- tbb-commits - lists.torproject.org

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: bbdd37bf by Sukhbir Singh at 2025-09-22T17:54:17+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bbd… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bbd… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 8893f4a4 by Sukhbir Singh at 2025-09-22T17:52:11+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8893f4a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8893f4a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] BB 44167: Don't build the uninstaller for Windows during Firefox compilation
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c62f5d22 by Sukhbir Singh at 2025-09-22T17:49:17+02:00 BB 44167: Don't build the uninstaller for Windows during Firefox compilation - - - - - 2 changed files: - browser/Makefile.in - browser/installer/Makefile.in Changes: ===================================== browser/Makefile.in ===================================== @@ -6,10 +6,6 @@ include $(topsrcdir)/config/rules.mk ifdef MAKENSISU -# For Windows build the uninstaller during the application build since the -# uninstaller is included with the application for mar file generation. -libs:: - $(MAKE) -C installer/windows uninstaller ifdef ENABLE_TESTS $(MAKE) -C installer/windows install_deps endif #ENABLE_TESTS ===================================== browser/installer/Makefile.in ===================================== @@ -88,10 +88,6 @@ ifdef NECKO_WIFI DEFINES += -DNECKO_WIFI endif -ifdef MAKENSISU -DEFINES += -DHAVE_MAKENSISU=1 -endif - ifdef MOZ_DEFAULT_BROWSER_AGENT DEFINES += -DMOZ_DEFAULT_BROWSER_AGENT=1 endif View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62f5d2… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c62f5d2… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 956d63e7 by Pier Angelo Vendrame at 2025-09-22T17:32:01+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/956… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/956… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: b744cadf by Pier Angelo Vendrame at 2025-09-22T17:31:18+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b744cad… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b744cad… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! Firefox preference overrides.
by Pier Angelo Vendrame (＠pierov) 22 Sep '25

22 Sep '25

Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 360ba8c6 by Pier Angelo Vendrame at 2025-09-22T16:28:36+02:00 fixup! Firefox preference overrides. BB 44187: Disable TLS session tickets. They are not available in PBM. - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -167,6 +167,10 @@ pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); // See tor-browser#40565. pref("security.tls.version.enable-deprecated", false, locked); +// tor-browser#44187: Disable session identifiers to make PBM and normal mode +// more similar. +pref("security.ssl.disable_session_identifiers", true); + // Misc privacy: Remote pref("browser.send_pings", false); // Space separated list of URLs that are allowed to send objects (instead of View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/360ba8c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/360ba8c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41568: Update instructions for manually building 7zip
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: b96ce013 by Nicolas Vigier at 2025-09-22T16:12:07+02:00 Bug 41568: Update instructions for manually building 7zip - - - - - 1 changed file: - tools/dmg2mar Changes: ===================================== tools/dmg2mar ===================================== @@ -5,28 +5,29 @@ # mar files. After code signing the dmg files, this script can be used # to update the mar files. # -# A recent version of p7zip is required to extract the dmg files, such -# as 15.14. The version in Debian Jessie (9.20) is not recent enough. -# It is possible to install the p7zip-full package from Debian testing, -# or build p7zip from sources: -# $ p7zipdir=/some_directory/p7zip +# A recent version of 7zip is required to extract the dmg files +# compressed with lzma, such as 24.09. If your distribution does not +# provide a recent version of 7zip, it is possible to build it from +# sources: +# $ p7zipdir=/some_directory/7zip # $ mkdir $p7zipdir # $ cd $p7zipdir -# $ wget http://snapshot.debian.org/archive/debian/20160417T044336Z/pool/main/p/p7zi… -# $ echo 'e9e696e2fa77b00445a4d85fa07506debeae01943fdc1bee1472152d7d1386af p7zip_15.14.1+dfsg.orig.tar.xz' | sha256sum -c -# $ wget http://snapshot.debian.org/archive/debian/20160515T161830Z/pool/main/p/p7zi… -# $ echo 'f4db6803535fc30b6ae9db5aabfd9f57a851c6773d72073847ec5e3731b7af37 p7zip_15.14.1+dfsg-2.debian.tar.xz' | sha256sum -c -# $ tar xvf p7zip_15.14.1+dfsg-2.debian.tar.xz -# $ tar xvf p7zip_15.14.1+dfsg.orig.tar.xz -# $ cd p7zip_15.14.1/ -# $ for patch in $(cat ../debian/patches/series ); do patch -p1 < ../debian/patches/$patch; done -# $ make 7z -# $ mkdir $p7zipdir/bin -# $ echo '#!/bin/sh' > $p7zipdir/bin/7z -# $ echo "export LD_LIBRARY_PATH=$PWD/bin" >> $p7zipdir/bin/7z -# $ echo "exec $PWD/bin/7z "'"$@"' >> $p7zipdir/bin/7z -# $ chmod +x $p7zipdir/bin/7z -# $ export "PATH=$p7zipdir/bin:$PATH" +# $ wget http://deb.debian.org/debian/pool/main/7/7zip/7zip_24.09+dfsg.orig.tar.xz +# $ echo 'bd5c61a206a83a5950410608df204550cab97e8609b62f9d7c368aaa682d649b 7zip_24.09+dfsg.orig.tar.xz' | sha256sum -c +# $ wget http://deb.debian.org/debian/pool/main/7/7zip/7zip_24.09+dfsg-8.debian.tar.… +# $ echo '1615b151dcddc861fbebc2fd418fd857d0704b1951a6f01384066756ae0ef25b 7zip_24.09+dfsg-8.debian.tar.xz' | sha256sum -c +# $ mkdir 7zip +# $ cd 7zip +# $ tar xvf ../7zip_24.09+dfsg.orig.tar.xz +# $ tar xvf ../7zip_24.09+dfsg-8.debian.tar.xz +# $ for patch in $(cat debian/patches/series ); do patch -p1 < debian/patches/$patch; done +# $ make -C CPP/7zip/Bundles/Alone2 -j 2 -f makefile.gcc DISABLE_RAR=1 +# $ bindir=~/mbin +# $ mkdir -p $bindir +# $ echo '#!/bin/sh' > $bindir/7z +# $ echo "exec $PWD/CPP/7zip/Bundles/Alone2/_o/7zz "'"$@"' >> $bindir/7z +# $ chmod +x $bindir/7z +# $ export "PATH=$bindir:$PATH" use strict; use Capture::Tiny qw(capture); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 44162: Move setup of dmg tools to a function
by boklm (＠boklm) 22 Sep '25

