- tbb-commits - lists.torproject.org

[tor-browser-build/master] Pick up rbm fix for rbm#40004 and rbm#40003
by gk＠torproject.org 16 Sep '20

16 Sep '20

commit 3d671cceaa49badbbc975114e3a2fe942fdc4eda Author: Georg Koppen <gk(a)torproject.org> Date: Wed Sep 16 19:27:30 2020 +0000 Pick up rbm fix for rbm#40004 and rbm#40003 --- rbm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rbm b/rbm index ee2d60d..a32239d 160000 --- a/rbm +++ b/rbm @@ -1 +1 @@ -Subproject commit ee2d60d8274fe3b88454683eb11b1d76981b6c46 +Subproject commit a32239ddb1f465115cb4a8bb9f4b853c149506f3

1 0

[rbm/master] Bug 40004: Improve cache in project_config
by gk＠torproject.org 16 Sep '20

16 Sep '20

commit a32239ddb1f465115cb4a8bb9f4b853c149506f3 Author: Nicolas Vigier <boklm(a)torproject.org> Date: Mon Sep 14 15:40:10 2020 +0200 Bug 40004: Improve cache in project_config --- lib/RBM.pm | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/lib/RBM.pm b/lib/RBM.pm index 6277de4..825502a 100644 --- a/lib/RBM.pm +++ b/lib/RBM.pm @@ -206,19 +206,16 @@ sub confkey_str { sub project_config { my ($project, $name, $options) = @_; - CORE::state $cache; + CORE::state %config_cache; my $res; my $error_if_undef = $options->{error_if_undef}; - my $cache_save = $cache; - if ($options) { - $options = {%$options, error_if_undef => 0}; - my %ignore_options = map { $_ => 1 } qw(error_if_undef step); - $cache = {} if grep { !$ignore_options{$_} } keys %$options; - } + $options = {%$options, error_if_undef => 0} if $options; + my $cache_id = pp($config->{run}) + . pp({ %{$config->{opt}}, $options ? %$options : () }); my $name_str = ref $name eq 'ARRAY' ? join '/', @$name : $name; my $step = $config->{step}; - if (exists $cache->{$project}{$step}{$name_str}) { - $res = $cache->{$project}{$step}{$name_str}; + if (exists $config_cache{$project}{$step}{$name_str}{$cache_id}) { + $res = $config_cache{$project}{$step}{$name_str}{$cache_id}; goto FINISH; } $name = [ split '/', $name ] unless ref $name eq 'ARRAY'; @@ -233,10 +230,9 @@ sub project_config { $res = process_template($project, $res, confkey_str($name) eq 'output_dir' ? '.' : undef); } - $cache->{$project}{$step}{$name_str} = $res; + $config_cache{$project}{$step}{$name_str}{$cache_id} = $res; $config->{opt} = $opt_save; FINISH: - $cache = $cache_save; if (!defined($res) && $error_if_undef) { my $msg = $error_if_undef eq '1' ? "Option " . confkey_str($name) . " is undefined"

1 0

[tor-browser-build/master] Bug 40094: Bring back torbrowser-android-* targets for Rust
by sysrqb＠torproject.org 16 Sep '20

16 Sep '20

commit e8ff6b182dcd9d721ec97473051bda48d36d822e Author: Georg Koppen <gk(a)torproject.org> Date: Wed Sep 16 16:54:21 2020 +0000 Bug 40094: Bring back torbrowser-android-* targets for Rust Apparently we can't just replace the torbrowser-android-* targets with android-* ones when including the Rust compilers for application-services. Thus, we revert that part of the patch for #40070. See: #40094 for more details. --- projects/application-services/config | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/projects/application-services/config b/projects/application-services/config index 0560872..336de62 100644 --- a/projects/application-services/config +++ b/projects/application-services/config @@ -23,22 +23,23 @@ input_files: - project: container-image - project: '[% c("var/compiler") %]' name: '[% c("var/compiler") %]' + # We need the torbrowser-* targets for Rust, see: #40094. - project: fenix-rust name: rust-armv7 target_prepend: - - android-armv7 + - torbrowser-android-armv7 - project: fenix-rust name: rust-aarch64 target_prepend: - - android-aarch64 + - torbrowser-android-aarch64 - project: fenix-rust name: rust-x86 target_prepend: - - android-x86 + - torbrowser-android-x86 - project: fenix-rust name: rust-x86_64 target_prepend: - - android-x86_64 + - torbrowser-android-x86_64 - project: nss name: nss-armv7 target_prepend:

1 0

[tor-browser-build/master] Merge remote-tracking branch 'gkgl/bug_40094'
by sysrqb＠torproject.org 16 Sep '20

16 Sep '20

commit 6cbd373aad047d53032170be4a3da19a8c49ab8f Merge: 47e2748 e8ff6b1 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Wed Sep 16 17:15:21 2020 +0000 Merge remote-tracking branch 'gkgl/bug_40094' projects/application-services/config | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)

1 0

[tor-browser-build/master] Minor ChangeLog fixups
by sysrqb＠torproject.org 16 Sep '20

16 Sep '20

commit 47e2748ac843e06ab7f38b0363f3df05cfbc993f Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Wed Sep 16 15:31:39 2020 +0000 Minor ChangeLog fixups --- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index b0cdf08..c13d834 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -20,12 +20,12 @@ Tor Browser 10.0a7 -- September 14 2020 * Bug 40031: Add licenses for kcp-go and smux. [tor-browser-build] * Bug 40045: Fix complete .mar file creation for dmg2mar [tor-browser-build] * Bug 40065: Bump debootstrap-image ubuntu_version to 20.04.1 [tor-browser-build] - * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja - * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore + * Bug 40087: Deterministically add HTTPS Everywhere into omni.ja [tor-browser-build] * Windows * Bug 40052: Bump NSIS to 3.06.1 [tor-browser-build] * Bug 40071: Be explicit about no SEH with mingw-w64 on 32bit systems [tor-browser-build] * Bug 40077: Don't pass --no-insert-timestamp when building Firefox [tor-browser-build] + * Bug 40090: NSIS 3.06.1 based builds are not reproducible anymore [tor-browser-build] Tor Browser 10.0a6 -- August 26 2020 * All Platforms

1 0

[tor-browser/tor-browser-78.2.0esr-10.0-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core
by sysrqb＠torproject.org 15 Sep '20

15 Sep '20

commit 7b9d33cf056c87ed10023f2d60e2021e2b040b32 Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Tue Sep 15 23:41:01 2020 +0000 fixup! Bug 10760: Integrate TorButton to TorBrowser core --- toolkit/torproject/torbutton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton index c18489972abe..4e67ee2ef26e 160000 --- a/toolkit/torproject/torbutton +++ b/toolkit/torproject/torbutton @@ -1 +1 @@ -Subproject commit c18489972abef8b449ad8b53356cda5e3aea601b +Subproject commit 4e67ee2ef26e28da0f02a0e43e22a61ee33c6d4d

