnabled = false } - } - } else { - binding.enableBetaConnectionFeaturesModes.children.forEach { it.isEnabled = true } - } - } - - private fun updateEngineConnectionAssistMode() { - requireContext().components.core.engine.settings.useNewBootstrap = - requireContext().settings().useNewBootstrap - } - -} ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorBootstrapFragment.kt ===================================== @@ -164,9 +164,7 @@ class TorBootstrapFragment : Fragment() { // triggered to cause an automatic update on warm start (no tab selection occurs). So we // update it manually here. requireComponents.useCases.sessionUseCases.updateLastAccess() - if (requireContext().settings().useNewBootstrap){ - (requireActivity() as HomeActivity).navigateToHome() - } + (requireActivity() as HomeActivity).navigateToHome() } private fun handleTorBootstrapConnect() { ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -21,7 +21,7 @@ class TorConnectionAssistViewModel( private val TAG = "torConnectionAssistVM" private val components = getApplication<Application>().components - private val _torController: TorControllerGV = components.torController as TorControllerGV + private val _torController: TorControllerGV = components.torController private val _torConnectScreen = MutableStateFlow(ConnectAssistUiState.Splash) internal val torConnectScreen: StateFlow<ConnectAssistUiState> = _torConnectScreen ===================================== fenix/app/src/main/java/org/mozilla/fenix/utils/Settings.kt ===================================== @@ -1855,18 +1855,8 @@ class Settings(private val appContext: Context) : PreferencesHolder { */ var enableUnifiedSearchSettingsUI: Boolean = showUnifiedSearchFeature && FeatureFlags.unifiedSearchSettings - var useNewBootstrap by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap), - default = true, - ) - - var useNewBootstrapNativeUi by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap_with_android_native), - default = true, - ) - - var useNewBootstrapHtmlUi by booleanPreference( - appContext.getPreferenceKey(R.string.pref_key_use_new_bootstrap_with_html), - default = false + var useHtmlConnectionUi by booleanPreference( + appContext.getPreferenceKey(R.string.pref_key_use_html_connection_ui), + default = false, ) } ===================================== fenix/app/src/main/res/layout/tor_network_settings_beta_connection_features.xml deleted ===================================== @@ -1,99 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android" - xmlns:app="http://schemas.android.com/apk/res-auto" - android:layout_width="match_parent" - android:layout_height="wrap_content"> - - <TextView - android:id="@+id/enable_beta_connection_features_title" - android:layout_width="0dp" - android:layout_height="wrap_content" - android:layout_marginStart="16dp" - android:layout_marginTop="16dp" - android:layout_marginBottom="2dp" - android:clickable="false" - android:text="Enable beta connection features" - android:textAppearance="@style/ListItemTextStyle" - android:textSize="16sp" - app:layout_constraintBottom_toTopOf="@id/enable_beta_connection_features_summary" - app:layout_constraintEnd_toStartOf="@id/enable_beta_connection_features_switch" - app:layout_constraintStart_toStartOf="parent" - app:layout_constraintTop_toTopOf="parent" - app:lineHeight="24.sp" /> - - <TextView - android:id="@+id/enable_beta_connection_features_summary" - android:layout_width="0dp" - android:layout_height="wrap_content" - android:text="Help us test our new connection assist features which focuses on a streamlined connection with better integration with bridges" - android:textColor="?attr/textSecondary" - android:textColorLink="?attr/textSecondary" - android:textSize="12sp" - app:layout_constraintBottom_toTopOf="@id/enable_beta_connection_features_modes" - app:layout_constraintEnd_toEndOf="@id/enable_beta_connection_features_title" - app:layout_constraintStart_toStartOf="@id/enable_beta_connection_features_title" - app:layout_constraintTop_toBottomOf="@id/enable_beta_connection_features_title" - app:lineHeight="16.sp" /> - - <androidx.appcompat.widget.SwitchCompat - android:id="@+id/enable_beta_connection_features_switch" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:minHeight="48dp" - android:paddingStart="18dp" - android:paddingEnd="18dp" - android:textColor="@color/state_list_text_color" - android:textOff="@string/studies_off" - android:textOn="@string/studies_on" - app:layout_constraintEnd_toEndOf="parent" - app:layout_constraintTop_toTopOf="@id/enable_beta_connection_features_title" /> - - <RadioGroup - android:id="@+id/enable_beta_connection_features_modes" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_marginTop="10dp" - app:layout_constraintEnd_toEndOf="parent" - app:layout_constraintStart_toStartOf="parent" - app:layout_constraintTop_toBottomOf="@id/enable_beta_connection_features_summary"> - - <org.mozilla.fenix.settings.PreferenceBackedRadioButton - android:id="@+id/use_new_bootstrap_with_native_ui_radio_button" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:background="?android:attr/selectableItemBackground" - android:button="@null" - android:drawablePadding="@dimen/radio_button_preference_drawable_padding" - android:paddingStart="@dimen/radio_button_preference_horizontal" - android:paddingTop="@dimen/radio_button_preference_vertical" - android:paddingEnd="@dimen/radio_button_preference_horizontal" - android:paddingBottom="@dimen/radio_button_preference_vertical" - android:text="Native Android UI" - android:textAppearance="?android:attr/textAppearanceListItem" - android:textSize="16sp" - app:drawableStartCompat="?android:attr/listChoiceIndicatorSingle" - app:preferenceKey="@string/pref_key_use_new_bootstrap_with_android_native" - app:preferenceKeyDefaultValue="true" /> - - <org.mozilla.fenix.settings.PreferenceBackedRadioButton - android:id="@+id/use_new_bootstrap_with_html_ui_radio_button" - android:layout_width="match_parent" - android:layout_height="48dp" - android:background="?android:attr/selectableItemBackground" - android:button="@null" - android:drawablePadding="@dimen/radio_button_preference_drawable_padding" - android:paddingStart="@dimen/radio_button_preference_horizontal" - android:paddingTop="@dimen/radio_button_preference_vertical" - android:paddingEnd="@dimen/radio_button_preference_horizontal" - android:paddingBottom="@dimen/radio_button_preference_vertical" - android:text="HTML UI" - android:textAppearance="?android:attr/textAppearanceListItem" - android:textSize="16sp" - app:drawableStartCompat="?android:attr/listChoiceIndicatorSingle" - app:preferenceKey="@string/pref_key_use_new_bootstrap_with_html" - app:preferenceKeyDefaultValue="false" /> - </RadioGroup> - -</androidx.constraintlayout.widget.ConstraintLayout> ===================================== fenix/app/src/main/res/navigation/nav_graph.xml ===================================== @@ -977,11 +977,6 @@ android:id="@+id/torBridgeConfigFragment" android:name="org.mozilla.fenix.settings.TorBridgeConfigFragment" android:label="@string/preferences_tor_network_settings_bridge_config" /> - <fragment - android:id="@+id/torBetaConnectionFeaturesFragment" - android:name="org.mozilla.fenix.tor.TorBetaConnectionFeaturesFragment" - android:label="Enable beta connection features" - tools:layout="@layout/tor_network_settings_beta_connection_features" /> <fragment android:id="@+id/torLogsFragment" android:name="org.mozilla.fenix.tor.TorLogsComposeFragment" ===================================== fenix/app/src/main/res/values/preference_keys.xml ===================================== @@ -378,10 +378,8 @@ <string name="pref_key_tor_network_settings_explanation" translatable="false">pref_key_tor_network_settings_explanation</string> <string name="pref_key_tor_network_settings_bridge_config" translatable="false">pref_key_tor_network_settings_bridge_config</string> - <string name="pref_key_use_new_bootstrap" translatable="false">pref_key_use_new_bootstrap</string> <string name="pref_key_tor_logs" translatable="false">pref_key_tor_logs</string> - <string name="pref_key_use_new_bootstrap_with_android_native" translatable="false">pref_key_use_new_bootstrap_with_android_native</string> - <string name="pref_key_use_new_bootstrap_with_html" translatable="false">pref_key_use_new_bootstrap_with_html</string> + <string name="pref_key_use_html_connection_ui" translatable="false">pref_key_use_html_connection_ui</string>  <string name="pref_key_tor_network_settings_bridge_config_explanation" translatable="false">pref_key_tor_network_settings_bridge_config_explanation</string> <string name="pref_key_tor_network_settings_bridge_config_toggle" translatable="false">pref_key_tor_network_settings_bridge_config_toggle</string> <string name="pref_key_tor_network_settings_bridge_config_builtin_bridge_obfs4" translatable="false">pref_key_tor_network_settings_bridge_config_builtin_bridge_obfs4</string> ===================================== fenix/app/src/main/res/xml/preferences.xml ===================================== @@ -176,10 +176,12 @@ android:title="@string/tor_bootstrap_quick_start_label" app:iconSpaceReserved="false" /> - <Preference - android:key="@string/pref_key_use_new_bootstrap" - app:iconSpaceReserved="false" - android:title="Enable beta connection features" /> + <SwitchPreference + android:defaultValue="false" + android:key="@string/pref_key_use_html_connection_ui" + android:summary="Recommended only for debugging" + android:title="Enable HTML connection UI" + app:iconSpaceReserved="false" /> <Preference android:key="@string/pref_key_tor_logs" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/50c… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/50c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] fixup! Implement Android-native Connection Assist UI
by Dan Ballard (＠dan) 09 May '24

09 May '24

Dan Ballard pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: a00861a6 by clairehurst at 2024-05-09T14:47:16-06:00 fixup! Implement Android-native Connection Assist UI - - - - - 4 changed files: - fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt - fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt - fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/ConnectAssistUiState.kt ===================================== @@ -31,7 +31,8 @@ enum class ConnectAssistUiState( val torBootstrapButton2Visible: Boolean, @StringRes val torBootstrapButton2TextStringResource: Int? = R.string.connection_assist_configure_connection_button, val torBootstrapButton2ShouldOpenSettings: Boolean = true, - val wordmarkLogoVisible: Boolean, + val wordmarkLogoVisible: Boolean = false, + val torBootstrapButton2ShouldRestartApp: Boolean = false, ) { Splash( progressBarVisible = false, @@ -65,9 +66,8 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), - Bootstrapping( + Connecting( progressBarVisible = true, progress = 0, backButtonVisible = false, @@ -85,7 +85,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), InternetError( progressBarVisible = true, @@ -109,7 +108,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), TryingAgain( progressBarVisible = true, @@ -132,9 +130,8 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), - TryABridge( + ConnectionAssist( progressBarVisible = true, progress = 100, progressTintColorResource = R.color.warning_yellow, @@ -157,7 +154,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), TryingABridge( progressBarVisible = true, @@ -180,7 +176,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), LocationError( progressBarVisible = true, @@ -207,7 +202,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), LocationCheck( progressBarVisible = true, @@ -234,7 +228,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = false, torBootstrapButton2TextStringResource = null, torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, ), LastTry( progressBarVisible = true, @@ -258,7 +251,6 @@ enum class ConnectAssistUiState( torBootstrapButton2Visible = true, torBootstrapButton2TextStringResource = R.string.btn_cancel, torBootstrapButton2ShouldOpenSettings = false, - wordmarkLogoVisible = false, ), FinalError( progressBarVisible = true, @@ -279,10 +271,10 @@ enum class ConnectAssistUiState( unblockTheInternetInCountryDescriptionVisible = false, countryDropDownVisible = false, torBootstrapButton1Visible = true, - torBootstrapButton1TextStringResource = R.string.connection_assist_internet_error_try_again, + torBootstrapButton1TextStringResource = R.string.connection_assist_configure_connection_button, torBootstrapButton2Visible = true, - torBootstrapButton2TextStringResource = R.string.connection_assist_configure_connection_button, - torBootstrapButton2ShouldOpenSettings = true, - wordmarkLogoVisible = false, + torBootstrapButton2TextStringResource = R.string.mozac_lib_crash_dialog_button_restart, + torBootstrapButton2ShouldOpenSettings = false, + torBootstrapButton2ShouldRestartApp = true, ) } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistFragment.kt ===================================== @@ -4,6 +4,7 @@ package org.mozilla.fenix.tor +import android.content.Intent import android.graphics.Color import android.os.Build import android.os.Bundle @@ -25,6 +26,7 @@ import androidx.lifecycle.repeatOnLifecycle import androidx.navigation.fragment.findNavController import kotlinx.coroutines.launch import mozilla.components.support.base.feature.UserInteractionHandler +import org.mozilla.fenix.HomeActivity import org.mozilla.fenix.R import org.mozilla.fenix.databinding.FragmentTorConnectionAssistBinding import org.mozilla.fenix.ext.hideToolbar @@ -33,14 +35,15 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { private val TAG = "TorConnectionAssistFrag" private val viewModel: TorConnectionAssistViewModel by viewModels() - private lateinit var binding: FragmentTorConnectionAssistBinding + private var _binding: FragmentTorConnectionAssistBinding? = null + private val binding get() = _binding!! override fun onCreateView( inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?, ): View { - binding = FragmentTorConnectionAssistBinding.inflate( + _binding = FragmentTorConnectionAssistBinding.inflate( inflater, container, false, ) @@ -90,96 +93,148 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } - override fun onDestroyView() { - super.onDestroyView() - } - private fun showScreen(screen: ConnectAssistUiState) { - binding.apply { - torBootstrapProgressBar.visibility = if (screen.progressBarVisible) View.VISIBLE else View.GONE - torBootstrapProgressBar.progress = screen.progress - torBootstrapProgressBar.progressTintList = - screen.progressTintColorResource?.let { - AppCompatResources.getColorStateList(requireContext(), - it - ) - } - - settingsButton.visibility = if (screen.settingsButtonVisible) View.VISIBLE else View.GONE - settingsButton.setOnClickListener { - viewModel.cancelTorBootstrap() - openSettings() - } + setProgressBar(screen) + setSettingsButton(screen) + setBackButton(screen) + setTorConnectImage(screen) + setTitle(screen) + setQuickStart(screen) + setCountryDropDown(screen) + setButton1(screen) + setButton2(screen) + setSplashLogo(screen) + } - backButton.visibility = if (screen.backButtonVisible) View.VISIBLE else View.INVISIBLE - backButton.setOnClickListener { - viewModel.handleBackButtonPressed() + private fun setProgressBar(screen: ConnectAssistUiState) { + binding.torBootstrapProgressBar.visibility = + if (screen.progressBarVisible) View.VISIBLE else View.GONE + binding.torBootstrapProgressBar.progress = screen.progress + binding.torBootstrapProgressBar.progressTintList = + screen.progressTintColorResource?.let { + AppCompatResources.getColorStateList( + requireContext(), + it, + ) } + } - torConnectImage.visibility = if (screen.torConnectImageVisible) View.VISIBLE else View.GONE - torConnectImage.setImageResource(screen.torConnectImageResource) - - titleLargeTextView.visibility = if (screen.titleLargeTextViewVisible) View.VISIBLE else View.GONE - titleLargeTextView.text = getString(screen.titleLargeTextViewTextStringResource) - titleDescription.visibility = if (screen.titleDescriptionVisible) View.VISIBLE else View.GONE - if (screen.learnMoreStringResource != null && screen.internetErrorDescription != null) { - val learnMore: String = getString(screen.learnMoreStringResource) - val internetErrorDescription: String = - if (screen.internetErrorDescription1 == null) { - getString( - screen.internetErrorDescription, - learnMore, - ) - } else if (screen.internetErrorDescription2 == null) { - getString( - screen.internetErrorDescription, - getString(screen.internetErrorDescription1), - learnMore, - ) - } else { - getString( - screen.internetErrorDescription, - getString(screen.internetErrorDescription1), - getString(screen.internetErrorDescription2), - learnMore, - ) - } - handleDescriptionWithClickable(internetErrorDescription, learnMore) - } else if (screen.titleDescriptionTextStringResource != null) { - titleDescription.text = getString(screen.titleDescriptionTextStringResource) - } - quickstartSwitch.visibility = if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE - quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true - quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> - viewModel.handleQuickstartChecked(isChecked) - } + private fun setSettingsButton(screen: ConnectAssistUiState) { + binding.settingsButton.visibility = if (screen.settingsButtonVisible) View.VISIBLE else View.GONE + binding.settingsButton.setOnClickListener { + viewModel.cancelTorBootstrap() + openSettings() + } + } - unblockTheInternetInCountryDescription.visibility = if (screen.unblockTheInternetInCountryDescriptionVisible) View.VISIBLE else View.GONE - countryDropDown.visibility = if (screen.countryDropDownVisible) View.VISIBLE else View.GONE + private fun setBackButton(screen: ConnectAssistUiState) { + binding.backButton.visibility = if (screen.backButtonVisible) View.VISIBLE else View.INVISIBLE + binding.backButton.setOnClickListener { + viewModel.handleBackButtonPressed() + } + } - torBootstrapButton1.visibility = if (screen.torBootstrapButton1Visible) View.VISIBLE else View.GONE - torBootstrapButton1.text = getString(screen.torBootstrapButton1TextStringResource) - torBootstrapButton1.setOnClickListener { viewModel.handleButton1Pressed(screen, lifecycleScope) } + private fun setTorConnectImage(screen: ConnectAssistUiState) { + binding.torConnectImage.visibility = if (screen.torConnectImageVisible) View.VISIBLE else View.GONE + binding.torConnectImage.setImageResource(screen.torConnectImageResource) + } - torBootstrapButton2.visibility = if (screen.torBootstrapButton2Visible) View.VISIBLE else View.GONE - torBootstrapButton2.text = screen.torBootstrapButton2TextStringResource?.let { - getString( - it - ) - } - torBootstrapButton2.setOnClickListener { - viewModel.cancelTorBootstrap() - if (screen.torBootstrapButton2ShouldOpenSettings){ - openTorConnectionSettings() + private fun setTitle(screen: ConnectAssistUiState) { + binding.titleLargeTextView.visibility = + if (screen.titleLargeTextViewVisible) View.VISIBLE else View.GONE + binding.titleLargeTextView.text = getString(screen.titleLargeTextViewTextStringResource) + binding.titleDescription.visibility = + if (screen.titleDescriptionVisible) View.VISIBLE else View.GONE + if (screen.learnMoreStringResource != null && screen.internetErrorDescription != null) { + val learnMore: String = getString(screen.learnMoreStringResource) + val internetErrorDescription: String = + if (screen.internetErrorDescription1 == null) { + getString( + screen.internetErrorDescription, + learnMore, + ) + } else if (screen.internetErrorDescription2 == null) { + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + learnMore, + ) } else { - showScreen(ConnectAssistUiState.Configuring) + getString( + screen.internetErrorDescription, + getString(screen.internetErrorDescription1), + getString(screen.internetErrorDescription2), + learnMore, + ) } - } + handleDescriptionWithClickable(internetErrorDescription, learnMore) + } else if (screen.titleDescriptionTextStringResource != null) { + binding.titleDescription.text = getString(screen.titleDescriptionTextStringResource) + } + } + + private fun setQuickStart(screen: ConnectAssistUiState) { + binding.quickstartSwitch.visibility = + if (screen.quickstartSwitchVisible) View.VISIBLE else View.GONE + binding.quickstartSwitch.isChecked = viewModel.quickstartToggle().value == true + binding.quickstartSwitch.setOnCheckedChangeListener { _, isChecked -> + viewModel.handleQuickstartChecked(isChecked) + } + } + + private fun setCountryDropDown(screen: ConnectAssistUiState) { + binding.unblockTheInternetInCountryDescription.visibility = + if (screen.unblockTheInternetInCountryDescriptionVisible) View.VISIBLE else View.GONE + binding.countryDropDown.visibility = if (screen.countryDropDownVisible) View.VISIBLE else View.GONE + } - wordmarkLogo.visibility = if(screen.wordmarkLogoVisible) View.VISIBLE else View.GONE + private fun setButton1(screen: ConnectAssistUiState) { + binding.torBootstrapButton1.visibility = + if (screen.torBootstrapButton1Visible) View.VISIBLE else View.GONE + binding.torBootstrapButton1.text = getString(screen.torBootstrapButton1TextStringResource) + binding.torBootstrapButton1.setOnClickListener { + viewModel.handleButton1Pressed( + screen, + lifecycleScope, + ) + } + } + + private fun setButton2(screen: ConnectAssistUiState) { + binding.torBootstrapButton2.visibility = + if (screen.torBootstrapButton2Visible) View.VISIBLE else View.GONE + if (screen.torBootstrapButton2ShouldRestartApp) { + binding.torBootstrapButton2.text = + screen.torBootstrapButton2TextStringResource?.let { + getString( + it, + getString(R.string.app_name), + ) + } + } else { + binding.torBootstrapButton2.text = + screen.torBootstrapButton2TextStringResource?.let { + getString( + it, + ) + } + } + binding.torBootstrapButton2.setOnClickListener { + viewModel.cancelTorBootstrap() + if (screen.torBootstrapButton2ShouldOpenSettings) { + openTorConnectionSettings() + } else if (screen.torBootstrapButton2ShouldRestartApp) { + restartApplication() + } else { + showScreen(ConnectAssistUiState.Configuring) + } } } + private fun setSplashLogo(screen: ConnectAssistUiState) { + binding.wordmarkLogo.visibility = if (screen.wordmarkLogoVisible) View.VISIBLE else View.GONE + } + /** * from https://stackoverflow.com/questions/10696986/how-to-set-the-part-of-the-tex… */ @@ -207,6 +262,7 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { } private fun showLearnMore() { + Log.d(TAG, "showLearnMore() tapped") //TODO("Not yet implemented") } @@ -231,6 +287,15 @@ class TorConnectionAssistFragment : Fragment(), UserInteractionHandler { ) } + private fun restartApplication() { + startActivity( + Intent(requireContext(), HomeActivity::class.java).addFlags( + Intent.FLAG_ACTIVITY_NEW_TASK or Intent.FLAG_ACTIVITY_CLEAR_TASK, + ), + ) + Runtime.getRuntime().exit(0) + } + override fun onBackPressed(): Boolean { return viewModel.handleBackButtonPressed() } ===================================== fenix/app/src/main/java/org/mozilla/fenix/tor/TorConnectionAssistViewModel.kt ===================================== @@ -124,7 +124,7 @@ class TorConnectionAssistViewModel( /** stay here */ } - ConnectAssistUiState.TryABridge -> { + ConnectAssistUiState.ConnectionAssist -> { _torConnectScreen.value = ConnectAssistUiState.TryingABridge } @@ -144,7 +144,7 @@ class TorConnectionAssistViewModel( /** stay here */ } - else -> _torConnectScreen.value = ConnectAssistUiState.Bootstrapping + else -> _torConnectScreen.value = ConnectAssistUiState.Connecting } } @@ -155,28 +155,58 @@ class TorConnectionAssistViewModel( "TorError(message = $message, details = $details, phase = $phase, reason = $reason", ) // TODO better error handling - _torConnectScreen.value = ConnectAssistUiState.InternetError + when (reason) { +// "noroute" -> handleNoRoute() TODO re-add when working better + else -> handleUnknownError() + } + } + } + + private fun handleNoRoute() { + Log.d(TAG, "handleNoRoute(), _torConnectScreen.value = ${_torConnectScreen.value}") + when (_torConnectScreen.value) { + ConnectAssistUiState.Connecting -> _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist + ConnectAssistUiState.ConnectionAssist -> {/** no op, likely a duplicate error */} + ConnectAssistUiState.TryingABridge -> _torConnectScreen.value = ConnectAssistUiState.LocationCheck + ConnectAssistUiState.LocationCheck -> {/** no op, likely a duplicate error */} + ConnectAssistUiState.LastTry -> _torConnectScreen.value = ConnectAssistUiState.FinalError + ConnectAssistUiState.FinalError -> {/** no op, likely a duplicate error */} + else -> _torConnectScreen.value = ConnectAssistUiState.InternetError } } + private fun handleUnknownError() { + // TODO should we have a dedicated screen for unknown errors? + _torConnectScreen.value = ConnectAssistUiState.InternetError + } + override fun onTorStopped() { Log.d(TAG, "onTorStopped()") } private fun tryABridge() { + if (!locationFound()) { + _torConnectScreen.value = ConnectAssistUiState.LocationError + return + } if (!_torController.bridgesEnabled) { _torController.bridgesEnabled = true _torController.bridgeTransport = - TorBridgeTransportConfig.BUILTIN_OBFS4 // TODO select based on country + TorBridgeTransportConfig.BUILTIN_SNOWFLAKE // TODO select based on country } handleConnect(withDebugLogging = true) } + private fun locationFound(): Boolean { + // TODO try to find location + return true + } + fun handleBackButtonPressed(): Boolean { when (torConnectScreen.value) { ConnectAssistUiState.Splash -> return false ConnectAssistUiState.Configuring -> return false - ConnectAssistUiState.Bootstrapping -> cancelTorBootstrap() + ConnectAssistUiState.Connecting -> cancelTorBootstrap() ConnectAssistUiState.InternetError -> { _torController.lastKnownError = null _torConnectScreen.value = ConnectAssistUiState.Configuring @@ -186,18 +216,18 @@ class TorConnectionAssistViewModel( cancelTorBootstrap() } - ConnectAssistUiState.TryABridge -> { + ConnectAssistUiState.ConnectionAssist -> { _torController.lastKnownError = null _torConnectScreen.value = ConnectAssistUiState.Configuring } ConnectAssistUiState.TryingABridge -> { _torController.stopTor() - _torConnectScreen.value = ConnectAssistUiState.TryABridge + _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist } ConnectAssistUiState.LocationError -> { - _torConnectScreen.value = ConnectAssistUiState.TryABridge + _torConnectScreen.value = ConnectAssistUiState.ConnectionAssist } ConnectAssistUiState.LocationCheck -> { ===================================== fenix/app/src/main/res/layout/fragment_tor_connection_assist.xml ===================================== @@ -126,7 +126,6 @@ android:layout_marginTop="8dp" android:layout_marginEnd="24dp" android:textColor="@color/photonLightGrey05" - android:tooltipText="@string/connection_assist_share_my_location_country_or_region" android:visibility="gone" app:layout_constraintEnd_toEndOf="parent" app:layout_constraintStart_toStartOf="parent" View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/a00… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/a00… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 489664d9 by Pier Angelo Vendrame at 2024-05-09T18:12:51+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - daf16c70 by Pier Angelo Vendrame at 2024-05-09T18:12:52+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -539,6 +550,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -595,6 +607,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -803,30 +816,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/29… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/29… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: df723884 by Pier Angelo Vendrame at 2024-05-09T18:12:13+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - d6987499 by Pier Angelo Vendrame at 2024-05-09T18:12:14+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -539,6 +550,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -595,6 +607,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -803,30 +816,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e74305… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e74305… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] Bug 42652: Pass the list of supported languages to GeckoView.
