- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-15.0a1-build1
by morgan (＠morgan) 29 Jul '25

29 Jul '25

morgan pushed new tag mb-15.0a1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-15.0a1-build1
by morgan (＠morgan) 29 Jul '25

29 Jul '25

morgan pushed new tag tbb-15.0a1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41439,41440: Release Prep Tor,Mullvad Browser 15.0a1
by morgan (＠morgan) 29 Jul '25

29 Jul '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 47f95213 by Morgan at 2025-07-29T10:54:45+00:00 Bug 41439,41440: Release Prep Tor,Mullvad Browser 15.0a1 - - - - - 11 changed files: - projects/application-services/config - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/manual/config - projects/openssl/config - projects/translation/config - rbm.conf Changes: ===================================== projects/application-services/config ===================================== @@ -16,7 +16,7 @@ container: use_container: 1 var: - build_number: 2 + build_number: 3 # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 12 gradle_version: 8.13 ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,57 @@ +Mullvad Browser 15.0a1 - July 29 2025 + * All Platforms + * Updated Firefox to 140.1.0esr + * Updated NoScript to 13.0.8 + * Updated uBlock Origin to 1.65.0 + * Bug 457: Rebase Mullvad Browser Alpha onto 140.1esr [mullvad-browser] + * Bug 42738: Tidy up the commit structure for browser updates UI [tor-browser] + * Bug 43397: Click to play should override "Any capability blocked in the top document must be blocked in its subdocuments too" [tor-browser] + * Bug 43590: Move letterboxing rules out of browser/base/content/browser.css [tor-browser] + * Bug 43610: Use newer CSS variable names for ESR 140 [tor-browser] + * Bug 43629: All migrations in _migrateUIBB are run for new profiles [tor-browser] + * Bug 43635: Console noise due to the x-load capability not being localized [tor-browser] + * Bug 43638: Fix up our `<command>` elements [tor-browser] + * Bug 43772: Do not use official branding for BB/TB/MB [tor-browser] + * Bug 43776: Set branding files for l10n merging [tor-browser] + * Bug 43886: Fix new tab for ESR 140 [tor-browser] + * Bug 43905: base-browser.ftl missing from about:addons [tor-browser] + * Bug 43906: Extension.sys.mjs change in the wrong commit [tor-browser] + * Bug 43929: two about:tor pages opened after update [tor-browser] + * Bug 43947: Console error from ContentBlockingPrefs.init [tor-browser] + * Bug 43989: Switch off AI chatbot preference [tor-browser] + * Bug 43993: Backport Security Fixes from Firefox 141 [tor-browser] + * Windows + * Bug 440: Make abseil use win32 thread model on mingw [mullvad-browser] + * Build System + * All Platforms + * Bug 43777: Disable ./mach telemetry [tor-browser] + * Bug 43891: Update the translation CI to use the new mozilla versions [tor-browser] + * Bug 34434: Remove unused variables from rbm.conf [tor-browser-build] + * Bug 40994: Add support in do-all-signing to sign release for some archs only [tor-browser-build] + * Bug 41227: Update projects/common/list_toolchain_updates-common-firefox-geckoview to include check for binutils [tor-browser-build] + * Bug 41435: Skip update-responses update entries for versions without incremental or full update mar [tor-browser-build] + * Bug 41444: Build artifacts to support artifact builds of Tor/Muillvad/Base Browser [tor-browser-build] + * Bug 41448: Update toolchains for Firefox ESR 140 [tor-browser-build] + * Bug 41449: Add prefix to update-responses xml files [tor-browser-build] + * Bug 41451: When update-responses contains multiple versions, .htaccess only has one no-update.xml redirect [tor-browser-build] + * Bug 41452: Skip update-responses xml files for versions which don't have incrementals [tor-browser-build] + * Bug 41457: Set mar IDs as env variables in tor-browser-build [tor-browser-build] + * Bug 41459: Update taskcluster/ci paths in README and comments [tor-browser-build] + * Bug 41460: Add brizental to the list of people who can sign Tor Browser and Mullvad Browser tags [tor-browser-build] + * Bug 41465: Disable development artifacts generation by default, keep it enabled for nightly builds [tor-browser-build] + * Bug 41467: Remove list_toolchain_updates-firefox-android from Makefile [tor-browser-build] + * Bug 41477: Update keyring/boklm.gpg for new subkeys (2025) [tor-browser-build] + * Bug 41478: Add vim and others missing basic tools to base container image [tor-browser-build] + * Bug 41496: Clean up unused projects [tor-browser-build] + * Bug 41498: Update keyring/morgan.gpg with updated public key [tor-browser-build] + * Bug 41501: cargo_vendor generated archive maintains timestamps [tor-browser-build] + * Bug 40084: Always use bash for the debug terminal [rbm] + * macOS + * Bug 41503: Error 403 when downloading macOS SDK [tor-browser-build] + * Linux + * Bug 41458: Ship geckodriver only on Linux [tor-browser-build] + * Bug 41488: Disable sys/random.h for Node.js [tor-browser-build] + Mullvad Browser 14.5a6 - April 08 2025 * All Platforms * Updated Firefox to 128.9.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,99 @@ +Tor Browser 15.0a1 - July 29 2025 + * All Platforms + * Updated NoScript to 13.0.8 + * Updated OpenSSL to 3.5.1 + * Bug 43397: Click to play should override "Any capability blocked in the top document must be blocked in its subdocuments too" [tor-browser] + * Bug 43772: Do not use official branding for BB/TB/MB [tor-browser] + * Bug 43783: Tighten up the SecurityLevel module to enforce new UX flow [tor-browser] + * Bug 43784: Get confirmation from NoScript that settings are applied [tor-browser] + * Bug 43853: DomainFrontedRequests: setData is no longer a function [tor-browser] + * Bug 43880: Update moat's domain front url [tor-browser] + * Bug 43993: Backport Security Fixes from Firefox 141 [tor-browser] + * Bug 44000: Rebase Tor Browse Alpha onto 140.1.0esr [tor-browser] + * Bug 41502: Application services build is failing on isNetworkAllowed() [tor-browser-build] + * Bug 41508: Switch built-in meek bridge to meek-unredacted [tor-browser-build] + * Bug 41515: Bump version of Conjure to include P173 improvements [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 140.1.0esr + * Bug 42738: Tidy up the commit structure for browser updates UI [tor-browser] + * Bug 43590: Move letterboxing rules out of browser/base/content/browser.css [tor-browser] + * Bug 43610: Use newer CSS variable names for ESR 140 [tor-browser] + * Bug 43629: All migrations in _migrateUIBB are run for new profiles [tor-browser] + * Bug 43635: Console noise due to the x-load capability not being localized [tor-browser] + * Bug 43638: Fix up our `<command>` elements [tor-browser] + * Bug 43765: Temporarily disable Lox [tor-browser] + * Bug 43766: Only save the relevant TorSettings changes to preferences. [tor-browser] + * Bug 43776: Set branding files for l10n merging [tor-browser] + * Bug 43782: Add new UX flow for changing security level (Desktop) [tor-browser] + * Bug 43879: tor-branding.css declarations are overwritten [tor-browser] + * Bug 43886: Fix new tab for ESR 140 [tor-browser] + * Bug 43905: base-browser.ftl missing from about:addons [tor-browser] + * Bug 43906: Extension.sys.mjs change in the wrong commit [tor-browser] + * Bug 43913: Bizarre right-clicking issues: menu items blanked out and/or not working; too many items in the right-click menu; different right-clicking menu displayed initially for links [tor-browser] + * Bug 43929: two about:tor pages opened after update [tor-browser] + * Bug 43930: Onionize toggle not centre aligned in about:tor [tor-browser] + * Bug 43947: Console error from ContentBlockingPrefs.init [tor-browser] + * Bug 43989: Switch off AI chatbot preference [tor-browser] + * Android + * Updated GeckoView to 140.1.0esr + * Bug 43577: Flush settings fails on Android [tor-browser] + * Bug 43786: Add new UX flow for changing security level (Android) [tor-browser] + * Bug 43855: brand.properties merging on Android is broken in 140 [tor-browser] + * Bug 44029: Search/url bar doesn't work on android after ESR 140 [tor-browser] + * Bug 44036: Crash on opening "Search Settings" on android [tor-browser] + * Bug 41494: Update GeckoView build scripts for ESR140 [tor-browser-build] + * Build System + * All Platforms + * Bug 43615: Add Gitlab Issue and Merge request templates [tor-browser] + * Bug 43616: Customize Gitlab Issue and Merge templates [tor-browser] + * Bug 43777: Disable ./mach telemetry [tor-browser] + * Bug 43891: Update the translation CI to use the new mozilla versions [tor-browser] + * Bug 43954: Update tb-dev to handle lightweight tags [tor-browser] + * Bug 43962: update tb-dev auto-fixup for git 2.50 [tor-browser] + * Bug 34434: Remove unused variables from rbm.conf [tor-browser-build] + * Bug 40994: Add support in do-all-signing to sign release for some archs only [tor-browser-build] + * Bug 41227: Update projects/common/list_toolchain_updates-common-firefox-geckoview to include check for binutils [tor-browser-build] + * Bug 41432: Bump OpenSSL to >= 3.5.0 [tor-browser-build] + * Bug 41434: Go updates shouldn't target all platforms until macOS is on legacy in the changelogs [tor-browser-build] + * Bug 41435: Skip update-responses update entries for versions without incremental or full update mar [tor-browser-build] + * Bug 41444: Build artifacts to support artifact builds of Tor/Muillvad/Base Browser [tor-browser-build] + * Bug 41448: Update toolchains for Firefox ESR 140 [tor-browser-build] + * Bug 41449: Add prefix to update-responses xml files [tor-browser-build] + * Bug 41451: When update-responses contains multiple versions, .htaccess only has one no-update.xml redirect [tor-browser-build] + * Bug 41459: Update taskcluster/ci paths in README and comments [tor-browser-build] + * Bug 41460: Add brizental to the list of people who can sign Tor Browser and Mullvad Browser tags [tor-browser-build] + * Bug 41465: Disable development artifacts generation by default, keep it enabled for nightly builds [tor-browser-build] + * Bug 41467: Remove list_toolchain_updates-firefox-android from Makefile [tor-browser-build] + * Bug 41477: Update keyring/boklm.gpg for new subkeys (2025) [tor-browser-build] + * Bug 41478: Add vim and others missing basic tools to base container image [tor-browser-build] + * Bug 41486: Track bundletool and osslicenses-plugin versions in list_toolchain_updates_checks [tor-browser-build] + * Bug 41496: Clean up unused projects [tor-browser-build] + * Bug 41498: Update keyring/morgan.gpg with updated public key [tor-browser-build] + * Bug 41501: cargo_vendor generated archive maintains timestamps [tor-browser-build] + * Bug 41514: Remove var/build_go_lib from projects/go/config [tor-browser-build] + * Bug 40084: Always use bash for the debug terminal [rbm] + * Windows + macOS + Linux + * Bug 41452: Skip update-responses xml files for versions which don't have incrementals [tor-browser-build] + * Bug 41457: Set mar IDs as env variables in tor-browser-build [tor-browser-build] + * Windows + Linux + Android + * Updated Go to 1.23.11 + * macOS + * Bug 41503: Error 403 when downloading macOS SDK [tor-browser-build] + * Linux + * Bug 41458: Ship geckodriver only on Linux [tor-browser-build] + * Bug 41488: Disable sys/random.h for Node.js [tor-browser-build] + * Android + * Bug 43984: Update android build scripts and docs for ESR 140 [tor-browser] + * Bug 43987: 140 Android is not reproducible [tor-browser] + * Bug 41280: download-android-<arch>.json does not get updated for android-only releases [tor-browser-build] + * Bug 41453: Update application-services and uniffi-rs for ESR140 [tor-browser-build] + * Bug 41483: geckoview_example-withGeckoBinaries-....apk doesn't exist anymore in Firefox 140 [tor-browser-build] + * Bug 41484: Create a fork of application-services [tor-browser-build] + * Bug 41499: Android nightly builds are broken [tor-browser-build] + * Bug 41500: Optimize tor and its dependencies for size on Android [tor-browser-build] + * Bug 41506: Use appilcation-services branch for nightlies builds [tor-browser-build] + * Bug 41507: Single-arch build fails because artifacts don't have arch subdirectories [tor-browser-build] + Tor Browser 14.5a6 - April 08 2025 * All Platforms * Updated Tor to 0.4.9.2-alpha ===================================== projects/browser/config ===================================== @@ -113,12 +113,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: dmg-root enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4411102/noscript-12.1.1.x… + - URL: https://addons.mozilla.org/firefox/downloads/file/4497468/noscript-13.0.8.x… name: noscript - sha256sum: f9639e63ffcfc352036de00e4ff6694bb0ca65a0bb8fbd103bd08f32dc1ff31a - - URL: https://addons.mozilla.org/firefox/downloads/file/4458450/ublock_origin-1.6… + sha256sum: 9d978cfe083cb9cce120b5ee41e8933d752d7ab4680bf517c5ec4b29c4cfd2dc + - URL: https://addons.mozilla.org/firefox/downloads/file/4531307/ublock_origin-1.6… name: ublock-origin - sha256sum: d93176cef4dc042e41ba500aa2a90e5d57b5be77449cbd522111585e3a0cd158 + sha256sum: 3e73c96a29a933866065f0756fe032984bf5b254af8dd1afd7a7f7e0668a33cf enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.9.4/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -21,7 +21,7 @@ var: browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 1 + browser_build: 3 copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser @@ -115,6 +115,7 @@ targets: mar_id_prefix: 'mullvadbrowser-mullvad' nightly_updates_publish_dir_prefix: mullvadbrowser- + browser_build: 1 linux-x86_64: var: arch_deps: ===================================== projects/geckoview/config ===================================== @@ -23,7 +23,7 @@ var: browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 1 + browser_build: 3 gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: ===================================== projects/go/config ===================================== @@ -1,11 +1,11 @@ # vim: filetype=yaml sw=2 -version: '1.23.8' +version: '1.23.11' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: - source_sha256: 0ca1f1e37ea255e3ce283af3f4e628502fb444587da987a5bb96d6c6f15930d4 + source_sha256: 296381607a483a8a8667d7695331752f94a1f231c204e2527d2f22e1e3d1247d no_crosscompile: 1 setup: | mkdir -p /var/tmp/dist ===================================== projects/manual/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 # To update, see doc/how-to-update-the-manual.txt # Remember to update also the package's hash, with the version! -version: 263551 +version: 295391 filename: 'manual-[% c("version") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -23,6 +23,6 @@ input_files: - project: container-image - URL: 'https://build-sources.tbb.torproject.org/manual_[% c("version") %].zip' name: manual - sha256sum: f8d312081457b1cab3e8fcafda1d0e534852b5d3c3cb1bd32100f13298cb7839 + sha256sum: feff63a5611438ae31c8237c9ce5cb463ec96cab07bd71f51a80ac5020d4e465 - filename: packagemanual.py name: package_script ===================================== projects/openssl/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 3.5.0 +version: 3.5.1 filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -33,5 +33,5 @@ input_files: - name: '[% c("var/compiler") %]' project: '[% c("var/compiler") %]' - URL: 'https://github.com/openssl/openssl/releases/download/openssl-[% c("version") %]/openssl-[% c("version") %].tar.gz' - sha256sum: 344d0a79f1a9b08029b0744e2cc401a43f9c90acd1044d09a530b4885a8e9fc0 + sha256sum: 529043b15cffa5f36077a4d0af83f3de399807181d607441d734196d889b641f name: openssl ===================================== projects/translation/config ===================================== @@ -12,19 +12,19 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: b54e21b36db35ad390c4f385b76cbd293a58cbc6 + git_hash: 96a559c7c1f7b9231db2b5cece7ecae980ae835d targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 94aae5dcdfa2e99b516acb6a834a54f7de76e54f + git_hash: 3becb908fbf68aa77accc1f2e03e2c29f4fe40e2 targets: nightly: git_hash: 'tor-browser' mullvad-browser: mullvad-browser: '[% INCLUDE build %]' - git_hash: 34b45a7417145b1f26784825ef6c873497cbda0a + git_hash: bf09d9c070f72ad3aee24c54cb154bab2570247b targets: nightly: git_hash: 'mullvad-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: b5bc0929fbfff8343a8c57e26ffa70ea4d38c2ce + git_hash: 674a3f4d2d75b9688a54e5f1a0139feb617339d3 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -78,7 +78,7 @@ var: torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/04/08 17:53:31' + browser_release_date: '2025/07/29 10:33:44' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' browser_default_channel: alpha browser_platforms: @@ -128,9 +128,9 @@ var: updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 14.5a6 - 14.5a5 - 14.5a4 - - 14.5a3 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.1.0esr-15.0-1-build3
by morgan (＠morgan) 29 Jul '25

29 Jul '25

morgan pushed new tag tor-browser-140.1.0esr-15.0-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bump Firefox version to 140.1.0esr for nightly builds
by morgan (＠morgan) 28 Jul '25

28 Jul '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: d186157f by Morgan at 2025-07-28T20:27:01+00:00 Bump Firefox version to 140.1.0esr for nightly builds - - - - - 2 changed files: - projects/firefox/config - projects/geckoview/config Changes: ===================================== projects/firefox/config ===================================== @@ -16,7 +16,7 @@ container: use_container: 1 var: - firefox_platform_version: '140.0' + firefox_platform_version: '140.1.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 ===================================== projects/geckoview/config ===================================== @@ -18,7 +18,7 @@ container: build_apk: 1 var: - firefox_platform_version: '140.0' + firefox_platform_version: '140.1.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-140.1.0esr-15.0-1-build1
by morgan (＠morgan) 28 Jul '25