22 Sep '25

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: c71f868f by Nicolas Vigier at 2025-09-19T13:57:23+02:00 Bug 44162: Move setup of dmg tools to a function Move the setup of dmg tools from gatekeeper-bundling.sh to a function, so we can re-use it in other scripts. - - - - - c24ab3b9 by hackademix at 2025-09-22T16:04:56+02:00 Bug 44162: Work-around to prevent older 7z versions to break rcodesign. Co-authored-by: Nicolas Vigier <boklm(a)torproject.org> - - - - - 7 changed files: - tools/signing/do-all-signing - + tools/signing/extract-dmg - + tools/signing/extract-dmg.mullvadbrowser - + tools/signing/extract-dmg.torbrowser - tools/signing/functions - tools/signing/gatekeeper-bundling.sh - tools/signing/linux-signer-rcodesign-sign Changes: ===================================== tools/signing/do-all-signing ===================================== @@ -99,6 +99,10 @@ function clean-build-artifacts { "$script_dir/clean-build-artifacts" } +function extract-dmg { + "$script_dir/extract-dmg" +} + function sync-before-linux-signer-rcodesign-sign { "$script_dir/sync-local-to-linux-signer" } @@ -245,6 +249,8 @@ do_step set-time-on-signing-machine do_step wait-for-finished-build do_step sync-builder-unsigned-to-local-signed do_step clean-build-artifacts +[ -n "$platform_macos" ] && \ + do_step extract-dmg do_step sync-scripts-to-linux-signer do_step sync-before-linux-signer-rcodesign-sign [ -n "$platform_macos" ] && \ ===================================== tools/signing/extract-dmg ===================================== @@ -0,0 +1,12 @@ +#!/bin/bash +set -e +script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source "$script_dir/functions" + +setup_dmg_tools + +# extract the hfs from the dmg archive preemptively to avoid an obsolete +# 7z version to break the rcodesign step +archive="$signed_version_dir/$(project-name)-macos-${tbb_version}" +dmg extract "$archive.dmg" "$archive.hfs" 0 +rm -f "$archive.dmg" ===================================== tools/signing/extract-dmg.mullvadbrowser ===================================== @@ -0,0 +1 @@ +extract-dmg \ No newline at end of file ===================================== tools/signing/extract-dmg.torbrowser ===================================== @@ -0,0 +1 @@ +extract-dmg \ No newline at end of file ===================================== tools/signing/functions ===================================== @@ -83,4 +83,24 @@ function rbm_showconf_boolean { echo '1' } +function setup_dmg_tools { + dmgtools_dir=$(mktemp -d) + trap "rm -Rf $dmgtools_dir" EXIT + local libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-d6287b5afc24-6f206c.tar.zst" + test -f "$libdmg_file" || \ + exit_error "$libdmg_file is missing." \ + "You can build it with:" \ + " ./rbm/rbm build --target no_containers libdmg-hfsplus" \ + "See var/deps in projects/libdmg-hfsplus/config for the list of build dependencies" + local hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-2acaa4.tar.zst" + test -f "$hfstools_file" || \ + exit_error "$hfstools_file is missing." \ + "You can build it with:" \ + " ./rbm/rbm build --target no_containers hfsplus-tools" \ + "You will need the clang and uuid-dev packages installed" + tar -C "$dmgtools_dir" -xf "$libdmg_file" + tar -C "$dmgtools_dir" -xf "$hfstools_file" + export PATH="$PATH:$dmgtools_dir/libdmg-hfsplus:$dmgtools_dir/hfsplus-tools" +} + . "$script_dir/set-config" ===================================== tools/signing/gatekeeper-bundling.sh ===================================== @@ -39,18 +39,8 @@ test -f $faketime_path || \ exit_error "$faketime_path is missing" test -d $macos_stapled_dir || \ exit_error "The stapled macos zip files should be placed in directory $macos_stapled_dir" -libdmg_file="$script_dir/../../out/libdmg-hfsplus/libdmg-hfsplus-d6287b5afc24-6f206c.tar.zst" -test -f "$libdmg_file" || \ - exit_error "$libdmg_file is missing." \ - "You can build it with:" \ - " ./rbm/rbm build --target no_containers libdmg-hfsplus" \ - "See var/deps in projects/libdmg-hfsplus/config for the list of build dependencies" -hfstools_file="$script_dir/../../out/hfsplus-tools/hfsplus-tools-540.1.linux3-2acaa4.tar.zst" -test -f "$hfstools_file" || \ - exit_error "$hfstools_file is missing." \ - "You can build it with:" \ - " ./rbm/rbm build --target no_containers hfsplus-tools" \ - "You will need the clang and uuid-dev packages installed" + +setup_dmg_tools ProjName=$(ProjectName) Proj_Name=$(Project_Name) @@ -66,10 +56,6 @@ rm -Rf "$tmpdir" mkdir "$tmpdir" cp -rT "$script_dir/../../projects/common/dmg-root/$ProjName.dmg" "$tmpdir/dmg" -tar -C "$tmpdir" -xf "$libdmg_file" -tar -C "$tmpdir" -xf "$hfstools_file" -export PATH="$PATH:$tmpdir/libdmg-hfsplus:$tmpdir/hfsplus-tools" - cd $tmpdir/dmg cp ${tbb_version_type}.DS_Store .DS_Store @@ -84,3 +70,5 @@ rm -Rf "$tmpdir" # move the signed+stapled dmgs to expected output directory for publishing and mar generation mv -vf "$macos_signed_dir"/"${proj_name}"-*.dmg "$signed_version_dir"/ +# Remove hfs file created in extract-dmg +rm -f "$signed_version_dir"/"${proj_name}"-*.hfs ===================================== tools/signing/linux-signer-rcodesign-sign ===================================== @@ -19,5 +19,8 @@ destdir=~/"$SIGNING_PROJECTNAME-$tbb_version-macos-signed" mkdir -p $destdir rm -f "$destdir/$output_file" -sudo -u signing-macos -- /signing/tor-browser-build/tools/signing/wrappers/sign-rcodesign-128 ~/"$SIGNING_PROJECTNAME-$tbb_version"/$(project-name)-macos-${tbb_version}.dmg "$display_name" +volume=~/"$SIGNING_PROJECTNAME-$tbb_version"/"$(project-name)-macos-${tbb_version}.hfs" +echo "Using $volume" +sudo -u signing-macos -- /signing/tor-browser-build/tools/signing/wrappers/sign-rcodesign-128 "$volume" "$display_name" cp "/home/signing-macos/last-signed-$display_name.tar.zst" "$destdir/$output_file" +rm -f "$volume" View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: f574e094 by Henry Wilkes at 2025-09-22T13:55:33+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -92,6 +92,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f57… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f57… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: c913607c by Henry Wilkes at 2025-09-22T13:50:03+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -90,6 +90,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c913607… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/c913607… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 31575: Disable Firefox Home (Activity Stream)
by morgan (＠morgan) 22 Sep '25