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: c11e7b38 by Pier Angelo Vendrame at 2024-05-09T18:06:03+02:00 Bug 42652: Pass the list of supported languages to GeckoView. It will be used to prevent leaks about regional preferences. - - - - - 1 changed file: - fenix/app/src/main/java/org/mozilla/fenix/gecko/GeckoProvider.kt Changes: ===================================== fenix/app/src/main/java/org/mozilla/fenix/gecko/GeckoProvider.kt ===================================== @@ -14,6 +14,7 @@ import mozilla.components.concept.storage.LoginsStorage import mozilla.components.lib.crash.handler.CrashHandlerService import mozilla.components.service.sync.autofill.GeckoCreditCardsAddressesStorageDelegate import mozilla.components.service.sync.logins.GeckoLoginStorageDelegate +import org.mozilla.fenix.BuildConfig import org.mozilla.fenix.Config import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.settings @@ -58,6 +59,7 @@ object GeckoProvider { .contentBlocking(policy.toContentBlockingSetting()) .debugLogging(Config.channel.isDebug || context.components.settings.enableGeckoLogs) .aboutConfigEnabled(Config.channel.isBeta || Config.channel.isNightlyOrDebug) + .supportedLocales(BuildConfig.SUPPORTED_LOCALE_ARRAY.toList()) .build() val settings = context.components.settings View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c11… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/commit/c11… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 2 commits: fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
by Pier Angelo Vendrame (＠pierov) 09 May '24

09 May '24

Pier Angelo Vendrame pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 83a3762f by Pier Angelo Vendrame at 2024-05-09T18:04:04+02:00 fixup! Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView Revert "Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView" This reverts commit ff97b6fb06850784785e6993c256bef315b2525f. - - - - - e6f7f151 by Pier Angelo Vendrame at 2024-05-09T18:04:07+02:00 Bug 42562: Normalized the Accepted Languages on Android. The OS language might be outside the list of actually supported languages and it might leak the user's region. Therefore, we force the locale reported in Accept-Language to match one we support with translations, even when it means using a not exact region tag. - - - - - 1 changed file: - mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java Changes: ===================================== mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java ===================================== @@ -22,7 +22,8 @@ import androidx.annotation.NonNull; import androidx.annotation.Nullable; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; -import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; import java.util.Locale; import org.mozilla.gecko.EventDispatcher; import org.mozilla.gecko.GeckoSystemStateListener; @@ -455,6 +456,16 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + public @NonNull Builder supportedLocales(final Collection<String> locales) { + getSettings().mSupportedLocales.clear(); + for (String tag : locales) { + Locale locale = Locale.forLanguageTag(tag); + getSettings().mSupportedLocales.put(locale, locale); + getSettings().mSupportedLocales.put(new Locale(locale.getLanguage()), locale); + } + return this; + } + /** * Sets whether we should spoof locale to English for webpages. * @@ -546,6 +557,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { /* package */ int mScreenHeightOverride; /* package */ Class<? extends Service> mCrashHandler; /* package */ String[] mRequestedLocales; + /* package */ HashMap<Locale, Locale> mSupportedLocales = new HashMap<>(); /* package */ RuntimeTelemetry.Proxy mTelemetryProxy; /** @@ -602,6 +614,7 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { mRequestedLocales = settings.mRequestedLocales; mConfigFilePath = settings.mConfigFilePath; mTelemetryProxy = settings.mTelemetryProxy; + mSupportedLocales = settings.mSupportedLocales; } /* package */ void commit() { @@ -810,30 +823,39 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { EventDispatcher.getInstance().dispatch("GeckoView:SetLocale", data); } + private Locale getLocaleIfSupported(String tag) { + Locale exact = Locale.forLanguageTag(tag); + if (mSupportedLocales.containsKey(exact)) { + return exact; + } + Locale fallback = new Locale(exact.getLanguage()); + return mSupportedLocales.get(fallback); + } + private String computeAcceptLanguages() { - final ArrayList<String> locales = new ArrayList<String>(); - - // In Desktop, these are defined in the `intl.accept_languages` localized property. - // At some point we should probably use the same values here, but for now we use a simple - // strategy which will hopefully result in reasonable acceptLanguage values. - if (mRequestedLocales != null && mRequestedLocales.length > 0) { - String locale = mRequestedLocales[0].toLowerCase(Locale.ROOT); - // No need to include `en-us` twice. - if (!locale.equals("en-us")) { - locales.add(locale); - if (locale.contains("-")) { - String lang = locale.split("-")[0]; - // No need to include `en` twice. - if (!lang.equals("en")) { - locales.add(lang); - } + Locale locale = null; + if (mRequestedLocales != null) { + for (String tag : mRequestedLocales) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; } } } - locales.add("en-us"); - locales.add("en"); - - return TextUtils.join(",", locales); + if (locale == null) { + for (final String tag : getDefaultLocales()) { + locale = getLocaleIfSupported(tag); + if (locale != null) { + break; + } + } + } + String acceptLanguages = locale != null ? locale.toString().replace('_', '-') : "en-US"; + if (acceptLanguages.equals("en-US")) { + // For consistency with spoof English. + acceptLanguages += ", en"; + } + return acceptLanguages; } private static String[] getDefaultLocales() { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/66e2e3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/66e2e3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.0-1] fixup! Bug 30237: Add v3 onion services client authentication prompt
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: e4ed3f35 by hackademix at 2024-05-09T17:49:50+02:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 42557: Fix regression in Onion Services authentication prompt focus - - - - - 1 changed file: - browser/components/onionservices/content/authPrompt.js Changes: ===================================== browser/components/onionservices/content/authPrompt.js ===================================== @@ -81,8 +81,18 @@ const OnionAuthPrompt = (function () { ); }, + _autoFocus(event) { + event.target.ownerGlobal.focus(); + }, + _onPromptShowing(aWarningMessage) { let xulDoc = this._browser.ownerDocument; + + // Force back focus: tor-browser#41856 + (this._popupElem = xulDoc.getElementById( + "tor-clientauth-notification" + ))?.addEventListener("click", this._autoFocus); + let descElem = xulDoc.getElementById("tor-clientauth-notification-desc"); if (descElem) { // Handle replacement of the onion name within the localized @@ -153,6 +163,7 @@ const OnionAuthPrompt = (function () { this._boundOnKeyFieldInput = undefined; } } + this._popupElem?.removeEventListener("click", this._autoFocus); }, _onKeyFieldKeyPress(aEvent) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4ed3f3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e4ed3f3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/firefox-android][firefox-android-115.2.1-13.5-1] 3 commits: Bug 1846306 - Do not throw IllegalStateException when unable to find a session...