1 0

[torbutton/master] Translations update
by sysrqb＠torproject.org 15 Sep '20

15 Sep '20

commit 4e67ee2ef26e28da0f02a0e43e22a61ee33c6d4d Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Tue Sep 15 23:38:27 2020 +0000 Translations update --- chrome/locale/ar/aboutTor.dtd | 4 ++ chrome/locale/bn-BD/aboutTor.dtd | 4 ++ chrome/locale/ca/aboutTor.dtd | 4 ++ chrome/locale/ca/torbutton.properties | 76 ++++++++++++------------ chrome/locale/cs/aboutTor.dtd | 4 ++ chrome/locale/da/aboutTor.dtd | 4 ++ chrome/locale/de/aboutTor.dtd | 4 ++ chrome/locale/el/aboutTor.dtd | 4 ++ chrome/locale/es-AR/aboutTor.dtd | 4 ++ chrome/locale/es-ES/aboutTor.dtd | 4 ++ chrome/locale/eu/aboutTor.dtd | 4 ++ chrome/locale/fa/aboutTor.dtd | 4 ++ chrome/locale/fr/aboutTor.dtd | 4 ++ chrome/locale/ga-IE/aboutTor.dtd | 6 +- chrome/locale/ga-IE/browserOnboarding.properties | 12 ++-- chrome/locale/ga-IE/torbutton.dtd | 4 +- chrome/locale/ga-IE/torbutton.properties | 54 ++++++++--------- chrome/locale/he/aboutTor.dtd | 4 ++ chrome/locale/hu/aboutTBUpdate.dtd | 4 +- chrome/locale/hu/aboutTor.dtd | 8 ++- chrome/locale/hu/brand.dtd | 8 +-- chrome/locale/hu/torbutton.properties | 4 +- chrome/locale/id/aboutTor.dtd | 4 ++ chrome/locale/is/aboutTor.dtd | 4 ++ chrome/locale/it/aboutTor.dtd | 6 +- chrome/locale/it/brand.dtd | 6 +- chrome/locale/it/branding/tor-browser-brand.ftl | 2 +- chrome/locale/it/browserOnboarding.properties | 12 ++-- chrome/locale/it/torbutton.dtd | 8 +-- chrome/locale/it/torbutton.properties | 66 ++++++++++---------- chrome/locale/ja/aboutTor.dtd | 4 ++ chrome/locale/ja/torbutton.properties | 14 ++--- chrome/locale/ka/aboutTor.dtd | 4 ++ chrome/locale/ko/aboutTor.dtd | 4 ++ chrome/locale/lt/aboutTor.dtd | 4 ++ chrome/locale/mk/aboutTor.dtd | 4 ++ chrome/locale/ms/aboutTor.dtd | 4 ++ chrome/locale/nb-NO/aboutTor.dtd | 4 ++ chrome/locale/nl/aboutTor.dtd | 4 ++ chrome/locale/pl/aboutTor.dtd | 4 ++ chrome/locale/pt-BR/aboutTor.dtd | 4 ++ chrome/locale/ro/aboutTor.dtd | 4 ++ chrome/locale/ru/aboutTor.dtd | 4 ++ chrome/locale/sv-SE/aboutTor.dtd | 4 ++ chrome/locale/th/aboutTor.dtd | 4 ++ chrome/locale/tr/aboutTor.dtd | 4 ++ chrome/locale/vi/aboutTor.dtd | 4 ++ chrome/locale/zh-CN/aboutTor.dtd | 4 ++ chrome/locale/zh-CN/torbutton.properties | 22 +++---- chrome/locale/zh-TW/aboutTor.dtd | 4 ++ 50 files changed, 294 insertions(+), 150 deletions(-) diff --git a/chrome/locale/ar/aboutTor.dtd b/chrome/locale/ar/aboutTor.dtd index 2ad75578..e6d9941d 100644 --- a/chrome/locale/ar/aboutTor.dtd +++ b/chrome/locale/ar/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "اشترك للحصول على أخبار تور."> <!ENTITY aboutTor.donationBanner.freeToUse "تور متاح مجاناً بفضل التبرعات من الأشخاص مثلك"> <!ENTITY aboutTor.donationBanner.buttonA "تبرع الآن"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/bn-BD/aboutTor.dtd b/chrome/locale/bn-BD/aboutTor.dtd index a089acb9..35fed0f0 100644 --- a/chrome/locale/bn-BD/aboutTor.dtd +++ b/chrome/locale/bn-BD/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "টর নিউজ-এর জন্য সাইন আপ করুন ।"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "এখুনি দান করুন! "> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ca/aboutTor.dtd b/chrome/locale/ca/aboutTor.dtd index 99f9542b..0952deae 100644 --- a/chrome/locale/ca/aboutTor.dtd +++ b/chrome/locale/ca/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Inscriviu-vos a les noticies de Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor és d'ús gratuït gràcies als donatius de persones com vós."> <!ENTITY aboutTor.donationBanner.buttonA "Feu una donació"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ca/torbutton.properties b/chrome/locale/ca/torbutton.properties index e6480677..8698caba 100644 --- a/chrome/locale/ca/torbutton.properties +++ b/chrome/locale/ca/torbutton.properties @@ -60,7 +60,7 @@ updateDownloadingPanelUILabel=S'està baixant l'actualització %S # .Onion Page Info prompt. Strings are kept here for ease of translation. pageInfo_OnionEncryptionWithBitsAndProtocol=Connexió xifrada (Onion Service, %1$S, claus de %2$S bits, %3$S) pageInfo_OnionEncryption=Connexió xifrada (Onion Service) -pageInfo_OnionName=Onion Name: +pageInfo_OnionName=Nom .onion: # Onion services strings. Strings are kept here for ease of translation. onionServices.learnMore=Més informació @@ -70,48 +70,48 @@ onionServices.errorPage.onionSite=Lloc onion # LOCALIZATION NOTE: In the longDescription strings, %S will be replaced with # an error code, e.g., 0xF3. # Tor SOCKS error 0xF0: -onionServices.descNotFound.pageTitle=Problem Loading Onionsite -onionServices.descNotFound.header=Onionsite Not Found -onionServices.descNotFound=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onionServices.descNotFound.longDescription=Details: %S — The requested onion service descriptor can't be found on the hashring and therefore the service is not reachable by the client. +onionServices.descNotFound.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.descNotFound.header=No s'ha trobat el lloc .onion +onionServices.descNotFound=La causa més probable és que el lloc .onion és fora de línia. Contacte amb l'administrador del lloc .onion. +onionServices.descNotFound.longDescription=Detalls: %S — El descriptor del servei Onion sol·licitat no es pot trobar en l'anell d'etiquetes i per tant el client no pot aconseguir el servei. # Tor SOCKS error 0xF1: -onionServices.descInvalid.pageTitle=Problem Loading Onionsite -onionServices.descInvalid.header=Onionsite Cannot Be Reached -onionServices.descInvalid=The onionsite is unreachable due an internal error. -onionServices.descInvalid.longDescription=Details: %S — The requested onion service descriptor can't be parsed or signature validation failed. +onionServices.descInvalid.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.descInvalid.header=El lloc Onion no es pot aconseguir +onionServices.descInvalid=El lloc Onion no es pot aconseguir a causa d'un error intern. +onionServices.descInvalid.longDescription=Detalls: %S — El descriptor del servei Onion sol·licitat no es pot analitzar o la validació de la signatura ha fallat. # Tor SOCKS error 0xF2: -onionServices.introFailed.pageTitle=Problem Loading Onionsite -onionServices.introFailed.header=Onionsite Has Disconnected -onionServices.introFailed=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onionServices.introFailed.longDescription=Details: %S — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running. +onionServices.introFailed.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.introFailed.header=El lloc .onion ha desconectat +onionServices.introFailed=La causa més probable és que el lloc .onion és fora de línia. Contacte amb l'administrador del lloc .onion. +onionServices.introFailed.longDescription=Detalls: %S — Ha fallat la introducció, el que significa que el descriptor s'ha trobat però el servei ja no es troba connectat al punt d'introducció. Segurament el servei ha canviat de descriptor, o no és iniciat. # Tor SOCKS error 0xF3: -onionServices.rendezvousFailed.pageTitle=Problem Loading Onionsite -onionServices.rendezvousFailed.header=Unable to Connect to Onionsite -onionServices.rendezvousFailed=The onionsite is busy or the Tor network is overloaded. Try again later. -onionServices.rendezvousFailed.longDescription=Details: %S — The client failed to rendezvous with the service, which means that the client was unable to finalize the connection. +onionServices.rendezvousFailed.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.rendezvousFailed.header=No s'ha pogut connectar al lloc .onion +onionServices.rendezvousFailed=El lloc Onion està ocupat o la xarxa Tor està sobrecarregada. Proveu de nou més tard. +onionServices.rendezvousFailed.longDescription=Detalls: %S — El client a fallat en interactuar amb el servei, el que significa que el client no podia finalitzar la connexió. # Tor SOCKS error 0xF4: -onionServices.clientAuthMissing.pageTitle=Authorization Required -onionServices.clientAuthMissing.header=Onionsite Requires Authentication -onionServices.clientAuthMissing=Access to the onionsite requires a key but none was provided. -onionServices.clientAuthMissing.longDescription=Details: %S — The client downloaded the requested onion service descriptor but was unable to decrypt its content because client authorization information is missing. +onionServices.clientAuthMissing.pageTitle=Es requereix autorització +onionServices.clientAuthMissing.header=El lloc .onion requereix autenticació +onionServices.clientAuthMissing=L'accés al lloc .onion requereix una clau però no se n'ha proporcionat cap. +onionServices.clientAuthMissing.longDescription=Detalls: %S — El client ha baixat el descriptor del servei Onion sol·licitat, però no ha pogut desxifrar el seu contingut perquè falta la informació de l'autorització del client. # Tor SOCKS error 0xF5: onionServices.clientAuthIncorrect.pageTitle=Ha fallat l'autorització -onionServices.clientAuthIncorrect.header=Onionsite Authentication Failed -onionServices.clientAuthIncorrect=The provided key is incorrect or has been revoked. Contact the onionsite administrator. -onionServices.clientAuthIncorrect.longDescription=Details: %S — The client was able to download the requested onion service descriptor but was unable to decrypt its content using the provided client authorization information. This may mean that access has been revoked. +onionServices.clientAuthIncorrect.header=Ha fallat l'autenticació del lloc Onion +onionServices.clientAuthIncorrect=La clau proporcionada no és correcta o s'ha revocat. Contacteu amb l'administrador del lloc Onion. +onionServices.clientAuthIncorrect.longDescription=Detalls: %S — El client ha pogut baixar el descriptor del servei Onion sol·licitat, però no ha pogut desxifrar el seu contingut utilitzant la informació d'autorització del client proporcionada. Això podria significar que l'accés s'ha revocat. # Tor SOCKS error 0xF6: -onionServices.badAddress.pageTitle=Problem Loading Onionsite -onionServices.badAddress.header=Invalid Onionsite Address -onionServices.badAddress=The provided onionsite address is invalid. Please check that you entered it correctly. -onionServices.badAddress.longDescription=Details: %S — The provided .onion address is invalid. This error is returned due to one of the following reasons: the address checksum doesn't match, the ed25519 public key is invalid, or the encoding is invalid. +onionServices.badAddress.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.badAddress.header=L'adreça del lloc .onion no és vàlida +onionServices.badAddress=L'adreça del servei Onion proporcionada no és vàlida. Comproveu que l'heu introduïda correctament. +onionServices.badAddress.longDescription=Detalls: %S — L'adreça .onion proporcionada no és vàlida. Aquest error ocorre per una de les raons següents: la suma de comprovació de l'adreça no concorda, la clau pública ed25519 no és válida, o la codificació no és vàlida. # Tor SOCKS error 0xF7: -onionServices.introTimedOut.pageTitle=Problem Loading Onionsite -onionServices.introTimedOut.header=Onionsite Circuit Creation Timed Out -onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to a poor network connection. -onionServices.introTimedOut.longDescription=Details: %S — The connection to the requested onion service timed out while trying to build the rendezvous circuit. +onionServices.introTimedOut.pageTitle=S'ha produït un problema en carregar el lloc .onion +onionServices.introTimedOut.header=Esgotat el temps de creació del circuit del lloc Onion +onionServices.introTimedOut=Ha fallat la connexió amb el lloc Onion, possiblement a causa d'una connexió a la xarxa pobra. +onionServices.introTimedOut.longDescription=Detalls: %S — La connexió al servei Onion sol·licitat ha esgotat el temps mentre provava de construir el circuit de connexió. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description2=%S is requesting that you authenticate. +onionServices.authPrompt.description2=%S sol·licita que us autentiqueu. onionServices.authPrompt.keyPlaceholder=Introduïu la vostra clau privada per a aquest servei ceba onionServices.authPrompt.done=Fet onionServices.authPrompt.doneAccessKey=d @@ -130,15 +130,15 @@ onionServices.authPreferences.failedToGetKeys=No es poden recuperar les claus de onionServices.authPreferences.failedToRemoveKey=No s'ha pogut suprimir la clau # Onion-Location strings. -onionLocation.alwaysPrioritize=Always Prioritize Onions +onionLocation.alwaysPrioritize=Sempre prioritza els Onions onionLocation.alwaysPrioritizeAccessKey=p onionLocation.notNow=Ara no onionLocation.notNowAccessKey=p -onionLocation.description=There's a more private and secure version of this site available over the Tor network via onion services. Onion services help website publishers and their visitors defeat surveillance and censorship. -onionLocation.tryThis=Try Onion Services -onionLocation.onionAvailable=.onion available +onionLocation.description=Hi ha una versió més privada i segura d'aquest lloc web disponible a través de la xarxa Tor, mitjançant serveis Onion. Aquests serveis ajuden els creadors web i els seus visitants a vèncer la vigilància i la censura. +onionLocation.tryThis=Prova els serveis Onion +onionLocation.onionAvailable=.onion disponible onionLocation.learnMore=Més informació... onionLocation.always=Sempre onionLocation.askEverytime=Demana-ho cada vegada -onionLocation.prioritizeOnionsDescription=Prioritize .onion sites when known. +onionLocation.prioritizeOnionsDescription=Prioritza els llocs .onion si se'n coneixen. onionLocation.onionServicesTitle=Serveis Onion diff --git a/chrome/locale/cs/aboutTor.dtd b/chrome/locale/cs/aboutTor.dtd index 00747b4c..a4906cd1 100644 --- a/chrome/locale/cs/aboutTor.dtd +++ b/chrome/locale/cs/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Přihlaste se k odběru zpravodaje Toru."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "Přispějte"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/da/aboutTor.dtd b/chrome/locale/da/aboutTor.dtd index 789e4a0d..7076fca9 100644 --- a/chrome/locale/da/aboutTor.dtd +++ b/chrome/locale/da/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Tilmeld Tor-nyheder."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor er gratis at bruge takke være donationer fra personer som dig."> <!ENTITY aboutTor.donationBanner.buttonA "Donér nu"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/de/aboutTor.dtd b/chrome/locale/de/aboutTor.dtd index afb1ce34..f8cac6a3 100644 --- a/chrome/locale/de/aboutTor.dtd +++ b/chrome/locale/de/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Tor-Nachrichten abonnieren."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor ist aufgrund von Spenden von Leuten wie dir frei nutzbar."> <!ENTITY aboutTor.donationBanner.buttonA "Spende jetzt"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/el/aboutTor.dtd b/chrome/locale/el/aboutTor.dtd index 6c086733..8a4711ac 100644 --- a/chrome/locale/el/aboutTor.dtd +++ b/chrome/locale/el/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Εγγραφτείτε για τα νέα του Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Το Tor είναι ελεύθερο λογισμικό, λόγω δωρεών από άτομα σαν κι εσας."> <!ENTITY aboutTor.donationBanner.buttonA "Κάντε μια δωρεά τώρα!"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/es-AR/aboutTor.dtd b/chrome/locale/es-AR/aboutTor.dtd index e1400c05..d3c9dc22 100644 --- a/chrome/locale/es-AR/aboutTor.dtd +++ b/chrome/locale/es-AR/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Registrate en Tor News."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor es gratis gracias a las donaciones de personas como vos."> <!ENTITY aboutTor.donationBanner.buttonA "Doná ahora"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/es-ES/aboutTor.dtd b/chrome/locale/es-ES/aboutTor.dtd index 3909b8f4..5a32a47a 100644 --- a/chrome/locale/es-ES/aboutTor.dtd +++ b/chrome/locale/es-ES/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Inscríbete en Tor News."> <!ENTITY aboutTor.donationBanner.freeToUse "Se puede usar Tor libremente por las donaciones de personas como tu."> <!ENTITY aboutTor.donationBanner.buttonA "Dona ahora."> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/eu/aboutTor.dtd b/chrome/locale/eu/aboutTor.dtd index b115af74..8fba9ac7 100644 --- a/chrome/locale/eu/aboutTor.dtd +++ b/chrome/locale/eu/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Harpidetu Tor berrietara"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "Egin dohaintza orain"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/fa/aboutTor.dtd b/chrome/locale/fa/aboutTor.dtd index 8fee56e7..27ab898c 100644 --- a/chrome/locale/fa/aboutTor.dtd +++ b/chrome/locale/fa/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "ثبت‌نام برای اخبار Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "تور برای استفاده رایگان بوده و این به خاطر افرادی مانند شما می باشد."> <!ENTITY aboutTor.donationBanner.buttonA "اکنون اهداء کنید"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/fr/aboutTor.dtd b/chrome/locale/fr/aboutTor.dtd index 0356e3d8..5c09efe7 100644 --- a/chrome/locale/fr/aboutTor.dtd +++ b/chrome/locale/fr/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Inscrivez-vous aux nouvelles de Tor"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor peut être utilisé gratuitement grâce aux dons de personnes telles que vous."> <!ENTITY aboutTor.donationBanner.buttonA "Faites un don maintenant"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ga-IE/aboutTor.dtd b/chrome/locale/ga-IE/aboutTor.dtd index 436d2f91..e9c097d3 100644 --- a/chrome/locale/ga-IE/aboutTor.dtd +++ b/chrome/locale/ga-IE/aboutTor.dtd @@ -27,5 +27,9 @@ <!ENTITY aboutTor.newsletter.tagline "Faigh an nuacht is déanaí maidir le Tor i do bhosca isteach."> <!ENTITY aboutTor.newsletter.link_text "Cláraigh le Nuachtlitir Tor."> -<!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> +<!ENTITY aboutTor.donationBanner.freeToUse "Tá Tor saor in aisce a bhuí le bronntanais airgid ó dhaoine cosúil leatsa."> <!ENTITY aboutTor.donationBanner.buttonA "Tabhair síntiús airgid anois"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ga-IE/browserOnboarding.properties b/chrome/locale/ga-IE/browserOnboarding.properties index 754e6467..fed53951 100644 --- a/chrome/locale/ga-IE/browserOnboarding.properties +++ b/chrome/locale/ga-IE/browserOnboarding.properties @@ -15,8 +15,8 @@ onboarding.tour-tor-privacy.button=Téigh go Líonra Tor onboarding.tour-tor-network=Líonra Tor onboarding.tour-tor-network.title=Taisteal ar líonra díláraithe. onboarding.tour-tor-network.description=Ceanglaíonn Brabhsálaí Tor le líonra Tor thú, líonra faoi stiúir na mílte oibrí deonach timpeall an domhain. I gcodarsnacht le VPN, níl éalang aonair ann agus ní gá duit muinín a chur in eagraíocht láraithe chun taitneamh a bhaint as an Idirlíon go príobháideach. -onboarding.tour-tor-network.description-para2=NEW: Tor Network Settings, including the ability to request bridges where Tor is blocked, can now be found in Preferences. -onboarding.tour-tor-network.action-button=Adjust Your Tor Network Settings +onboarding.tour-tor-network.description-para2=NUA: Gheobhaidh tú Socruithe Líonra Tor sna Sainroghanna, an comhéadan lenar féidir drochid a iarraidh san áireamh. +onboarding.tour-tor-network.action-button=Athraigh Socruithe Líonra Tor onboarding.tour-tor-network.button=Téigh go dtí Taispeántas an Chiorcaid onboarding.tour-tor-circuit-display=Taispeántas an Chiorcaid @@ -49,10 +49,10 @@ onboarding.tour-tor-update.prefix-new=Nua onboarding.tour-tor-update.prefix-updated=Nuashonraithe onboarding.tour-tor-toolbar=Barra Uirlisí -onboarding.tour-tor-toolbar-update-9.0.title=Goodbye Onion Button. -onboarding.tour-tor-toolbar-update-9.0.description=We want your experience using Tor to be fully integrated within Tor Browser. -onboarding.tour-tor-toolbar-update-9.0.description-para2=That's why now, rather than using the onion button, you can see your Tor Circuit via the [i] in the URL bar and request a New Identity using the toolbar button or the [≡] menu. -onboarding.tour-tor-toolbar-update-9.0.button=How to Request a New Identity +onboarding.tour-tor-toolbar-update-9.0.title=Slán agat, a Chnaipe Onion. +onboarding.tour-tor-toolbar-update-9.0.description=Ba mhaith linn d'eispéireas iomlán le Tor a chomhtháthú le Brabhsálaí Tor. +onboarding.tour-tor-toolbar-update-9.0.description-para2=Dá bharr sin, in áit an chnaipe onion, tá tú anois in ann do Chiorcad Tor a fheiceáil tríd an [i] sa bharra suímh, agus Aitheantas Nua a iarraidh ón gcnaipe sa bharra uirlisí nó ón roghchlár [≡]. +onboarding.tour-tor-toolbar-update-9.0.button=Conas a iarrtar Aitheantas Nua onboarding.tour-tor-toolbar-update-9.0.next-button=Téigh go Líonra Tor # Circuit Display onboarding. diff --git a/chrome/locale/ga-IE/torbutton.dtd b/chrome/locale/ga-IE/torbutton.dtd index dbca0894..8cb1458b 100644 --- a/chrome/locale/ga-IE/torbutton.dtd +++ b/chrome/locale/ga-IE/torbutton.dtd @@ -49,5 +49,5 @@ <!ENTITY torbutton.circuit_display.new_circuit "Ciorcad Nua don Suíomh seo">  -<!ENTITY torbutton.onionServices.authPrompt.tooltip "Open onion service client authentication prompt"> -<!ENTITY torbutton.onionServices.authPrompt.persistCheckboxLabel "Remember this key"> +<!ENTITY torbutton.onionServices.authPrompt.tooltip "Oscail leid fhíordheimhnithe don tseirbhís onion"> +<!ENTITY torbutton.onionServices.authPrompt.persistCheckboxLabel "Meabhraigh an eochair seo"> diff --git a/chrome/locale/ga-IE/torbutton.properties b/chrome/locale/ga-IE/torbutton.properties index aa201bee..1c7295c1 100644 --- a/chrome/locale/ga-IE/torbutton.properties +++ b/chrome/locale/ga-IE/torbutton.properties @@ -8,8 +8,8 @@ torbutton.circuit_display.unknown_country = Tír anaithnid torbutton.circuit_display.guard = Garda torbutton.circuit_display.guard_note = Seans nach n-athrófar an nód [Guard]. torbutton.circuit_display.learn_more = Tuilleadh eolais -torbutton.circuit_display.click_to_copy = Click to Copy -torbutton.circuit_display.copied = Copied! +torbutton.circuit_display.click_to_copy = Cliceáil le Cóipeáil +torbutton.circuit_display.copied = Cóipeáilte! torbutton.content_sizer.margin_tooltip = Cuireann Brabhsálaí Tor an chiumhais seo leis an bhfuinneog ionas nach mbeidh leithead agus airde na fuinneoige chomh suntasach, sa chaoi go mbíonn sé níos deacra do ghníomhaíocht ar líne a lorg. torbutton.panel.tooltip.disabled = Cliceáil le Tor a chumasú torbutton.panel.tooltip.enabled = Cliceáil le Tor a dhíchumasú @@ -60,32 +60,32 @@ updateDownloadingPanelUILabel=Nuashonrú %S á íoslódáil # .Onion Page Info prompt. Strings are kept here for ease of translation. pageInfo_OnionEncryptionWithBitsAndProtocol=Ceangal Criptithe (Seirbhís Onion, %1$S, eochracha %2$S giotán, %3$S) pageInfo_OnionEncryption=Ceangal Criptithe (Seirbhís Onion) -pageInfo_OnionName=Onion Name: +pageInfo_OnionName=Ainm an Onion: # Onion services strings. Strings are kept here for ease of translation. onionServices.learnMore=Tuilleadh eolais -onionServices.errorPage.browser=Browser +onionServices.errorPage.browser=Brabhsálaí onionServices.errorPage.network=Líonra -onionServices.errorPage.onionSite=Onionsite +onionServices.errorPage.onionSite=Suíomh Onion # LOCALIZATION NOTE: In the longDescription strings, %S will be replaced with # an error code, e.g., 0xF3. # Tor SOCKS error 0xF0: -onionServices.descNotFound.pageTitle=Problem Loading Onionsite -onionServices.descNotFound.header=Onionsite Not Found -onionServices.descNotFound=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. +onionServices.descNotFound.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil +onionServices.descNotFound.header=Suíomh Onion gan aimsiú +onionServices.descNotFound=Is dócha go bhfuil an suíomh onion as líne. Téigh i dteagmháil le riarthóir an tsuímh. onionServices.descNotFound.longDescription=Details: %S — The requested onion service descriptor can't be found on the hashring and therefore the service is not reachable by the client. # Tor SOCKS error 0xF1: -onionServices.descInvalid.pageTitle=Problem Loading Onionsite -onionServices.descInvalid.header=Onionsite Cannot Be Reached +onionServices.descInvalid.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil +onionServices.descInvalid.header=Ní féidir teagmháil a dhéanamh leis an suíomh Onion onionServices.descInvalid=The onionsite is unreachable due an internal error. onionServices.descInvalid.longDescription=Details: %S — The requested onion service descriptor can't be parsed or signature validation failed. # Tor SOCKS error 0xF2: -onionServices.introFailed.pageTitle=Problem Loading Onionsite -onionServices.introFailed.header=Onionsite Has Disconnected -onionServices.introFailed=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. +onionServices.introFailed.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil +onionServices.introFailed.header=Bhris an suíomh Onion an ceangal +onionServices.introFailed=Is dócha go bhfuil an suíomh onion as líne. Téigh i dteagmháil le riarthóir an tsuímh. onionServices.introFailed.longDescription=Details: %S — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running. # Tor SOCKS error 0xF3: -onionServices.rendezvousFailed.pageTitle=Problem Loading Onionsite +onionServices.rendezvousFailed.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil onionServices.rendezvousFailed.header=Unable to Connect to Onionsite onionServices.rendezvousFailed=The onionsite is busy or the Tor network is overloaded. Try again later. onionServices.rendezvousFailed.longDescription=Details: %S — The client failed to rendezvous with the service, which means that the client was unable to finalize the connection. @@ -100,34 +100,34 @@ onionServices.clientAuthIncorrect.header=Onionsite Authentication Failed onionServices.clientAuthIncorrect=The provided key is incorrect or has been revoked. Contact the onionsite administrator. onionServices.clientAuthIncorrect.longDescription=Details: %S — The client was able to download the requested onion service descriptor but was unable to decrypt its content using the provided client authorization information. This may mean that access has been revoked. # Tor SOCKS error 0xF6: -onionServices.badAddress.pageTitle=Problem Loading Onionsite +onionServices.badAddress.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil onionServices.badAddress.header=Invalid Onionsite Address onionServices.badAddress=The provided onionsite address is invalid. Please check that you entered it correctly. onionServices.badAddress.longDescription=Details: %S — The provided .onion address is invalid. This error is returned due to one of the following reasons: the address checksum doesn't match, the ed25519 public key is invalid, or the encoding is invalid. # Tor SOCKS error 0xF7: -onionServices.introTimedOut.pageTitle=Problem Loading Onionsite +onionServices.introTimedOut.pageTitle=Níorbh fhéidir an suíomh Onion a lódáil onionServices.introTimedOut.header=Onionsite Circuit Creation Timed Out onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to a poor network connection. onionServices.introTimedOut.longDescription=Details: %S — The connection to the requested onion service timed out while trying to build the rendezvous circuit. # # LOCALIZATION NOTE: %S will be replaced with the .onion address. onionServices.authPrompt.description2=%S is requesting that you authenticate. -onionServices.authPrompt.keyPlaceholder=Enter your private key for this onion service +onionServices.authPrompt.keyPlaceholder=Cuir isteach d'eochair phríobháideach le haghaidh na seirbhíse onion seo onionServices.authPrompt.done=Déanta onionServices.authPrompt.doneAccessKey=d -onionServices.authPrompt.invalidKey=Please enter a valid key (52 base32 characters or 44 base64 characters) -onionServices.authPrompt.failedToSetKey=Unable to configure Tor with your key -onionServices.authPreferences.header=Onion Services Authentication +onionServices.authPrompt.invalidKey=Cuir isteach eochair bhailí (52 carachtar base32, nó 44 carachtar base64) +onionServices.authPrompt.failedToSetKey=Níorbh fhéidir Tor a chumrú le d'eochair +onionServices.authPreferences.header=Fíordheimhniú do Sheirbhísí Onion onionServices.authPreferences.overview=Some onion services require that you identify yourself with a key (a kind of password) before you can access them. -onionServices.authPreferences.savedKeys=Saved Keys… -onionServices.authPreferences.dialogTitle=Onion Service Keys -onionServices.authPreferences.dialogIntro=Keys for the following onionsites are stored on your computer -onionServices.authPreferences.onionSite=Onionsite +onionServices.authPreferences.savedKeys=Eochracha Sábháilte... +onionServices.authPreferences.dialogTitle=Eochracha Seirbhíse Onion +onionServices.authPreferences.dialogIntro=Tá eochracha a bhaineann leis na suímh onion seo stóráilte ar do ríomhaire +onionServices.authPreferences.onionSite=Suíomh Onion onionServices.authPreferences.onionKey=Eochair onionServices.authPreferences.remove=Bain -onionServices.authPreferences.removeAll=Remove All -onionServices.authPreferences.failedToGetKeys=Unable to retrieve keys from tor -onionServices.authPreferences.failedToRemoveKey=Unable to remove key +onionServices.authPreferences.removeAll=Bain Uile +onionServices.authPreferences.failedToGetKeys=Níorbh fhéidir eochracha a fháil ó Tor +onionServices.authPreferences.failedToRemoveKey=Níorbh fhéidir an eochair a bhaint # Onion-Location strings. onionLocation.alwaysPrioritize=Always Prioritize Onions diff --git a/chrome/locale/he/aboutTor.dtd b/chrome/locale/he/aboutTor.dtd index 520d773b..7f9fb329 100644 --- a/chrome/locale/he/aboutTor.dtd +++ b/chrome/locale/he/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "הירשם עבור חדשות Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor חינמי לשימוש בגלל תרומות מאנשים כמוך."> <!ENTITY aboutTor.donationBanner.buttonA "תרום עכשיו"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/hu/aboutTBUpdate.dtd b/chrome/locale/hu/aboutTBUpdate.dtd index 946bb36b..1d967e90 100644 --- a/chrome/locale/hu/aboutTBUpdate.dtd +++ b/chrome/locale/hu/aboutTBUpdate.dtd @@ -1,5 +1,5 @@ -<!ENTITY aboutTBUpdate.changelogTitle "Tor Browser Változási napló"> -<!ENTITY aboutTBUpdate.updated "Tor Browser frissítve."> +<!ENTITY aboutTBUpdate.changelogTitle "Tor Böngésző Változási napló"> +<!ENTITY aboutTBUpdate.updated "Tor Böngésző frissítve."> <!ENTITY aboutTBUpdate.linkPrefix "Az erről a kiadásról szóló legfrissebb információkért"> <!ENTITY aboutTBUpdate.linkLabel "látogassa meg weboldalunkat"> <!ENTITY aboutTBUpdate.linkSuffix "."> diff --git a/chrome/locale/hu/aboutTor.dtd b/chrome/locale/hu/aboutTor.dtd index 6682d2ff..86740e18 100644 --- a/chrome/locale/hu/aboutTor.dtd +++ b/chrome/locale/hu/aboutTor.dtd @@ -17,10 +17,10 @@ <!ENTITY aboutTor.searchDDGPost.link "https://duckduckgo.com"> <!ENTITY aboutTor.torbrowser_user_manual_questions.label "Kérdések?"> -<!ENTITY aboutTor.torbrowser_user_manual_link.label "Tekintse meg a Tor Browser Útmutatónkat"> +<!ENTITY aboutTor.torbrowser_user_manual_link.label "Tekintse meg a Tor Böngésző Útmutatónkat">  <!ENTITY aboutTor.torbrowser_user_manual.accesskey "M"> -<!ENTITY aboutTor.torbrowser_user_manual.label "Tor Browser Útmutató"> +<!ENTITY aboutTor.torbrowser_user_manual.label "Tor Böngésző Útmutató"> <!ENTITY aboutTor.tor_mission.label "A Tor Project egy a US 501(c)(3) szerinti non-profit szervezet, amely az emberi jogokért és szabadságért harcol, nyílt forráskódú anonimitás és adatvédelmi technológiák fejlesztésével és terjesztésével, támogatva azok korlátlan elérhetőségét és használatát, támogassák a tudományos ás általános megértésüket."> <!ENTITY aboutTor.getInvolved.label "Vegyen részt"> @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Iratkozzon fel a Tor hírekhez."> <!ENTITY aboutTor.donationBanner.freeToUse "A Tor ingyenes az Önhöz hasonló személyek támogatásai miatt."> <!ENTITY aboutTor.donationBanner.buttonA "Támogasson most"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/hu/brand.dtd b/chrome/locale/hu/brand.dtd index 3e0bacba..fa67c73d 100644 --- a/chrome/locale/hu/brand.dtd +++ b/chrome/locale/hu/brand.dtd @@ -2,10 +2,10 @@ - License, v. 2.0. If a copy of the MPL was not distributed with this - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> -<!ENTITY brandShorterName "Tor Browser"> -<!ENTITY brandShortName "Tor Browser"> -<!ENTITY brandFullName "Tor Browser"> -<!ENTITY vendorShortName "Tor Project"> +<!ENTITY brandShorterName "Tor Böngésző"> +<!ENTITY brandShortName "Tor Böngésző"> +<!ENTITY brandFullName "Tor Böngésző"> +<!ENTITY vendorShortName "Tor Projekt"> <!ENTITY trademarkInfo.part1 "A 'Tor' és az 'Onion Logo' a Tor Project, Inc. bejegyzett védjegyei.">  +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/is/aboutTor.dtd b/chrome/locale/is/aboutTor.dtd index 14bad9ac..1d998a5c 100644 --- a/chrome/locale/is/aboutTor.dtd +++ b/chrome/locale/is/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Skráðu þig til að fá Tor-fréttir."> <!ENTITY aboutTor.donationBanner.freeToUse "Öllum er frjálst að nota Tor vegna styrkja frá fólki eins og þér."> <!ENTITY aboutTor.donationBanner.buttonA "Styrkja núna"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/it/aboutTor.dtd b/chrome/locale/it/aboutTor.dtd index 67dbd1d9..4fecbcda 100644 --- a/chrome/locale/it/aboutTor.dtd +++ b/chrome/locale/it/aboutTor.dtd @@ -6,7 +6,7 @@ <!ENTITY aboutTor.title "Info su Tor"> -<!ENTITY aboutTor.viewChangelog.label "Vedi cronologia"> +<!ENTITY aboutTor.viewChangelog.label "Vedi il Changelog"> <!ENTITY aboutTor.ready.label "Naviga. Privatamente."> <!ENTITY aboutTor.ready2.label "Sei pronto per l'esperienza di navigazione più privata al mondo."> @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Registrati alle Tor News."> <!ENTITY aboutTor.donationBanner.freeToUse "L'utilizzo di Tor è gratuito grazie alle donazioni fatte da persone come te."> <!ENTITY aboutTor.donationBanner.buttonA "Dona Adesso"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/it/brand.dtd b/chrome/locale/it/brand.dtd index a56d8b7f..11aa990b 100644 --- a/chrome/locale/it/brand.dtd +++ b/chrome/locale/it/brand.dtd @@ -6,7 +6,7 @@ <!ENTITY brandShortName "Tor Browser"> <!ENTITY brandFullName "Tor Browser"> <!ENTITY vendorShortName "Tor Project"> -<!ENTITY trademarkInfo.part1 "'Tor' e 'Onion Logo' sono marchi registrati su Tor Project, Inc."