22 Sep '25

morgan pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 3318b445 by Henry Wilkes at 2025-09-22T13:44:02+00:00 fixup! BB 31575: Disable Firefox Home (Activity Stream) TB 44215: Hide Firefox home settings. - - - - - 1 changed file: - browser/components/preferences/home.inc.xhtml Changes: ===================================== browser/components/preferences/home.inc.xhtml ===================================== @@ -92,6 +92,7 @@ <groupbox id="homeContentsGroup" data-category="paneHome" data-subcategory="contents" + data-hidden-from-search="true" hidden="true"> <label><html:h2 data-l10n-id="home-prefs-content-header2" /></label> <description class="description-deemphasized" data-l10n-id="home-prefs-content-description2" /> View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3318b44… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/3318b44… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 5b8e7aea by henry at 2025-09-22T14:35:33+01:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. (cherry picked from commit ad854cb76585cced30a0a9479006706f1299b872) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5b8… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5b8… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 5b77c883 by henry at 2025-09-22T13:34:04+00:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. (cherry picked from commit ad854cb76585cced30a0a9479006706f1299b872) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5b77c88… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5b77c88… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 43864: Modify the urlbar for Base Browser.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: ad854cb7 by Henry Wilkes at 2025-09-22T13:33:05+00:00 fixup! BB 43864: Modify the urlbar for Base Browser. TB 44177: Remove the logins and private window urlbar actions. - - - - - 1 changed file: - browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs Changes: ===================================== browser/components/urlbar/QuickActionsLoaderDefault.sys.mjs ===================================== @@ -172,6 +172,10 @@ const DEFAULT_ACTIONS = { l10nCommands: ["quickactions-cmd-logins"], label: "quickactions-logins2", onPick: openUrlFun("about:logins"), + // Disabled in base browser since saved passwords is not well supported in + // Tor Browser, and should be disabled in Mullvad Browser. + // tor-browser#44177. + disabled: () => true, }, print: { l10nCommands: ["quickactions-cmd-print"], @@ -192,6 +196,10 @@ const DEFAULT_ACTIONS = { private: true, }); }, + // Disable in permanent private browsing. tor-browser#44177. + disabled: () => { + return lazy.PrivateBrowsingUtils.permanentPrivateBrowsing; + }, }, refresh: { l10nCommands: ["quickactions-cmd-refresh"], View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ad854cb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ad854cb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 5e00148c by henry at 2025-09-22T14:30:23+01:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. (cherry picked from commit 4e313baeadcab5eafdc0c57ab09ce116d7aaa726) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5e0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/5e0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: f69a99bc by henry at 2025-09-22T13:28:50+00:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. (cherry picked from commit 4e313baeadcab5eafdc0c57ab09ce116d7aaa726) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f69a99b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f69a99b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] BB 44107: Re-include firefoxview asset view-opentabs.svg.
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 4e313bae by Henry Wilkes at 2025-09-22T12:11:03+01:00 BB 44107: Re-include firefoxview asset view-opentabs.svg. Should be dropped after bugzilla bug 1987279 is resolved. - - - - - 1 changed file: - browser/themes/shared/jar.inc.mn Changes: ===================================== browser/themes/shared/jar.inc.mn ===================================== @@ -7,6 +7,11 @@ # be specified once. As a result, the source file paths are relative # to the location of the actual manifest. +# Temporary work-around to include a single firefoxview asset needed for the +# "Switch to tab" search action. tor-browser#44107. +# Should be dropped after bugzilla bug 1987279. + content/browser/firefoxview/view-opentabs.svg (../../components/firefoxview/content/view-opentabs.svg) + skin/classic/browser/aboutFrameCrashed.css (../shared/aboutFrameCrashed.css) skin/classic/browser/aboutRestartRequired.css (../shared/aboutRestartRequired.css) skin/classic/browser/aboutSessionRestore.css (../shared/aboutSessionRestore.css) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4e313ba… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4e313ba… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: d334771e by henry at 2025-09-22T11:25:45+01:00 fixup! BB 42037: Disable about:firefoxview page TB 43900: Open a new tab rather than about:firefoxview when unloading the last tab. (cherry picked from commit f7e0a6109a96f327710680c7ebba4699fb303806) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/tabbrowser/content/tabbrowser.js Changes: ===================================== browser/components/tabbrowser/content/tabbrowser.js ===================================== @@ -5185,14 +5185,11 @@ this.selectedTab = newTab; } else { allTabsUnloaded = true; - // all tabs are unloaded - show Firefox View if it's present, otherwise open a new tab - if (FirefoxViewHandler.tab || FirefoxViewHandler.button) { - FirefoxViewHandler.openTab("opentabs"); - } else { - this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { - skipAnimation: true, - }); - } + // We disable the firefoxview path in base browser. tor-browser#43900. + // Might be resolved by bugzilla bug 1989429. + this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { + skipAnimation: true, + }); } } let memoryUsageBeforeUnload = await getTotalMemoryUsage(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d33… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/d33… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: ac9bc1a6 by henry at 2025-09-22T10:23:35+00:00 fixup! BB 42037: Disable about:firefoxview page TB 43900: Open a new tab rather than about:firefoxview when unloading the last tab. (cherry picked from commit f7e0a6109a96f327710680c7ebba4699fb303806) Co-authored-by: Henry Wilkes <henry(a)torproject.org> - - - - - 1 changed file: - browser/components/tabbrowser/content/tabbrowser.js Changes: ===================================== browser/components/tabbrowser/content/tabbrowser.js ===================================== @@ -5185,14 +5185,11 @@ this.selectedTab = newTab; } else { allTabsUnloaded = true; - // all tabs are unloaded - show Firefox View if it's present, otherwise open a new tab - if (FirefoxViewHandler.tab || FirefoxViewHandler.button) { - FirefoxViewHandler.openTab("opentabs"); - } else { - this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { - skipAnimation: true, - }); - } + // We disable the firefoxview path in base browser. tor-browser#43900. + // Might be resolved by bugzilla bug 1989429. + this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { + skipAnimation: true, + }); } } let memoryUsageBeforeUnload = await getTotalMemoryUsage(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ac9bc1a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ac9bc1a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 42037: Disable about:firefoxview page
by henry (＠henry) 22 Sep '25

22 Sep '25

henry pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: f7e0a610 by Henry Wilkes at 2025-09-22T11:02:23+01:00 fixup! BB 42037: Disable about:firefoxview page TB 43900: Open a new tab rather than about:firefoxview when unloading the last tab. - - - - - 1 changed file: - browser/components/tabbrowser/content/tabbrowser.js Changes: ===================================== browser/components/tabbrowser/content/tabbrowser.js ===================================== @@ -5185,14 +5185,11 @@ this.selectedTab = newTab; } else { allTabsUnloaded = true; - // all tabs are unloaded - show Firefox View if it's present, otherwise open a new tab - if (FirefoxViewHandler.tab || FirefoxViewHandler.button) { - FirefoxViewHandler.openTab("opentabs"); - } else { - this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { - skipAnimation: true, - }); - } + // We disable the firefoxview path in base browser. tor-browser#43900. + // Might be resolved by bugzilla bug 1989429. + this.selectedTab = this.addTrustedTab(BROWSER_NEW_TAB_URL, { + skipAnimation: true, + }); } } let memoryUsageBeforeUnload = await getTotalMemoryUsage(); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f7e0a61… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/f7e0a61… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] 6 commits: alpha: new version, 15.0a3 (linux-i686)
by boklm (＠boklm) 21 Sep '25

