tbb-commits
Threads by month
- ----- 2025 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- 1 participants
- 19540 discussions
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] fixup! Firefox preference overrides.
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
b20e85a3 by cypherpunks1 at 2023-02-09T16:14:47+00:00
fixup! Firefox preference overrides.
Disable toolkit.telemetry.enabled on all builds, set webextensions.storage.sync.enabled to false
(cherry picked from commit ad5720b019191e0911e11e7ea26ff32a0de132de)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -116,7 +116,7 @@ pref("datareporting.healthreport.uploadEnabled", false);
pref("datareporting.policy.dataSubmissionEnabled", false);
// Make sure Unified Telemetry is really disabled, see: #18738.
pref("toolkit.telemetry.unified", false);
-pref("toolkit.telemetry.enabled", false);
+pref("toolkit.telemetry.enabled", false, locked);
pref("toolkit.telemetry.server", "data:,");
pref("toolkit.telemetry.archive.enabled", false);
pref("toolkit.telemetry.updatePing.enabled", false); // Make sure updater telemetry is disabled; see #25909.
@@ -419,6 +419,8 @@ pref("extensions.postDownloadThirdPartyPrompt", false);
// Therefore, do not allow download of additional language packs. They are not a
// privacy/security threat, we are disabling them for UX reasons. See bug 41377.
pref("intl.multilingual.downloadEnabled", false);
+// Disk activity: Disable storage.sync (tor-browser#41424)
+pref("webextensions.storage.sync.enabled", false);
// Toolbar layout
pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}");
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b20e85a…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b20e85a…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] fixup! Bug 40002: Remove about:ion
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
d11828b5 by cypherpunks1 at 2023-02-09T16:14:31+00:00
fixup! Bug 40002: Remove about:ion
Remove this._monitorIonPref() and this._monitorIonStudies() from BrowserGlue
(cherry picked from commit fc08631d08d49082680b7133571b893242a21dd5)
- - - - -
1 changed file:
- browser/components/BrowserGlue.jsm
Changes:
=====================================
browser/components/BrowserGlue.jsm
=====================================
@@ -2321,8 +2321,6 @@ BrowserGlue.prototype = {
this._monitorScreenshotsPref();
this._monitorWebcompatReporterPref();
this._monitorHTTPSOnlyPref();
- this._monitorIonPref();
- this._monitorIonStudies();
this._setupSearchDetection();
this._monitorGPCPref();
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d11828b…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d11828b…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] fixup! Bug 31740: Remove some unnecessary RemoteSettings instances
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
82de2705 by cypherpunks1 at 2023-02-09T16:14:17+00:00
fixup! Bug 31740: Remove some unnecessary RemoteSettings instances
Disable activity stream
(cherry picked from commit 9514e0c69e51e308c7706266d07465e016617b5f)
- - - - -
1 changed file:
- browser/components/BrowserGlue.jsm
Changes:
=====================================
browser/components/BrowserGlue.jsm
=====================================
@@ -22,9 +22,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
ActorManagerParent: "resource://gre/modules/ActorManagerParent.jsm",
AddonManager: "resource://gre/modules/AddonManager.jsm",
AppMenuNotifications: "resource://gre/modules/AppMenuNotifications.jsm",
- ASRouterDefaultConfig:
- "resource://activity-stream/lib/ASRouterDefaultConfig.jsm",
- ASRouterNewTabHook: "resource://activity-stream/lib/ASRouterNewTabHook.jsm",
ASRouter: "resource://activity-stream/lib/ASRouter.jsm",
AsyncShutdown: "resource://gre/modules/AsyncShutdown.jsm",
BackgroundUpdate: "resource://gre/modules/BackgroundUpdate.jsm",
@@ -716,27 +713,6 @@ let JSWINDOWACTORS = {
matches: ["about:studies*"],
},
- ASRouter: {
- parent: {
- moduleURI: "resource:///actors/ASRouterParent.jsm",
- },
- child: {
- moduleURI: "resource:///actors/ASRouterChild.jsm",
- events: {
- // This is added so the actor instantiates immediately and makes
- // methods available to the page js on load.
- DOMDocElementInserted: {},
- },
- },
- matches: [
- "about:home*",
- "about:newtab*",
- "about:welcome*",
- "about:privatebrowsing",
- ],
- remoteTypes: ["privilegedabout"],
- },
-
SwitchDocumentDirection: {
child: {
moduleURI: "resource:///actors/SwitchDocumentDirectionChild.jsm",
@@ -2005,7 +1981,6 @@ BrowserGlue.prototype = {
() => NewTabUtils.uninit(),
() => Normandy.uninit(),
() => RFPHelper.uninit(),
- () => ASRouterNewTabHook.destroy(),
() => UpdateListener.reset(),
];
@@ -2716,12 +2691,6 @@ BrowserGlue.prototype = {
},
},
- {
- task: () => {
- ASRouterNewTabHook.createInstance(ASRouterDefaultConfig());
- },
- },
-
{
condition: AppConstants.MOZ_UPDATE_AGENT,
task: () => {
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/82de270…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/82de270…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.0-1] fixup! Firefox preference overrides.
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
a6402a17 by cypherpunks1 at 2023-02-09T16:03:47+00:00
fixup! Firefox preference overrides.
Bug 41578: Disable and lock Windows SSO
(cherry picked from commit 18dfe4652e9de6b9021802530f899d18a393df12)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -268,7 +268,7 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
// Bug 40463: Disable Windows SSO
-pref("network.http.windows-sso.enabled", false);
+pref("network.http.windows-sso.enabled", false, locked);
// Bug 40383: Disable new PerformanceEventTiming
pref("dom.enable_event_timing", false);
// Disable API for measuring text width and height.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a6402a1…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a6402a1…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] fixup! Firefox preference overrides.
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
801263e6 by cypherpunks1 at 2023-02-09T16:03:28+00:00
fixup! Firefox preference overrides.
Bug 41578: Disable and lock Windows SSO
(cherry picked from commit 18dfe4652e9de6b9021802530f899d18a393df12)
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -268,7 +268,7 @@ pref("network.http.referer.defaultPolicy.pbmode", 2);
pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
// Bug 40463: Disable Windows SSO
-pref("network.http.windows-sso.enabled", false);
+pref("network.http.windows-sso.enabled", false, locked);
// Bug 40383: Disable new PerformanceEventTiming
pref("dom.enable_event_timing", false);
// Disable API for measuring text width and height.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/801263e…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/801263e…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser-build][main] Bug 40773: Copy some documentation files only on Tor Browser
by Pier Angelo Vendrame (@pierov) 09 Feb '23
by Pier Angelo Vendrame (@pierov) 09 Feb '23
09 Feb '23
Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
31439ea7 by Pier Angelo Vendrame at 2023-02-09T15:26:14+01:00
Bug 40773: Copy some documentation files only on Tor Browser
Also, clean up other files that should not be on Privacy Browser, such
as the skeleton of the default profile, which Privacy Browser and Base
Browser do not have.
- - - - -
14 changed files:
- ChangeLog.txt
- + projects/browser/Bundle-Data/Docs-PB/Licenses/uBlockOrigin.txt
- projects/browser/Bundle-Data/Docs/ChangeLog.txt → projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt
- projects/browser/Bundle-Data/Docs/Licenses/Libevent.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Libevent.txt
- projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE
- projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.CC0 → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.CC0
- projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.GO → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.GO
- projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.SNOWFLAKE → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.SNOWFLAKE
- projects/browser/Bundle-Data/Docs/Licenses/Tor-Launcher.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Tor-Launcher.txt
- projects/browser/Bundle-Data/Docs/Licenses/Tor.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Tor.txt
- projects/browser/Bundle-Data/Docs/Licenses/Torbutton.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Torbutton.txt
- − projects/browser/Bundle-Data/Docs/Licenses/HTTPS-Everywhere.txt
- projects/browser/Bundle-Data/Docs/Licenses/NoScript.txt
- projects/browser/build
Changes:
=====================================
ChangeLog.txt
=====================================
@@ -1 +1 @@
-projects/browser/Bundle-Data/Docs/ChangeLog.txt
\ No newline at end of file
+projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt
\ No newline at end of file
=====================================
projects/browser/Bundle-Data/Docs-PB/Licenses/uBlockOrigin.txt
=====================================
@@ -0,0 +1,674 @@
+GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. {http://fsf.org/}
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ {one line to give the program's name and a brief idea of what it does.}
+ Copyright (C) {year} {name of author}
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see {http://www.gnu.org/licenses/}..
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ {{project}} Copyright (C) {{year}} {{fullname}}
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+{http://www.gnu.org/licenses/}.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+{http://www.gnu.org/philosophy/why-not-lgpl.html}.
=====================================
projects/browser/Bundle-Data/Docs/ChangeLog.txt → projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/Libevent.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Libevent.txt
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.CC0 → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.CC0
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.GO → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.GO
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/PluggableTransports/LICENSE.SNOWFLAKE → projects/browser/Bundle-Data/Docs-TBB/Licenses/PluggableTransports/LICENSE.SNOWFLAKE
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/Tor-Launcher.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Tor-Launcher.txt
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/Tor.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Tor.txt
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/Torbutton.txt → projects/browser/Bundle-Data/Docs-TBB/Licenses/Torbutton.txt
=====================================
=====================================
projects/browser/Bundle-Data/Docs/Licenses/HTTPS-Everywhere.txt deleted
=====================================
@@ -1,12 +0,0 @@
-HTTPS Everywhere:
-Copyright © 2010-2018 Electronic Frontier Foundation and others
-Licensed GPL v2+
-
-HTTPS Everywhere Rulesets (src/chrome/content/rules):
-To the extent copyright applies to the rulesets, they can be used according to GPL v2 or later.
-
-Issue Format Bot (utils/issue-format-bot/*):
-Copyright © 2017 AJ Jordan, AGPLv3+
-
-The build system incorporates code from Python 3.6
-Copyright © 2001-2018 Python Software Foundation; All Rights Reserved
=====================================
projects/browser/Bundle-Data/Docs/Licenses/NoScript.txt
=====================================
@@ -1,5 +1,5 @@
NoScript - a Firefox extension for whitelist driven safe JavaScript execution
-Copyright (C) 2005-2020 Giorgio Maone - https://maone.net
+Copyright (C) 2005-2023 Giorgio Maone - https://maone.net
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
=====================================
projects/browser/build
=====================================
@@ -45,10 +45,15 @@ touch "$GENERATEDPREFSPATH"
TORBINPATH=TorBrowser/Tor
TORCONFIGPATH=TorBrowser/Data/Tor
- PROFILEPATH=[% c('var/ProjectName') %]/Data/Browser/profile.default/extensions
- mkdir -p "$TBDIR/$PROFILEPATH"
-
- mkdir -p "$TBDIR/[% c('var/ProjectName') %]/Data/Browser/Caches"
+ [% IF c("var/tor-browser") -%]
+ PROFILEPATH=[% c('var/ProjectName') %]/Data/Browser/profile.default/extensions
+ mkdir -p "$TBDIR/$PROFILEPATH"
+ [% END -%]
+ [% IF !c("var/privacy-browser") -%]
+ # For Privacy Browser, we keep the data directory at the same level of
+ # Browser, instead of creating a Data directory with the program files.
+ mkdir -p "$TBDIR/[% c('var/ProjectName') %]/Data/Browser/Caches"
+ [% END -%]
[% END %]
for tbdir in "${TBDIRS[@]}"
@@ -102,7 +107,7 @@ mv [% c('input_files_by_name/noscript') %] "$TBDIR/$EXTSPATH/{73a6fe31-595d-460b
# Move READMEs from tor-expert-bundle to the doc dir
mkdir -p "$TBDIR/$DOCSPATH/snowflake" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/snowflake"[% END %]
-
+
mkdir -p "$TBDIR/$DOCSPATH/webtunnel" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/webtunnel"[% END %]
mkdir -p "$TBDIR/$DOCSPATH/conjure" [% IF c("var/macos_universal") %]"$TBDIR_AARCH64/$DOCSPATH/conjure"[% END %]
mv_tbdir tor/pluggable_transports/README.SNOWFLAKE.md "$DOCSPATH/snowflake/README.md"
@@ -217,9 +222,12 @@ do
mkdir -p "$tbdir/$DOCSPATH"
cp -a Bundle-Data/Docs/* "$tbdir/$DOCSPATH"
[% IF c("var/tor-browser") -%]
+ cp -a Bundle-Data/Docs-TBB/* "$tbdir/$DOCSPATH"
tar -C Bundle-Data/[% bundledata_osname %] \
[% IF ! c("var/namecoin") %]--exclude=*Electrum-NMC* --exclude=*ncprop279*[% END %] \
-c . | tar -C "$tbdir[% IF ! c("var/macos") %]/[% c('var/ProjectName') %][% END %]" -x
+ [% ELSIF c("var/privacy-browser") -%]
+ cp -a Bundle-Data/Docs-PB/* "$tbdir/$DOCSPATH"
[% END -%]
done
@@ -244,11 +252,9 @@ done
bridges_conf snowflake
[% END -%]
-[% IF c("var/linux") %]
+[% IF c("var/linux") && c("var/tor-browser") %]
chmod 700 ${TB_STAGE_DIR}/Browser/[% c('var/ProjectName') %]/Data/Browser
- [% IF c("var/tor-browser") -%]
- chmod 700 ${TB_STAGE_DIR}/Browser/TorBrowser/Data/Tor
- [% END -%]
+ chmod 700 ${TB_STAGE_DIR}/Browser/TorBrowser/Data/Tor
[% END %]
# With multi-lingual builds, we use "ALL" in the package name as the locale for
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] Bug 40717: Hide Windows SSO in settings
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
6532f0b2 by cypherpunks1 at 2023-02-09T16:00:11+00:00
Bug 40717: Hide Windows SSO in settings
(cherry picked from commit 1bacd26df8a8ffe481e11ec6b8323150fdf2011d)
- - - - -
1 changed file:
- browser/themes/shared/preferences/preferences.css
Changes:
=====================================
browser/themes/shared/preferences/preferences.css
=====================================
@@ -583,8 +583,7 @@ richlistitem[selected] .actionsMenu:focus-visible {
margin-inline-start: 0;
}
-@media (-moz-platform: windows-win7),
- (-moz-platform: windows-win8) {
+@media (-moz-platform: windows) {
#windows-sso,
#windows-sso-caption {
display: none;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6532f0b…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/6532f0b…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.0-1] Bug 40717: Hide Windows SSO in settings
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
895473e0 by cypherpunks1 at 2023-02-09T15:59:51+00:00
Bug 40717: Hide Windows SSO in settings
(cherry picked from commit 1bacd26df8a8ffe481e11ec6b8323150fdf2011d)
- - - - -
1 changed file:
- browser/themes/shared/preferences/preferences.css
Changes:
=====================================
browser/themes/shared/preferences/preferences.css
=====================================
@@ -583,8 +583,7 @@ richlistitem[selected] .actionsMenu:focus-visible {
margin-inline-start: 0;
}
-@media (-moz-platform: windows-win7),
- (-moz-platform: windows-win8) {
+@media (-moz-platform: windows) {
#windows-sso,
#windows-sso-caption {
display: none;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/895473e…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/895473e…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new tag base-browser-102.8.0esr-12.0-1-build1
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed new tag base-browser-102.8.0esr-12.0-1-build1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-102.8.0esr-12.0-1-build1
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed new tag tor-browser-102.8.0esr-12.0-1-build1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] Deleted 33 commits: Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
WARNING: The push did not contain any new commits, but force pushed to delete the commits and changes below.
Deleted commits:
7194e92f by Richard Pospesel at 2023-02-09T14:09:26+00:00
Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
- - - - -
78b5b3e0 by Mike Perry at 2023-02-09T14:09:26+00:00
Bug 2176: Rebrand Firefox to TorBrowser
See also Bugs #5194, #7187, #8115, #8219.
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
Also fix bug 27905.
Bug 25702: Update Tor Browser icon to follow design guidelines
- Updated all of the branding in /browser/branding/official with new 'stable'
icon series.
- Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and
add the source svg in the same directory
- Copied /browser/branding/official over /browser/branding/nightly and the new
/browser/branding/alpha directories. Replaced content with 'nightly' and
'alpha' icon series.
Updated VisualElements_70.png and VisualElements_150.png with updated icons in
each branding directory (fixes #22654)
- Updated firefox.VisualElementsManfiest.xml with updated colors in each
branding directory
- Added firefox.svg to each branding directory from which all the other icons
are derived (apart from document.icns and document.ico)
- Added default256.png and default512.png icons
- Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed
original icon
- Use the Tor Browser icon within devtools/client/themes/images/.
Bug 30631: Blurry Tor Browser icon on macOS app switcher
It would seem the png2icns tool does not generate correct icns files and
so on macOS the larger icons were missing resulting in blurry icons in
the OS chrome. Regenerated the padded icons in a macOS VM using
iconutil.
Bug 28196: preparations for using torbutton tor-browser-brand.ftl
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
Bug 31803: Replaced about:debugging logo with flat version
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
Bug 32092: Fix Tor Browser Support link in preferences
For bug 40562, we moved onionPattern* from bug 27476 to here, as
about:tor needs these files but it is included earlier.
Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one
- - - - -
e5e05f86 by Alex Catarineu at 2023-02-09T14:09:27+00:00
Bring back old Firefox onboarding
Revert "Bug 1462415 - Delete onboarding system add-on r=Standard8,k88hudson"
This reverts commit f7ffd78b62541d44d0102f8051d2f4080bdbc432.
Revert "Bug 1498378 - Actually remove the old onboarding add-on's prefs r=Gijs"
This reverts commit 057fe36fc6f3e93e265505c7dcc703a0941778e2.
Bug 28822: Convert onboarding to webextension
Partially revert 1564367 (controlCenter in UITour.jsm)
- - - - -
11b2f5a4 by Kathy Brade at 2023-02-09T14:09:27+00:00
Bug 26961: New user onboarding.
Reuse the Firefox onboarding mechanism with minimal changes.
Localizable strings are pulled in from Torbutton (if Torbutton is
not installed, we lack about:tor and no tour will be shown).
Replace SVG images with PNGs (see bug 27002),
For defense in depth, omit include OnboardingTelemetry.jsm entirely.
Added support for the following UITour page event:
torBrowserOpenSecuritySettings
Also fix bug 27403: the onboarding bubble is not always displayed.
Arthur suggested to make the onboarding bubble visible on displays with
less than 960px width available, so we choose 200px instead.
Also fix bug 28628: Change onboarding Security panel to open new
Security Level panel.
Also fix bug 27484: Improve navigation within onboarding.
Bug 27082: enable a limited UITour
Disallow access to UITour functionality from all pages other than
about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
Bug 26962 - implement new features onboarding (part 1).
Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.
Allow a few additional UITour actions while limiting as much as possible
how it can be used.
Tweak the UITour styles to match the Tor Browser branding.
All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
Bug 27486 Avoid about:blank tabs when opening onboarding pages.
Instead of using a simple <a href>, programmatically open onboarding
web pages by using tabBrowser.addTab(). The same technique is now
used for "See My Path", "See FAQs", and "Visit an Onion".
Bug 29768: Introduce new features to users
Add an "update" tour for the Tor Browser 8.5 release that contains two
panels: Toolbar and Security (with appropriate description text and
images).
Display an attention-grabbing dot on the onboarding text bubble when
the update tour is active. The animation lasts for 14 seconds.
Bug 31768: Introduce toolbar and network settings changes in onboarding
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
Bug 34321 - Add Learn More onboarding item
Bug 40429: Update Onboarding for 10.5
- - - - -
1e8f6720 by Mike Perry at 2023-02-09T14:09:27+00:00
TB3: Tor Browser's official .mozconfigs.
Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 21849: Don't allow SSL key logging.
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 25741 - TBA: Disable features at compile-time
MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
Bug 25741 - TBA: Add default configure options in dedicated file
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 29859: Disable HLS support for now
Add --disable-tor-launcher build option
Add --enable-tor-browser-update build option
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40107: Adapt .mozconfig-asan for ESR 78
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 40793: moved Tor configuration options from old-configure.in to moz.configure
- - - - -
f1f986e2 by Henry Wilkes at 2023-02-09T14:09:28+00:00
Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds
tor-browser#41285: Enable fluent warnings.
- - - - -
70c1a71e by Pier Angelo Vendrame at 2023-02-09T14:09:28+00:00
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches
(torbutton and tor-launcher) at the beginning.
After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only
preferences there, too, to make Base Browser-only fixups easier to
apply.
- - - - -
fd5cb70e by Kathy Brade at 2023-02-09T14:09:28+00:00
Bug 13252: Do not store data in the app bundle
When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.
Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
- - - - -
b5babfee by Pier Angelo Vendrame at 2023-02-09T14:09:29+00:00
Bug 40933: Add tor-launcher functionality
- - - - -
de99682d by Richard Pospesel at 2023-02-09T14:09:29+00:00
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
Bug 40645: Migrate Moat APIs to Moat.jsm module
- - - - -
fc894e21 by Alex Catarineu at 2023-02-09T14:09:30+00:00
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
- - - - -
0795c1f4 by hackademix at 2023-02-09T14:09:30+00:00
Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
- - - - -
0a59ce83 by Amogh Pradeep at 2023-02-09T14:09:30+00:00
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
- - - - -
7944c269 by Alex Catarineu at 2023-02-09T14:09:31+00:00
Add TorStrings module for localization
- - - - -
767365ab by Kathy Brade at 2023-02-09T14:09:31+00:00
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
- - - - -
cfb3d1e4 by sanketh at 2023-02-09T14:09:31+00:00
Bug 40209: Implement Basic Crypto Safety
Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.
Closes #40209.
Bug 40428: Fix string attribute names
- - - - -
c6a86885 by Kathy Brade at 2023-02-09T14:09:32+00:00
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
- - - - -
08005067 by Pier Angelo Vendrame at 2023-02-09T14:09:32+00:00
Bug 40807: Added QRCode.js to toolkit/modules
- - - - -
91b4fdf8 by Richard Pospesel at 2023-02-09T14:09:32+00:00
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
Bug 40774: Update about:preferences page to match new UI designs
- - - - -
a598b057 by Richard Pospesel at 2023-02-09T14:09:33+00:00
Bug 27476: Implement about:torconnect captive portal within Tor Browser
- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)
Bug 40773: Update the about:torconnect frontend page to match additional UI flows
- - - - -
814475bf by Arthur Edelstein at 2023-02-09T14:09:33+00:00
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
- - - - -
455c5291 by Kathy Brade at 2023-02-09T14:09:33+00:00
Bug 4234: Use the Firefox Update Process for Tor Browser.
The following files are never updated:
TorBrowser/Data/Browser/profiles.ini
TorBrowser/Data/Browser/profile.default/bookmarks.html
TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
added support for minSupportedOSVersion, an attribute of the
<update> element that may be used to trigger Firefox's
"unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
16014, 16909, 24476, and 25909.
Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).
Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.
Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.
Bug 26048: potentially confusing "restart to update" message
Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.
Bug 28885: notify users that update is downloading
Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.
As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.
Removed #28885 parts of this patch which have been uplifted to Firefox.
- - - - -
5d621939 by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS.
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
- - - - -
3e1e97ca by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
- - - - -
8506b577 by Georg Koppen at 2023-02-09T14:09:34+00:00
Bug 32658: Create a new MAR signing key
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
Bug 33803: Move our primary nightly MAR signing key to tor-browser
Bug 33803: Add a secondary nightly MAR signing key
- - - - -
f2547767 by Mike Perry at 2023-02-09T14:09:35+00:00
Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.
Also:
Bug 16322: Update DuckDuckGo search engine
We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.
Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.
Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.
Also regression tests.
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40494: Update Startpage search provider
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40438: Add Blockchair as a search engine
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
- - - - -
8c1a2d3b by Richard Pospesel at 2023-02-09T14:09:35+00:00
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
- - - - -
967f065a by Kathy Brade at 2023-02-09T14:09:35+00:00
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
- - - - -
b9b791d5 by Alex Catarineu at 2023-02-09T14:09:36+00:00
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
- - - - -
fad1a632 by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 40458: Implement .tor.onion aliases
We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.
- - - - -
68e1e05e by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.
- - - - -
bd46b8bd by Pier Angelo Vendrame at 2023-02-09T14:09:37+00:00
Bug 41435: Add a Tor Browser migration function
For now this function only deletes old language packs for which we are
already packaging the strings with the application.
- - - - -
6cf333b1 by p13dz at 2023-02-09T14:09:37+00:00
Bug 40283: Workaround for the file upload bug
(cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170)
- - - - -
30 changed files:
- .gitignore
- + .gitmodules
- + browser/actors/AboutTBUpdateChild.jsm
- + browser/actors/AboutTBUpdateParent.jsm
- + browser/actors/CryptoSafetyChild.jsm
- + browser/actors/CryptoSafetyParent.jsm
- browser/actors/NetErrorChild.jsm
- browser/actors/NetErrorParent.jsm
- browser/actors/moz.build
- browser/app/Makefile.in
- browser/app/macbuild/Contents/Info.plist.in
- browser/app/permissions
- + browser/app/profile/000-tor-browser.js
- browser/app/profile/001-base-profile.js
- browser/app/profile/firefox.js
- browser/base/content/aboutDialog-appUpdater.js
- browser/base/content/aboutDialog.js
- browser/base/content/aboutDialog.xhtml
- + browser/base/content/abouttbupdate/aboutTBUpdate.css
- + browser/base/content/abouttbupdate/aboutTBUpdate.js
- + browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
- browser/base/content/appmenu-viewcache.inc.xhtml
- + browser/base/content/browser-doctype.inc
- browser/base/content/browser-menubar.inc
- browser/base/content/browser-sets.inc
- browser/base/content/browser-siteIdentity.js
- browser/base/content/browser.js
- browser/base/content/browser.xhtml
- browser/base/content/certerror/aboutNetError.js
- browser/base/content/certerror/aboutNetError.xhtml
The diff was not included because it is too large.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f90d96…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f90d96…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.0-1] 93 commits: Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
afb87585 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
Bundled fonts were not picked up because also child processes need to
register them.