28 Jul '25

morgan pushed new tag mullvad-browser-140.1.0esr-15.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.5] Bug 41515: Remove projects/conjure/conjure-pr-267.patch
by Pier Angelo Vendrame (＠pierov) 28 Jul '25

28 Jul '25

Pier Angelo Vendrame pushed to branch maint-14.5 at The Tor Project / Applications / tor-browser-build Commits: a4bb31a5 by Nicolas Vigier at 2025-07-28T18:08:52+02:00 Bug 41515: Remove projects/conjure/conjure-pr-267.patch With the latest conjure update, github.com/refraction-networking/conjure version has been updated from v0.7.10 to v0.9.1. The patch conjure-pr-267.patch was included in v0.7.11 according to https://github.com/refraction-networking/conjure/issues/287. - - - - - 3 changed files: - projects/conjure/build - projects/conjure/config - − projects/conjure/conjure-pr-267.patch Changes: ===================================== projects/conjure/build ===================================== @@ -19,11 +19,6 @@ tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_ta cd /var/tmp/build/[% project %]-[% c('version') %] tar -xf $rootdir/[% c('input_files_by_name/go_vendor') %] -[% IF c("var/windows") -%] - pushd vendor/github.com/refraction-networking/conjure - patch -p1 < $rootdir/conjure-pr-267.patch - popd -[% END -%] cd client go build -ldflags '-s[% IF c("var/android") %] -checklinkname=0[% END %]' -tags 'protoreflect' ===================================== projects/conjure/config ===================================== @@ -22,9 +22,5 @@ steps: sha256sum: d43631d17d8b6f78152bb4341f867bb22ad4444fec5573be1d34dac968202cda target_replace: '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' - # https://github.com/refraction-networking/conjure/pull/267 - # Remove this once the depdency is updated. - - filename: conjure-pr-267.patch - enable: '[% c("var/windows") %]' - name: go-licenses project: go-licenses ===================================== projects/conjure/conjure-pr-267.patch deleted ===================================== @@ -1,79 +0,0 @@ -From e5968e71e3ce40e24a5108d2dea7a9bc1d050559 Mon Sep 17 00:00:00 2001 -From: Rod Hynes <rod-hynes(a)users.noreply.github.com> -Date: Mon, 29 Jan 2024 13:34:44 -0500 -Subject: [PATCH] Fix Windows build - ---- - pkg/transports/connecting/dtls/nat.go | 5 ++--- - pkg/transports/connecting/dtls/setsockopt_other.go | 12 ++++++++++++ - pkg/transports/connecting/dtls/setsockopt_windows.go | 12 ++++++++++++ - 3 files changed, 26 insertions(+), 3 deletions(-) - create mode 100644 pkg/transports/connecting/dtls/setsockopt_other.go - create mode 100644 pkg/transports/connecting/dtls/setsockopt_windows.go - -diff --git a/pkg/transports/connecting/dtls/nat.go b/pkg/transports/connecting/dtls/nat.go -index 8860316b..ab3716b9 100644 ---- a/pkg/transports/connecting/dtls/nat.go -+++ b/pkg/transports/connecting/dtls/nat.go -@@ -5,7 +5,6 @@ import ( - "fmt" - "net" - "os" -- "syscall" - "time" - - "github.com/pion/stun" -@@ -58,7 +57,7 @@ func openUDPLimitTTL(ctx context.Context, laddr, addr string, dialer dialFunc) e - defer fd.Close() - - // Set the TTL -- err = syscall.SetsockoptInt(int(fd.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+ err = setSocketTTL(fd, ttl) - if err != nil { - return err - } -@@ -70,7 +69,7 @@ func openUDPLimitTTL(ctx context.Context, laddr, addr string, dialer dialFunc) e - } - - // reset TTL -- err = syscall.SetsockoptInt(int(fd.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, defaultTTL) -+ err = setSocketTTL(fd, defaultTTL) - if err != nil { - return err - } -diff --git a/pkg/transports/connecting/dtls/setsockopt_other.go b/pkg/transports/connecting/dtls/setsockopt_other.go -new file mode 100644 -index 00000000..eeba1ed6 ---- /dev/null -+++ b/pkg/transports/connecting/dtls/setsockopt_other.go -@@ -0,0 +1,12 @@ -+//go:build !windows -+ -+package dtls -+ -+import ( -+ "os" -+ "syscall" -+) -+ -+func setSocketTTL(f *os.File, ttl int) error { -+ return syscall.SetsockoptInt(int(f.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+} -diff --git a/pkg/transports/connecting/dtls/setsockopt_windows.go b/pkg/transports/connecting/dtls/setsockopt_windows.go -new file mode 100644 -index 00000000..6ab835ea ---- /dev/null -+++ b/pkg/transports/connecting/dtls/setsockopt_windows.go -@@ -0,0 +1,12 @@ -+//go:build windows -+ -+package dtls -+ -+import ( -+ "os" -+ "syscall" -+) -+ -+func setSocketTTL(f *os.File, ttl int) error { -+ return syscall.SetsockoptInt(syscall.Handle(f.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+} View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/a… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41515: Remove projects/conjure/conjure-pr-267.patch
by Pier Angelo Vendrame (＠pierov) 28 Jul '25

28 Jul '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: dfb52888 by Nicolas Vigier at 2025-07-28T11:57:07+02:00 Bug 41515: Remove projects/conjure/conjure-pr-267.patch With the latest conjure update, github.com/refraction-networking/conjure version has been updated from v0.7.10 to v0.9.1. The patch conjure-pr-267.patch was included in v0.7.11 according to https://github.com/refraction-networking/conjure/issues/287. - - - - - 3 changed files: - projects/conjure/build - projects/conjure/config - − projects/conjure/conjure-pr-267.patch Changes: ===================================== projects/conjure/build ===================================== @@ -19,11 +19,6 @@ tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.[% c('compress_ta cd /var/tmp/build/[% project %]-[% c('version') %] tar -xf $rootdir/[% c('input_files_by_name/go_vendor') %] -[% IF c("var/windows") -%] - pushd vendor/github.com/refraction-networking/conjure - patch -p1 < $rootdir/conjure-pr-267.patch - popd -[% END -%] cd client go build -ldflags '-s[% IF c("var/android") %] -checklinkname=0[% END %]' -tags 'protoreflect' ===================================== projects/conjure/config ===================================== @@ -22,9 +22,5 @@ steps: sha256sum: d43631d17d8b6f78152bb4341f867bb22ad4444fec5573be1d34dac968202cda target_replace: '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' - # https://github.com/refraction-networking/conjure/pull/267 - # Remove this once the depdency is updated. - - filename: conjure-pr-267.patch - enable: '[% c("var/windows") %]' - name: go-licenses project: go-licenses ===================================== projects/conjure/conjure-pr-267.patch deleted ===================================== @@ -1,79 +0,0 @@ -From e5968e71e3ce40e24a5108d2dea7a9bc1d050559 Mon Sep 17 00:00:00 2001 -From: Rod Hynes <rod-hynes(a)users.noreply.github.com> -Date: Mon, 29 Jan 2024 13:34:44 -0500 -Subject: [PATCH] Fix Windows build - ---- - pkg/transports/connecting/dtls/nat.go | 5 ++--- - pkg/transports/connecting/dtls/setsockopt_other.go | 12 ++++++++++++ - pkg/transports/connecting/dtls/setsockopt_windows.go | 12 ++++++++++++ - 3 files changed, 26 insertions(+), 3 deletions(-) - create mode 100644 pkg/transports/connecting/dtls/setsockopt_other.go - create mode 100644 pkg/transports/connecting/dtls/setsockopt_windows.go - -diff --git a/pkg/transports/connecting/dtls/nat.go b/pkg/transports/connecting/dtls/nat.go -index 8860316b..ab3716b9 100644 ---- a/pkg/transports/connecting/dtls/nat.go -+++ b/pkg/transports/connecting/dtls/nat.go -@@ -5,7 +5,6 @@ import ( - "fmt" - "net" - "os" -- "syscall" - "time" - - "github.com/pion/stun" -@@ -58,7 +57,7 @@ func openUDPLimitTTL(ctx context.Context, laddr, addr string, dialer dialFunc) e - defer fd.Close() - - // Set the TTL -- err = syscall.SetsockoptInt(int(fd.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+ err = setSocketTTL(fd, ttl) - if err != nil { - return err - } -@@ -70,7 +69,7 @@ func openUDPLimitTTL(ctx context.Context, laddr, addr string, dialer dialFunc) e - } - - // reset TTL -- err = syscall.SetsockoptInt(int(fd.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, defaultTTL) -+ err = setSocketTTL(fd, defaultTTL) - if err != nil { - return err - } -diff --git a/pkg/transports/connecting/dtls/setsockopt_other.go b/pkg/transports/connecting/dtls/setsockopt_other.go -new file mode 100644 -index 00000000..eeba1ed6 ---- /dev/null -+++ b/pkg/transports/connecting/dtls/setsockopt_other.go -@@ -0,0 +1,12 @@ -+//go:build !windows -+ -+package dtls -+ -+import ( -+ "os" -+ "syscall" -+) -+ -+func setSocketTTL(f *os.File, ttl int) error { -+ return syscall.SetsockoptInt(int(f.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+} -diff --git a/pkg/transports/connecting/dtls/setsockopt_windows.go b/pkg/transports/connecting/dtls/setsockopt_windows.go -new file mode 100644 -index 00000000..6ab835ea ---- /dev/null -+++ b/pkg/transports/connecting/dtls/setsockopt_windows.go -@@ -0,0 +1,12 @@ -+//go:build windows -+ -+package dtls -+ -+import ( -+ "os" -+ "syscall" -+) -+ -+func setSocketTTL(f *os.File, ttl int) error { -+ return syscall.SetsockoptInt(syscall.Handle(f.Fd()), syscall.IPPROTO_IP, syscall.IP_TTL, ttl) -+} View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-140.1.0esr-15.0-1] 25 commits: Add CI for Mullvad Browser
by ma1 (＠ma1) 28 Jul '25