21 Sep '25

boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 5dabb74a by Nicolas Vigier at 2025-09-21T20:24:27+02:00 alpha: new version, 15.0a3 (linux-i686) - - - - - dbd612d0 by Nicolas Vigier at 2025-09-21T20:24:27+02:00 alpha: new version, 15.0a3 (linux-x86_64) - - - - - f4501437 by Nicolas Vigier at 2025-09-21T20:24:27+02:00 alpha: new version, 15.0a3 (macos) - - - - - f392d8d9 by Nicolas Vigier at 2025-09-21T20:24:27+02:00 alpha: new version, 15.0a3 (windows-i686) - - - - - 56a5d7fa by Nicolas Vigier at 2025-09-21T20:24:27+02:00 alpha: new version, 15.0a3 (windows-x86_64) - - - - - a5246b2a by Nicolas Vigier at 2025-09-21T20:24:28+02:00 alpha: new version, 15.0a3 - - - - - 43 changed files: - update_3/alpha/download-android-aarch64.json - update_3/alpha/download-android-armv7.json - update_3/alpha/download-android-x86.json - update_3/alpha/download-android-x86_64.json - update_3/alpha/download-linux-i686.json - update_3/alpha/download-linux-x86_64.json - update_3/alpha/download-macos.json - update_3/alpha/download-windows-i686.json - update_3/alpha/download-windows-x86_64.json - update_3/alpha/downloads.json - update_3/alpha/linux-i686/.htaccess - update_3/alpha/linux-i686/update-14.5a5-15.0a2-linux-i686.xml → update_3/alpha/linux-i686/update-14.5a6-15.0a3-linux-i686.xml - update_3/alpha/linux-i686/update-14.5a6-15.0a2-linux-i686.xml → update_3/alpha/linux-i686/update-15.0a1-15.0a3-linux-i686.xml - update_3/alpha/linux-i686/update-15.0a1-15.0a2-linux-i686.xml → update_3/alpha/linux-i686/update-15.0a2-15.0a3-linux-i686.xml - update_3/alpha/linux-i686/update-15.0a2-linux-i686.xml → update_3/alpha/linux-i686/update-15.0a3-linux-i686.xml - update_3/alpha/linux-x86_64/.htaccess - update_3/alpha/linux-x86_64/update-14.5a5-15.0a2-linux-x86_64.xml → update_3/alpha/linux-x86_64/update-14.5a6-15.0a3-linux-x86_64.xml - update_3/alpha/linux-x86_64/update-14.5a6-15.0a2-linux-x86_64.xml → update_3/alpha/linux-x86_64/update-15.0a1-15.0a3-linux-x86_64.xml - update_3/alpha/linux-x86_64/update-15.0a1-15.0a2-linux-x86_64.xml → update_3/alpha/linux-x86_64/update-15.0a2-15.0a3-linux-x86_64.xml - update_3/alpha/linux-x86_64/update-15.0a2-linux-x86_64.xml → update_3/alpha/linux-x86_64/update-15.0a3-linux-x86_64.xml - update_3/alpha/macos/.htaccess - update_3/alpha/macos/update-14.5a5-15.0a2-macos.xml → update_3/alpha/macos/update-14.5a6-15.0a3-macos.xml - update_3/alpha/macos/update-15.0a1-15.0a2-macos.xml → update_3/alpha/macos/update-15.0a1-15.0a3-macos.xml - update_3/alpha/macos/update-14.5a6-15.0a2-macos.xml → update_3/alpha/macos/update-15.0a2-15.0a3-macos.xml - update_3/alpha/macos/update-15.0a2-macos.xml → update_3/alpha/macos/update-15.0a3-macos.xml - update_3/alpha/windows-i686/.htaccess - − update_3/alpha/windows-i686/update-14.5a5-15.0a2-windows-i686.xml - − update_3/alpha/windows-i686/update-14.5a6-15.0a2-windows-i686.xml - + update_3/alpha/windows-i686/update-14.5a6-15.0a3-windows-i686.xml - − update_3/alpha/windows-i686/update-15.0a1-15.0a2-windows-i686.xml - + update_3/alpha/windows-i686/update-15.0a1-15.0a3-windows-i686.xml - + update_3/alpha/windows-i686/update-15.0a2-15.0a3-windows-i686.xml - − update_3/alpha/windows-i686/update-15.0a2-windows-i686.xml - + update_3/alpha/windows-i686/update-15.0a3-windows-i686.xml - update_3/alpha/windows-x86_64/.htaccess - − update_3/alpha/windows-x86_64/update-14.5a5-15.0a2-windows-x86_64.xml - − update_3/alpha/windows-x86_64/update-14.5a6-15.0a2-windows-x86_64.xml - + update_3/alpha/windows-x86_64/update-14.5a6-15.0a3-windows-x86_64.xml - − update_3/alpha/windows-x86_64/update-15.0a1-15.0a2-windows-x86_64.xml - + update_3/alpha/windows-x86_64/update-15.0a1-15.0a3-windows-x86_64.xml - + update_3/alpha/windows-x86_64/update-15.0a2-15.0a3-windows-x86_64.xml - − update_3/alpha/windows-x86_64/update-15.0a2-windows-x86_64.xml - + update_3/alpha/windows-x86_64/update-15.0a3-windows-x86_64.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] 4 commits: alpha: new version, 15.0a3 (linux-x86_64)
by boklm (＠boklm) 19 Sep '25