> +<!ENTITY trademarkInfo.part1 "'Tor' e 'Onion Logo' sono marchi registrati di Tor Project, Inc.">  @@ -14,6 +14,6 @@  <!ENTITY plugins.installed.find "Clicca per caricare i plugin di sistema installati"> -<!ENTITY plugins.installed.enable "Permetti plugin"> -<!ENTITY plugins.installed.disable "Disabilita plugin"> +<!ENTITY plugins.installed.enable "Abilita i plugin"> +<!ENTITY plugins.installed.disable "Disabilita i plugin"> <!ENTITY plugins.installed.disable.tip "Clicca per evitare di caricare i plugin di sistema"> diff --git a/chrome/locale/it/branding/tor-browser-brand.ftl b/chrome/locale/it/branding/tor-browser-brand.ftl index 5a97eead..8336788f 100644 --- a/chrome/locale/it/branding/tor-browser-brand.ftl +++ b/chrome/locale/it/branding/tor-browser-brand.ftl @@ -9,4 +9,4 @@ # remain unchanged across different versions (Nightly, Beta, etc.). -brand-product-name = Tor Browser -vendor-short-name = Tor Project -trademarkInfo = 'Tor' e 'Onion Logo' sono marchi registrati su Tor Project, Inc. +trademarkInfo = 'Tor' e 'Onion Logo' sono marchi registrati di Tor Project, Inc. diff --git a/chrome/locale/it/browserOnboarding.properties b/chrome/locale/it/browserOnboarding.properties index 468e7d95..23b61f19 100644 --- a/chrome/locale/it/browserOnboarding.properties +++ b/chrome/locale/it/browserOnboarding.properties @@ -15,8 +15,8 @@ onboarding.tour-tor-privacy.button=Vai alla rete Tor onboarding.tour-tor-network=Rete Tor onboarding.tour-tor-network.title=Percorri una rete decentralizzata. onboarding.tour-tor-network.description=Tor Browser ti connette alla rete Tor gestita da migliaia di volontari in tutto il mondo. Diversamente dalle VPN, non c'è nessun punto di fallimento o entità centralizzata di cui ti devi fidare per goderti internet privatamente. -onboarding.tour-tor-network.description-para2=NUOVO: Le impostazioni di rete Tor, inclusa la possibilità di chiedere un ponte dove Tor è bloccato, si trovano ora sotto Preferenze. -onboarding.tour-tor-network.action-button=Modifica le tue impostazioni di rete Tor. +onboarding.tour-tor-network.description-para2=NUOVO: Le impostazioni di rete Tor, inclusa la possibilità di chiedere un bridge nei luoghi dove Tor è bloccato, si trovano ora sotto Preferenze. +onboarding.tour-tor-network.action-button=Modifica le tue Impostazioni di Rete Tor. onboarding.tour-tor-network.button=Visualizza il circuito onboarding.tour-tor-circuit-display=Visualizzazione circuito @@ -28,7 +28,7 @@ onboarding.tour-tor-circuit-display.next-button=Vai in Sicurezza onboarding.tour-tor-security=Sicurezza onboarding.tour-tor-security.title=Scegli la tua esperienza. onboarding.tour-tor-security.description=Ti forniamo anche impostazioni aggiuntive per aumentare la sicurezza del tuo browser. Le nostre impostazioni di sicurezza ti permettono di bloccare elementi che potrebbero essere utilizzati per attaccare il tuo computer. Clicca qui sotto per vedere cosa fanno le diverse opzioni. -onboarding.tour-tor-security.description-suffix=Nota: per impostazione predefinita, NoScript e HTTPS Everywhere non sono inclusi nella barra degli strumenti, ma è possibile personalizzare la barra degli strumenti per aggiungerli. +onboarding.tour-tor-security.description-suffix=Nota: per impostazione predefinita, NoScript e HTTPS Everywhere non sono inclusi nella barra degli strumenti, ma è possibile personalizzare tale barra per aggiungerli. onboarding.tour-tor-security-level.button=Vedi il tuo livello di sicurezza onboarding.tour-tor-security-level.next-button=Vai in Consigli per l'esperienza @@ -44,7 +44,7 @@ onboarding.tour-tor-onion-services.description=I servizi onion sono siti che ter onboarding.tour-tor-onion-services.button=Visita una Cipolla onboarding.tour-tor-onion-services.next-button=Fatto -onboarding.overlay-icon-tooltip-updated2=Guarda cosa c'è di nuovo\nnella %S +onboarding.overlay-icon-tooltip-updated2=Guarda cosa c'è di nuovo\nin %S onboarding.tour-tor-update.prefix-new=Nuovo onboarding.tour-tor-update.prefix-updated=Aggiornato @@ -52,8 +52,8 @@ onboarding.tour-tor-toolbar=Barra degli strumenti onboarding.tour-tor-toolbar-update-9.0.title=Arrivederci Onion Button. onboarding.tour-tor-toolbar-update-9.0.description=Vogliamo che la tua esperienza nell'utilizzo di Tor sia perfettamente integrata in Tor Browser. onboarding.tour-tor-toolbar-update-9.0.description-para2=Ecco perchè ora, invece di usare il bottone cipolla, puoi vedere il tuo circuito Tor attraverso [i] nella barra degli indirizzi e richiedere una nuova identità usando il bottone nella barra degli strumenti o nel menu [≡] . -onboarding.tour-tor-toolbar-update-9.0.button=Come richiedere una nuova identità -onboarding.tour-tor-toolbar-update-9.0.next-button=Vai alla rete Tor +onboarding.tour-tor-toolbar-update-9.0.button=Come Richiedere una Nuova Identità +onboarding.tour-tor-toolbar-update-9.0.next-button=Vai alla Rete Tor # Circuit Display onboarding. onboarding.tor-circuit-display.next=Successivo diff --git a/chrome/locale/it/torbutton.dtd b/chrome/locale/it/torbutton.dtd index c4513582..3a0edd1e 100644 --- a/chrome/locale/it/torbutton.dtd +++ b/chrome/locale/it/torbutton.dtd @@ -1,4 +1,4 @@ -<!ENTITY torbutton.context_menu.new_identity "Nuova identità"> +<!ENTITY torbutton.context_menu.new_identity "Nuova Identità"> <!ENTITY torbutton.context_menu.new_identity_key "I"> <!ENTITY torbutton.context_menu.new_circuit "Nuovo Circuito Tor per questo Sito"> <!ENTITY torbutton.context_menu.new_circuit_key "C"> @@ -37,14 +37,14 @@ <!ENTITY torbutton.prefs.sec_limit_typography "Alcuni caratteri e simboli matematici sono disattivati."> <!ENTITY torbutton.prefs.sec_limit_graphics_and_typography "Alcuni caratteri, icone, simboli matematici e immagini sono disattivati."> <!ENTITY torbutton.prefs.sec_click_to_play_media "Audio, video (media HTML5) e WebGL sono click-to-play."> -<!ENTITY torbutton.prefs.sec_custom_warning "Personalizzata"> +<!ENTITY torbutton.prefs.sec_custom_warning "Personalizzato"> <!ENTITY torbutton.prefs.sec_overview "Disabilita alcune funzionalità web che possono essere utilizzate per attaccare la tua sicurezza e anonimato."> <!ENTITY torbutton.prefs.sec_standard_tooltip "Livello di sicurezza: Standard"> <!ENTITY torbutton.prefs.sec_safer_tooltip "Livello di sicurezza: Più sicuro"> <!ENTITY torbutton.prefs.sec_safest_tooltip "Livello di sicurezza: Il più sicuro"> <!ENTITY torbutton.prefs.sec_custom_summary "Le tue impostazioni personalizzate del browser sembrano avere preferenze di sicurezza insolite. Per motivi di sicurezza e privacy, ti consigliamo di scegliere uno dei livelli di sicurezza predefiniti."> -<!ENTITY torbutton.prefs.sec_restore_defaults "Ripristina impostazioni iniziali"> -<!ENTITY torbutton.prefs.sec_advanced_security_settings "Impostazioni di sicurezza avanzate..."> +<!ENTITY torbutton.prefs.sec_restore_defaults "Ripristina Impostazioni Iniziali"> +<!ENTITY torbutton.prefs.sec_advanced_security_settings "Impostazioni di Sicurezza Avanzate..."> <!ENTITY torbutton.circuit_display.title "Circuito Tor"> <!ENTITY torbutton.circuit_display.new_circuit "Nuovo circuito per questo sito"> diff --git a/chrome/locale/it/torbutton.properties b/chrome/locale/it/torbutton.properties index 5b0f4079..29444943 100644 --- a/chrome/locale/it/torbutton.properties +++ b/chrome/locale/it/torbutton.properties @@ -5,7 +5,7 @@ torbutton.circuit_display.this_browser = Questo browser torbutton.circuit_display.relay = Ripetitore torbutton.circuit_display.tor_bridge = Bridge torbutton.circuit_display.unknown_country = Paese sconosciuto -torbutton.circuit_display.guard = Guardia +torbutton.circuit_display.guard = Nodo di guardia torbutton.circuit_display.guard_note = Il tuo nodo [Guardia] non deve cambiare. torbutton.circuit_display.learn_more = Per saperne di più torbutton.circuit_display.click_to_copy = Clicca per copiare @@ -13,8 +13,8 @@ torbutton.circuit_display.copied = Copiato! torbutton.content_sizer.margin_tooltip = Il browser Tor aggiunge questo margine per rendere l'ampiezza e altezza della tua finestra meno distintiva, così si riduce la possibilità di che tu sia tracciato in linea. torbutton.panel.tooltip.disabled = Fai clic per attivare Tor torbutton.panel.tooltip.enabled = Fai clic per disattivare Tor -torbutton.panel.label.disabled = Tor disattivato -torbutton.panel.label.enabled = Tor attivato +torbutton.panel.label.disabled = Tor Disattivato +torbutton.panel.label.enabled = Tor Attivato extensions.torbutton(a)torproject.org.description = Torbutton fornisce un pulsante per configurare le impostazioni di Tor e rimuovere velocemente e facilmente i dati di navigazione privati. torbutton.popup.external.title = Si desidera scaricare un tipo di file esterno? torbutton.popup.external.app = Tor Browser non è in grado di aprire questo file. Sarà necessario usare un'altra applicazione per aprirlo.\n\n @@ -70,43 +70,43 @@ onionServices.errorPage.onionSite=Sito onion # LOCALIZATION NOTE: In the longDescription strings, %S will be replaced with # an error code, e.g., 0xF3. # Tor SOCKS error 0xF0: -onionServices.descNotFound.pageTitle=Problema di caricamento del sito onion -onionServices.descNotFound.header=Sito onion non trovato +onionServices.descNotFound.pageTitle=Problema di Caricamento del Sito Onion +onionServices.descNotFound.header=Sito Onion Non Trovato onionServices.descNotFound=La causa più probabile è che il sito onion sia offline. Contatta l'amministratore del sito onion. onionServices.descNotFound.longDescription=Dettagli: %S — Il descrittore del servizio onion richiesto non può essere trovato nell'hashring, perciò il servizio non è raggiungibile dal client. # Tor SOCKS error 0xF1: -onionServices.descInvalid.pageTitle=Problema di caricamento del sito onion -onionServices.descInvalid.header=Sito onion non raggiungibile +onionServices.descInvalid.pageTitle=Problema di Caricamento del Sito Onion +onionServices.descInvalid.header=Sito Onion Non Raggiungibile onionServices.descInvalid=Il sito onion non è raggiungibile per un errore interno. onionServices.descInvalid.longDescription=Dettagli: %S — Il descrittore del servizio onion richiesto non può essere letto o la validazione della firma è fallita. # Tor SOCKS error 0xF2: -onionServices.introFailed.pageTitle=Problema di caricamento del sito onion -onionServices.introFailed.header=Il sito onion si è disconnesso +onionServices.introFailed.pageTitle=Problema di Caricamento del Sito Onion +onionServices.introFailed.header=Il Sito Onion si è Disconnesso onionServices.introFailed=La causa più probabile è che il sito onion sia offline. Contatta l'amministratore del sito onion. -onionServices.introFailed.longDescription=Dettagli: %S — Introduzione fallita, il che significa che il descrittore è stato trovato ma il servizio non è più connesso al punto di introduzione. Probabilmente il servizio ha cambiato il suo descrittore o non è in esecuzione. +onionServices.introFailed.longDescription=Dettagli: %S — Introduzione fallita, ciò significa che il descrittore è stato trovato ma il servizio non è più connesso al punto di introduzione. Probabilmente il servizio ha cambiato il suo descrittore o non è in esecuzione. # Tor SOCKS error 0xF3: -onionServices.rendezvousFailed.pageTitle=Problema di caricamento del sito onion -onionServices.rendezvousFailed.header=Impossibile connettersi al sito onion +onionServices.rendezvousFailed.pageTitle=Problema di Caricamento del Sito Onion +onionServices.rendezvousFailed.header=Impossibile Connettersi al Sito Onion onionServices.rendezvousFailed=Il sito onion è occupato o la rete Tor è sovraccarica. Riprova più tardi. -onionServices.rendezvousFailed.longDescription=Dettagli: %S — Il client non ha trovato riscontro con il servizio, il che significa che il client non è riuscito a completare la connessione. +onionServices.rendezvousFailed.longDescription=Dettagli: %S — Il client non ha trovato riscontro con il servizio, ciò significa che il client non è riuscito a completare la connessione. # Tor SOCKS error 0xF4: -onionServices.clientAuthMissing.pageTitle=Autorizzazione necessaria -onionServices.clientAuthMissing.header=Il sito onion richiede l'autenticazione +onionServices.clientAuthMissing.pageTitle=Autorizzazione Necessaria +onionServices.clientAuthMissing.header=Il Sito Onion Richiede L'autenticazione onionServices.clientAuthMissing=L'accesso al sito onion richiede una chiave ma non ne è stata fornita nessuna. -onionServices.clientAuthMissing.longDescription=Dettagli: %S — Il client ha scaricato il descrittore del servizio onion richiesto ma non è riuscito a decifrarne il contenuto perchè mancano informazioni di autorizzazione del client. +onionServices.clientAuthMissing.longDescription=Dettagli: %S — Il client ha scaricato il descrittore del servizio onion richiesto, ma non è riuscito a decifrarne il contenuto perché mancano informazioni di autorizzazione del client. # Tor SOCKS error 0xF5: -onionServices.clientAuthIncorrect.pageTitle=Autorizzazione fallita -onionServices.clientAuthIncorrect.header=Autenticazione al sito onion fallita +onionServices.clientAuthIncorrect.pageTitle=Autorizzazione Fallita +onionServices.clientAuthIncorrect.header=Autenticazione al Sito Onion Fallita onionServices.clientAuthIncorrect=La chiave fornita non è corretta o è stata revocata. Contatta l'amministratore del sito onion. -onionServices.clientAuthIncorrect.longDescription=Dettagli: %S — Il client è riuscito a scaricare il descrittore del servizio onion richiesto ma non è riuscito a decifrarne il contenuto usando le informazioni di autorizzazione del client fornite. Potrebbe significare che l'accesso è stato revocato. +onionServices.clientAuthIncorrect.longDescription=Dettagli: %S — Il client è riuscito a scaricare il descrittore del servizio onion richiesto ma non è riuscito a decifrarne il contenuto usando le informazioni di autorizzazione fornite dal client. Potrebbe significare che l'accesso è stato revocato. # Tor SOCKS error 0xF6: -onionServices.badAddress.pageTitle=Problema di caricamento del sito onion -onionServices.badAddress.header=Indirizzo onion non valido +onionServices.badAddress.pageTitle=Problema di Caricamento del Sito Onion +onionServices.badAddress.header=Indirizzo Onion Non Valido onionServices.badAddress=L'indirizzo onion fornito non è valido. Controlla di averlo inserito correttamente. onionServices.badAddress.longDescription=Dettagli: %S — L'indirizzo .onion fornito non è valido. Questo errore accade per uno dei seguenti motivi: il checksum dell'indirizzo non corrisponde, la chiave pubblica ed25519 non è valida o la codifica non è valida. # Tor SOCKS error 0xF7: -onionServices.introTimedOut.pageTitle=Problema di caricamento del sito onion -onionServices.introTimedOut.header=Creazione del circuito onion scaduta +onionServices.introTimedOut.pageTitle=Problema di Caricamento del Sito Onion +onionServices.introTimedOut.header=Creazione del Circuito Onion Scaduta onionServices.introTimedOut=Connessione al sito onion fallita, probabilmente per una connessione di rete debole. onionServices.introTimedOut.longDescription=Dettagli: %S — La connessione al servizio onion richiesto è scaduta mentre si tentava di costruire il circuito di incontro. # @@ -114,31 +114,31 @@ onionServices.introTimedOut.longDescription=Dettagli: %S — La connessione al s onionServices.authPrompt.description2=%S richiede che ti identifichi. onionServices.authPrompt.keyPlaceholder=Inserisci la tua chiave privata per questo servizio onion onionServices.authPrompt.done=Fatto -onionServices.authPrompt.doneAccessKey=d +onionServices.authPrompt.doneAccessKey=f onionServices.authPrompt.invalidKey=Per favore inserisci una chiave valida (52 caratteri base32 o 44 caratteri base64) onionServices.authPrompt.failedToSetKey=Impossibile configurare Tor con la tua chiave -onionServices.authPreferences.header=Autenticazione servizi onion +onionServices.authPreferences.header=Autenticazione Servizi Onion onionServices.authPreferences.overview=Alcuni servizi onion richiedono che ti identifichi con una chiave (una specie di password) prima di potervi accedere. -onionServices.authPreferences.savedKeys=Chiavi salvate… -onionServices.authPreferences.dialogTitle=Chiavi servizio onion +onionServices.authPreferences.savedKeys=Chiavi Salvate… +onionServices.authPreferences.dialogTitle=Chiavi Servizio Onion onionServices.authPreferences.dialogIntro=Le chiavi per il seguente sito onion sono salvate nel tuo computer onionServices.authPreferences.onionSite=Sito onion onionServices.authPreferences.onionKey=Chiave onionServices.authPreferences.remove=Rimuovi onionServices.authPreferences.removeAll=Rimuovi tutte -onionServices.authPreferences.failedToGetKeys=Impossibile recuperare le chiavi da tor +onionServices.authPreferences.failedToGetKeys=Impossibile recuperare le chiavi da Tor onionServices.authPreferences.failedToRemoveKey=Impossibile rimuovere la chiave # Onion-Location strings. -onionLocation.alwaysPrioritize=Priorità sempre agli onion +onionLocation.alwaysPrioritize=Dare Sempre Priorità agli Onion onionLocation.alwaysPrioritizeAccessKey=a -onionLocation.notNow=Non ora +onionLocation.notNow=Non Ora onionLocation.notNowAccessKey=n onionLocation.description=C'è una versione più privata e sicura di questo sito disponibile nella rete Tor tramite i servizi onion. I servizi onion aiutano i gestori dei siti ed i loro visitatori a sconfiggere la sorveglianza e la censura. -onionLocation.tryThis=Prova i servizi onion +onionLocation.tryThis=Prova i Servizi Onion onionLocation.onionAvailable=.onion disponibile onionLocation.learnMore=Maggiori informazioni... onionLocation.always=Sempre onionLocation.askEverytime=Chiedi ogni volta -onionLocation.prioritizeOnionsDescription=Priorità ai siti .onion quando conosciuti. -onionLocation.onionServicesTitle=Servizi onion +onionLocation.prioritizeOnionsDescription=Dare priorità ai siti .onion quando conosciuti. +onionLocation.onionServicesTitle=Servizi Onion diff --git a/chrome/locale/ja/aboutTor.dtd b/chrome/locale/ja/aboutTor.dtd index 10eb73a1..bc1784dc 100644 --- a/chrome/locale/ja/aboutTor.dtd +++ b/chrome/locale/ja/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Tor ニュースに申し込む。"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor は皆さんからの寄付に支えられています。"> <!ENTITY aboutTor.donationBanner.buttonA "今すぐ寄付"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ja/torbutton.properties b/chrome/locale/ja/torbutton.properties index c3f8cd23..62437fa5 100644 --- a/chrome/locale/ja/torbutton.properties +++ b/chrome/locale/ja/torbutton.properties @@ -73,32 +73,32 @@ onionServices.errorPage.onionSite=Onion サイト onionServices.descNotFound.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.descNotFound.header=Onion サイトが見つかりません onionServices.descNotFound=おそらく、Onion サイトがオフラインになっています。Onion サイトの管理者にお問い合わせください。 -onionServices.descNotFound.longDescription=Details: %S — The requested onion service descriptor can't be found on the hashring and therefore the service is not reachable by the client. +onionServices.descNotFound.longDescription=詳細： %S — 指定したオニオンサービス記述子はハッシュリングに見つかることができないため、クライアントによって連絡可能ではありません。 # Tor SOCKS error 0xF1: onionServices.descInvalid.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.descInvalid.header=Onion サイトに到達できません onionServices.descInvalid=内部エラーにより Onion サイトに到達できません。 -onionServices.descInvalid.longDescription=Details: %S — The requested onion service descriptor can't be parsed or signature validation failed. +onionServices.descInvalid.longDescription=詳細： %S — 指定したオニオンサービス記述子は解析されることができません、それとも署名認証が失敗しました。 # Tor SOCKS error 0xF2: onionServices.introFailed.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.introFailed.header=Onion サイトとの接続が切断されました onionServices.introFailed=おそらく、Onion サイトがオフラインになっています。Onion サイトの管理者にお問い合わせください。 -onionServices.introFailed.longDescription=Details: %S — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running. +onionServices.introFailed.longDescription=詳細： %S — 紹介は失敗しました、つまり記述子は見つかりましたがサービスはもはや紹介ポイントと接続されていません。おそらくサービスは記述子を変更しました、それとも動作していません。 # Tor SOCKS error 0xF3: onionServices.rendezvousFailed.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.rendezvousFailed.header=Onion サイトに接続できません onionServices.rendezvousFailed=Onion サイトがビジー状態であるか、または Tor ネットワークに大きな負荷がかかっています。時間をおいて再度やり直してください。 -onionServices.rendezvousFailed.longDescription=Details: %S — The client failed to rendezvous with the service, which means that the client was unable to finalize the connection. +onionServices.rendezvousFailed.longDescription=詳細： %S — クライアントとサービスの合流は失敗しました、つまりクライアントは接続を仕上げれませんでした。 # Tor SOCKS error 0xF4: onionServices.clientAuthMissing.pageTitle=認証が必要です onionServices.clientAuthMissing.header=Onion サイトは認証を必要としています onionServices.clientAuthMissing=Onion サイトへのアクセスに鍵が必要ですが、何も入力されませんでした。 -onionServices.clientAuthMissing.longDescription=Details: %S — The client downloaded the requested onion service descriptor but was unable to decrypt its content because client authorization information is missing. +onionServices.clientAuthMissing.longDescription=詳細： %S — クライアントは指定したオニオンサービス記述子をダウンロードしましたが、欠測クライアント承認情報のため復号化できませんでした。 # Tor SOCKS error 0xF5: onionServices.clientAuthIncorrect.pageTitle=認証に失敗しました onionServices.clientAuthIncorrect.header=Onion サイトの認証に失敗しました onionServices.clientAuthIncorrect=入力された鍵が正しくないか、または鍵が取り消されました。Onion サイトの管理者にお問い合わせください。 -onionServices.clientAuthIncorrect.longDescription=Details: %S — The client was able to download the requested onion service descriptor but was unable to decrypt its content using the provided client authorization information. This may mean that access has been revoked. +onionServices.clientAuthIncorrect.longDescription=詳細： %S — クライアントは指定したオニオンサービス記述子をダウンロードしましたが、提供されたクライアント承認情報で復号化できませんでした。アクセスは取り消された可能性があります。 # Tor SOCKS error 0xF6: onionServices.badAddress.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.badAddress.header=無効な Onion サイトアドレスです @@ -108,7 +108,7 @@ onionServices.badAddress.longDescription=詳細: %S — 提供された .onion onionServices.introTimedOut.pageTitle=Onion サイトの読み込み中に問題が発生しました onionServices.introTimedOut.header=Onion サイトのサーキット作成がタイムアウトしました onionServices.introTimedOut=ネットワークの接続状態が不安定だったため、Onion サイトへの接続に失敗しました。 -onionServices.introTimedOut.longDescription=Details: %S — The connection to the requested onion service timed out while trying to build the rendezvous circuit. +onionServices.introTimedOut.longDescription=詳細： %S — 合流サーキットを確立中に、指定したオニオンサービスとの接続はタイムアウトされました。 # # LOCALIZATION NOTE: %S will be replaced with the .onion address. onionServices.authPrompt.description2=%s はあなたの認証を要求しています。 diff --git a/chrome/locale/ka/aboutTor.dtd b/chrome/locale/ka/aboutTor.dtd index 2bbdf85a..13017c43 100644 --- a/chrome/locale/ka/aboutTor.dtd +++ b/chrome/locale/ka/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "გამოიწერეთ Tor-ის სიახლეები."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor უფასოა, თქვენნაირი ადამიანების შემოწირულობების დამსახურებით."> <!ENTITY aboutTor.donationBanner.buttonA "გაიღეთ თანხა"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ko/aboutTor.dtd b/chrome/locale/ko/aboutTor.dtd index 04e6de97..5599d9ee 100644 --- a/chrome/locale/ko/aboutTor.dtd +++ b/chrome/locale/ko/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Tor 뉴스를 구독."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor는 바로 당신과 같은 사람들의 기부 덕분에 자유롭게 사용할 수 있습니다."> <!ENTITY aboutTor.donationBanner.buttonA "기부하기"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/lt/aboutTor.dtd b/chrome/locale/lt/aboutTor.dtd index 55eec8ec..87ae4703 100644 --- a/chrome/locale/lt/aboutTor.dtd +++ b/chrome/locale/lt/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Užsisakykite Tor naujienas."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor yra nemokamas naudoti dėl paaukojimų iš tokių žmonių kaip jūs."> <!ENTITY aboutTor.donationBanner.buttonA "Paaukokite dabar"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/mk/aboutTor.dtd b/chrome/locale/mk/aboutTor.dtd index 5853c075..b8cf4fad 100644 --- a/chrome/locale/mk/aboutTor.dtd +++ b/chrome/locale/mk/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Пријавете се за Tor Вести."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor е бесплатен за користење благодарение на донациите од луѓе како вас."> <!ENTITY aboutTor.donationBanner.buttonA "Донирај сега"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ms/aboutTor.dtd b/chrome/locale/ms/aboutTor.dtd index 5499dd54..a73267d0 100644 --- a/chrome/locale/ms/aboutTor.dtd +++ b/chrome/locale/ms/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Daftar untuk dapatkan Berita Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "Dermalah Sekarang"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/nb-NO/aboutTor.dtd b/chrome/locale/nb-NO/aboutTor.dtd index 15c0c327..7ba3b842 100644 --- a/chrome/locale/nb-NO/aboutTor.dtd +++ b/chrome/locale/nb-NO/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Registrer deg for Tor-nyheter."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor er gratis å bruke, grunnet bidrag fra folk som deg."> <!ENTITY aboutTor.donationBanner.buttonA "Donér nå"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/nl/aboutTor.dtd b/chrome/locale/nl/aboutTor.dtd index ca46073b..6c881957 100644 --- a/chrome/locale/nl/aboutTor.dtd +++ b/chrome/locale/nl/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Meld u aan voor de Tor-nieuwsbrief."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is gratis te gebruiken dankzij donaties van mensen zoals u."> <!ENTITY aboutTor.donationBanner.buttonA "Doneer nu"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/pl/aboutTor.dtd b/chrome/locale/pl/aboutTor.dtd index f67d40b9..b5719a5b 100644 --- a/chrome/locale/pl/aboutTor.dtd +++ b/chrome/locale/pl/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Zapisz się na newsletter."> <!ENTITY aboutTor.donationBanner.freeToUse "Z przeglądarki Tor można korzystać bezpłatnie dzięki darowiznom od osób takich jak Ty."> <!ENTITY aboutTor.donationBanner.buttonA "Wesprzyj teraz"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/pt-BR/aboutTor.dtd b/chrome/locale/pt-BR/aboutTor.dtd index 26c3f08f..0f69f353 100644 --- a/chrome/locale/pt-BR/aboutTor.dtd +++ b/chrome/locale/pt-BR/aboutTor.dtd @@ -30,3 +30,7 @@ <!ENTITY aboutTor.newsletter.link_text "Inscreva-se para receber Notícias do Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor é livre para usar por causa de doações de pessoas como você."> <!ENTITY aboutTor.donationBanner.buttonA "Doe Agora"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ro/aboutTor.dtd b/chrome/locale/ro/aboutTor.dtd index 07488af9..8a0c22e6 100644 --- a/chrome/locale/ro/aboutTor.dtd +++ b/chrome/locale/ro/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Abonează-te la Tor News."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor poate fi folosit gratuit datorită donațiilor de la oameni ca tine."> <!ENTITY aboutTor.donationBanner.buttonA "Donează Acum"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/ru/aboutTor.dtd b/chrome/locale/ru/aboutTor.dtd index daf12810..0a9259e1 100644 --- a/chrome/locale/ru/aboutTor.dtd +++ b/chrome/locale/ru/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Подпишитесь на новости Tor"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor бесплатен благодаря пожертвованиям таких людей, как вы."> <!ENTITY aboutTor.donationBanner.buttonA "Пожертвовать"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/sv-SE/aboutTor.dtd b/chrome/locale/sv-SE/aboutTor.dtd index 2e1f82fc..54bd5eb5 100644 --- a/chrome/locale/sv-SE/aboutTor.dtd +++ b/chrome/locale/sv-SE/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Anmäl dig till Tor-nyheter."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor är gratis att använda på grund av donationer från människor som du."> <!ENTITY aboutTor.donationBanner.buttonA "Donera nu"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/th/aboutTor.dtd b/chrome/locale/th/aboutTor.dtd index d9671769..5f5f950c 100644 --- a/chrome/locale/th/aboutTor.dtd +++ b/chrome/locale/th/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "สมัครรับข่าวสารเกี่ยวกับ Tor"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "ร่วมบริจาค"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/tr/aboutTor.dtd b/chrome/locale/tr/aboutTor.dtd index d36cc0fd..cc24c2b6 100644 --- a/chrome/locale/tr/aboutTor.dtd +++ b/chrome/locale/tr/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Tor Duyurularına Abone Olun"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor sizin gibi insanların bağışları ile desteklendiği için ücretsiz olarak kullanılabilir."> <!ENTITY aboutTor.donationBanner.buttonA "Bağış Yapın"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/vi/aboutTor.dtd b/chrome/locale/vi/aboutTor.dtd index 39ade34a..ebf65463 100644 --- a/chrome/locale/vi/aboutTor.dtd +++ b/chrome/locale/vi/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Đăng kí nhận tin tức từ Tor."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "Đóng góp Ngay bây giờ"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/zh-CN/aboutTor.dtd b/chrome/locale/zh-CN/aboutTor.dtd index 5b4f5fa7..cb786cd9 100644 --- a/chrome/locale/zh-CN/aboutTor.dtd +++ b/chrome/locale/zh-CN/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "订阅 Tor 的最新动态"> <!ENTITY aboutTor.donationBanner.freeToUse "Tor 是免费使用的，因为有和您一样的人捐助。"> <!ENTITY aboutTor.donationBanner.buttonA "立即捐助"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic."> diff --git a/chrome/locale/zh-CN/torbutton.properties b/chrome/locale/zh-CN/torbutton.properties index 59f1cd2c..c2166c19 100644 --- a/chrome/locale/zh-CN/torbutton.properties +++ b/chrome/locale/zh-CN/torbutton.properties @@ -60,7 +60,7 @@ updateDownloadingPanelUILabel=正下载 %S 更新 # .Onion Page Info prompt. Strings are kept here for ease of translation. pageInfo_OnionEncryptionWithBitsAndProtocol=连接已经被加密（洋葱服务，%1$S，%2$S 位密钥，%3$S） pageInfo_OnionEncryption=连接已经被加密（洋葱服务） -pageInfo_OnionName=Onion Name: +pageInfo_OnionName=洋葱名字： # Onion services strings. Strings are kept here for ease of translation. onionServices.learnMore=更多详情 @@ -73,45 +73,45 @@ onionServices.errorPage.onionSite=洋葱站点 onionServices.descNotFound.pageTitle=洋葱站点加载问题 onionServices.descNotFound.header=找不到洋葱站点 onionServices.descNotFound=最有可能的原因是该洋葱站点已下线。请联系洋葱站点管理员。 -onionServices.descNotFound.longDescription=Details: %S — The requested onion service descriptor can't be found on the hashring and therefore the service is not reachable by the client. +onionServices.descNotFound.longDescription=详情：%S — 请求的洋葱服务标识码未能在哈希算法内找到，因此客户端无法连接到服务。 # Tor SOCKS error 0xF1: onionServices.descInvalid.pageTitle=洋葱站点加载问题 onionServices.descInvalid.header=洋葱站点不可达 onionServices.descInvalid=洋葱站点由于内部错误无法浏览。 -onionServices.descInvalid.longDescription=Details: %S — The requested onion service descriptor can't be parsed or signature validation failed. +onionServices.descInvalid.longDescription=详情：%S — 请求的洋葱服务标识码不能解析，或签名认证失败。 # Tor SOCKS error 0xF2: onionServices.introFailed.pageTitle=洋葱站点加载问题 onionServices.introFailed.header=洋葱站点已断开连接 onionServices.introFailed=最有可能的原因是该洋葱站点已下线。联系洋葱站点管理员。 -onionServices.introFailed.longDescription=Details: %S — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running. +onionServices.introFailed.longDescription=详情：%S — 引导失败，这意味着标识码已被找到，但是服务已不再连接到引导点。有可能服务已改变了标识码，或未运行。 # Tor SOCKS error 0xF3: onionServices.rendezvousFailed.pageTitle=洋葱站点加载问题 onionServices.rendezvousFailed.header=无法连接洋葱站点 onionServices.rendezvousFailed=洋葱站点忙碌或过载。请稍后尝试。 -onionServices.rendezvousFailed.longDescription=Details: %S — The client failed to rendezvous with the service, which means that the client was unable to finalize the connection. +onionServices.rendezvousFailed.longDescription=详情：%S — 客户端未能与服务会合，这意味着客户端未能完成连接。 # Tor SOCKS error 0xF4: onionServices.clientAuthMissing.pageTitle=需要验证 onionServices.clientAuthMissing.header=洋葱站点需要验证 onionServices.clientAuthMissing=访问洋葱站点需要一个密钥但未提供。 -onionServices.clientAuthMissing.longDescription=Details: %S — The client downloaded the requested onion service descriptor but was unable to decrypt its content because client authorization information is missing. +onionServices.clientAuthMissing.longDescription=详情：%S — 客户端下载了请求的洋葱服务标识码，但因为客户端缺失授权信息，而不能解码它的内容。 # Tor SOCKS error 0xF5: onionServices.clientAuthIncorrect.pageTitle=验证失败 onionServices.clientAuthIncorrect.header=洋葱站点认证失败 onionServices.clientAuthIncorrect=提供的密钥不正确或已被吊销。请与洋葱网站管理员联系。 -onionServices.clientAuthIncorrect.longDescription=Details: %S — The client was able to download the requested onion service descriptor but was unable to decrypt its content using the provided client authorization information. This may mean that access has been revoked. +onionServices.clientAuthIncorrect.longDescription=详情：%S — 客户端能下载请求的洋葱服务标识码，但不能用客户端提供的授权信息解码标识码的内容。这可能意味着访问已被撤销。 # Tor SOCKS error 0xF6: onionServices.badAddress.pageTitle=洋葱站点加载问题 onionServices.badAddress.header=无效洋葱站点地址 onionServices.badAddress=提供的洋葱站点地址无效。请检查是否正确输入。 -onionServices.badAddress.longDescription=Details: %S — The provided .onion address is invalid. This error is returned due to one of the following reasons: the address checksum doesn't match, the ed25519 public key is invalid, or the encoding is invalid. +onionServices.badAddress.longDescription=详情：%S — 提供的.onion地址失效了。返回该错误，是由于以下原因之一：地址的校验和不匹配、ed25519公钥失效，或编码无效。 # Tor SOCKS error 0xF7: onionServices.introTimedOut.pageTitle=洋葱站点加载问题 onionServices.introTimedOut.header=洋葱站点链路创建超时 onionServices.introTimedOut=洋葱站点连接失败，可能是由于网络连接较差。 -onionServices.introTimedOut.longDescription=Details: %S — The connection to the requested onion service timed out while trying to build the rendezvous circuit. +onionServices.introTimedOut.longDescription=详情：%S — 在试着建立会合回路时，请求的洋葱服务连接超时。 # # LOCALIZATION NOTE: %S will be replaced with the .onion address. -onionServices.authPrompt.description2=%S is requesting that you authenticate. +onionServices.authPrompt.description2=%S请求您的验证。 onionServices.authPrompt.keyPlaceholder=输入您的私钥来使用此洋葱服务 onionServices.authPrompt.done=完成 onionServices.authPrompt.doneAccessKey=天 @@ -130,7 +130,7 @@ onionServices.authPreferences.failedToGetKeys=无法从 Tor 获得密钥 onionServices.authPreferences.failedToRemoveKey=无法移除密钥 # Onion-Location strings. -onionLocation.alwaysPrioritize=Always Prioritize Onions +onionLocation.alwaysPrioritize=始终优先洋葱 onionLocation.alwaysPrioritizeAccessKey=a onionLocation.notNow=暂不 onionLocation.notNowAccessKey=n diff --git a/chrome/locale/zh-TW/aboutTor.dtd b/chrome/locale/zh-TW/aboutTor.dtd index 79e06ab4..8f9cd989 100644 --- a/chrome/locale/zh-TW/aboutTor.dtd +++ b/chrome/locale/zh-TW/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "訂閱 Tor 的新資訊。"> <!ENTITY aboutTor.donationBanner.freeToUse "由於有像您這樣的人的捐款，Tor 可以免費使用。"> <!ENTITY aboutTor.donationBanner.buttonA "立刻捐款"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic.">