28 Jul '25

ma1 pushed to branch mullvad-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 8ff5c536 by Henry Wilkes at 2025-07-24T08:36:17+02:00 Add CI for Mullvad Browser - - - - - 00e62fe9 by Pier Angelo Vendrame at 2025-07-24T08:36:19+02:00 MB 38: Mullvad Browser configuration - - - - - 9f6edf42 by Pier Angelo Vendrame at 2025-07-24T08:59:14+02:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 783a94fe by Henry Wilkes at 2025-07-24T08:59:16+02:00 Mullvad Browser strings This commit adds strings needed by the following Mullvad Browser patches. - - - - - fef5b36e by Pier Angelo Vendrame at 2025-07-24T08:59:18+02:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - d9863f7b by Pier Angelo Vendrame at 2025-07-24T08:59:20+02:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - aad952c1 by Pier Angelo Vendrame at 2025-07-24T08:59:22+02:00 MB 37: Customization for the about dialog - - - - - bc5f07ab by Henry Wilkes at 2025-07-24T08:59:25+02:00 MB 39: Add home page about:mullvad-browser - - - - - d6ee9f15 by Henry Wilkes at 2025-07-24T09:22:40+02:00 fixup! MB 39: Add home page about:mullvad-browser TB 43886: Set homepage to about:mullvad-browser. - - - - - f9997593 by Henry Wilkes at 2025-07-24T09:22:42+02:00 fixup! MB 39: Add home page about:mullvad-browser TB 43929: Update about:mullvad-browser override page logic for ESR 140. TB 42738: Move these changes to the about:mullvad-browser commit. - - - - - 7ba0a51d by hackademix at 2025-07-24T09:22:44+02:00 MB 97: Remove UI cues to install new extensions. - - - - - 553591ee by hackademix at 2025-07-24T09:22:47+02:00 MB 47: uBlock Origin customization - - - - - 279c7f08 by Pier Angelo Vendrame at 2025-07-24T09:22:49+02:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - 81aedff1 by Pier Angelo Vendrame at 2025-07-24T10:06:13+02:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - 9fb4b07c by Nicolas Vigier at 2025-07-24T10:06:26+02:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - 67e125c1 by Pier Angelo Vendrame at 2025-07-24T10:06:28+02:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 1697115d by Pier Angelo Vendrame at 2025-07-24T10:06:30+02:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - 615a3774 by hackademix at 2025-07-24T10:06:33+02:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - 21301ef5 by Richard Pospesel at 2025-07-24T10:06:35+02:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - 499904e7 by rui hildt at 2025-07-24T10:06:38+02:00 MB 213: Customize the search engines list MB 328: Refactor the search engine patch. Upstream switched to a completely different search engine configuration between ESR 115 and ESR 128. We moved our configuration to a couple of JSON files that do not follow upstream's schemas, as they are overcomplicated for our needs. Also, we keep the old search engine extensions for now, as upstream also kept them, and planned of removing them with Bug 1885953. - - - - - e3d39b52 by hackademix at 2025-07-24T10:06:40+02:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - 6233b87e by Pier Angelo Vendrame at 2025-07-24T10:06:43+02:00 MB 80: Enable Mullvad Browser as a default browser - - - - - fa5da3df by Pier Angelo Vendrame at 2025-07-24T10:06:45+02:00 MB 320: Temporarily disable WebRTC and WDBA on Windows. WebRTC should be re-enabled when tor-browser#42758 is resolved, and and the default browser agent when in general we make this feature work again. - - - - - f3d6f9f8 by Henry Wilkes at 2025-07-24T10:06:47+02:00 MB 329: Customize toolbar for mullvad-browser. - - - - - 33409cbe by Henry Wilkes at 2025-07-24T10:06:49+02:00 MB 419: Mullvad Browser migration procedures. This commit implements the the Mullvad Browser's version of _migrateUI. - - - - - 270 changed files: - .gitlab/ci/jobs/update-translations.yml - .gitlab/issue_templates/000 Bug Report.md - .gitlab/issue_templates/010 Proposal.md - .gitlab/issue_templates/020 Web Compatibility.md - .gitlab/issue_templates/030 Test.md - .gitlab/issue_templates/040 Feature.md - .gitlab/issue_templates/060 Rebase - Alpha.md - .gitlab/issue_templates/061 Rebase - Stable.md - .gitlab/issue_templates/063 Rebase - Rapid.md - .gitlab/issue_templates/090 Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Rapid.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - .gitlab/merge_request_templates/Default.md - + .gitlab/merge_request_templates/Rebase.md - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/module.ver - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - + browser/app/profile/000-mullvad-browser.js - browser/app/profile/001-base-profile.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-places.js - browser/base/content/browser.js - browser/base/content/default-bookmarks.html - browser/base/content/nsContextMenu.sys.mjs - browser/base/content/overrides/app-license.html - browser/base/content/pageinfo/pageInfo.xhtml - browser/base/content/utilityOverlay.js - browser/branding/branding-common.mozbuild - + browser/branding/mb-alpha/VisualElements_150.png - + browser/branding/mb-alpha/VisualElements_70.png - + browser/branding/mb-alpha/configure.sh - + browser/branding/mb-alpha/content/about-logo.png - + browser/branding/mb-alpha/content/about-logo.svg - + browser/branding/mb-alpha/content/about-logo(a)2x.png - + browser/branding/mb-alpha/content/about-wordmark.svg - + browser/branding/mb-alpha/content/about.png - + browser/branding/mb-alpha/content/aboutDialog.css - + browser/branding/mb-alpha/content/firefox-wordmark.svg - + browser/branding/mb-alpha/content/icon128.png - + browser/branding/mb-alpha/content/icon16.png - + browser/branding/mb-alpha/content/icon256.png - + browser/branding/mb-alpha/content/icon32.png - + browser/branding/mb-alpha/content/icon48.png - + browser/branding/mb-alpha/content/icon64.png - + browser/branding/mb-alpha/content/jar.mn - + browser/branding/mb-alpha/content/moz.build - + browser/branding/mb-alpha/content/mullvad-branding.css - + browser/branding/mb-alpha/default128.png - + browser/branding/mb-alpha/default16.png - + browser/branding/mb-alpha/default22.png - + browser/branding/mb-alpha/default24.png - + browser/branding/mb-alpha/default256.png - + browser/branding/mb-alpha/default32.png - + browser/branding/mb-alpha/default48.png - + browser/branding/mb-alpha/default64.png - + browser/branding/mb-alpha/document.icns - + browser/branding/mb-alpha/document.ico - + browser/branding/mb-alpha/document_pdf.ico - + browser/branding/mb-alpha/firefox.icns - + browser/branding/mb-alpha/firefox.ico - + browser/branding/mb-alpha/firefox.svg - + browser/branding/mb-alpha/locales/en-US/brand.ftl - + browser/branding/mb-alpha/locales/en-US/brand.properties - + browser/branding/mb-alpha/locales/jar.mn - + browser/branding/mb-alpha/locales/moz.build - + browser/branding/mb-alpha/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-alpha/moz.build - + browser/branding/mb-alpha/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-alpha/newtab.ico - + browser/branding/mb-alpha/newwindow.ico - + browser/branding/mb-alpha/pbmode.ico - + browser/branding/mb-alpha/pref/firefox-branding.js - + browser/branding/mb-nightly/VisualElements_150.png - + browser/branding/mb-nightly/VisualElements_70.png - + browser/branding/mb-nightly/configure.sh - + browser/branding/mb-nightly/content/about-logo.png - + browser/branding/mb-nightly/content/about-logo.svg - + browser/branding/mb-nightly/content/about-logo(a)2x.png - + browser/branding/mb-nightly/content/about-wordmark.svg - + browser/branding/mb-nightly/content/about.png - + browser/branding/mb-nightly/content/aboutDialog.css - + browser/branding/mb-nightly/content/firefox-wordmark.svg - + browser/branding/mb-nightly/content/icon128.png - + browser/branding/mb-nightly/content/icon16.png - + browser/branding/mb-nightly/content/icon256.png - + browser/branding/mb-nightly/content/icon32.png - + browser/branding/mb-nightly/content/icon48.png - + browser/branding/mb-nightly/content/icon64.png - + browser/branding/mb-nightly/content/jar.mn - + browser/branding/mb-nightly/content/moz.build - + browser/branding/mb-nightly/content/mullvad-branding.css - + browser/branding/mb-nightly/default128.png - + browser/branding/mb-nightly/default16.png - + browser/branding/mb-nightly/default22.png - + browser/branding/mb-nightly/default24.png - + browser/branding/mb-nightly/default256.png - + browser/branding/mb-nightly/default32.png - + browser/branding/mb-nightly/default48.png - + browser/branding/mb-nightly/default64.png - + browser/branding/mb-nightly/document.icns - + browser/branding/mb-nightly/document.ico - + browser/branding/mb-nightly/document_pdf.ico - + browser/branding/mb-nightly/firefox.icns - + browser/branding/mb-nightly/firefox.ico - + browser/branding/mb-nightly/firefox.svg - + browser/branding/mb-nightly/locales/en-US/brand.ftl - + browser/branding/mb-nightly/locales/en-US/brand.properties - + browser/branding/mb-nightly/locales/jar.mn - + browser/branding/mb-nightly/locales/moz.build - + browser/branding/mb-nightly/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-nightly/moz.build - + browser/branding/mb-nightly/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-nightly/newtab.ico - + browser/branding/mb-nightly/newwindow.ico - + browser/branding/mb-nightly/pbmode.ico - + browser/branding/mb-nightly/pref/firefox-branding.js - + browser/branding/mb-release/VisualElements_150.png - + browser/branding/mb-release/VisualElements_70.png - + browser/branding/mb-release/configure.sh - + browser/branding/mb-release/content/about-logo.png - + browser/branding/mb-release/content/about-logo.svg - + browser/branding/mb-release/content/about-logo(a)2x.png - + browser/branding/mb-release/content/about-wordmark.svg - + browser/branding/mb-release/content/about.png - + browser/branding/mb-release/content/aboutDialog.css - + browser/branding/mb-release/content/firefox-wordmark.svg - + browser/branding/mb-release/content/icon128.png - + browser/branding/mb-release/content/icon16.png - + browser/branding/mb-release/content/icon256.png - + browser/branding/mb-release/content/icon32.png - + browser/branding/mb-release/content/icon48.png - + browser/branding/mb-release/content/icon64.png - + browser/branding/mb-release/content/jar.mn - + browser/branding/mb-release/content/moz.build - + browser/branding/mb-release/content/mullvad-branding.css - + browser/branding/mb-release/default128.png - + browser/branding/mb-release/default16.png - + browser/branding/mb-release/default22.png - + browser/branding/mb-release/default24.png - + browser/branding/mb-release/default256.png - + browser/branding/mb-release/default32.png - + browser/branding/mb-release/default48.png - + browser/branding/mb-release/default64.png - + browser/branding/mb-release/document.icns - + browser/branding/mb-release/document.ico - + browser/branding/mb-release/document_pdf.ico - + browser/branding/mb-release/firefox.icns - + browser/branding/mb-release/firefox.ico - + browser/branding/mb-release/firefox.svg - + browser/branding/mb-release/locales/en-US/brand.ftl - + browser/branding/mb-release/locales/en-US/brand.properties - + browser/branding/mb-release/locales/jar.mn - + browser/branding/mb-release/locales/moz.build - + browser/branding/mb-release/locales/mullvad-about-wordmark-en.ftl - + browser/branding/mb-release/moz.build - + browser/branding/mb-release/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-release/newtab.ico - + browser/branding/mb-release/newwindow.ico - + browser/branding/mb-release/pbmode.ico - + browser/branding/mb-release/pref/firefox-branding.js - browser/components/BrowserContentHandler.sys.mjs - browser/components/BrowserGlue.sys.mjs - browser/components/DesktopActorRegistry.sys.mjs - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - browser/components/customizableui/CustomizableUI.sys.mjs - browser/components/moz.build - + browser/components/mullvad-browser/AboutMullvadBrowserChild.sys.mjs - + browser/components/mullvad-browser/AboutMullvadBrowserParent.sys.mjs - + browser/components/mullvad-browser/content/2728-sparkles.svg - + browser/components/mullvad-browser/content/aboutMullvadBrowser.css - + browser/components/mullvad-browser/content/aboutMullvadBrowser.html - + browser/components/mullvad-browser/content/aboutMullvadBrowser.js - + browser/components/mullvad-browser/jar.mn - + browser/components/mullvad-browser/moz.build - browser/components/preferences/home.inc.xhtml - browser/components/preferences/main.js - browser/components/preferences/preferences.xhtml - browser/components/preferences/privacy.inc.xhtml - browser/components/preferences/privacy.js - browser/components/preferences/search.inc.xhtml - + browser/components/search/extensions/brave/favicon.svg - + browser/components/search/extensions/brave/manifest.json - + browser/components/search/extensions/ddg-html/favicon.ico - + browser/components/search/extensions/ddg-html/manifest.json - browser/components/search/extensions/ddg/manifest.json - + browser/components/search/extensions/metager/favicon.ico - + browser/components/search/extensions/metager/manifest.json - + browser/components/search/extensions/mojeek/favicon.ico - + browser/components/search/extensions/mojeek/manifest.json - + browser/components/search/extensions/mullvad-leta/favicon.svg - + browser/components/search/extensions/mullvad-leta/manifest.json - + browser/components/search/extensions/startpage/favicon.png - + browser/components/search/extensions/startpage/manifest.json - browser/components/shell/ShellService.sys.mjs - browser/components/shell/WindowsDefaultBrowser.cpp - browser/components/shell/nsWindowsShellService.cpp - browser/config/mozconfigs/base-browser - + browser/config/mozconfigs/mullvad-browser - browser/installer/package-manifest.in - browser/installer/windows/nsis/updater_append.ini - browser/locales/l10n.toml - browser/modules/HomePage.sys.mjs - browser/moz.build - browser/moz.configure - config/create_rc.py - devtools/client/aboutdebugging/src/actions/runtimes.js - devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js - devtools/client/jar.mn - devtools/client/themes/images/aboutdebugging-firefox-aurora.svg - devtools/client/themes/images/aboutdebugging-firefox-beta.svg - devtools/client/themes/images/aboutdebugging-firefox-logo.svg - devtools/client/themes/images/aboutdebugging-firefox-nightly.svg - devtools/client/themes/images/aboutdebugging-firefox-release.svg - + devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg - docshell/base/nsAboutRedirector.cpp - docshell/build/components.conf - moz.configure - mozconfig-linux-aarch64 - mozconfig-linux-aarch64-dev - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-asan - mozconfig-linux-x86_64-dev - mozconfig-macos - mozconfig-macos-dev - mozconfig-windows-x86_64 - + other-licenses/nsis/Contrib/ApplicationID/Makefile - other-licenses/nsis/Contrib/ApplicationID/Set.cpp - + other-licenses/nsis/Contrib/CityHash/Makefile - toolkit/components/extensions/child/ext-storage.js - toolkit/components/extensions/parent/ext-storage.js - toolkit/components/passwordmgr/LoginHelper.sys.mjs - toolkit/components/search/AppProvidedSearchEngine.sys.mjs - toolkit/components/search/SearchService.sys.mjs - + toolkit/components/search/content/brave.svg - + toolkit/components/search/content/duckduckgo.ico - + toolkit/components/search/content/metager.ico - + toolkit/components/search/content/mojeek.ico - + toolkit/components/search/content/mullvad-leta.svg - + toolkit/components/search/content/mullvadBrowserSearchEngineIcons.json - + toolkit/components/search/content/mullvadBrowserSearchEngines.json - + toolkit/components/search/content/startpage.png - + toolkit/components/search/jar.mn - toolkit/components/search/moz.build - toolkit/components/securitylevel/SecurityLevel.sys.mjs - + toolkit/content/aboutRightsMullvad.xhtml - + toolkit/content/aboutTelemetryMullvad.xhtml - toolkit/content/jar.mn - toolkit/content/widgets/moz-support-link/moz-support-link.mjs - + toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl - toolkit/mozapps/defaultagent/EventLog.h - toolkit/mozapps/defaultagent/SetDefaultBrowser.cpp - toolkit/mozapps/extensions/AddonManager.sys.mjs - toolkit/mozapps/extensions/content/aboutaddons.css - toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs - toolkit/mozapps/extensions/internal/XPIProvider.sys.mjs - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der - toolkit/mozapps/update/updater/release_primary.der - toolkit/mozapps/update/updater/release_secondary.der - + toolkit/themes/shared/icons/mullvadbrowser.png - toolkit/themes/shared/minimal-toolkit.jar.inc.mn - toolkit/xre/nsAppRunner.cpp - tools/lint/fluent-lint/exclusions.yml - widget/windows/WinTaskbar.cpp - widget/windows/moz.build The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/6c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/6c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/torbrowser-launcher][main] 3 commits: feat: move code to setuptools
by asciiwolf (＠asciiwolf) 25 Jul '25

25 Jul '25

asciiwolf pushed to branch main at The Tor Project / Applications / torbrowser-launcher Commits: cb234036 by BTD Master at 2025-07-12T13:43:35+01:00 feat: move code to setuptools - - - - - 9d6e4f65 by BTD Master at 2025-07-12T13:47:47+01:00 feat: add setuptools to dependencies - - - - - ea462818 by asciiwolf at 2025-07-25T20:02:17+00:00 Merge branch 'setuptools-migration' into 'main' Setuptools migration Closes #16 See merge request tpo/applications/torbrowser-launcher!27 - - - - - 4 changed files: - BUILD.md - build_rpm.sh - setup.py - stdeb.cfg Changes: ===================================== BUILD.md ===================================== @@ -12,7 +12,7 @@ Then install dependencies, build a package, and install: ### Debian, Ubuntu, Linux Mint, etc. ```sh -sudo apt install build-essential dh-python python3-all python3-stdeb python3-pyside6.qtcore python3-gpg python3-requests python3-socks python3-packaging gnupg2 tor +sudo apt install build-essential dh-python python3-all python3-stdeb python3-pyside6.qtcore python3-gpg python3-requests python3-setuptools python3-socks python3-packaging gnupg2 tor ./build_deb.sh sudo dpkg -i deb_dist/torbrowser-launcher_*.deb ``` @@ -20,7 +20,7 @@ sudo dpkg -i deb_dist/torbrowser-launcher_*.deb ### Red Hat, Fedora, CentOS, etc. ```sh -sudo dnf install rpm-build python3-pyside6 python3-gpg python3-requests python3-pysocks python3-packaging gnupg2 tor +sudo dnf install rpm-build python3-pyside6 python3-gpg python3-requests python3-setuptools python3-pysocks python3-packaging gnupg2 tor ./build_rpm.sh sudo yum install dist/torbrowser-launcher-*.rpm ``` ===================================== build_rpm.sh ===================================== @@ -6,7 +6,7 @@ VERSION=$(cat share/torbrowser-launcher/version) rm -r build dist # build binary package -python3 setup.py bdist_rpm --requires="python3-pyside6, python3-gpg, python3-requests, python3-pysocks, python3-packaging, gnupg2, dbus-glib" +python3 setup.py bdist_rpm --requires="python3-pyside6, python3-gpg, python3-requests, python3-setuptools, python3-pysocks, python3-packaging, gnupg2, dbus-glib" # install it echo "" ===================================== setup.py ===================================== @@ -31,7 +31,7 @@ import os import sys import distro import subprocess -from distutils.core import setup +from setuptools import setup SHARE = "share" ===================================== stdeb.cfg ===================================== @@ -1,6 +1,6 @@ [DEFAULT] Package3: torbrowser-launcher Depends3: python3-pyside6.qtcore, python3-gpg, python3-requests, python3-socks, python3-packaging, gnupg2 -Build-Depends: dh-python, python3-pyqt5, python3-gpg, python3-requests, python3-socks, python3-packaging, gnupg2 +Build-Depends: dh-python, python3-pyqt5, python3-gpg, python3-requests, python3-setuptools, python3-socks, python3-packaging, gnupg2 Recommends: tor Suite: oracular View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/torbrowser-launcher/-/compar… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.1.0esr-15.0-1] fixup! [android] Disable features and functionality
by Dan Ballard (＠dan) 24 Jul '25

24 Jul '25

Dan Ballard pushed to branch tor-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 5945597f by clairehurst at 2025-07-24T14:16:17-06:00 fixup! [android] Disable features and functionality tor-browser#44036 Crash on opening "Search Settings" on android - - - - - 1 changed file: - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/settings/search/SearchEngineFragment.kt Changes: ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/settings/search/SearchEngineFragment.kt ===================================== @@ -114,11 +114,6 @@ class SearchEngineFragment : PreferenceFragmentCompat() { isChecked = context.settings().shouldShowBookmarkSuggestions } - val showShortcutsSuggestions = - requirePreference<SwitchPreference>(R.string.pref_key_show_shortcuts_suggestions).apply { - isChecked = context.settings().shouldShowShortcutSuggestions - } - // val showSyncedTabsSuggestions = // requirePreference<SwitchPreference>(R.string.pref_key_search_synced_tabs).apply { // isChecked = context.settings().shouldShowSyncedTabsSuggestions @@ -155,7 +150,6 @@ class SearchEngineFragment : PreferenceFragmentCompat() { searchSuggestionsPreference.onPreferenceChangeListener = SharedPreferenceUpdater() showHistorySuggestions.onPreferenceChangeListener = SharedPreferenceUpdater() showBookmarkSuggestions.onPreferenceChangeListener = SharedPreferenceUpdater() - showShortcutsSuggestions.onPreferenceChangeListener = SharedPreferenceUpdater() // showSyncedTabsSuggestions.onPreferenceChangeListener = SharedPreferenceUpdater() showClipboardSuggestions.onPreferenceChangeListener = SharedPreferenceUpdater() searchSuggestionsInPrivatePreference.onPreferenceChangeListener = SharedPreferenceUpdater() View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5945597… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5945597… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.1.0esr-15.0-1] fixup! [android] Disable features and functionality
by Dan Ballard (＠dan) 24 Jul '25

24 Jul '25

Dan Ballard pushed to branch tor-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: dfd31189 by clairehurst at 2025-07-24T12:12:04-06:00 fixup! [android] Disable features and functionality tor-browser#44029 Search/url bar doesn't work on android after ESR 140 - - - - - 1 changed file: - mobile/android/android-components/components/feature/search/src/main/java/mozilla/components/feature/search/middleware/SearchMiddleware.kt Changes: ===================================== mobile/android/android-components/components/feature/search/src/main/java/mozilla/components/feature/search/middleware/SearchMiddleware.kt ===================================== @@ -79,10 +79,7 @@ class SearchMiddleware( ) private val client: RemoteSettingsClient? = searchEngineSelectorConfig?.service?.remoteSettingsService?.makeClient(SEARCH_CONFIG_ICONS_COLLECTION_NAME) - private val searchEngineSelectorRepository: SearchEngineRepository? = - searchEngineSelectorConfig?.let { - SearchEngineSelectorRepository(it, defaultSearchEngineIcon, client) - } + private val searchEngineSelectorRepository: SearchEngineRepository? = null // needs to always be null so that the regionBundle isn't populated with empty RemoteSettings and instead defaults to what we need override fun invoke( context: MiddlewareContext<BrowserState, BrowserAction>, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dfd3118… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/dfd3118… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.1.0esr-15.0-1] fixup! [android] Disable features and functionality
by Dan Ballard (＠dan) 24 Jul '25

24 Jul '25

Dan Ballard pushed to branch tor-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: aa5a6cfa by clairehurst at 2025-07-24T10:47:21-06:00 fixup! [android] Disable features and functionality tor-browser#43977 Crash on debug launch - - - - - 1 changed file: - mobile/android/android-components/components/support/remotesettings/src/main/java/mozilla/components/support/remotesettings/RemoteSettingsService.kt Changes: ===================================== mobile/android/android-components/components/support/remotesettings/src/main/java/mozilla/components/support/remotesettings/RemoteSettingsService.kt ===================================== @@ -27,9 +27,7 @@ class RemoteSettingsService( isLargeScreenSize: Boolean = false, ) { val remoteSettingsService: RemoteSettingsService by lazy { - val appContext = generateAppContext(context, channel, isLargeScreenSize) - val databasePath = context.getDir("remote-settings", Context.MODE_PRIVATE).absolutePath - RemoteSettingsService(databasePath, RemoteSettingsConfig2(server = server, appContext = appContext)) + RemoteSettingsService() /* no-op */ } } View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/aa5a6cf… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/aa5a6cf… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.5] Bug 41515: Bump version of Conjure to 14e660f0a64b
by morgan (＠morgan) 24 Jul '25