19 Sep '25

boklm pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: 624774ee by Nicolas Vigier at 2025-09-19T16:00:13+02:00 alpha: new version, 15.0a3 (linux-x86_64) - - - - - 469fc843 by Nicolas Vigier at 2025-09-19T16:00:13+02:00 alpha: new version, 15.0a3 (macos) - - - - - 3f56bf52 by Nicolas Vigier at 2025-09-19T16:00:13+02:00 alpha: new version, 15.0a3 (windows-x86_64) - - - - - 570914eb by Nicolas Vigier at 2025-09-19T16:00:13+02:00 alpha: new version, 15.0a3 - - - - - 31 changed files: - update_1/alpha/download-linux-x86_64.json - update_1/alpha/download-macos.json - update_1/alpha/download-windows-x86_64.json - update_1/alpha/downloads.json - update_1/alpha/linux-x86_64/.htaccess - − update_1/alpha/linux-x86_64/update-14.5a5-15.0a2-linux-x86_64.xml - − update_1/alpha/linux-x86_64/update-14.5a6-15.0a2-linux-x86_64.xml - + update_1/alpha/linux-x86_64/update-14.5a6-15.0a3-linux-x86_64.xml - − update_1/alpha/linux-x86_64/update-15.0a1-15.0a2-linux-x86_64.xml - + update_1/alpha/linux-x86_64/update-15.0a1-15.0a3-linux-x86_64.xml - + update_1/alpha/linux-x86_64/update-15.0a2-15.0a3-linux-x86_64.xml - − update_1/alpha/linux-x86_64/update-15.0a2-linux-x86_64.xml - + update_1/alpha/linux-x86_64/update-15.0a3-linux-x86_64.xml - update_1/alpha/macos/.htaccess - − update_1/alpha/macos/update-14.5a5-15.0a2-macos.xml - − update_1/alpha/macos/update-14.5a6-15.0a2-macos.xml - + update_1/alpha/macos/update-14.5a6-15.0a3-macos.xml - − update_1/alpha/macos/update-15.0a1-15.0a2-macos.xml - + update_1/alpha/macos/update-15.0a1-15.0a3-macos.xml - + update_1/alpha/macos/update-15.0a2-15.0a3-macos.xml - − update_1/alpha/macos/update-15.0a2-macos.xml - + update_1/alpha/macos/update-15.0a3-macos.xml - update_1/alpha/windows-x86_64/.htaccess - − update_1/alpha/windows-x86_64/update-14.5a5-15.0a2-windows-x86_64.xml - − update_1/alpha/windows-x86_64/update-14.5a6-15.0a2-windows-x86_64.xml - + update_1/alpha/windows-x86_64/update-14.5a6-15.0a3-windows-x86_64.xml - − update_1/alpha/windows-x86_64/update-15.0a1-15.0a2-windows-x86_64.xml - + update_1/alpha/windows-x86_64/update-15.0a1-15.0a3-windows-x86_64.xml - + update_1/alpha/windows-x86_64/update-15.0a2-15.0a3-windows-x86_64.xml - − update_1/alpha/windows-x86_64/update-15.0a2-windows-x86_64.xml - + update_1/alpha/windows-x86_64/update-15.0a3-windows-x86_64.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.3.0esr-15.0-1] fixup! BB 40925: Implemented the Security Level component
by Pier Angelo Vendrame (＠pierov) 18 Sep '25

18 Sep '25

Pier Angelo Vendrame pushed to branch mullvad-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: c7cdcacd by Pier Angelo Vendrame at 2025-09-18T17:53:38+02:00 fixup! BB 40925: Implemented the Security Level component BB 44178: Refactor DDG's change of behavior with sec level. With the highest security level, we use the HTML version of DuckDuckGo. We used to change the URL on the fly when doing the search, but this had some problems (different UI, and problems with DDG lite). With this change, we consider the security level when loading the search engine configuration, and change the search URLs at that point. - - - - - 4 changed files: - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchEngineSelector.sys.mjs - toolkit/components/search/SearchService.sys.mjs - toolkit/components/securitylevel/SecurityLevel.sys.mjs Changes: ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -14,7 +14,6 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { SearchSettings: "moz-src:///toolkit/components/search/SearchSettings.sys.mjs", SearchUtils: "moz-src:///toolkit/components/search/SearchUtils.sys.mjs", - SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", OpenSearchEngine: "moz-src:///toolkit/components/search/OpenSearchEngine.sys.mjs", }); @@ -354,28 +353,6 @@ export class EngineURL { escapedSearchTerms, queryCharset ); - - if ( - lazy.SecurityLevelPrefs?.securityLevel === "safest" && - this.type === lazy.SearchUtils.URL_TYPE.SEARCH - ) { - let host = templateURI.host; - try { - host = Services.eTLD.getBaseDomainFromHost(host); - } catch (ex) { - lazy.logConsole.warn("Failed to get a FPD", ex, host); - } - if (host === "duckduckgo.com") { - templateURI.host = "html.duckduckgo.com"; - templateURI.pathname = "/html"; - } else if ( - host === - "duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion" - ) { - templateURI.pathname = "/html"; - } - } - if (this.method == "GET" && paramString) { // Query parameters may be specified in the template url AND in `this.params`. // Thus, we need to supply both with the search terms and join them. ===================================== toolkit/components/search/SearchEngineSelector.sys.mjs ===================================== @@ -315,6 +315,9 @@ export class SearchEngineSelector { * The name of the application. * @param {string} [options.version] * The version of the application. + * @param {boolean} [options.javascriptEnabled] + * Tell whether JS is enabled. If not, we will prefer plain HTML version of + * search engines, when available. * @returns {Promise<RefinedConfig>} * An object which contains the refined configuration with a filtered list * of search engines, and the identifiers for the application default engines. @@ -327,6 +330,7 @@ export class SearchEngineSelector { experiment, appName = Services.appinfo.name ?? "", version = Services.appinfo.version ?? "", + javascriptEnabled = true, }) { if (!this._configuration) { await this.getEngineConfiguration(); @@ -461,6 +465,17 @@ export class SearchEngineSelector { e => !e.optional ); + if (!javascriptEnabled) { + refinedSearchConfig.engines = refinedSearchConfig.engines.map(e => { + if (e.identifier === "ddg") { + e.urls.search.base = "https://html.duckduckgo.com/html"; + } else if (e.identifier === "ddg-onion") { + e.urls.search.base += "html"; + } + return e; + }); + } + if ( !refinedSearchConfig.appDefaultEngineId || !refinedSearchConfig.engines.find( ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -24,6 +24,7 @@ ChromeUtils.defineESModuleGetters(lazy, { "moz-src:///toolkit/components/search/PolicySearchEngine.sys.mjs", Region: "resource://gre/modules/Region.sys.mjs", RemoteSettings: "resource://services-settings/remote-settings.sys.mjs", + SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", SearchEngine: "moz-src:///toolkit/components/search/SearchEngine.sys.mjs", SearchEngineSelector: "moz-src:///toolkit/components/search/SearchEngineSelector.sys.mjs", @@ -71,6 +72,7 @@ ChromeUtils.defineLazyGetter(lazy, "defaultOverrideAllowlist", () => { const TOPIC_LOCALES_CHANGE = "intl:app-locales-changed"; const QUIT_APPLICATION_TOPIC = "quit-application"; +const TOPIC_JSENABLED_CHANGED = "SecurityLevel:JavascriptEnabledChanged"; // The update timer for OpenSearch engines checks in once a day. const OPENSEARCH_UPDATE_TIMER_TOPIC = "search-engine-update-timer"; @@ -2634,6 +2636,7 @@ export class SearchService { channel: lazy.SearchUtils.MODIFIED_APP_CHANNEL, experiment: this._experimentPrefValue, distroID: lazy.SearchUtils.distroID ?? "", + javascriptEnabled: lazy.SecurityLevelPrefs.javascriptEnabled, }; for (let [key, value] of Object.entries(searchEngineSelectorProperties)) { @@ -3527,6 +3530,7 @@ export class SearchService { Services.obs.addObserver(this, lazy.SearchUtils.TOPIC_ENGINE_MODIFIED); Services.obs.addObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.addObserver(this, TOPIC_LOCALES_CHANGE); + Services.obs.addObserver(this, TOPIC_JSENABLED_CHANGED); this._settings.addObservers(); @@ -3589,6 +3593,7 @@ export class SearchService { Services.obs.removeObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.removeObserver(this, TOPIC_LOCALES_CHANGE); Services.obs.removeObserver(this, lazy.Region.REGION_TOPIC); + Services.obs.removeObserver(this, TOPIC_JSENABLED_CHANGED); } QueryInterface = ChromeUtils.generateQI([ @@ -3668,6 +3673,13 @@ export class SearchService { Ci.nsISearchService.CHANGE_REASON_REGION ).catch(console.error); break; + + case TOPIC_JSENABLED_CHANGED: + lazy.logConsole.debug("JavaScript toggled"); + this._maybeReloadEngines( + Ci.nsISearchService.CHANGE_REASON_CONFIG + ).catch(console.error); + break; } } ===================================== toolkit/components/securitylevel/SecurityLevel.sys.mjs ===================================== @@ -402,6 +402,8 @@ var initializeSecurityPrefs = function () { Services.prefs.setBoolPref(kCustomPref, false); Services.prefs.setIntPref(kSliderPref, effectiveIndex); } + // Determine the javascriptEnabled value *after* we have set kSliderPref. + SecurityLevelPrefs.updateJavascriptEnabled(); // Warn the user if they have booted the browser in a custom state, and have // not yet acknowledged it in a previous session. SecurityLevelPrefs.maybeWarnCustom(); @@ -578,6 +580,42 @@ export const SecurityLevelPrefs = { )?.[0]; }, + /** + * Cached value for whether javascript is enabled. `null` whilst undetermined. + * + * @type {?boolean} + */ + _javascriptEnabled: null, + + /** + * Whether javascript is enabled for web pages at the current security level. + * + * @type {boolean} + */ + get javascriptEnabled() { + if (this._javascriptEnabled === null) { + this.updateJavascriptEnabled(); + } + return this._javascriptEnabled; + }, + + /** + * Update the javascriptEnabled value. + */ + updateJavascriptEnabled() { + // NoScript will disable javascript for web pages at the safest security + // level. + const enabled = this.securityLevel !== "safest"; + if (enabled === this._javascriptEnabled) { + return; + } + this._javascriptEnabled = enabled; + Services.obs.notifyObservers( + null, + "SecurityLevel:JavascriptEnabledChanged" + ); + }, + /** * Set the desired security level just before a restart. * @@ -587,6 +625,10 @@ export const SecurityLevelPrefs = { */ setSecurityLevelBeforeRestart(level) { write_setting_to_prefs(this.SecurityLevels[level]); + // NOTE: Do not call `updateJavascriptEnabled`. We are about to restart, so + // consumers do not need to know about the change. + // Moreover, the change has not reached NoScript, which controls the + // javascript changes. }, /** @@ -741,6 +783,8 @@ export const SecurityLevelPrefs = { // still be marked as "custom" because: // 1. Some preferences require a browser restart to be applied. // 2. NoScript has not been updated with the new settings. + // NOTE: Do not call `updateJavascriptEnabled` because the change has not + // reached NoScript, which controls the javascript changes. this._tryShowNotifications({ restart: true, custom: true }); }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/c7c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/c7c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.3.0esr-15.0-1] fixup! BB 40925: Implemented the Security Level component
by Pier Angelo Vendrame (＠pierov) 18 Sep '25