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch firefox-android-115.2.1-13.5-1 at The Tor Project / Applications / firefox-android Commits: ccabd9ad by Arturo Mejia at 2024-05-09T15:58:16+02:00 Bug 1846306 - Do not throw IllegalStateException when unable to find a session for given prompt request in onContentPermissionRequested - - - - - 40cae60d by hackademix at 2024-05-09T15:58:20+02:00 Bug 1871217: Improve permission handling in Fullscreen - BP, tor-browser#42656 - - - - - 46475c73 by hackademix at 2024-05-09T15:58:20+02:00 Bug 1892296 - improve webauthn experience - BP, tor-browser#42656 - - - - - 5 changed files: - android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt - android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt - android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt - android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt - fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt Changes: ===================================== android-components/components/feature/sitepermissions/src/main/java/mozilla/components/feature/sitepermissions/SitePermissionsFeature.kt ===================================== @@ -56,12 +56,14 @@ import mozilla.components.concept.engine.permission.SitePermissions import mozilla.components.concept.engine.permission.SitePermissions.Status.ALLOWED import mozilla.components.concept.engine.permission.SitePermissions.Status.BLOCKED import mozilla.components.concept.engine.permission.SitePermissionsStorage +import mozilla.components.feature.session.SessionUseCases import mozilla.components.feature.sitepermissions.SitePermissionsFeature.DialogConfig import mozilla.components.feature.tabs.TabsUseCases.SelectOrAddUseCase import mozilla.components.lib.state.ext.flowScoped import mozilla.components.support.base.feature.LifecycleAwareFeature import mozilla.components.support.base.feature.OnNeedToRequestPermissions import mozilla.components.support.base.feature.PermissionsFeature +import mozilla.components.support.base.log.logger.Logger import mozilla.components.support.ktx.android.content.isPermissionGranted import mozilla.components.support.ktx.kotlin.getOrigin import mozilla.components.support.ktx.kotlin.stripDefaultPort @@ -72,8 +74,6 @@ import mozilla.components.ui.icons.R as iconsR internal const val PROMPT_FRAGMENT_TAG = "mozac_feature_sitepermissions_prompt_dialog" -private const val FULL_SCREEN_NOTIFICATION_TAG = "mozac_feature_prompts_full_screen_notification_dialog" - @VisibleForTesting internal const val STORAGE_ACCESS_DOCUMENTATION_URL = "https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API" @@ -94,13 +94,15 @@ internal const val STORAGE_ACCESS_DOCUMENTATION_URL = * need to be requested. Once the request is completed, [onPermissionsResult] needs to be invoked. * @property onShouldShowRequestPermissionRationale a callback that allows the feature to query * the ActivityCompat.shouldShowRequestPermissionRationale or the Fragment.shouldShowRequestPermissionRationale values. + * @property exitFullscreenUseCase optional the use case in charge of exiting fullscreen * @property shouldShowDoNotAskAgainCheckBox optional Visibility for Do not ask again Checkbox **/ @Suppress("TooManyFunctions", "LargeClass", "LongParameterList") class SitePermissionsFeature( private val context: Context, - private var sessionId: String? = null, + @set:VisibleForTesting + internal var sessionId: String? = null, private val storage: SitePermissionsStorage = OnDiskSitePermissionsStorage(context), var sitePermissionsRules: SitePermissionsRules? = null, private val fragmentManager: FragmentManager, @@ -109,6 +111,7 @@ class SitePermissionsFeature( override val onNeedToRequestPermissions: OnNeedToRequestPermissions, val onShouldShowRequestPermissionRationale: (permission: String) -> Boolean, private val store: BrowserStore, + private val exitFullscreenUseCase: SessionUseCases.ExitFullScreenUseCase = SessionUseCases(store).exitFullscreen, private val shouldShowDoNotAskAgainCheckBox: Boolean = true, ) : LifecycleAwareFeature, PermissionsFeature { @VisibleForTesting @@ -116,6 +119,8 @@ class SitePermissionsFeature( SelectOrAddUseCase(store) } + private val logger = Logger("SitePermissionsFeature") + internal val ioCoroutineScope by lazy { coroutineScopeInitializer() } internal var coroutineScopeInitializer = { @@ -428,26 +433,29 @@ class SitePermissionsFeature( consumePermissionRequest(permissionRequest) return null } - - val private: Boolean = store.state.findTabOrCustomTabOrSelectedTab(sessionId)?.content?.private - ?: throw IllegalStateException("Unable to find session for $sessionId or selected session") + val tab = store.state.findTabOrCustomTabOrSelectedTab(sessionId) + if (tab == null) { + logger.error("Unable to find a tab for $sessionId rejecting the prompt request") + permissionRequest.reject() + consumePermissionRequest(permissionRequest) + return null + } val permissionFromStorage = withContext(coroutineScope.coroutineContext) { - storage.findSitePermissionsBy(origin, private = private) + storage.findSitePermissionsBy(origin, private = tab.content.private) } - val prompt = if (shouldApplyRules(permissionFromStorage)) { handleRuledFlow(permissionRequest, origin) } else { handleNoRuledFlow(permissionFromStorage, permissionRequest, origin) } - val fullScreenNotificationDisplayed = - fragmentManager.fragments.any { fragment -> fragment.tag == FULL_SCREEN_NOTIFICATION_TAG } - - return if (fullScreenNotificationDisplayed || prompt == null) { + return if (prompt == null) { null } else { + // If we are in fullscreen, then exit to show the permission prompt. + // This won't have any effect if we are not in fullscreen. + exitFullscreenUseCase.invoke(tab.id) prompt.show(fragmentManager, PROMPT_FRAGMENT_TAG) prompt } ===================================== android-components/components/feature/sitepermissions/src/test/java/mozilla/components/feature/sitepermissions/SitePermissionsFeatureTest.kt ===================================== @@ -600,6 +600,24 @@ class SitePermissionsFeatureTest { verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) } + @Test + fun `GIVEN sessionId which does not match a selected or custom tab WHEN onContentPermissionRequested() THEN reject, consumePermissionRequest are called `() { + val mockPermissionRequest: PermissionRequest = mock { + whenever(permissions).thenReturn(listOf(ContentVideoCamera(id = "permission"))) + } + + doNothing().