Also, they were assigned User visibility, instead of Base, which was
not coherent with other platforms.
Differential Revision: https://phabricator.services.mozilla.com/D150400
- - - - -
2c225a70 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1769030: Add a configure flag to load policies only from the local policies.json file r=mkaply,glandium
Add a configuration flag to make Enterprise Policies mechanism only
consult a policies.json file (avoiding the Windows Registry, macOS's
file system attributes, and /etc/firefox/policies/policies.json on
other OS).
Differential Revision: https://phabricator.services.mozilla.com/D146300
- - - - -
35877fe2 by Jamie Nicol at 2023-02-08T13:50:14+00:00
Bug 1784588 - Fix SplitDriverVersion when the string has less than 4 numbers. r=aosmond
Differential Revision: https://phabricator.services.mozilla.com/D154897
- - - - -
26152089 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D157843
- - - - -
3dc56306 by Neill Miller at 2023-02-08T13:50:15+00:00
Bug 1768907 - Part 2: nsTransferable disk-leaks when private browsing mode is enabled by default. r=handyman
nsTransferable was modified to prevent disk leakings when copying data
in private browsing mode with Bug 1123480.
However, the context is nullptr when it is initialized, so it still
leaks if PBM is enabled by default.
Our solution is to check the browser.privatebrowsing.autostart in this
condition.
Differential Revision: https://phabricator.services.mozilla.com/D157800
- - - - -
98f783e2 by Gabriele Svelto at 2023-02-08T13:50:15+00:00
Bug 1670885 - Fix post-fork() handlers for PHC/LogAlloc to work on macOS using unfair locks r=glandium
macOS unfair locks enforce that a lock can only be released by the thread which locked it.
On macOS 11+ this caused the fork()'d child process to raise a SIGILL signal. Confusingly enough this behavior seems to be different on macOS 10.15 and possibly interacted in odd ways with our exception handler if it was installed before fork()-ing.
Differential Revision: https://phabricator.services.mozilla.com/D148287
- - - - -
890d9731 by Gabriele Svelto at 2023-02-08T13:50:15+00:00
Bug 1670885 - Replace deprecated NSSpinLocks with os_unfair_locks in the memory allocator r=glandium
Depends on D148287
Differential Revision: https://phabricator.services.mozilla.com/D99280
- - - - -
8d63a5b9 by Gabriele Svelto at 2023-02-08T13:50:16+00:00
Bug 1774458 - Use undocumented, non-public adaptive spinlocks on macOS 10.15+, revert to user-space spinlocks on older versions r=pbone
Differential Revision: https://phabricator.services.mozilla.com/D149599
- - - - -
67924adc by Gabriele Svelto at 2023-02-08T13:50:16+00:00
Bug 1784018 - Remove deprecated OSSpinLocks r=glandium
On macOS versions prior to 10.15 os_unfair_locks cannot spin in kernel-space
which degrades performance significantly. To obviate for this we spin in
user-space like OSSpinLock does, for the same number of times and invoking
x86-specific pause instructions in-between the locking attempts to avoid
starving a thread that might be running on the same physical core.
Differential Revision: https://phabricator.services.mozilla.com/D154205
- - - - -
95cd88aa by Georg Koppen at 2023-02-08T13:50:16+00:00
Revert "Bug 1724777, optimize suppressed MicroTask handling, r=mccr8 a=RyanVM"
This reverts commit 1eb1364357ac5bc2a4531337fb5416af39c3793f.
This fixes tor-browser#40721, tor-browser#40698, and tor-browser#40706.
However, it is a temporary workaround, that we should revert once
https://bugzilla.mozilla.org/show_bug.cgi?id=1744719 is fixed.
- - - - -
8747fce6 by Richard Pospesel at 2023-02-08T13:50:17+00:00
fixup! Bug 1761389 - Add and use new PDF-specific document icon on Windows. r=bhearsum
- - - - -
6db4b54e by Henry Wilkes at 2023-02-08T13:50:40+00:00
Bug 41454: Move focus after calling openPreferences for a sub-category.
Temporary fix until mozilla bug 1799153 gets a patch upstream.
- - - - -
150b5171 by Pier Angelo Vendrame at 2023-02-09T14:09:10+00:00
Bug 41116: Normalize system fonts.
System fonts are an enormous fingerprinting vector.
Even with font allow lists and with our custom configuration on Linux,
which counter metrics measurements, getComputedStyle leaks several
details.
This patch counters both these kinds of attacks.
- - - - -
7a872d5e by Pier Angelo Vendrame at 2023-02-09T14:09:10+00:00
Tweaks to the build system
Bug 40857: Modified the fat .aar creation file
This is a workaround to build fat .aars with the compiling enviornment
disabled.
Mozilla does not use a similar configuration, but either runs a Firefox
build and discards its output, or uses artifacts build.
We might switch to artifact builds too, and drop this patch, or write a
better one to upstream. But until then we need this patch.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770.
Bug 41458: Prevent `mach package-multi-locale` from actually creating a package
macOS builds need some files to be moved around with
./mach package-multi-locale to create multi-locale packages.
The required command isn't exposed through any other mach command.
So, we patch package-multi-locale both to prevent it from failing when
doing official builds and to detect any future changes on it.
- - - - -
5643c993 by Dan Ballard at 2023-02-09T14:09:10+00:00
Bug 41117: using MOZ_PROXY_BYPASS_PROTECTION disable share menu on mac and windows, and restpre email link on mac
- - - - -
673e2078 by Gaba at 2023-02-09T14:09:11+00:00
Adding issue template for bugs.
- - - - -
9b800046 by Pier Angelo Vendrame at 2023-02-09T14:09:11+00:00
Base Browser's .mozconfigs.
- - - - -
a7f1e3dc by Pier Angelo Vendrame at 2023-02-09T14:09:11+00:00
Bug 41108: Remove privileged macOS installation from 102
- - - - -
7cd0ca00 by Dan Ballard at 2023-02-09T14:09:12+00:00
Bug 41149: Re-enable DLL injection protection in all builds not just nightlies
- - - - -
ada9b1e3 by Matthew Finkel at 2023-02-09T14:09:12+00:00
Bug 24796: Comment out excess permissions from GeckoView
The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's
manifest, so we can't use the ifdef preprocessor guards around the
permissions we do not want. Commenting the permissions is the
next-best-thing.
- - - - -
aa280445 by Matthew Finkel at 2023-02-09T14:09:12+00:00
Bug 25741: TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
- - - - -
75543a65 by Matthew Finkel at 2023-02-09T14:09:13+00:00
Bug 28125: Prevent non-Necko network connections
- - - - -
3bf84f4c by Mike Perry at 2023-02-09T14:09:13+00:00
Bug 12974: Disable NTLM and Negotiate HTTP Auth
The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421,
https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602
- - - - -
5cfb5257 by Alex Catarineu at 2023-02-09T14:09:13+00:00
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899
- - - - -
ef5e63c9 by Georg Koppen at 2023-02-09T14:09:14+00:00
Bug 16285: Exclude ClearKey system for now
In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
- - - - -
741f6c8b by Kathy Brade at 2023-02-09T14:09:14+00:00
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
- - - - -
18813801 by Kathy Brade at 2023-02-09T14:09:14+00:00
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
- - - - -
d87d59a3 by Alex Catarineu at 2023-02-09T14:09:15+00:00
Bug 41457: Remove Mozilla permissions
Bug 40025: Remove Mozilla add-on install permissions
- - - - -
ba4a31ec by Kathy Brade at 2023-02-09T14:09:15+00:00
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people
volunteer to participate in studies that collect detailed, sensitive data about
how they use their browser.
- - - - -
17645ecf by Arthur Edelstein at 2023-02-09T14:09:15+00:00
Bug 26353: Prevent speculative connect that violated FPI.
Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
- - - - -
f19824d5 by Alex Catarineu at 2023-02-09T14:09:15+00:00
Bug 31740: Remove some unnecessary RemoteSettings instances
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
Avoid creating instance for 'anti-tracking-url-decoration'.
If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.
Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.
We also clear the collections database on the v2 -> v3 migration.
- - - - -
d98f0954 by Georg Koppen at 2023-02-09T14:09:16+00:00
Bug 30541: Disable WebGL readPixel() for web content
Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034
- - - - -
c215f756 by Alex Catarineu at 2023-02-09T14:09:16+00:00
Bug 28369: Stop shipping pingsender executable
- - - - -
ae61963b by Alex Catarineu at 2023-02-09T14:09:16+00:00
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
- - - - -
8b1665cf by Mike Perry at 2023-02-09T14:09:17+00:00
Firefox preference overrides.
This hack directly includes our preference changes in omni.ja.
Bug 18292: Staged updates fail on Windows
Temporarily disable staged updates on Windows.
Bug 18297: Use separate Noto JP,KR,SC,TC fonts
Bug 23404: Add Noto Sans Buginese to the macOS whitelist
Bug 23745: Set dom.indexedDB.enabled = true
Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera <ffmancera(a)riseup.net>)
Bug 17252: Enable session identifiers with FPI
Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".
The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)
Bug 14952: Enable http/2 and AltSvc
In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".
Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.
(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)
However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.
"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.
Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites
Enable ReaderView mode again (#27281).
Bug 29916: Make sure enterprise policies are disabled
Bug 2874: Block Components.interfaces from content
Bug 26146: Spoof HTTP User-Agent header for desktop platforms
In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.
Bug 12885: Windows Jump Lists fail for Tor Browser
Jumplist entries are stored in a binary file in:
%APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
[a-f0-9]+.customDestinations-ms
The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.
However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.
The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.
Unfortunately, all windows users currently have this file lurking in
the above mentioned directory and this patch will not remove it since it
was created with an unknown AUMID. However, another patch could be
written which goes to that directory and deletes any item containing the
'Tor Browser' string. See bug 28996.
Bug 30845: Make sure default themes and other internal extensions are enabled
Bug 28896: Enable extensions in private browsing by default
Bug 31065: Explicitly allow proxying localhost
Bug 31598: Enable letterboxing
Disable Presentation API everywhere
Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
security levels.
Bug 32321: Disable Mozilla's MitM pings
Bug 19890: Disable installation of system addons
By setting the URL to "" we make sure that already installed system
addons get deleted as well.
Bug 22548: Firefox downgrades VP9 videos to VP8.
On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
Browser 7.0 all youtube videos are degraded to VP8.
This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
All clients will get better experience and lower traffic, beause TBB doesn't
use "Use hardware acceleration when available".
Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
Bug 16441: Suppress "Reset Tor Browser" prompt.
Bug 29120: Use the in-memory media cache and increase its maximum size.
Bug 33697: use old search config based on list.json
Bug 33855: Ensure that site-specific browser mode is disabled.
Bug 30682: Disable Intermediate CA Preloading.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40408: Disallow SVG Context Paint in all web content
Bug 40308: Disable network partitioning until we evaluate dFPI
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40383: Disable dom.enable_event_timing
Bug 40423: Disable http/3
Bug 40177: Update prefs for Fx91esr
Bug 40700: Disable addons and features recommendations
Bug 40682: Disable network.proxy.allow_bypass
Bug 40736: Disable third-party cookies in PBM
Bug 19850: Enabled HTTPS-Only by default
Bug 40912: Hide the screenshot menu
Bug 41292: Disable moreFromMozilla in preferences page
Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector
Bug 24686: Set network.http.tailing.enabled to true
Bug 40183: Disable TLS ciphersuites using SHA-1
Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
We reviewed all the preferences we set for 102, and remove a few old
ones. See the description of that issue to see all the preferences we
believed were still valid for 102, and some brief description for the
reasons to keep them.
- - - - -
0a1eb4eb by Pier Angelo Vendrame at 2023-02-09T14:09:17+00:00
Bug 41043: Hardcode the UI font on Linux
The mechanism to choose the UI font does not play well with our
fontconfig configuration. As a result, the final criterion to choose
the font for the UI was its version.
Since we hardcode Arimo as a default sans-serif on preferences, we use
it also for the UI. FontConfig will fall back to some other font for
scripts Arimo does not cover as expected (we tested with Japanese).
- - - - -
0795a034 by Alex Catarineu at 2023-02-09T14:09:17+00:00
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
Bug 40198: Expose privacy.spoof_english pref in GeckoView
- - - - -
4a11f33d by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
- - - - -
e13dbb5b by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
- - - - -
c4e9ed0e by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 26345: Hide tracking protection UI
- - - - -
1eb58fd6 by Kathy Brade at 2023-02-09T14:09:19+00:00
Bug 9173: Change the default Firefox profile directory to be relative.
This should eliminate our need to rely on a wrapper script that
sets /Users/arthur and launches Firefox with -profile.
- - - - -
6af56335 by Kathy Brade at 2023-02-09T14:09:19+00:00
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
- - - - -
81e436a2 by Alex Catarineu at 2023-02-09T14:09:19+00:00
Bug 27604: Fix addon issues when moving the profile directory
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838
- - - - -
125278ea by Mike Perry at 2023-02-09T14:09:20+00:00
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509
- - - - -
8b0252eb by Kathy Brade at 2023-02-09T14:09:20+00:00
Bug 11641: Disable remoting by default.
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
- - - - -
76b9ea1d by Igor Oliveira at 2023-02-09T14:09:20+00:00
Bug 23104: Add a default line height compensation
Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.
The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
- - - - -
644e8179 by Pier Angelo Vendrame at 2023-02-09T14:09:21+00:00
Bug 40309: Avoid using regional OS locales
Avoid regional OS locales if the pref
`intl.regional_prefs.use_os_locales` is false but RFP is enabled.
- - - - -
2e6db28b by Matthew Finkel at 2023-02-09T14:09:21+00:00
Bug 40432: Prevent probing installed applications
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084
- - - - -
67d701c3 by hackademix at 2023-02-09T14:09:22+00:00
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
- - - - -
d1de70f7 by hackademix at 2023-02-09T14:09:22+00:00
Bug 41434: Letterboxing, improve logging.
- - - - -
576947f1 by hackademix at 2023-02-09T14:09:22+00:00
Bug 31064: Letterboxing, exempt browser extensions.
- - - - -
c836fca2 by hackademix at 2023-02-09T14:09:23+00:00
Bug 32411: Letterboxing, exempt view-source: URIs.
- - - - -
c8a4fe01 by Richard Pospesel at 2023-02-09T14:09:23+00:00
Bug 32220: Improve the letterboxing experience
CSS and JS changes to alter the UX surrounding letterboxing. The
browser element containing page content is now anchored to the bottom
of the toolbar, and the remaining letterbox margin is the same color
as the firefox chrome. The letterbox margin and outline are tied to
the currently selected theme.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1594455
- - - - -
ddd4aff5 by Alex Catarineu at 2023-02-09T14:09:24+00:00
Bug 40069: Add helpers for message passing with extensions
- - - - -
8b5ef8db by Matthew Finkel at 2023-02-09T14:09:24+00:00
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
- - - - -
afabeab9 by Pier Angelo Vendrame at 2023-02-09T14:09:24+00:00
Bug 41369: Improve Firefox language settings for multi-lingual packages
Change the language selector to be sorted by language code, rather than
name, and to display the language code to the user.
Bug 41372: Handle Japanese as a special case in preferences on macOS
Japanese is treated in a special way on macOS. However, seeing the
Japanese language tag could be confusing for users, and moreover the
language name is not localized correctly like other langs.
Bug 41378: Tell users that they can change their language at the first start
With multi-lingual builds, Tor Browser matches the user's system
language, but some users might want to change it.
So, we tell them that it is possible, but only once.
- - - - -
d5624033 by Henry Wilkes at 2023-02-09T14:09:25+00:00
Bug 41371: Temporary hack to fix language selector popup position
- - - - -
03cbdc38 by Pier Angelo Vendrame at 2023-02-09T14:09:25+00:00
Bug 41417: Always prompt users to restart after changing language
This is a temporary patch that we need until we switch our strings to
Fluent. The reason is that we currently set strings when we populate
our XUL content.
We could rework the whole mechanism, but it is not worth it because we
want to switch to Fluent, which will handle everything automatically.
- - - - -
7ca8d9b9 by Pier Angelo Vendrame at 2023-02-09T14:09:25+00:00
Bug 40925: Implemented the Security Level component
This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.
Bug 40125: Expose Security Level pref in GeckoView
- - - - -
f90d9640 by Pier Angelo Vendrame at 2023-02-09T14:09:26+00:00
Bug 40926: Implemented the New Identity feature
- - - - -
7194e92f by Richard Pospesel at 2023-02-09T14:09:26+00:00
Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
- - - - -
78b5b3e0 by Mike Perry at 2023-02-09T14:09:26+00:00
Bug 2176: Rebrand Firefox to TorBrowser
See also Bugs #5194, #7187, #8115, #8219.
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
Also fix bug 27905.
Bug 25702: Update Tor Browser icon to follow design guidelines
- Updated all of the branding in /browser/branding/official with new 'stable'
icon series.
- Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and
add the source svg in the same directory
- Copied /browser/branding/official over /browser/branding/nightly and the new
/browser/branding/alpha directories. Replaced content with 'nightly' and
'alpha' icon series.
Updated VisualElements_70.png and VisualElements_150.png with updated icons in
each branding directory (fixes #22654)
- Updated firefox.VisualElementsManfiest.xml with updated colors in each
branding directory
- Added firefox.svg to each branding directory from which all the other icons
are derived (apart from document.icns and document.ico)
- Added default256.png and default512.png icons
- Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed
original icon
- Use the Tor Browser icon within devtools/client/themes/images/.
Bug 30631: Blurry Tor Browser icon on macOS app switcher
It would seem the png2icns tool does not generate correct icns files and
so on macOS the larger icons were missing resulting in blurry icons in
the OS chrome. Regenerated the padded icons in a macOS VM using
iconutil.
Bug 28196: preparations for using torbutton tor-browser-brand.ftl
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
Bug 31803: Replaced about:debugging logo with flat version
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
Bug 32092: Fix Tor Browser Support link in preferences
For bug 40562, we moved onionPattern* from bug 27476 to here, as
about:tor needs these files but it is included earlier.
Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one
- - - - -
e5e05f86 by Alex Catarineu at 2023-02-09T14:09:27+00:00
Bring back old Firefox onboarding
Revert "Bug 1462415 - Delete onboarding system add-on r=Standard8,k88hudson"
This reverts commit f7ffd78b62541d44d0102f8051d2f4080bdbc432.
Revert "Bug 1498378 - Actually remove the old onboarding add-on's prefs r=Gijs"
This reverts commit 057fe36fc6f3e93e265505c7dcc703a0941778e2.
Bug 28822: Convert onboarding to webextension
Partially revert 1564367 (controlCenter in UITour.jsm)
- - - - -
11b2f5a4 by Kathy Brade at 2023-02-09T14:09:27+00:00
Bug 26961: New user onboarding.
Reuse the Firefox onboarding mechanism with minimal changes.
Localizable strings are pulled in from Torbutton (if Torbutton is
not installed, we lack about:tor and no tour will be shown).
Replace SVG images with PNGs (see bug 27002),
For defense in depth, omit include OnboardingTelemetry.jsm entirely.
Added support for the following UITour page event:
torBrowserOpenSecuritySettings
Also fix bug 27403: the onboarding bubble is not always displayed.
Arthur suggested to make the onboarding bubble visible on displays with
less than 960px width available, so we choose 200px instead.
Also fix bug 28628: Change onboarding Security panel to open new
Security Level panel.
Also fix bug 27484: Improve navigation within onboarding.
Bug 27082: enable a limited UITour
Disallow access to UITour functionality from all pages other than
about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
Bug 26962 - implement new features onboarding (part 1).
Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.
Allow a few additional UITour actions while limiting as much as possible
how it can be used.
Tweak the UITour styles to match the Tor Browser branding.
All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
Bug 27486 Avoid about:blank tabs when opening onboarding pages.
Instead of using a simple <a href>, programmatically open onboarding
web pages by using tabBrowser.addTab(). The same technique is now
used for "See My Path", "See FAQs", and "Visit an Onion".
Bug 29768: Introduce new features to users
Add an "update" tour for the Tor Browser 8.5 release that contains two
panels: Toolbar and Security (with appropriate description text and
images).
Display an attention-grabbing dot on the onboarding text bubble when
the update tour is active. The animation lasts for 14 seconds.
Bug 31768: Introduce toolbar and network settings changes in onboarding
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
Bug 34321 - Add Learn More onboarding item
Bug 40429: Update Onboarding for 10.5
- - - - -
1e8f6720 by Mike Perry at 2023-02-09T14:09:27+00:00
TB3: Tor Browser's official .mozconfigs.
Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 21849: Don't allow SSL key logging.
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 25741 - TBA: Disable features at compile-time
MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
Bug 25741 - TBA: Add default configure options in dedicated file
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 29859: Disable HLS support for now
Add --disable-tor-launcher build option
Add --enable-tor-browser-update build option
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40107: Adapt .mozconfig-asan for ESR 78
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 40793: moved Tor configuration options from old-configure.in to moz.configure
- - - - -
f1f986e2 by Henry Wilkes at 2023-02-09T14:09:28+00:00
Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds
tor-browser#41285: Enable fluent warnings.
- - - - -
70c1a71e by Pier Angelo Vendrame at 2023-02-09T14:09:28+00:00
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches
(torbutton and tor-launcher) at the beginning.
After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only
preferences there, too, to make Base Browser-only fixups easier to
apply.
- - - - -
fd5cb70e by Kathy Brade at 2023-02-09T14:09:28+00:00
Bug 13252: Do not store data in the app bundle
When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.
Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
- - - - -
b5babfee by Pier Angelo Vendrame at 2023-02-09T14:09:29+00:00
Bug 40933: Add tor-launcher functionality
- - - - -
de99682d by Richard Pospesel at 2023-02-09T14:09:29+00:00
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
Bug 40645: Migrate Moat APIs to Moat.jsm module
- - - - -
fc894e21 by Alex Catarineu at 2023-02-09T14:09:30+00:00
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
- - - - -
0795c1f4 by hackademix at 2023-02-09T14:09:30+00:00
Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
- - - - -
0a59ce83 by Amogh Pradeep at 2023-02-09T14:09:30+00:00
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
- - - - -
7944c269 by Alex Catarineu at 2023-02-09T14:09:31+00:00
Add TorStrings module for localization
- - - - -
767365ab by Kathy Brade at 2023-02-09T14:09:31+00:00
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
- - - - -
cfb3d1e4 by sanketh at 2023-02-09T14:09:31+00:00
Bug 40209: Implement Basic Crypto Safety
Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.
Closes #40209.
Bug 40428: Fix string attribute names
- - - - -
c6a86885 by Kathy Brade at 2023-02-09T14:09:32+00:00
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
- - - - -
08005067 by Pier Angelo Vendrame at 2023-02-09T14:09:32+00:00
Bug 40807: Added QRCode.js to toolkit/modules
- - - - -
91b4fdf8 by Richard Pospesel at 2023-02-09T14:09:32+00:00
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
Bug 40774: Update about:preferences page to match new UI designs
- - - - -
a598b057 by Richard Pospesel at 2023-02-09T14:09:33+00:00
Bug 27476: Implement about:torconnect captive portal within Tor Browser
- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)
Bug 40773: Update the about:torconnect frontend page to match additional UI flows
- - - - -
814475bf by Arthur Edelstein at 2023-02-09T14:09:33+00:00
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
- - - - -
455c5291 by Kathy Brade at 2023-02-09T14:09:33+00:00
Bug 4234: Use the Firefox Update Process for Tor Browser.
The following files are never updated:
TorBrowser/Data/Browser/profiles.ini
TorBrowser/Data/Browser/profile.default/bookmarks.html
TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
added support for minSupportedOSVersion, an attribute of the
<update> element that may be used to trigger Firefox's
"unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
16014, 16909, 24476, and 25909.
Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).
Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.
Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.
Bug 26048: potentially confusing "restart to update" message
Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.
Bug 28885: notify users that update is downloading
Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.
As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.
Removed #28885 parts of this patch which have been uplifted to Firefox.
- - - - -
5d621939 by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS.
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
- - - - -
3e1e97ca by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
- - - - -
8506b577 by Georg Koppen at 2023-02-09T14:09:34+00:00
Bug 32658: Create a new MAR signing key
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
Bug 33803: Move our primary nightly MAR signing key to tor-browser
Bug 33803: Add a secondary nightly MAR signing key
- - - - -
f2547767 by Mike Perry at 2023-02-09T14:09:35+00:00
Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.
Also:
Bug 16322: Update DuckDuckGo search engine
We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.
Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.
Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.
Also regression tests.
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40494: Update Startpage search provider
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40438: Add Blockchair as a search engine
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
- - - - -
8c1a2d3b by Richard Pospesel at 2023-02-09T14:09:35+00:00
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
- - - - -
967f065a by Kathy Brade at 2023-02-09T14:09:35+00:00
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
- - - - -
b9b791d5 by Alex Catarineu at 2023-02-09T14:09:36+00:00
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
- - - - -
fad1a632 by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 40458: Implement .tor.onion aliases
We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.
- - - - -
68e1e05e by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.
- - - - -
bd46b8bd by Pier Angelo Vendrame at 2023-02-09T14:09:37+00:00
Bug 41435: Add a Tor Browser migration function
For now this function only deletes old language packs for which we are
already packaging the strings with the application.