1 0

[torbutton/master] Bug 40113: Add strings for EOY 2020 campaign
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit d27b2be209e0fd423dedb4e797abc899f6c60bdd Author: Matthew Finkel <sysrqb(a)torproject.org> Date: Tue Sep 15 14:38:31 2020 +0000 Bug 40113: Add strings for EOY 2020 campaign --- chrome/locale/en-US/aboutTor.dtd | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/chrome/locale/en-US/aboutTor.dtd b/chrome/locale/en-US/aboutTor.dtd index 7b231095..13e2d8a2 100644 --- a/chrome/locale/en-US/aboutTor.dtd +++ b/chrome/locale/en-US/aboutTor.dtd @@ -29,3 +29,7 @@ <!ENTITY aboutTor.newsletter.link_text "Sign up for Tor News."> <!ENTITY aboutTor.donationBanner.freeToUse "Tor is free to use because of donations from people like you."> <!ENTITY aboutTor.donationBanner.buttonA "Donate Now"> + + +<!ENTITY aboutTor.ey2020.useamask "Use a mask, use Tor."> +<!ENTITY aboutTor.ey2020.resistsurveillance "Resist the surveillance pandemic.">

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 12620: TorBrowser regression tests
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 3bc0074a2d7e535271a8e0462df8ea4a853e0485 Author: Arthur Edelstein <arthuredelstein(a)gmail.com> Date: Wed Aug 27 16:25:00 2014 -0700 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. --- run-tbb-tests | 60 +++++++++++++++ tbb-tests/browser.ini | 5 ++ tbb-tests/browser_tor_TB4.js | 162 +++++++++++++++++++++++++++++++++++++++ tbb-tests/browser_tor_bug2950.js | 74 ++++++++++++++++++ tbb-tests/mochitest.ini | 3 + tbb-tests/moz.build | 10 +++ tbb-tests/test_tor_bug2874.html | 25 ++++++ toolkit/toolkit.mozbuild | 3 +- 8 files changed, 341 insertions(+), 1 deletion(-) diff --git a/run-tbb-tests b/run-tbb-tests new file mode 100755 index 000000000000..5e266f9ba4cd --- /dev/null +++ b/run-tbb-tests @@ -0,0 +1,60 @@ +#!/bin/bash + +# This script runs all the Mochitest tests that have been added or +# modified since the last ffxbld commit. +# +# It does not currently run XPCShell tests. We should change this if we +# start using this type or other types of tests. +# +# The logs of the tests are stored in the tbb-tests.log file. +# Ignored tests are listed in the tbb-tests-ignore.txt file. +# +# https://trac.torproject.org/projects/tor/ticket/18923 + +IFS=$'\n' + +if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ] +then + echo "Using tests list from file tbb-tests-list.txt" + tests=($(cat tbb-tests-list.txt)) +else + ffxbld_commit=$(git log -500 --format='%an %H' | grep '^ffxbld ' \ + | head -1 | cut -d ' ' -f 2) + + tests=($(git diff --name-status "$ffxbld_commit" HEAD | \ + grep -e '^[AM].*/test_[^/]\+\.$html\|xul$$' \ + -e '^[AM].*/browser_[^/]\+\.js$' \ + | sed 's/^[AM]\s\+//')) +fi + +echo 'The following tests will be run:' +for i in "${!tests[@]}" +do + if [ -z "$USE_TESTS_LIST" ] \ + && grep -q "^${tests[$i]}$" tbb-tests-ignore.txt + then + unset "tests[$i]" + continue + fi + echo "- ${tests[$i]}" +done + +if [ -n "$WRITE_TESTS_LIST" ] +then + rm -f tbb-tests-list.txt + for i in "${!tests[@]}" + do + echo "${tests[$i]}" >> tbb-tests-list.txt + done + exit 0 +fi + +rm -f tbb-tests.log +echo $'\n''Starting tests' +./mach mochitest --log-tbpl tbb-tests.log --setpref security.nocertdb=false \ + "${tests[@]}" + +echo "*************************" +echo "*************************" +echo "Summary of failed tests:" +grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini new file mode 100644 index 000000000000..f481660f1417 --- /dev/null +++ b/tbb-tests/browser.ini @@ -0,0 +1,5 @@ +[DEFAULT] + +[browser_tor_bug2950.js] +[browser_tor_omnibox.js] +[browser_tor_TB4.js] diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js new file mode 100644 index 000000000000..af688bee0226 --- /dev/null +++ b/tbb-tests/browser_tor_TB4.js @@ -0,0 +1,162 @@ +// # Test for TB4: Tor Browser's Firefox preference overrides +// Simple regression tests to check the value of each pref and +// decides if it is set as expected. + +// TODO: Write unit tests to check that each pref setting here +// causes the browser to have the desired behavior (a big task). + +function test() { + +let expectedPrefs = [ + // Disable browser auto updaters and associated homepage notifications + ["app.update.auto", false], + ["app.update.enabled", false], + ["browser.search.update", false], + ["browser.rights.3.shown", true], + ["browser.startup.homepage_override.mstone", "ignore"], + ["startup.homepage_welcome_url", ""], + ["startup.homepage_override_url", ""], + + // Disable the "Refresh" prompt that is displayed for stale profiles. + ["browser.disableResetPrompt", true], + + // Disk activity: Disable Browsing History Storage + ["browser.privatebrowsing.autostart", true], + ["browser.cache.disk.enable", false], + ["browser.cache.offline.enable", false], + ["dom.indexedDB.enabled", false], + ["permissions.memory_only", true], + ["network.cookie.lifetimePolicy", 2], + ["security.nocertdb", true], + + // Disk activity: TBB Directory Isolation + ["browser.download.useDownloadDir", false], + ["browser.shell.checkDefaultBrowser", false], + ["browser.download.manager.addToRecentDocs", false], + + // Misc privacy: Disk + ["signon.rememberSignons", false], + ["browser.formfill.enable", false], + ["signon.autofillForms", false], + ["browser.sessionstore.privacy_level", 2], + ["media.cache_size", 0], + + // Misc privacy: Remote + ["browser.send_pings", false], + ["geo.enabled", false], + ["geo.wifi.uri", ""], + ["browser.search.suggest.enabled", false], + ["browser.safebrowsing.malware.enabled", false], + ["extensions.ui.lastCategory", "addons://list/extension"], + ["datareporting.healthreport.uploadEnabled", false], + ["datareporting.policy.dataSubmissionEnabled", false], + ["security.mixed_content.block_active_content", false], // Disable until https://bugzilla.mozilla.org/show_bug.cgi?id=878890 is patched + ["browser.syncPromoViewsLeftMap", "{\"addons\":0, \"passwords\":0, \"bookmarks\":0}"], // Don't promote sync + ["services.sync.engine.prefs", false], // Never sync prefs, addons, or tabs with other browsers + ["services.sync.engine.addons", false], + ["services.sync.engine.tabs", false], + ["extensions.getAddons.cache.enabled", false], // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ + + // Fingerprinting + ["webgl.min_capability_mode", true], + ["webgl.disable-extensions", true], + ["dom.battery.enabled", false], // fingerprinting due to differing OS implementations + ["browser.display.max_font_attempts",10], + ["browser.display.max_font_count",10], + ["gfx.downloadable_fonts.fallback_delay", -1], + ["browser.startup.homepage_override.buildID", "20100101"], + + // Third party stuff + ["network.cookie.cookieBehavior", 1], + ["security.enable_tls_session_tickets", false], + ["network.http.spdy.enabled", false], // Stores state and may have keepalive issues (both fixable) + ["network.http.spdy.enabled.v2", false], // Seems redundant, but just in case + ["network.http.spdy.enabled.v3", false], // Seems redundant, but just in case + + // Proxy and proxy security + ["network.proxy.socks", "127.0.0.1"], + ["network.proxy.socks_port", 9150], + ["network.proxy.socks_remote_dns", true], + ["network.proxy.no_proxies_on", ""], // For fingerprinting and local service vulns (#10419) + ["network.proxy.type", 1], + ["network.security.ports.banned", "9050,9051,9150,9151"], + ["network.dns.disablePrefetch", true], + ["network.protocol-handler.external-default", false], + ["network.protocol-handler.external.mailto", false], + ["network.protocol-handler.external.news", false], + ["network.protocol-handler.external.nntp", false], + ["network.protocol-handler.external.snews", false], + ["network.protocol-handler.warn-external.mailto", true], + ["network.protocol-handler.warn-external.news", true], + ["network.protocol-handler.warn-external.nntp", true], + ["network.protocol-handler.warn-external.snews", true], + + // Network and performance + ["network.http.pipelining", true], + ["network.http.pipelining.aggressive", true], + ["network.http.pipelining.maxrequests", 12], + ["network.http.pipelining.ssl", true], + ["network.http.proxy.pipelining", true], + ["security.ssl.enable_false_start", true], + ["network.http.keep-alive.timeout", 20], + ["network.http.connection-retry-timeout", 0], + ["network.http.max-persistent-connections-per-proxy", 256], + ["network.http.pipelining.reschedule-timeout", 15000], + ["network.http.pipelining.read-timeout", 60000], + // Hacked pref: Now means "Attempt to pipeline at least this many requests together" + ["network.http.pipelining.max-optimistic-requests", 3], + ["security.disable_session_identifiers", true], + + // Extension support + ["extensions.autoDisableScopes", 0], + ["extensions.bootstrappedAddons", "{}"], + ["extensions.checkCompatibility.4.*", false], + ["extensions.databaseSchema", 3], + ["extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5"], + ["extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8"], + ["extensions.enabledScopes", 1], + ["extensions.pendingOperations", false], + ["xpinstall.whitelist.add", ""], + ["xpinstall.whitelist.add.36", ""], + + // Omnibox settings + ["keyword.URL", "https://startpage.com/do/search?q="], + + // Hacks/workarounds: Direct2D seems to crash w/ lots of video cards w/ MinGW? + // Nvida cards also experience crashes without the second pref set to disabled + ["gfx.direct2d.disabled", true], + ["layers.acceleration.disabled", true], + + // Security enhancements + // https://trac.torproject.org/projects/tor/ticket/9387#comment:17 + ["javascript.options.ion.content", false], + ["javascript.options.baselinejit.content", false], + ["javascript.options.asmjs", false], + ["javascript.options.typeinference", false], + + // Enable TLS 1.1 and 1.2: + // https://trac.torproject.org/projects/tor/ticket/11253 + ["security.tls.version.max", 3], + + // Version placeholder + ["torbrowser.version", "UNKNOWN"], + + ]; + +let getPref = function (prefName) { + let type = gPrefService.getPrefType(prefName); + if (type === gPrefService.PREF_INT) return gPrefService.getIntPref(prefName); + if (type === gPrefService.PREF_BOOL) return gPrefService.getBoolPref(prefName); + if (type === gPrefService.PREF_STRING) return gPrefService.getCharPref(prefName); + // Something went wrong. + throw new Error("Can't access pref " + prefName); +}; + +let testPref = function([key, expectedValue]) { + let foundValue = getPref(key); + is(foundValue, expectedValue, "Pref '" + key + "' should be '" + expectedValue +"'."); +}; + +expectedPrefs.map(testPref); + +} // end function test() diff --git a/tbb-tests/browser_tor_bug2950.js b/tbb-tests/browser_tor_bug2950.js new file mode 100644 index 000000000000..010cc6356202 --- /dev/null +++ b/tbb-tests/browser_tor_bug2950.js @@ -0,0 +1,74 @@ +// # Regression tests for tor Bug #2950, Make Permissions Manager memory-only +// Ensures that permissions.sqlite file in profile directory is not written to, +// even when we write a value to Firefox's permissions database. + +// The requisite test() function. +function test() { + +// Needed because of asynchronous part later in the test. +waitForExplicitFinish(); + +// Shortcut +let Ci = Components.interfaces; + +// ## utility functions + +// __uri(spec)__. +// Creates an nsIURI instance from a spec +// (string address such as "http://torproject.org"). +let uri = spec => Services.io.newURI(spec, null, null); + +// __setPermission(spec, key, value)__. +// Sets the site permission of type key to value, for the site located at address spec. +let setPermission = (spec, key, value) => SitePermissions.set(uri(spec), key, value); + +// __getPermission(spec, key)__. +// Reads the site permission value for permission type key, for the site +// located at address spec. +let getPermission = (spec, key) => SitePermissions.get(uri(spec), key); + +// __profileDirPath__. +// The Firefox Profile directory. Expected location of various persistent files. +let profileDirPath = Services.dirsvc.get("ProfD", Components.interfaces.nsIFile).path; + +// __fileInProfile(fileName)__. +// Returns an nsIFile instance corresponding to a file in the Profile directory. +let fileInProfile = fileName => FileUtils.File(profileDirPath + "/" + fileName); + +// ## Now let's run the test. + +let SITE = "http://torproject.org", + KEY = "popup"; + +let permissionsFile = fileInProfile("permissions.sqlite"), + lastModifiedTime = null, + newModifiedTime = null; +if (permissionsFile.exists()) { + lastModifiedTime = permissionsFile.lastModifiedTime; +} +// Read the original value of the permission. +let originalValue = getPermission(SITE, KEY); + +// We need to delay by at least 1000 ms, because that's the granularity +// of file time stamps, it seems. +window.setTimeout( + function () { + // Set the permission to a new value. + setPermission(SITE, KEY, (originalValue === 0) ? 1 : 0); + // Now read back the permission value again. + let newReadValue = getPermission(SITE, KEY); + // Compare to confirm that the permission + // value was successfully changed. + isnot(newReadValue, originalValue, "Set a value in permissions db (perhaps in memory).");; + // If file existed or now exists, get the current time stamp. + if (permissionsFile.exists()) { + newModifiedTime = permissionsFile.lastModifiedTime; + } + // If file was created or modified since we began this test, + // then permissions db is not memory only. Complain! + is(lastModifiedTime, newModifiedTime, "Don't write to permissions.sqlite file on disk."); + // We are done with the test. + finish(); + }, 1100); + +} // test() diff --git a/tbb-tests/mochitest.ini b/tbb-tests/mochitest.ini new file mode 100644 index 000000000000..cc5172733bbe --- /dev/null +++ b/tbb-tests/mochitest.ini @@ -0,0 +1,3 @@ +[DEFAULT] + +[test_tor_bug2874.html] diff --git a/tbb-tests/moz.build b/tbb-tests/moz.build new file mode 100644 index 000000000000..de8a41a67a5c --- /dev/null +++ b/tbb-tests/moz.build @@ -0,0 +1,10 @@ +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOCHITEST_MANIFESTS += ['mochitest.ini'] + +BROWSER_CHROME_MANIFESTS += [ 'browser.ini' ] + diff --git a/tbb-tests/test_tor_bug2874.html b/tbb-tests/test_tor_bug2874.html new file mode 100644 index 000000000000..c0a956e9f687 --- /dev/null +++ b/tbb-tests/test_tor_bug2874.html @@ -0,0 +1,25 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="utf-8"> + <title>Test for Tor Bug 2874</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + <script type="application/javascript"> + is(typeof Components, 'undefined', "The global window object should not expose a Components property to untrusted content."); + </script> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/2874">Tor Bug 2874</a> +<p id="display"></p> +<div id="content" style="display: none"> + +</div> +<pre id="test"> +</pre> +</body> +</html> diff --git a/toolkit/toolkit.mozbuild b/toolkit/toolkit.mozbuild index d092b8b22346..6e35a4602300 100644 --- a/toolkit/toolkit.mozbuild +++ b/toolkit/toolkit.mozbuild @@ -96,7 +96,8 @@ if CONFIG['MOZ_WEBRTC'] and CONFIG['COMPILE_ENVIRONMENT']: ] if CONFIG['ENABLE_TESTS']: - DIRS += ['/testing/specialpowers'] + DIRS += ['/testing/specialpowers', + '/tbb-tests'] DIRS += [ '/testing/gtest',

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] TB3: Tor Browser's official .mozconfigs.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit b688682d086d8245c708829d0760f14d6df7a504 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Mon May 6 15:51:06 2013 -0700 TB3: Tor Browser's official .mozconfigs. Also: Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24 Changes needed to build Mac in 64bit Bug 10715: Enable Webgl for mingw-w64 again. Disable ICU when cross-compiling; clean-up. Bug 15773: Enable ICU on OS X Bug 15990: Don't build the sandbox with mingw-w64 Bug 12761: Switch to ESR 38 for OS X Updating .mozconfig-asan Bug 12516: Compile hardenend Tor Browser with -fwrapv Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 13419: Add back ICU for Windows Bug 21239: Use GTK2 for ESR52 Linux builds Bug 23025: Add hardening flags for macOS Bug 24478: Enable debug assertions and tests in our ASan builds --enable-proxy-bypass-protection Bug 27597: ASan build option in tor-browser-build is broken Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 21849: Don't allow SSL key logging. Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 25741 - TBA: Disable features at compile-time MOZ_NATIVE_DEVICES for casting and the media player MOZ_TELEMETRY_REPORTING for telemetry MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo) Bug 25741 - TBA: Add default configure options in dedicated file Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 29859: Disable HLS support for now Add --disable-tor-launcher build option Add --enable-tor-browser-update build option Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40061: Omit the Windows default browser agent from the build --- .mozconfig | 38 ++++++++++++++++++++++++ .mozconfig-android | 35 ++++++++++++++++++++++ .mozconfig-asan | 43 +++++++++++++++++++++++++++ .mozconfig-mac | 55 +++++++++++++++++++++++++++++++++++ .mozconfig-mingw | 30 +++++++++++++++++++ browser/base/moz.build | 3 ++ browser/installer/Makefile.in | 8 +++++ browser/moz.configure | 8 ++--- build/moz.configure/old.configure | 6 ++++ mobile/android/confvars.sh | 9 ++++++ mobile/android/geckoview/build.gradle | 1 + mobile/android/moz.configure | 17 +++++++++-- mobile/android/torbrowser.configure | 30 +++++++++++++++++++ old-configure.in | 49 +++++++++++++++++++++++++++++++ security/moz.build | 2 +- security/nss/lib/ssl/Makefile | 2 +- toolkit/modules/AppConstants.jsm | 15 ++++++++++ toolkit/modules/moz.build | 3 ++ 18 files changed, 346 insertions(+), 8 deletions(-) diff --git a/.mozconfig b/.mozconfig new file mode 100755 index 000000000000..24efaea57b0b --- /dev/null +++ b/.mozconfig @@ -0,0 +1,38 @@ +. $topsrcdir/browser/config/mozconfig + +# This mozconfig file is not used in official Tor Browser builds. +# It is only intended to be used when doing incremental Linux builds +# during development. The platform-specific mozconfig configuration +# files used in official Tor Browser releases can be found in the +# tor-browser-build repo: +# https://gitweb.torproject.org/builders/tor-browser-build.git/ +# under: +# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-optimize +ac_add_options --enable-official-branding + +# Let's support GTK3 for ESR60 +ac_add_options --enable-default-toolkit=cairo-gtk3 + +ac_add_options --disable-strip +ac_add_options --disable-install-strip +ac_add_options --disable-tests +ac_add_options --disable-debug +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= + +ac_add_options --disable-tor-launcher +ac_add_options --with-tor-browser-version=dev-build +ac_add_options --disable-tor-browser-update diff --git a/.mozconfig-android b/.mozconfig-android new file mode 100755 index 000000000000..1b5e3f3178b7 --- /dev/null +++ b/.mozconfig-android @@ -0,0 +1,35 @@ +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-optimize +ac_add_options --enable-official-branding + +# Android +ac_add_options --enable-application=mobile/android +ac_add_options --target=arm-linux-androideabi +ac_add_options --with-android-ndk="$NDK_BASE" #Enter the android ndk location(ndk r17b) +ac_add_options --with-android-sdk="$SDK_BASE" #Enter the android sdk location +ac_add_options --with-branding=mobile/android/branding/alpha + +# Use Mozilla's Clang blobs +CC="$HOME/.mozbuild/clang/bin/clang" +CXX="$HOME/.mozbuild/clang/bin/clang++" + +#enable ccache to set amount of cache assigned for build. +ac_add_options --with-ccache + +ac_add_options --enable-strip +ac_add_options --disable-tests +ac_add_options --disable-debug +ac_add_options --disable-rust-debug + +ac_add_options --disable-updater +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls + +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-asan b/.mozconfig-asan new file mode 100644 index 000000000000..13232e054d45 --- /dev/null +++ b/.mozconfig-asan @@ -0,0 +1,43 @@ +. $topsrcdir/browser/config/mozconfig + +export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc" +export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc" +# We need to add -ldl explicitely due to bug 1213698 +export LDFLAGS="-fsanitize=address -ldl" + +# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff +# (which is part of mar-tools and is not distributed to end-users) with +# ASan. See bug 17858. +export HOST_CFLAGS="" +export HOST_CXXFLAGS="" +export HOST_LDFLAGS="-ldl" + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 +export BINDGEN_CFLAGS='--gcc-toolchain=/var/tmp/dist/gcc' + +ac_add_options --enable-address-sanitizer +ac_add_options --disable-jemalloc +ac_add_options --disable-elf-hack + +ac_add_options --enable-optimize +ac_add_options --enable-official-branding + +# Let's support GTK3 for ESR60 +ac_add_options --enable-default-toolkit=cairo-gtk3 + +ac_add_options --enable-tor-browser-update + +ac_add_options --disable-strip +ac_add_options --disable-install-strip +ac_add_options --enable-tests +ac_add_options --enable-debug +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-mac b/.mozconfig-mac new file mode 100644 index 000000000000..1f89cab30bbc --- /dev/null +++ b/.mozconfig-mac @@ -0,0 +1,55 @@ +# ld needs libLTO.so from llvm +mk_add_options "export LD_LIBRARY_PATH=$topsrcdir/clang/lib" + +CROSS_CCTOOLS_PATH=$topsrcdir/cctools +CROSS_SYSROOT=$topsrcdir/MacOSX10.7.sdk +CROSS_PRIVATE_FRAMEWORKS=$CROSS_SYSROOT/System/Library/PrivateFrameworks +HARDENING_FLAGS="-Werror=format -Werror=format-security -fstack-protector-strong -D_FORTIFY_SOURCE=2" +FLAGS="-target x86_64-apple-darwin10 -mlinker-version=136 -B $CROSS_CCTOOLS_PATH/bin -isysroot $CROSS_SYSROOT $HARDENING_FLAGS" + +export CC="$topsrcdir/clang/bin/clang $FLAGS" +export CXX="$topsrcdir/clang/bin/clang++ $FLAGS" +export CPP="$topsrcdir/clang/bin/clang $FLAGS -E" +export LLVMCONFIG=$topsrcdir/clang/bin/llvm-config +export LDFLAGS="-Wl,-syslibroot,$CROSS_SYSROOT -Wl,-dead_strip -Wl,-pie" +export TOOLCHAIN_PREFIX=$CROSS_CCTOOLS_PATH/bin/x86_64-apple-darwin10- +#TODO: bug 1184202 - would be nice if these could be detected with TOOLCHAIN_PREFIX automatically +export AR=${TOOLCHAIN_PREFIX}ar +export RANLIB=${TOOLCHAIN_PREFIX}ranlib +export STRIP=${TOOLCHAIN_PREFIX}strip +export OTOOL=${TOOLCHAIN_PREFIX}otool +export DSYMUTIL=$topsrcdir/clang/bin/llvm-dsymutil + +export HOST_CC="$topsrcdir/clang/bin/clang" +export HOST_CXX="$topsrcdir/clang/bin/clang++" +export HOST_CPP="$topsrcdir/clang/bin/clang -E" +export HOST_CFLAGS="-g" +export HOST_CXXFLAGS="-g" +export HOST_LDFLAGS="-g" + +ac_add_options --target=x86_64-apple-darwin +ac_add_options --with-macos-private-frameworks=$CROSS_PRIVATE_FRAMEWORKS + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-macos +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --enable-application=browser +ac_add_options --enable-strip +ac_add_options --enable-official-branding +ac_add_options --enable-optimize +ac_add_options --disable-debug + +ac_add_options --enable-tor-browser-data-outside-app-dir +ac_add_options --enable-tor-browser-update + +ac_add_options --disable-crashreporter +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-tests +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= diff --git a/.mozconfig-mingw b/.mozconfig-mingw new file mode 100644 index 000000000000..4fb050308060 --- /dev/null +++ b/.mozconfig-mingw @@ -0,0 +1,30 @@ +CROSS_COMPILE=1 + +ac_add_options --enable-application=browser +ac_add_options --target=i686-w64-mingw32 +ac_add_options --with-toolchain-prefix=i686-w64-mingw32- +ac_add_options --enable-default-toolkit=cairo-windows +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-mingw +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options --disable-debug +ac_add_options --enable-optimize +ac_add_options --enable-strip +ac_add_options --enable-official-branding + +ac_add_options --enable-tor-browser-update +ac_add_options --disable-bits-download + +# Let's make sure no preference is enabling either Adobe's or Google's CDM. +ac_add_options --disable-eme +ac_add_options --disable-crashreporter +ac_add_options --disable-maintenance-service +ac_add_options --disable-webrtc +ac_add_options --disable-parental-controls +ac_add_options --disable-tests +ac_add_options --enable-proxy-bypass-protection + +# Disable telemetry +ac_add_options MOZ_TELEMETRY_REPORTING= +ac_add_options --disable-default-browser-agent diff --git a/browser/base/moz.build b/browser/base/moz.build index 316be9c9b7d3..310bbffef44f 100644 --- a/browser/base/moz.build +++ b/browser/base/moz.build @@ -73,6 +73,9 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk', 'cocoa'): if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk'): DEFINES['MENUBAR_CAN_AUTOHIDE'] = 1 +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['TOR_BROWSER_UPDATE'] = 1 + JAR_MANIFESTS += ['jar.mn'] GeneratedFile('content/aboutNetErrorCodes.js', script='gen_aboutneterror_codes.py', diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in index b861ad214a64..0325f0ffab9a 100644 --- a/browser/installer/Makefile.in +++ b/browser/installer/Makefile.in @@ -82,6 +82,14 @@ endif endif endif +ifdef TOR_BROWSER_DISABLE_TOR_LAUNCHER +DEFINES += -DTOR_BROWSER_DISABLE_TOR_LAUNCHER +endif + +ifdef TOR_BROWSER_UPDATE +DEFINES += -DTOR_BROWSER_UPDATE +endif + ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET))) DEFINES += -DMOZ_SHARED_MOZGLUE=1 endif diff --git a/browser/moz.configure b/browser/moz.configure index a251050feb9b..3b6b377235ca 100644 --- a/browser/moz.configure +++ b/browser/moz.configure @@ -5,11 +5,11 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. imply_option('MOZ_PLACES', True) -imply_option('MOZ_SERVICES_HEALTHREPORT', True) +imply_option('MOZ_SERVICES_HEALTHREPORT', False) imply_option('MOZ_SERVICES_SYNC', True) -imply_option('MOZ_DEDICATED_PROFILES', True) -imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', True) -imply_option('MOZ_NORMANDY', True) +imply_option('MOZ_DEDICATED_PROFILES', False) +imply_option('MOZ_BLOCK_PROFILE_DOWNGRADE', False) +imply_option('MOZ_NORMANDY', False) with only_when(target_is_linux & compile_environment): option(env='MOZ_NO_PIE_COMPAT', diff --git a/build/moz.configure/old.configure b/build/moz.configure/old.configure index 4737529ff11a..6e70cdac30e1 100644 --- a/build/moz.configure/old.configure +++ b/build/moz.configure/old.configure @@ -243,6 +243,12 @@ def old_configure_options(*options): '--with-user-appdir', '--x-includes', '--x-libraries', + + # Tor additions. + '--with-tor-browser-version', + '--enable-tor-browser-update', + '--enable-tor-browser-data-outside-app-dir', + '--enable-tor-launcher', ) def prepare_configure_options(host, target, all_options, *options): # old-configure only supports the options listed in @old_configure_options diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh index 2cfd371a2956..2d0177075c33 100644 --- a/mobile/android/confvars.sh +++ b/mobile/android/confvars.sh @@ -29,9 +29,18 @@ MOZ_ANDROID_BROWSER_INTENT_CLASS=org.mozilla.gecko.BrowserApp MOZ_NO_SMART_CARDS=1 +# Adds MIME-type support for raw video MOZ_RAW=1 # use custom widget for html:select MOZ_USE_NATIVE_POPUP_WINDOWS=1 MOZ_APP_ID={aa3c5121-dab2-40e2-81ca-7ea25febc110} + +### Tor Browser for Android ### + +# Disable telemetry at compile-time +unset MOZ_TELEMETRY_REPORTING + +# Disable data reporting at compile-time +unset MOZ_DATA_REPORTING diff --git a/mobile/android/geckoview/build.gradle b/mobile/android/geckoview/build.gradle index e295f33e208c..231d364c7ca5 100644 --- a/mobile/android/geckoview/build.gradle +++ b/mobile/android/geckoview/build.gradle @@ -92,6 +92,7 @@ android { buildConfigField 'String', "MOZ_APP_DISPLAYNAME", "\"${mozconfig.substs.MOZ_APP_DISPLAYNAME}\""; buildConfigField 'String', "MOZ_APP_UA_NAME", "\"${mozconfig.substs.MOZ_APP_UA_NAME}\""; buildConfigField 'String', "MOZ_UPDATE_CHANNEL", "\"${mozconfig.substs.MOZ_UPDATE_CHANNEL}\""; + buildConfigField 'String', "TOR_BROWSER_VERSION", "\"${mozconfig.substs.TOR_BROWSER_VERSION}\""; // MOZILLA_VERSION is oddly quoted from autoconf, but we don't have to handle it specially in Gradle. buildConfigField 'String', "MOZILLA_VERSION", "\"${mozconfig.substs.MOZILLA_VERSION}\""; diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure index fa510f0a57d3..f7b4df4ac24a 100644 --- a/mobile/android/moz.configure +++ b/mobile/android/moz.configure @@ -10,7 +10,7 @@ project_flag('MOZ_ANDROID_EXCLUDE_FONTS', project_flag('MOZ_ANDROID_HLS_SUPPORT', help='Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)', - default=True) + default=False) option(env='FENNEC_NIGHTLY', help='Enable experimental code for Fennec Nightly users. NOTE: This is *not* equivalent ' @@ -26,9 +26,12 @@ def fennec_nightly(nightly): return bool(nightly) imply_option('MOZ_NORMANDY', False) -imply_option('MOZ_SERVICES_HEALTHREPORT', True) imply_option('MOZ_ANDROID_HISTORY', True) imply_option('--enable-small-chunk-size', True) +# Comment this so we can imply |False| in torbrowser.configure +# The Build system doesn't allow multiple imply_option() +# calls with the same key. +#imply_option('MOZ_SERVICES_HEALTHREPORT', True) @depends(target) def check_target(target): @@ -39,6 +42,8 @@ def check_target(target): 'Build_Instructions/Simple_Firefox_for_Android_build ' 'for more information about the necessary options.') +include('torbrowser.configure') + include('../../toolkit/moz.configure') include('../../build/moz.configure/android-sdk.configure') include('../../build/moz.configure/java.configure') @@ -50,3 +55,11 @@ option(env='MOZ_ANDROID_FAT_AAR_ARCHITECTURES', help='Comma-separated list of Android CPU architectures like "armeabi-v7a,arm64-v8a,x86,x86_64"') set_config('MOZ_ANDROID_FAT_AAR_ARCHITECTURES', depends('MOZ_ANDROID_FAT_AAR_ARCHITECTURES')(lambda x: x)) + +project_flag('MOZ_ANDROID_NETWORK_STATE', + help='Include permission for accessing WiFi/network state on Android', + default=False) + +project_flag('MOZ_ANDROID_LOCATION', + help='Include permission for accessing fine and course-grain Location on Android', + default=False) diff --git a/mobile/android/torbrowser.configure b/mobile/android/torbrowser.configure new file mode 100644 index 000000000000..2ff6215eedc9 --- /dev/null +++ b/mobile/android/torbrowser.configure @@ -0,0 +1,30 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# Set Tor Browser default config + +imply_option('MOZ_ANDROID_EXCLUDE_FONTS', False) + +# Disable uploading crash reports and dump files to an external server +# This is still configured in old-configure. Uncomment when this moves +# to the python config +#imply_option('MOZ_CRASHREPORTER', False) + +# Disable uploading information about the browser configuration and +# performance to an external server +imply_option('MOZ_SERVICES_HEALTHREPORT', False) + +# Disable creating telemetry and data reports that are uploaded to an +# external server +# These aren't actually configure options. These are disabled in +# confvars.sh, but they look like configure options so we'll document +# them here, as well. +#XXX: no confvars.sh here +#imply_option('MOZ_TELEMETRY_REPORTING', False) +#imply_option('MOZ_DATA_REPORTING', False) + +imply_option('MOZ_ANDROID_NETWORK_STATE', False); +imply_option('MOZ_ANDROID_LOCATION', False); diff --git a/old-configure.in b/old-configure.in index 696b31c10dff..dfe7a74b1669 100644 --- a/old-configure.in +++ b/old-configure.in @@ -1926,6 +1926,55 @@ if test -n "$MOZ_UPDATER"; then AC_DEFINE(MOZ_UPDATER) fi +dnl ======================================================== +dnl Tor additions +dnl ======================================================== +MOZ_ARG_WITH_STRING(tor-browser-version, +[ --with-tor-browser-version=VERSION + Set Tor Browser version, e.g., 7.0a1], + TOR_BROWSER_VERSION="$withval") + +if test -z "$TOR_BROWSER_VERSION"; then + AC_MSG_ERROR([--with-tor-browser-version is required for Tor Browser.]) +fi + +MOZ_ARG_ENABLE_BOOL(tor-browser-update, +[ --enable-tor-browser-update + Enable Tor Browser update], + TOR_BROWSER_UPDATE=1, + TOR_BROWSER_UPDATE= ) + +if test -n "$TOR_BROWSER_UPDATE"; then + AC_DEFINE(TOR_BROWSER_UPDATE) +fi + +MOZ_ARG_ENABLE_BOOL(tor-browser-data-outside-app-dir, +[ --enable-tor-browser-data-outside-app-dir + Enable Tor Browser data outside of app directory], + TOR_BROWSER_DATA_OUTSIDE_APP_DIR=1, + TOR_BROWSER_DATA_OUTSIDE_APP_DIR= ) + +if test -n "$TOR_BROWSER_DATA_OUTSIDE_APP_DIR"; then + AC_DEFINE(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) +fi + +AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,$TOR_BROWSER_VERSION) +AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION_QUOTED,"$TOR_BROWSER_VERSION") +AC_SUBST(TOR_BROWSER_UPDATE) +AC_SUBST(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + +MOZ_ARG_DISABLE_BOOL(tor-launcher, +[ --disable-tor-launcher + Do not include Tor Launcher], + TOR_BROWSER_DISABLE_TOR_LAUNCHER=1, + TOR_BROWSER_DISABLE_TOR_LAUNCHER=) + +if test -n "$TOR_BROWSER_DISABLE_TOR_LAUNCHER"; then + AC_DEFINE(TOR_BROWSER_DISABLE_TOR_LAUNCHER) +fi + +AC_SUBST(TOR_BROWSER_DISABLE_TOR_LAUNCHER) + dnl ======================================================== dnl parental controls (for Windows Vista) dnl ======================================================== diff --git a/security/moz.build b/security/moz.build index dec6f3ef7e21..f00f9fe5d7a7 100644 --- a/security/moz.build +++ b/security/moz.build @@ -85,7 +85,7 @@ gyp_vars['nss_dist_obj_dir'] = '$PRODUCT_DIR/dist/bin' gyp_vars['disable_tests'] = 1 gyp_vars['disable_dbm'] = 1 gyp_vars['disable_libpkix'] = 1 -gyp_vars['enable_sslkeylogfile'] = 1 +gyp_vars['enable_sslkeylogfile'] = 0 # pkg-config won't reliably find zlib on our builders, so just force it. # System zlib is only used for modutil and signtool unless # SSL zlib is enabled, which we are disabling immediately below this. diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile index 8a8b06f4b508..90571bb3e256 100644 --- a/security/nss/lib/ssl/Makefile +++ b/security/nss/lib/ssl/Makefile @@ -41,7 +41,7 @@ endif # Enable key logging by default in debug builds, but not opt builds. # Logging still needs to be enabled at runtime through env vars. -NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1) +NSS_ALLOW_SSLKEYLOGFILE ?= 0 ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE)) DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1 endif diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index da47d20b293c..4192ee5b1c44 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -342,6 +342,14 @@ this.AppConstants = Object.freeze({ MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@", ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@", + TOR_BROWSER_VERSION: "@TOR_BROWSER_VERSION@", + TOR_BROWSER_DATA_OUTSIDE_APP_DIR: +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + true, +#else + false, +#endif + DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@", MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@", @@ -419,4 +427,11 @@ this.AppConstants = Object.freeze({ #else false, #endif + + TOR_BROWSER_UPDATE: +#ifdef TOR_BROWSER_UPDATE + true, +#else + false, +#endif }); diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index 1dbbb685efcd..348ea91f5f2e 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -296,6 +296,9 @@ for var in ('MOZ_ALLOW_ADDON_SIDELOAD', if CONFIG[var]: DEFINES[var] = True +if CONFIG['TOR_BROWSER_UPDATE']: + DEFINES['TOR_BROWSER_UPDATE'] = 1 + JAR_MANIFESTS += ['jar.mn'] DEFINES['TOPOBJDIR'] = TOPOBJDIR