18 Sep '25

Pier Angelo Vendrame pushed to branch base-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 8765cf34 by Pier Angelo Vendrame at 2025-09-18T17:52:47+02:00 fixup! BB 40925: Implemented the Security Level component BB 44178: Refactor DDG's change of behavior with sec level. With the highest security level, we use the HTML version of DuckDuckGo. We used to change the URL on the fly when doing the search, but this had some problems (different UI, and problems with DDG lite). With this change, we consider the security level when loading the search engine configuration, and change the search URLs at that point. - - - - - 4 changed files: - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchEngineSelector.sys.mjs - toolkit/components/search/SearchService.sys.mjs - toolkit/components/securitylevel/SecurityLevel.sys.mjs Changes: ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -14,7 +14,6 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { SearchSettings: "moz-src:///toolkit/components/search/SearchSettings.sys.mjs", SearchUtils: "moz-src:///toolkit/components/search/SearchUtils.sys.mjs", - SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", OpenSearchEngine: "moz-src:///toolkit/components/search/OpenSearchEngine.sys.mjs", }); @@ -354,28 +353,6 @@ export class EngineURL { escapedSearchTerms, queryCharset ); - - if ( - lazy.SecurityLevelPrefs?.securityLevel === "safest" && - this.type === lazy.SearchUtils.URL_TYPE.SEARCH - ) { - let host = templateURI.host; - try { - host = Services.eTLD.getBaseDomainFromHost(host); - } catch (ex) { - lazy.logConsole.warn("Failed to get a FPD", ex, host); - } - if (host === "duckduckgo.com") { - templateURI.host = "html.duckduckgo.com"; - templateURI.pathname = "/html"; - } else if ( - host === - "duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion" - ) { - templateURI.pathname = "/html"; - } - } - if (this.method == "GET" && paramString) { // Query parameters may be specified in the template url AND in `this.params`. // Thus, we need to supply both with the search terms and join them. ===================================== toolkit/components/search/SearchEngineSelector.sys.mjs ===================================== @@ -315,6 +315,9 @@ export class SearchEngineSelector { * The name of the application. * @param {string} [options.version] * The version of the application. + * @param {boolean} [options.javascriptEnabled] + * Tell whether JS is enabled. If not, we will prefer plain HTML version of + * search engines, when available. * @returns {Promise<RefinedConfig>} * An object which contains the refined configuration with a filtered list * of search engines, and the identifiers for the application default engines. @@ -327,6 +330,7 @@ export class SearchEngineSelector { experiment, appName = Services.appinfo.name ?? "", version = Services.appinfo.version ?? "", + javascriptEnabled = true, }) { if (!this._configuration) { await this.getEngineConfiguration(); @@ -461,6 +465,17 @@ export class SearchEngineSelector { e => !e.optional ); + if (!javascriptEnabled) { + refinedSearchConfig.engines = refinedSearchConfig.engines.map(e => { + if (e.identifier === "ddg") { + e.urls.search.base = "https://html.duckduckgo.com/html"; + } else if (e.identifier === "ddg-onion") { + e.urls.search.base += "html"; + } + return e; + }); + } + if ( !refinedSearchConfig.appDefaultEngineId || !refinedSearchConfig.engines.find( ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -24,6 +24,7 @@ ChromeUtils.defineESModuleGetters(lazy, { "moz-src:///toolkit/components/search/PolicySearchEngine.sys.mjs", Region: "resource://gre/modules/Region.sys.mjs", RemoteSettings: "resource://services-settings/remote-settings.sys.mjs", + SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", SearchEngine: "moz-src:///toolkit/components/search/SearchEngine.sys.mjs", SearchEngineSelector: "moz-src:///toolkit/components/search/SearchEngineSelector.sys.mjs", @@ -71,6 +72,7 @@ ChromeUtils.defineLazyGetter(lazy, "defaultOverrideAllowlist", () => { const TOPIC_LOCALES_CHANGE = "intl:app-locales-changed"; const QUIT_APPLICATION_TOPIC = "quit-application"; +const TOPIC_JSENABLED_CHANGED = "SecurityLevel:JavascriptEnabledChanged"; // The update timer for OpenSearch engines checks in once a day. const OPENSEARCH_UPDATE_TIMER_TOPIC = "search-engine-update-timer"; @@ -2634,6 +2636,7 @@ export class SearchService { channel: lazy.SearchUtils.MODIFIED_APP_CHANNEL, experiment: this._experimentPrefValue, distroID: lazy.SearchUtils.distroID ?? "", + javascriptEnabled: lazy.SecurityLevelPrefs.javascriptEnabled, }; for (let [key, value] of Object.entries(searchEngineSelectorProperties)) { @@ -3527,6 +3530,7 @@ export class SearchService { Services.obs.addObserver(this, lazy.SearchUtils.TOPIC_ENGINE_MODIFIED); Services.obs.addObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.addObserver(this, TOPIC_LOCALES_CHANGE); + Services.obs.addObserver(this, TOPIC_JSENABLED_CHANGED); this._settings.addObservers(); @@ -3589,6 +3593,7 @@ export class SearchService { Services.obs.removeObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.removeObserver(this, TOPIC_LOCALES_CHANGE); Services.obs.removeObserver(this, lazy.Region.REGION_TOPIC); + Services.obs.removeObserver(this, TOPIC_JSENABLED_CHANGED); } QueryInterface = ChromeUtils.generateQI([ @@ -3668,6 +3673,13 @@ export class SearchService { Ci.nsISearchService.CHANGE_REASON_REGION ).catch(console.error); break; + + case TOPIC_JSENABLED_CHANGED: + lazy.logConsole.debug("JavaScript toggled"); + this._maybeReloadEngines( + Ci.nsISearchService.CHANGE_REASON_CONFIG + ).catch(console.error); + break; } } ===================================== toolkit/components/securitylevel/SecurityLevel.sys.mjs ===================================== @@ -390,6 +390,8 @@ var initializeSecurityPrefs = function () { Services.prefs.setBoolPref(kCustomPref, false); Services.prefs.setIntPref(kSliderPref, effectiveIndex); } + // Determine the javascriptEnabled value *after* we have set kSliderPref. + SecurityLevelPrefs.updateJavascriptEnabled(); // Warn the user if they have booted the browser in a custom state, and have // not yet acknowledged it in a previous session. SecurityLevelPrefs.maybeWarnCustom(); @@ -566,6 +568,42 @@ export const SecurityLevelPrefs = { )?.[0]; }, + /** + * Cached value for whether javascript is enabled. `null` whilst undetermined. + * + * @type {?boolean} + */ + _javascriptEnabled: null, + + /** + * Whether javascript is enabled for web pages at the current security level. + * + * @type {boolean} + */ + get javascriptEnabled() { + if (this._javascriptEnabled === null) { + this.updateJavascriptEnabled(); + } + return this._javascriptEnabled; + }, + + /** + * Update the javascriptEnabled value. + */ + updateJavascriptEnabled() { + // NoScript will disable javascript for web pages at the safest security + // level. + const enabled = this.securityLevel !== "safest"; + if (enabled === this._javascriptEnabled) { + return; + } + this._javascriptEnabled = enabled; + Services.obs.notifyObservers( + null, + "SecurityLevel:JavascriptEnabledChanged" + ); + }, + /** * Set the desired security level just before a restart. * @@ -575,6 +613,10 @@ export const SecurityLevelPrefs = { */ setSecurityLevelBeforeRestart(level) { write_setting_to_prefs(this.SecurityLevels[level]); + // NOTE: Do not call `updateJavascriptEnabled`. We are about to restart, so + // consumers do not need to know about the change. + // Moreover, the change has not reached NoScript, which controls the + // javascript changes. }, /** @@ -729,6 +771,8 @@ export const SecurityLevelPrefs = { // still be marked as "custom" because: // 1. Some preferences require a browser restart to be applied. // 2. NoScript has not been updated with the new settings. + // NOTE: Do not call `updateJavascriptEnabled` because the change has not + // reached NoScript, which controls the javascript changes. this._tryShowNotifications({ restart: true, custom: true }); }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8765cf3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8765cf3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.3.0esr-15.0-1] fixup! BB 40925: Implemented the Security Level component
by Pier Angelo Vendrame (＠pierov) 18 Sep '25