- - - - -
6cf333b1 by p13dz at 2023-02-09T14:09:37+00:00
Bug 40283: Workaround for the file upload bug
(cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170)
- - - - -
30 changed files:
- .eslintignore
- .gitignore
- + .gitlab/issue_templates/UXBug.md
- + .gitlab/issue_templates/bug.md
- + .gitmodules
- + browser/actors/AboutTBUpdateChild.jsm
- + browser/actors/AboutTBUpdateParent.jsm
- + browser/actors/CryptoSafetyChild.jsm
- + browser/actors/CryptoSafetyParent.jsm
- browser/actors/NetErrorChild.jsm
- browser/actors/NetErrorParent.jsm
- browser/actors/moz.build
- browser/app/Makefile.in
- browser/app/macbuild/Contents/Info.plist.in
- browser/app/macbuild/Contents/MacOS-files.in
- browser/app/permissions
- + browser/app/profile/000-tor-browser.js
- + browser/app/profile/001-base-profile.js
- browser/app/profile/firefox.js
- browser/base/content/aboutDialog-appUpdater.js
- browser/base/content/aboutDialog.js
- browser/base/content/aboutDialog.xhtml
- + browser/base/content/abouttbupdate/aboutTBUpdate.css
- + browser/base/content/abouttbupdate/aboutTBUpdate.js
- + browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
- browser/base/content/appmenu-viewcache.inc.xhtml
- + browser/base/content/browser-doctype.inc
- browser/base/content/browser-menubar.inc
- browser/base/content/browser-sets.inc
- browser/base/content/browser-siteIdentity.js
The diff was not included because it is too large.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.8.0esr-12.0-1] 93 commits: Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
Commits:
afb87585 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
Bundled fonts were not picked up because also child processes need to
register them.
Also, they were assigned User visibility, instead of Base, which was
not coherent with other platforms.
Differential Revision: https://phabricator.services.mozilla.com/D150400
- - - - -
2c225a70 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1769030: Add a configure flag to load policies only from the local policies.json file r=mkaply,glandium
Add a configuration flag to make Enterprise Policies mechanism only
consult a policies.json file (avoiding the Windows Registry, macOS's
file system attributes, and /etc/firefox/policies/policies.json on
other OS).
Differential Revision: https://phabricator.services.mozilla.com/D146300
- - - - -
35877fe2 by Jamie Nicol at 2023-02-08T13:50:14+00:00
Bug 1784588 - Fix SplitDriverVersion when the string has less than 4 numbers. r=aosmond
Differential Revision: https://phabricator.services.mozilla.com/D154897
- - - - -
26152089 by Pier Angelo Vendrame at 2023-02-08T13:50:14+00:00
Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D157843
- - - - -
3dc56306 by Neill Miller at 2023-02-08T13:50:15+00:00
Bug 1768907 - Part 2: nsTransferable disk-leaks when private browsing mode is enabled by default. r=handyman
nsTransferable was modified to prevent disk leakings when copying data
in private browsing mode with Bug 1123480.
However, the context is nullptr when it is initialized, so it still
leaks if PBM is enabled by default.
Our solution is to check the browser.privatebrowsing.autostart in this
condition.
Differential Revision: https://phabricator.services.mozilla.com/D157800
- - - - -
98f783e2 by Gabriele Svelto at 2023-02-08T13:50:15+00:00
Bug 1670885 - Fix post-fork() handlers for PHC/LogAlloc to work on macOS using unfair locks r=glandium
macOS unfair locks enforce that a lock can only be released by the thread which locked it.
On macOS 11+ this caused the fork()'d child process to raise a SIGILL signal. Confusingly enough this behavior seems to be different on macOS 10.15 and possibly interacted in odd ways with our exception handler if it was installed before fork()-ing.
Differential Revision: https://phabricator.services.mozilla.com/D148287
- - - - -
890d9731 by Gabriele Svelto at 2023-02-08T13:50:15+00:00
Bug 1670885 - Replace deprecated NSSpinLocks with os_unfair_locks in the memory allocator r=glandium
Depends on D148287
Differential Revision: https://phabricator.services.mozilla.com/D99280
- - - - -
8d63a5b9 by Gabriele Svelto at 2023-02-08T13:50:16+00:00
Bug 1774458 - Use undocumented, non-public adaptive spinlocks on macOS 10.15+, revert to user-space spinlocks on older versions r=pbone
Differential Revision: https://phabricator.services.mozilla.com/D149599
- - - - -
67924adc by Gabriele Svelto at 2023-02-08T13:50:16+00:00
Bug 1784018 - Remove deprecated OSSpinLocks r=glandium
On macOS versions prior to 10.15 os_unfair_locks cannot spin in kernel-space
which degrades performance significantly. To obviate for this we spin in
user-space like OSSpinLock does, for the same number of times and invoking
x86-specific pause instructions in-between the locking attempts to avoid
starving a thread that might be running on the same physical core.
Differential Revision: https://phabricator.services.mozilla.com/D154205
- - - - -
95cd88aa by Georg Koppen at 2023-02-08T13:50:16+00:00
Revert "Bug 1724777, optimize suppressed MicroTask handling, r=mccr8 a=RyanVM"
This reverts commit 1eb1364357ac5bc2a4531337fb5416af39c3793f.
This fixes tor-browser#40721, tor-browser#40698, and tor-browser#40706.
However, it is a temporary workaround, that we should revert once
https://bugzilla.mozilla.org/show_bug.cgi?id=1744719 is fixed.
- - - - -
8747fce6 by Richard Pospesel at 2023-02-08T13:50:17+00:00
fixup! Bug 1761389 - Add and use new PDF-specific document icon on Windows. r=bhearsum
- - - - -
6db4b54e by Henry Wilkes at 2023-02-08T13:50:40+00:00
Bug 41454: Move focus after calling openPreferences for a sub-category.
Temporary fix until mozilla bug 1799153 gets a patch upstream.
- - - - -
150b5171 by Pier Angelo Vendrame at 2023-02-09T14:09:10+00:00
Bug 41116: Normalize system fonts.
System fonts are an enormous fingerprinting vector.
Even with font allow lists and with our custom configuration on Linux,
which counter metrics measurements, getComputedStyle leaks several
details.
This patch counters both these kinds of attacks.
- - - - -
7a872d5e by Pier Angelo Vendrame at 2023-02-09T14:09:10+00:00
Tweaks to the build system
Bug 40857: Modified the fat .aar creation file
This is a workaround to build fat .aars with the compiling enviornment
disabled.
Mozilla does not use a similar configuration, but either runs a Firefox
build and discards its output, or uses artifacts build.
We might switch to artifact builds too, and drop this patch, or write a
better one to upstream. But until then we need this patch.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770.
Bug 41458: Prevent `mach package-multi-locale` from actually creating a package
macOS builds need some files to be moved around with
./mach package-multi-locale to create multi-locale packages.
The required command isn't exposed through any other mach command.
So, we patch package-multi-locale both to prevent it from failing when
doing official builds and to detect any future changes on it.
- - - - -
5643c993 by Dan Ballard at 2023-02-09T14:09:10+00:00
Bug 41117: using MOZ_PROXY_BYPASS_PROTECTION disable share menu on mac and windows, and restpre email link on mac
- - - - -
673e2078 by Gaba at 2023-02-09T14:09:11+00:00
Adding issue template for bugs.
- - - - -
9b800046 by Pier Angelo Vendrame at 2023-02-09T14:09:11+00:00
Base Browser's .mozconfigs.
- - - - -
a7f1e3dc by Pier Angelo Vendrame at 2023-02-09T14:09:11+00:00
Bug 41108: Remove privileged macOS installation from 102
- - - - -
7cd0ca00 by Dan Ballard at 2023-02-09T14:09:12+00:00
Bug 41149: Re-enable DLL injection protection in all builds not just nightlies
- - - - -
ada9b1e3 by Matthew Finkel at 2023-02-09T14:09:12+00:00
Bug 24796: Comment out excess permissions from GeckoView
The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's
manifest, so we can't use the ifdef preprocessor guards around the
permissions we do not want. Commenting the permissions is the
next-best-thing.
- - - - -
aa280445 by Matthew Finkel at 2023-02-09T14:09:12+00:00
Bug 25741: TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
- - - - -
75543a65 by Matthew Finkel at 2023-02-09T14:09:13+00:00
Bug 28125: Prevent non-Necko network connections
- - - - -
3bf84f4c by Mike Perry at 2023-02-09T14:09:13+00:00
Bug 12974: Disable NTLM and Negotiate HTTP Auth
The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421,
https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602
- - - - -
5cfb5257 by Alex Catarineu at 2023-02-09T14:09:13+00:00
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899
- - - - -
ef5e63c9 by Georg Koppen at 2023-02-09T14:09:14+00:00
Bug 16285: Exclude ClearKey system for now
In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
- - - - -
741f6c8b by Kathy Brade at 2023-02-09T14:09:14+00:00
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
- - - - -
18813801 by Kathy Brade at 2023-02-09T14:09:14+00:00
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
- - - - -
d87d59a3 by Alex Catarineu at 2023-02-09T14:09:15+00:00
Bug 41457: Remove Mozilla permissions
Bug 40025: Remove Mozilla add-on install permissions
- - - - -
ba4a31ec by Kathy Brade at 2023-02-09T14:09:15+00:00
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people
volunteer to participate in studies that collect detailed, sensitive data about
how they use their browser.
- - - - -
17645ecf by Arthur Edelstein at 2023-02-09T14:09:15+00:00
Bug 26353: Prevent speculative connect that violated FPI.
Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
- - - - -
f19824d5 by Alex Catarineu at 2023-02-09T14:09:15+00:00
Bug 31740: Remove some unnecessary RemoteSettings instances
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
Avoid creating instance for 'anti-tracking-url-decoration'.
If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.
Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.
We also clear the collections database on the v2 -> v3 migration.
- - - - -
d98f0954 by Georg Koppen at 2023-02-09T14:09:16+00:00
Bug 30541: Disable WebGL readPixel() for web content
Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034
- - - - -
c215f756 by Alex Catarineu at 2023-02-09T14:09:16+00:00
Bug 28369: Stop shipping pingsender executable
- - - - -
ae61963b by Alex Catarineu at 2023-02-09T14:09:16+00:00
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
- - - - -
8b1665cf by Mike Perry at 2023-02-09T14:09:17+00:00
Firefox preference overrides.
This hack directly includes our preference changes in omni.ja.
Bug 18292: Staged updates fail on Windows
Temporarily disable staged updates on Windows.
Bug 18297: Use separate Noto JP,KR,SC,TC fonts
Bug 23404: Add Noto Sans Buginese to the macOS whitelist
Bug 23745: Set dom.indexedDB.enabled = true
Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera <ffmancera(a)riseup.net>)
Bug 17252: Enable session identifiers with FPI
Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".
The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)
Bug 14952: Enable http/2 and AltSvc
In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".
Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.
(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)
However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.
"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.
Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites
Enable ReaderView mode again (#27281).
Bug 29916: Make sure enterprise policies are disabled
Bug 2874: Block Components.interfaces from content
Bug 26146: Spoof HTTP User-Agent header for desktop platforms
In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.
Bug 12885: Windows Jump Lists fail for Tor Browser
Jumplist entries are stored in a binary file in:
%APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
[a-f0-9]+.customDestinations-ms
The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.
However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.
The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.
Unfortunately, all windows users currently have this file lurking in
the above mentioned directory and this patch will not remove it since it
was created with an unknown AUMID. However, another patch could be
written which goes to that directory and deletes any item containing the
'Tor Browser' string. See bug 28996.
Bug 30845: Make sure default themes and other internal extensions are enabled
Bug 28896: Enable extensions in private browsing by default
Bug 31065: Explicitly allow proxying localhost
Bug 31598: Enable letterboxing
Disable Presentation API everywhere
Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
security levels.
Bug 32321: Disable Mozilla's MitM pings
Bug 19890: Disable installation of system addons
By setting the URL to "" we make sure that already installed system
addons get deleted as well.
Bug 22548: Firefox downgrades VP9 videos to VP8.
On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
Browser 7.0 all youtube videos are degraded to VP8.
This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
All clients will get better experience and lower traffic, beause TBB doesn't
use "Use hardware acceleration when available".
Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
Bug 16441: Suppress "Reset Tor Browser" prompt.
Bug 29120: Use the in-memory media cache and increase its maximum size.
Bug 33697: use old search config based on list.json
Bug 33855: Ensure that site-specific browser mode is disabled.
Bug 30682: Disable Intermediate CA Preloading.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40408: Disallow SVG Context Paint in all web content
Bug 40308: Disable network partitioning until we evaluate dFPI
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40383: Disable dom.enable_event_timing
Bug 40423: Disable http/3
Bug 40177: Update prefs for Fx91esr
Bug 40700: Disable addons and features recommendations
Bug 40682: Disable network.proxy.allow_bypass
Bug 40736: Disable third-party cookies in PBM
Bug 19850: Enabled HTTPS-Only by default
Bug 40912: Hide the screenshot menu
Bug 41292: Disable moreFromMozilla in preferences page
Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector
Bug 24686: Set network.http.tailing.enabled to true
Bug 40183: Disable TLS ciphersuites using SHA-1
Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
We reviewed all the preferences we set for 102, and remove a few old
ones. See the description of that issue to see all the preferences we
believed were still valid for 102, and some brief description for the
reasons to keep them.
- - - - -
0a1eb4eb by Pier Angelo Vendrame at 2023-02-09T14:09:17+00:00
Bug 41043: Hardcode the UI font on Linux
The mechanism to choose the UI font does not play well with our
fontconfig configuration. As a result, the final criterion to choose
the font for the UI was its version.
Since we hardcode Arimo as a default sans-serif on preferences, we use
it also for the UI. FontConfig will fall back to some other font for
scripts Arimo does not cover as expected (we tested with Japanese).
- - - - -
0795a034 by Alex Catarineu at 2023-02-09T14:09:17+00:00
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
Bug 40198: Expose privacy.spoof_english pref in GeckoView
- - - - -
4a11f33d by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
- - - - -
e13dbb5b by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
- - - - -
c4e9ed0e by Alex Catarineu at 2023-02-09T14:09:18+00:00
Bug 26345: Hide tracking protection UI
- - - - -
1eb58fd6 by Kathy Brade at 2023-02-09T14:09:19+00:00
Bug 9173: Change the default Firefox profile directory to be relative.
This should eliminate our need to rely on a wrapper script that
sets /Users/arthur and launches Firefox with -profile.
- - - - -
6af56335 by Kathy Brade at 2023-02-09T14:09:19+00:00
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
- - - - -
81e436a2 by Alex Catarineu at 2023-02-09T14:09:19+00:00
Bug 27604: Fix addon issues when moving the profile directory
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838
- - - - -
125278ea by Mike Perry at 2023-02-09T14:09:20+00:00
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509
- - - - -
8b0252eb by Kathy Brade at 2023-02-09T14:09:20+00:00
Bug 11641: Disable remoting by default.
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
- - - - -
76b9ea1d by Igor Oliveira at 2023-02-09T14:09:20+00:00
Bug 23104: Add a default line height compensation
Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.
The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
- - - - -
644e8179 by Pier Angelo Vendrame at 2023-02-09T14:09:21+00:00
Bug 40309: Avoid using regional OS locales
Avoid regional OS locales if the pref
`intl.regional_prefs.use_os_locales` is false but RFP is enabled.
- - - - -
2e6db28b by Matthew Finkel at 2023-02-09T14:09:21+00:00
Bug 40432: Prevent probing installed applications
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084
- - - - -
67d701c3 by hackademix at 2023-02-09T14:09:22+00:00
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
- - - - -
d1de70f7 by hackademix at 2023-02-09T14:09:22+00:00
Bug 41434: Letterboxing, improve logging.
- - - - -
576947f1 by hackademix at 2023-02-09T14:09:22+00:00
Bug 31064: Letterboxing, exempt browser extensions.
- - - - -
c836fca2 by hackademix at 2023-02-09T14:09:23+00:00
Bug 32411: Letterboxing, exempt view-source: URIs.
- - - - -
c8a4fe01 by Richard Pospesel at 2023-02-09T14:09:23+00:00
Bug 32220: Improve the letterboxing experience
CSS and JS changes to alter the UX surrounding letterboxing. The
browser element containing page content is now anchored to the bottom
of the toolbar, and the remaining letterbox margin is the same color
as the firefox chrome. The letterbox margin and outline are tied to
the currently selected theme.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1594455
- - - - -
ddd4aff5 by Alex Catarineu at 2023-02-09T14:09:24+00:00
Bug 40069: Add helpers for message passing with extensions
- - - - -
8b5ef8db by Matthew Finkel at 2023-02-09T14:09:24+00:00
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
- - - - -
afabeab9 by Pier Angelo Vendrame at 2023-02-09T14:09:24+00:00
Bug 41369: Improve Firefox language settings for multi-lingual packages
Change the language selector to be sorted by language code, rather than
name, and to display the language code to the user.
Bug 41372: Handle Japanese as a special case in preferences on macOS
Japanese is treated in a special way on macOS. However, seeing the
Japanese language tag could be confusing for users, and moreover the
language name is not localized correctly like other langs.
Bug 41378: Tell users that they can change their language at the first start
With multi-lingual builds, Tor Browser matches the user's system
language, but some users might want to change it.
So, we tell them that it is possible, but only once.
- - - - -
d5624033 by Henry Wilkes at 2023-02-09T14:09:25+00:00
Bug 41371: Temporary hack to fix language selector popup position
- - - - -
03cbdc38 by Pier Angelo Vendrame at 2023-02-09T14:09:25+00:00
Bug 41417: Always prompt users to restart after changing language
This is a temporary patch that we need until we switch our strings to
Fluent. The reason is that we currently set strings when we populate
our XUL content.
We could rework the whole mechanism, but it is not worth it because we
want to switch to Fluent, which will handle everything automatically.
- - - - -
7ca8d9b9 by Pier Angelo Vendrame at 2023-02-09T14:09:25+00:00
Bug 40925: Implemented the Security Level component
This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.
Bug 40125: Expose Security Level pref in GeckoView
- - - - -
f90d9640 by Pier Angelo Vendrame at 2023-02-09T14:09:26+00:00
Bug 40926: Implemented the New Identity feature
- - - - -
7194e92f by Richard Pospesel at 2023-02-09T14:09:26+00:00
Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
- - - - -
78b5b3e0 by Mike Perry at 2023-02-09T14:09:26+00:00
Bug 2176: Rebrand Firefox to TorBrowser
See also Bugs #5194, #7187, #8115, #8219.
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
Also fix bug 27905.
Bug 25702: Update Tor Browser icon to follow design guidelines
- Updated all of the branding in /browser/branding/official with new 'stable'
icon series.
- Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and
add the source svg in the same directory
- Copied /browser/branding/official over /browser/branding/nightly and the new
/browser/branding/alpha directories. Replaced content with 'nightly' and
'alpha' icon series.
Updated VisualElements_70.png and VisualElements_150.png with updated icons in
each branding directory (fixes #22654)
- Updated firefox.VisualElementsManfiest.xml with updated colors in each
branding directory
- Added firefox.svg to each branding directory from which all the other icons
are derived (apart from document.icns and document.ico)
- Added default256.png and default512.png icons
- Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed
original icon
- Use the Tor Browser icon within devtools/client/themes/images/.
Bug 30631: Blurry Tor Browser icon on macOS app switcher
It would seem the png2icns tool does not generate correct icns files and
so on macOS the larger icons were missing resulting in blurry icons in
the OS chrome. Regenerated the padded icons in a macOS VM using
iconutil.
Bug 28196: preparations for using torbutton tor-browser-brand.ftl
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
Bug 31803: Replaced about:debugging logo with flat version
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
Bug 32092: Fix Tor Browser Support link in preferences
For bug 40562, we moved onionPattern* from bug 27476 to here, as
about:tor needs these files but it is included earlier.
Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one
- - - - -
e5e05f86 by Alex Catarineu at 2023-02-09T14:09:27+00:00
Bring back old Firefox onboarding
Revert "Bug 1462415 - Delete onboarding system add-on r=Standard8,k88hudson"
This reverts commit f7ffd78b62541d44d0102f8051d2f4080bdbc432.
Revert "Bug 1498378 - Actually remove the old onboarding add-on's prefs r=Gijs"
This reverts commit 057fe36fc6f3e93e265505c7dcc703a0941778e2.
Bug 28822: Convert onboarding to webextension
Partially revert 1564367 (controlCenter in UITour.jsm)
- - - - -
11b2f5a4 by Kathy Brade at 2023-02-09T14:09:27+00:00
Bug 26961: New user onboarding.
Reuse the Firefox onboarding mechanism with minimal changes.
Localizable strings are pulled in from Torbutton (if Torbutton is
not installed, we lack about:tor and no tour will be shown).
Replace SVG images with PNGs (see bug 27002),
For defense in depth, omit include OnboardingTelemetry.jsm entirely.
Added support for the following UITour page event:
torBrowserOpenSecuritySettings
Also fix bug 27403: the onboarding bubble is not always displayed.
Arthur suggested to make the onboarding bubble visible on displays with
less than 960px width available, so we choose 200px instead.
Also fix bug 28628: Change onboarding Security panel to open new
Security Level panel.
Also fix bug 27484: Improve navigation within onboarding.
Bug 27082: enable a limited UITour
Disallow access to UITour functionality from all pages other than
about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
Bug 26962 - implement new features onboarding (part 1).
Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.
Allow a few additional UITour actions while limiting as much as possible
how it can be used.
Tweak the UITour styles to match the Tor Browser branding.
All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
Bug 27486 Avoid about:blank tabs when opening onboarding pages.
Instead of using a simple <a href>, programmatically open onboarding
web pages by using tabBrowser.addTab(). The same technique is now
used for "See My Path", "See FAQs", and "Visit an Onion".
Bug 29768: Introduce new features to users
Add an "update" tour for the Tor Browser 8.5 release that contains two
panels: Toolbar and Security (with appropriate description text and
images).
Display an attention-grabbing dot on the onboarding text bubble when
the update tour is active. The animation lasts for 14 seconds.
Bug 31768: Introduce toolbar and network settings changes in onboarding
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
Bug 34321 - Add Learn More onboarding item
Bug 40429: Update Onboarding for 10.5
- - - - -
1e8f6720 by Mike Perry at 2023-02-09T14:09:27+00:00
TB3: Tor Browser's official .mozconfigs.
Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 21849: Don't allow SSL key logging.
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 25741 - TBA: Disable features at compile-time
MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
Bug 25741 - TBA: Add default configure options in dedicated file
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 29859: Disable HLS support for now
Add --disable-tor-launcher build option
Add --enable-tor-browser-update build option
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40107: Adapt .mozconfig-asan for ESR 78
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 40793: moved Tor configuration options from old-configure.in to moz.configure
- - - - -
f1f986e2 by Henry Wilkes at 2023-02-09T14:09:28+00:00
Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds
tor-browser#41285: Enable fluent warnings.
- - - - -
70c1a71e by Pier Angelo Vendrame at 2023-02-09T14:09:28+00:00
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches
(torbutton and tor-launcher) at the beginning.
After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only
preferences there, too, to make Base Browser-only fixups easier to
apply.
- - - - -
fd5cb70e by Kathy Brade at 2023-02-09T14:09:28+00:00
Bug 13252: Do not store data in the app bundle
When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.
Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
- - - - -
b5babfee by Pier Angelo Vendrame at 2023-02-09T14:09:29+00:00
Bug 40933: Add tor-launcher functionality
- - - - -
de99682d by Richard Pospesel at 2023-02-09T14:09:29+00:00
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
Bug 40645: Migrate Moat APIs to Moat.jsm module
- - - - -
fc894e21 by Alex Catarineu at 2023-02-09T14:09:30+00:00
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
- - - - -
0795c1f4 by hackademix at 2023-02-09T14:09:30+00:00
Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
- - - - -
0a59ce83 by Amogh Pradeep at 2023-02-09T14:09:30+00:00
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
- - - - -
7944c269 by Alex Catarineu at 2023-02-09T14:09:31+00:00
Add TorStrings module for localization
- - - - -
767365ab by Kathy Brade at 2023-02-09T14:09:31+00:00
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
- - - - -
cfb3d1e4 by sanketh at 2023-02-09T14:09:31+00:00
Bug 40209: Implement Basic Crypto Safety
Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.
Closes #40209.
Bug 40428: Fix string attribute names
- - - - -
c6a86885 by Kathy Brade at 2023-02-09T14:09:32+00:00
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
- - - - -
08005067 by Pier Angelo Vendrame at 2023-02-09T14:09:32+00:00
Bug 40807: Added QRCode.js to toolkit/modules
- - - - -
91b4fdf8 by Richard Pospesel at 2023-02-09T14:09:32+00:00
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
Bug 40774: Update about:preferences page to match new UI designs
- - - - -
a598b057 by Richard Pospesel at 2023-02-09T14:09:33+00:00
Bug 27476: Implement about:torconnect captive portal within Tor Browser
- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)
Bug 40773: Update the about:torconnect frontend page to match additional UI flows
- - - - -
814475bf by Arthur Edelstein at 2023-02-09T14:09:33+00:00
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
- - - - -
455c5291 by Kathy Brade at 2023-02-09T14:09:33+00:00
Bug 4234: Use the Firefox Update Process for Tor Browser.
The following files are never updated:
TorBrowser/Data/Browser/profiles.ini
TorBrowser/Data/Browser/profile.default/bookmarks.html
TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
added support for minSupportedOSVersion, an attribute of the
<update> element that may be used to trigger Firefox's
"unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
16014, 16909, 24476, and 25909.
Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).
Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.
Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.
Bug 26048: potentially confusing "restart to update" message
Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.
Bug 28885: notify users that update is downloading
Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.
As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.
Removed #28885 parts of this patch which have been uplifted to Firefox.
- - - - -
5d621939 by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS.
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
- - - - -
3e1e97ca by Kathy Brade at 2023-02-09T14:09:34+00:00
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
- - - - -
8506b577 by Georg Koppen at 2023-02-09T14:09:34+00:00
Bug 32658: Create a new MAR signing key
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
Bug 33803: Move our primary nightly MAR signing key to tor-browser
Bug 33803: Add a secondary nightly MAR signing key
- - - - -
f2547767 by Mike Perry at 2023-02-09T14:09:35+00:00
Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.
Also:
Bug 16322: Update DuckDuckGo search engine
We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.
Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.
Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.
Also regression tests.
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40494: Update Startpage search provider
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40438: Add Blockchair as a search engine
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
- - - - -
8c1a2d3b by Richard Pospesel at 2023-02-09T14:09:35+00:00
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
- - - - -
967f065a by Kathy Brade at 2023-02-09T14:09:35+00:00
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
- - - - -
b9b791d5 by Alex Catarineu at 2023-02-09T14:09:36+00:00
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
- - - - -
fad1a632 by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 40458: Implement .tor.onion aliases
We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.