`when`(mockPermissionRequest).reject() + + sitePermissionFeature.sessionId = null + + runTestOnMain { + sitePermissionFeature.onContentPermissionRequested(mockPermissionRequest, URL) + } + + verify(mockPermissionRequest).reject() + verify(sitePermissionFeature).consumePermissionRequest(mockPermissionRequest) + } + @Test fun `GIVEN location permissionRequest and shouldApplyRules is true WHEN onContentPermissionRequested() THEN handleRuledFlow is called`() = runTestOnMain { // given ===================================== android-components/components/feature/webauthn/src/main/java/mozilla/components/feature/webauthn/WebAuthnFeature.kt ===================================== @@ -20,6 +20,8 @@ import mozilla.components.support.base.log.logger.Logger class WebAuthnFeature( private val engine: Engine, private val activity: Activity, + private val exitFullScreen: (String?) -> Unit, + private val currentTab: () -> String?, ) : LifecycleAwareFeature, ActivityResultHandler, ActivityDelegate { private val logger = Logger("WebAuthnFeature") private var requestCodeCounter = ACTIVITY_REQUEST_CODE @@ -53,6 +55,7 @@ class WebAuthnFeature( override fun startIntentSenderForResult(intent: IntentSender, onResult: (Intent?) -> Unit) { logger.info("Received activity delegate request with code: $requestCodeCounter") + exitFullScreen(currentTab()) activity.startIntentSenderForResult(intent, requestCodeCounter, null, 0, 0, 0) callbackRef = onResult } ===================================== android-components/components/feature/webauthn/src/test/java/mozilla/components/feature/webauthn/WebAuthnFeatureTest.kt ===================================== @@ -22,6 +22,8 @@ import org.mockito.Mockito.verify class WebAuthnFeatureTest { private lateinit var engine: Engine private lateinit var activity: Activity + private val exitFullScreen: (String?) -> Unit = { _ -> exitFullScreenUseCaseCalled = true } + private var exitFullScreenUseCaseCalled = false @Before fun setup() { @@ -31,7 +33,7 @@ class WebAuthnFeatureTest { @Test fun `feature registers itself on start`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.start() @@ -40,7 +42,7 @@ class WebAuthnFeatureTest { @Test fun `feature unregisters itself on stop`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() feature.stop() @@ -49,7 +51,7 @@ class WebAuthnFeatureTest { @Test fun `activity delegate starts intent sender`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val callback: ((Intent?) -> Unit) = { } val intentSender: IntentSender = mock() @@ -60,7 +62,7 @@ class WebAuthnFeatureTest { @Test fun `callback is invoked`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() var callbackInvoked = false val callback: ((Intent?) -> Unit) = { callbackInvoked = true } val intentSender: IntentSender = mock() @@ -77,10 +79,14 @@ class WebAuthnFeatureTest { @Test fun `feature won't process results with the wrong request code`() { - val feature = WebAuthnFeature(engine, activity) + val feature = webAuthnFeature() val result = feature.onActivityResult(ACTIVITY_REQUEST_CODE - 5, Intent(), 0) assertFalse(result) } + + private fun webAuthnFeature(): WebAuthnFeature { + return WebAuthnFeature(engine, activity, { exitFullScreen("") }) { "" } + } } ===================================== fenix/app/src/main/java/org/mozilla/fenix/browser/BaseBrowserFragment.kt ===================================== @@ -830,6 +830,8 @@ abstract class BaseBrowserFragment : feature = WebAuthnFeature( engine = requireComponents.core.engine, activity = requireActivity(), + exitFullScreen = requireComponents.useCases.sessionUseCases.exitFullscreen::invoke, + currentTab = { store.state.selectedTabId }, ), owner = this, view = view, View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/fe… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/firefox-android/-/compare/fe… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch base-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 6d5a0677 by Nuohan Li at 2024-05-09T13:38:19+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 58dc31a0 by Jonathan Kew at 2024-05-09T13:38:20+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - e7430547 by Jonathan Kew at 2024-05-09T13:38:21+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/98625d… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/98625d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 62619558 by Nuohan Li at 2024-05-09T13:37:32+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 4846c1da by Jonathan Kew at 2024-05-09T13:37:33+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 66e2e3ef by Jonathan Kew at 2024-05-09T13:37:34+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410bb2… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/410bb2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.5-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: ac1e73ce by Nuohan Li at 2024-05-09T13:36:35+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - f0b17745 by Jonathan Kew at 2024-05-09T13:36:36+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - 29322606 by Jonathan Kew at 2024-05-09T13:36:37+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d5… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.11.0esr-13.0-1] 3 commits: Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan
by ma1 (＠ma1) 09 May '24

09 May '24

ma1 pushed to branch mullvad-browser-115.11.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 50b53983 by Nuohan Li at 2024-05-09T13:04:13+02:00 Bug 1871109 - generateHash in Manifest.sys.mjs should use sha256 r=peterv, a=dmeehan Differential Revision: https://phabricator.services.mozilla.com/D204928 - - - - - 7269657b by Jonathan Kew at 2024-05-09T13:04:14+02:00 Bug 1890204 - Ensure font entry's unitsPerEm and font extents are initialized when gfxFont is created. r=gfx-reviewers,lsalzman This means that by the time we potentially call GetFontExtents() when drawing, the extents fields are guaranteed to have been been initialized, and there's no risk of the (read-only) access here racing with setting them in UnitsPerEm(). Differential Revision: https://phabricator.services.mozilla.com/D206920 - - - - - b4147595 by Jonathan Kew at 2024-05-09T13:04:15+02:00 Bug 1893891 - Clear mSharedBlobData if blob creation failed. a=dmeehan Original Revision: https://phabricator.services.mozilla.com/D208983 Differential Revision: https://phabricator.services.mozilla.com/D209209 - - - - - 5 changed files: - dom/manifest/Manifest.sys.mjs - dom/manifest/test/browser_Manifest_install.js - gfx/thebes/gfxFont.cpp - gfx/thebes/gfxFontEntry.cpp - gfx/thebes/gfxFontEntry.h Changes: ===================================== dom/manifest/Manifest.sys.mjs ===================================== @@ -29,11 +29,11 @@ ChromeUtils.defineESModuleGetters(lazy, { * @note The generated hash is returned in base64 form. Mind the fact base64 * is case-sensitive if you are going to reuse this code. */ -function generateHash(aString) { +function generateHash(aString, hashAlg) { const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( Ci.nsICryptoHash ); - cryptoHash.init(Ci.nsICryptoHash.MD5); + cryptoHash.init(hashAlg); const stringStream = Cc[ "@mozilla.org/io/string-input-stream;1" ].createInstance(Ci.nsIStringInputStream); @@ -66,11 +66,39 @@ class Manifest { this._manifestUrl = manifestUrl; // The key for this is the manifests URL that is required to be unique. // However arbitrary urls are not safe file paths so lets hash it. - const fileName = generateHash(manifestUrl) + ".json"; - this._path = PathUtils.join(MANIFESTS_DIR, fileName); + const filename = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + this._path = PathUtils.join(MANIFESTS_DIR, filename); this.browser = browser; } + /** + * See Bug 1871109 + * This function is called at the beginning of initialize() to check if a given + * manifest has MD5 based filename, if so we remove it and migrate the content to + * a new file with SHA256 based name. + * This is done due to security concern, as MD5 is an outdated hashing algorithm and + * shouldn't be used anymore + */ + async removeMD5BasedFilename() { + const filenameMD5 = + generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + try { + await IOUtils.copy(MD5Path, this._path, { noOverwrite: true }); + } catch (error) { + // we are ignoring the failures returned from copy as it should not stop us from + // installing a new manifest + } + + // Remove the old MD5 based file unconditionally to ensure it's no longer used + try { + await IOUtils.remove(MD5Path); + } catch { + // ignore the error in case MD5 based file does not exist + } + } + get browser() { return this._browser; } @@ -80,6 +108,7 @@ class Manifest { } async initialize() { + await this.removeMD5BasedFilename(); this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 }); await this._store.load(); } ===================================== dom/manifest/test/browser_Manifest_install.js ===================================== @@ -23,18 +23,59 @@ function makeTestURL() { return url.href; } +function generateHash(aString, hashAlg) { + const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance( + Ci.nsICryptoHash + ); + cryptoHash.init(hashAlg); + const stringStream = Cc[ + "@mozilla.org/io/string-input-stream;1" + ].createInstance(Ci.nsIStringInputStream); + stringStream.data = aString; + cryptoHash.updateFromStream(stringStream, -1); + // base64 allows the '/' char, but we can't use it for filenames. + return cryptoHash.finish(true).replace(/\//g, "-"); +} + +const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests"); + add_task(async function () { const tabOptions = { gBrowser, url: makeTestURL() }; + const filenameMD5 = generateHash(manifestUrl, Ci.nsICryptoHash.MD5) + ".json"; + const filenameSHA = + generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json"; + const manifestMD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5); + const manifestSHAPath = PathUtils.join(MANIFESTS_DIR, filenameSHA); + await BrowserTestUtils.withNewTab(tabOptions, async function (browser) { - let manifest = await Manifests.getManifest(browser, manifestUrl); - is(manifest.installed, false, "We haven't installed this manifest yet"); + let tmpManifest = await Manifests.getManifest(browser, manifestUrl); + is(tmpManifest.installed, false, "We haven't installed this manifest yet"); + + await tmpManifest.install(); + // making sure the manifest is actually installed before proceeding + await tmpManifest._store._save(); + await IOUtils.move(tmpManifest.path, manifestMD5Path); + + let exists = await IOUtils.exists(tmpManifest.path); + is( + exists, + false, + "Manually moved manifest from SHA256 based path to MD5 based path" + ); + Manifests.manifestObjs.delete(manifestUrl); + + let manifest = await Manifests.getManifest(browser, manifestUrl); await manifest.install(browser); is(manifest.name, "hello World", "Manifest has correct name"); is(manifest.installed, true, "Manifest is installed"); is(manifest.url, manifestUrl, "has correct url"); is(manifest.browser, browser, "has correct browser"); + is(manifest.path, manifestSHAPath, "has correct path"); + + exists = await IOUtils.exists(manifestMD5Path); + is(exists, false, "MD5 based manifest removed"); manifest = await Manifests.getManifest(browser, manifestUrl); is(manifest.installed, true, "New instances are installed"); ===================================== gfx/thebes/gfxFont.cpp ===================================== @@ -952,6 +952,10 @@ gfxFont::gfxFont(const RefPtr<UnscaledFont>& aUnscaledFont, } mKerningSet = HasFeatureSet(HB_TAG('k', 'e', 'r', 'n'), mKerningEnabled); + + // Ensure the gfxFontEntry's unitsPerEm and extents fields are initialized, + // so that GetFontExtents can use them without risk of races. + Unused << mFontEntry->UnitsPerEm(); } gfxFont::~gfxFont() { ===================================== gfx/thebes/gfxFontEntry.cpp ===================================== @@ -262,14 +262,22 @@ already_AddRefed<gfxFont> gfxFontEntry::FindOrMakeFont( } uint16_t gfxFontEntry::UnitsPerEm() { + { + AutoReadLock lock(mLock); + if (mUnitsPerEm) { + return mUnitsPerEm; + } + } + + AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); + AutoWriteLock lock(mLock); + if (!mUnitsPerEm) { - AutoTable headTable(this, TRUETYPE_TAG('h', 'e', 'a', 'd')); if (headTable) { uint32_t len; const HeadTable* head = reinterpret_cast<const HeadTable*>(hb_blob_get_data(headTable, &len)); if (len >= sizeof(HeadTable)) { - mUnitsPerEm = head->unitsPerEm; if (int16_t(head->xMax) > int16_t(head->xMin) && int16_t(head->yMax) > int16_t(head->yMin)) { mXMin = head->xMin; @@ -277,6 +285,7 @@ uint16_t gfxFontEntry::UnitsPerEm() { mXMax = head->xMax; mYMax = head->yMax; } + mUnitsPerEm = head->unitsPerEm; } } @@ -286,12 +295,13 @@ uint16_t gfxFontEntry::UnitsPerEm() { mUnitsPerEm = kInvalidUPEM; } } + return mUnitsPerEm; } bool gfxFontEntry::HasSVGGlyph(uint32_t aGlyphId) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); return GetSVGGlyphs()->HasSVGGlyph(aGlyphId); } @@ -309,8 +319,8 @@ bool gfxFontEntry::GetSVGGlyphExtents(DrawTarget* aDrawTarget, void gfxFontEntry::RenderSVGGlyph(gfxContext* aContext, uint32_t aGlyphId, SVGContextPaint* aContextPaint) { - NS_ASSERTION(mSVGInitialized, - "SVG data has not yet been loaded. TryGetSVGData() first."); + MOZ_ASSERT(mSVGInitialized, + "SVG data has not yet been loaded. TryGetSVGData() first."); GetSVGGlyphs()->RenderGlyph(aContext, aGlyphId, aContextPaint); } @@ -467,8 +477,9 @@ hb_blob_t* gfxFontEntry::FontTableHashEntry::ShareTableAndGetBlob( HB_MEMORY_MODE_READONLY, mSharedBlobData, DeleteFontTableBlobData); if (mBlob == hb_blob_get_empty()) { // The FontTableBlobData was destroyed during hb_blob_create(). - // The (empty) blob is still be held in the hashtable with a strong + // The (empty) blob will still be held in the hashtable with a strong // reference. + mSharedBlobData = nullptr; return hb_blob_reference(mBlob); } ===================================== gfx/thebes/gfxFontEntry.h ===================================== @@ -538,6 +538,9 @@ class gfxFontEntry { mozilla::gfx::Rect GetFontExtents(float aFUnitScaleFactor) const { // Flip the y-axis here to match the orientation of Gecko's coordinates. + // We don't need to take a lock here because the min/max fields are inert + // after initialization, and we make sure to initialize them at gfxFont- + // creation time. return mozilla::gfx::Rect(float(mXMin) * aFUnitScaleFactor, float(-mYMax) * aFUnitScaleFactor, float(mXMax - mXMin) * aFUnitScaleFactor, View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d3… -- This project does not include diff previews in email notifications. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/d3… You're receiving this email because of your account on gitlab.torproject.org.

1 0