24 Jul '25

morgan pushed to branch maint-14.5 at The Tor Project / Applications / tor-browser-build Commits: 354d55c3 by Cecylia Bocovich at 2025-07-24T11:08:02+00:00 Bug 41515: Bump version of Conjure to 14e660f0a64b - - - - - 1 changed file: - projects/conjure/config Changes: ===================================== projects/conjure/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… -git_hash: 505cb48152e89e12a608ec6a0101af8a2d266fb1 +git_hash: 14e660f0a64bcbb2b55f01f69c1aafdfd5a6dcfa container: use_container: 1 @@ -19,7 +19,7 @@ steps: pkg_type: go_vendor project: conjure norec: - sha256sum: 8f33624ebabec17e09d9aeae8eb0bfc08b78b6089986f3fe9b7fde03a692a22b + sha256sum: d43631d17d8b6f78152bb4341f867bb22ad4444fec5573be1d34dac968202cda target_replace: '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' # https://github.com/refraction-networking/conjure/pull/267 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41515: Bump version of Conjure to 14e660f0a64b
by morgan (＠morgan) 24 Jul '25

24 Jul '25

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 617a1477 by Cecylia Bocovich at 2025-07-22T16:45:58+00:00 Bug 41515: Bump version of Conjure to 14e660f0a64b - - - - - 1 changed file: - projects/conjure/config Changes: ===================================== projects/conjure/config ===================================== @@ -1,7 +1,7 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' git_url: https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/conj… -git_hash: 505cb48152e89e12a608ec6a0101af8a2d266fb1 +git_hash: 14e660f0a64bcbb2b55f01f69c1aafdfd5a6dcfa container: use_container: 1 @@ -19,7 +19,7 @@ steps: pkg_type: go_vendor project: conjure norec: - sha256sum: 8f33624ebabec17e09d9aeae8eb0bfc08b78b6089986f3fe9b7fde03a692a22b + sha256sum: d43631d17d8b6f78152bb4341f867bb22ad4444fec5573be1d34dac968202cda target_replace: '^torbrowser-(?!testbuild).*': 'torbrowser-linux-x86_64' # https://github.com/refraction-networking/conjure/pull/267 View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag base-browser-140.1.0esr-15.0-1-build2
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed new tag base-browser-140.1.0esr-15.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/base-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag base-browser-140.1.0esr-15.0-1-build1
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed new tag base-browser-140.1.0esr-15.0-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/base-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-140.1.0esr-15.0-1
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed new branch mullvad-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.1.0esr-15.0-1-build2
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed new tag tor-browser-140.1.0esr-15.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.1.0esr-15.0-1] 11 commits: Bug 1961829 - Only color HTTP(S) URIs and fallback to coloring the host in...
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed to branch tor-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 421e0a1f by Michel Le Bihan at 2025-07-24T08:15:34+02:00 Bug 1961829 - Only color HTTP(S) URIs and fallback to coloring the host in Android toolbar URLRenderer. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D248132 - - - - - 116d90bb by Michel Le Bihan at 2025-07-24T08:15:36+02:00 Bug 1961757 - Set text direction in Android toolbar instead of adding directional marks. r=tthibaud,android-reviewers,petru Differential Revision: https://phabricator.services.mozilla.com/D246181 - - - - - 52e6b98a by Michel Le Bihan at 2025-07-24T08:15:37+02:00 Bug 1812898 - Part 1: Add domain alignment in Android toolbar component. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D244508 - - - - - 84b3a932 by Michel Le Bihan at 2025-07-24T08:15:39+02:00 Bug 1812898 - Part 2: Enable domain highlighting in Fenix toolbar. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D244509 - - - - - f0723224 by mimi89999 at 2025-07-24T08:15:41+02:00 Bug 1964251 - Replace logic of RegistrableDomain renderStyle in Android toolbar component. r=android-reviewers,petru Differential Revision: https://phabricator.services.mozilla.com/D251501 - - - - - 52cd8fb2 by Michel Le Bihan at 2025-07-24T08:15:42+02:00 Bug 1969937 - Add handling of blob URIs in Android toolbar URLRenderer. r=petru,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D252879 - - - - - aeb2a384 by Cathy Lu at 2025-07-24T08:15:44+02:00 Bug 1791322 - iframe sandbox wpt tests modified with delay r=nika Differential Revision: https://phabricator.services.mozilla.com/D253052 - - - - - b2e55448 by Cathy Lu at 2025-07-24T08:15:45+02:00 Bug 1791322 - GeckoView should call classifyDownloads to sandbox downloads r=geckoview-reviewers,nika Differential Revision: https://phabricator.services.mozilla.com/D249683 - - - - - a6c81f5b by Andreas Pehrson at 2025-07-24T08:15:47+02:00 Bug 1971116 - For global mute events, iterate on copies of containers. r=dbaker Mute/unmute events are fired synchronously to content, which if it stops an (event target) track in the event handler, may call back into and mutate the containers we're iterating over. Differential Revision: https://phabricator.services.mozilla.com/D254352 - - - - - 1684fbd9 by Tom Schuster at 2025-07-24T08:15:48+02:00 Bug 1971704 - Cleanup nsContentSecurityUtils::ClassifyDownload. r=smaug Differential Revision: https://phabricator.services.mozilla.com/D253491 - - - - - 22375264 by Pier Angelo Vendrame at 2025-07-24T08:15:50+02:00 Bug 1972282 - Check for spoof English in xsl:sort. r=smaug Differential Revision: https://phabricator.services.mozilla.com/D254784 - - - - - 20 changed files: - dom/media/MediaManager.cpp - dom/security/nsContentSecurityUtils.cpp - dom/security/nsContentSecurityUtils.h - dom/xslt/xpath/txXPathNode.h - dom/xslt/xslt/txNodeSorter.cpp - mobile/android/android-components/components/browser/toolbar/src/main/java/mozilla/components/browser/toolbar/display/OriginView.kt - + mobile/android/android-components/components/browser/toolbar/src/test/java/mozilla/components/browser/toolbar/display/OriginViewTest.kt - mobile/android/android-components/components/concept/toolbar/src/main/java/mozilla/components/concept/toolbar/Toolbar.kt - mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/ToolbarFeature.kt - mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/internal/URLRenderer.kt - mobile/android/android-components/components/feature/toolbar/src/test/java/mozilla/components/feature/toolbar/internal/URLRendererTest.kt - mobile/android/android-components/components/support/utils/src/main/java/mozilla/components/support/ktx/util/URLStringUtils.kt - mobile/android/android-components/components/support/utils/src/test/java/mozilla/components/support/utils/URLStringUtilsTest.kt - mobile/android/components/geckoview/GeckoViewStreamListener.cpp - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/ToolbarIntegration.kt - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.tentative.html.ini - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_window_open_download_block_downloads.tentative.html.ini - testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/support/iframe_sandbox_download_helper.js - uriloader/exthandler/nsExternalHelperAppService.cpp Changes: ===================================== dom/media/MediaManager.cpp ===================================== @@ -3568,7 +3568,9 @@ void MediaManager::OnCameraMute(bool aMute) { mCamerasMuted = aMute; // This is safe since we're on main-thread, and the windowlist can only // be added to from the main-thread - for (const auto& window : mActiveWindows.Values()) { + for (const auto& window : + ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>( + mActiveWindows.Values())) { window->MuteOrUnmuteCameras(aMute); } } @@ -3579,7 +3581,9 @@ void MediaManager::OnMicrophoneMute(bool aMute) { mMicrophonesMuted = aMute; // This is safe since we're on main-thread, and the windowlist can only // be added to from the main-thread - for (const auto& window : mActiveWindows.Values()) { + for (const auto& window : + ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>( + mActiveWindows.Values())) { window->MuteOrUnmuteMicrophones(aMute); } } @@ -4767,7 +4771,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteCameras(bool aMute) { } mCamerasAreMuted = aMute; - for (auto& l : mActiveListeners) { + for (auto& l : mActiveListeners.Clone()) { if (l->GetDevice()->Kind() == MediaDeviceKind::Videoinput) { l->MuteOrUnmuteCamera(aMute); } @@ -4782,7 +4786,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteMicrophones(bool aMute) { } mMicrophonesAreMuted = aMute; - for (auto& l : mActiveListeners) { + for (auto& l : mActiveListeners.Clone()) { if (l->GetDevice()->Kind() == MediaDeviceKind::Audioinput) { l->MuteOrUnmuteMicrophone(aMute); } ===================================== dom/security/nsContentSecurityUtils.cpp ===================================== @@ -2209,11 +2209,17 @@ void nsContentSecurityUtils::LogMessageToConsole(nsIHttpChannel* aChannel, } /* static */ -long nsContentSecurityUtils::ClassifyDownload( - nsIChannel* aChannel, const nsAutoCString& aMimeTypeGuess) { +long nsContentSecurityUtils::ClassifyDownload(nsIChannel* aChannel) { MOZ_ASSERT(aChannel, "IsDownloadAllowed without channel?"); nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo(); + if ((loadInfo->GetTriggeringSandboxFlags() & SANDBOXED_ALLOW_DOWNLOADS) || + (loadInfo->GetSandboxFlags() & SANDBOXED_ALLOW_DOWNLOADS)) { + if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel)) { + LogMessageToConsole(httpChannel, "IframeSandboxBlockedDownload"); + } + return nsITransfer::DOWNLOAD_FORBIDDEN; + } nsCOMPtr<nsIURI> contentLocation; aChannel->GetURI(getter_AddRefs(contentLocation)); @@ -2246,27 +2252,11 @@ long nsContentSecurityUtils::ClassifyDownload( if (StaticPrefs::dom_block_download_insecure() && decission != nsIContentPolicy::ACCEPT) { - nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); - if (httpChannel) { + if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel)) { LogMessageToConsole(httpChannel, "MixedContentBlockedDownload"); } return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE; } - if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) { - return nsITransfer::DOWNLOAD_ACCEPTABLE; - } - - uint32_t triggeringFlags = loadInfo->GetTriggeringSandboxFlags(); - uint32_t currentflags = loadInfo->GetSandboxFlags(); - - if ((triggeringFlags & SANDBOXED_ALLOW_DOWNLOADS) || - (currentflags & SANDBOXED_ALLOW_DOWNLOADS)) { - nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); - if (httpChannel) { - LogMessageToConsole(httpChannel, "IframeSandboxBlockedDownload"); - } - return nsITransfer::DOWNLOAD_FORBIDDEN; - } return nsITransfer::DOWNLOAD_ACCEPTABLE; } ===================================== dom/security/nsContentSecurityUtils.h ===================================== @@ -74,8 +74,7 @@ class nsContentSecurityUtils { const mozilla::dom::Element& aElement); // Helper function to Check if a Download is allowed; - static long ClassifyDownload(nsIChannel* aChannel, - const nsAutoCString& aMimeTypeGuess); + static long ClassifyDownload(nsIChannel* aChannel); // Public only for testing static FilenameTypeAndDetails FilenameToFilenameType( ===================================== dom/xslt/xpath/txXPathNode.h ===================================== @@ -66,6 +66,8 @@ class txXPathNode { bool operator!=(const txXPathNode& aNode) const { return !(*this == aNode); } ~txXPathNode() { MOZ_COUNT_DTOR(txXPathNode); } + mozilla::dom::Document* OwnerDoc() const { return mNode->OwnerDoc(); } + private: friend class txXPathNativeNode; friend class txXPathNodeUtils; ===================================== dom/xslt/xslt/txNodeSorter.cpp ===================================== @@ -13,10 +13,13 @@ #include "mozilla/CheckedInt.h" #include "mozilla/UniquePtrExtensions.h" +#include "nsRFPService.h" using mozilla::CheckedUint32; using mozilla::MakeUnique; using mozilla::MakeUniqueFallible; +using mozilla::nsRFPService; +using mozilla::RFPTarget; using mozilla::UniquePtr; /* @@ -74,6 +77,10 @@ nsresult txNodeSorter::addSortElement(Expr* aSelectExpr, Expr* aLangExpr, if (aLangExpr) { rv = aLangExpr->evaluateToString(aContext, lang); NS_ENSURE_SUCCESS(rv, rv); + } else if (aContext->getContextNode() + .OwnerDoc() + ->ShouldResistFingerprinting(RFPTarget::JSLocale)) { + CopyUTF8toUTF16(nsRFPService::GetSpoofedJSLocale(), lang); } // Case-order ===================================== mobile/android/android-components/components/browser/toolbar/src/main/java/mozilla/components/browser/toolbar/display/OriginView.kt ===================================== @@ -7,6 +7,7 @@ package mozilla.components.browser.toolbar.display import android.animation.LayoutTransition import android.content.Context import android.graphics.Typeface +import android.text.Spanned import android.util.AttributeSet import android.util.TypedValue import android.view.Gravity @@ -17,6 +18,7 @@ import androidx.annotation.VisibleForTesting import androidx.core.view.isVisible import mozilla.components.browser.toolbar.BrowserToolbar import mozilla.components.browser.toolbar.R +import mozilla.components.concept.toolbar.Toolbar /** * View displaying the URL and optionally the title of a website. @@ -48,6 +50,9 @@ internal class OriginView @JvmOverloads constructor( isClickable = true isFocusable = true + textDirection = View.TEXT_DIRECTION_LTR + layoutDirection = View.LAYOUT_DIRECTION_LTR + setOnClickListener { if (onUrlClicked()) { toolbar.editMode() @@ -134,9 +139,50 @@ internal class OriginView @JvmOverloads constructor( titleView.setOnLongClickListener(handler) } + /** + * Scrolls the URL view to ensure the registrable domain is visible. + */ + @VisibleForTesting + internal fun scrollToShowRegistrableDomain() { + val text = urlView.text + + val spans = (text as? Spanned)?.getSpans( + 0, + text.length, + Toolbar.RegistrableDomainColorSpan::class.java, + ) + + if (spans?.size == 1) { + val registrableDomainSpan = (urlView.text as? Spanned)?.getSpans( + 0, + text.length, + Toolbar.RegistrableDomainColorSpan::class.java, + )?.getOrNull(0) + + val valueUntilRegistrableDomainEnd = text.subSequence(0, text.getSpanEnd(registrableDomainSpan)) + + val urlViewWidth = urlView.width + val valueWidth = measureUrlTextWidh(valueUntilRegistrableDomainEnd.toString()) + + if (valueWidth > urlViewWidth) { + urlView.scrollTo((valueWidth - urlViewWidth).toInt(), 0) + return + } + } + + urlView.scrollTo(0, 0) + } + + @VisibleForTesting + internal fun measureUrlTextWidh(text: String) = urlView.paint.measureText(text) + internal var url: CharSequence get() = urlView.text - set(value) { urlView.text = value } + set(value) { + urlView.text = value + + scrollToShowRegistrableDomain() + } /** * Sets the colour of the text to be displayed when the URL of the toolbar is empty. ===================================== mobile/android/android-components/components/browser/toolbar/src/test/java/mozilla/components/browser/toolbar/display/OriginViewTest.kt ===================================== @@ -0,0 +1,109 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +package mozilla.components.browser.toolbar.display + +import android.graphics.Color +import android.text.SpannableStringBuilder +import android.text.SpannableStringBuilder.SPAN_INCLUSIVE_INCLUSIVE +import android.text.style.ForegroundColorSpan +import android.view.View +import androidx.annotation.ColorInt +import androidx.test.ext.junit.runners.AndroidJUnit4 +import mozilla.components.concept.toolbar.Toolbar +import mozilla.components.support.test.any +import mozilla.components.support.test.robolectric.testContext +import org.junit.Assert.assertEquals +import org.junit.Test +import org.junit.runner.RunWith +import org.mockito.Mockito.doReturn +import org.mockito.Mockito.spy + +@RunWith(AndroidJUnit4::class) +class OriginViewTest { + + private fun SpannableStringBuilder.applyUrlColors( + @ColorInt urlColor: Int, + @ColorInt registrableDomainColor: Int, + registrableDomainOrHostSpan: Pair<Int, Int>, + ): SpannableStringBuilder = apply { + setSpan( + ForegroundColorSpan(urlColor), + 0, + length, + SPAN_INCLUSIVE_INCLUSIVE, + ) + + val (start, end) = registrableDomainOrHostSpan + setSpan( + Toolbar.RegistrableDomainColorSpan(registrableDomainColor), + start, + end, + SPAN_INCLUSIVE_INCLUSIVE, + ) + } + + @Test + fun `scrollToShowRegistrableDomain scrolls when domain exceeds width`() { + val view = spy(OriginView(testContext)) + val url = "https://www.really-long-example-domain.com/" + val spannedUrl = SpannableStringBuilder(url).apply { + applyUrlColors( + urlColor = Color.GREEN, + registrableDomainColor = Color.RED, + registrableDomainOrHostSpan = 8 to 42, + ) + } + + // Long domain wouldn't fit in the view + doReturn(500f).`when`(view).measureUrlTextWidh(any()) + view.urlView.layout(0, 0, 200, 100) + + view.url = spannedUrl + + assertEquals(300, view.urlView.scrollX) + } + + @Test + fun `scrollToShowRegistrableDomain does not scroll when domain fits in view`() { + val view = spy(OriginView(testContext)) + val url = "https://mozilla.org/" + val spannedUrl = SpannableStringBuilder(url).apply { + applyUrlColors( + urlColor = Color.GREEN, + registrableDomainColor = Color.RED, + registrableDomainOrHostSpan = 8 to 19, + ) + } + + doReturn(50f).`when`(view).measureUrlTextWidh(any()) + view.urlView.layout(0, 0, 200, 100) + + view.url = spannedUrl + + assertEquals(0, view.urlView.scrollX) + } + + @Test + fun `scrollToShowRegistrableDomain does not scroll when no span exists`() { + val view = OriginView(testContext) + + val spanned = SpannableStringBuilder("nospan.com") // no span set + + view.measure(0, 0) + view.layout(0, 0, 500, 100) + + view.url = spanned + + assertEquals(0, view.urlView.scrollX) + } + + @Test + fun `URL text direction is always LTR`() { + val originView = OriginView(testContext) + originView.url = "ختار.ار/www.mozilla.org/1" + assertEquals(View.TEXT_DIRECTION_LTR, originView.urlView.textDirection) + assertEquals(View.LAYOUT_DIRECTION_LTR, originView.urlView.layoutDirection) + } +} ===================================== mobile/android/android-components/components/concept/toolbar/src/main/java/mozilla/components/concept/toolbar/Toolbar.kt ===================================== @@ -5,11 +5,13 @@ package mozilla.components.concept.toolbar import android.graphics.drawable.Drawable +import android.text.style.ForegroundColorSpan import android.view.View import android.view.View.NO_ID import android.view.ViewGroup import android.widget.ImageButton import android.widget.ImageView +import androidx.annotation.ColorInt import androidx.annotation.ColorRes import androidx.annotation.Dimension import androidx.annotation.Dimension.Companion.DP @@ -549,6 +551,13 @@ interface Toolbar : ScrollableToolbar { */ END, } + + /** + * Registrable domain foreground color span. + * + * This simple class extension is used so that we can filter for it elsewhere. + */ + class RegistrableDomainColorSpan(@ColorInt color: Int) : ForegroundColorSpan(color) } private fun AppCompatImageButton.setTintResource(@ColorRes tintColorResource: Int) { ===================================== mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/ToolbarFeature.kt ===================================== @@ -88,11 +88,13 @@ class ToolbarFeature( ) /** - * Controls how the url should be styled + * Controls how the URL should be styled * * RegistrableDomain: displays only the eTLD+1 (direct subdomain of the public suffix), uncolored - * ColoredUrl: displays the registrableDomain with color and url with another color - * UncoloredUrl: displays the full url, uncolored + * ColoredUrl: displays the full URL with distinct colors for the registrable domain and the rest of the URL. + * Colors the entire hostname if the registrable domain cannot be determined or is an IP address. + * Leaves non http(s) URLs uncolored. + * UncoloredUrl: displays the full URL, uncolored */ sealed class RenderStyle { object RegistrableDomain : RenderStyle() ===================================== mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/internal/URLRenderer.kt ===================================== @@ -18,6 +18,11 @@ import kotlinx.coroutines.channels.trySendBlocking import kotlinx.coroutines.launch import mozilla.components.concept.toolbar.Toolbar import mozilla.components.feature.toolbar.ToolbarFeature +import mozilla.components.lib.publicsuffixlist.PublicSuffixList +import mozilla.components.support.ktx.android.net.isHttpOrHttps +import mozilla.components.support.ktx.kotlin.isIpv4OrIpv6 + +private const val BLOB_URL_PREFIX = "blob:" /** * Asynchronous URL renderer. @@ -73,13 +78,21 @@ internal class URLRenderer( toolbar.url = when (configuration.renderStyle) { // Display only the eTLD+1 (direct subdomain of the public suffix), uncolored ToolbarFeature.RenderStyle.RegistrableDomain -> { - val host = url.toUri().host?.ifEmpty { null } - host?.let { getRegistrableDomain(host, configuration) } ?: url + getRegistrableDomainOrHostSpan(url, configuration.publicSuffixList)?.let { (start, end) -> + url.substring(start, end) + } ?: url } // Display the registrableDomain with color and URL with another color ToolbarFeature.RenderStyle.ColoredUrl -> SpannableStringBuilder(url).apply { - color(configuration.urlColor) - colorRegistrableDomain(configuration) + val span = getRegistrableDomainOrHostSpan(url, configuration.publicSuffixList) + + if (configuration.urlColor != null && span != null) { + applyUrlColors( + configuration.urlColor, + configuration.registrableDomainColor, + span, + ) + } } // Display the full URL, uncolored ToolbarFeature.RenderStyle.UncoloredUrl -> url @@ -87,43 +100,98 @@ internal class URLRenderer( } } -private suspend fun getRegistrableDomain(host: String, configuration: ToolbarFeature.UrlRenderConfiguration) = - configuration.publicSuffixList.getPublicSuffixPlusOne(host).await() +/** + * Determines the position span of the registrable domain within a host string. + * + * @param host The host string to analyze + * @param publicSuffixList The [PublicSuffixList] used to get the eTLD+1 for the host + * @return A Pair of (startIndex, endIndex) for the registrable domain within the host, + * or null if the host is an IP address or no registrable domain could be found + */ +@VisibleForTesting +internal suspend fun getRegistrableDomainSpanInHost( + host: String, + publicSuffixList: PublicSuffixList, +): Pair<Int, Int>? { + if (host.isIpv4OrIpv6()) return null + + val normalizedHost = host.removeSuffix(".") + + val registrableDomain = publicSuffixList + .getPublicSuffixPlusOne(normalizedHost) + .await() ?: return null + + val start = normalizedHost.lastIndexOf(registrableDomain) + return if (start == -1) { + null + } else { + start to start + registrableDomain.length + } +} -private suspend fun SpannableStringBuilder.colorRegistrableDomain( - configuration: ToolbarFeature.UrlRenderConfiguration, -) { - val url = toString() - val host = url.toUri().host?.removeSuffix(".") ?: return - - val registrableDomain = configuration - .publicSuffixList - .getPublicSuffixPlusOne(host) - .await() ?: return - - val indexOfHost = url.indexOf(host) - val indexOfRegistrableDomain = host.lastIndexOf(registrableDomain) - if (indexOfHost == -1 || indexOfRegistrableDomain == -1) { - return +/** + * Determines the position span of either the registrable domain or the full host + * within a URL string. + * + * @param url The complete URL to analyze + * @param publicSuffixList The [PublicSuffixList] used to get the eTLD+1 for the host + * @param allowBlobUnwrapping Whether to allow unwrapping blob URLs + * @return A Pair of (startIndex, endIndex) for either: + * - The registrable domain's position within the URL, or + * - The host's position within the URL if no registrable domain was found, or + * - null if the URL has no host or the host couldn't be located in the URL + */ +@Suppress("ReturnCount") +@VisibleForTesting +internal suspend fun getRegistrableDomainOrHostSpan( + url: String, + publicSuffixList: PublicSuffixList, + allowBlobUnwrapping: Boolean = true, +): Pair<Int, Int>? { + if (url.startsWith(BLOB_URL_PREFIX)) { + if (!allowBlobUnwrapping) return null + + val innerUrl = url.substring(BLOB_URL_PREFIX.length) + return getRegistrableDomainOrHostSpan( + innerUrl, + publicSuffixList, + allowBlobUnwrapping = false, + )?.let { (start, end) -> + BLOB_URL_PREFIX.length + start to BLOB_URL_PREFIX.length + end + } } - val index = indexOfHost + indexOfRegistrableDomain + val uri = url.toUri() + if (!uri.isHttpOrHttps) return null - setSpan( - ForegroundColorSpan(configuration.registrableDomainColor), - index, - index + registrableDomain.length, - SPAN_INCLUSIVE_INCLUSIVE, - ) -} + val host = uri.host ?: return null + + val hostStart = url.indexOf(host) + if (hostStart == -1) return null -private fun SpannableStringBuilder.color(@ColorInt urlColor: Int?) { - urlColor ?: return + val domainSpan = getRegistrableDomainSpanInHost(host, publicSuffixList) + return domainSpan?.let { (start, end) -> + hostStart + start to hostStart + end + } ?: (hostStart to hostStart + host.length) +} +private fun SpannableStringBuilder.applyUrlColors( + @ColorInt urlColor: Int, + @ColorInt registrableDomainColor: Int, + registrableDomainOrHostSpan: Pair<Int, Int>, +): SpannableStringBuilder = apply { setSpan( ForegroundColorSpan(urlColor), 0, length, SPAN_INCLUSIVE_INCLUSIVE, ) + + val (start, end) = registrableDomainOrHostSpan + setSpan( + Toolbar.RegistrableDomainColorSpan(registrableDomainColor), + start, + end, + SPAN_INCLUSIVE_INCLUSIVE, + ) } ===================================== mobile/android/android-components/components/feature/toolbar/src/test/java/mozilla/components/feature/toolbar/internal/URLRendererTest.kt ===================================== @@ -5,8 +5,10 @@ package mozilla.components.feature.toolbar.internal import android.graphics.Color +import android.net.InetAddresses import android.text.SpannableStringBuilder import android.text.style.ForegroundColorSpan +import android.util.Patterns import androidx.test.ext.junit.runners.AndroidJUnit4 import kotlinx.coroutines.Dispatchers import mozilla.components.concept.toolbar.Toolbar @@ -26,8 +28,12 @@ import org.junit.Rule import org.junit.Test import org.junit.runner.RunWith import org.mockito.Mockito.verify +import org.robolectric.annotation.Config +import org.robolectric.annotation.Implementation +import org.robolectric.annotation.Implements @RunWith(AndroidJUnit4::class) +@Config(shadows = [ShadowInetAddresses::class]) class URLRendererTest { @get:Rule @@ -104,10 +110,7 @@ class URLRendererTest { } } - private suspend fun testRenderWithColoredUrl( - testUrl: String, - expectedRegistrableDomainSpan: Pair<Int, Int>, - ) { + private suspend fun getSpannedUrl(testUrl: String): SpannableStringBuilder { val configuration = ToolbarFeature.UrlRenderConfiguration( publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), registrableDomainColor = Color.RED, @@ -124,9 +127,14 @@ class URLRendererTest { val captor = argumentCaptor<CharSequence>() verify(toolbar).url = captor.capture() - assertNotNull(captor.value) - assertTrue(captor.value is SpannableStringBuilder) - val url = captor.value as SpannableStringBuilder + return requireNotNull(captor.value as? SpannableStringBuilder) { "Toolbar URL should not be null" } + } + + private suspend fun testRenderWithColoredUrl( + testUrl: String, + expectedRegistrableDomainSpan: Pair<Int, Int>, + ) { + val url = getSpannedUrl(testUrl) assertEquals(testUrl, url.toString()) @@ -143,8 +151,237 @@ class URLRendererTest { assertEquals(expectedRegistrableDomainSpan.second, url.getSpanEnd(spans[1])) } + private suspend fun testRenderWithUncoloredUrl(testUrl: String) { + val url = getSpannedUrl(testUrl) + + assertEquals(testUrl, url.toString()) + + val spans = url.getSpans(0, url.length, ForegroundColorSpan::class.java) + + assertEquals(0, spans.size) + } + + private suspend fun testRenderWithRegistrableDomain( + testUrl: String, + expectedUrl: String, + ) { + val configuration = ToolbarFeature.UrlRenderConfiguration( + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + registrableDomainColor = Color.RED, + urlColor = Color.GREEN, + renderStyle = ToolbarFeature.RenderStyle.RegistrableDomain, + ) + + val toolbar: Toolbar = mock() + + val renderer = URLRenderer(toolbar, configuration) + + renderer.updateUrl(testUrl) + + val captor = argumentCaptor<CharSequence>() + verify(toolbar).url = captor.capture() + + assertNotNull(captor.value) + assertTrue(captor.value is String) + val url = captor.value as String + + assertEquals(expectedUrl, url) + } + + @Test + fun `GIVEN a simple domain WHEN getting registrable domain span in host THEN span is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "www.mozilla.org", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(4 to 15, domainSpan) + } + } + + @Test + fun `GIVEN a host with a trailing period in the domain WHEN getting registrable domain span in host THEN span is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "www.mozilla.org.", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(4 to 15, domainSpan) + } + } + + @Test + fun `GIVEN a host with a repeated domain WHEN getting registrable domain span in host THEN the span of the last occurrence of domain is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "mozilla.org.mozilla.org", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, domainSpan) + } + } + + @Test + fun `GIVEN an IPv4 address as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "127.0.0.1", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN an IPv6 address as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "[::1]", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN a non PSL domain as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "localhost", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN a simple URL WHEN getting registrable domain or host span THEN span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://www.mozilla.org/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, span) + } + } + + @Test + fun `GIVEN a URL with a trailing period in the domain WHEN getting registrable domain or host span THEN span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://www.mozilla.org./", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, span) + } + } + + @Test + fun `GIVEN a URL with a repeated domain WHEN getting registrable domain or host span THEN the span of the last occurrence of domain is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://mozilla.org.mozilla.org/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(20 to 31, span) + } + } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN getting registrable domain or host span THEN the span of the IP part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://127.0.0.1/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 16, span) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN getting registrable domain or host span THEN the span of the IP part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://[::1]/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 12, span) + } + } + @Test - fun `Render with simple URL`() { + fun `GIVEN a URL with a non PSL domain WHEN getting registrable domain or host span THEN the span of the host part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://localhost/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 16, span) + } + } + + @Test + fun `GIVEN an internal page name WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "about:mozilla", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a content URI WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "content://media/external/file/1000000000", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a blob URI WHEN getting registrable domain or host span THEN domain span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "blob:https://www.mozilla.org/69a29afb-938c-4b9e-9fca-b2f79755047a", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(17 to 28, span) + } + } + + @Test + fun `GIVEN a blob URI with duplicated blob prefix WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "blob:blob:https://www.mozilla.org/69a29afb-938c-4b9e-9fca-b2f79755047a", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a simple URL WHEN rendering it THEN registrable domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://www.mozilla.org/", @@ -154,7 +391,7 @@ class URLRendererTest { } @Test - fun `Render with URL containing domain with trailing period`() { + fun `GIVEN a URL with a trailing period in the domain WHEN rendering it THEN registrable domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://www.mozilla.org./", @@ -164,7 +401,7 @@ class URLRendererTest { } @Test - fun `Render with URL containing repeated domain`() { + fun `GIVEN a URL with a repeated domain WHEN rendering it THEN the last occurrence of domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://mozilla.org.mozilla.org/", @@ -172,4 +409,144 @@ class URLRendererTest { ) } } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN rendering it THEN the IP part is colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://127.0.0.1/", + expectedRegistrableDomainSpan = 7 to 16, + ) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN rendering it THEN the IP part is colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://[::1]/", + expectedRegistrableDomainSpan = 7 to 12, + ) + } + } + + @Test + fun `GIVEN a URL with a non PSL domain WHEN rendering it THEN host colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://localhost/", + expectedRegistrableDomainSpan = 7 to 16, + ) + } + } + + @Test + fun `GIVEN an internal page name WHEN rendering it THEN nothing is colored`() { + runTestOnMain { + testRenderWithUncoloredUrl("about:mozilla") + } + } + + @Test + fun `GIVEN a content URI WHEN rendering it THEN nothing is colored`() { + runTestOnMain { + testRenderWithUncoloredUrl("content://media/external/file/1000000000") + } + } + + @Test + fun `GIVEN a simple URL WHEN rendering it THEN registrable domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://www.mozilla.org/", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with a trailing period in the domain WHEN rendering it THEN registrable domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://www.mozilla.org./", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with a repeated domain WHEN rendering it THEN the last occurrence of domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://mozilla.org.mozilla.org/", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN rendering it THEN the IP part is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://127.0.0.1/", + expectedUrl = "127.0.0.1", + ) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN rendering it THEN the IP part is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://[::1]/", + expectedUrl = "[::1]", + ) + } + } + + @Test + fun `GIVEN a URL with a non PSL domain WHEN rendering it THEN host set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://localhost/", + expectedUrl = "localhost", + ) + } + } + + @Test + fun `GIVEN an internal page name WHEN rendering it THEN it is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "about:mozilla", + expectedUrl = "about:mozilla", + ) + } + } + + @Test + fun `GIVEN a content URI WHEN rendering it THEN it is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "content://media/external/file/1000000000", + expectedUrl = "content://media/external/file/1000000000", + ) + } + } +} + +/** + * Robolectric default implementation of [InetAddresses] returns false for any address. + * This shadow is used to override that behavior and return true for any IP address. + */ +@Implements(InetAddresses::class) +class ShadowInetAddresses { + companion object { + @Implementation + @JvmStatic + @Suppress("DEPRECATION") + fun isNumericAddress(address: String): Boolean { + return Patterns.IP_ADDRESS.matcher(address).matches() || address.contains(":") + } + } } ===================================== mobile/android/android-components/components/support/utils/src/main/java/mozilla/components/support/ktx/util/URLStringUtils.kt ===================================== @@ -7,8 +7,6 @@ package mozilla.components.support.ktx.util import android.text.TextUtils import androidx.annotation.VisibleForTesting import androidx.core.net.toUri -import androidx.core.text.TextDirectionHeuristicCompat -import androidx.core.text.TextDirectionHeuristicsCompat import java.util.regex.Pattern object URLStringUtils { @@ -102,25 +100,9 @@ object URLStringUtils { /** * Generates a shorter version of the provided URL for display purposes by stripping it of * https/http and/or WWW prefixes and/or trailing slash when applicable. - * - * The returned text will always be displayed from left to right. - * If the directionality would otherwise be RTL "\u200E" will be prepended to the result to force LTR. */ - fun toDisplayUrl( - originalUrl: CharSequence, - textDirectionHeuristic: TextDirectionHeuristicCompat = TextDirectionHeuristicsCompat.FIRSTSTRONG_LTR, - ): CharSequence { - val strippedText = maybeStripTrailingSlash(maybeStripUrlProtocol(originalUrl)) - - return if ( - strippedText.isNotBlank() && - textDirectionHeuristic.isRtl(strippedText, 0, 1) - ) { - "\u200E" + strippedText - } else { - strippedText - } - } + fun toDisplayUrl(originalUrl: CharSequence): CharSequence = + maybeStripTrailingSlash(maybeStripUrlProtocol(originalUrl)) private fun maybeStripUrlProtocol(url: CharSequence): CharSequence { if (url.startsWith(HTTPS)) { ===================================== mobile/android/android-components/components/support/utils/src/test/java/mozilla/components/support/utils/URLStringUtilsTest.kt ===================================== @@ -16,8 +16,6 @@ import org.junit.Assert.assertTrue import org.junit.Before import org.junit.Test import org.junit.runner.RunWith -import org.mockito.Mockito.spy -import org.mockito.Mockito.verify import kotlin.random.Random @RunWith(AndroidJUnit4::class) @@ -246,20 +244,9 @@ class URLStringUtilsTest { } @Test - fun showDisplayUrlAsLTREvenIfTextStartsWithArabicCharacters() { + fun toDisplayUrlDoesNotAddImplicitDirectionalMarks() { val testDisplayUrl = URLStringUtils.toDisplayUrl("http://ختار.ار/www.mozilla.org/1") - assertEquals("\u200Eختار.ار/www.mozilla.org/1", testDisplayUrl) - } - - @Test - fun toDisplayUrlAlwaysUseATextDirectionHeuristicToDetermineDirectionality() { - val textHeuristic = spy(TestTextDirectionHeuristicCompat()) - - URLStringUtils.toDisplayUrl("http://ختار.ار/www.mozilla.org/1", textHeuristic) - verify(textHeuristic).isRtl("ختار.ار/www.mozilla.org/1", 0, 1) - - URLStringUtils.toDisplayUrl("http://www.mozilla.org/1", textHeuristic) - verify(textHeuristic).isRtl("mozilla.org/1", 0, 1) + assertEquals("ختار.ار/www.mozilla.org/1", testDisplayUrl) } @Test ===================================== mobile/android/components/geckoview/GeckoViewStreamListener.cpp ===================================== @@ -16,6 +16,8 @@ #include "nsIWebProgressListener.h" #include "nsIX509Cert.h" #include "nsPrintfCString.h" +#include "nsContentSecurityUtils.h" +#include "nsITransfer.h" #include "nsNetUtil.h" @@ -85,6 +87,16 @@ GeckoViewStreamListener::OnStartRequest(nsIRequest* aRequest) { return NS_OK; } + nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest); + if (channel) { + int32_t classification = nsContentSecurityUtils::ClassifyDownload(channel); + if (classification == nsITransfer::DOWNLOAD_FORBIDDEN) { + channel->Cancel(NS_ERROR_ABORT); + CompleteWithError(NS_ERROR_ABORT, channel); + return NS_OK; + } + } + // We're expecting data later via OnDataAvailable, so create the stream now. InitializeStreamSupport(aRequest); ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/ToolbarIntegration.kt ===================================== @@ -58,6 +58,7 @@ abstract class ToolbarIntegration( urlRenderConfiguration = ToolbarFeature.UrlRenderConfiguration( context.components.publicSuffixList, context.getColorFromAttr(R.attr.textPrimary), + context.getColorFromAttr(R.attr.textSecondary), renderStyle = renderStyle, ), ) @@ -140,7 +141,7 @@ class DefaultToolbarIntegration( interactor = interactor, customTabId = customTabId, isPrivate = isPrivate, - renderStyle = ToolbarFeature.RenderStyle.UncoloredUrl, + renderStyle = ToolbarFeature.RenderStyle.ColoredUrl, ) { @VisibleForTesting ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.tentative.html.ini ===================================== @@ -6,7 +6,6 @@ if (os == "linux") and not fission and not debug: [PASS, FAIL] if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a download> triggered download in sandbox is blocked before a request is made.] expected: FAIL @@ -15,15 +14,12 @@ expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a target="_blank" > triggered download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a target="_blank" rel="noopener" > triggered download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] - if os == "android": FAIL ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini ===================================== @@ -2,10 +2,8 @@ [Navigation resulted download in sandbox is blocked.] expected: if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [Navigation resulted download in sandbox from <object> is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_window_open_download_block_downloads.tentative.html.ini ===================================== @@ -3,17 +3,15 @@ expected: if (os == "linux") and debug and not fission: [PASS, FAIL] if (os == "linux") and not debug: [PASS, FAIL] - if os == "android": FAIL [window.open(download, "_blank") triggering download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "linux") and not debug: [PASS, FAIL] - if os == "android": FAIL [window.open(download, "_blank", "noopener") triggering download in sandbox is blocked.] expected: if (os == "linux") and debug: PASS if os == "win": PASS - if os == "android": FAIL + if os == "android": PASS [PASS, FAIL] ===================================== testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/support/iframe_sandbox_download_helper.js ===================================== @@ -1,5 +1,5 @@ function StreamDownloadFinishDelay() { - return 1000; + return 2000; } function DownloadVerifyDelay() { ===================================== uriloader/exthandler/nsExternalHelperAppService.cpp ===================================== @@ -1626,8 +1626,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { return NS_OK; } - mDownloadClassification = - nsContentSecurityUtils::ClassifyDownload(aChannel, MIMEType); + mDownloadClassification = nsContentSecurityUtils::ClassifyDownload(aChannel); if (mDownloadClassification == nsITransfer::DOWNLOAD_FORBIDDEN) { // If the download is rated as forbidden, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a672bc… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a672bc… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag base-browser-140.1.0esr-15.0-1-build2
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed new tag base-browser-140.1.0esr-15.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-140.1.0esr-15.0-1] 11 commits: Bug 1961829 - Only color HTTP(S) URIs and fallback to coloring the host in...
by ma1 (＠ma1) 24 Jul '25