- - - - -
68e1e05e by Pier Angelo Vendrame at 2023-02-09T14:09:36+00:00
Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.
- - - - -
bd46b8bd by Pier Angelo Vendrame at 2023-02-09T14:09:37+00:00
Bug 41435: Add a Tor Browser migration function
For now this function only deletes old language packs for which we are
already packaging the strings with the application.
- - - - -
6cf333b1 by p13dz at 2023-02-09T14:09:37+00:00
Bug 40283: Workaround for the file upload bug
(cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170)
- - - - -
30 changed files:
- .eslintignore
- .gitignore
- + .gitlab/issue_templates/UXBug.md
- + .gitlab/issue_templates/bug.md
- + .gitmodules
- + browser/actors/AboutTBUpdateChild.jsm
- + browser/actors/AboutTBUpdateParent.jsm
- + browser/actors/CryptoSafetyChild.jsm
- + browser/actors/CryptoSafetyParent.jsm
- browser/actors/NetErrorChild.jsm
- browser/actors/NetErrorParent.jsm
- browser/actors/moz.build
- browser/app/Makefile.in
- browser/app/macbuild/Contents/Info.plist.in
- browser/app/macbuild/Contents/MacOS-files.in
- browser/app/permissions
- + browser/app/profile/000-tor-browser.js
- + browser/app/profile/001-base-profile.js
- browser/app/profile/firefox.js
- browser/base/content/aboutDialog-appUpdater.js
- browser/base/content/aboutDialog.js
- browser/base/content/aboutDialog.xhtml
- + browser/base/content/abouttbupdate/aboutTBUpdate.css
- + browser/base/content/abouttbupdate/aboutTBUpdate.js
- + browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
- browser/base/content/appmenu-viewcache.inc.xhtml
- + browser/base/content/browser-doctype.inc
- browser/base/content/browser-menubar.inc
- browser/base/content/browser-sets.inc
- browser/base/content/browser-siteIdentity.js
The diff was not included because it is too large.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] Deleted 101 commits: Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
by Richard Pospesel (@richard) 09 Feb '23
by Richard Pospesel (@richard) 09 Feb '23
09 Feb '23
Richard Pospesel pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
WARNING: The push did not contain any new commits, but force pushed to delete the commits and changes below.
Deleted commits:
ec6904bc by Pier Angelo Vendrame at 2023-02-08T09:53:37+01:00
Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
Bundled fonts were not picked up because also child processes need to
register them.
Also, they were assigned User visibility, instead of Base, which was
not coherent with other platforms.
Differential Revision: https://phabricator.services.mozilla.com/D150400
- - - - -
64f56b92 by Pier Angelo Vendrame at 2023-02-08T09:53:45+01:00
Bug 1769030: Add a configure flag to load policies only from the local policies.json file r=mkaply,glandium
Add a configuration flag to make Enterprise Policies mechanism only
consult a policies.json file (avoiding the Windows Registry, macOS's
file system attributes, and /etc/firefox/policies/policies.json on
other OS).
Differential Revision: https://phabricator.services.mozilla.com/D146300
- - - - -
8e2fe746 by Jamie Nicol at 2023-02-08T09:53:45+01:00
Bug 1784588 - Fix SplitDriverVersion when the string has less than 4 numbers. r=aosmond
Differential Revision: https://phabricator.services.mozilla.com/D154897
- - - - -
bd94bd1b by Pier Angelo Vendrame at 2023-02-08T09:53:46+01:00
Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D157843
- - - - -
d47646d5 by Neill Miller at 2023-02-08T09:53:46+01:00
Bug 1768907 - Part 2: nsTransferable disk-leaks when private browsing mode is enabled by default. r=handyman
nsTransferable was modified to prevent disk leakings when copying data
in private browsing mode with Bug 1123480.
However, the context is nullptr when it is initialized, so it still
leaks if PBM is enabled by default.
Our solution is to check the browser.privatebrowsing.autostart in this
condition.
Differential Revision: https://phabricator.services.mozilla.com/D157800
- - - - -
06e8a38e by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1670885 - Fix post-fork() handlers for PHC/LogAlloc to work on macOS using unfair locks r=glandium
macOS unfair locks enforce that a lock can only be released by the thread which locked it.
On macOS 11+ this caused the fork()'d child process to raise a SIGILL signal. Confusingly enough this behavior seems to be different on macOS 10.15 and possibly interacted in odd ways with our exception handler if it was installed before fork()-ing.
Differential Revision: https://phabricator.services.mozilla.com/D148287
- - - - -
3ca18e95 by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1670885 - Replace deprecated NSSpinLocks with os_unfair_locks in the memory allocator r=glandium
Depends on D148287
Differential Revision: https://phabricator.services.mozilla.com/D99280
- - - - -
cc56972d by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1774458 - Use undocumented, non-public adaptive spinlocks on macOS 10.15+, revert to user-space spinlocks on older versions r=pbone
Differential Revision: https://phabricator.services.mozilla.com/D149599
- - - - -
d47cb7a1 by Gabriele Svelto at 2023-02-08T09:53:48+01:00
Bug 1784018 - Remove deprecated OSSpinLocks r=glandium
On macOS versions prior to 10.15 os_unfair_locks cannot spin in kernel-space
which degrades performance significantly. To obviate for this we spin in
user-space like OSSpinLock does, for the same number of times and invoking
x86-specific pause instructions in-between the locking attempts to avoid
starving a thread that might be running on the same physical core.
Differential Revision: https://phabricator.services.mozilla.com/D154205
- - - - -
55929f40 by Georg Koppen at 2023-02-08T09:53:48+01:00
Revert "Bug 1724777, optimize suppressed MicroTask handling, r=mccr8 a=RyanVM"
This reverts commit 1eb1364357ac5bc2a4531337fb5416af39c3793f.
This fixes tor-browser#40721, tor-browser#40698, and tor-browser#40706.
However, it is a temporary workaround, that we should revert once
https://bugzilla.mozilla.org/show_bug.cgi?id=1744719 is fixed.
- - - - -
b6f84f24 by Henry Wilkes at 2023-02-08T09:55:44+01:00
Bug 41454: Move focus after calling openPreferences for a sub-category.
Temporary fix until mozilla bug 1799153 gets a patch upstream.
- - - - -
61705207 by Henry Wilkes at 2023-02-08T09:55:44+01:00
Bug 41483: Remove the firefox override for appstrings.properties
Remove this patch after upstream bugzilla bug 1790187
- - - - -
7e366de7 by Pier Angelo Vendrame at 2023-02-08T20:58:45+01:00
Bug 41116: Normalize system fonts.
System fonts are an enormous fingerprinting vector.
Even with font allow lists and with our custom configuration on Linux,
which counter metrics measurements, getComputedStyle leaks several
details.
This patch counters both these kinds of attacks.
- - - - -
b797b9f2 by Gaba at 2023-02-08T20:58:52+01:00
Adding issue and merge request templates
- - - - -
e756e4dc by Pier Angelo Vendrame at 2023-02-08T20:58:52+01:00
Base Browser's .mozconfigs.
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 21849: Don't allow SSL key logging.
Bug 25741 - TBA: Disable features at compile-time
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 29859: Disable HLS support for now
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 41584: Move some configuration options to base-browser level
- - - - -
0bbf2bf4 by Pier Angelo Vendrame at 2023-02-08T20:58:53+01:00
Tweaks to the build system
Bug 40857: Modified the fat .aar creation file
This is a workaround to build fat .aars with the compiling enviornment
disabled.
Mozilla does not use a similar configuration, but either runs a Firefox
build and discards its output, or uses artifacts build.
We might switch to artifact builds too, and drop this patch, or write a
better one to upstream. But until then we need this patch.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770.
Bug 41458: Prevent `mach package-multi-locale` from actually creating a package
macOS builds need some files to be moved around with
./mach package-multi-locale to create multi-locale packages.
The required command isn't exposed through any other mach command.
So, we patch package-multi-locale both to prevent it from failing when
doing official builds and to detect any future changes on it.
- - - - -
d59db7f0 by Dan Ballard at 2023-02-08T20:58:53+01:00
Bug 41117: using MOZ_PROXY_BYPASS_PROTECTION disable share menu on mac and windows, and restpre email link on mac
- - - - -
7e253a0e by Pier Angelo Vendrame at 2023-02-08T20:58:54+01:00
Bug 41108: Remove privileged macOS installation from 102
- - - - -
925d8e63 by Dan Ballard at 2023-02-08T20:58:54+01:00
Bug 41149: Re-enable DLL injection protection in all builds not just nightlies
- - - - -
b25a9813 by Matthew Finkel at 2023-02-08T20:58:55+01:00
Bug 24796: Comment out excess permissions from GeckoView
The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's
manifest, so we can't use the ifdef preprocessor guards around the
permissions we do not want. Commenting the permissions is the
next-best-thing.
- - - - -
10f7e581 by Matthew Finkel at 2023-02-08T20:58:55+01:00
Bug 25741: TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
- - - - -
fb43be44 by Matthew Finkel at 2023-02-08T20:58:56+01:00
Bug 28125: Prevent non-Necko network connections
- - - - -
5c24d152 by Mike Perry at 2023-02-08T20:58:56+01:00
Bug 12974: Disable NTLM and Negotiate HTTP Auth
The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421,
https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602
- - - - -
38256347 by Alex Catarineu at 2023-02-08T20:58:56+01:00
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899
- - - - -
04a39e82 by Georg Koppen at 2023-02-08T20:58:57+01:00
Bug 16285: Exclude ClearKey system for now
In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
- - - - -
25f0cb0e by Kathy Brade at 2023-02-08T20:58:57+01:00
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
- - - - -
e3f6695f by Kathy Brade at 2023-02-08T20:58:58+01:00
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc..
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
- - - - -
8e1b9853 by Alex Catarineu at 2023-02-08T20:58:58+01:00
Bug 41457: Remove Mozilla permissions
Bug 40025: Remove Mozilla add-on install permissions
- - - - -
2af57c99 by Kathy Brade at 2023-02-08T20:58:59+01:00
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people
volunteer to participate in studies that collect detailed, sensitive data about
how they use their browser.
- - - - -
a42fb886 by Arthur Edelstein at 2023-02-08T20:58:59+01:00
Bug 26353: Prevent speculative connect that violated FPI.
Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
- - - - -
5fd34e5d by Alex Catarineu at 2023-02-08T20:59:00+01:00
Bug 31740: Remove some unnecessary RemoteSettings instances
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
Avoid creating instance for 'anti-tracking-url-decoration'.
If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.
Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.
We also clear the collections database on the v2 -> v3 migration.
- - - - -
7c0fa72d by Georg Koppen at 2023-02-08T20:59:00+01:00
Bug 30541: Disable WebGL readPixel() for web content
Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034
- - - - -
ecaa3671 by Alex Catarineu at 2023-02-08T20:59:01+01:00
Bug 28369: Stop shipping pingsender executable
- - - - -
ba59316f by Mike Perry at 2023-02-08T20:59:01+01:00
Firefox preference overrides.
This hack directly includes our preference changes in omni.ja.
Bug 18292: Staged updates fail on Windows
Temporarily disable staged updates on Windows.
Bug 18297: Use separate Noto JP,KR,SC,TC fonts
Bug 23404: Add Noto Sans Buginese to the macOS whitelist
Bug 23745: Set dom.indexedDB.enabled = true
Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera <ffmancera(a)riseup.net>)
Bug 17252: Enable session identifiers with FPI
Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".
The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)
Bug 14952: Enable http/2 and AltSvc
In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".
Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.
(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)
However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.
"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.
Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites
Enable ReaderView mode again (#27281).
Bug 29916: Make sure enterprise policies are disabled
Bug 2874: Block Components.interfaces from content
Bug 26146: Spoof HTTP User-Agent header for desktop platforms
In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.
Bug 12885: Windows Jump Lists fail for Tor Browser
Jumplist entries are stored in a binary file in:
%APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
[a-f0-9]+.customDestinations-ms
The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.
However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.
The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.
Unfortunately, all windows users currently have this file lurking in
the above mentioned directory and this patch will not remove it since it
was created with an unknown AUMID. However, another patch could be
written which goes to that directory and deletes any item containing the
'Tor Browser' string. See bug 28996.
Bug 30845: Make sure default themes and other internal extensions are enabled
Bug 28896: Enable extensions in private browsing by default
Bug 31065: Explicitly allow proxying localhost
Bug 31598: Enable letterboxing
Disable Presentation API everywhere
Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
security levels.
Bug 32321: Disable Mozilla's MitM pings
Bug 19890: Disable installation of system addons
By setting the URL to "" we make sure that already installed system
addons get deleted as well.
Bug 22548: Firefox downgrades VP9 videos to VP8.
On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
Browser 7.0 all youtube videos are degraded to VP8.
This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
All clients will get better experience and lower traffic, beause TBB doesn't
use "Use hardware acceleration when available".
Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
Bug 16441: Suppress "Reset Tor Browser" prompt.
Bug 29120: Use the in-memory media cache and increase its maximum size.
Bug 33697: use old search config based on list.json
Bug 33855: Ensure that site-specific browser mode is disabled.
Bug 30682: Disable Intermediate CA Preloading.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40408: Disallow SVG Context Paint in all web content
Bug 40308: Disable network partitioning until we evaluate dFPI
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40383: Disable dom.enable_event_timing
Bug 40423: Disable http/3
Bug 40177: Update prefs for Fx91esr
Bug 40700: Disable addons and features recommendations
Bug 40682: Disable network.proxy.allow_bypass
Bug 40736: Disable third-party cookies in PBM
Bug 19850: Enabled HTTPS-Only by default
Bug 40912: Hide the screenshot menu
Bug 41292: Disable moreFromMozilla in preferences page
Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector
Bug 24686: Set network.http.tailing.enabled to true
Bug 40183: Disable TLS ciphersuites using SHA-1
Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
We reviewed all the preferences we set for 102, and remove a few old
ones. See the description of that issue to see all the preferences we
believed were still valid for 102, and some brief description for the
reasons to keep them.
- - - - -
328846dd by Pier Angelo Vendrame at 2023-02-08T20:59:02+01:00
Bug 41043: Hardcode the UI font on Linux
The mechanism to choose the UI font does not play well with our
fontconfig configuration. As a result, the final criterion to choose
the font for the UI was its version.
Since we hardcode Arimo as a default sans-serif on preferences, we use
it also for the UI. FontConfig will fall back to some other font for
scripts Arimo does not cover as expected (we tested with Japanese).
- - - - -
2645c546 by Alex Catarineu at 2023-02-08T20:59:02+01:00
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
Bug 40198: Expose privacy.spoof_english pref in GeckoView
- - - - -
02e87c8f by Alex Catarineu at 2023-02-08T20:59:02+01:00
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
- - - - -
2d85ed67 by Alex Catarineu at 2023-02-08T20:59:03+01:00
Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
- - - - -
ef6f6744 by Alex Catarineu at 2023-02-08T20:59:03+01:00
Bug 26345: Hide tracking protection UI
- - - - -
8d71df71 by Pier Angelo Vendrame at 2023-02-08T20:59:04+01:00
Bug 9173: Change the default Firefox profile directory to be relative.
This commit makes Firefox look for the default profile directory in a
directory relative to the binary path.
The directory can be specified through the --with-relative-data-dir.
This is relative to the same directory as the firefox main binary for
Linux and Windows.
On macOS, we remove Contents/MacOS from it.
Or, in other words, the directory is relative to the application
bundle.
This behavior can be overriden at runtime, by placing a file called
system-install adjacent to the firefox main binary (also on macOS).
- - - - -
f7a54ecf by Kathy Brade at 2023-02-08T20:59:04+01:00
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
- - - - -
6add3873 by Alex Catarineu at 2023-02-08T20:59:05+01:00
Bug 27604: Fix addon issues when moving the profile directory
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838
- - - - -
73ba0be0 by Mike Perry at 2023-02-08T20:59:05+01:00
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509
- - - - -
e6c01a7d by Kathy Brade at 2023-02-08T20:59:06+01:00
Bug 11641: Disable remoting by default.
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
- - - - -
0d15e85e by Igor Oliveira at 2023-02-08T20:59:06+01:00
Bug 23104: Add a default line height compensation
Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.
The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
- - - - -
a1442080 by Pier Angelo Vendrame at 2023-02-08T20:59:07+01:00
Bug 40309: Avoid using regional OS locales
Avoid regional OS locales if the pref
`intl.regional_prefs.use_os_locales` is false but RFP is enabled.
- - - - -
9ec8eb9d by Matthew Finkel at 2023-02-08T20:59:07+01:00
Bug 40432: Prevent probing installed applications
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084
- - - - -
77aacb1b by hackademix at 2023-02-08T20:59:07+01:00
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
- - - - -
b388e341 by hackademix at 2023-02-08T20:59:08+01:00
Bug 41434: Letterboxing, improve logging.
- - - - -
63de678c by hackademix at 2023-02-08T20:59:08+01:00
Bug 31064: Letterboxing, exempt browser extensions.
- - - - -
30eb754a by hackademix at 2023-02-08T20:59:09+01:00
Bug 32411: Letterboxing, exempt view-source: URIs.
- - - - -
ca1a9c3b by hackademix at 2023-02-08T20:59:09+01:00
Bug 32308: use direct browser sizing for letterboxing.
- - - - -
4e415a9e by Alex Catarineu at 2023-02-08T20:59:10+01:00
Bug 40069: Add helpers for message passing with extensions
- - - - -
92bf1f3f by Matthew Finkel at 2023-02-08T20:59:10+01:00
Bug 41598: Prevent NoScript from being removed/disabled.
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
- - - - -
02ec75e0 by Pier Angelo Vendrame at 2023-02-08T20:59:11+01:00
Bug 41369: Improve Firefox language settings for multi-lingual packages
Change the language selector to be sorted by language code, rather than
name, and to display the language code to the user.
Bug 41372: Handle Japanese as a special case in preferences on macOS
Japanese is treated in a special way on macOS. However, seeing the
Japanese language tag could be confusing for users, and moreover the
language name is not localized correctly like other langs.
Bug 41378: Tell users that they can change their language at the first start
With multi-lingual builds, Tor Browser matches the user's system
language, but some users might want to change it.
So, we tell them that it is possible, but only once.
- - - - -
975baf38 by Henry Wilkes at 2023-02-08T20:59:11+01:00
Bug 41371: Temporary hack to fix language selector popup position
- - - - -
3668fd22 by Pier Angelo Vendrame at 2023-02-08T20:59:12+01:00
Bug 41417: Always prompt users to restart after changing language
This is a temporary patch that we need until we switch our strings to
Fluent. The reason is that we currently set strings when we populate
our XUL content.
We could rework the whole mechanism, but it is not worth it because we
want to switch to Fluent, which will handle everything automatically.
- - - - -
cb07340d by p13dz at 2023-02-08T20:59:12+01:00
Bug 40283: Workaround for the file upload bug
(cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170)
- - - - -
ff2693d4 by cypherpunks1 at 2023-02-08T20:59:13+01:00
Bug 40717: Hide Windows SSO in settings
(cherry picked from commit 1bacd26df8a8ffe481e11ec6b8323150fdf2011d)
- - - - -
1a322107 by cypherpunks1 at 2023-02-08T20:59:13+01:00
Bug 41568: Disable LaterRun
- - - - -
99fe182e by Pier Angelo Vendrame at 2023-02-08T20:59:14+01:00
Bug 41542: Disable the creation of a default profile
Firefox creates a profile as a fallback for old versions.
However, we do not need this, so we want to prevent Firefox from
creating the related directories.
We comment out the code, but should Mozilla be interested in a
compile-time flag, we could rewrite the patch to add one.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1770174.
- - - - -
8082f828 by cypherpunks1 at 2023-02-08T20:59:14+01:00
Bug 41565: Gate Telemetry Tasks behind MOZ_TELEMETRY_REPORTING
- - - - -
2a6e4979 by Arthur Edelstein at 2023-02-08T20:59:14+01:00
Bug 18905: Hide unwanted items from help menu
Bug 25660: Remove the "New Private Window" option
- - - - -
f498387e by Pier Angelo Vendrame at 2023-02-08T20:59:15+01:00
Bug 41603: Customize the creation of MOZ_SOURCE_URL
MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and
MOZ_SOURCE_CHANGESET.
But the code takes for granted that it refers to a Hg instance, so it
combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`.
With this commit, we change this logic to combine them to create a URL
that is valid for GitLab.
$MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag.
If that is needed, we could use /-/tree/, instead of /-/commit/.
- - - - -
bb3c91cb by Henry Wilkes at 2023-02-08T20:59:15+01:00
Bug 31575: Disable Firefox Home (Activity Stream)
Treat about:blank as the default home page and new tab page.
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need.
- - - - -
c8d48055 by Pier Angelo Vendrame at 2023-02-08T20:59:16+01:00
Bug 40788: Prevent nsIURLQueryStrippingListService from calling home when it is not enabled.
The URL query stripping service is enabled only in nightly builds,
still it is initialized and remote settings are downloaded.
This adds a condition that prevents the service from being initialized
if disabled.
Upstream Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1812594
We should remove this patch if Mozilla decides that this is a problem
also for them, or if they do not but we decide to use the feature.
- - - - -
9be42715 by Pier Angelo Vendrame at 2023-02-08T20:59:16+01:00
Bug 40925: Implemented the Security Level component
This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.
Bug 40125: Expose Security Level pref in GeckoView
- - - - -
82f538dc by Pier Angelo Vendrame at 2023-02-08T20:59:17+01:00
Bug 40926: Implemented the New Identity feature
- - - - -
8c327ef0 by Richard Pospesel at 2023-02-08T21:04:10+01:00
Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
- - - - -
105b0b37 by Mike Perry at 2023-02-08T21:04:11+01:00
Bug 2176: Rebrand Firefox to TorBrowser
See also Bugs #5194, #7187, #8115, #8219.
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
Also fix bug 27905.
Bug 25702: Update Tor Browser icon to follow design guidelines
- Updated all of the branding in /browser/branding/official with new 'stable'
icon series.
- Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and
add the source svg in the same directory
- Copied /browser/branding/official over /browser/branding/nightly and the new
/browser/branding/alpha directories. Replaced content with 'nightly' and
'alpha' icon series.
Updated VisualElements_70.png and VisualElements_150.png with updated icons in
each branding directory (fixes #22654)
- Updated firefox.VisualElementsManfiest.xml with updated colors in each
branding directory
- Added firefox.svg to each branding directory from which all the other icons
are derived (apart from document.icns and document.ico)
- Added default256.png and default512.png icons
- Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed
original icon
- Use the Tor Browser icon within devtools/client/themes/images/.
Bug 30631: Blurry Tor Browser icon on macOS app switcher
It would seem the png2icns tool does not generate correct icns files and
so on macOS the larger icons were missing resulting in blurry icons in
the OS chrome. Regenerated the padded icons in a macOS VM using
iconutil.
Bug 28196: preparations for using torbutton tor-browser-brand.ftl
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
Bug 31803: Replaced about:debugging logo with flat version
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
Bug 32092: Fix Tor Browser Support link in preferences
For bug 40562, we moved onionPattern* from bug 27476 to here, as
about:tor needs these files but it is included earlier.
Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one
- - - - -
91d61c95 by Alex Catarineu at 2023-02-08T21:04:11+01:00
Bring back old Firefox onboarding
Revert "Bug 1462415 - Delete onboarding system add-on r=Standard8,k88hudson"
This reverts commit f7ffd78b62541d44d0102f8051d2f4080bdbc432.
Revert "Bug 1498378 - Actually remove the old onboarding add-on's prefs r=Gijs"
This reverts commit 057fe36fc6f3e93e265505c7dcc703a0941778e2.
Bug 28822: Convert onboarding to webextension
Partially revert 1564367 (controlCenter in UITour.jsm)
- - - - -
a2826261 by Kathy Brade at 2023-02-08T21:04:12+01:00
Bug 26961: New user onboarding.
Reuse the Firefox onboarding mechanism with minimal changes.
Localizable strings are pulled in from Torbutton (if Torbutton is
not installed, we lack about:tor and no tour will be shown).
Replace SVG images with PNGs (see bug 27002),
For defense in depth, omit include OnboardingTelemetry.jsm entirely.
Added support for the following UITour page event:
torBrowserOpenSecuritySettings
Also fix bug 27403: the onboarding bubble is not always displayed.
Arthur suggested to make the onboarding bubble visible on displays with
less than 960px width available, so we choose 200px instead.
Also fix bug 28628: Change onboarding Security panel to open new
Security Level panel.
Also fix bug 27484: Improve navigation within onboarding.
Bug 27082: enable a limited UITour
Disallow access to UITour functionality from all pages other than
about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
Bug 26962 - implement new features onboarding (part 1).
Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.
Allow a few additional UITour actions while limiting as much as possible
how it can be used.
Tweak the UITour styles to match the Tor Browser branding.
All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
Bug 27486 Avoid about:blank tabs when opening onboarding pages.
Instead of using a simple <a href>, programmatically open onboarding
web pages by using tabBrowser.addTab(). The same technique is now
used for "See My Path", "See FAQs", and "Visit an Onion".
Bug 29768: Introduce new features to users
Add an "update" tour for the Tor Browser 8.5 release that contains two
panels: Toolbar and Security (with appropriate description text and
images).
Display an attention-grabbing dot on the onboarding text bubble when
the update tour is active. The animation lasts for 14 seconds.
Bug 31768: Introduce toolbar and network settings changes in onboarding
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
Bug 34321 - Add Learn More onboarding item
Bug 40429: Update Onboarding for 10.5
- - - - -
064dd5fe by sanketh at 2023-02-09T09:54:45+01:00
Bug 40209: Implement Basic Crypto Safety
Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.
Closes #40209.
Bug 40428: Fix string attribute names
- - - - -
6c3d68cd by Mike Perry at 2023-02-09T09:55:00+01:00
TB3: Tor Browser's official .mozconfigs.