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 40069: Add helpers for message passing with extensions
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 3c9d70da4292b8a855a31874f59d15f71f3fa086 Author: Alex Catarineu <acat(a)torproject.org> Date: Sun Aug 2 19:12:25 2020 +0200 Bug 40069: Add helpers for message passing with extensions --- toolkit/components/extensions/ExtensionParent.jsm | 47 +++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/toolkit/components/extensions/ExtensionParent.jsm b/toolkit/components/extensions/ExtensionParent.jsm index b7bf99accb73..33c3359af04c 100644 --- a/toolkit/components/extensions/ExtensionParent.jsm +++ b/toolkit/components/extensions/ExtensionParent.jsm @@ -264,6 +264,8 @@ const ProxyMessenger = { /** @type Map<number, ParentPort> */ ports: new Map(), + _torRuntimeMessageListeners: [], + init() { this.conduit = new BroadcastConduit(ProxyMessenger, { id: "ProxyMessenger", @@ -326,6 +328,10 @@ const ProxyMessenger = { }, async recvRuntimeMessage(arg, { sender }) { + // We need to listen to some extension messages in Tor Browser + for (const listener of this._torRuntimeMessageListeners) { + listener(arg); + } arg.firstResponse = true; let kind = await this.normalizeArgs(arg, sender); let result = await this.conduit.castRuntimeMessage(kind, arg); @@ -1870,6 +1876,45 @@ for (let name of StartupCache.STORE_NAMES) { StartupCache[name] = new CacheStore(name); } +async function torSendExtensionMessage(extensionId, message) { + // This should broadcast the message to all children "conduits" + // listening for a "RuntimeMessage". Those children conduits + // will either be extension background pages or other extension + // pages listening to browser.runtime.onMessage. + const result = await ProxyMessenger.conduit.castRuntimeMessage("messenger", { + extensionId, + holder: new StructuredCloneHolder(message), + firstResponse: true, + sender: { + id: extensionId, + envType: "addon_child", + }, + }); + return result + ? result.value + : Promise.reject({ message: ERROR_NO_RECEIVERS }); +} + +async function torWaitForExtensionMessage(extensionId, checker) { + return new Promise(resolve => { + const msgListener = msg => { + try { + if (msg && msg.extensionId === extensionId) { + const deserialized = msg.holder.deserialize({}); + if (checker(deserialized)) { + const idx = ProxyMessenger._torRuntimeMessageListeners.indexOf( + msgListener + ); + ProxyMessenger._torRuntimeMessageListeners.splice(idx, 1); + resolve(deserialized); + } + } + } catch (e) {} + }; + ProxyMessenger._torRuntimeMessageListeners.push(msgListener); + }); +} + var ExtensionParent = { GlobalManager, HiddenExtensionPage, @@ -1881,6 +1926,8 @@ var ExtensionParent = { promiseExtensionViewLoaded, watchExtensionProxyContextLoad, DebugUtils, + torSendExtensionMessage, + torWaitForExtensionMessage, }; // browserPaintedPromise and browserStartupPromise are promises that

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 28044: Integrate Tor Launcher into tor-browser
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 2370826450ec667fe481151b8e0f319c5cd4f6d8 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Feb 26 10:07:17 2019 -0500 Bug 28044: Integrate Tor Launcher into tor-browser Build and package Tor Launcher as part of the browser (similar to how pdfjs is handled). If a Tor Launcher extension is present in the user's profile, it is removed. --- browser/extensions/moz.build | 5 +++++ browser/installer/package-manifest.in | 5 +++++ toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++++++++++ 3 files changed, 20 insertions(+) diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index f71ece63c42d..9787ecf81592 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -11,3 +11,8 @@ DIRS += [ 'webcompat', 'report-site-issue' ] + +if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: + DIRS += [ + 'tor-launcher', + ] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 2865597f498e..9cb8a3c65d7b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -252,6 +252,11 @@ @RESPATH@/browser/chrome/browser.manifest @RESPATH@/chrome/pdfjs.manifest @RESPATH@/chrome/pdfjs/* +#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER +@RESPATH@/browser/chrome/torlauncher.manifest +@RESPATH@/browser/chrome/torlauncher/* +@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js +#endif @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 14bbba2b39b9..87e4d3ee9e45 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,16 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); + // Since it is now part of the browser, uninstall the Tor Launcher + // extension. This will remove the Tor Launcher .xpi from user + // profiles on macOS. + if (id === "tor-launcher(a)torproject.org") { + logger.debug("Uninstalling the Tor Launcher extension."); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 13028: Prevent potential proxy bypass cases.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 451ec3d3123c848798217b0cf2b2fd533c7d94ae Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Mon Sep 29 14:30:19 2014 -0700 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. --- security/nss/lib/certhigh/ocsp.c | 8 ++++++++ .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index cea8456606bf..86fa971cfbef 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port) PRNetAddr addr; char *netdbbuf = NULL; + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host, + port); + goto loser; +#endif + sock = PR_NewTCPSocket(); if (sock == NULL) goto loser; diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index e8698376b5be..85791d84a932 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create( plContext), PKIX_COULDNOTCREATESOCKETOBJECT); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct socket connect\n"); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + socket->isServer = isServer; socket->timeout = timeout; socket->clientSock = NULL; @@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName( localCopyName = PL_strdup(serverName); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort"); PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket); + // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but + // we want to ensure nothing can ever hit this code in production. +#if 1 + printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, + portnum); + PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 10760: Integrate TorButton to TorBrowser core
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit b4c5d90c163467ea91e8d012d60984a6e7b734e9 Author: Alex Catarineu <acat(a)torproject.org> Date: Wed Feb 19 23:05:08 2020 +0100 Bug 10760: Integrate TorButton to TorBrowser core Because of the non-restartless nature of Torbutton, it required a two-stage installation process. On mobile, it was a problem, because it was not loading when the user opened the browser for the first time. Moving it to tor-browser and making it a system extension allows it to load when the user opens the browser for first time. Additionally, this patch also fixes Bug 27611. Bug 26321: New Circuit and New Identity menu items Bug 14392: Make about:tor behave like other initial pages. Bug 25013: Add torbutton as a tor-browser submodule --- .gitmodules | 3 ++ browser/base/content/aboutDialog.xhtml | 38 +++++++++++------ browser/base/content/browser-doctype.inc | 6 +++ browser/base/content/browser-menubar.inc | 49 ++++++++++++++++------ browser/base/content/browser-sets.inc | 2 + browser/base/content/browser.js | 1 + browser/base/content/browser.xhtml | 26 +++++++++++- .../controlcenter/content/identityPanel.inc.xhtml | 17 ++++++++ browser/installer/package-manifest.in | 2 + docshell/base/nsAboutRedirector.cpp | 6 ++- docshell/build/components.conf | 1 + mobile/android/installer/package-manifest.in | 4 ++ toolkit/moz.build | 1 + .../mozapps/extensions/internal/XPIProvider.jsm | 9 ++++ toolkit/torproject/torbutton | 1 + .../lib/environments/browser-window.js | 6 ++- 16 files changed, 142 insertions(+), 30 deletions(-) diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000000..2f03bd8e22df --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "toolkit/torproject/torbutton"] + path = toolkit/torproject/torbutton + url = https://git.torproject.org/torbutton.git diff --git a/browser/base/content/aboutDialog.xhtml b/browser/base/content/aboutDialog.xhtml index 69cbf846bbef..5274cbc02831 100644 --- a/browser/base/content/aboutDialog.xhtml +++ b/browser/base/content/aboutDialog.xhtml @@ -7,11 +7,11 @@ <?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/content/aboutDialog.css" type="text/css"?> <?xml-stylesheet href="chrome://branding/content/aboutDialog.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/aboutDialog.css" type="text/css"?> + <!DOCTYPE window [ -#ifdef XP_MACOSX #include browser-doctype.inc -#endif ]> <window xmlns:html="http://www.w3.org/1999/xhtml" @@ -28,7 +28,7 @@ data-l10n-id="aboutDialog-title" #endif role="dialog" - aria-describedby="version distribution distributionId communityDesc contributeDesc trademark" + aria-describedby="version distribution distributionId projectDesc helpDesc trademark trademarkTor" > #ifdef XP_MACOSX #include macWindow.inc.xhtml @@ -132,24 +132,36 @@ <label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-exp-creditsLink"></label> </description> </vbox> - <description class="text-blurb" id="communityDesc" data-l10n-id="community-2"> - <label is="text-link" href="http://www.mozilla.org/" data-l10n-name="community-mozillaLink"></label> - <label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-creditsLink"></label> +  + <description class="text-blurb" id="communityDesc" data-l10n-id="community-2" hidden="true"></description> + <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus" hidden="true"></description> + <description class="text-blurb" id="projectDesc"> + &project.start; + <label is="text-link" href="https://www.torproject.org/"> + &project.tpoLink; + </label>&project.end; </description> - <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus"> - <label is="text-link" href="https://donate.mozilla.org/?utm_source=firefox&utm_medium=referral&…" data-l10n-name="helpus-donateLink"></label> - <label is="text-link" href="http://www.mozilla.org/contribute/" data-l10n-name="helpus-getInvolvedLink"></label> + <description class="text-blurb" id="helpDesc"> + &help.start; + <label is="text-link" href="https://donate.torproject.org/"> + &help.donateLink; + </label> + &help.or; + <label is="text-link" href="https://community.torproject.org/"> + &help.getInvolvedLink; + </label>&help.end; </description> </vbox> </vbox> </hbox> <vbox id="bottomBox"> - <hbox pack="center"> - <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license" data-l10n-id="bottomLinks-license"></label> - <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:rights" data-l10n-id="bottomLinks-rights"></label> - <label is="text-link" class="bottom-link" href="https://www.mozilla.org/privacy/" data-l10n-id="bottomLinks-privacy"></label> + <hbox id="newBottom" pack="center" position="1"> + <label is="text-link" class="bottom-link" href="https://support.torproject.org/">&bottomLinks.questions;</label> + <label is="text-link" class="bottom-link" href="https://community.torproject.org/relay/">&bottomLinks.grow;</label> + <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license">&bottomLinks.license;</label> </hbox> <description id="trademark" data-l10n-id="trademarkInfo"></description> + <description id="trademarkTor">&tor.TrademarkStatement;</description> </vbox> </vbox> diff --git a/browser/base/content/browser-doctype.inc b/browser/base/content/browser-doctype.inc index 9aa278773158..48cf6cd3eda0 100644 --- a/browser/base/content/browser-doctype.inc +++ b/browser/base/content/browser-doctype.inc @@ -14,3 +14,9 @@ %syncBrandDTD; <!ENTITY % brandingsDTD SYSTEM "chrome://browser/locale/brandings.dtd"> %brandingsDTD; +<!ENTITY % torbuttonDTD SYSTEM "chrome://torbutton/locale/torbutton.dtd"> +%torbuttonDTD; +<!ENTITY % aboutTorDTD SYSTEM "chrome://torbutton/locale/aboutTor.dtd"> +%aboutTorDTD; +<!ENTITY % aboutDialogDTD SYSTEM "chrome://torbutton/locale/aboutDialog.dtd"> +%aboutDialogDTD; diff --git a/browser/base/content/browser-menubar.inc b/browser/base/content/browser-menubar.inc index 1efe3f82aec1..d2e94ca441dc 100644 --- a/browser/base/content/browser-menubar.inc +++ b/browser/base/content/browser-menubar.inc @@ -34,6 +34,18 @@ command="Tools:NonFissionWindow" accesskey="s" label="New Non-Fission Window"/> #endif + <menuseparator/> + <menuitem id="menu_newIdentity" + accesskey="&torbutton.context_menu.new_identity_key;" + key="torbutton-new-identity-key" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();"/> + <menuitem id="menu_newCircuit" + accesskey="&torbutton.context_menu.new_circuit_key;" + key="torbutton-new-circuit-key" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();"/> + <menuseparator/> <menuitem id="menu_openLocation" hidden="true" command="Browser:OpenLocation" @@ -454,17 +466,28 @@ #endif data-l10n-id="menu-help"> <menupopup id="menu_HelpPopup" onpopupshowing="buildHelpMenu();"> - <menuitem id="menu_openHelp" +  + <box id="feedbackPage"/> + <box id="helpSafeMode"/> + <box id="menu_HelpPopup_reportPhishingtoolmenu"/> + <box id="menu_HelpPopup_reportPhishingErrortoolmenu"/> +  + <menuitem id="torBrowserUserManual" + oncommand="gBrowser.selectedTab = gBrowser.addTab('https://tb-manual.torproject.org/' + Services.locale.requestedLocale, {triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal()});" + label="&aboutTor.torbrowser_user_manual.label;" + accesskey="&aboutTor.torbrowser_user_manual.accesskey;"/> +  +  #else - /> + /> --> #endif - <menuitem id="menu_openTour" - oncommand="openTourPage();" data-l10n-id="menu-help-show-tour"/> +  <menuitem id="help_importFromAnotherBrowser" command="cmd_help_importFromAnotherBrowser" data-l10n-id="menu-help-import-from-another-browser"/> <menuitem id="menu_keyboardShortcuts" @@ -473,22 +496,22 @@ <menuitem id="troubleShooting" oncommand="openTroubleshootingPage()" onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-troubleshooting-info"/> - <menuitem id="feedbackPage" +  +  +  +  <menuseparator id="helpPolicySeparator" hidden="true"/> <menuitem id="helpPolicySupport" diff --git a/browser/base/content/browser-sets.inc b/browser/base/content/browser-sets.inc index d03e3c4301d1..6c634a53b30a 100644 --- a/browser/base/content/browser-sets.inc +++ b/browser/base/content/browser-sets.inc @@ -376,4 +376,6 @@ data-l10n-id="hide-other-apps-shortcut" modifiers="accel,alt"/> #endif + <key id="torbutton-new-identity-key" modifiers="accel shift" key="U" oncommand="torbutton_new_identity()"/> + <key id="torbutton-new-circuit-key" modifiers="accel shift" key="L" oncommand="torbutton_new_circuit()"/> </keyset> diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 04f2d0195ab8..7764aacd1491 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -620,6 +620,7 @@ var gPageIcons = { }; var gInitialPages = [ + "about:tor", "about:blank", "about:newtab", "about:home", diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 965fb8b98b81..f0c59f98886c 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -29,6 +29,8 @@ <?xml-stylesheet href="chrome://browser/skin/searchbar.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/places/tree-icons.css" type="text/css"?> <?xml-stylesheet href="chrome://browser/skin/places/editBookmark.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/tor-circuit-display.css" type="text/css"?> +<?xml-stylesheet href="chrome://torbutton/skin/torbutton.css" type="text/css"?> # All DTD information is stored in a separate file so that it can be shared by # hiddenWindowMac.xhtml. @@ -106,11 +108,18 @@ Services.scriptloader.loadSubScript("chrome://browser/content/places/places-menupopup.js", this); Services.scriptloader.loadSubScript("chrome://browser/content/search/autocomplete-popup.js", this); Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this); + Services.scriptloader.loadSubScript("chrome://torbutton/content/tor-circuit-display.js", this); + Services.scriptloader.loadSubScript("chrome://torbutton/content/torbutton.js", this); window.onload = gBrowserInit.onLoad.bind(gBrowserInit); window.onunload = gBrowserInit.onUnload.bind(gBrowserInit); window.onclose = WindowIsClosing; + //onLoad Handler + try { + window.addEventListener("load", torbutton_init, false); + } catch (e) {} + window.addEventListener("MozBeforeInitialXULLayout", gBrowserInit.onBeforeInitialXULLayout.bind(gBrowserInit), { once: true }); @@ -790,7 +799,8 @@ class="subviewbutton subviewbutton-iconic" label="&newPrivateWindow.label;" key="key_privatebrowsing" - command="Tools:PrivateBrowsing"/> + command="Tools:PrivateBrowsing" + hidden="true"/> #ifdef NIGHTLY_BUILD <toolbarbutton id="appMenu-fission-window-button" class="subviewbutton subviewbutton-iconic" @@ -806,7 +816,19 @@ <toolbarbutton id="appMenuRestoreLastSession" label="&appMenuHistory.restoreSession.label;" class="subviewbutton subviewbutton-iconic" - command="Browser:RestoreLastSession"/> + command="Browser:RestoreLastSession" + hidden="true"/> + <toolbarseparator/> + <toolbarbutton id="appMenuNewIdentity" + class="subviewbutton subviewbutton-iconic" + key="torbutton-new-identity-key" + label="&torbutton.context_menu.new_identity;" + oncommand="torbutton_new_identity();"/> + <toolbarbutton id="appMenuNewCircuit" + class="subviewbutton subviewbutton-iconic" + key="torbutton-new-circuit-key" + label="&torbutton.context_menu.new_circuit;" + oncommand="torbutton_new_circuit();"/> <toolbarseparator/> <toolbaritem id="appMenu-zoom-controls" class="toolbaritem-combined-buttons" closemenu="none">  diff --git a/browser/components/controlcenter/content/identityPanel.inc.xhtml b/browser/components/controlcenter/content/identityPanel.inc.xhtml index 7e3badbff3b3..e32fd66ff16f 100644 --- a/browser/components/controlcenter/content/identityPanel.inc.xhtml +++ b/browser/components/controlcenter/content/identityPanel.inc.xhtml @@ -60,6 +60,23 @@ oncommand="gIdentityHandler.showSecuritySubView();"/> </hbox> +  + <hbox id="circuit-display-container" class="identity-popup-section"> + <vbox id="circuit-display-content" flex="1" role="group" + aria-labelledby="circuit-display-headline"> + <hbox id="circuit-display-header" align="center"> + <label id="circuit-display-headline" + role="heading" aria-level="2">&torbutton.circuit_display.title;</label> + </hbox> + <html:ul id="circuit-display-nodes" dir="auto"/> + </vbox> + <vbox id="circuit-reload-content" flex="1"> + <html:button id="circuit-reload-button" + onclick="torbutton_new_circuit()">&torbutton.circuit_display.new_circuit;</html:button> + <hbox id="circuit-guard-note-container"/> + </vbox> + </hbox> +  <hbox class="identity-popup-section" when-connection="not-secure secure secure-ev secure-cert-user-overridden file extension cert-error-page https-only-error-page"> diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 9cb8a3c65d7b..d2113da95cdf 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -257,6 +257,8 @@ @RESPATH@/browser/chrome/torlauncher/* @RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js #endif +@RESPATH@/chrome/torbutton.manifest +@RESPATH@/chrome/torbutton/* @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/docshell/base/nsAboutRedirector.cpp b/docshell/base/nsAboutRedirector.cpp index 26fd0dca54eb..fd6f6a4972a1 100644 --- a/docshell/base/nsAboutRedirector.cpp +++ b/docshell/base/nsAboutRedirector.cpp @@ -150,7 +150,11 @@ static const RedirEntry kRedirMap[] = { {"crashcontent", "about:blank", nsIAboutModule::HIDE_FROM_ABOUTABOUT | nsIAboutModule::URI_CAN_LOAD_IN_CHILD | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD}}; + nsIAboutModule::URI_MUST_LOAD_IN_CHILD}, + {"tor", "chrome://torbutton/content/aboutTor/aboutTor.xhtml", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT}}; static const int kRedirTotal = mozilla::ArrayLength(kRedirMap); NS_IMETHODIMP diff --git a/docshell/build/components.conf b/docshell/build/components.conf index 70dbcd661099..b5bf16f4cae8 100644 --- a/docshell/build/components.conf +++ b/docshell/build/components.conf @@ -27,6 +27,7 @@ about_pages = [ 'srcdoc', 'support', 'telemetry', + 'tor', 'url-classifier', 'webrtc', ] diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in index 17d6471c4742..055eb4717447 100644 --- a/mobile/android/installer/package-manifest.in +++ b/mobile/android/installer/package-manifest.in @@ -137,6 +137,10 @@ @BINPATH@/chrome/devtools@JAREXT@ @BINPATH@/chrome/devtools.manifest +; Torbutton +@BINPATH@/chrome/torbutton@JAREXT@ +@BINPATH@/chrome/torbutton.manifest + ; [Default Preferences] ; All the pref files must be part of base to prevent migration bugs #ifdef MOZ_GECKOVIEW_JAR diff --git a/toolkit/moz.build b/toolkit/moz.build index b6f792da7124..3451334de15c 100644 --- a/toolkit/moz.build +++ b/toolkit/moz.build @@ -23,6 +23,7 @@ DIRS += [ 'pluginproblem', 'profile', 'themes', + 'torproject/torbutton', ] if CONFIG['OS_ARCH'] == 'WINNT' and CONFIG['MOZ_DEFAULT_BROWSER_AGENT']: diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 87e4d3ee9e45..a27888278f77 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,15 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); + // Uninstall torbutton if it is installed in the user profile + if (id === "torbutton(a)torproject.org" && + loc.name === KEY_APP_PROFILE) { + logger.debug("Uninstalling torbutton from user profile."); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + // Since it is now part of the browser, uninstall the Tor Launcher // extension. This will remove the Tor Launcher .xpi from user // profiles on macOS. diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton new file mode 160000 index 000000000000..9a3956916b98 --- /dev/null +++ b/toolkit/torproject/torbutton @@ -0,0 +1 @@ +Subproject commit 9a3956916b9897d668138dd450ad5a8be9d38e02 diff --git a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js index 76e03f2d49bb..2ff107b553b2 100644 --- a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js +++ b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js @@ -75,7 +75,11 @@ function getGlobalScriptIncludes(scriptPath) { "browser/components/search/content/" ) .replace("chrome://browser/content/", "browser/base/content/") - .replace("chrome://global/content/", "toolkit/content/"); + .replace("chrome://global/content/", "toolkit/content/") + .replace( + "chrome://torbutton/content/", + "toolkit/torproject/torbutton/chrome/content/" + ); for (let mapping of Object.getOwnPropertyNames(MAPPINGS)) { if (sourceFile.includes(mapping)) {

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit d3262a2354bb096ef2561927b187794ec75cfeda Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Wed Aug 27 15:19:10 2014 -0700 Bug 12974: Disable NTLM and Negotiate HTTP Auth This is technically an embargoed Mozilla bug, so I probably shouldn't provide too many details. Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt very many (or any of them) actually need it. The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421 --- extensions/auth/nsHttpNegotiateAuth.cpp | 4 ++++ netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++ 2 files changed, 7 insertions(+) diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 99720475b9dd..1c08fcf3da7e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -152,6 +152,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel, nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState; *identityInvalid = false; + + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + if (rawModule) { return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 0a30de051014..891aaadfd758 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel, *identityInvalid = false; + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them.