24 Jul '25

ma1 pushed to branch base-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 076f29f7 by Michel Le Bihan at 2025-07-24T08:08:48+02:00 Bug 1961829 - Only color HTTP(S) URIs and fallback to coloring the host in Android toolbar URLRenderer. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D248132 - - - - - ea1dd032 by Michel Le Bihan at 2025-07-24T08:08:56+02:00 Bug 1961757 - Set text direction in Android toolbar instead of adding directional marks. r=tthibaud,android-reviewers,petru Differential Revision: https://phabricator.services.mozilla.com/D246181 - - - - - 39979386 by Michel Le Bihan at 2025-07-24T08:08:58+02:00 Bug 1812898 - Part 1: Add domain alignment in Android toolbar component. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D244508 - - - - - c1e7fc82 by Michel Le Bihan at 2025-07-24T08:09:01+02:00 Bug 1812898 - Part 2: Enable domain highlighting in Fenix toolbar. r=tthibaud,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D244509 - - - - - 9e5383b4 by mimi89999 at 2025-07-24T08:09:03+02:00 Bug 1964251 - Replace logic of RegistrableDomain renderStyle in Android toolbar component. r=android-reviewers,petru Differential Revision: https://phabricator.services.mozilla.com/D251501 - - - - - 7ab9ea81 by Michel Le Bihan at 2025-07-24T08:09:05+02:00 Bug 1969937 - Add handling of blob URIs in Android toolbar URLRenderer. r=petru,android-reviewers Differential Revision: https://phabricator.services.mozilla.com/D252879 - - - - - 04c4f093 by Cathy Lu at 2025-07-24T08:09:08+02:00 Bug 1791322 - iframe sandbox wpt tests modified with delay r=nika Differential Revision: https://phabricator.services.mozilla.com/D253052 - - - - - 85f273f4 by Cathy Lu at 2025-07-24T08:09:11+02:00 Bug 1791322 - GeckoView should call classifyDownloads to sandbox downloads r=geckoview-reviewers,nika Differential Revision: https://phabricator.services.mozilla.com/D249683 - - - - - 2d41c7c1 by Andreas Pehrson at 2025-07-24T08:09:13+02:00 Bug 1971116 - For global mute events, iterate on copies of containers. r=dbaker Mute/unmute events are fired synchronously to content, which if it stops an (event target) track in the event handler, may call back into and mutate the containers we're iterating over. Differential Revision: https://phabricator.services.mozilla.com/D254352 - - - - - 817aea0e by Tom Schuster at 2025-07-24T08:09:16+02:00 Bug 1971704 - Cleanup nsContentSecurityUtils::ClassifyDownload. r=smaug Differential Revision: https://phabricator.services.mozilla.com/D253491 - - - - - 6cc06b71 by Pier Angelo Vendrame at 2025-07-24T08:09:18+02:00 Bug 1972282 - Check for spoof English in xsl:sort. r=smaug Differential Revision: https://phabricator.services.mozilla.com/D254784 - - - - - 20 changed files: - dom/media/MediaManager.cpp - dom/security/nsContentSecurityUtils.cpp - dom/security/nsContentSecurityUtils.h - dom/xslt/xpath/txXPathNode.h - dom/xslt/xslt/txNodeSorter.cpp - mobile/android/android-components/components/browser/toolbar/src/main/java/mozilla/components/browser/toolbar/display/OriginView.kt - + mobile/android/android-components/components/browser/toolbar/src/test/java/mozilla/components/browser/toolbar/display/OriginViewTest.kt - mobile/android/android-components/components/concept/toolbar/src/main/java/mozilla/components/concept/toolbar/Toolbar.kt - mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/ToolbarFeature.kt - mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/internal/URLRenderer.kt - mobile/android/android-components/components/feature/toolbar/src/test/java/mozilla/components/feature/toolbar/internal/URLRendererTest.kt - mobile/android/android-components/components/support/utils/src/main/java/mozilla/components/support/ktx/util/URLStringUtils.kt - mobile/android/android-components/components/support/utils/src/test/java/mozilla/components/support/utils/URLStringUtilsTest.kt - mobile/android/components/geckoview/GeckoViewStreamListener.cpp - mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/ToolbarIntegration.kt - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.tentative.html.ini - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini - testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_window_open_download_block_downloads.tentative.html.ini - testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/support/iframe_sandbox_download_helper.js - uriloader/exthandler/nsExternalHelperAppService.cpp Changes: ===================================== dom/media/MediaManager.cpp ===================================== @@ -3568,7 +3568,9 @@ void MediaManager::OnCameraMute(bool aMute) { mCamerasMuted = aMute; // This is safe since we're on main-thread, and the windowlist can only // be added to from the main-thread - for (const auto& window : mActiveWindows.Values()) { + for (const auto& window : + ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>( + mActiveWindows.Values())) { window->MuteOrUnmuteCameras(aMute); } } @@ -3579,7 +3581,9 @@ void MediaManager::OnMicrophoneMute(bool aMute) { mMicrophonesMuted = aMute; // This is safe since we're on main-thread, and the windowlist can only // be added to from the main-thread - for (const auto& window : mActiveWindows.Values()) { + for (const auto& window : + ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>( + mActiveWindows.Values())) { window->MuteOrUnmuteMicrophones(aMute); } } @@ -4767,7 +4771,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteCameras(bool aMute) { } mCamerasAreMuted = aMute; - for (auto& l : mActiveListeners) { + for (auto& l : mActiveListeners.Clone()) { if (l->GetDevice()->Kind() == MediaDeviceKind::Videoinput) { l->MuteOrUnmuteCamera(aMute); } @@ -4782,7 +4786,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteMicrophones(bool aMute) { } mMicrophonesAreMuted = aMute; - for (auto& l : mActiveListeners) { + for (auto& l : mActiveListeners.Clone()) { if (l->GetDevice()->Kind() == MediaDeviceKind::Audioinput) { l->MuteOrUnmuteMicrophone(aMute); } ===================================== dom/security/nsContentSecurityUtils.cpp ===================================== @@ -2206,11 +2206,17 @@ void nsContentSecurityUtils::LogMessageToConsole(nsIHttpChannel* aChannel, } /* static */ -long nsContentSecurityUtils::ClassifyDownload( - nsIChannel* aChannel, const nsAutoCString& aMimeTypeGuess) { +long nsContentSecurityUtils::ClassifyDownload(nsIChannel* aChannel) { MOZ_ASSERT(aChannel, "IsDownloadAllowed without channel?"); nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo(); + if ((loadInfo->GetTriggeringSandboxFlags() & SANDBOXED_ALLOW_DOWNLOADS) || + (loadInfo->GetSandboxFlags() & SANDBOXED_ALLOW_DOWNLOADS)) { + if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel)) { + LogMessageToConsole(httpChannel, "IframeSandboxBlockedDownload"); + } + return nsITransfer::DOWNLOAD_FORBIDDEN; + } nsCOMPtr<nsIURI> contentLocation; aChannel->GetURI(getter_AddRefs(contentLocation)); @@ -2243,27 +2249,11 @@ long nsContentSecurityUtils::ClassifyDownload( if (StaticPrefs::dom_block_download_insecure() && decission != nsIContentPolicy::ACCEPT) { - nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); - if (httpChannel) { + if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel)) { LogMessageToConsole(httpChannel, "MixedContentBlockedDownload"); } return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE; } - if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) { - return nsITransfer::DOWNLOAD_ACCEPTABLE; - } - - uint32_t triggeringFlags = loadInfo->GetTriggeringSandboxFlags(); - uint32_t currentflags = loadInfo->GetSandboxFlags(); - - if ((triggeringFlags & SANDBOXED_ALLOW_DOWNLOADS) || - (currentflags & SANDBOXED_ALLOW_DOWNLOADS)) { - nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); - if (httpChannel) { - LogMessageToConsole(httpChannel, "IframeSandboxBlockedDownload"); - } - return nsITransfer::DOWNLOAD_FORBIDDEN; - } return nsITransfer::DOWNLOAD_ACCEPTABLE; } ===================================== dom/security/nsContentSecurityUtils.h ===================================== @@ -74,8 +74,7 @@ class nsContentSecurityUtils { const mozilla::dom::Element& aElement); // Helper function to Check if a Download is allowed; - static long ClassifyDownload(nsIChannel* aChannel, - const nsAutoCString& aMimeTypeGuess); + static long ClassifyDownload(nsIChannel* aChannel); // Public only for testing static FilenameTypeAndDetails FilenameToFilenameType( ===================================== dom/xslt/xpath/txXPathNode.h ===================================== @@ -66,6 +66,8 @@ class txXPathNode { bool operator!=(const txXPathNode& aNode) const { return !(*this == aNode); } ~txXPathNode() { MOZ_COUNT_DTOR(txXPathNode); } + mozilla::dom::Document* OwnerDoc() const { return mNode->OwnerDoc(); } + private: friend class txXPathNativeNode; friend class txXPathNodeUtils; ===================================== dom/xslt/xslt/txNodeSorter.cpp ===================================== @@ -13,10 +13,13 @@ #include "mozilla/CheckedInt.h" #include "mozilla/UniquePtrExtensions.h" +#include "nsRFPService.h" using mozilla::CheckedUint32; using mozilla::MakeUnique; using mozilla::MakeUniqueFallible; +using mozilla::nsRFPService; +using mozilla::RFPTarget; using mozilla::UniquePtr; /* @@ -74,6 +77,10 @@ nsresult txNodeSorter::addSortElement(Expr* aSelectExpr, Expr* aLangExpr, if (aLangExpr) { rv = aLangExpr->evaluateToString(aContext, lang); NS_ENSURE_SUCCESS(rv, rv); + } else if (aContext->getContextNode() + .OwnerDoc() + ->ShouldResistFingerprinting(RFPTarget::JSLocale)) { + CopyUTF8toUTF16(nsRFPService::GetSpoofedJSLocale(), lang); } // Case-order ===================================== mobile/android/android-components/components/browser/toolbar/src/main/java/mozilla/components/browser/toolbar/display/OriginView.kt ===================================== @@ -7,6 +7,7 @@ package mozilla.components.browser.toolbar.display import android.animation.LayoutTransition import android.content.Context import android.graphics.Typeface +import android.text.Spanned import android.util.AttributeSet import android.util.TypedValue import android.view.Gravity @@ -17,6 +18,7 @@ import androidx.annotation.VisibleForTesting import androidx.core.view.isVisible import mozilla.components.browser.toolbar.BrowserToolbar import mozilla.components.browser.toolbar.R +import mozilla.components.concept.toolbar.Toolbar /** * View displaying the URL and optionally the title of a website. @@ -48,6 +50,9 @@ internal class OriginView @JvmOverloads constructor( isClickable = true isFocusable = true + textDirection = View.TEXT_DIRECTION_LTR + layoutDirection = View.LAYOUT_DIRECTION_LTR + setOnClickListener { if (onUrlClicked()) { toolbar.editMode() @@ -134,9 +139,50 @@ internal class OriginView @JvmOverloads constructor( titleView.setOnLongClickListener(handler) } + /** + * Scrolls the URL view to ensure the registrable domain is visible. + */ + @VisibleForTesting + internal fun scrollToShowRegistrableDomain() { + val text = urlView.text + + val spans = (text as? Spanned)?.getSpans( + 0, + text.length, + Toolbar.RegistrableDomainColorSpan::class.java, + ) + + if (spans?.size == 1) { + val registrableDomainSpan = (urlView.text as? Spanned)?.getSpans( + 0, + text.length, + Toolbar.RegistrableDomainColorSpan::class.java, + )?.getOrNull(0) + + val valueUntilRegistrableDomainEnd = text.subSequence(0, text.getSpanEnd(registrableDomainSpan)) + + val urlViewWidth = urlView.width + val valueWidth = measureUrlTextWidh(valueUntilRegistrableDomainEnd.toString()) + + if (valueWidth > urlViewWidth) { + urlView.scrollTo((valueWidth - urlViewWidth).toInt(), 0) + return + } + } + + urlView.scrollTo(0, 0) + } + + @VisibleForTesting + internal fun measureUrlTextWidh(text: String) = urlView.paint.measureText(text) + internal var url: CharSequence get() = urlView.text - set(value) { urlView.text = value } + set(value) { + urlView.text = value + + scrollToShowRegistrableDomain() + } /** * Sets the colour of the text to be displayed when the URL of the toolbar is empty. ===================================== mobile/android/android-components/components/browser/toolbar/src/test/java/mozilla/components/browser/toolbar/display/OriginViewTest.kt ===================================== @@ -0,0 +1,109 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +package mozilla.components.browser.toolbar.display + +import android.graphics.Color +import android.text.SpannableStringBuilder +import android.text.SpannableStringBuilder.SPAN_INCLUSIVE_INCLUSIVE +import android.text.style.ForegroundColorSpan +import android.view.View +import androidx.annotation.ColorInt +import androidx.test.ext.junit.runners.AndroidJUnit4 +import mozilla.components.concept.toolbar.Toolbar +import mozilla.components.support.test.any +import mozilla.components.support.test.robolectric.testContext +import org.junit.Assert.assertEquals +import org.junit.Test +import org.junit.runner.RunWith +import org.mockito.Mockito.doReturn +import org.mockito.Mockito.spy + +@RunWith(AndroidJUnit4::class) +class OriginViewTest { + + private fun SpannableStringBuilder.applyUrlColors( + @ColorInt urlColor: Int, + @ColorInt registrableDomainColor: Int, + registrableDomainOrHostSpan: Pair<Int, Int>, + ): SpannableStringBuilder = apply { + setSpan( + ForegroundColorSpan(urlColor), + 0, + length, + SPAN_INCLUSIVE_INCLUSIVE, + ) + + val (start, end) = registrableDomainOrHostSpan + setSpan( + Toolbar.RegistrableDomainColorSpan(registrableDomainColor), + start, + end, + SPAN_INCLUSIVE_INCLUSIVE, + ) + } + + @Test + fun `scrollToShowRegistrableDomain scrolls when domain exceeds width`() { + val view = spy(OriginView(testContext)) + val url = "https://www.really-long-example-domain.com/" + val spannedUrl = SpannableStringBuilder(url).apply { + applyUrlColors( + urlColor = Color.GREEN, + registrableDomainColor = Color.RED, + registrableDomainOrHostSpan = 8 to 42, + ) + } + + // Long domain wouldn't fit in the view + doReturn(500f).`when`(view).measureUrlTextWidh(any()) + view.urlView.layout(0, 0, 200, 100) + + view.url = spannedUrl + + assertEquals(300, view.urlView.scrollX) + } + + @Test + fun `scrollToShowRegistrableDomain does not scroll when domain fits in view`() { + val view = spy(OriginView(testContext)) + val url = "https://mozilla.org/" + val spannedUrl = SpannableStringBuilder(url).apply { + applyUrlColors( + urlColor = Color.GREEN, + registrableDomainColor = Color.RED, + registrableDomainOrHostSpan = 8 to 19, + ) + } + + doReturn(50f).`when`(view).measureUrlTextWidh(any()) + view.urlView.layout(0, 0, 200, 100) + + view.url = spannedUrl + + assertEquals(0, view.urlView.scrollX) + } + + @Test + fun `scrollToShowRegistrableDomain does not scroll when no span exists`() { + val view = OriginView(testContext) + + val spanned = SpannableStringBuilder("nospan.com") // no span set + + view.measure(0, 0) + view.layout(0, 0, 500, 100) + + view.url = spanned + + assertEquals(0, view.urlView.scrollX) + } + + @Test + fun `URL text direction is always LTR`() { + val originView = OriginView(testContext) + originView.url = "ختار.ار/www.mozilla.org/1" + assertEquals(View.TEXT_DIRECTION_LTR, originView.urlView.textDirection) + assertEquals(View.LAYOUT_DIRECTION_LTR, originView.urlView.layoutDirection) + } +} ===================================== mobile/android/android-components/components/concept/toolbar/src/main/java/mozilla/components/concept/toolbar/Toolbar.kt ===================================== @@ -5,11 +5,13 @@ package mozilla.components.concept.toolbar import android.graphics.drawable.Drawable +import android.text.style.ForegroundColorSpan import android.view.View import android.view.View.NO_ID import android.view.ViewGroup import android.widget.ImageButton import android.widget.ImageView +import androidx.annotation.ColorInt import androidx.annotation.ColorRes import androidx.annotation.Dimension import androidx.annotation.Dimension.Companion.DP @@ -548,6 +550,13 @@ interface Toolbar : ScrollableToolbar { */ END, } + + /** + * Registrable domain foreground color span. + * + * This simple class extension is used so that we can filter for it elsewhere. + */ + class RegistrableDomainColorSpan(@ColorInt color: Int) : ForegroundColorSpan(color) } private fun AppCompatImageButton.setTintResource(@ColorRes tintColorResource: Int) { ===================================== mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/ToolbarFeature.kt ===================================== @@ -88,11 +88,13 @@ class ToolbarFeature( ) /** - * Controls how the url should be styled + * Controls how the URL should be styled * * RegistrableDomain: displays only the eTLD+1 (direct subdomain of the public suffix), uncolored - * ColoredUrl: displays the registrableDomain with color and url with another color - * UncoloredUrl: displays the full url, uncolored + * ColoredUrl: displays the full URL with distinct colors for the registrable domain and the rest of the URL. + * Colors the entire hostname if the registrable domain cannot be determined or is an IP address. + * Leaves non http(s) URLs uncolored. + * UncoloredUrl: displays the full URL, uncolored */ sealed class RenderStyle { object RegistrableDomain : RenderStyle() ===================================== mobile/android/android-components/components/feature/toolbar/src/main/java/mozilla/components/feature/toolbar/internal/URLRenderer.kt ===================================== @@ -18,6 +18,11 @@ import kotlinx.coroutines.channels.trySendBlocking import kotlinx.coroutines.launch import mozilla.components.concept.toolbar.Toolbar import mozilla.components.feature.toolbar.ToolbarFeature +import mozilla.components.lib.publicsuffixlist.PublicSuffixList +import mozilla.components.support.ktx.android.net.isHttpOrHttps +import mozilla.components.support.ktx.kotlin.isIpv4OrIpv6 + +private const val BLOB_URL_PREFIX = "blob:" /** * Asynchronous URL renderer. @@ -73,13 +78,21 @@ internal class URLRenderer( toolbar.url = when (configuration.renderStyle) { // Display only the eTLD+1 (direct subdomain of the public suffix), uncolored ToolbarFeature.RenderStyle.RegistrableDomain -> { - val host = url.toUri().host?.ifEmpty { null } - host?.let { getRegistrableDomain(host, configuration) } ?: url + getRegistrableDomainOrHostSpan(url, configuration.publicSuffixList)?.let { (start, end) -> + url.substring(start, end) + } ?: url } // Display the registrableDomain with color and URL with another color ToolbarFeature.RenderStyle.ColoredUrl -> SpannableStringBuilder(url).apply { - color(configuration.urlColor) - colorRegistrableDomain(configuration) + val span = getRegistrableDomainOrHostSpan(url, configuration.publicSuffixList) + + if (configuration.urlColor != null && span != null) { + applyUrlColors( + configuration.urlColor, + configuration.registrableDomainColor, + span, + ) + } } // Display the full URL, uncolored ToolbarFeature.RenderStyle.UncoloredUrl -> url @@ -87,43 +100,98 @@ internal class URLRenderer( } } -private suspend fun getRegistrableDomain(host: String, configuration: ToolbarFeature.UrlRenderConfiguration) = - configuration.publicSuffixList.getPublicSuffixPlusOne(host).await() +/** + * Determines the position span of the registrable domain within a host string. + * + * @param host The host string to analyze + * @param publicSuffixList The [PublicSuffixList] used to get the eTLD+1 for the host + * @return A Pair of (startIndex, endIndex) for the registrable domain within the host, + * or null if the host is an IP address or no registrable domain could be found + */ +@VisibleForTesting +internal suspend fun getRegistrableDomainSpanInHost( + host: String, + publicSuffixList: PublicSuffixList, +): Pair<Int, Int>? { + if (host.isIpv4OrIpv6()) return null + + val normalizedHost = host.removeSuffix(".") + + val registrableDomain = publicSuffixList + .getPublicSuffixPlusOne(normalizedHost) + .await() ?: return null + + val start = normalizedHost.lastIndexOf(registrableDomain) + return if (start == -1) { + null + } else { + start to start + registrableDomain.length + } +} -private suspend fun SpannableStringBuilder.colorRegistrableDomain( - configuration: ToolbarFeature.UrlRenderConfiguration, -) { - val url = toString() - val host = url.toUri().host?.removeSuffix(".") ?: return - - val registrableDomain = configuration - .publicSuffixList - .getPublicSuffixPlusOne(host) - .await() ?: return - - val indexOfHost = url.indexOf(host) - val indexOfRegistrableDomain = host.lastIndexOf(registrableDomain) - if (indexOfHost == -1 || indexOfRegistrableDomain == -1) { - return +/** + * Determines the position span of either the registrable domain or the full host + * within a URL string. + * + * @param url The complete URL to analyze + * @param publicSuffixList The [PublicSuffixList] used to get the eTLD+1 for the host + * @param allowBlobUnwrapping Whether to allow unwrapping blob URLs + * @return A Pair of (startIndex, endIndex) for either: + * - The registrable domain's position within the URL, or + * - The host's position within the URL if no registrable domain was found, or + * - null if the URL has no host or the host couldn't be located in the URL + */ +@Suppress("ReturnCount") +@VisibleForTesting +internal suspend fun getRegistrableDomainOrHostSpan( + url: String, + publicSuffixList: PublicSuffixList, + allowBlobUnwrapping: Boolean = true, +): Pair<Int, Int>? { + if (url.startsWith(BLOB_URL_PREFIX)) { + if (!allowBlobUnwrapping) return null + + val innerUrl = url.substring(BLOB_URL_PREFIX.length) + return getRegistrableDomainOrHostSpan( + innerUrl, + publicSuffixList, + allowBlobUnwrapping = false, + )?.let { (start, end) -> + BLOB_URL_PREFIX.length + start to BLOB_URL_PREFIX.length + end + } } - val index = indexOfHost + indexOfRegistrableDomain + val uri = url.toUri() + if (!uri.isHttpOrHttps) return null - setSpan( - ForegroundColorSpan(configuration.registrableDomainColor), - index, - index + registrableDomain.length, - SPAN_INCLUSIVE_INCLUSIVE, - ) -} + val host = uri.host ?: return null + + val hostStart = url.indexOf(host) + if (hostStart == -1) return null -private fun SpannableStringBuilder.color(@ColorInt urlColor: Int?) { - urlColor ?: return + val domainSpan = getRegistrableDomainSpanInHost(host, publicSuffixList) + return domainSpan?.let { (start, end) -> + hostStart + start to hostStart + end + } ?: (hostStart to hostStart + host.length) +} +private fun SpannableStringBuilder.applyUrlColors( + @ColorInt urlColor: Int, + @ColorInt registrableDomainColor: Int, + registrableDomainOrHostSpan: Pair<Int, Int>, +): SpannableStringBuilder = apply { setSpan( ForegroundColorSpan(urlColor), 0, length, SPAN_INCLUSIVE_INCLUSIVE, ) + + val (start, end) = registrableDomainOrHostSpan + setSpan( + Toolbar.RegistrableDomainColorSpan(registrableDomainColor), + start, + end, + SPAN_INCLUSIVE_INCLUSIVE, + ) } ===================================== mobile/android/android-components/components/feature/toolbar/src/test/java/mozilla/components/feature/toolbar/internal/URLRendererTest.kt ===================================== @@ -5,8 +5,10 @@ package mozilla.components.feature.toolbar.internal import android.graphics.Color +import android.net.InetAddresses import android.text.SpannableStringBuilder import android.text.style.ForegroundColorSpan +import android.util.Patterns import androidx.test.ext.junit.runners.AndroidJUnit4 import kotlinx.coroutines.Dispatchers import mozilla.components.concept.toolbar.Toolbar @@ -26,8 +28,12 @@ import org.junit.Rule import org.junit.Test import org.junit.runner.RunWith import org.mockito.Mockito.verify +import org.robolectric.annotation.Config +import org.robolectric.annotation.Implementation +import org.robolectric.annotation.Implements @RunWith(AndroidJUnit4::class) +@Config(shadows = [ShadowInetAddresses::class]) class URLRendererTest { @get:Rule @@ -104,10 +110,7 @@ class URLRendererTest { } } - private suspend fun testRenderWithColoredUrl( - testUrl: String, - expectedRegistrableDomainSpan: Pair<Int, Int>, - ) { + private suspend fun getSpannedUrl(testUrl: String): SpannableStringBuilder { val configuration = ToolbarFeature.UrlRenderConfiguration( publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), registrableDomainColor = Color.RED, @@ -124,9 +127,14 @@ class URLRendererTest { val captor = argumentCaptor<CharSequence>() verify(toolbar).url = captor.capture() - assertNotNull(captor.value) - assertTrue(captor.value is SpannableStringBuilder) - val url = captor.value as SpannableStringBuilder + return requireNotNull(captor.value as? SpannableStringBuilder) { "Toolbar URL should not be null" } + } + + private suspend fun testRenderWithColoredUrl( + testUrl: String, + expectedRegistrableDomainSpan: Pair<Int, Int>, + ) { + val url = getSpannedUrl(testUrl) assertEquals(testUrl, url.toString()) @@ -143,8 +151,237 @@ class URLRendererTest { assertEquals(expectedRegistrableDomainSpan.second, url.getSpanEnd(spans[1])) } + private suspend fun testRenderWithUncoloredUrl(testUrl: String) { + val url = getSpannedUrl(testUrl) + + assertEquals(testUrl, url.toString()) + + val spans = url.getSpans(0, url.length, ForegroundColorSpan::class.java) + + assertEquals(0, spans.size) + } + + private suspend fun testRenderWithRegistrableDomain( + testUrl: String, + expectedUrl: String, + ) { + val configuration = ToolbarFeature.UrlRenderConfiguration( + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + registrableDomainColor = Color.RED, + urlColor = Color.GREEN, + renderStyle = ToolbarFeature.RenderStyle.RegistrableDomain, + ) + + val toolbar: Toolbar = mock() + + val renderer = URLRenderer(toolbar, configuration) + + renderer.updateUrl(testUrl) + + val captor = argumentCaptor<CharSequence>() + verify(toolbar).url = captor.capture() + + assertNotNull(captor.value) + assertTrue(captor.value is String) + val url = captor.value as String + + assertEquals(expectedUrl, url) + } + + @Test + fun `GIVEN a simple domain WHEN getting registrable domain span in host THEN span is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "www.mozilla.org", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(4 to 15, domainSpan) + } + } + + @Test + fun `GIVEN a host with a trailing period in the domain WHEN getting registrable domain span in host THEN span is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "www.mozilla.org.", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(4 to 15, domainSpan) + } + } + + @Test + fun `GIVEN a host with a repeated domain WHEN getting registrable domain span in host THEN the span of the last occurrence of domain is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "mozilla.org.mozilla.org", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, domainSpan) + } + } + + @Test + fun `GIVEN an IPv4 address as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "127.0.0.1", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN an IPv6 address as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "[::1]", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN a non PSL domain as host WHEN getting registrable domain span in host THEN null is returned`() { + runTestOnMain { + val domainSpan = getRegistrableDomainSpanInHost( + host = "localhost", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(domainSpan) + } + } + + @Test + fun `GIVEN a simple URL WHEN getting registrable domain or host span THEN span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://www.mozilla.org/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, span) + } + } + + @Test + fun `GIVEN a URL with a trailing period in the domain WHEN getting registrable domain or host span THEN span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://www.mozilla.org./", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(12 to 23, span) + } + } + + @Test + fun `GIVEN a URL with a repeated domain WHEN getting registrable domain or host span THEN the span of the last occurrence of domain is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "https://mozilla.org.mozilla.org/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(20 to 31, span) + } + } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN getting registrable domain or host span THEN the span of the IP part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://127.0.0.1/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 16, span) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN getting registrable domain or host span THEN the span of the IP part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://[::1]/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 12, span) + } + } + @Test - fun `Render with simple URL`() { + fun `GIVEN a URL with a non PSL domain WHEN getting registrable domain or host span THEN the span of the host part is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "http://localhost/", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(7 to 16, span) + } + } + + @Test + fun `GIVEN an internal page name WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "about:mozilla", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a content URI WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "content://media/external/file/1000000000", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a blob URI WHEN getting registrable domain or host span THEN domain span is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "blob:https://www.mozilla.org/69a29afb-938c-4b9e-9fca-b2f79755047a", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertEquals(17 to 28, span) + } + } + + @Test + fun `GIVEN a blob URI with duplicated blob prefix WHEN getting registrable domain or host span THEN null is returned`() { + runTestOnMain { + val span = getRegistrableDomainOrHostSpan( + url = "blob:blob:https://www.mozilla.org/69a29afb-938c-4b9e-9fca-b2f79755047a", + publicSuffixList = PublicSuffixList(testContext, Dispatchers.Unconfined), + ) + + assertNull(span) + } + } + + @Test + fun `GIVEN a simple URL WHEN rendering it THEN registrable domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://www.mozilla.org/", @@ -154,7 +391,7 @@ class URLRendererTest { } @Test - fun `Render with URL containing domain with trailing period`() { + fun `GIVEN a URL with a trailing period in the domain WHEN rendering it THEN registrable domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://www.mozilla.org./", @@ -164,7 +401,7 @@ class URLRendererTest { } @Test - fun `Render with URL containing repeated domain`() { + fun `GIVEN a URL with a repeated domain WHEN rendering it THEN the last occurrence of domain is colored`() { runTestOnMain { testRenderWithColoredUrl( testUrl = "https://mozilla.org.mozilla.org/", @@ -172,4 +409,144 @@ class URLRendererTest { ) } } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN rendering it THEN the IP part is colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://127.0.0.1/", + expectedRegistrableDomainSpan = 7 to 16, + ) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN rendering it THEN the IP part is colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://[::1]/", + expectedRegistrableDomainSpan = 7 to 12, + ) + } + } + + @Test + fun `GIVEN a URL with a non PSL domain WHEN rendering it THEN host colored`() { + runTestOnMain { + testRenderWithColoredUrl( + testUrl = "http://localhost/", + expectedRegistrableDomainSpan = 7 to 16, + ) + } + } + + @Test + fun `GIVEN an internal page name WHEN rendering it THEN nothing is colored`() { + runTestOnMain { + testRenderWithUncoloredUrl("about:mozilla") + } + } + + @Test + fun `GIVEN a content URI WHEN rendering it THEN nothing is colored`() { + runTestOnMain { + testRenderWithUncoloredUrl("content://media/external/file/1000000000") + } + } + + @Test + fun `GIVEN a simple URL WHEN rendering it THEN registrable domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://www.mozilla.org/", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with a trailing period in the domain WHEN rendering it THEN registrable domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://www.mozilla.org./", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with a repeated domain WHEN rendering it THEN the last occurrence of domain is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "https://mozilla.org.mozilla.org/", + expectedUrl = "mozilla.org", + ) + } + } + + @Test + fun `GIVEN a URL with an IPv4 address WHEN rendering it THEN the IP part is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://127.0.0.1/", + expectedUrl = "127.0.0.1", + ) + } + } + + @Test + fun `GIVEN a URL with an IPv6 address WHEN rendering it THEN the IP part is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://[::1]/", + expectedUrl = "[::1]", + ) + } + } + + @Test + fun `GIVEN a URL with a non PSL domain WHEN rendering it THEN host set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "http://localhost/", + expectedUrl = "localhost", + ) + } + } + + @Test + fun `GIVEN an internal page name WHEN rendering it THEN it is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "about:mozilla", + expectedUrl = "about:mozilla", + ) + } + } + + @Test + fun `GIVEN a content URI WHEN rendering it THEN it is set`() { + runTestOnMain { + testRenderWithRegistrableDomain( + testUrl = "content://media/external/file/1000000000", + expectedUrl = "content://media/external/file/1000000000", + ) + } + } +} + +/** + * Robolectric default implementation of [InetAddresses] returns false for any address. + * This shadow is used to override that behavior and return true for any IP address. + */ +@Implements(InetAddresses::class) +class ShadowInetAddresses { + companion object { + @Implementation + @JvmStatic + @Suppress("DEPRECATION") + fun isNumericAddress(address: String): Boolean { + return Patterns.IP_ADDRESS.matcher(address).matches() || address.contains(":") + } + } } ===================================== mobile/android/android-components/components/support/utils/src/main/java/mozilla/components/support/ktx/util/URLStringUtils.kt ===================================== @@ -7,8 +7,6 @@ package mozilla.components.support.ktx.util import android.text.TextUtils import androidx.annotation.VisibleForTesting import androidx.core.net.toUri -import androidx.core.text.TextDirectionHeuristicCompat -import androidx.core.text.TextDirectionHeuristicsCompat import java.util.regex.Pattern object URLStringUtils { @@ -102,25 +100,9 @@ object URLStringUtils { /** * Generates a shorter version of the provided URL for display purposes by stripping it of * https/http and/or WWW prefixes and/or trailing slash when applicable. - * - * The returned text will always be displayed from left to right. - * If the directionality would otherwise be RTL "\u200E" will be prepended to the result to force LTR. */ - fun toDisplayUrl( - originalUrl: CharSequence, - textDirectionHeuristic: TextDirectionHeuristicCompat = TextDirectionHeuristicsCompat.FIRSTSTRONG_LTR, - ): CharSequence { - val strippedText = maybeStripTrailingSlash(maybeStripUrlProtocol(originalUrl)) - - return if ( - strippedText.isNotBlank() && - textDirectionHeuristic.isRtl(strippedText, 0, 1) - ) { - "\u200E" + strippedText - } else { - strippedText - } - } + fun toDisplayUrl(originalUrl: CharSequence): CharSequence = + maybeStripTrailingSlash(maybeStripUrlProtocol(originalUrl)) private fun maybeStripUrlProtocol(url: CharSequence): CharSequence { if (url.startsWith(HTTPS)) { ===================================== mobile/android/android-components/components/support/utils/src/test/java/mozilla/components/support/utils/URLStringUtilsTest.kt ===================================== @@ -16,8 +16,6 @@ import org.junit.Assert.assertTrue import org.junit.Before import org.junit.Test import org.junit.runner.RunWith -import org.mockito.Mockito.spy -import org.mockito.Mockito.verify import kotlin.random.Random @RunWith(AndroidJUnit4::class) @@ -246,20 +244,9 @@ class URLStringUtilsTest { } @Test - fun showDisplayUrlAsLTREvenIfTextStartsWithArabicCharacters() { + fun toDisplayUrlDoesNotAddImplicitDirectionalMarks() { val testDisplayUrl = URLStringUtils.toDisplayUrl("http://ختار.ار/www.mozilla.org/1") - assertEquals("\u200Eختار.ار/www.mozilla.org/1", testDisplayUrl) - } - - @Test - fun toDisplayUrlAlwaysUseATextDirectionHeuristicToDetermineDirectionality() { - val textHeuristic = spy(TestTextDirectionHeuristicCompat()) - - URLStringUtils.toDisplayUrl("http://ختار.ار/www.mozilla.org/1", textHeuristic) - verify(textHeuristic).isRtl("ختار.ار/www.mozilla.org/1", 0, 1) - - URLStringUtils.toDisplayUrl("http://www.mozilla.org/1", textHeuristic) - verify(textHeuristic).isRtl("mozilla.org/1", 0, 1) + assertEquals("ختار.ار/www.mozilla.org/1", testDisplayUrl) } @Test ===================================== mobile/android/components/geckoview/GeckoViewStreamListener.cpp ===================================== @@ -16,6 +16,8 @@ #include "nsIWebProgressListener.h" #include "nsIX509Cert.h" #include "nsPrintfCString.h" +#include "nsContentSecurityUtils.h" +#include "nsITransfer.h" #include "nsNetUtil.h" @@ -85,6 +87,16 @@ GeckoViewStreamListener::OnStartRequest(nsIRequest* aRequest) { return NS_OK; } + nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest); + if (channel) { + int32_t classification = nsContentSecurityUtils::ClassifyDownload(channel); + if (classification == nsITransfer::DOWNLOAD_FORBIDDEN) { + channel->Cancel(NS_ERROR_ABORT); + CompleteWithError(NS_ERROR_ABORT, channel); + return NS_OK; + } + } + // We're expecting data later via OnDataAvailable, so create the stream now. InitializeStreamSupport(aRequest); ===================================== mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/toolbar/ToolbarIntegration.kt ===================================== @@ -58,6 +58,7 @@ abstract class ToolbarIntegration( urlRenderConfiguration = ToolbarFeature.UrlRenderConfiguration( context.components.publicSuffixList, context.getColorFromAttr(R.attr.textPrimary), + context.getColorFromAttr(R.attr.textSecondary), renderStyle = renderStyle, ), ) @@ -140,7 +141,7 @@ class DefaultToolbarIntegration( interactor = interactor, customTabId = customTabId, isPrivate = isPrivate, - renderStyle = ToolbarFeature.RenderStyle.UncoloredUrl, + renderStyle = ToolbarFeature.RenderStyle.ColoredUrl, ) { @VisibleForTesting ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_anchor_download_block_downloads.tentative.html.ini ===================================== @@ -6,7 +6,6 @@ if (os == "linux") and not fission and not debug: [PASS, FAIL] if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a download> triggered download in sandbox is blocked before a request is made.] expected: FAIL @@ -15,15 +14,12 @@ expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a target="_blank" > triggered download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [<a target="_blank" rel="noopener" > triggered download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] - if os == "android": FAIL ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative.html.ini ===================================== @@ -2,10 +2,8 @@ [Navigation resulted download in sandbox is blocked.] expected: if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL [Navigation resulted download in sandbox from <object> is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "mac") and not debug: [PASS, FAIL] - if os == "android": FAIL ===================================== testing/web-platform/meta/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_window_open_download_block_downloads.tentative.html.ini ===================================== @@ -3,17 +3,15 @@ expected: if (os == "linux") and debug and not fission: [PASS, FAIL] if (os == "linux") and not debug: [PASS, FAIL] - if os == "android": FAIL [window.open(download, "_blank") triggering download in sandbox is blocked.] expected: if (os == "mac") and debug: [PASS, FAIL] if (os == "linux") and not debug: [PASS, FAIL] - if os == "android": FAIL [window.open(download, "_blank", "noopener") triggering download in sandbox is blocked.] expected: if (os == "linux") and debug: PASS if os == "win": PASS - if os == "android": FAIL + if os == "android": PASS [PASS, FAIL] ===================================== testing/web-platform/tests/html/semantics/embedded-content/the-iframe-element/support/iframe_sandbox_download_helper.js ===================================== @@ -1,5 +1,5 @@ function StreamDownloadFinishDelay() { - return 1000; + return 2000; } function DownloadVerifyDelay() { ===================================== uriloader/exthandler/nsExternalHelperAppService.cpp ===================================== @@ -1626,8 +1626,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { return NS_OK; } - mDownloadClassification = - nsContentSecurityUtils::ClassifyDownload(aChannel, MIMEType); + mDownloadClassification = nsContentSecurityUtils::ClassifyDownload(aChannel); if (mDownloadClassification == nsITransfer::DOWNLOAD_FORBIDDEN) { // If the download is rated as forbidden, View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/12c1cb… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/12c1cb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-140.1.0esr-15.0-1] fixup! TB 41089: Add tor-browser build scripts + Makefile to tor-browser
by clairehurst (＠clairehurst) 23 Jul '25