Also:
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Add --enable-tor-browser-update build option
Bug 40793: moved Tor configuration options from old-configure.in to moz.configure
Bug 41584: Move some configuration options to base-browser level
- - - - -
905e9e72 by Henry Wilkes at 2023-02-09T09:55:00+01:00
Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds
tor-browser#41285: Enable fluent warnings.
- - - - -
acb588dc by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches
(torbutton and tor-launcher) at the beginning.
After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only
preferences there, too, to make Base Browser-only fixups easier to
apply.
- - - - -
1549cab4 by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 13252: Customize profile management on macOS
On macOS we allow both portable mode and system installation.
However, in the latter case, we customize Firefox's directories to
match the hierarchy we use for the portable mode.
Also, display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
- - - - -
be408b39 by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 40933: Add tor-launcher functionality
- - - - -
e0e5d5cd by Richard Pospesel at 2023-02-09T09:55:02+01:00
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
Bug 40645: Migrate Moat APIs to Moat.jsm module
- - - - -
7efc9ee3 by Alex Catarineu at 2023-02-09T09:55:02+01:00
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
- - - - -
f11513f2 by hackademix at 2023-02-09T09:55:03+01:00
Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs
- - - - -
b7149a93 by Amogh Pradeep at 2023-02-09T09:55:03+01:00
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
- - - - -
697499db by Alex Catarineu at 2023-02-09T09:55:32+01:00
Add TorStrings module for localization
- - - - -
7a9a29fa by Kathy Brade at 2023-02-09T09:55:34+01:00
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
- - - - -
057992e4 by Kathy Brade at 2023-02-09T09:55:34+01:00
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
- - - - -
53946346 by Pier Angelo Vendrame at 2023-02-09T09:55:35+01:00
Bug 40807: Added QRCode.js to toolkit/modules
- - - - -
34a88cc4 by Richard Pospesel at 2023-02-09T09:55:35+01:00
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
Bug 40774: Update about:preferences page to match new UI designs
- - - - -
dd96a771 by Richard Pospesel at 2023-02-09T09:55:36+01:00
Bug 27476: Implement about:torconnect captive portal within Tor Browser
- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)
Bug 40773: Update the about:torconnect frontend page to match additional UI flows
- - - - -
19df57ef by Arthur Edelstein at 2023-02-09T09:55:36+01:00
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
- - - - -
9d861383 by Kathy Brade at 2023-02-09T09:55:36+01:00
Bug 4234: Use the Firefox Update Process for Tor Browser.
The following files are never updated:
TorBrowser/Data/Browser/profiles.ini
TorBrowser/Data/Browser/profile.default/bookmarks.html
TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
added support for minSupportedOSVersion, an attribute of the
<update> element that may be used to trigger Firefox's
"unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
16014, 16909, 24476, and 25909.
Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).
Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.
Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.
Bug 26048: potentially confusing "restart to update" message
Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.
Bug 28885: notify users that update is downloading
Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.
As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.
Removed #28885 parts of this patch which have been uplifted to Firefox.
- - - - -
37fc4a74 by Kathy Brade at 2023-02-09T09:55:37+01:00
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS..
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
- - - - -
8b22fe9b by Kathy Brade at 2023-02-09T09:55:37+01:00
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
- - - - -
7a38c528 by Georg Koppen at 2023-02-09T09:55:38+01:00
Bug 32658: Create a new MAR signing key
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
Bug 33803: Move our primary nightly MAR signing key to tor-browser
Bug 33803: Add a secondary nightly MAR signing key
- - - - -
b431e8c9 by Mike Perry at 2023-02-09T09:55:38+01:00
Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.
Also:
Bug 16322: Update DuckDuckGo search engine
We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.
Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.
Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.
Also regression tests.
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40494: Update Startpage search provider
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40438: Add Blockchair as a search engine
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
- - - - -
5adebf04 by Alex Catarineu at 2023-02-09T09:55:38+01:00
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
- - - - -
7ff87126 by Richard Pospesel at 2023-02-09T09:55:39+01:00
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
- - - - -
f7ed2139 by Kathy Brade at 2023-02-09T09:55:39+01:00
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
- - - - -
5c9f3db5 by Alex Catarineu at 2023-02-09T09:55:40+01:00
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
- - - - -
d3b30fdf by Pier Angelo Vendrame at 2023-02-09T09:55:40+01:00
Bug 40458: Implement .tor.onion aliases
We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.
- - - - -
be40dcfc by Pier Angelo Vendrame at 2023-02-09T09:55:40+01:00
Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.
- - - - -
05ba0e34 by Pier Angelo Vendrame at 2023-02-09T09:55:41+01:00
Bug 41435: Add a Tor Browser migration function
For now this function only deletes old language packs for which we are
already packaging the strings with the application.
- - - - -
30 changed files:
- .eslintignore
- .gitignore
- + .gitlab/issue_templates/UXBug.md
- + .gitlab/issue_templates/bug.md
- + .gitlab/merge_request_templates/default.md
- + browser/actors/AboutTBUpdateChild.jsm
- + browser/actors/AboutTBUpdateParent.jsm
- + browser/actors/CryptoSafetyChild.jsm
- + browser/actors/CryptoSafetyParent.jsm
- browser/actors/NetErrorChild.jsm
- browser/actors/NetErrorParent.jsm
- − browser/actors/RFPHelperChild.jsm
- − browser/actors/RFPHelperParent.jsm
- browser/actors/moz.build
- browser/app/Makefile.in
- browser/app/macbuild/Contents/Info.plist.in
- browser/app/macbuild/Contents/MacOS-files.in
- browser/app/permissions
- + browser/app/profile/000-tor-browser.js
- + browser/app/profile/001-base-profile.js
- browser/app/profile/firefox.js
- browser/base/content/aboutDialog-appUpdater.js
- browser/base/content/aboutDialog.js
- browser/base/content/aboutDialog.xhtml
- + browser/base/content/abouttbupdate/aboutTBUpdate.css
- + browser/base/content/abouttbupdate/aboutTBUpdate.js
- + browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
- browser/base/content/appmenu-viewcache.inc.xhtml
- + browser/base/content/browser-doctype.inc
- browser/base/content/browser-menubar.inc
The diff was not included because it is too large.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.8.0esr-12.5-1] 101 commits: Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
by Pier Angelo Vendrame (@pierov) 09 Feb '23
by Pier Angelo Vendrame (@pierov) 09 Feb '23
09 Feb '23
Pier Angelo Vendrame pushed to branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
ec6904bc by Pier Angelo Vendrame at 2023-02-08T09:53:37+01:00
Bug 1774413: Bundled fonts are not picked up on macOS r=jfkthame
Bundled fonts were not picked up because also child processes need to
register them.
Also, they were assigned User visibility, instead of Base, which was
not coherent with other platforms.
Differential Revision: https://phabricator.services.mozilla.com/D150400
- - - - -
64f56b92 by Pier Angelo Vendrame at 2023-02-08T09:53:45+01:00
Bug 1769030: Add a configure flag to load policies only from the local policies.json file r=mkaply,glandium
Add a configuration flag to make Enterprise Policies mechanism only
consult a policies.json file (avoiding the Windows Registry, macOS's
file system attributes, and /etc/firefox/policies/policies.json on
other OS).
Differential Revision: https://phabricator.services.mozilla.com/D146300
- - - - -
8e2fe746 by Jamie Nicol at 2023-02-08T09:53:45+01:00
Bug 1784588 - Fix SplitDriverVersion when the string has less than 4 numbers. r=aosmond
Differential Revision: https://phabricator.services.mozilla.com/D154897
- - - - -
bd94bd1b by Pier Angelo Vendrame at 2023-02-08T09:53:46+01:00
Bug 1768907 - Part 1: Make browser.privatebrowsing.autostart a static pref. r=handyman,necko-reviewers
Differential Revision: https://phabricator.services.mozilla.com/D157843
- - - - -
d47646d5 by Neill Miller at 2023-02-08T09:53:46+01:00
Bug 1768907 - Part 2: nsTransferable disk-leaks when private browsing mode is enabled by default. r=handyman
nsTransferable was modified to prevent disk leakings when copying data
in private browsing mode with Bug 1123480.
However, the context is nullptr when it is initialized, so it still
leaks if PBM is enabled by default.
Our solution is to check the browser.privatebrowsing.autostart in this
condition.
Differential Revision: https://phabricator.services.mozilla.com/D157800
- - - - -
06e8a38e by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1670885 - Fix post-fork() handlers for PHC/LogAlloc to work on macOS using unfair locks r=glandium
macOS unfair locks enforce that a lock can only be released by the thread which locked it.
On macOS 11+ this caused the fork()'d child process to raise a SIGILL signal. Confusingly enough this behavior seems to be different on macOS 10.15 and possibly interacted in odd ways with our exception handler if it was installed before fork()-ing.
Differential Revision: https://phabricator.services.mozilla.com/D148287
- - - - -
3ca18e95 by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1670885 - Replace deprecated NSSpinLocks with os_unfair_locks in the memory allocator r=glandium
Depends on D148287
Differential Revision: https://phabricator.services.mozilla.com/D99280
- - - - -
cc56972d by Gabriele Svelto at 2023-02-08T09:53:47+01:00
Bug 1774458 - Use undocumented, non-public adaptive spinlocks on macOS 10.15+, revert to user-space spinlocks on older versions r=pbone
Differential Revision: https://phabricator.services.mozilla.com/D149599
- - - - -
d47cb7a1 by Gabriele Svelto at 2023-02-08T09:53:48+01:00
Bug 1784018 - Remove deprecated OSSpinLocks r=glandium
On macOS versions prior to 10.15 os_unfair_locks cannot spin in kernel-space
which degrades performance significantly. To obviate for this we spin in
user-space like OSSpinLock does, for the same number of times and invoking
x86-specific pause instructions in-between the locking attempts to avoid
starving a thread that might be running on the same physical core.
Differential Revision: https://phabricator.services.mozilla.com/D154205
- - - - -
55929f40 by Georg Koppen at 2023-02-08T09:53:48+01:00
Revert "Bug 1724777, optimize suppressed MicroTask handling, r=mccr8 a=RyanVM"
This reverts commit 1eb1364357ac5bc2a4531337fb5416af39c3793f.
This fixes tor-browser#40721, tor-browser#40698, and tor-browser#40706.
However, it is a temporary workaround, that we should revert once
https://bugzilla.mozilla.org/show_bug.cgi?id=1744719 is fixed.
- - - - -
b6f84f24 by Henry Wilkes at 2023-02-08T09:55:44+01:00
Bug 41454: Move focus after calling openPreferences for a sub-category.
Temporary fix until mozilla bug 1799153 gets a patch upstream.
- - - - -
61705207 by Henry Wilkes at 2023-02-08T09:55:44+01:00
Bug 41483: Remove the firefox override for appstrings.properties
Remove this patch after upstream bugzilla bug 1790187
- - - - -
7e366de7 by Pier Angelo Vendrame at 2023-02-08T20:58:45+01:00
Bug 41116: Normalize system fonts.
System fonts are an enormous fingerprinting vector.
Even with font allow lists and with our custom configuration on Linux,
which counter metrics measurements, getComputedStyle leaks several
details.
This patch counters both these kinds of attacks.
- - - - -
b797b9f2 by Gaba at 2023-02-08T20:58:52+01:00
Adding issue and merge request templates
- - - - -
e756e4dc by Pier Angelo Vendrame at 2023-02-08T20:58:52+01:00
Base Browser's .mozconfigs.
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 21849: Don't allow SSL key logging.
Bug 25741 - TBA: Disable features at compile-time
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 29859: Disable HLS support for now
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
Bug 41584: Move some configuration options to base-browser level
- - - - -
0bbf2bf4 by Pier Angelo Vendrame at 2023-02-08T20:58:53+01:00
Tweaks to the build system
Bug 40857: Modified the fat .aar creation file
This is a workaround to build fat .aars with the compiling enviornment
disabled.
Mozilla does not use a similar configuration, but either runs a Firefox
build and discards its output, or uses artifacts build.
We might switch to artifact builds too, and drop this patch, or write a
better one to upstream. But until then we need this patch.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1763770.
Bug 41458: Prevent `mach package-multi-locale` from actually creating a package
macOS builds need some files to be moved around with
./mach package-multi-locale to create multi-locale packages.
The required command isn't exposed through any other mach command.
So, we patch package-multi-locale both to prevent it from failing when
doing official builds and to detect any future changes on it.
- - - - -
d59db7f0 by Dan Ballard at 2023-02-08T20:58:53+01:00
Bug 41117: using MOZ_PROXY_BYPASS_PROTECTION disable share menu on mac and windows, and restpre email link on mac
- - - - -
7e253a0e by Pier Angelo Vendrame at 2023-02-08T20:58:54+01:00
Bug 41108: Remove privileged macOS installation from 102
- - - - -
925d8e63 by Dan Ballard at 2023-02-08T20:58:54+01:00
Bug 41149: Re-enable DLL injection protection in all builds not just nightlies
- - - - -
b25a9813 by Matthew Finkel at 2023-02-08T20:58:55+01:00
Bug 24796: Comment out excess permissions from GeckoView
The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's
manifest, so we can't use the ifdef preprocessor guards around the
permissions we do not want. Commenting the permissions is the
next-best-thing.
- - - - -
10f7e581 by Matthew Finkel at 2023-02-08T20:58:55+01:00
Bug 25741: TBA: Disable GeckoNetworkManager
The browser should not need information related to the network
interface or network state, tor should take care of that.
- - - - -
fb43be44 by Matthew Finkel at 2023-02-08T20:58:56+01:00
Bug 28125: Prevent non-Necko network connections
- - - - -
5c24d152 by Mike Perry at 2023-02-08T20:58:56+01:00
Bug 12974: Disable NTLM and Negotiate HTTP Auth
The Mozilla bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1046421,
https://bugzilla.mozilla.org/show_bug.cgi?id=1261591, tor-browser#27602
- - - - -
38256347 by Alex Catarineu at 2023-02-08T20:58:56+01:00
Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1768899
- - - - -
04a39e82 by Georg Koppen at 2023-02-08T20:58:57+01:00
Bug 16285: Exclude ClearKey system for now
In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
- - - - -
25f0cb0e by Kathy Brade at 2023-02-08T20:58:57+01:00
Bug 21431: Clean-up system extensions shipped in Firefox
Only ship the pdfjs extension.
- - - - -
e3f6695f by Kathy Brade at 2023-02-08T20:58:58+01:00
Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc..
Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.
Disable the "Create New Login" button when security.nocertdb is true.
- - - - -
8e1b9853 by Alex Catarineu at 2023-02-08T20:58:58+01:00
Bug 41457: Remove Mozilla permissions
Bug 40025: Remove Mozilla add-on install permissions
- - - - -
2af57c99 by Kathy Brade at 2023-02-08T20:58:59+01:00
Bug 40002: Remove about:ion
Firefox Ion (previously Firefox Pioneer) is an opt-in program in which people
volunteer to participate in studies that collect detailed, sensitive data about
how they use their browser.
- - - - -
a42fb886 by Arthur Edelstein at 2023-02-08T20:58:59+01:00
Bug 26353: Prevent speculative connect that violated FPI.
Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
- - - - -
5fd34e5d by Alex Catarineu at 2023-02-08T20:59:00+01:00
Bug 31740: Remove some unnecessary RemoteSettings instances
More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.
Avoid creating instance for 'anti-tracking-url-decoration'.
If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.
Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.
We also clear the collections database on the v2 -> v3 migration.
- - - - -
7c0fa72d by Georg Koppen at 2023-02-08T20:59:00+01:00
Bug 30541: Disable WebGL readPixel() for web content
Related Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1428034
- - - - -
ecaa3671 by Alex Catarineu at 2023-02-08T20:59:01+01:00
Bug 28369: Stop shipping pingsender executable
- - - - -
ba59316f by Mike Perry at 2023-02-08T20:59:01+01:00
Firefox preference overrides.
This hack directly includes our preference changes in omni.ja.
Bug 18292: Staged updates fail on Windows
Temporarily disable staged updates on Windows.
Bug 18297: Use separate Noto JP,KR,SC,TC fonts
Bug 23404: Add Noto Sans Buginese to the macOS whitelist
Bug 23745: Set dom.indexedDB.enabled = true
Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera <ffmancera(a)riseup.net>)
Bug 17252: Enable session identifiers with FPI
Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".
The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)
Bug 14952: Enable http/2 and AltSvc
In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".
Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.
(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)
However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.
"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.
Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites
Enable ReaderView mode again (#27281).
Bug 29916: Make sure enterprise policies are disabled
Bug 2874: Block Components.interfaces from content
Bug 26146: Spoof HTTP User-Agent header for desktop platforms
In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.
Bug 12885: Windows Jump Lists fail for Tor Browser
Jumplist entries are stored in a binary file in:
%APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
[a-f0-9]+.customDestinations-ms
The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.
However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.
The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.
Unfortunately, all windows users currently have this file lurking in
the above mentioned directory and this patch will not remove it since it
was created with an unknown AUMID. However, another patch could be
written which goes to that directory and deletes any item containing the
'Tor Browser' string. See bug 28996.
Bug 30845: Make sure default themes and other internal extensions are enabled
Bug 28896: Enable extensions in private browsing by default
Bug 31065: Explicitly allow proxying localhost
Bug 31598: Enable letterboxing
Disable Presentation API everywhere
Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
security levels.
Bug 32321: Disable Mozilla's MitM pings
Bug 19890: Disable installation of system addons
By setting the URL to "" we make sure that already installed system
addons get deleted as well.
Bug 22548: Firefox downgrades VP9 videos to VP8.
On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
Browser 7.0 all youtube videos are degraded to VP8.
This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
All clients will get better experience and lower traffic, beause TBB doesn't
use "Use hardware acceleration when available".
Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
Bug 16441: Suppress "Reset Tor Browser" prompt.
Bug 29120: Use the in-memory media cache and increase its maximum size.
Bug 33697: use old search config based on list.json
Bug 33855: Ensure that site-specific browser mode is disabled.
Bug 30682: Disable Intermediate CA Preloading.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40408: Disallow SVG Context Paint in all web content
Bug 40308: Disable network partitioning until we evaluate dFPI
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40383: Disable dom.enable_event_timing
Bug 40423: Disable http/3
Bug 40177: Update prefs for Fx91esr
Bug 40700: Disable addons and features recommendations
Bug 40682: Disable network.proxy.allow_bypass
Bug 40736: Disable third-party cookies in PBM
Bug 19850: Enabled HTTPS-Only by default
Bug 40912: Hide the screenshot menu
Bug 41292: Disable moreFromMozilla in preferences page
Bug 40057: Ensure the CSS4 system colors are not a fingerprinting vector
Bug 24686: Set network.http.tailing.enabled to true
Bug 40183: Disable TLS ciphersuites using SHA-1
Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
We reviewed all the preferences we set for 102, and remove a few old
ones. See the description of that issue to see all the preferences we
believed were still valid for 102, and some brief description for the
reasons to keep them.
- - - - -
328846dd by Pier Angelo Vendrame at 2023-02-08T20:59:02+01:00
Bug 41043: Hardcode the UI font on Linux
The mechanism to choose the UI font does not play well with our
fontconfig configuration. As a result, the final criterion to choose
the font for the UI was its version.
Since we hardcode Arimo as a default sans-serif on preferences, we use
it also for the UI. FontConfig will fall back to some other font for
scripts Arimo does not cover as expected (we tested with Japanese).
- - - - -
2645c546 by Alex Catarineu at 2023-02-08T20:59:02+01:00
Bug 30605: Honor privacy.spoof_english in Android
This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
Bug 40198: Expose privacy.spoof_english pref in GeckoView
- - - - -
02e87c8f by Alex Catarineu at 2023-02-08T20:59:02+01:00
Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
- - - - -
2d85ed67 by Alex Catarineu at 2023-02-08T20:59:03+01:00
Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
- - - - -
ef6f6744 by Alex Catarineu at 2023-02-08T20:59:03+01:00
Bug 26345: Hide tracking protection UI
- - - - -
8d71df71 by Pier Angelo Vendrame at 2023-02-08T20:59:04+01:00
Bug 9173: Change the default Firefox profile directory to be relative.
This commit makes Firefox look for the default profile directory in a
directory relative to the binary path.
The directory can be specified through the --with-relative-data-dir.
This is relative to the same directory as the firefox main binary for
Linux and Windows.
On macOS, we remove Contents/MacOS from it.
Or, in other words, the directory is relative to the application
bundle.
This behavior can be overriden at runtime, by placing a file called
system-install adjacent to the firefox main binary (also on macOS).
- - - - -
f7a54ecf by Kathy Brade at 2023-02-08T20:59:04+01:00
Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1769028
- - - - -
6add3873 by Alex Catarineu at 2023-02-08T20:59:05+01:00
Bug 27604: Fix addon issues when moving the profile directory
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1429838
- - - - -
73ba0be0 by Mike Perry at 2023-02-08T20:59:05+01:00
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1433509
- - - - -
e6c01a7d by Kathy Brade at 2023-02-08T20:59:06+01:00
Bug 11641: Disable remoting by default.
Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote. There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
- - - - -
0d15e85e by Igor Oliveira at 2023-02-08T20:59:06+01:00
Bug 23104: Add a default line height compensation
Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.
The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
- - - - -
a1442080 by Pier Angelo Vendrame at 2023-02-08T20:59:07+01:00
Bug 40309: Avoid using regional OS locales
Avoid regional OS locales if the pref
`intl.regional_prefs.use_os_locales` is false but RFP is enabled.
- - - - -
9ec8eb9d by Matthew Finkel at 2023-02-08T20:59:07+01:00
Bug 40432: Prevent probing installed applications
Bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1711084
- - - - -
77aacb1b by hackademix at 2023-02-08T20:59:07+01:00
Bug 41434: Letterboxing, preemptively apply margins in a global CSS rule to mitigate race conditions on newly created windows and tabs.
- - - - -
b388e341 by hackademix at 2023-02-08T20:59:08+01:00
Bug 41434: Letterboxing, improve logging.
- - - - -
63de678c by hackademix at 2023-02-08T20:59:08+01:00
Bug 31064: Letterboxing, exempt browser extensions.
- - - - -
30eb754a by hackademix at 2023-02-08T20:59:09+01:00
Bug 32411: Letterboxing, exempt view-source: URIs.
- - - - -
ca1a9c3b by hackademix at 2023-02-08T20:59:09+01:00
Bug 32308: use direct browser sizing for letterboxing.
- - - - -
4e415a9e by Alex Catarineu at 2023-02-08T20:59:10+01:00
Bug 40069: Add helpers for message passing with extensions
- - - - -
92bf1f3f by Matthew Finkel at 2023-02-08T20:59:10+01:00
Bug 41598: Prevent NoScript from being removed/disabled.
Bug 40253: Explicitly allow NoScript in Private Browsing mode.
- - - - -
02ec75e0 by Pier Angelo Vendrame at 2023-02-08T20:59:11+01:00
Bug 41369: Improve Firefox language settings for multi-lingual packages
Change the language selector to be sorted by language code, rather than
name, and to display the language code to the user.
Bug 41372: Handle Japanese as a special case in preferences on macOS
Japanese is treated in a special way on macOS. However, seeing the
Japanese language tag could be confusing for users, and moreover the
language name is not localized correctly like other langs.
Bug 41378: Tell users that they can change their language at the first start
With multi-lingual builds, Tor Browser matches the user's system
language, but some users might want to change it.
So, we tell them that it is possible, but only once.
- - - - -
975baf38 by Henry Wilkes at 2023-02-08T20:59:11+01:00
Bug 41371: Temporary hack to fix language selector popup position
- - - - -
3668fd22 by Pier Angelo Vendrame at 2023-02-08T20:59:12+01:00
Bug 41417: Always prompt users to restart after changing language
This is a temporary patch that we need until we switch our strings to
Fluent. The reason is that we currently set strings when we populate
our XUL content.
We could rework the whole mechanism, but it is not worth it because we
want to switch to Fluent, which will handle everything automatically.
- - - - -
cb07340d by p13dz at 2023-02-08T20:59:12+01:00
Bug 40283: Workaround for the file upload bug
(cherry picked from commit c23f2f397327ee46a1a4de57acf206fd83e8e170)
- - - - -
ff2693d4 by cypherpunks1 at 2023-02-08T20:59:13+01:00
Bug 40717: Hide Windows SSO in settings
(cherry picked from commit 1bacd26df8a8ffe481e11ec6b8323150fdf2011d)
- - - - -
1a322107 by cypherpunks1 at 2023-02-08T20:59:13+01:00
Bug 41568: Disable LaterRun
- - - - -
99fe182e by Pier Angelo Vendrame at 2023-02-08T20:59:14+01:00
Bug 41542: Disable the creation of a default profile
Firefox creates a profile as a fallback for old versions.
However, we do not need this, so we want to prevent Firefox from
creating the related directories.
We comment out the code, but should Mozilla be interested in a
compile-time flag, we could rewrite the patch to add one.
See also https://bugzilla.mozilla.org/show_bug.cgi?id=1770174.
- - - - -
8082f828 by cypherpunks1 at 2023-02-08T20:59:14+01:00
Bug 41565: Gate Telemetry Tasks behind MOZ_TELEMETRY_REPORTING
- - - - -
2a6e4979 by Arthur Edelstein at 2023-02-08T20:59:14+01:00
Bug 18905: Hide unwanted items from help menu
Bug 25660: Remove the "New Private Window" option
- - - - -
f498387e by Pier Angelo Vendrame at 2023-02-08T20:59:15+01:00
Bug 41603: Customize the creation of MOZ_SOURCE_URL
MOZ_SOURCE_URL is created by combining MOZ_SOURCE_REPO and
MOZ_SOURCE_CHANGESET.
But the code takes for granted that it refers to a Hg instance, so it
combines them as `$MOZ_SOURCE_REPO/rev/$MOZ_SOURCE_CHANGESET`.
With this commit, we change this logic to combine them to create a URL
that is valid for GitLab.
$MOZ_SOURCE_CHANGESET needs to be a commit hash, not a branch or a tag.
If that is needed, we could use /-/tree/, instead of /-/commit/.