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 3547: Block all plugins.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 3977591a0e94bba2f3269e5cf0cc2b8168b2e8a2 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index dfac7b052567..aa06842dd3f5 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -478,6 +478,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath);

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Add TorStrings module for localization
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 23d3d071dca47e4665ecdcb221812eee28ba08f7 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Jul 24 21:15:20 2020 +0200 Add TorStrings module for localization --- browser/modules/TorStrings.jsm | 490 +++++++++++++++++++++++++++++++++++++++++ browser/modules/moz.build | 1 + 2 files changed, 491 insertions(+) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm new file mode 100644 index 000000000000..e8a8d37ae373 --- /dev/null +++ b/browser/modules/TorStrings.jsm @@ -0,0 +1,490 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorStrings"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); +const { getLocale } = ChromeUtils.import( + "resource://torbutton/modules/utils.js" +); + +XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]); +XPCOMUtils.defineLazyGetter(this, "domParser", () => { + const parser = new DOMParser(); + parser.forceEnableDTD(); + return parser; +}); + +/* + Tor DTD String Bundle + + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorDTDStringBundle { + constructor(aBundleURLs, aPrefix) { + let locations = []; + for (const [index, url] of aBundleURLs.entries()) { + locations.push(`<!ENTITY % dtd_${index} SYSTEM "${url}">%dtd_${index};`); + } + this._locations = locations; + this._prefix = aPrefix; + } + + // copied from testing/marionette/l10n.js + localizeEntity(urls, id) { + // Use the DOM parser to resolve the entity and extract its real value + let header = `<?xml version="1.0"?><!DOCTYPE elem [${this._locations.join( + "" + )}]>`; + let elem = `<elem id="elementID">&${id};</elem>`; + let doc = domParser.parseFromString(header + elem, "text/xml"); + let element = doc.querySelector("elem[id='elementID']"); + + if (element === null) { + throw new Error(`Entity with id='${id}' hasn't been found`); + } + + return element.textContent; + } + + getString(key, fallback) { + if (key) { + try { + return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { + try { + this._bundle = Services.strings.createBundle(aBundleURL); + } catch (e) {} + + this._prefix = aPrefix; + } + + getString(key, fallback) { + if (key) { + try { + return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} + } + + // on failure, assign the fallback if it exists + if (fallback) { + return fallback; + } + // otherwise return string key + return `$(${key})`; + } +} + +/* + Security Level Strings +*/ +var TorStrings = { + /* + Tor Browser Security Level Strings + */ + securityLevel: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torbutton/locale/torbutton.dtd"], + "torbutton.prefs.sec_" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + // read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error + let retval = { + securityLevel: getString("caption", "Security Level"), + customWarning: getString("custom_warning", "Custom"), + overview: getString( + "overview", + "Disable certain web features that can be used to attack your security and anonymity." + ), + standard: { + level: getString("standard_label", "Standard"), + tooltip: getString("standard_tooltip", "Security Level : Standard"), + summary: getString( + "standard_description", + "All Tor Browser and website features are enabled." + ), + }, + safer: { + level: getString("safer_label", "Safer"), + tooltip: getString("safer_tooltip", "Security Level : Safer"), + summary: getString( + "safer_description", + "Disables website features that are often dangerous, causing some sites to lose functionality." + ), + description1: getString( + "js_on_https_sites_only", + "JavaScript is disabled on non-HTTPS sites." + ), + description2: getString( + "limit_typography", + "Some fonts and math symbols are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + safest: { + level: getString("safest_label", "Safest"), + tooltip: getString("safest_tooltip", "Security Level : Safest"), + summary: getString( + "safest_description", + "Only allows website features required for static sites and basic services. These changes affect images, media, and scripts." + ), + description1: getString( + "js_disabled", + "JavaScript is disabled by default on all sites." + ), + description2: getString( + "limit_graphics_and_typography", + "Some fonts, icons, math symbols, and images are disabled." + ), + description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." + ), + }, + custom: { + summary: getString( + "custom_summary", + "Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels." + ), + }, + learnMore: getString("learn_more_label", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/security-settings/`, + restoreDefaults: getString("restore_defaults", "Restore Defaults"), + advancedSecuritySettings: getString( + "advanced_security_settings", + "Advanced Security Settings\u2026" + ), + }; + return retval; + })() /* Security Level Strings */, + + /* + Tor about:preferences#tor Strings + */ + settings: (function() { + let tsb = new TorDTDStringBundle( + ["chrome://torlauncher/locale/network-settings.dtd"], + "" + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + let retval = { + categoryTitle: getString("torPreferences.categoryTitle", "Tor"), + torPreferencesHeading: getString( + "torPreferences.torSettings", + "Tor Settings" + ), + torPreferencesDescription: getString( + "torPreferences.torSettingsDescription", + "Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world." + ), + learnMore: getString("torPreferences.learnMore", "Learn More"), + bridgesHeading: getString("torPreferences.bridges", "Bridges"), + bridgesDescription: getString( + "torPreferences.bridgesDescription", + "Bridges help you access the Tor Network in places where Tor is blocked. Depending on where you are, one bridge may work better than another." + ), + useBridge: getString("torPreferences.useBridge", "Use a bridge"), + selectBridge: getString( + "torsettings.useBridges.default", + "Select a bridge" + ), + requestBridgeFromTorProject: getString( + "torsettings.useBridges.bridgeDB", + "Request a bridge from torproject.org" + ), + requestNewBridge: getString( + "torPreferences.requestNewBridge", + "Request a New Bridge\u2026" + ), + provideBridge: getString( + "torPreferences.provideBridge", + "Provide a bridge" + ), + provideBridgeDirections: getString( + "torsettings.useBridges.label", + "Enter bridge information from a trusted source." + ), + provideBridgePlaceholder: getString( + "torsettings.useBridges.placeholder", + "type address:port (one per line)" + ), + advancedHeading: getString("torPreferences.advanced", "Advanced"), + advancedDescription: getString( + "torPreferences.advancedDescription", + "Configure how Tor Browser connects to the internet." + ), + useLocalProxy: getString("torsettings.useProxy.checkbox", "I use a proxy to connect to the Internet"), + proxyType: getString("torsettings.useProxy.type", "Proxy Type"), + proxyTypeSOCKS4: getString("torsettings.useProxy.type.socks4", "SOCKS4"), + proxyTypeSOCKS5: getString("torsettings.useProxy.type.socks5", "SOCKS5"), + proxyTypeHTTP: getString("torsettings.useProxy.type.http", "HTTP/HTTPS"), + proxyAddress: getString("torsettings.useProxy.address", "Address"), + proxyAddressPlaceholder: getString( + "torsettings.useProxy.address.placeholder", + "IP address or hostname" + ), + proxyPort: getString("torsettings.useProxy.port", "Port"), + proxyUsername: getString("torsettings.useProxy.username", "Username"), + proxyPassword: getString("torsettings.useProxy.password", "Password"), + proxyUsernamePasswordPlaceholder: getString( + "torsettings.optional", + "Optional" + ), + useFirewall: getString( + "torsettings.firewall.checkbox", + "This computer goes through a firewall that only allows connections to certain ports" + ), + allowedPorts: getString( + "torsettings.firewall.allowedPorts", + "Allowed Ports" + ), + allowedPortsPlaceholder: getString( + "torPreferences.firewallPortsPlaceholder", + "Comma-seperated values" + ), + requestBridgeDialogTitle: getString( + "torPreferences.requestBridgeDialogTitle", + "Request Bridge" + ), + submitCaptcha: getString( + "torsettings.useBridges.captchaSubmit", + "Submit" + ), + contactingBridgeDB: getString( + "torPreferences.requestBridgeDialogWaitPrompt", + "Contacting BridgeDB. Please Wait." + ), + solveTheCaptcha: getString( + "torPreferences.requestBridgeDialogSolvePrompt", + "Solve the CAPTCHA to request a bridge." + ), + captchaTextboxPlaceholder: getString( + "torsettings.useBridges.captchaSolution.placeholder", + "Enter the characters from the image" + ), + incorrectCaptcha: getString( + "torPreferences.requestBridgeErrorBadSolution", + "The solution is not correct. Please try again." + ), + showTorDaemonLogs: getString( + "torPreferences.viewTorLogs", + "View the Tor logs." + ), + showLogs: getString("torPreferences.viewLogs", "View Logs\u2026"), + torLogDialogTitle: getString( + "torPreferences.torLogsDialogTitle", + "Tor Logs" + ), + copyLog: getString("torsettings.copyLog", "Copy Tor Log to Clipboard"), + + learnMoreTorBrowserURL: `https://tb-manual.torproject.org/${getLocale()}/about/`, + learnMoreBridgesURL: `https://tb-manual.torproject.org/${getLocale()}/bridges/`, + learnMoreNetworkSettingsURL: `about:blank`, + }; + + return retval; + })() /* Tor Network Settings Strings */, + + /* + Tor Onion Services Strings, e.g., for the authentication prompt. + */ + onionServices: (function() { + let tsb = new TorPropertyStringBundle( + "chrome://torbutton/locale/torbutton.properties", + "onionServices." + ); + let getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const kProblemLoadingSiteFallback = "Problem Loading Onionsite"; + const kLongDescFallback = "Details: %S"; + + let retval = { + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://support.torproject.org/${getLocale()}/onionservices/client-auth/`, + errorPage: { + browser: getString("errorPage.browser", "Browser"), + network: getString("errorPage.network", "Network"), + onionSite: getString("errorPage.onionSite", "Onionsite"), + }, + descNotFound: { // Tor SOCKS error 0xF0 + pageTitle: getString("descNotFound.pageTitle", kProblemLoadingSiteFallback), + header: getString("descNotFound.header", "Onionsite Not Found"), + longDescription: getString("descNotFound.longDescription", kLongDescFallback), + }, + descInvalid: { // Tor SOCKS error 0xF1 + pageTitle: getString("descInvalid.pageTitle", kProblemLoadingSiteFallback), + header: getString("descInvalid.header", "Onionsite Cannot Be Reached"), + longDescription: getString("descInvalid.longDescription", kLongDescFallback), + }, + introFailed: { // Tor SOCKS error 0xF2 + pageTitle: getString("introFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("introFailed.header", "Onionsite Has Disconnected"), + longDescription: getString("introFailed.longDescription", kLongDescFallback), + }, + rendezvousFailed: { // Tor SOCKS error 0xF3 + pageTitle: getString("rendezvousFailed.pageTitle", kProblemLoadingSiteFallback), + header: getString("rendezvousFailed.header", "Unable to Connect to Onionsite"), + longDescription: getString("rendezvousFailed.longDescription", kLongDescFallback), + }, + clientAuthMissing: { // Tor SOCKS error 0xF4 + pageTitle: getString("clientAuthMissing.pageTitle", "Authorization Required"), + header: getString("clientAuthMissing.header", "Onionsite Requires Authentication"), + longDescription: getString("clientAuthMissing.longDescription", kLongDescFallback), + }, + clientAuthIncorrect: { // Tor SOCKS error 0xF5 + pageTitle: getString("clientAuthIncorrect.pageTitle", "Authorization Failed"), + header: getString("clientAuthIncorrect.header", "Onionsite Authentication Failed"), + longDescription: getString("clientAuthIncorrect.longDescription", kLongDescFallback), + }, + badAddress: { // Tor SOCKS error 0xF6 + pageTitle: getString("badAddress.pageTitle", kProblemLoadingSiteFallback), + header: getString("badAddress.header", "Invalid Onionsite Address"), + longDescription: getString("badAddress.longDescription", kLongDescFallback), + }, + introTimedOut: { // Tor SOCKS error 0xF7 + pageTitle: getString("introTimedOut.pageTitle", kProblemLoadingSiteFallback), + header: getString("introTimedOut.header", "Onionsite Circuit Creation Timed Out"), + longDescription: getString("introTimedOut.longDescription", kLongDescFallback), + }, + authPrompt: { + description: + getString("authPrompt.description2", "%S is requesting that you authenticate."), + keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your key"), + done: getString("authPrompt.done", "Done"), + doneAccessKey: getString("authPrompt.doneAccessKey", "d"), + invalidKey: getString("authPrompt.invalidKey", "Invalid key"), + failedToSetKey: + getString("authPrompt.failedToSetKey", "Failed to set key"), + }, + authPreferences: { + header: getString("authPreferences.header", "Onion Services Authentication"), + overview: getString("authPreferences.overview", "Some onion services require that you identify yourself with a key"), + savedKeys: getString("authPreferences.savedKeys", "Saved Keys"), + dialogTitle: getString("authPreferences.dialogTitle", "Onion Services Keys"), + dialogIntro: getString("authPreferences.dialogIntro", "Keys for the following onionsites are stored on your computer"), + onionSite: getString("authPreferences.onionSite", "Onionsite"), + onionKey: getString("authPreferences.onionKey", "Key"), + remove: getString("authPreferences.remove", "Remove"), + removeAll: getString("authPreferences.removeAll", "Remove All"), + failedToGetKeys: getString("authPreferences.failedToGetKeys", "Failed to get keys"), + failedToRemoveKey: getString("authPreferences.failedToRemoveKey", "Failed to remove key"), + }, + }; + + return retval; + })() /* Tor Onion Services Strings */, + + /* + OnionLocation + */ + onionLocation: (function() { + const tsb = new TorPropertyStringBundle( + ["chrome://torbutton/locale/torbutton.properties"], + "onionLocation." + ); + const getString = function(key, fallback) { + return tsb.getString(key, fallback); + }; + + const retval = { + alwaysPrioritize: getString( + "alwaysPrioritize", + "Always Prioritize Onionsites" + ), + alwaysPrioritizeAccessKey: getString("alwaysPrioritizeAccessKey", "a"), + notNow: getString("notNow", "Not Now"), + notNowAccessKey: getString("notNowAccessKey", "n"), + description: getString( + "description", + "Website publishers can protect users by adding a security layer. This prevents eavesdroppers from knowing that you are the one visiting that website." + ), + tryThis: getString("tryThis", "Try this: Onionsite"), + onionAvailable: getString("onionAvailable", "Onionsite available"), + learnMore: getString("learnMore", "Learn more"), + learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/onion-services/`, + always: getString("always", "Always"), + askEverytime: getString("askEverytime", "Ask you every time"), + prioritizeOnionsDescription: getString( + "prioritizeOnionsDescription", + "Prioritize onionsites when they are available." + ), + onionServicesTitle: getString("onionServicesTitle", "Onion Services"), + }; + + return retval; + })() /* OnionLocation */, + + /* + Tor Deamon Configuration Key Strings + */ + + // TODO: proper camel case + configKeys: { + /* Bridge Conf Settings */ + useBridges: "UseBridges", + bridgeList: "Bridge", + /* Proxy Conf Strings */ + socks4Proxy: "Socks4Proxy", + socks5Proxy: "Socks5Proxy", + socks5ProxyUsername: "Socks5ProxyUsername", + socks5ProxyPassword: "Socks5ProxyPassword", + httpsProxy: "HTTPSProxy", + httpsProxyAuthenticator: "HTTPSProxyAuthenticator", + /* Firewall Conf Strings */ + reachableAddresses: "ReachableAddresses", + + /* BridgeDB Strings */ + clientTransportPlugin: "ClientTransportPlugin", + }, + + /* + about:config preference keys + */ + + preferenceKeys: { + defaultBridgeType: "extensions.torlauncher.default_bridge_type", + recommendedBridgeType: + "extensions.torlauncher.default_bridge_recommended_type", + }, + + /* + about:config preference branches + */ + preferenceBranches: { + defaultBridge: "extensions.torlauncher.default_bridge.", + bridgeDBBridges: "extensions.torlauncher.bridgedb_bridge.", + }, +}; diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 6a8b14b684a7..eb77e4f8b101 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -153,6 +153,7 @@ EXTRA_JS_MODULES += [ 'TabsList.jsm', 'TabUnloader.jsm', 'ThemeVariableMap.jsm', + 'TorStrings.jsm', 'TransientPrefs.jsm', 'webrtcUI.jsm', 'ZoomUI.jsm',

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 14631: Improve profile access error messages.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 7d6942f632baa8c6af3580c055f8ad56e472baf2 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Feb 24 13:50:23 2015 -0500 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. --- .../mozapps/profile/profileSelection.properties | 5 + toolkit/profile/nsToolkitProfileService.cpp | 57 +++++++- toolkit/profile/nsToolkitProfileService.h | 13 +- toolkit/xre/nsAppRunner.cpp | 157 ++++++++++++++++++--- 4 files changed, 208 insertions(+), 24 deletions(-) diff --git a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties index 2be092bf4c4b..922b52cb1385 100644 --- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties +++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties @@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. +# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. +profileProblemTitle=%S Profile Problem +profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. +profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. +profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: ‘%S’ - Path: ‘%S’ diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index 125821452eca..14fa47dabb58 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -1160,9 +1160,10 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; + ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(&argc, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, &wasDefault); + aProfile, aDidCreate, &wasDefault, profileStatus); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1195,7 +1196,8 @@ nsToolkitProfileService::SelectStartupProfile( nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { + aProfileStatus = PROFILE_STATUS_OK; if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1289,6 +1291,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); + aProfileStatus = CheckProfileWriteAccess(lf); + if (PROFILE_STATUS_OK != aProfileStatus) { + NS_ADDREF(*aRootDir = lf); + NS_ADDREF(*aLocalDir = lf); + return NS_ERROR_FAILURE; + } + // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(&exists); @@ -2078,3 +2087,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } + +// Check for write permission to the profile directory by trying to create a +// new file (after ensuring that no file with the same name exists). +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIFile* aProfileDir) { +#if defined(XP_UNIX) + constexpr auto writeTestFileName = u".parentwritetest"_ns; +#else + constexpr auto writeTestFileName = u"parent.writetest"_ns; +#endif + + nsCOMPtr<nsIFile> writeTestFile; + nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); + if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); + + if (NS_SUCCEEDED(rv)) { + bool doesExist = false; + rv = writeTestFile->Exists(&doesExist); + if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); + } + + if (NS_SUCCEEDED(rv)) { + rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); + (void)writeTestFile->Remove(true); + } + + ProfileStatus status = + NS_SUCCEEDED(rv) ? PROFILE_STATUS_OK : PROFILE_STATUS_OTHER_ERROR; + if (NS_ERROR_FILE_ACCESS_DENIED == rv) + status = PROFILE_STATUS_ACCESS_DENIED; + else if (NS_ERROR_FILE_READ_ONLY == rv) + status = PROFILE_STATUS_READ_ONLY; + + return status; +} + +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( + nsIToolkitProfile* aProfile) { + nsCOMPtr<nsIFile> profileDir; + nsresult rv = aProfile->GetRootDir(getter_AddRefs(profileDir)); + if (NS_FAILED(rv)) return PROFILE_STATUS_OTHER_ERROR; + + return CheckProfileWriteAccess(profileDir); +} diff --git a/toolkit/profile/nsToolkitProfileService.h b/toolkit/profile/nsToolkitProfileService.h index f2a238312b95..cfb1964ee1d7 100644 --- a/toolkit/profile/nsToolkitProfileService.h +++ b/toolkit/profile/nsToolkitProfileService.h @@ -15,6 +15,14 @@ #include "nsProfileLock.h" #include "nsINIParser.h" +enum ProfileStatus { + PROFILE_STATUS_OK, + PROFILE_STATUS_ACCESS_DENIED, + PROFILE_STATUS_READ_ONLY, + PROFILE_STATUS_IS_LOCKED, + PROFILE_STATUS_OTHER_ERROR +}; + class nsToolkitProfile final : public nsIToolkitProfile, public mozilla::LinkedListElement<RefPtr<nsToolkitProfile>> { @@ -79,10 +87,13 @@ class nsToolkitProfileService final : public nsIToolkitProfileService { nsresult SelectStartupProfile(int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, - bool* aWasDefaultSelection); + bool* aWasDefaultSelection, + ProfileStatus& aProfileStatus); nsresult CreateResetProfile(nsIToolkitProfile** aNewProfile); nsresult ApplyResetProfile(nsIToolkitProfile* aOldProfile); void CompleteStartup(); + static ProfileStatus CheckProfileWriteAccess(nsIToolkitProfile* aProfile); + static ProfileStatus CheckProfileWriteAccess(nsIFile* aProfileDir); private: friend class nsToolkitProfile; diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index fa691f1a1370..735f7dace2e6 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1818,6 +1818,91 @@ nsresult LaunchChild(bool aBlankCommandLine) { return NS_ERROR_LAUNCHED_CHILD_PROCESS; } +static nsresult GetOverrideStringBundleForLocale(nsIStringBundleService* aSBS, + const char* aTorbuttonURI, + const char* aLocale, + nsIStringBundle** aResult) { + NS_ENSURE_ARG(aSBS); + NS_ENSURE_ARG(aTorbuttonURI); + NS_ENSURE_ARG(aLocale); + NS_ENSURE_ARG(aResult); + + const char* kFormatStr = + "jar:%s!/chrome/torbutton/locale/%s/torbutton.properties"; + nsPrintfCString strBundleURL(kFormatStr, aTorbuttonURI, aLocale); + nsresult rv = aSBS->CreateBundle(strBundleURL.get(), aResult); + NS_ENSURE_SUCCESS(rv, rv); + + // To ensure that we have a valid string bundle, try to retrieve a string + // that we know exists. + nsAutoString val; + rv = (*aResult)->GetStringFromName("profileProblemTitle", val); + if (!NS_SUCCEEDED(rv)) *aResult = nullptr; // No good. Discard it. + + return rv; +} + +static void GetOverrideStringBundle(nsIStringBundleService* aSBS, + nsIStringBundle** aResult) { + if (!aSBS || !aResult) return; + + *aResult = nullptr; + + // Build Torbutton file URI string by starting from GREDir. + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return; + + nsCOMPtr<nsIFile> greDir = dirProvider->GetGREDir(); + if (!greDir) return; + + // Create file URI, extract as string, and append omni.ja relative path. + nsCOMPtr<nsIURI> uri; + nsAutoCString uriString; + if (NS_FAILED(NS_NewFileURI(getter_AddRefs(uri), greDir)) || + NS_FAILED(uri->GetSpec(uriString))) { + return; + } + + uriString.Append("omni.ja"); + + nsAutoCString userAgentLocale; + if (!NS_SUCCEEDED( + Preferences::GetCString("intl.locale.requested", userAgentLocale))) { + return; + } + + nsresult rv = GetOverrideStringBundleForLocale( + aSBS, uriString.get(), userAgentLocale.get(), aResult); + if (NS_FAILED(rv)) { + // Try again using base locale, e.g., "en" vs. "en-US". + int16_t offset = userAgentLocale.FindChar('-', 1); + if (offset > 0) { + nsAutoCString shortLocale(Substring(userAgentLocale, 0, offset)); + rv = GetOverrideStringBundleForLocale(aSBS, uriString.get(), + shortLocale.get(), aResult); + } + } +} + +static nsresult GetFormattedString(nsIStringBundle* aOverrideBundle, + nsIStringBundle* aMainBundle, + const char* aName, + const nsTArray<nsString>& aParams, + nsAString& aResult) { + NS_ENSURE_ARG(aName); + + nsresult rv = NS_ERROR_FAILURE; + if (aOverrideBundle) { + rv = aOverrideBundle->FormatStringFromName(aName, aParams, aResult); + } + + // If string was not found in override bundle, use main (browser) bundle. + if (NS_FAILED(rv) && aMainBundle) + rv = aMainBundle->FormatStringFromName(aName, aParams, aResult); + + return rv; +} + static const char kProfileProperties[] = "chrome://mozapps/locale/profile/profileSelection.properties"; @@ -1866,7 +1951,7 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 2> params = {appName, appName}; // profileMissing @@ -1888,11 +1973,12 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } -static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, - nsIFile* aProfileLocalDir, - nsIProfileUnlocker* aUnlocker, - nsINativeAppSupport* aNative, - nsIProfileLock** aResult) { +static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, + nsIFile* aProfileLocalDir, + ProfileStatus aStatus, + nsIProfileUnlocker* aUnlocker, + nsINativeAppSupport* aNative, + nsIProfileLock** aResult) { nsresult rv; bool exists; @@ -1920,24 +2006,39 @@ static ReturnAbortOnError ProfileLockedDialog(nsIFile* aProfileDir, sbs->CreateBundle(kProfileProperties, getter_AddRefs(sb)); NS_ENSURE_TRUE_LOG(sbs, NS_ERROR_FAILURE); - NS_ConvertUTF8toUTF16 appName(gAppData->name); + nsCOMPtr<nsIStringBundle> overrideSB; + GetOverrideStringBundle(sbs, getter_AddRefs(overrideSB)); + + NS_ConvertUTF8toUTF16 appName(MOZ_APP_DISPLAYNAME); AutoTArray<nsString, 3> params = {appName, appName, appName}; nsAutoString killMessage; #ifndef XP_MACOSX - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlocker" : "restartMessageNoUnlocker2", - params, killMessage); + static const char kRestartUnlocker[] = "restartMessageUnlocker"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlocker2"; + static const char kReadOnly[] = "profileReadOnly"; #else - rv = sb->FormatStringFromName( - aUnlocker ? "restartMessageUnlockerMac" : "restartMessageNoUnlockerMac", - params, killMessage); -#endif + static const char kRestartUnlocker[] = "restartMessageUnlockerMac"; + static const char kRestartNoUnlocker[] = "restartMessageNoUnlockerMac"; + static const char kReadOnly[] = "profileReadOnlyMac"; +#endif + static const char kAccessDenied[] = "profileAccessDenied"; + + const char* errorKey = aUnlocker ? kRestartUnlocker : kRestartNoUnlocker; + if (PROFILE_STATUS_READ_ONLY == aStatus) + errorKey = kReadOnly; + else if (PROFILE_STATUS_ACCESS_DENIED == aStatus) + errorKey = kAccessDenied; + rv = GetFormattedString(overrideSB, sb, errorKey, params, killMessage); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); + const char* titleKey = ((PROFILE_STATUS_READ_ONLY == aStatus) || + (PROFILE_STATUS_ACCESS_DENIED == aStatus)) + ? "profileProblemTitle" + : "restartTitle"; params.SetLength(1); nsAutoString killTitle; - rv = sb->FormatStringFromName("restartTitle", params, killTitle); + rv = sb->FormatStringFromName(titleKey, params, killTitle); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); if (gfxPlatform::IsHeadless()) { @@ -2096,6 +2197,13 @@ static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, nsIFile* aLocalDir, nsIToolkitProfile* aProfile, nsIProfileLock** aResult) { + ProfileStatus status = + (aProfile ? nsToolkitProfileService::CheckProfileWriteAccess(aProfile) + : nsToolkitProfileService::CheckProfileWriteAccess(aRootDir)); + if (PROFILE_STATUS_OK != status) + return ProfileErrorDialog(aRootDir, aLocalDir, status, nullptr, aNative, + aResult); + // If you close Firefox and very quickly reopen it, the old Firefox may // still be closing down. Rather than immediately showing the // "Firefox is running but is not responding" message, we spend a few @@ -2122,7 +2230,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, } while (TimeStamp::Now() - start < TimeDuration::FromSeconds(kLockRetrySeconds)); - return ProfileLockedDialog(aRootDir, aLocalDir, unlocker, aNative, aResult); + return ProfileErrorDialog(aRootDir, aLocalDir, PROFILE_STATUS_IS_LOCKED, + unlocker, aNative, aResult); } // Pick a profile. We need to end up with a profile root dir, local dir and @@ -2137,7 +2246,8 @@ static nsresult LockProfile(nsINativeAppSupport* aNative, nsIFile* aRootDir, static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, nsINativeAppSupport* aNative, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, - bool* aWasDefaultSelection) { + bool* aWasDefaultSelection, + nsIProfileLock** aResult) { StartupTimeline::Record(StartupTimeline::SELECT_PROFILE); nsresult rv; @@ -2183,9 +2293,14 @@ static nsresult SelectProfile(nsToolkitProfileService* aProfileSvc, // Ask the profile manager to select the profile directories to use. bool didCreate = false; - rv = aProfileSvc->SelectStartupProfile(&gArgc, gArgv, gDoProfileReset, - aRootDir, aLocalDir, aProfile, - &didCreate, aWasDefaultSelection); + ProfileStatus profileStatus = PROFILE_STATUS_OK; + rv = aProfileSvc->SelectStartupProfile( + &gArgc, gArgv, gDoProfileReset, aRootDir, aLocalDir, aProfile, &didCreate, + aWasDefaultSelection, profileStatus); + if (PROFILE_STATUS_OK != profileStatus) { + return ProfileErrorDialog(*aRootDir, *aLocalDir, profileStatus, nullptr, + aNative, aResult); + } if (rv == NS_ERROR_SHOW_PROFILE_MANAGER) { return ShowProfileManager(aProfileSvc, aNative); @@ -4013,7 +4128,7 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { nsCOMPtr<nsIToolkitProfile> profile; rv = SelectProfile(mProfileSvc, mNativeApp, getter_AddRefs(mProfD), getter_AddRefs(mProfLD), getter_AddRefs(profile), - &wasDefaultSelection); + &wasDefaultSelection, getter_AddRefs(mProfileLock)); if (rv == NS_ERROR_LAUNCHED_CHILD_PROCESS || rv == NS_ERROR_ABORT) { *aExitFlag = true; return 0;