18 Sep '25

Pier Angelo Vendrame pushed to branch tor-browser-140.3.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: ce3eaa51 by Pier Angelo Vendrame at 2025-09-18T17:47:23+02:00 fixup! BB 40925: Implemented the Security Level component BB 44178: Refactor DDG's change of behavior with sec level. With the highest security level, we use the HTML version of DuckDuckGo. We used to change the URL on the fly when doing the search, but this had some problems (different UI, and problems with DDG lite). With this change, we consider the security level when loading the search engine configuration, and change the search URLs at that point. - - - - - 4 changed files: - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchEngineSelector.sys.mjs - toolkit/components/search/SearchService.sys.mjs - toolkit/components/securitylevel/SecurityLevel.sys.mjs Changes: ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -14,7 +14,6 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { SearchSettings: "moz-src:///toolkit/components/search/SearchSettings.sys.mjs", SearchUtils: "moz-src:///toolkit/components/search/SearchUtils.sys.mjs", - SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", OpenSearchEngine: "moz-src:///toolkit/components/search/OpenSearchEngine.sys.mjs", }); @@ -354,28 +353,6 @@ export class EngineURL { escapedSearchTerms, queryCharset ); - - if ( - lazy.SecurityLevelPrefs?.securityLevel === "safest" && - this.type === lazy.SearchUtils.URL_TYPE.SEARCH - ) { - let host = templateURI.host; - try { - host = Services.eTLD.getBaseDomainFromHost(host); - } catch (ex) { - lazy.logConsole.warn("Failed to get a FPD", ex, host); - } - if (host === "duckduckgo.com") { - templateURI.host = "html.duckduckgo.com"; - templateURI.pathname = "/html"; - } else if ( - host === - "duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion" - ) { - templateURI.pathname = "/html"; - } - } - if (this.method == "GET" && paramString) { // Query parameters may be specified in the template url AND in `this.params`. // Thus, we need to supply both with the search terms and join them. ===================================== toolkit/components/search/SearchEngineSelector.sys.mjs ===================================== @@ -315,6 +315,9 @@ export class SearchEngineSelector { * The name of the application. * @param {string} [options.version] * The version of the application. + * @param {boolean} [options.javascriptEnabled] + * Tell whether JS is enabled. If not, we will prefer plain HTML version of + * search engines, when available. * @returns {Promise<RefinedConfig>} * An object which contains the refined configuration with a filtered list * of search engines, and the identifiers for the application default engines. @@ -327,6 +330,7 @@ export class SearchEngineSelector { experiment, appName = Services.appinfo.name ?? "", version = Services.appinfo.version ?? "", + javascriptEnabled = true, }) { if (!this._configuration) { await this.getEngineConfiguration(); @@ -461,6 +465,17 @@ export class SearchEngineSelector { e => !e.optional ); + if (!javascriptEnabled) { + refinedSearchConfig.engines = refinedSearchConfig.engines.map(e => { + if (e.identifier === "ddg") { + e.urls.search.base = "https://html.duckduckgo.com/html"; + } else if (e.identifier === "ddg-onion") { + e.urls.search.base += "html"; + } + return e; + }); + } + if ( !refinedSearchConfig.appDefaultEngineId || !refinedSearchConfig.engines.find( ===================================== toolkit/components/search/SearchService.sys.mjs ===================================== @@ -24,6 +24,7 @@ ChromeUtils.defineESModuleGetters(lazy, { "moz-src:///toolkit/components/search/PolicySearchEngine.sys.mjs", Region: "resource://gre/modules/Region.sys.mjs", RemoteSettings: "resource://services-settings/remote-settings.sys.mjs", + SecurityLevelPrefs: "resource://gre/modules/SecurityLevel.sys.mjs", SearchEngine: "moz-src:///toolkit/components/search/SearchEngine.sys.mjs", SearchEngineSelector: "moz-src:///toolkit/components/search/SearchEngineSelector.sys.mjs", @@ -71,6 +72,7 @@ ChromeUtils.defineLazyGetter(lazy, "defaultOverrideAllowlist", () => { const TOPIC_LOCALES_CHANGE = "intl:app-locales-changed"; const QUIT_APPLICATION_TOPIC = "quit-application"; +const TOPIC_JSENABLED_CHANGED = "SecurityLevel:JavascriptEnabledChanged"; // The update timer for OpenSearch engines checks in once a day. const OPENSEARCH_UPDATE_TIMER_TOPIC = "search-engine-update-timer"; @@ -2634,6 +2636,7 @@ export class SearchService { channel: lazy.SearchUtils.MODIFIED_APP_CHANNEL, experiment: this._experimentPrefValue, distroID: lazy.SearchUtils.distroID ?? "", + javascriptEnabled: lazy.SecurityLevelPrefs.javascriptEnabled, }; for (let [key, value] of Object.entries(searchEngineSelectorProperties)) { @@ -3527,6 +3530,7 @@ export class SearchService { Services.obs.addObserver(this, lazy.SearchUtils.TOPIC_ENGINE_MODIFIED); Services.obs.addObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.addObserver(this, TOPIC_LOCALES_CHANGE); + Services.obs.addObserver(this, TOPIC_JSENABLED_CHANGED); this._settings.addObservers(); @@ -3589,6 +3593,7 @@ export class SearchService { Services.obs.removeObserver(this, QUIT_APPLICATION_TOPIC); Services.obs.removeObserver(this, TOPIC_LOCALES_CHANGE); Services.obs.removeObserver(this, lazy.Region.REGION_TOPIC); + Services.obs.removeObserver(this, TOPIC_JSENABLED_CHANGED); } QueryInterface = ChromeUtils.generateQI([ @@ -3668,6 +3673,13 @@ export class SearchService { Ci.nsISearchService.CHANGE_REASON_REGION ).catch(console.error); break; + + case TOPIC_JSENABLED_CHANGED: + lazy.logConsole.debug("JavaScript toggled"); + this._maybeReloadEngines( + Ci.nsISearchService.CHANGE_REASON_CONFIG + ).catch(console.error); + break; } } ===================================== toolkit/components/securitylevel/SecurityLevel.sys.mjs ===================================== @@ -390,6 +390,8 @@ var initializeSecurityPrefs = function () { Services.prefs.setBoolPref(kCustomPref, false); Services.prefs.setIntPref(kSliderPref, effectiveIndex); } + // Determine the javascriptEnabled value *after* we have set kSliderPref. + SecurityLevelPrefs.updateJavascriptEnabled(); // Warn the user if they have booted the browser in a custom state, and have // not yet acknowledged it in a previous session. SecurityLevelPrefs.maybeWarnCustom(); @@ -566,6 +568,42 @@ export const SecurityLevelPrefs = { )?.[0]; }, + /** + * Cached value for whether javascript is enabled. `null` whilst undetermined. + * + * @type {?boolean} + */ + _javascriptEnabled: null, + + /** + * Whether javascript is enabled for web pages at the current security level. + * + * @type {boolean} + */ + get javascriptEnabled() { + if (this._javascriptEnabled === null) { + this.updateJavascriptEnabled(); + } + return this._javascriptEnabled; + }, + + /** + * Update the javascriptEnabled value. + */ + updateJavascriptEnabled() { + // NoScript will disable javascript for web pages at the safest security + // level. + const enabled = this.securityLevel !== "safest"; + if (enabled === this._javascriptEnabled) { + return; + } + this._javascriptEnabled = enabled; + Services.obs.notifyObservers( + null, + "SecurityLevel:JavascriptEnabledChanged" + ); + }, + /** * Set the desired security level just before a restart. * @@ -575,6 +613,10 @@ export const SecurityLevelPrefs = { */ setSecurityLevelBeforeRestart(level) { write_setting_to_prefs(this.SecurityLevels[level]); + // NOTE: Do not call `updateJavascriptEnabled`. We are about to restart, so + // consumers do not need to know about the change. + // Moreover, the change has not reached NoScript, which controls the + // javascript changes. }, /** @@ -729,6 +771,8 @@ export const SecurityLevelPrefs = { // still be marked as "custom" because: // 1. Some preferences require a browser restart to be applied. // 2. NoScript has not been updated with the new settings. + // NOTE: Do not call `updateJavascriptEnabled` because the change has not + // reached NoScript, which controls the javascript changes. this._tryShowNotifications({ restart: true, custom: true }); }, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ce3eaa5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/ce3eaa5… You're receiving this email because of your account on gitlab.torproject.org.

1 0