23 Jul '25

clairehurst pushed to branch tor-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: a672bc1c by clairehurst at 2025-07-23T13:51:52-06:00 fixup! TB 41089: Add tor-browser build scripts + Makefile to tor-browser Bug 43984: Update android build scripts and docs for ESR 140 - - - - - 4 changed files: - tools/geckoview/Makefile - tools/geckoview/android-env-linux-template.sh - tools/geckoview/android-env-macos-template.sh - tools/geckoview/install-fenix.sh Changes: ===================================== tools/geckoview/Makefile ===================================== @@ -41,11 +41,13 @@ env: test -e android-env.sh || { echo "copy android-env-...-template.sh to android-env.sh and edit appropriatly"; exit 1; } install-release: - ./install-fenix.sh $(DEV_ROOT) $(ANDROID_ARCH) release + ./install-fenix.sh $(DEV_ROOT) $(ARCH) $(ANDROID_ARCH) release install-beta: - ./install-fenix.sh $(DEV_ROOT) $(ANDROID_ARCH) beta + ./install-fenix.sh $(DEV_ROOT) $(ARCH) $(ANDROID_ARCH) beta install-nightly: - ./install-fenix.sh $(DEV_ROOT) $(ANDROID_ARCH) nightly + ./install-fenix.sh $(DEV_ROOT) $(ARCH) $(ANDROID_ARCH) nightly +install-debug: + ./install-fenix.sh $(DEV_ROOT) $(ARCH) $(ANDROID_ARCH) debug all: env geckoview fenix-nightly install-nightly all-release: env geckoview fenix-release install-release @@ -56,4 +58,3 @@ jslint: clean: rm -rf $(BUILD_OUTPUT) - ===================================== tools/geckoview/android-env-linux-template.sh ===================================== @@ -1,6 +1,6 @@ -export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 +export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 export ANDROID_HOME=$HOME/.mozbuild/android-sdk-linux/ # or $HOME/Android/Sdk/ # Or .../android-toolchain/android-sdk-linux if you extract android-toolchain from tor-browser-build -export ANDROID_NDK_HOME=$ANDROID_HOME/ndk/r26c/ # for 128esr -export GRADLE_HOME=/FULL/PATH/TO/tor-browser-build/out/gradle/gradle-8.8 # Or the version that we currently use +export ANDROID_NDK_HOME=$HOME/.mozbuild/android-ndk-r28b/ # for 140esr +export GRADLE_HOME=$HOME/.mozbuild/gradle-8.14.3 # not included by default, need to download from https://gradle.org/releases/ and put the extracted directory "gradle-8.14.3" into ~/.mozbuild/ export LOCAL_DEV_BUILD=1 export PATH=/FULL/PATH/TO/tor-browser-build/out/clang/clang-16.x.y-arm/bin/:$PATH # prepend our newly built and assembled clang to the path so it gets used to build geckoview ===================================== tools/geckoview/android-env-macos-template.sh ===================================== @@ -1,8 +1,6 @@ -export JAVA_HOME=/opt/homebrew/opt/openjdk(a)17/libexec/openjdk.jdk/Contents/Home/ # for arm64. Or JAVA_HOME=/usr/local/opt/openjdk(a)17/libexec/openjdk.jdk/Contents/Home/ for x86_64. -export ANDROID_HOME=$HOME/Library/Android/sdk # or $HOME/.mozbuild/android-sdk-macosx/ -export ANDROID_NDK_HOME=$ANDROID_HOME/ndk/26.2.11394342 # will need to download the relevant NDK via android studio (e.g. 26.2.11394342) -GRADLE_DIR=/opt/homebrew/Cellar/gradle # for arm64, or /usr/local/Cellar/gradle for x86_64. Download via homebrew. -GRADLE_VERSION=`ls -1 "$GRADLE_DIR" | sort -hr | head -n 1` # Finds the latest gradle version in the specified GRADLE_DIR -export GRADLE_HOME=$GRADLE_DIR/$GRADLE_VERSION +export JAVA_HOME=/opt/homebrew/opt/openjdk(a)17/libexec/openjdk.jdk/Contents/Home # for arm64. Or JAVA_HOME=/usr/local/opt/openjdk(a)17/libexec/openjdk.jdk/Contents/Home for x86_64. +export ANDROID_HOME=$HOME/.mozbuild/android-sdk-macosx +export ANDROID_NDK_HOME=$HOME/.mozbuild/android-ndk-r28b # for ESR140 +export GRADLE_HOME=$HOME/.mozbuild/gradle-8.14.3 # not included by default, need to download from https://gradle.org/releases/ and put the extracted directory "gradle-8.14.3" into ~/.mozbuild/ export LOCAL_DEV_BUILD=1 -export PATH=$ANDROID_HOME/ndk/26.2.11394342/toolchains/llvm/prebuilt/darwin-x86_64/bin/:$PATH # prepend android studios latest ndk to the path so it's clang gets used to build geckoview. Note that it doesn't need to be the same version as above +export PATH=$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/darwin-x86_64/bin:$PATH # prepend mozbuilds NDK to the PATH so it's clang gets used to build geckoview ===================================== tools/geckoview/install-fenix.sh ===================================== @@ -1,9 +1,16 @@ #!/bin/bash set -e DEV_ROOT=$1 -ANDROID_ARCH=$2 -VARIANT=$3 +ARCH=$2 +ANDROID_ARCH=$3 +VARIANT=$4 cd $DEV_ROOT OBJ_DIR=$(MOZCONFIG=mozconfig-android-$ARCH ./mach environment --format json --verbose | jq -r .topobjdir) -adb install "$OBJ_DIR/gradle/build/mobile/android/fenix/app/outputs/apk/fenix/$VARIANT/app-fenix-$ANDROID_ARCH-nightly-signed.apk" + +if [ $VARIANT == "debug" ] +then + adb install "$OBJ_DIR/gradle/build/mobile/android/fenix/app/outputs/apk/fenix/$VARIANT/app-fenix-$ANDROID_ARCH-$VARIANT.apk" +else + adb install "$OBJ_DIR/gradle/build/mobile/android/fenix/app/outputs/apk/fenix/$VARIANT/app-fenix-$ANDROID_ARCH-$VARIANT-signed.apk" +fi View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a672bc1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a672bc1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-140.1.0esr-15.0-1-build1
by morgan (＠morgan) 23 Jul '25

23 Jul '25

morgan pushed new tag tor-browser-140.1.0esr-15.0-1-build1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new branch base-browser-140.1.0esr-15.0-1
by morgan (＠morgan) 23 Jul '25

23 Jul '25

morgan pushed new branch base-browser-140.1.0esr-15.0-1 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow… You're receiving this email because of your account on gitlab.torproject.org.

1 0