- - - - -
bb3c91cb by Henry Wilkes at 2023-02-08T20:59:15+01:00
Bug 31575: Disable Firefox Home (Activity Stream)
Treat about:blank as the default home page and new tab page.
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need.
- - - - -
c8d48055 by Pier Angelo Vendrame at 2023-02-08T20:59:16+01:00
Bug 40788: Prevent nsIURLQueryStrippingListService from calling home when it is not enabled.
The URL query stripping service is enabled only in nightly builds,
still it is initialized and remote settings are downloaded.
This adds a condition that prevents the service from being initialized
if disabled.
Upstream Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1812594
We should remove this patch if Mozilla decides that this is a problem
also for them, or if they do not but we decide to use the feature.
- - - - -
9be42715 by Pier Angelo Vendrame at 2023-02-08T20:59:16+01:00
Bug 40925: Implemented the Security Level component
This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.
Bug 40125: Expose Security Level pref in GeckoView
- - - - -
82f538dc by Pier Angelo Vendrame at 2023-02-08T20:59:17+01:00
Bug 40926: Implemented the New Identity feature
- - - - -
8c327ef0 by Richard Pospesel at 2023-02-08T21:04:10+01:00
Bug 41089: Add tor-browser build scripts + Makefile to tor-browser
- - - - -
105b0b37 by Mike Perry at 2023-02-08T21:04:11+01:00
Bug 2176: Rebrand Firefox to TorBrowser
See also Bugs #5194, #7187, #8115, #8219.
This patch does some basic renaming of Firefox to TorBrowser. The rest of the
branding is done by images and icons.
Also fix bug 27905.
Bug 25702: Update Tor Browser icon to follow design guidelines
- Updated all of the branding in /browser/branding/official with new 'stable'
icon series.
- Updated /extensions/onboarding/content/img/tor-watermark.png with new icon and
add the source svg in the same directory
- Copied /browser/branding/official over /browser/branding/nightly and the new
/browser/branding/alpha directories. Replaced content with 'nightly' and
'alpha' icon series.
Updated VisualElements_70.png and VisualElements_150.png with updated icons in
each branding directory (fixes #22654)
- Updated firefox.VisualElementsManfiest.xml with updated colors in each
branding directory
- Added firefox.svg to each branding directory from which all the other icons
are derived (apart from document.icns and document.ico)
- Added default256.png and default512.png icons
- Updated aboutTBUpdate.css to point to branding-aware icon128.png and removed
original icon
- Use the Tor Browser icon within devtools/client/themes/images/.
Bug 30631: Blurry Tor Browser icon on macOS app switcher
It would seem the png2icns tool does not generate correct icns files and
so on macOS the larger icons were missing resulting in blurry icons in
the OS chrome. Regenerated the padded icons in a macOS VM using
iconutil.
Bug 28196: preparations for using torbutton tor-browser-brand.ftl
A small change to Fluent FileSource class is required so that we
can register a new source without its supported locales being
counted as available locales for the browser.
Bug 31803: Replaced about:debugging logo with flat version
Bug 21724: Make Firefox and Tor Browser distinct macOS apps
When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
Bug 32092: Fix Tor Browser Support link in preferences
For bug 40562, we moved onionPattern* from bug 27476 to here, as
about:tor needs these files but it is included earlier.
Bug 41278: Create Tor Browser styled pdf logo similar to the vanilla Firefox one
- - - - -
91d61c95 by Alex Catarineu at 2023-02-08T21:04:11+01:00
Bring back old Firefox onboarding
Revert "Bug 1462415 - Delete onboarding system add-on r=Standard8,k88hudson"
This reverts commit f7ffd78b62541d44d0102f8051d2f4080bdbc432.
Revert "Bug 1498378 - Actually remove the old onboarding add-on's prefs r=Gijs"
This reverts commit 057fe36fc6f3e93e265505c7dcc703a0941778e2.
Bug 28822: Convert onboarding to webextension
Partially revert 1564367 (controlCenter in UITour.jsm)
- - - - -
a2826261 by Kathy Brade at 2023-02-08T21:04:12+01:00
Bug 26961: New user onboarding.
Reuse the Firefox onboarding mechanism with minimal changes.
Localizable strings are pulled in from Torbutton (if Torbutton is
not installed, we lack about:tor and no tour will be shown).
Replace SVG images with PNGs (see bug 27002),
For defense in depth, omit include OnboardingTelemetry.jsm entirely.
Added support for the following UITour page event:
torBrowserOpenSecuritySettings
Also fix bug 27403: the onboarding bubble is not always displayed.
Arthur suggested to make the onboarding bubble visible on displays with
less than 960px width available, so we choose 200px instead.
Also fix bug 28628: Change onboarding Security panel to open new
Security Level panel.
Also fix bug 27484: Improve navigation within onboarding.
Bug 27082: enable a limited UITour
Disallow access to UITour functionality from all pages other than
about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
Bug 26962 - implement new features onboarding (part 1).
Add an "Explore" button to the "Circuit Display" panel within new user
onboarding which opens the DuckDuckGo .onion and then guides users through
a short circuit display tutorial.
Allow a few additional UITour actions while limiting as much as possible
how it can be used.
Tweak the UITour styles to match the Tor Browser branding.
All user interface strings are retrieved from Torbutton's
browserOnboarding.properties file.
Bug 27486 Avoid about:blank tabs when opening onboarding pages.
Instead of using a simple <a href>, programmatically open onboarding
web pages by using tabBrowser.addTab(). The same technique is now
used for "See My Path", "See FAQs", and "Visit an Onion".
Bug 29768: Introduce new features to users
Add an "update" tour for the Tor Browser 8.5 release that contains two
panels: Toolbar and Security (with appropriate description text and
images).
Display an attention-grabbing dot on the onboarding text bubble when
the update tour is active. The animation lasts for 14 seconds.
Bug 31768: Introduce toolbar and network settings changes in onboarding
Update the "Tor Network" onboarding page to include a note that
settings can now be accessed via the application preferences and
add an "Adjust Your Tor Network Settings" action button which opens
about:preferences#tor.
Replace the Tor Browser 8.5 "update" onboarding tour with a 9.0 one
that includes the revised "Tor Network" page and a revised "Toolbar"
page. The latter explains that Torbutton's toolbar item has been
removed ("Goodbye Onion Button") and explains how to access the
New Identity feature using the hamburger menu and new toolbar item.
Bug 34321 - Add Learn More onboarding item
Bug 40429: Update Onboarding for 10.5
- - - - -
064dd5fe by sanketh at 2023-02-09T09:54:45+01:00
Bug 40209: Implement Basic Crypto Safety
Adds a CryptoSafety actor which detects when you've copied a crypto
address from a HTTP webpage and shows a warning.
Closes #40209.
Bug 40428: Fix string attribute names
- - - - -
6c3d68cd by Mike Perry at 2023-02-09T09:55:00+01:00
TB3: Tor Browser's official .mozconfigs.
Also:
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Add --enable-tor-browser-update build option
Bug 40793: moved Tor configuration options from old-configure.in to moz.configure
Bug 41584: Move some configuration options to base-browser level
- - - - -
905e9e72 by Henry Wilkes at 2023-02-09T09:55:00+01:00
Bug 41340: Enable TOR_BROWSER_NIGHTLY_BUILD features for dev and nightly builds
tor-browser#41285: Enable fluent warnings.
- - - - -
acb588dc by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches
(torbutton and tor-launcher) at the beginning.
After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only
preferences there, too, to make Base Browser-only fixups easier to
apply.
- - - - -
1549cab4 by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 13252: Customize profile management on macOS
On macOS we allow both portable mode and system installation.
However, in the latter case, we customize Firefox's directories to
match the hierarchy we use for the portable mode.
Also, display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
- - - - -
be408b39 by Pier Angelo Vendrame at 2023-02-09T09:55:01+01:00
Bug 40933: Add tor-launcher functionality
- - - - -
e0e5d5cd by Richard Pospesel at 2023-02-09T09:55:02+01:00
Bug 40597: Implement TorSettings module
- migrated in-page settings read/write implementation from about:preferences#tor
to the TorSettings module
- TorSettings initially loads settings from the tor daemon, and saves them to
firefox prefs
- TorSettings notifies observers when a setting has changed; currently only
QuickStart notification is implemented for parity with previous preference
notify logic in about:torconnect and about:preferences#tor
- about:preferences#tor, and about:torconnect now read and write settings
thorugh the TorSettings module
- all tor settings live in the torbrowser.settings.* preference branch
- removed unused pref modify permission for about:torconnect content page from
AsyncPrefs.jsm
Bug 40645: Migrate Moat APIs to Moat.jsm module
- - - - -
7efc9ee3 by Alex Catarineu at 2023-02-09T09:55:02+01:00
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
- - - - -
f11513f2 by hackademix at 2023-02-09T09:55:03+01:00
Bug 8324: Prevent DNS proxy bypasses caused by Drag&Drop
Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs
- - - - -
b7149a93 by Amogh Pradeep at 2023-02-09T09:55:03+01:00
Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
See Bug 1357997 for partial uplift.
Also:
Bug 28051 - Use our Orbot for proxying our connections
Bug 31144 - ESR68 Network Code Review
- - - - -
697499db by Alex Catarineu at 2023-02-09T09:55:32+01:00
Add TorStrings module for localization
- - - - -
7a9a29fa by Kathy Brade at 2023-02-09T09:55:34+01:00
Bug 14631: Improve profile access error messages.
Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".
To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
- - - - -
057992e4 by Kathy Brade at 2023-02-09T09:55:34+01:00
Bug 19273: Avoid JavaScript patching of the external app helper dialog.
When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).
For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.
Other bugs fixed:
Bug 21766: Crash with e10s enabled while trying to download a file
Bug 21886: Download is stalled in non-e10s mode
Bug 22471: Downloading files via the PDF viewer download button is broken
Bug 22472: Fix FTP downloads when external helper app dialog is shown
Bug 22610: Avoid crashes when canceling external helper app downloads
Bug 22618: Downloading pdf file via file:/// is stalling
- - - - -
53946346 by Pier Angelo Vendrame at 2023-02-09T09:55:35+01:00
Bug 40807: Added QRCode.js to toolkit/modules
- - - - -
34a88cc4 by Richard Pospesel at 2023-02-09T09:55:35+01:00
Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#connection
This patch adds a new about:preferences#connection page which allows
modifying bridge, proxy, and firewall settings from within Tor Browser.
All of the functionality present in tor-launcher's Network
Configuration panel is present:
- Setting built-in bridges
- Requesting bridges from BridgeDB via moat
- Using user-provided bridges
- Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
- Setting firewall ports
- Viewing and Copying Tor's logs
- The Networking Settings in General preferences has been removed
Bug 40774: Update about:preferences page to match new UI designs
- - - - -
dd96a771 by Richard Pospesel at 2023-02-09T09:55:36+01:00
Bug 27476: Implement about:torconnect captive portal within Tor Browser
- implements new about:torconnect page as tor-launcher replacement
- adds tor connection status to url bar and tweaks UX when not online
- adds new torconnect component to browser
- tor process management functionality remains implemented in tor-launcher through the TorProtocolService module
- adds warning/error box to about:preferences#tor when not connected to tor
- explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP)
- various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages)
Bug 40773: Update the about:torconnect frontend page to match additional UI flows
- - - - -
19df57ef by Arthur Edelstein at 2023-02-09T09:55:36+01:00
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
- - - - -
9d861383 by Kathy Brade at 2023-02-09T09:55:36+01:00
Bug 4234: Use the Firefox Update Process for Tor Browser.
The following files are never updated:
TorBrowser/Data/Browser/profiles.ini
TorBrowser/Data/Browser/profile.default/bookmarks.html
TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
added support for minSupportedOSVersion, an attribute of the
<update> element that may be used to trigger Firefox's
"unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
16014, 16909, 24476, and 25909.
Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).
Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.
Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.
Bug 26048: potentially confusing "restart to update" message
Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.
Bug 28885: notify users that update is downloading
Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.
As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.
Removed #28885 parts of this patch which have been uplifted to Firefox.
- - - - -
37fc4a74 by Kathy Brade at 2023-02-09T09:55:37+01:00
Bug 13379: Sign our MAR files.
Configure with --enable-verify-mar (when updating, require a valid
signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
NSS and NSPR libraries the updater depends on can be found at runtime,
we add the firefox directory to the shared library search path on macOS..
On Linux, rpath is used by Mozilla to solve that problem, but that
approach won't work on macOS because the updater executable is copied
during the update process to a location that is under TorBrowser-Data,
and the location of TorBrowser-Data varies.
Also includes the fix for bug 18900.
Bug 19121: reinstate the update.xml hash check
Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.
Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.
Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."
Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.
We kept the addition to the AppConstants API in case other JS code
references it in the future.
- - - - -
8b22fe9b by Kathy Brade at 2023-02-09T09:55:37+01:00
Bug 16940: After update, load local change notes.
Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).
Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.
Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
- - - - -
7a38c528 by Georg Koppen at 2023-02-09T09:55:38+01:00
Bug 32658: Create a new MAR signing key
It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
Bug 33803: Move our primary nightly MAR signing key to tor-browser
Bug 33803: Add a secondary nightly MAR signing key
- - - - -
b431e8c9 by Mike Perry at 2023-02-09T09:55:38+01:00
Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
eBay and Amazon don't treat Tor users very well. Accounts often get locked and
payments reversed.
Also:
Bug 16322: Update DuckDuckGo search engine
We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.
Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.
Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.
Also regression tests.
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40494: Update Startpage search provider
squash! Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
Bug 40438: Add Blockchair as a search engine
Bug 33342: Avoid disconnect search addon error after removal.
We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
- - - - -
5adebf04 by Alex Catarineu at 2023-02-09T09:55:38+01:00
Bug 40073: Disable remote Public Suffix List fetching
In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
- - - - -
7ff87126 by Richard Pospesel at 2023-02-09T09:55:39+01:00
Bug 23247: Communicating security expectations for .onion
Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted. Therefore, serving HTTP pages from an Onion
Service is more or less fine.
Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way. This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:
- HTTP Onion Service pages did not have any 'lock' icon indicating
the site was secure
- HTTP Onion Service pages would be marked as unencrypted in the Page
Info screen
- Mixed-mode content restrictions did not apply to HTTP Onion Service
pages embedding Non-Onion HTTP content
This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.
Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
- - - - -
f7ed2139 by Kathy Brade at 2023-02-09T09:55:39+01:00
Bug 30237: Add v3 onion services client authentication prompt
When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.
If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.
If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.
Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.
Add support for onion services strings to the TorStrings module.
Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.
Also fixes bug 19757:
Add a "Remember this key" checkbox to the client auth prompt.
Add an "Onion Services Authentication" section within the
about:preferences "Privacy & Security section" to allow
viewing and removal of v3 onion client auth keys that have
been stored on disk.
Also fixes bug 19251: use enhanced error pages for onion service errors.
- - - - -
5c9f3db5 by Alex Catarineu at 2023-02-09T09:55:40+01:00
Bug 21952: Implement Onion-Location
Whenever a valid Onion-Location HTTP header (or corresponding HTML
<meta> http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
- - - - -
d3b30fdf by Pier Angelo Vendrame at 2023-02-09T09:55:40+01:00
Bug 40458: Implement .tor.onion aliases
We have enabled HTTPS-Only mode, therefore we do not need
HTTPS-Everywhere anymore.
However, we want to keep supporting .tor.onion aliases (especially for
securedrop).
Therefore, in this patch we implemented the parsing of HTTPS-Everywhere
rulesets, and the redirect of .tor.onion domains.
Actually, Tor Browser believes they are actual domains. We change them
on the fly on the SOCKS proxy requests to resolve the domain, and on
the code that verifies HTTPS certificates.
- - - - -
be40dcfc by Pier Angelo Vendrame at 2023-02-09T09:55:40+01:00
Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser
This patch associates the about:manual page to a translated page that
must be injected to browser/omni.ja after the build.
The content must be placed in chrome/browser/content/browser/manual/, so
that is then available at chrome://browser/content/manual/.
We preferred giving absolute freedom to the web team, rather than having
to change the patch in case of changes on the documentation.
- - - - -
05ba0e34 by Pier Angelo Vendrame at 2023-02-09T09:55:41+01:00
Bug 41435: Add a Tor Browser migration function
For now this function only deletes old language packs for which we are
already packaging the strings with the application.
- - - - -
30 changed files:
- .eslintignore
- .gitignore
- + .gitlab/issue_templates/UXBug.md
- + .gitlab/issue_templates/bug.md
- + .gitlab/merge_request_templates/default.md
- + browser/actors/AboutTBUpdateChild.jsm
- + browser/actors/AboutTBUpdateParent.jsm
- + browser/actors/CryptoSafetyChild.jsm
- + browser/actors/CryptoSafetyParent.jsm
- browser/actors/NetErrorChild.jsm
- browser/actors/NetErrorParent.jsm
- − browser/actors/RFPHelperChild.jsm
- − browser/actors/RFPHelperParent.jsm
- browser/actors/moz.build
- browser/app/Makefile.in
- browser/app/macbuild/Contents/Info.plist.in
- browser/app/macbuild/Contents/MacOS-files.in
- browser/app/permissions
- + browser/app/profile/000-tor-browser.js
- + browser/app/profile/001-base-profile.js
- browser/app/profile/firefox.js
- browser/base/content/aboutDialog-appUpdater.js
- browser/base/content/aboutDialog.js
- browser/base/content/aboutDialog.xhtml
- + browser/base/content/abouttbupdate/aboutTBUpdate.css
- + browser/base/content/abouttbupdate/aboutTBUpdate.js
- + browser/base/content/abouttbupdate/aboutTBUpdate.xhtml
- browser/base/content/appmenu-viewcache.inc.xhtml
- + browser/base/content/browser-doctype.inc
- browser/base/content/browser-menubar.inc
The diff was not included because it is too large.
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/3a3a96…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser-bundle-testsuite][main] fixup! Bug 40072: Fix torbrowser-incrementals-nightly-*
by Richard Pospesel (@richard) 08 Feb '23
by Richard Pospesel (@richard) 08 Feb '23
08 Feb '23
Richard Pospesel pushed to branch main at The Tor Project / Applications / tor-browser-bundle-testsuite
Commits:
dfa6e383 by Nicolas Vigier at 2023-02-08T11:24:29+01:00
fixup! Bug 40072: Fix torbrowser-incrementals-nightly-*
Fix a syntax error in previous commit,
695bb8ef9595eb9fa9a8ed54335757de25ca51b9.
- - - - -
1 changed file:
- TBBTestSuite/TestSuite/TorBrowserBuild.pm
Changes:
=====================================
TBBTestSuite/TestSuite/TorBrowserBuild.pm
=====================================
@@ -263,7 +263,7 @@ sub make_incrementals {
}
foreach my $builddir (path($testsuite->{publish_dir} . '/..')->children) {
if (-f "$builddir/$test->{publish_dir}/sha256sums-unsigned-build.txt") {
- symlink("$builddir/$test->{publish_dir}", "$nightlydir/$builddir->basename");
+ symlink("$builddir/$test->{publish_dir}", $nightlydir . '/' . $builddir->basename);
}
}
my @cmd = ('make', $test->{projectname} . '-incrementals-nightly');
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-bundle-testsuite…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-bundle-testsuite…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.5-1] 7 commits: Revert "Bug 13252: Do not store data in the app bundle"
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed to branch tor-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
fbc46b57 by Pier Angelo Vendrame at 2023-02-08T12:22:33+01:00
Revert "Bug 13252: Do not store data in the app bundle"
This reverts commit bcbfa12f147da775edd5adda3bf51436bdd94f10.
- - - - -
8029d2b1 by Pier Angelo Vendrame at 2023-02-08T12:22:34+01:00
fixup! Bug 14631: Improve profile access error messages.
Part of Bug 20497.
Move this check to Bug 14631, which seems a better place for it!
- - - - -
1dafa91c by Pier Angelo Vendrame at 2023-02-08T12:22:34+01:00
Revert "Bug 9173: Change the default Firefox profile directory to be relative."
This reverts commit 0ef716110c63ffa26a2c9b29cd954f2c971b5178.
- - - - -
4595d824 by Pier Angelo Vendrame at 2023-02-08T12:22:35+01:00
Bug 9173: Change the default Firefox profile directory to be relative.
This commit makes Firefox look for the default profile directory in a
directory relative to the binary path.
The directory can be specified through the --with-relative-data-dir.
This is relative to the same directory as the firefox main binary for
Linux and Windows.
On macOS, we remove Contents/MacOS from it.
Or, in other words, the directory is relative to the application
bundle.
This behavior can be overriden at runtime, by placing a file called
system-install adjacent to the firefox main binary (also on macOS).
- - - - -
cb3d5136 by Pier Angelo Vendrame at 2023-02-08T12:22:36+01:00
fixup! TB3: Tor Browser's official .mozconfigs.
Part of Bug 20497.
Start using the correct macOS relative data directory, instead of
creating it with code, when possible.
- - - - -
7e272b9d by Pier Angelo Vendrame at 2023-02-08T12:22:36+01:00
Bug 13252: Customize profile management on macOS
On macOS we allow both portable mode and system installation.
However, in the latter case, we customize Firefox's directories to
match the hierarchy we use for the portable mode.
Also, display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.
- - - - -
f210d8ca by Pier Angelo Vendrame at 2023-02-08T12:22:37+01:00
fixup! Bug 4234: Use the Firefox Update Process for Tor Browser.
Part of Bug 20497.
Do not use GetAppRootdir. We only need up to .app, so we can query the
path to the firefox executable with the methods Firefox already has.
- - - - -
8 changed files:
- mozconfig-macos-x86_64
- toolkit/xre/nsAppRunner.cpp
- toolkit/xre/nsXREDirProvider.cpp
- toolkit/xre/nsXREDirProvider.h
- − xpcom/io/TorFileUtils.cpp
- − xpcom/io/TorFileUtils.h
- xpcom/io/moz.build
- xpcom/io/nsAppFileLocationProvider.cpp
Changes:
=====================================
mozconfig-macos-x86_64
=====================================
@@ -5,4 +5,5 @@ ac_add_options --enable-strip
# See bug #41131
ac_add_options --disable-update-agent
+ac_add_options --with-relative-data-dir=../TorBrowser-Data/Browser
ac_add_options --enable-tor-browser-data-outside-app-dir
=====================================
toolkit/xre/nsAppRunner.cpp
=====================================
@@ -3099,13 +3099,16 @@ static ReturnAbortOnError ShowProfileManager(
return LaunchChild(false, true);
}
-#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
-static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) {
+#ifdef XP_MACOSX
+static ProfileStatus CheckTorBrowserDataWriteAccess() {
// Check whether we can write to the directory that will contain
// TorBrowser-Data.
+ RefPtr<nsXREDirProvider> singleton = nsXREDirProvider::GetSingleton();
+ if (!singleton) {
+ return PROFILE_STATUS_OTHER_ERROR;
+ }
nsCOMPtr<nsIFile> tbDataDir;
- nsresult rv =
- nsXREDirProvider::GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir));
+ nsresult rv = singleton->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir));
NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
nsCOMPtr<nsIFile> tbDataDirParent;
rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent));
@@ -5081,25 +5084,14 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
}
#endif
-#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \
- defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
- nsCOMPtr<nsIFile> exeFile, exeDir;
- bool persistent;
- rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent,
- getter_AddRefs(exeFile));
- NS_ENSURE_SUCCESS(rv, 1);
- rv = exeFile->GetParent(getter_AddRefs(exeDir));
- NS_ENSURE_SUCCESS(rv, 1);
-#endif
-
rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc));
-#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+#ifdef XP_MACOSX
if (NS_FAILED(rv)) {
// NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error
// if creation of the TorBrowser-Data directory fails due to access denied
// or because of a read-only disk volume. Do an extra check here to detect
// these errors so we can display an informative error message.
- ProfileStatus status = CheckTorBrowserDataWriteAccess(exeDir);
+ ProfileStatus status = CheckTorBrowserDataWriteAccess();
if ((PROFILE_STATUS_ACCESS_DENIED == status) ||
(PROFILE_STATUS_READ_ONLY == status)) {
ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp,
@@ -5216,14 +5208,12 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
if (CheckArg("test-process-updates")) {
SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1");
}
-# ifndef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
nsCOMPtr<nsIFile> exeFile, exeDir;
rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent,
getter_AddRefs(exeFile));
NS_ENSURE_SUCCESS(rv, 1);
rv = exeFile->GetParent(getter_AddRefs(exeDir));
NS_ENSURE_SUCCESS(rv, 1);
-# endif
# ifdef TOR_BROWSER_UPDATE
nsAutoCString compatVersion(TOR_BROWSER_VERSION_QUOTED);
=====================================
toolkit/xre/nsXREDirProvider.cpp
=====================================
@@ -56,8 +56,6 @@
# include "nsIPK11Token.h"
#endif
-#include "TorFileUtils.h"
-
#include <stdlib.h>
#ifdef XP_WIN
@@ -113,6 +111,10 @@ nsIFile* gDataDirHome = nullptr;
nsCOMPtr<nsIFile> gDataDirProfileLocal = nullptr;
nsCOMPtr<nsIFile> gDataDirProfile = nullptr;
+#if defined(RELATIVE_DATA_DIR)
+mozilla::Maybe<nsCOMPtr<nsIFile>> gDataDirPortable;
+#endif
+
// These are required to allow nsXREDirProvider to be usable in xpcshell tests.
// where gAppData is null.
#if defined(XP_MACOSX) || defined(XP_UNIX)
@@ -1205,14 +1207,19 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult,
}
#endif
nsCOMPtr<nsIFile> updRoot;
+ nsCOMPtr<nsIFile> appFile;
+ bool per = false;
+ nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(appFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+
#if defined(TOR_BROWSER_UPDATE)
// For Tor Browser, we store update history, etc. within the UpdateInfo
// directory under the user data directory.
- nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(updRoot));
+ rv = GetTorBrowserUserDataDir(getter_AddRefs(updRoot));
NS_ENSURE_SUCCESS(rv, rv);
rv = updRoot->AppendNative("UpdateInfo"_ns);
NS_ENSURE_SUCCESS(rv, rv);
-# if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+# if defined(XP_MACOSX)
// Since the TorBrowser-Data directory may be shared among different
// installations of the application, embed the app path in the update dir
// so that the update history is partitioned. This is much less likely to
@@ -1220,29 +1227,20 @@ nsresult nsXREDirProvider::GetUpdateRootDir(nsIFile** aResult,
// those platforms include a "container" folder that provides partitioning
// by default, and we do not support use of a shared, OS-recommended area
// for user data on those platforms.
- nsAutoString appDirPath;
- nsCOMPtr<nsIFile> appRootDir;
- rv = GetAppRootDir(getter_AddRefs(appRootDir));
+ nsAutoString appPath;
+ rv = appFile->GetPath(appPath);
NS_ENSURE_SUCCESS(rv, rv);
- rv = appRootDir->GetPath(appDirPath);
- NS_ENSURE_SUCCESS(rv, rv);
-
- int32_t dotIndex = appDirPath.RFind(".app");
+ int32_t dotIndex = appPath.RFind(".app");
if (dotIndex == kNotFound) {
- dotIndex = appDirPath.Length();
+ dotIndex = appPath.Length();
}
- appDirPath = Substring(appDirPath, 1, dotIndex - 1);
- rv = updRoot->AppendRelativePath(appDirPath);
+ appPath = Substring(appPath, 1, dotIndex - 1);
+ rv = updRoot->AppendRelativePath(appPath);
NS_ENSURE_SUCCESS(rv, rv);
# endif
#else // ! TOR_BROWSER_UPDATE
- nsCOMPtr<nsIFile> appFile;
- bool per = false;
- nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(appFile));
- NS_ENSURE_SUCCESS(rv, rv);
rv = appFile->GetParent(getter_AddRefs(updRoot));
NS_ENSURE_SUCCESS(rv, rv);
-
# ifdef XP_MACOSX
nsCOMPtr<nsIFile> appRootDirFile;
nsCOMPtr<nsIFile> localDir;
@@ -1360,6 +1358,91 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile,
return NS_OK;
}
+#if defined(RELATIVE_DATA_DIR)
+nsresult nsXREDirProvider::GetPortableDataDir(nsIFile** aFile,
+ bool& aIsPortable) {
+ if (gDataDirPortable) {
+ if (*gDataDirPortable) {
+ nsresult rv = (*gDataDirPortable)->Clone(aFile);
+ NS_ENSURE_SUCCESS(rv, rv);
+ aIsPortable = true;
+ } else {
+ aIsPortable = false;
+ }
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIFile> exeFile, exeDir;
+ bool persistent = false;
+ nsresult rv =
+ GetFile(XRE_EXECUTABLE_FILE, &persistent, getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = exeFile->Normalize();
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+# if defined(XP_MACOSX)
+ nsAutoString exeDirPath;
+ rv = exeDir->GetPath(exeDirPath);
+ NS_ENSURE_SUCCESS(rv, rv);
+ // When the browser is installed in /Applications, we never run in portable
+ // mode.
+ if (exeDirPath.Find("/Applications/", true /* ignore case */) == 0) {
+ aIsPortable = false;
+ return NS_OK;
+ }
+# endif
+
+ nsCOMPtr<nsIFile> systemInstallFile;
+ rv = exeDir->Clone(getter_AddRefs(systemInstallFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = systemInstallFile->AppendNative("system-install"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ bool exists = false;
+ rv = systemInstallFile->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (exists) {
+ aIsPortable = false;
+ gDataDirPortable.emplace(nullptr);
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIFile> localDir = exeDir;
+# if defined(XP_MACOSX)
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ exeDir = localDir;
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+# endif
+ rv = localDir->SetRelativePath(localDir.get(),
+ nsLiteralCString(RELATIVE_DATA_DIR));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+# if defined(XP_MACOSX)
+ // On macOS we try to create the directory immediately to switch to
+ // system-install mode if needed (e.g., when running from the DMG).
+ rv = localDir->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!exists) {
+ rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
+ if (NS_FAILED(rv)) {
+ aIsPortable = false;
+ return NS_OK;
+ }
+ }
+# endif
+
+ gDataDirPortable.emplace(localDir);
+ rv = (*gDataDirPortable)->Clone(aFile);
+ NS_ENSURE_SUCCESS(rv, rv);
+ aIsPortable = true;
+ return rv;
+}
+#endif
+
nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
bool aLocal) {
// Copied from nsAppFileLocationProvider (more or less)
@@ -1374,38 +1457,40 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
return gDataDirHome->Clone(aFile);
}
-#if defined(RELATIVE_DATA_DIR) || defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
-# ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
- rv = GetTorBrowserUserDataDir(getter_AddRefs(localDir));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = localDir->AppendNative("Browser"_ns);
-# else
+#if defined(RELATIVE_DATA_DIR)
RefPtr<nsXREDirProvider> singleton = GetSingleton();
if (!singleton) {
return NS_ERROR_OUT_OF_MEMORY;
}
- rv = singleton->GetAppRootDir(getter_AddRefs(localDir));
+ bool isPortable = false;
+ rv = singleton->GetPortableDataDir(getter_AddRefs(localDir), isPortable);
NS_ENSURE_SUCCESS(rv, rv);
- nsAutoCString profileDir(RELATIVE_DATA_DIR);
- rv = localDir->SetRelativePath(localDir.get(), profileDir);
- NS_ENSURE_SUCCESS(rv, rv);
-# endif
- if (aLocal) {
- rv = localDir->AppendNative("Caches"_ns);
- NS_ENSURE_SUCCESS(rv, rv);
+ if (isPortable) {
+ if (aLocal) {
+ rv = localDir->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ NS_IF_ADDREF(*aFile = localDir);
+ return rv;
}
-#elif defined(XP_MACOSX)
+#endif
+
+#if defined(XP_MACOSX)
FSRef fsRef;
+# if defined(TOR_BROWSER_VERSION)
+ OSType folderType = kApplicationSupportFolderType;
+# else
OSType folderType;
if (aLocal) {
folderType = kCachedDataFolderType;
} else {
-# ifdef MOZ_THUNDERBIRD
+# ifdef MOZ_THUNDERBIRD
folderType = kDomainLibraryFolderType;
-# else
+# else
folderType = kApplicationSupportFolderType;
-# endif
+# endif
}
+# endif
OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
@@ -1418,6 +1503,17 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
rv = dirFileMac->InitWithFSRef(&fsRef);
NS_ENSURE_SUCCESS(rv, rv);
+# if defined(TOR_BROWSER_VERSION)
+ rv = dirFileMac->AppendNative("TorBrowser-Data"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = dirFileMac->AppendNative("Browser"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (aLocal) {
+ rv = dirFileMac->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+# endif
+
localDir = dirFileMac;
#elif defined(XP_IOS)
nsAutoCString userDir;
@@ -1537,37 +1633,6 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) {
return NS_OK;
}
-nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) {
- NS_ENSURE_ARG_POINTER(aFile);
- nsCOMPtr<nsIFile> appRootDir;
- RefPtr<nsXREDirProvider> singleton = GetSingleton();
- if (!singleton) {
- return NS_ERROR_OUT_OF_MEMORY;
- }
- nsresult rv = singleton->GetAppRootDir(getter_AddRefs(appRootDir));
- NS_ENSURE_SUCCESS(rv, rv);
- return TorBrowser_GetUserDataDir(appRootDir, aFile);
-}
-
-nsresult nsXREDirProvider::GetAppRootDir(nsIFile** aFile) {
- bool persistent = false;
- nsCOMPtr<nsIFile> file, appRootDir;
- nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &persistent, getter_AddRefs(file));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = file->Normalize();
- NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1;
-#if defined(XP_MACOSX)
- levelsToRemove += 2;
-#endif
- while (levelsToRemove-- > 0) {
- rv = file->GetParent(getter_AddRefs(appRootDir));
- NS_ENSURE_SUCCESS(rv, rv);
- file = appRootDir;
- }
- return appRootDir->Clone(aFile);
-}
-
nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) {
nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700);
@@ -1618,6 +1683,13 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
return NS_OK;
}
+#if defined(RELATIVE_DATA_DIR)
+ if (gDataDirPortable && *gDataDirPortable) {
+ // Do nothing in portable mode
+ return NS_OK;
+ }
+#endif
+
nsAutoCString profile;
nsAutoCString appName;
nsAutoCString vendor;
@@ -1631,29 +1703,29 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
nsresult rv = NS_OK;
#if defined(XP_MACOSX)
+# ifndef TOR_BROWSER_VERSION
+ // For Tor Browser we already prepare the data directory as we need it, even
+ // when we are running a system install.
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
-# ifndef RELATIVE_DATA_DIR
} else {
// Note that MacOS ignores the vendor when creating the profile hierarchy -
// all application preferences directories live alongside one another in
// ~/Library/Application Support/
rv = aFile->AppendNative(appName);
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
+# endif
#elif defined(XP_WIN)
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
-# ifndef RELATIVE_DATA_DIR
} else {
if (!vendor.IsEmpty()) {
rv = aFile->AppendNative(vendor);
NS_ENSURE_SUCCESS(rv, rv);
}
rv = aFile->AppendNative(appName);
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
@@ -1668,26 +1740,21 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
nsAutoCString folder;
// Make it hidden (by starting with "."), except when local (the
// profile is already under ~/.cache or XDG_CACHE_HOME).
-# ifndef RELATIVE_DATA_DIR
if (!aLocal) folder.Assign('.');
-# endif
if (!profile.IsEmpty()) {
// Skip any leading path characters
const char* profileStart = profile.get();
while (*profileStart == '/' || *profileStart == '\\') profileStart++;
-# ifndef RELATIVE_DATA_DIR
// On the off chance that someone wanted their folder to be hidden don't
// let it become ".."
if (*profileStart == '.' && !aLocal) profileStart++;
-# endif
folder.Append(profileStart);
ToLowerCase(folder);
rv = AppendProfileString(aFile, folder.BeginReading());
-# ifndef RELATIVE_DATA_DIR
} else {
if (!vendor.IsEmpty()) {
folder.Append(vendor);
@@ -1706,7 +1773,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
rv = aFile->AppendNative(folder);
}
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
@@ -1734,3 +1800,21 @@ nsresult nsXREDirProvider::AppendProfileString(nsIFile* aFile,
return NS_OK;
}
+
+nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) {
+#ifdef ANDROID
+ // We expect this function not to be called on Android.
+ // But, for sake of completeness, we handle also this case.
+ const char* homeDir = getenv("HOME");
+ if (!homeDir || !*homeDir) {
+ return NS_ERROR_FAILURE;
+ }
+ return NS_NewNativeLocalFile(nsDependentCString(homeDir), true, aFile);
+#endif
+
+ NS_ENSURE_ARG_POINTER(aFile);
+ nsCOMPtr<nsIFile> dataDir;
+ nsresult rv = GetUserDataDirectoryHome(getter_AddRefs(dataDir), false);
+ NS_ENSURE_SUCCESS(rv, rv);
+ return dataDir->GetParent(aFile);
+}
=====================================
toolkit/xre/nsXREDirProvider.h
=====================================
@@ -110,18 +110,11 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
nsresult GetProfileDir(nsIFile** aResult);
/**
- * Get the TorBrowser user data directory by calling the
- * TorBrowser_GetUserDataDir() utility function.
+ * Get the Tor Browser user data directory.
+ * We take for granted that for Tor Browser we can take the parent directory
+ * of the one returned by GetUserDataDirectoryHome (with aLocal = false).
*/
- static nsresult GetTorBrowserUserDataDir(nsIFile** aFile);
-
- /**
- * Get the path to the base application directory.
- *
- * In almost all platforms it is the directory that contains the Firefox
- * executable; on macOS we remove also Contents/MacOS from it.
- */
- nsresult GetAppRootDir(nsIFile** aFile);
+ nsresult GetTorBrowserUserDataDir(nsIFile** aFile);
protected:
nsresult GetFilesInternal(const char* aProperty,
@@ -169,6 +162,14 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
private:
static nsresult SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile,
bool aLocal);
+
+#if defined(RELATIVE_DATA_DIR)
+ /**
+ * Get the path to the portable data dir, if the application is running in
+ * portable mode.
+ */
+ nsresult GetPortableDataDir(nsIFile** aFile, bool& aIsPortable);
+#endif
};
#endif
=====================================
xpcom/io/TorFileUtils.cpp deleted
=====================================
@@ -1,96 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "TorFileUtils.h"
-#include "nsString.h"
-#ifdef MOZ_WIDGET_COCOA
-# include <Carbon/Carbon.h>
-# include "nsILocalFileMac.h"
-#endif
-
-nsresult TorBrowser_GetUserDataDir(nsIFile* aAppDir, nsIFile** aFile) {
- NS_ENSURE_ARG_POINTER(aFile);
- nsCOMPtr<nsIFile> tbDataDir;
-
-#ifdef ANDROID
- const char* homeDir = getenv("HOME");
- if (!homeDir || !*homeDir) return NS_ERROR_FAILURE;
- nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
- getter_AddRefs(tbDataDir));
- NS_ENSURE_SUCCESS(rv, rv);
-#elif defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
- nsAutoCString tbDataLeafName("TorBrowser-Data"_ns);
-# ifndef XP_MACOSX
- // On all platforms except Mac OS, we always operate in a "portable" mode
- // where the TorBrowser-Data directory is located next to the application.
- nsresult rv = aAppDir->GetParent(getter_AddRefs(tbDataDir));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = tbDataDir->AppendNative(tbDataLeafName);
- NS_ENSURE_SUCCESS(rv, rv);
-# else
- // For Mac OS, determine whether we should store user data in the OS's
- // standard location (i.e., under ~/Library/Application Support). We use
- // the OS location if (1) the application is installed in a directory whose
- // path contains "/Applications" or (2) the TorBrowser-Data directory does
- // not exist and cannot be created (which probably means we lack write
- // permission to the directory that contains the application).
- nsAutoString appRootPath;
- nsresult rv = aAppDir->GetPath(appRootPath);
- NS_ENSURE_SUCCESS(rv, rv);
- bool useOSLocation =
- (appRootPath.Find("/Applications", true /* ignore case */) >= 0);
- if (!useOSLocation) {
- // We hope to use the portable (aka side-by-side) approach, but before we
- // commit to that, let's ensure that we can create the TorBrowser-Data
- // directory. If it already exists, we will try to use it; if not and we
- // fail to create it, we will switch to ~/Library/Application Support.
- rv = aAppDir->GetParent(getter_AddRefs(tbDataDir));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = tbDataDir->AppendNative(tbDataLeafName);
- NS_ENSURE_SUCCESS(rv, rv);
- bool exists = false;
- rv = tbDataDir->Exists(&exists);
- if (NS_SUCCEEDED(rv) && !exists)
- rv = tbDataDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
- useOSLocation = NS_FAILED(rv);
- }
-
- if (useOSLocation) {
- // We are using ~/Library/Application Support/TorBrowser-Data. We do not
- // need to create that directory here because the code in nsXREDirProvider
- // will do so (and the user should always have write permission for
- // ~/Library/Application Support; if they do not we have no more options).
- FSRef fsRef;
- OSErr err = ::FSFindFolder(kUserDomain, kApplicationSupportFolderType,
- kCreateFolder, &fsRef);
- NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
- // To convert the FSRef returned by FSFindFolder() into an nsIFile that
- // points to ~/Library/Application Support, we first create an empty
- // nsIFile object (no path) and then use InitWithFSRef() to set the
- // path.
- rv = NS_NewNativeLocalFile(""_ns, true, getter_AddRefs(tbDataDir));
- NS_ENSURE_SUCCESS(rv, rv);
- nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(tbDataDir);
- if (!dirFileMac) return NS_ERROR_UNEXPECTED;
- rv = dirFileMac->InitWithFSRef(&fsRef);
- NS_ENSURE_SUCCESS(rv, rv);
- rv = tbDataDir->AppendNative(tbDataLeafName);
- NS_ENSURE_SUCCESS(rv, rv);
- }
-# endif
-
-#else
- // User data is embedded within the application directory (i.e.,
- // TOR_BROWSER_DATA_OUTSIDE_APP_DIR is not defined).
- nsresult rv = aAppDir->Clone(getter_AddRefs(tbDataDir));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = tbDataDir->AppendNative("TorBrowser"_ns);
- NS_ENSURE_SUCCESS(rv, rv);
-#endif
-
- tbDataDir.forget(aFile);
- return NS_OK;
-}
=====================================
xpcom/io/TorFileUtils.h deleted
=====================================
@@ -1,32 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef TorFileUtils_h__
-#define TorFileUtils_h__
-
-#include "nsIFile.h"
-
-/**
- * TorBrowser_GetUserDataDir
- *
- * Retrieve the Tor Browser user data directory.
- * When built with --enable-tor-browser-data-outside-app-dir, the directory
- * is next to the application directory, except on Mac OS where it may be
- * there or it may be at ~/Library/Application Support/TorBrowser-Data (the
- * latter location is used if the .app bundle is in a directory whose path
- * contains /Applications or if we lack write access to the directory that
- * contains the .app).
- * When built without --enable-tor-browser-data-outside-app-dir, this
- * directory is TorBrowser.app/TorBrowser.
- *
- * @param aAppDir The path to Tor Browser directory
- * @param aFile Out parameter that is set to the Tor Browser user data
- * directory.
- * @return NS_OK on success. Error otherwise.
- */
-extern nsresult TorBrowser_GetUserDataDir(nsIFile* aAppDir, nsIFile** aFile);
-
-#endif // !TorFileUtils_h__
=====================================
xpcom/io/moz.build
=====================================
@@ -86,7 +86,6 @@ EXPORTS += [
"nsUnicharInputStream.h",
"nsWildCard.h",
"SpecialSystemDirectory.h",
- "TorFileUtils.h",
]
EXPORTS.mozilla += [
@@ -137,10 +136,6 @@ UNIFIED_SOURCES += [
"SpecialSystemDirectory.cpp",
]
-SOURCES += [
- "TorFileUtils.cpp",
-]
-
if CONFIG["MOZ_WIDGET_TOOLKIT"] == "cocoa":
SOURCES += [
"CocoaFileUtils.mm",
=====================================
xpcom/io/nsAppFileLocationProvider.cpp
=====================================
@@ -27,8 +27,6 @@
# include <sys/param.h>
#endif
-#include "TorFileUtils.h"
-
// WARNING: These hard coded names need to go away. They need to
// come from localizable resources
@@ -231,66 +229,137 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) {
return NS_OK;
}
-//----------------------------------------------------------------------------------------
-// GetProductDirectory - Gets the directory which contains the application data
-// folder
-//
-// UNIX : ~/.mozilla/
-// WIN : <Application Data folder on user's machine>\Mozilla
-// Mac : :Documents:Mozilla:
-//----------------------------------------------------------------------------------------
-nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
- bool aLocal) {
- if (NS_WARN_IF(!aLocalFile)) {
- return NS_ERROR_INVALID_ARG;
- }
+#ifdef RELATIVE_DATA_DIR
+static nsresult SetupPortableMode(nsIFile** aDirectory, bool aLocal,
+ bool& aIsPortable) {
+ // This is almost the same as nsXREDirProvider::GetPortableDataDir.
+ // However, it seems that this is never called, at least during simple usage
+ // of the browser.
nsresult rv = NS_ERROR_UNEXPECTED;
- bool exists;
- nsCOMPtr<nsIFile> localDir;
-
-#if defined(RELATIVE_DATA_DIR) || defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
nsCOMPtr<nsIProperties> directoryService(
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv));
NS_ENSURE_SUCCESS(rv, rv);
-
- bool persistent = false;
- nsCOMPtr<nsIFile> file, appRootDir;
+ nsCOMPtr<nsIFile> exeFile, exeDir;
rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile),
- getter_AddRefs(file));
+ getter_AddRefs(exeFile));
+ rv = exeFile->Normalize();
NS_ENSURE_SUCCESS(rv, rv);
- rv = file->Normalize();
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1;
+
# if defined(XP_MACOSX)
- levelsToRemove += 2;
+ nsAutoString exeDirPath;
+ rv = exeDir->GetPath(exeDirPath);
+ NS_ENSURE_SUCCESS(rv, rv);
+ // When the browser is installed in /Applications, we never run in portable
+ // mode.
+ if (exeDirPath.Find("/Applications/", true /* ignore case */) == 0) {
+ aIsPortable = false;
+ return NS_OK;
+ }
# endif
- while (levelsToRemove-- > 0) {
- rv = file->GetParent(getter_AddRefs(appRootDir));
- NS_ENSURE_SUCCESS(rv, rv);
- file = appRootDir;
+
+ nsCOMPtr<nsIFile> systemInstallFile;
+ rv = exeDir->Clone(getter_AddRefs(systemInstallFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = systemInstallFile->AppendNative("system-install"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ bool exists = false;
+ rv = systemInstallFile->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (exists) {
+ aIsPortable = false;
+ return NS_OK;
}
-# ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
- rv = TorBrowser_GetUserDataDir(appRootDir, getter_AddRefs(localDir));
+ nsCOMPtr<nsIFile> localDir = exeDir;
+# if defined(XP_MACOSX)
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
- rv = localDir->AppendNative("Browser"_ns);
-# else
- localDir = appRootDir;
- nsAutoCString profileDir(RELATIVE_DATA_DIR);
- rv = localDir->SetRelativePath(localDir.get(), profileDir);
-# endif
+ exeDir = localDir;
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
+# endif
+ rv = localDir->SetRelativePath(localDir.get(),
+ nsLiteralCString(RELATIVE_DATA_DIR));
+ NS_ENSURE_SUCCESS(rv, rv);
if (aLocal) {
rv = localDir->AppendNative("Caches"_ns);
NS_ENSURE_SUCCESS(rv, rv);
}
-#elif defined(MOZ_WIDGET_COCOA)
+ rv = localDir->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!exists) {
+ rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
+# if defined(XP_MACOSX)
+ if (NS_FAILED(rv)) {
+ // On macOS, we forgive this failure to allow running from the DMG..
+ aIsPortable = false;
+ return NS_OK;
+ }
+# else
+ NS_ENSURE_SUCCESS(rv, rv);
+# endif
+ }
+
+ localDir.forget(aDirectory);
+ aIsPortable = true;
+ return rv;
+}
+#endif
+
+//----------------------------------------------------------------------------------------
+// GetProductDirectory - Gets the directory which contains the application data
+// folder
+//
+// If portable mode is enabled:
+// - aLocal == false: $APP_ROOT/$RELATIVE_DATA_DIR
+// - aLocal == true: $APP_ROOT/$RELATIVE_DATA_DIR/Caches
+// where $APP_ROOT is:
+// - the parent directory of the executable on Windows and Linux
+// - the root of the app bundle on macOS
+//
+// Otherwise:
+// - Windows:
+// - aLocal == false: %APPDATA%/$MOZ_USER_DIR
+// - aLocal == true: %LOCALAPPDATA%/$MOZ_USER_DIR
+// - macOS:
+// - aLocal == false: kDomainLibraryFolderType/$MOZ_USER_DIR
+// - aLocal == true: kCachedDataFolderType/$MOZ_USER_DIR
+// - Unix: ~/$MOZ_USER_DIR
+//----------------------------------------------------------------------------------------
+nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
+ bool aLocal) {
+ if (NS_WARN_IF(!aLocalFile)) {
+ return NS_ERROR_INVALID_ARG;
+ }
+
+ nsresult rv = NS_ERROR_UNEXPECTED;
+ bool exists;
+ nsCOMPtr<nsIFile> localDir;
+
+#if defined(RELATIVE_DATA_DIR)
+ bool isPortable = false;
+ rv = SetupPortableMode(aLocalFile, aLocal, isPortable);
+ // If portable mode is enabled, we absolutely want it (e.g., to be sure there
+ // will not be disk leaks), so a failure is to be propagated.
+ if (NS_FAILED(rv) || isPortable) {
+ return rv;
+ }
+#endif
+
+#if defined(MOZ_WIDGET_COCOA)
FSRef fsRef;
+# if defined(TOR_BROWSER_VERSION)
+ OSType folderType = kApplicationSupportFolderType;
+# else
OSType folderType =
aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType;
+# endif
OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
if (err) {
return NS_ERROR_FAILURE;
@@ -304,6 +373,17 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
if (NS_FAILED(rv)) {
return rv;
}
+
+# if defined(TOR_BROWSER_VERSION)
+ rv = localDir->AppendNative("TorBrowser-Data"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = localDir->AppendNative("Browser"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (aLocal) {
+ rv = localDir->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+# endif
#elif defined(XP_WIN)
nsCOMPtr<nsIProperties> directoryService =
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
@@ -326,7 +406,7 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
# error dont_know_how_to_get_product_dir_on_your_platform
#endif
-#if !defined(RELATIVE_DATA_DIR) && !defined(TOR_BROWSER_VERSION)
+#if !defined(TOR_BROWSER_VERSION)
rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR);
if (NS_FAILED(rv)) {
return rv;
@@ -350,6 +430,11 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
//----------------------------------------------------------------------------------------
// GetDefaultUserProfileRoot - Gets the directory which contains each user
// profile dir
+//
+// - Windows and macOS: $PRODUCT_DIRECTORY/Profiles
+// - Unix: $PRODUCT_DIRECTORY
+// See also GetProductDirectory for instructions on how $PRODUCT_DIRECTORY is
+// generated.
//----------------------------------------------------------------------------------------
nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot(
nsIFile** aLocalFile, bool aLocal) {
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/93a409…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/93a409…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.5-1] 2 commits: Revert "Bug 9173: Change the default Firefox profile directory to be relative."
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed to branch base-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
d41058d1 by Pier Angelo Vendrame at 2023-02-08T12:20:09+01:00
Revert "Bug 9173: Change the default Firefox profile directory to be relative."
This reverts commit 0ef716110c63ffa26a2c9b29cd954f2c971b5178.
- - - - -
9357ba91 by Pier Angelo Vendrame at 2023-02-08T12:20:18+01:00
Bug 9173: Change the default Firefox profile directory to be relative.