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 908912423296f2a5450060bd022fc1631a957354 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 18 15:20:06 2013 -0400 Bug 9173: Change the default Firefox profile directory to be TBB-relative. This should eliminate our need to rely on a wrapper script that sets /Users/arthur and launches Firefox with -profile. --- toolkit/profile/nsToolkitProfileService.cpp | 5 +- toolkit/xre/nsAppRunner.cpp | 2 +- toolkit/xre/nsConsoleWriter.cpp | 2 +- toolkit/xre/nsXREDirProvider.cpp | 149 ++++++---------------------- toolkit/xre/nsXREDirProvider.h | 16 +-- xpcom/io/nsAppFileLocationProvider.cpp | 97 +++++++----------- 6 files changed, 84 insertions(+), 187 deletions(-) diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index e0909c78d6cc..125821452eca 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() { NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!"); nsresult rv; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData)); NS_ENSURE_SUCCESS(rv, rv); - rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData)); + rv = + gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData)); NS_ENSURE_SUCCESS(rv, rv); rv = mAppData->Clone(getter_AddRefs(mProfileDBFile)); diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 68435a59b9e8..fa691f1a1370 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3262,7 +3262,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) && NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) { nsCOMPtr<nsIFile> file; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file)); + rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file)); if (NS_SUCCEEDED(rv)) { CrashReporter::SetUserAppDataDirectory(file); } diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp index d89ea3bde31d..4a9a6d28034a 100644 --- a/toolkit/xre/nsConsoleWriter.cpp +++ b/toolkit/xre/nsConsoleWriter.cpp @@ -29,7 +29,7 @@ void WriteConsoleLog() { } else { if (!gLogConsoleErrors) return; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile)); if (NS_FAILED(rv)) return; lfile->AppendNative("console.log"_ns); diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 197d29a85106..b88fd3eb368c 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -32,6 +32,7 @@ #include "nsArrayEnumerator.h" #include "nsEnumeratorUtils.h" #include "nsReadableUtils.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #include "SpecialSystemDirectory.h" @@ -244,9 +245,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative("Profiles"_ns); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -262,9 +260,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) - rv = file->AppendNative("Profiles"_ns); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -1394,7 +1389,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile, nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal) { // Copied from nsAppFileLocationProvider (more or less) - nsresult rv; + NS_ENSURE_ARG_POINTER(aFile); nsCOMPtr<nsIFile> localDir; if (aLocal && gDataDirHomeLocal) { @@ -1404,80 +1399,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } -#if defined(XP_MACOSX) - FSRef fsRef; - OSType folderType; - if (aLocal) { - folderType = kCachedDataFolderType; - } else { -# ifdef MOZ_THUNDERBIRD - folderType = kDomainLibraryFolderType; -# else - folderType = kApplicationSupportFolderType; -# endif - } - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); - - rv = NS_NewNativeLocalFile(EmptyCString(), true, getter_AddRefs(localDir)); + nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(localDir); - NS_ENSURE_TRUE(dirFileMac, NS_ERROR_UNEXPECTED); - - rv = dirFileMac->InitWithFSRef(&fsRef); - NS_ENSURE_SUCCESS(rv, rv); + int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); - localDir = dirFileMac; -#elif defined(XP_IOS) - nsAutoCString userDir; - if (GetUIKitDirectory(aLocal, userDir)) { - rv = NS_NewNativeLocalFile(userDir, true, getter_AddRefs(localDir)); - } else { - rv = NS_ERROR_FAILURE; - } - NS_ENSURE_SUCCESS(rv, rv); -#elif defined(XP_WIN) - nsString path; - if (aLocal) { - rv = GetShellFolderPath(FOLDERID_LocalAppData, path); - if (NS_FAILED(rv)) rv = GetRegWindowsAppDataFolder(aLocal, path); - } - if (!aLocal || NS_FAILED(rv)) { - rv = GetShellFolderPath(FOLDERID_RoamingAppData, path); - if (NS_FAILED(rv)) { - if (!aLocal) rv = GetRegWindowsAppDataFolder(aLocal, path); - } + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + if (didRemove) --levelsToRemove; } - NS_ENSURE_SUCCESS(rv, rv); - rv = NS_NewLocalFile(path, true, getter_AddRefs(localDir)); -#elif defined(XP_UNIX) - const char* homeDir = getenv("HOME"); - if (!homeDir || !*homeDir) return NS_ERROR_FAILURE; + if (!localDir) return NS_ERROR_FAILURE; -# ifdef ANDROID /* We want (ProfD == ProfLD) on Android. */ - aLocal = false; -# endif + rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR + "Browser"_ns); + NS_ENSURE_SUCCESS(rv, rv); if (aLocal) { - // If $XDG_CACHE_HOME is defined use it, otherwise use $HOME/.cache. - const char* cacheHome = getenv("XDG_CACHE_HOME"); - if (cacheHome && *cacheHome) { - rv = NS_NewNativeLocalFile(nsDependentCString(cacheHome), true, - getter_AddRefs(localDir)); - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); - if (NS_SUCCEEDED(rv)) rv = localDir->AppendNative(".cache"_ns); - } - } else { - rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, - getter_AddRefs(localDir)); + rv = localDir->AppendNative("Caches"_ns); + NS_ENSURE_SUCCESS(rv, rv); } -#else -# error "Don't know how to get product dir on your platform" -#endif NS_IF_ADDREF(*aFile = localDir); return rv; @@ -1660,39 +1614,23 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { } nsAutoCString profile; - nsAutoCString appName; - nsAutoCString vendor; if (gAppData->profile) { profile = gAppData->profile; - } else { - appName = gAppData->name; - vendor = gAppData->vendor; } - nsresult rv = NS_OK; + nsresult rv = NS_ERROR_FAILURE; #if defined(XP_MACOSX) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - // Note that MacOS ignores the vendor when creating the profile hierarchy - - // all application preferences directories live alongside one another in - // ~/Library/Application Support/ - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_WIN) if (!profile.IsEmpty()) { rv = AppendProfileString(aFile, profile.get()); - } else { - if (!vendor.IsEmpty()) { - rv = aFile->AppendNative(vendor); - NS_ENSURE_SUCCESS(rv, rv); - } - rv = aFile->AppendNative(appName); + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #elif defined(ANDROID) // The directory used for storing profiles @@ -1702,11 +1640,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { rv = aFile->AppendNative(nsDependentCString("mozilla")); NS_ENSURE_SUCCESS(rv, rv); #elif defined(XP_UNIX) - nsAutoCString folder; - // Make it hidden (by starting with "."), except when local (the - // profile is already under ~/.cache or XDG_CACHE_HOME). - if (!aLocal) folder.Assign('.'); - if (!profile.IsEmpty()) { // Skip any leading path characters const char* profileStart = profile.get(); @@ -1714,32 +1647,16 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) { // On the off chance that someone wanted their folder to be hidden don't // let it become ".." - if (*profileStart == '.' && !aLocal) profileStart++; + if (*profileStart == '.') profileStart++; + // Make it hidden (by starting with "."). + nsAutoCString folder("."); folder.Append(profileStart); ToLowerCase(folder); rv = AppendProfileString(aFile, folder.BeginReading()); - } else { - if (!vendor.IsEmpty()) { - folder.Append(vendor); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - NS_ENSURE_SUCCESS(rv, rv); - - folder.Truncate(); - } - - // This can be the case in tests. - if (!appName.IsEmpty()) { - folder.Append(appName); - ToLowerCase(folder); - - rv = aFile->AppendNative(folder); - } + NS_ENSURE_SUCCESS(rv, rv); } - NS_ENSURE_SUCCESS(rv, rv); #else # error "Don't know how to get profile path on your platform" diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index e55b4e153c56..b9678d4ec577 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -63,15 +63,19 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, void DoShutdown(); - static nsresult GetUserAppDataDirectory(nsIFile** aFile) { + nsresult GetUserAppDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, false); } - static nsresult GetUserLocalDataDirectory(nsIFile** aFile) { + nsresult GetUserLocalDataDirectory(nsIFile** aFile) { return GetUserDataDirectory(aFile, true); } // GetUserDataDirectory gets the profile path from gAppData. - static nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); + + // This function now calls GetAppDir(), so it cannot be static anymore. + // The same happens with all the functions (in)directly calling this one (the + // rest of Get*Directory functions in this file) + nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal); /* make sure you clone it, if you need to do stuff to it */ nsIFile* GetGREDir() { return mGREDir; } @@ -112,9 +116,9 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); - static nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); - static nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); - static nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); + nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal); + nsresult GetSysUserExtensionsDirectory(nsIFile** aFile); + nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile); #if defined(XP_UNIX) || defined(XP_MACOSX) static nsresult GetSystemExtensionsDirectory(nsIFile** aFile); #endif diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index b8699fecc4b7..644b5cc9a951 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -15,6 +15,7 @@ #include "nsSimpleEnumerator.h" #include "prenv.h" #include "nsCRT.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #if defined(MOZ_WIDGET_COCOA) # include <Carbon/Carbon.h> # include "nsILocalFileMac.h" @@ -233,9 +234,8 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla -// Mac : :Documents:Mozilla: +// UNIX and WIN : <App Folder>/TorBrowser/Data/Browser +// Mac : <App Folder>/../../TorBrowser/Data/Browser //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -247,49 +247,45 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool exists; nsCOMPtr<nsIFile> localDir; -#if defined(MOZ_WIDGET_COCOA) - FSRef fsRef; - OSType folderType = - aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType; - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef); - if (err) { - return NS_ERROR_FAILURE; + rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + NS_ENSURE_SUCCESS(rv, rv); + + int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. +#if defined(XP_MACOSX) + levelsToRemove += 2; +#endif + while (localDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + rv = localDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = localDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + localDir = parentDir; + + if (didRemove) { + --levelsToRemove; + } } - NS_NewLocalFile(EmptyString(), true, getter_AddRefs(localDir)); + if (!localDir) { return NS_ERROR_FAILURE; } - nsCOMPtr<nsILocalFileMac> localDirMac(do_QueryInterface(localDir)); - rv = localDirMac->InitWithFSRef(&fsRef); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_WIN) - nsCOMPtr<nsIProperties> directoryService = - do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv); - if (NS_FAILED(rv)) { - return rv; - } - const char* prop = aLocal ? NS_WIN_LOCAL_APPDATA_DIR : NS_WIN_APPDATA_DIR; - rv = directoryService->Get(prop, NS_GET_IID(nsIFile), - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#elif defined(XP_UNIX) - rv = NS_NewNativeLocalFile(nsDependentCString(PR_GetEnv("HOME")), true, - getter_AddRefs(localDir)); - if (NS_FAILED(rv)) { - return rv; - } -#else -# error dont_know_how_to_get_product_dir_on_your_platform -#endif - rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR); - if (NS_FAILED(rv)) { - return rv; + rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR + "Data" XPCOM_FILE_PATH_SEPARATOR + "Browser"_ns); + NS_ENSURE_SUCCESS(rv, rv); + + if (aLocal) { + rv = localDir->AppendNative("Caches"_ns); + NS_ENSURE_SUCCESS(rv, rv); } + rv = localDir->Exists(&exists); if (NS_SUCCEEDED(rv) && !exists) { @@ -308,10 +304,6 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, //---------------------------------------------------------------------------------------- // GetDefaultUserProfileRoot - Gets the directory which contains each user // profile dir -// -// UNIX : ~/.mozilla/ -// WIN : <Application Data folder on user's machine>\Mozilla\Profiles -// Mac : :Documents:Mozilla:Profiles: //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( nsIFile** aLocalFile, bool aLocal) { @@ -327,23 +319,6 @@ nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot( return rv; } -#if defined(MOZ_WIDGET_COCOA) || defined(XP_WIN) - // These 3 platforms share this part of the path - do them as one - rv = localDir->AppendRelativeNativePath("Profiles"_ns); - if (NS_FAILED(rv)) { - return rv; - } - - bool exists; - rv = localDir->Exists(&exists); - if (NS_SUCCEEDED(rv) && !exists) { - rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0775); - } - if (NS_FAILED(rv)) { - return rv; - } -#endif - localDir.forget(aLocalFile); return rv;

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 16439: Remove screencasting code
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 7c560f0bba7f28554e0c878d849789b2232cb363 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index 348ea91f5f2e..a0f8c5a69ac2 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -259,10 +259,11 @@ if 'Android' != CONFIG['OS_TARGET']: ] else: DEFINES['ANDROID'] = True - EXTRA_JS_MODULES += [ - 'secondscreen/RokuApp.jsm', - 'secondscreen/SimpleServiceDiscovery.jsm', - ] + if not CONFIG['TOR_BROWSER_VERSION']: + EXTRA_JS_MODULES += [ + 'secondscreen/RokuApp.jsm', + 'secondscreen/SimpleServiceDiscovery.jsm', + ] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 13252: Do not store data in the app bundle
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit a064471a7eaea841dc0c66b06ed77247325752b7 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Mar 18 14:20:02 2016 -0400 Bug 13252: Do not store data in the app bundle When --enable-tor-browser-data-outside-app-dir is enabled, all user data is stored in a directory named TorBrowser-Data which is located next to the application directory. Display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. On Mac OS, add support for the --invisible command line option which is used by the meek-http-helper to avoid showing an icon for the helper browser on the dock. --- toolkit/xre/nsAppRunner.cpp | 76 +++++++++++++++---- toolkit/xre/nsXREDirProvider.cpp | 43 +++++------ toolkit/xre/nsXREDirProvider.h | 6 ++ xpcom/io/TorFileUtils.cpp | 133 +++++++++++++++++++++++++++++++++ xpcom/io/TorFileUtils.h | 32 ++++++++ xpcom/io/moz.build | 5 ++ xpcom/io/nsAppFileLocationProvider.cpp | 53 ++++++------- 7 files changed, 280 insertions(+), 68 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 735f7dace2e6..50ea53c6ee72 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1973,6 +1973,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } +// If aUnlocker is NULL, it is also OK for the following arguments to be NULL: +// aProfileDir, aProfileLocalDir, aResult. static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIFile* aProfileLocalDir, ProfileStatus aStatus, @@ -1981,17 +1983,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIProfileLock** aResult) { nsresult rv; - bool exists; - aProfileDir->Exists(&exists); - if (!exists) { - return ProfileMissingDialog(aNative); + if (aProfileDir) { + bool exists; + aProfileDir->Exists(&exists); + if (!exists) { + return ProfileMissingDialog(aNative); + } } ScopedXPCOMStartup xpcom; rv = xpcom.Initialize(); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); + if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); rv = xpcom.SetWindowCreator(aNative); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); @@ -2081,7 +2085,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, } } else { #ifdef MOZ_WIDGET_ANDROID - if (java::GeckoAppShell::UnlockProfile()) { + if (aProfileDir && aProfileLocalDir && aResult && + java::GeckoAppShell::UnlockProfile()) { return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr, aResult); } @@ -2190,6 +2195,23 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false); } +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) { + // Check whether we can write to the directory that will contain + // TorBrowser-Data. + nsCOMPtr<nsIFile> tbDataDir; + RefPtr<nsXREDirProvider> dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR; + nsresult rv = + dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + nsCOMPtr<nsIFile> tbDataDirParent; + rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); +} +#endif + static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr<nsIToolkitProfile> gResetOldProfile; @@ -3258,6 +3280,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK(); #endif +#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND); + if (hideDockIcon) { + ProcessSerialNumber psn = {0, kCurrentProcess}; + TransformProcessType(&psn, kProcessTransformToBackgroundApplication); + } +#endif + IncreaseDescriptorLimits(); #ifdef USE_GLX_TEST @@ -4112,7 +4142,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { return 0; } +#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \ + defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + nsCOMPtr<nsIFile> exeFile, exeDir; + bool persistent; + rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, 1); + rv = exeFile->GetParent(getter_AddRefs(exeDir)); + NS_ENSURE_SUCCESS(rv, 1); +#endif + rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc)); +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + if (NS_FAILED(rv)) { + // NS_NewToolkitProfileService() returns a generic NS_ERROR_FAILURE error + // if creation of the TorBrowser-Data directory fails due to access denied + // or because of a read-only disk volume. Do an extra check here to detect + // these errors so we can display an informative error message. + ProfileStatus status = CheckTorBrowserDataWriteAccess(exeDir); + if ((PROFILE_STATUS_ACCESS_DENIED == status) || + (PROFILE_STATUS_READ_ONLY == status)) { + ProfileErrorDialog(nullptr, nullptr, status, nullptr, mNativeApp, + nullptr); + return 1; + } + } +#endif + if (rv == NS_ERROR_FILE_ACCESS_DENIED) { PR_fprintf(PR_STDERR, "Error: Access was denied while trying to open files in " @@ -4181,7 +4238,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { #if defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID) // Check for and process any available updates nsCOMPtr<nsIFile> updRoot; - bool persistent; rv = mDirProvider.GetFile(XRE_UPDATE_ROOT_DIR, &persistent, getter_AddRefs(updRoot)); // XRE_UPDATE_ROOT_DIR may fail. Fallback to appDir if failed @@ -4217,12 +4273,6 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { if (CheckArg("test-process-updates")) { SaveToEnv("MOZ_TEST_PROCESS_UPDATES=1"); } - nsCOMPtr<nsIFile> exeFile, exeDir; - rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, &persistent, - getter_AddRefs(exeFile)); - NS_ENSURE_SUCCESS(rv, 1); - rv = exeFile->GetParent(getter_AddRefs(exeDir)); - NS_ENSURE_SUCCESS(rv, 1); ProcessUpdates(mDirProvider.GetGREDir(), exeDir, updRoot, gRestartArgc, gRestartArgv, mAppData->version); if (EnvHasValue("MOZ_TEST_PROCESS_UPDATES")) { diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index b88fd3eb368c..b2ea009553ad 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -46,6 +46,8 @@ #include "mozilla/Telemetry.h" #include "nsPrintfCString.h" +#include "TorFileUtils.h" + #include <stdlib.h> #ifdef XP_WIN @@ -1399,34 +1401,18 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } - nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir)); + nsresult rv = GetTorBrowserUserDataDir(getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - if (didRemove) --levelsToRemove; - } - - if (!localDir) return NS_ERROR_FAILURE; - - rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR +#if !defined(ANDROID) +# ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative("Browser"_ns); +# else + rv = localDir->AppendRelativeNativePath("Data" XPCOM_FILE_PATH_SEPARATOR "Browser"_ns); +# endif NS_ENSURE_SUCCESS(rv, rv); +#endif if (aLocal) { rv = localDir->AppendNative("Caches"_ns); @@ -1532,6 +1518,15 @@ nsresult nsXREDirProvider::GetUserDataDirectory(nsIFile** aFile, bool aLocal) { return NS_OK; } +nsresult nsXREDirProvider::GetTorBrowserUserDataDir(nsIFile** aFile) { + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> exeFile; + bool per = false; + nsresult rv = GetFile(XRE_EXECUTABLE_FILE, &per, getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + return TorBrowser_GetUserDataDir(exeFile, aFile); +} + nsresult nsXREDirProvider::EnsureDirectoryExists(nsIFile* aDirectory) { nsresult rv = aDirectory->Create(nsIFile::DIRECTORY_TYPE, 0700); diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h index b9678d4ec577..2aa2face5974 100644 --- a/toolkit/xre/nsXREDirProvider.h +++ b/toolkit/xre/nsXREDirProvider.h @@ -113,6 +113,12 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2, */ nsresult GetProfileDir(nsIFile** aResult); + /** + * Get the TorBrowser user data directory by calling the + * TorBrowser_GetUserDataDir() utility function. + */ + nsresult GetTorBrowserUserDataDir(nsIFile** aFile); + protected: nsresult GetFilesInternal(const char* aProperty, nsISimpleEnumerator** aResult); diff --git a/xpcom/io/TorFileUtils.cpp b/xpcom/io/TorFileUtils.cpp new file mode 100644 index 000000000000..ce75ab1e1c07 --- /dev/null +++ b/xpcom/io/TorFileUtils.cpp @@ -0,0 +1,133 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "TorFileUtils.h" +#include "nsString.h" +#ifdef MOZ_WIDGET_COCOA +# include <Carbon/Carbon.h> +# include "nsILocalFileMac.h" +#endif + +static nsresult GetAppRootDir(nsIFile* aExeFile, nsIFile** aFile); + +//----------------------------------------------------------------------------- +nsresult TorBrowser_GetUserDataDir(nsIFile* aExeFile, nsIFile** aFile) { + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> tbDataDir; + +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + nsAutoCString tbDataLeafName("TorBrowser-Data"_ns); + nsCOMPtr<nsIFile> appRootDir; + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(appRootDir)); + NS_ENSURE_SUCCESS(rv, rv); +# ifndef XP_MACOSX + // On all platforms except Mac OS, we always operate in a "portable" mode + // where the TorBrowser-Data directory is located next to the application. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); +# else + // For Mac OS, determine whether we should store user data in the OS's + // standard location (i.e., under ~/Library/Application Support). We use + // the OS location if (1) the application is installed in a directory whose + // path contains "/Applications" or (2) the TorBrowser-Data directory does + // not exist and cannot be created (which probably means we lack write + // permission to the directory that contains the application). + nsAutoString appRootPath; + rv = appRootDir->GetPath(appRootPath); + NS_ENSURE_SUCCESS(rv, rv); + bool useOSLocation = + (appRootPath.Find("/Applications", true /* ignore case */) >= 0); + if (!useOSLocation) { + // We hope to use the portable (aka side-by-side) approach, but before we + // commit to that, let's ensure that we can create the TorBrowser-Data + // directory. If it already exists, we will try to use it; if not and we + // fail to create it, we will switch to ~/Library/Application Support. + rv = appRootDir->GetParent(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + bool exists = false; + rv = tbDataDir->Exists(&exists); + if (NS_SUCCEEDED(rv) && !exists) + rv = tbDataDir->Create(nsIFile::DIRECTORY_TYPE, 0700); + useOSLocation = NS_FAILED(rv); + } + + if (useOSLocation) { + // We are using ~/Library/Application Support/TorBrowser-Data. We do not + // need to create that directory here because the code in nsXREDirProvider + // will do so (and the user should always have write permission for + // ~/Library/Application Support; if they do not we have no more options). + FSRef fsRef; + OSErr err = ::FSFindFolder(kUserDomain, kApplicationSupportFolderType, + kCreateFolder, &fsRef); + NS_ENSURE_FALSE(err, NS_ERROR_FAILURE); + // To convert the FSRef returned by FSFindFolder() into an nsIFile that + // points to ~/Library/Application Support, we first create an empty + // nsIFile object (no path) and then use InitWithFSRef() to set the + // path. + rv = NS_NewNativeLocalFile(EmptyCString(), true, getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(tbDataDir); + if (!dirFileMac) return NS_ERROR_UNEXPECTED; + rv = dirFileMac->InitWithFSRef(&fsRef); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative(tbDataLeafName); + NS_ENSURE_SUCCESS(rv, rv); + } +# endif + +#elif defined(ANDROID) + // Tor Browser Android stores data in the app home directory. + const char* homeDir = getenv("HOME"); + if (!homeDir || !*homeDir) return NS_ERROR_FAILURE; + nsresult rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true, + getter_AddRefs(tbDataDir)); +#else + // User data is embedded within the application directory (i.e., + // TOR_BROWSER_DATA_OUTSIDE_APP_DIR is not defined). + nsresult rv = GetAppRootDir(aExeFile, getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, rv); + rv = tbDataDir->AppendNative("TorBrowser"_ns); + NS_ENSURE_SUCCESS(rv, rv); +#endif + + tbDataDir.forget(aFile); + return NS_OK; +} + +static nsresult GetAppRootDir(nsIFile* aExeFile, nsIFile** aFile) { + NS_ENSURE_ARG_POINTER(aExeFile); + NS_ENSURE_ARG_POINTER(aFile); + nsCOMPtr<nsIFile> appRootDir = aExeFile; + + int levelsToRemove = 1; // Remove firefox (the executable file). +#if defined(XP_MACOSX) + levelsToRemove += 2; // On Mac OS, we must also remove Contents/MacOS. +#endif + while (appRootDir && (levelsToRemove > 0)) { + // When crawling up the hierarchy, components named "." do not count. + nsAutoCString removedName; + nsresult rv = appRootDir->GetNativeLeafName(removedName); + NS_ENSURE_SUCCESS(rv, rv); + bool didRemove = !removedName.Equals("."); + + // Remove a directory component. + nsCOMPtr<nsIFile> parentDir; + rv = appRootDir->GetParent(getter_AddRefs(parentDir)); + NS_ENSURE_SUCCESS(rv, rv); + appRootDir = parentDir; + + if (didRemove) --levelsToRemove; + } + + if (!appRootDir) return NS_ERROR_FAILURE; + + appRootDir.forget(aFile); + return NS_OK; +} diff --git a/xpcom/io/TorFileUtils.h b/xpcom/io/TorFileUtils.h new file mode 100644 index 000000000000..31e70a7e0d3a --- /dev/null +++ b/xpcom/io/TorFileUtils.h @@ -0,0 +1,32 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef TorFileUtils_h__ +#define TorFileUtils_h__ + +#include "nsIFile.h" + +/** + * TorBrowser_GetUserDataDir + * + * Retrieve the Tor Browser user data directory. + * When built with --enable-tor-browser-data-outside-app-dir, the directory + * is next to the application directory, except on Mac OS where it may be + * there or it may be at ~/Library/Application Support/TorBrowser-Data (the + * latter location is used if the .app bundle is in a directory whose path + * contains /Applications or if we lack write access to the directory that + * contains the .app). + * When built without --enable-tor-browser-data-outside-app-dir, this + * directory is TorBrowser.app/TorBrowser. + * + * @param aExeFile The firefox executable. + * @param aFile Out parameter that is set to the Tor Browser user data + * directory. + * @return NS_OK on success. Error otherwise. + */ +extern nsresult TorBrowser_GetUserDataDir(nsIFile* aExeFile, nsIFile** aFile); + +#endif // !TorFileUtils_h__ diff --git a/xpcom/io/moz.build b/xpcom/io/moz.build index a165b491bc56..b0eb74f4c56d 100644 --- a/xpcom/io/moz.build +++ b/xpcom/io/moz.build @@ -86,6 +86,7 @@ EXPORTS += [ 'nsUnicharInputStream.h', 'nsWildCard.h', 'SpecialSystemDirectory.h', + 'TorFileUtils.h', ] EXPORTS.mozilla += [ @@ -135,6 +136,10 @@ UNIFIED_SOURCES += [ 'SpecialSystemDirectory.cpp', ] +SOURCES += [ + 'TorFileUtils.cpp', +] + if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': SOURCES += [ 'CocoaFileUtils.mm', diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp index 644b5cc9a951..b2b79ec5d14c 100644 --- a/xpcom/io/nsAppFileLocationProvider.cpp +++ b/xpcom/io/nsAppFileLocationProvider.cpp @@ -28,6 +28,8 @@ # include <sys/param.h> #endif +#include "TorFileUtils.h" + // WARNING: These hard coded names need to go away. They need to // come from localizable resources @@ -234,8 +236,14 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) { // GetProductDirectory - Gets the directory which contains the application data // folder // +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +// UNIX and WIN : <App Folder>/../TorBrowser-Data/Browser +// Mac : <App Folder>/../../../TorBrowser-Data/Browser OR +// ~/Library/Application Support/TorBrowser-Data/Browser +#else // UNIX and WIN : <App Folder>/TorBrowser/Data/Browser // Mac : <App Folder>/../../TorBrowser/Data/Browser +#endif //---------------------------------------------------------------------------------------- nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, bool aLocal) { @@ -243,42 +251,25 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile, return NS_ERROR_INVALID_ARG; } - nsresult rv; + nsresult rv = NS_ERROR_UNEXPECTED; bool exists; - nsCOMPtr<nsIFile> localDir; + nsCOMPtr<nsIFile> localDir, exeFile; - rv = CloneMozBinDirectory(getter_AddRefs(localDir)); + nsCOMPtr<nsIProperties> directoryService( + do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv)); + NS_ENSURE_SUCCESS(rv, rv); + rv = directoryService->Get(XRE_EXECUTABLE_FILE, NS_GET_IID(nsIFile), + getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, rv); + rv = TorBrowser_GetUserDataDir(exeFile, getter_AddRefs(localDir)); NS_ENSURE_SUCCESS(rv, rv); - int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory. -#if defined(XP_MACOSX) - levelsToRemove += 2; -#endif - while (localDir && (levelsToRemove > 0)) { - // When crawling up the hierarchy, components named "." do not count. - nsAutoCString removedName; - rv = localDir->GetNativeLeafName(removedName); - NS_ENSURE_SUCCESS(rv, rv); - bool didRemove = !removedName.Equals("."); - - // Remove a directory component. - nsCOMPtr<nsIFile> parentDir; - rv = localDir->GetParent(getter_AddRefs(parentDir)); - NS_ENSURE_SUCCESS(rv, rv); - localDir = parentDir; - - if (didRemove) { - --levelsToRemove; - } - } - - if (!localDir) { - return NS_ERROR_FAILURE; - } - - rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR - "Data" XPCOM_FILE_PATH_SEPARATOR +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + rv = localDir->AppendNative("Browser"_ns); +#else + rv = localDir->AppendRelativeNativePath("Data" XPCOM_FILE_PATH_SEPARATOR "Browser"_ns); +#endif NS_ENSURE_SUCCESS(rv, rv); if (aLocal) {