This commit makes Firefox look for the default profile directory in a
directory relative to the binary path.
The directory can be specified through the --with-relative-data-dir.
This is relative to the same directory as the firefox main binary for
Linux and Windows.
On macOS, we remove Contents/MacOS from it.
Or, in other words, the directory is relative to the application
bundle.
This behavior can be overriden at runtime, by placing a file called
system-install adjacent to the firefox main binary (also on macOS).
- - - - -
3 changed files:
- toolkit/xre/nsXREDirProvider.cpp
- toolkit/xre/nsXREDirProvider.h
- xpcom/io/nsAppFileLocationProvider.cpp
Changes:
=====================================
toolkit/xre/nsXREDirProvider.cpp
=====================================
@@ -111,6 +111,10 @@ nsIFile* gDataDirHome = nullptr;
nsCOMPtr<nsIFile> gDataDirProfileLocal = nullptr;
nsCOMPtr<nsIFile> gDataDirProfile = nullptr;
+#if defined(RELATIVE_DATA_DIR)
+mozilla::Maybe<nsCOMPtr<nsIFile>> gDataDirPortable;
+#endif
+
// These are required to allow nsXREDirProvider to be usable in xpcshell tests.
// where gAppData is null.
#if defined(XP_MACOSX) || defined(XP_UNIX)
@@ -1324,6 +1328,91 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile,
return NS_OK;
}
+#if defined(RELATIVE_DATA_DIR)
+nsresult nsXREDirProvider::GetPortableDataDir(nsIFile** aFile,
+ bool& aIsPortable) {
+ if (gDataDirPortable) {
+ if (*gDataDirPortable) {
+ nsresult rv = (*gDataDirPortable)->Clone(aFile);
+ NS_ENSURE_SUCCESS(rv, rv);
+ aIsPortable = true;
+ } else {
+ aIsPortable = false;
+ }
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIFile> exeFile, exeDir;
+ bool persistent = false;
+ nsresult rv =
+ GetFile(XRE_EXECUTABLE_FILE, &persistent, getter_AddRefs(exeFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = exeFile->Normalize();
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+#if defined(XP_MACOSX)
+ nsAutoString exeDirPath;
+ rv = exeDir->GetPath(exeDirPath);
+ NS_ENSURE_SUCCESS(rv, rv);
+ // When the browser is installed in /Applications, we never run in portable
+ // mode.
+ if (exeDirPath.Find("/Applications/", true /* ignore case */) == 0) {
+ aIsPortable = false;
+ return NS_OK;
+ }
+#endif
+
+ nsCOMPtr<nsIFile> systemInstallFile;
+ rv = exeDir->Clone(getter_AddRefs(systemInstallFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = systemInstallFile->AppendNative("system-install"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ bool exists = false;
+ rv = systemInstallFile->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (exists) {
+ aIsPortable = false;
+ gDataDirPortable.emplace(nullptr);
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIFile> localDir = exeDir;
+#if defined(XP_MACOSX)
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ exeDir = localDir;
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+#endif
+ rv = localDir->SetRelativePath(localDir.get(),
+ nsLiteralCString(RELATIVE_DATA_DIR));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+#if defined(XP_MACOSX)
+ // On macOS we try to create the directory immediately to switch to
+ // system-install mode if needed (e.g., when running from the DMG).
+ rv = localDir->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!exists) {
+ rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
+ if (NS_FAILED(rv)) {
+ aIsPortable = false;
+ return NS_OK;
+ }
+ }
+#endif
+
+ gDataDirPortable.emplace(localDir);
+ rv = (*gDataDirPortable)->Clone(aFile);
+ NS_ENSURE_SUCCESS(rv, rv);
+ aIsPortable = true;
+ return rv;
+}
+#endif
+
nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
bool aLocal) {
// Copied from nsAppFileLocationProvider (more or less)
@@ -1343,16 +1432,20 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
if (!singleton) {
return NS_ERROR_OUT_OF_MEMORY;
}
- rv = singleton->GetAppRootDir(getter_AddRefs(localDir));
- NS_ENSURE_SUCCESS(rv, rv);
- nsAutoCString profileDir(RELATIVE_DATA_DIR);
- rv = localDir->SetRelativePath(localDir.get(), profileDir);
+ bool isPortable = false;
+ rv = singleton->GetPortableDataDir(getter_AddRefs(localDir), isPortable);
NS_ENSURE_SUCCESS(rv, rv);
- if (aLocal) {
- rv = localDir->AppendNative("Caches"_ns);
- NS_ENSURE_SUCCESS(rv, rv);
+ if (isPortable) {
+ if (aLocal) {
+ rv = localDir->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+ }
+ NS_IF_ADDREF(*aFile = localDir);
+ return rv;
}
-#elif defined(XP_MACOSX)
+#endif
+
+#if defined(XP_MACOSX)
FSRef fsRef;
OSType folderType;
if (aLocal) {
@@ -1495,25 +1588,6 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) {
return NS_OK;
}
-nsresult nsXREDirProvider::GetAppRootDir(nsIFile** aFile) {
- bool persistent = false;
- nsCOMPtr<nsIFile> file, appRootDir;
- nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &persistent, getter_AddRefs(file));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = file->Normalize();
- NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1;
-#if defined(XP_MACOSX)
- levelsToRemove += 2;
-#endif
- while (levelsToRemove-- > 0) {
- rv = file->GetParent(getter_AddRefs(appRootDir));
- NS_ENSURE_SUCCESS(rv, rv);
- file = appRootDir;
- }
- return appRootDir->Clone(aFile);
-}
-
nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) {
nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700);
@@ -1564,6 +1638,13 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
return NS_OK;
}
+#if defined(RELATIVE_DATA_DIR)
+ if (gDataDirPortable && *gDataDirPortable) {
+ // Do nothing in portable mode
+ return NS_OK;
+ }
+#endif
+
nsAutoCString profile;
nsAutoCString appName;
nsAutoCString vendor;
@@ -1579,27 +1660,23 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
#if defined(XP_MACOSX)
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
-# ifndef RELATIVE_DATA_DIR
} else {
// Note that MacOS ignores the vendor when creating the profile hierarchy -
// all application preferences directories live alongside one another in
// ~/Library/Application Support/
rv = aFile->AppendNative(appName);
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
#elif defined(XP_WIN)
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
-# ifndef RELATIVE_DATA_DIR
} else {
if (!vendor.IsEmpty()) {
rv = aFile->AppendNative(vendor);
NS_ENSURE_SUCCESS(rv, rv);
}
rv = aFile->AppendNative(appName);
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
@@ -1614,26 +1691,21 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
nsAutoCString folder;
// Make it hidden (by starting with "."), except when local (the
// profile is already under ~/.cache or XDG_CACHE_HOME).
-# ifndef RELATIVE_DATA_DIR
if (!aLocal) folder.Assign('.');
-# endif
if (!profile.IsEmpty()) {
// Skip any leading path characters
const char* profileStart = profile.get();
while (*profileStart == '/' || *profileStart == '\\') profileStart++;
-# ifndef RELATIVE_DATA_DIR
// On the off chance that someone wanted their folder to be hidden don't
// let it become ".."
if (*profileStart == '.' && !aLocal) profileStart++;
-# endif
folder.Append(profileStart);
ToLowerCase(folder);
rv = AppendProfileString(aFile, folder.BeginReading());
-# ifndef RELATIVE_DATA_DIR
} else {
if (!vendor.IsEmpty()) {
folder.Append(vendor);
@@ -1652,7 +1724,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
rv = aFile->AppendNative(folder);
}
-# endif
}
NS_ENSURE_SUCCESS(rv, rv);
=====================================
toolkit/xre/nsXREDirProvider.h
=====================================
@@ -109,14 +109,6 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
*/
nsresult GetProfileDir(nsIFile** aResult);
- /**
- * Get the path to the base application directory.
- *
- * In almost all platforms it is the directory that contains the Firefox
- * executable; on macOS we remove also Contents/MacOS from it.
- */
- nsresult GetAppRootDir(nsIFile** aFile);
-
protected:
nsresult GetFilesInternal(const char* aProperty,
nsISimpleEnumerator** aResult);
@@ -163,6 +155,14 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
private:
static nsresult SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile,
bool aLocal);
+
+#if defined(RELATIVE_DATA_DIR)
+ /**
+ * Get the path to the portable data dir, if the application is running in
+ * portable mode.
+ */
+ nsresult GetPortableDataDir(nsIFile** aFile, bool& aIsPortable);
+#endif
};
#endif
=====================================
xpcom/io/nsAppFileLocationProvider.cpp
=====================================
@@ -229,57 +229,130 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) {
return NS_OK;
}
-//----------------------------------------------------------------------------------------
-// GetProductDirectory - Gets the directory which contains the application data
-// folder
-//
-// UNIX : ~/.mozilla/
-// WIN : <Application Data folder on user's machine>\Mozilla
-// Mac : :Documents:Mozilla:
-//----------------------------------------------------------------------------------------
-nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
- bool aLocal) {
- if (NS_WARN_IF(!aLocalFile)) {
- return NS_ERROR_INVALID_ARG;
- }
+#ifdef RELATIVE_DATA_DIR
+static nsresult SetupPortableMode(nsIFile** aDirectory, bool aLocal,
+ bool& aIsPortable) {
+ // This is almost the same as nsXREDirProvider::GetPortableDataDir.
+ // However, it seems that this is never called, at least during simple usage
+ // of the browser.
nsresult rv = NS_ERROR_UNEXPECTED;
- bool exists;
- nsCOMPtr<nsIFile> localDir;
-
-#if defined(RELATIVE_DATA_DIR)
nsCOMPtr<nsIProperties> directoryService(
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv));
NS_ENSURE_SUCCESS(rv, rv);
-
- bool persistent = false;
- nsCOMPtr<nsIFile> file, appRootDir;
+ nsCOMPtr<nsIFile> exeFile, exeDir;
rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile),
- getter_AddRefs(file));
+ getter_AddRefs(exeFile));
+ rv = exeFile->Normalize();
NS_ENSURE_SUCCESS(rv, rv);
- rv = file->Normalize();
+ rv = exeFile->GetParent(getter_AddRefs(exeDir));
NS_ENSURE_SUCCESS(rv, rv);
- int levelsToRemove = 1;
+
# if defined(XP_MACOSX)
- levelsToRemove += 2;
+ nsAutoString exeDirPath;
+ rv = exeDir->GetPath(exeDirPath);
+ NS_ENSURE_SUCCESS(rv, rv);
+ // When the browser is installed in /Applications, we never run in portable
+ // mode.
+ if (exeDirPath.Find("/Applications/", true /* ignore case */) == 0) {
+ aIsPortable = false;
+ return NS_OK;
+ }
# endif
- while (levelsToRemove-- > 0) {
- rv = file->GetParent(getter_AddRefs(appRootDir));
- NS_ENSURE_SUCCESS(rv, rv);
- file = appRootDir;
+
+ nsCOMPtr<nsIFile> systemInstallFile;
+ rv = exeDir->Clone(getter_AddRefs(systemInstallFile));
+ NS_ENSURE_SUCCESS(rv, rv);
+ rv = systemInstallFile->AppendNative("system-install"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ bool exists = false;
+ rv = systemInstallFile->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (exists) {
+ aIsPortable = false;
+ return NS_OK;
}
- localDir = appRootDir;
- nsAutoCString profileDir(RELATIVE_DATA_DIR);
- rv = localDir->SetRelativePath(localDir.get(), profileDir);
+ nsCOMPtr<nsIFile> localDir = exeDir;
+# if defined(XP_MACOSX)
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
+ exeDir = localDir;
+ rv = exeDir->GetParent(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+# endif
+ rv = localDir->SetRelativePath(localDir.get(),
+ nsLiteralCString(RELATIVE_DATA_DIR));
+ NS_ENSURE_SUCCESS(rv, rv);
if (aLocal) {
rv = localDir->AppendNative("Caches"_ns);
NS_ENSURE_SUCCESS(rv, rv);
}
-#elif defined(MOZ_WIDGET_COCOA)
+ rv = localDir->Exists(&exists);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!exists) {
+ rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0700);
+# if defined(XP_MACOSX)
+ if (NS_FAILED(rv)) {
+ // On macOS, we forgive this failure to allow running from the DMG.
+ aIsPortable = false;
+ return NS_OK;
+ }
+# else
+ NS_ENSURE_SUCCESS(rv, rv);
+# endif
+ }
+
+ localDir.forget(aDirectory);
+ aIsPortable = true;
+ return rv;
+}
+#endif
+
+//----------------------------------------------------------------------------------------
+// GetProductDirectory - Gets the directory which contains the application data
+// folder
+//
+// If portable mode is enabled:
+// - aLocal == false: $APP_ROOT/$RELATIVE_DATA_DIR
+// - aLocal == true: $APP_ROOT/$RELATIVE_DATA_DIR/Caches
+// where $APP_ROOT is:
+// - the parent directory of the executable on Windows and Linux
+// - the root of the app bundle on macOS
+//
+// Otherwise:
+// - Windows:
+// - aLocal == false: %APPDATA%/$MOZ_USER_DIR
+// - aLocal == true: %LOCALAPPDATA%/$MOZ_USER_DIR
+// - macOS:
+// - aLocal == false: kDomainLibraryFolderType/$MOZ_USER_DIR
+// - aLocal == true: kCachedDataFolderType/$MOZ_USER_DIR
+// - Unix: ~/$MOZ_USER_DIR
+//----------------------------------------------------------------------------------------
+nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
+ bool aLocal) {
+ if (NS_WARN_IF(!aLocalFile)) {
+ return NS_ERROR_INVALID_ARG;
+ }
+
+ nsresult rv = NS_ERROR_UNEXPECTED;
+ bool exists;
+ nsCOMPtr<nsIFile> localDir;
+
+#if defined(RELATIVE_DATA_DIR)
+ bool isPortable = false;
+ rv = SetupPortableMode(aLocalFile, aLocal, isPortable);
+ // If portable mode is enabled, we absolutely want it (e.g., to be sure there
+ // will not be disk leaks), so a failure is to be propagated.
+ if (NS_FAILED(rv) || isPortable) {
+ return rv;
+ }
+#endif
+
+#if defined(MOZ_WIDGET_COCOA)
FSRef fsRef;
OSType folderType =
aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType;
@@ -318,12 +391,10 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
# error dont_know_how_to_get_product_dir_on_your_platform
#endif
-#if !defined(RELATIVE_DATA_DIR)
rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR);
if (NS_FAILED(rv)) {
return rv;
}
-#endif
rv = localDir->Exists(&exists);
if (NS_SUCCEEDED(rv) && !exists) {
@@ -342,6 +413,11 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
//----------------------------------------------------------------------------------------
// GetDefaultUserProfileRoot - Gets the directory which contains each user
// profile dir
+//
+// - Windows and macOS: $PRODUCT_DIRECTORY/Profiles
+// - Unix: $PRODUCT_DIRECTORY
+// See also GetProductDirectory for instructions on how $PRODUCT_DIRECTORY is
+// generated.
//----------------------------------------------------------------------------------------
nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot(
nsIFile** aLocalFile, bool aLocal) {
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2bbd22…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2bbd22…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][tor-browser-102.7.0esr-12.5-1] 5 commits: dropme! Partial revert of "Bug 10760: Integrate TorButton to TorBrowser core"
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed to branch tor-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
feffd625 by Henry Wilkes at 2023-02-08T10:21:04+00:00
dropme! Partial revert of "Bug 10760: Integrate TorButton to TorBrowser core"
Bug 41609: Revert the activity stream changes.
- - - - -
6cd4fa5a by Henry Wilkes at 2023-02-08T10:21:05+00:00
fixup! Firefox preference overrides.
Bug 41609: Set home page and new tab to about:blank in base-browser.
- - - - -
ed354cc8 by Henry Wilkes at 2023-02-08T10:21:38+00:00
Bug 31575: Disable Firefox Home (Activity Stream)
Treat about:blank as the default home page and new tab page.
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need.
- - - - -
6793375e by Henry Wilkes at 2023-02-08T10:22:35+00:00
fixup! Bug 10760: Integrate TorButton to TorBrowser core
Bug 41609: Change the default home page from about:blank to about:tor
- - - - -
93a409f1 by Henry Wilkes at 2023-02-08T10:22:36+00:00
amend! Bug 10760: Integrate TorButton to TorBrowser core
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
Bug 31575: Replace Firefox Home (newtab) with about:tor
- - - - -
3 changed files:
- browser/app/profile/001-base-profile.js
- browser/components/BrowserGlue.jsm
- browser/components/preferences/home.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -4,6 +4,11 @@
// Use the OS locale by default (tor-browser#17400)
pref("intl.locale.requested", "");
+// Home page and new tab is blank rather than Firefox Home (Activity Stream).
+// tor-browser#31575 and tor-browser#30662
+pref("browser.startup.homepage", "about:blank");
+pref("browser.newtabpage.enabled", false);
+
// Disable initial homepage notifications
pref("browser.search.update", false);
pref("startup.homepage_welcome_url", "");
@@ -151,7 +156,6 @@ pref("services.sync.engine.passwords", false);
pref("services.sync.engine.prefs", false);
pref("services.sync.engine.tabs", false);
pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
-pref("browser.newtabpage.enabled", false);
pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254)
pref("browser.search.geoip.url", "");
pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups
=====================================
browser/components/BrowserGlue.jsm
=====================================
@@ -5899,7 +5899,7 @@ var AboutHomeStartupCache = {
return { pageInputStream: null, scriptInputStream: null };
}
- this.log.error("Activity Stream is disabled in Tor Browser.");
+ this.log.error("Activity Stream is disabled.");
return { pageInputStream: null, scriptInputStream: null };
},
=====================================
browser/components/preferences/home.js
=====================================
@@ -380,10 +380,14 @@ var gHomePane = {
if (controllingExtension && controllingExtension.id) {
newValue = controllingExtension.id;
- } else if (isDefault) {
- newValue = this.HOME_MODE_FIREFOX_HOME;
} else if (isBlank) {
+ // For base-browser, we want to check isBlank first since the default page
+ // is also the blank page, but we only have a menu option for
+ // HOME_MODE_BLANK, rather than HOME_MODE_FIREFOX_HOME.
+ // See tor-browser#41609.
newValue = this.HOME_MODE_BLANK;
+ } else if (isDefault) {
+ newValue = this.HOME_MODE_FIREFOX_HOME;
} else {
newValue = this.HOME_MODE_CUSTOM;
}
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1ac852…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/1ac852…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser][base-browser-102.7.0esr-12.5-1] 2 commits: fixup! Firefox preference overrides.
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed to branch base-browser-102.7.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
971383bf by Henry Wilkes at 2023-02-08T10:24:49+00:00
fixup! Firefox preference overrides.
Bug 41609: Set home page and new tab to about:blank in base-browser.
- - - - -
2bbd2240 by Henry Wilkes at 2023-02-08T10:24:59+00:00
Bug 31575: Disable Firefox Home (Activity Stream)
Treat about:blank as the default home page and new tab page.
Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need.
- - - - -
6 changed files:
- browser/app/profile/001-base-profile.js
- browser/components/BrowserGlue.jsm
- browser/components/newtab/AboutNewTabService.jsm
- browser/components/preferences/home.inc.xhtml
- browser/components/preferences/home.js
- browser/modules/HomePage.jsm
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -4,6 +4,11 @@
// Use the OS locale by default (tor-browser#17400)
pref("intl.locale.requested", "");
+// Home page and new tab is blank rather than Firefox Home (Activity Stream).
+// tor-browser#31575 and tor-browser#30662
+pref("browser.startup.homepage", "about:blank");
+pref("browser.newtabpage.enabled", false);
+
// Disable initial homepage notifications
pref("browser.search.update", false);
pref("startup.homepage_welcome_url", "");
@@ -151,7 +156,6 @@ pref("services.sync.engine.passwords", false);
pref("services.sync.engine.prefs", false);
pref("services.sync.engine.tabs", false);
pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
-pref("browser.newtabpage.enabled", false);
pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254)
pref("browser.search.geoip.url", "");
pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups
=====================================
browser/components/BrowserGlue.jsm
=====================================
@@ -18,7 +18,6 @@ const { AppConstants } = ChromeUtils.import(
);
XPCOMUtils.defineLazyModuleGetters(this, {
- AboutNewTab: "resource:///modules/AboutNewTab.jsm",
ActorManagerParent: "resource://gre/modules/ActorManagerParent.jsm",
AddonManager: "resource://gre/modules/AddonManager.jsm",
AppMenuNotifications: "resource://gre/modules/AppMenuNotifications.jsm",
@@ -223,28 +222,6 @@ let JSWINDOWACTORS = {
remoteTypes: ["privilegedabout"],
},
- AboutNewTab: {
- parent: {
- moduleURI: "resource:///actors/AboutNewTabParent.jsm",
- },
- child: {
- moduleURI: "resource:///actors/AboutNewTabChild.jsm",
- events: {
- DOMContentLoaded: {},
- pageshow: {},
- visibilitychange: {},
- },
- },
- // The wildcard on about:newtab is for the ?endpoint query parameter
- // that is used for snippets debugging. The wildcard for about:home
- // is similar, and also allows for falling back to loading the
- // about:home document dynamically if an attempt is made to load
- // about:home?jscache from the AboutHomeStartupCache as a top-level
- // load.
- matches: ["about:home*", "about:welcome", "about:newtab*"],
- remoteTypes: ["privilegedabout"],
- },
-
AboutPlugins: {
parent: {
moduleURI: "resource:///actors/AboutPluginsParent.jsm",
@@ -1576,8 +1553,6 @@ BrowserGlue.prototype = {
// the first browser window has finished initializing
_onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) {
- AboutNewTab.init();
-
TabCrashHandler.init();
ProcessHangMonitor.init();
@@ -5785,12 +5760,8 @@ var AboutHomeStartupCache = {
return { pageInputStream: null, scriptInputStream: null };
}
- let state = AboutNewTab.activityStream.store.getState();
- return new Promise(resolve => {
- this._cacheDeferred = resolve;
- this.log.trace("Parent is requesting cache streams.");
- this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state });
- });
+ this.log.error("Activity Stream is disabled.");
+ return { pageInputStream: null, scriptInputStream: null };
},
/**
=====================================
browser/components/newtab/AboutNewTabService.jsm
=====================================
@@ -420,20 +420,7 @@ class BaseAboutNewTabService {
* the newtab page has no effect on the result of this function.
*/
get defaultURL() {
- // Generate the desired activity stream resource depending on state, e.g.,
- // "resource://activity-stream/prerendered/activity-stream.html"
- // "resource://activity-stream/prerendered/activity-stream-debug.html"
- // "resource://activity-stream/prerendered/activity-stream-noscripts.html"
- return [
- "resource://activity-stream/prerendered/",
- "activity-stream",
- // Debug version loads dev scripts but noscripts separately loads scripts
- this.activityStreamDebug && !this.privilegedAboutProcessEnabled
- ? "-debug"
- : "",
- this.privilegedAboutProcessEnabled ? "-noscripts" : "",
- ".html",
- ].join("");
+ return "about:blank";
}
get welcomeURL() {
=====================================
browser/components/preferences/home.inc.xhtml
=====================================
@@ -33,7 +33,6 @@
class="check-home-page-controlled"
data-preference-related="browser.startup.homepage">
<menupopup>
- <menuitem value="0" data-l10n-id="home-mode-choice-default" />
<menuitem value="2" data-l10n-id="home-mode-choice-custom" />
<menuitem value="1" data-l10n-id="home-mode-choice-blank" />
</menupopup>
@@ -84,7 +83,6 @@
Preferences so we need to handle setting the pref manually.-->
<menulist id="newTabMode" flex="1" data-preference-related="browser.newtabpage.enabled">
<menupopup>
- <menuitem value="0" data-l10n-id="home-mode-choice-default" />
<menuitem value="1" data-l10n-id="home-mode-choice-blank" />
</menupopup>
</menulist>
=====================================
browser/components/preferences/home.js
=====================================
@@ -380,10 +380,14 @@ var gHomePane = {
if (controllingExtension && controllingExtension.id) {
newValue = controllingExtension.id;
- } else if (isDefault) {
- newValue = this.HOME_MODE_FIREFOX_HOME;
} else if (isBlank) {
+ // For base-browser, we want to check isBlank first since the default page
+ // is also the blank page, but we only have a menu option for
+ // HOME_MODE_BLANK, rather than HOME_MODE_FIREFOX_HOME.
+ // See tor-browser#41609.
newValue = this.HOME_MODE_BLANK;
+ } else if (isDefault) {
+ newValue = this.HOME_MODE_FIREFOX_HOME;
} else {
newValue = this.HOME_MODE_CUSTOM;
}
=====================================
browser/modules/HomePage.jsm
=====================================
@@ -21,7 +21,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
});
const kPrefName = "browser.startup.homepage";
-const kDefaultHomePage = "about:home";
+const kDefaultHomePage = "about:blank";
const kExtensionControllerPref =
"browser.startup.homepage_override.extensionControlled";
const kHomePageIgnoreListId = "homepage-urls";
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2b933e…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/2b933e…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new branch base-browser-102.8.0esr-12.0-1
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed new branch base-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new branch base-browser-102.8.0esr-12.5-1
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed new branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.8.0esr-12.5-1
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed new branch tor-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_102_8_0esr_BUILD1
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed new tag FIREFOX_102_8_0esr_BUILD1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_1…
You're receiving this email because of your account on gitlab.torproject.org.
1
0
[Git][tpo/applications/tor-browser] Pushed new branch tor-browser-102.8.0esr-12.0-1
by Pier Angelo Vendrame (@pierov) 08 Feb '23
by Pier Angelo Vendrame (@pierov) 08 Feb '23
08 Feb '23
Pier Angelo Vendrame pushed new branch tor-browser-102.8.0esr-12.0-1 at The Tor Project / Applications / Tor Browser
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows…
You're receiving this email because of your account on gitlab.torproject.org.
1
0