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 16620: Clear window.name when no referrer sent
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 25edcec8fecabfd78d8eca4e52afb6b54bed0bca Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Fri Oct 30 14:28:13 2015 -0400 Bug 16620: Clear window.name when no referrer sent Convert JS implementation (within Torbutton) to a C++ browser patch. --- docshell/base/nsDocShell.cpp | 60 +++++++ docshell/test/mochitest/mochitest.ini | 3 + docshell/test/mochitest/test_tor_bug16620.html | 212 +++++++++++++++++++++++++ docshell/test/mochitest/tor_bug16620.html | 51 ++++++ docshell/test/mochitest/tor_bug16620_form.html | 51 ++++++ 5 files changed, 377 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 13e467a156d1..1c361875ec4c 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7543,11 +7543,71 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI)); } FirePageHideNotification(!mSavingOldViewer); + if (mIsBeingDestroyed) { // Force to stop the newly created orphaned viewer. viewer->Stop(); return NS_ERROR_DOCSHELL_DYING; } + + // Tor bug 16620: Clear window.name of top-level documents if + // there is no referrer. We make an exception for new windows, + // e.g., window.open(url, "MyName"). + bool isNewWindowTarget = false; + nsCOMPtr<nsIPropertyBag2> props(do_QueryInterface(aRequest, &rv)); + if (props) { + props->GetPropertyAsBool(u"docshell.newWindowTarget"_ns, + &isNewWindowTarget); + } + + if (!isNewWindowTarget) { + nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aOpenedChannel)); + nsCOMPtr<nsIURI> httpReferrer; + if (httpChannel) { + nsCOMPtr<nsIReferrerInfo> referrerInfo; + rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo)); + NS_ENSURE_SUCCESS(rv, rv); + if (referrerInfo) { + // We want GetComputedReferrer() instead of GetOriginalReferrer(), since + // the former takes into consideration referrer policy, protocol + // whitelisting... + httpReferrer = referrerInfo->GetComputedReferrer(); + } + } + + bool isTopFrame = mBrowsingContext->IsTop(); + +#ifdef DEBUG_WINDOW_NAME + printf("DOCSHELL %p CreateContentViewer - possibly clearing window.name:\n", + this); + printf(" current window.name: \"%s\"\n", + NS_ConvertUTF16toUTF8(mName).get()); + + nsAutoCString curSpec, loadingSpec; + if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec); + if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec); + printf(" current URI: %s\n", curSpec.get()); + printf(" loading URI: %s\n", loadingSpec.get()); + printf(" is top document: %s\n", isTopFrame ? "Yes" : "No"); + + if (!httpReferrer) { + printf(" referrer: None\n"); + } else { + nsAutoCString refSpec; + httpReferrer->GetSpec(refSpec); + printf(" referrer: %s\n", refSpec.get()); + } +#endif + + bool clearName = isTopFrame && !httpReferrer; + if (clearName) SetName(u""_ns); + +#ifdef DEBUG_WINDOW_NAME + printf(" action taken: %s window.name\n", + clearName ? "Cleared" : "Preserved"); +#endif + } + mLoadingURI = nullptr; // Set mFiredUnloadEvent = false so that the unload handler for the diff --git a/docshell/test/mochitest/mochitest.ini b/docshell/test/mochitest/mochitest.ini index db7803826a81..8633b7c75617 100644 --- a/docshell/test/mochitest/mochitest.ini +++ b/docshell/test/mochitest/mochitest.ini @@ -53,6 +53,8 @@ support-files = start_historyframe.html url1_historyframe.html url2_historyframe.html + tor_bug16620.html + tor_bug16620_form.html [test_anchor_scroll_after_document_open.html] [test_bfcache_plus_hash.html] @@ -123,6 +125,7 @@ support-files = file_history_length_during_pageload.html file_history_length_during_pageload_2.html [test_pushState_after_document_open.html] +[test_tor_bug16620.html] [test_navigate_after_pagehide.html] [test_windowedhistoryframes.html] skip-if = !debug && os == 'android' # Bug 1573892 diff --git a/docshell/test/mochitest/test_tor_bug16620.html b/docshell/test/mochitest/test_tor_bug16620.html new file mode 100644 index 000000000000..f60a06711c17 --- /dev/null +++ b/docshell/test/mochitest/test_tor_bug16620.html @@ -0,0 +1,212 @@ +<!DOCTYPE HTML> +<html> + +<meta charset="utf-8"> +<head> + <title>Test for Tor Bug 16620 - Clear window.name when no referrer sent</title> + <script type="application/javascript" + src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> +</head> +<body> +<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/16620">Tor Bug 16620</a> +<script type="application/javascript;version=1.7"> + +// ## Test constants +const kTestPath = "/tests/docshell/test/mochitest/"; +const kLinkFile = "tor_bug16620.html"; +const kFormFile = "tor_bug16620_form.html"; +const kBaseURL1 = "http://example.com"; +const kBaseURL1_https = "https://example.com"; +const kBaseURL2 = "http://example.net"; +const kSendReferrerPref = "network.http.sendRefererHeader"; +const kSendReferrerNever = 0; +const kSendReferrerForUserAction = 1; +const kSendReferrerAlways = 2; + +let gTests = [ + // Test #1: Same domain; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #2: Same domain; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #3: Same domain; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #4: Different top-level domains; never send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerNever, + expectIsolation: true }, + + // Test #5: Different top-level domains; send referrer upon user action. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerForUserAction, + expectIsolation: false }, + + // Test #6: Different top-level domains; always send referrer. + { startURL: kBaseURL1, destURL: kBaseURL2, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, + + // Test #7: https -> http transition. + { startURL: kBaseURL1_https, destURL: kBaseURL1, + referrerPref: kSendReferrerForUserAction, + expectIsolation: true }, + + // Test #8: Same domain, rel="noreferrer" on link. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerOnLink: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #9: Same domain, "no-referrer" meta tag in document. + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #10: Like test #9, but reset window.name during unload. + // (similar to http://www.thomasfrank.se/sessvarsTestPage1.html) + { startURL: kBaseURL1, destURL: kBaseURL1, noReferrerInMetaTag: true, + resetInUnload: true, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #11: Data URL as destination (no referrer). + { startURL: kBaseURL1, + referrerPref: kSendReferrerAlways, + expectIsolation: true }, + + // Test #12: Ensure that window.name is preserved when a dynamically loaded + // iframe is used to perform a form post (regression test for Tor bug 18168). + { startURL: kBaseURL1, + isFormTest: true, + referrerPref: kSendReferrerAlways, + expectIsolation: false }, +]; + +let gCurTest = 0; +let gCurWinName, gChildWin, gDataURL; + +// ## Utility functions +function generateRandomName() +{ + // Generate a random 6 character string using 0-9 and a-z. + return ((1 + Math.random()).toString(36) + '000000').substr(2, 6); +} + +function startNextTest() { + ++gCurTest; + if (gCurTest > gTests.length) { + SimpleTest.finish(); + } else { + let curTest = gTests[gCurTest - 1]; + if ("referrerPref" in curTest) + SpecialPowers.setIntPref(kSendReferrerPref, curTest.referrerPref); + else + SpecialPowers.setIntPref(kSendReferrerPref, kSendReferrerForUserAction); + gCurWinName = generateRandomName(); + let url = curTest.startURL + kTestPath; + if (curTest.isFormTest === true) { + url += kFormFile + "?" + gCurWinName; + gChildWin = window.open(url, undefined); + } else { + url += kLinkFile + "?firstDocLoaded"; + gChildWin = window.open(url, gCurWinName); + } + } +} + +// ## Add a message event listener. +window.addEventListener("message", function(aEvent) { + if (aEvent.source !== gChildWin) + return; + +// console.log("parent received message:" + JSON.stringify(aEvent.data)); + + let proceedToNextTest = false; + let curTest = gTests[gCurTest - 1]; + let state = aEvent.data.state; + let winName = aEvent.data.winName; + if ("firstDocLoaded" == state) { + // Process response from step one of the link-based tests. + let step1Passed = (winName === gCurWinName); + if (!step1Passed) { + ok(step1Passed, "Test #" + gCurTest + + " - first document's name matches window.open parameter"); + proceedToNextTest = true; + } + + // Send an "openURL" message to the loaded document. + let url2 = (curTest.destURL) + ? curTest.destURL + kTestPath + kLinkFile + "?secondDocLoaded" + : gDataURL; + let noReferrerOnLink = (curTest.noReferrerOnLink === true); + let noReferrerInMetaTag = (curTest.noReferrerInMetaTag === true); + let resetInUnload = (curTest.resetInUnload === true); + aEvent.source.postMessage({ action: "openURL", url: url2, + noReferrerOnLink: noReferrerOnLink, + noReferrerInMetaTag: noReferrerInMetaTag, + resetInUnload: resetInUnload }, + aEvent.origin); + } else if ("secondDocLoaded" == state) { + // Process response from step two of the link-based tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - second document: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - second document: name was preserved"); + } + proceedToNextTest = true; + } else if ("formPostDone" == state) { + // Process response from the form post tests. + if (curTest.expectIsolation) { + ok(winName === "", + "Test #" + gCurTest + " - iframe form post: name was cleared"); + } else { + ok(winName === gCurWinName, + "Test #" + gCurTest + " - iframe form post: name was preserved"); + } + proceedToNextTest = true; + + } + + if (proceedToNextTest) { + gChildWin.close(); + startNextTest(); + } + }, false); + + SimpleTest.waitForExplicitFinish(); + + if (SpecialPowers.getBoolPref("security.nocertdb")) { + // Mochitests don't simulate https correctly with "security.nocertdb" + // enabled. See https://bugs.torproject.org/18087 + ok(false, "Please disable the pref `security.nocertdb` before running this test."); + SimpleTest.finish(); + } else { + + // Read file contents, construct a data URL (used by some tests), and + // then start the first test. + let url = kTestPath + kLinkFile; + let xhr = new XMLHttpRequest(); + xhr.open("GET", url); + xhr.onload = function() { + gDataURL = "data:text/html;charset=utf-8," + + encodeURIComponent(this.responseText); + startNextTest(); + } + xhr.send(); + } +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620.html b/docshell/test/mochitest/tor_bug16620.html new file mode 100644 index 000000000000..a8e90502f1d1 --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Doc for Tor Bug 16620 Tests</title> +</head> +<body> +<a id="link" href="">secondDoc</a> + +<script type="application/javascript;version=1.7"> +// Extract test state from our query string, defaulting to +// "secondDocLoaded" to support use of this HTML content within +// a data URI (where query strings are not supported). +let state = (location.search.length > 0) ? location.search.substr(1) + : "secondDocLoaded"; + +// Notify the test driver. +opener.postMessage({ state: state, winName: window.name }, "*"); + +// Add a message event listener to process "openURL" actions. +window.addEventListener("message", function(aEvent) { + if (aEvent.data.action == "openURL") { + if (aEvent.data.noReferrerInMetaTag) { + let metaElem = document.createElement("meta"); + metaElem.name = "referrer"; + metaElem.content = "no-referrer"; + document.head.appendChild(metaElem); + } + + let linkElem = document.getElementById("link"); + linkElem.href = aEvent.data.url; + if (aEvent.data.noReferrerOnLink) + linkElem.rel = "noreferrer"; + + if (aEvent.data.resetInUnload) { + let tmpName = window.name; + window.addEventListener("unload", function() { + window.name = tmpName; + }, false); + } + + linkElem.click(); + } +}, false); +</script> +</body> +</html> diff --git a/docshell/test/mochitest/tor_bug16620_form.html b/docshell/test/mochitest/tor_bug16620_form.html new file mode 100644 index 000000000000..3b6e6c72cfc9 --- /dev/null +++ b/docshell/test/mochitest/tor_bug16620_form.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="UTF-8"> + <title>Supporting Form-based Doc for Tor Bug 16620 Tests</title> +</head> +<body> + +<script type="application/javascript;version=1.7"> +document.addEventListener("DOMContentLoaded", function () { + addPostTarget(); +}, false); + + +function addPostTarget() +{ + let frameName = location.search.substr(1); + let form = document.getElementById("postform"); + let iframe = document.createElement("iframe"); + iframe.style.border = "1px solid red"; + iframe.src = "about:blank"; + form.target = iframe.name = iframe.id = frameName; + document.body.appendChild(iframe); + + let didSubmit = false; + iframe.onload = function() { + if (!didSubmit) { + didSubmit = true; + let submitButton = document.getElementById("submitButton"); + submitButton.click(); + } else { + // Form submission complete. Report iframe's name to test driver. + opener.postMessage({ state: "formPostDone", winName: iframe.name }, "*"); + } + }; +} + +</script> +<form name="postform" id="postform" + action="data:text/plain;charset=utf-8,Hello%20world" + method="POST" enctype="multipart/form-data"> + <input type="hidden" name="field1" value="value1"><br> + <input id="submitButton" type="submit" value="Post It"> +</body> +</html>

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 1946e3f905e65ab354ffadd0fb0b99fab22f970a Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jun 28 15:13:05 2016 -0400 Bug 19273: Avoid JavaScript patching of the external app helper dialog. When handling an external URI or downloading a file, invoke Torbutton's external app blocker component (which will present a download warning dialog unless the user has checked the "Automatically download files from now on" box). For e10s compatibility, avoid using a modal dialog and instead use a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton to indicate the user's desire to cancel or continue each request. Other bugs fixed: Bug 21766: Crash with e10s enabled while trying to download a file Bug 21886: Download is stalled in non-e10s mode Bug 22471: Downloading files via the PDF viewer download button is broken Bug 22472: Fix FTP downloads when external helper app dialog is shown Bug 22610: Avoid crashes when canceling external helper app downloads Bug 22618: Downloading pdf file via file:/// is stalling --- .../exthandler/nsExternalHelperAppService.cpp | 207 +++++++++++++++++---- uriloader/exthandler/nsExternalHelperAppService.h | 3 + .../exthandler/nsIExternalHelperAppService.idl | 47 +++++ 3 files changed, 222 insertions(+), 35 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 19abfd653c42..2dee9b859c9b 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -133,6 +133,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] = static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] = "browser.helperApps.neverAsk.openFile"; +static const char WARNING_DIALOG_CONTRACT_ID[] = + "@torproject.org/torbutton-extAppBlocker;1"; + // Helper functions for Content-Disposition headers /** @@ -389,6 +392,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory, return NS_OK; } +static already_AddRefed<nsIInterfaceRequestor> GetDialogParentAux( + BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) { + nsCOMPtr<nsIInterfaceRequestor> dialogParent = aWindowContext; + + if (!dialogParent && aBrowsingContext) { + dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow()); + } + if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) { + RefPtr<Element> element = aBrowsingContext->Top()->GetEmbedderElement(); + if (element) { + dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); + } + } + return dialogParent.forget(); +} + /** * Structure for storing extension->type mappings. * @see defaultMimeEntries @@ -552,6 +571,111 @@ static const char* descriptionOverwriteExtensions[] = { "avif", "pdf", "svg", "webp", "xml", }; +////////////////////////////////////////////////////////////////////////////////////////////////////// +// begin nsExternalLoadURIHandler class definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// +class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher { + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER + + nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, + BrowsingContext* aBrowsingContext); + + protected: + ~nsExternalLoadURIHandler(); + + nsCOMPtr<nsIHandlerInfo> mHandlerInfo; + nsCOMPtr<nsIURI> mURI; + nsCOMPtr<nsIPrincipal> mTriggeringPrincipal; + RefPtr<BrowsingContext> mBrowsingContext; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; +}; + +NS_IMPL_ADDREF(nsExternalLoadURIHandler) +NS_IMPL_RELEASE(nsExternalLoadURIHandler) + +NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler) + NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) +NS_INTERFACE_MAP_END + +nsExternalLoadURIHandler::nsExternalLoadURIHandler( + nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext) + : mHandlerInfo(aHandlerInfo), + mURI(aURI), + mTriggeringPrincipal(aTriggeringPrincipal), + mBrowsingContext(aBrowsingContext) + +{ + nsresult rv = NS_OK; + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = + GetDialogParentAux(aBrowsingContext, nullptr); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } +} + +nsExternalLoadURIHandler::~nsExternalLoadURIHandler() {} + +NS_IMETHODIMP nsExternalLoadURIHandler::ContinueRequest() { + MOZ_ASSERT(mURI); + MOZ_ASSERT(mHandlerInfo); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + nsHandlerInfoAction preferredAction; + mHandlerInfo->GetPreferredAction(&preferredAction); + bool alwaysAsk = true; + mHandlerInfo->GetAlwaysAskBeforeHandling(&alwaysAsk); + + nsresult rv = NS_OK; + // If we are not supposed to ask, and the preferred action is to use + // a helper app or the system default, we just launch the URI. + if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || + preferredAction == nsIHandlerInfo::useSystemDefault)) { + rv = mHandlerInfo->LaunchWithURI(mURI, mBrowsingContext); + // We are not supposed to ask, but when file not found the user most likely + // uninstalled the application which handles the uri so we will continue + // by application chooser dialog. + if (rv != NS_ERROR_FILE_NOT_FOUND) { + return rv; + } + } + + nsCOMPtr<nsIContentDispatchChooser> chooser = + do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + + return chooser->Ask(mHandlerInfo, mURI, mTriggeringPrincipal, + mBrowsingContext, + nsIContentDispatchChooser::REASON_CANNOT_HANDLE); +} + +NS_IMETHODIMP nsExternalLoadURIHandler::CancelRequest(nsresult aReason) { + NS_ENSURE_ARG(NS_FAILED(aReason)); + + // Break our reference cycle with the download warning dialog (set up in + // LoadURI). + mWarningDialog = nullptr; + + return NS_OK; +} + static StaticRefPtr<nsExternalHelperAppService> sExtHelperAppSvcSingleton; /** @@ -578,6 +702,9 @@ nsExternalHelperAppService::GetSingleton() { return do_AddRef(sExtHelperAppSvcSingleton); } +////////////////////////////////////////////////////////////////////////////////////////////////////// +// nsExternalHelperAppService definition and implementation +////////////////////////////////////////////////////////////////////////////////////////////////////// NS_IMPL_ISUPPORTS(nsExternalHelperAppService, nsIExternalHelperAppService, nsPIExternalAppLauncher, nsIExternalProtocolService, nsIMIMEService, nsIObserver, nsISupportsWeakReference) @@ -1021,30 +1148,13 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI, rv = GetProtocolHandlerInfo(scheme, getter_AddRefs(handler)); NS_ENSURE_SUCCESS(rv, rv); - nsHandlerInfoAction preferredAction; - handler->GetPreferredAction(&preferredAction); - bool alwaysAsk = true; - handler->GetAlwaysAskBeforeHandling(&alwaysAsk); - - // if we are not supposed to ask, and the preferred action is to use - // a helper app or the system default, we just launch the URI. - if (!alwaysAsk && (preferredAction == nsIHandlerInfo::useHelperApp || - preferredAction == nsIHandlerInfo::useSystemDefault)) { - rv = handler->LaunchWithURI(uri, aBrowsingContext); - // We are not supposed to ask, but when file not found the user most likely - // uninstalled the application which handles the uri so we will continue - // by application chooser dialog. - if (rv != NS_ERROR_FILE_NOT_FOUND) { - return rv; - } + RefPtr<nsExternalLoadURIHandler> h = new nsExternalLoadURIHandler( + handler, uri, aTriggeringPrincipal, aBrowsingContext); + if (!h) { + return NS_ERROR_OUT_OF_MEMORY; } - nsCOMPtr<nsIContentDispatchChooser> chooser = - do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv); - NS_ENSURE_SUCCESS(rv, rv); - - return chooser->Ask(handler, uri, aTriggeringPrincipal, aBrowsingContext, - nsIContentDispatchChooser::REASON_CANNOT_HANDLE); + return NS_OK; } ////////////////////////////////////////////////////////////////////////////////////////////////////// @@ -1189,6 +1299,7 @@ NS_INTERFACE_MAP_BEGIN(nsExternalAppHandler) NS_INTERFACE_MAP_ENTRY(nsIStreamListener) NS_INTERFACE_MAP_ENTRY(nsIRequestObserver) NS_INTERFACE_MAP_ENTRY(nsIHelperAppLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) NS_INTERFACE_MAP_ENTRY(nsICancelable) NS_INTERFACE_MAP_ENTRY(nsIBackgroundFileSaverObserver) NS_INTERFACE_MAP_ENTRY(nsINamed) @@ -1551,18 +1662,7 @@ void nsExternalAppHandler::MaybeApplyDecodingForExtension( already_AddRefed<nsIInterfaceRequestor> nsExternalAppHandler::GetDialogParent() { - nsCOMPtr<nsIInterfaceRequestor> dialogParent = mWindowContext; - - if (!dialogParent && mBrowsingContext) { - dialogParent = do_QueryInterface(mBrowsingContext->GetDOMWindow()); - } - if (!dialogParent && mBrowsingContext && XRE_IsParentProcess()) { - RefPtr<Element> element = mBrowsingContext->Top()->GetEmbedderElement(); - if (element) { - dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); - } - } - return dialogParent.forget(); + return GetDialogParentAux(mBrowsingContext, mWindowContext); } NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { @@ -1679,6 +1779,34 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { MOZ_ASSERT(NS_SUCCEEDED(rv)); } + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, &rv); + if (NS_SUCCEEDED(rv) && mWarningDialog) { + // This will create a reference cycle (the dialog holds a reference to us + // as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest + // or CancelRequest. + nsCOMPtr<nsIInterfaceRequestor> dialogParent = GetDialogParent(); + rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { + // If for some reason we could not open the download warning prompt, + // continue with the request. + ContinueRequest(); + } + + return NS_OK; +} + +NS_IMETHODIMP nsExternalAppHandler::ContinueRequest() { + nsAutoCString MIMEType; + if (mMimeInfo) { + mMimeInfo->GetMIMEType(MIMEType); + } + + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + // now that the temp file is set up, find out if we need to invoke a dialog // asking the user what they want us to do with this content... @@ -1762,6 +1890,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { action = nsIMIMEInfo::saveToDisk; } + nsresult rv = NS_OK; if (alwaysAsk) { // Display the dialog mDialog = do_CreateInstance(NS_HELPERAPPLAUNCHERDLG_CONTRACTID, &rv); @@ -1819,6 +1948,14 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { return NS_OK; } +NS_IMETHODIMP nsExternalAppHandler::CancelRequest(nsresult aReason) { + // Break our reference cycle with the download warning dialog (set up in + // OnStartRequest). + mWarningDialog = nullptr; + + return Cancel(aReason); +} + // Convert error info into proper message text and send OnStatusChange // notification to the dialog progress listener or nsITransfer implementation. void nsExternalAppHandler::SendStatusChange(ErrorType type, nsresult rv, @@ -2482,7 +2619,7 @@ NS_IMETHODIMP nsExternalAppHandler::Cancel(nsresult aReason) { } // Break our reference cycle with the helper app dialog (set up in - // OnStartRequest) + // ContinueRequest) mDialog = nullptr; mRequest = nullptr; diff --git a/uriloader/exthandler/nsExternalHelperAppService.h b/uriloader/exthandler/nsExternalHelperAppService.h index f0f38f64b2ea..77a19202baa7 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.h +++ b/uriloader/exthandler/nsExternalHelperAppService.h @@ -219,6 +219,7 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService, */ class nsExternalAppHandler final : public nsIStreamListener, public nsIHelperAppLauncher, + public nsIHelperAppWarningLauncher, public nsIBackgroundFileSaverObserver, public nsINamed { public: @@ -226,6 +227,7 @@ class nsExternalAppHandler final : public nsIStreamListener, NS_DECL_NSISTREAMLISTENER NS_DECL_NSIREQUESTOBSERVER NS_DECL_NSIHELPERAPPLAUNCHER + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER NS_DECL_NSICANCELABLE NS_DECL_NSIBACKGROUNDFILESAVEROBSERVER NS_DECL_NSINAMED @@ -478,6 +480,7 @@ class nsExternalAppHandler final : public nsIStreamListener, nsCOMPtr<nsITransfer> mTransfer; nsCOMPtr<nsIHelperAppLauncherDialog> mDialog; + nsCOMPtr<nsIHelperAppWarningDialog> mWarningDialog; /** diff --git a/uriloader/exthandler/nsIExternalHelperAppService.idl b/uriloader/exthandler/nsIExternalHelperAppService.idl index 657e15bc0742..ebdb1cdacf78 100644 --- a/uriloader/exthandler/nsIExternalHelperAppService.idl +++ b/uriloader/exthandler/nsIExternalHelperAppService.idl @@ -177,3 +177,50 @@ interface nsIHelperAppLauncher : nsICancelable */ readonly attribute uint64_t browsingContextId; }; + +/** + * nsIHelperAppWarningLauncher is implemented by two classes: + * nsExternalLoadURIHandler + * nsExternalAppHandler + */ +[scriptable, uuid(cffd508b-4aaf-43ad-99c6-671d35cbc558)] +interface nsIHelperAppWarningLauncher : nsISupports +{ + /** + * Callback invoked by the external app warning dialog to continue the + * request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + */ + void continueRequest(); + + /** + * Callback invoked by the external app warning dialog to cancel the request. + * NOTE: This will release the reference to the nsIHelperAppWarningDialog. + * + * @param aReason + * Pass a failure code to indicate the reason why this operation is + * being canceled. It is an error to pass a success code. + */ + void cancelRequest(in nsresult aReason); +}; + +/** + * nsIHelperAppWarningDialog is implemented by Torbutton's external app + * blocker (src/components/external-app-blocker.js). + */ +[scriptable, uuid(f4899a3f-0df3-42cc-9db8-bdf599e5a208)] +interface nsIHelperAppWarningDialog : nsISupports +{ + /** + * Possibly show a launch warning dialog (it will not be shown if the user + * has chosen to not see the warning again). + * + * @param aLauncher + * A nsIHelperAppWarningLauncher to be invoked after the user confirms + * or cancels the download. + * @param aWindowContext + * The window associated with the download. + */ + void maybeShow(in nsIHelperAppWarningLauncher aLauncher, + in nsISupports aWindowContext); +};

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 18821: Disable libmdns for Android and Desktop
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 958d39654cafa717b65d253cdd3a417dd84ff0a4 Author: Georg Koppen <gk(a)torproject.org> Date: Wed Apr 20 14:34:50 2016 +0000 Bug 18821: Disable libmdns for Android and Desktop There should be no need to remove the OS X support introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this is governed by a preference (which is actually set to `false`). However, we remove it at build time as well (defense in depth). This is basically a backout of the relevant passages of https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d, https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd. Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses) as well. --- dom/presentation/provider/components.conf | 10 ---------- dom/presentation/provider/moz.build | 1 - netwerk/dns/mdns/libmdns/components.conf | 15 --------------- netwerk/dns/mdns/libmdns/moz.build | 28 ---------------------------- 4 files changed, 54 deletions(-) diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf index 04cb28ec757e..56994ed7cd94 100644 --- a/dom/presentation/provider/components.conf +++ b/dom/presentation/provider/components.conf @@ -6,9 +6,6 @@ categories = {} -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'): - categories["presentation-device-provider"] = "MulticastDNSDeviceProvider" - Classes = [ { 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}', @@ -16,11 +13,4 @@ Classes = [ 'jsm': 'resource://gre/modules/PresentationControlService.jsm', 'constructor': 'PresentationControlService', }, - { - 'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}', - 'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'], - 'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider', - 'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'], - 'categories': categories, - }, ] diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build index eaea61af415a..d97b75ddbcf9 100644 --- a/dom/presentation/provider/moz.build +++ b/dom/presentation/provider/moz.build @@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [ UNIFIED_SOURCES += [ 'DeviceProviderHelpers.cpp', - 'MulticastDNSDeviceProvider.cpp', ] XPCOM_MANIFESTS += [ diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf index 6e64140c820e..1b50dbf673a4 100644 --- a/netwerk/dns/mdns/libmdns/components.conf +++ b/netwerk/dns/mdns/libmdns/components.conf @@ -5,20 +5,5 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. Classes = [ - { - 'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'], - 'type': 'mozilla::net::nsDNSServiceInfo', - 'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'], - }, ] -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa': - Classes += [ - { - 'cid': '{f9346d98-f27a-4e89-b744-493843416480}', - 'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'], - 'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm', - 'constructor': 'nsDNSServiceDiscovery', - }, - ] diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build index 05dc75eb9eda..a6fc1a8a559a 100644 --- a/netwerk/dns/mdns/libmdns/moz.build +++ b/netwerk/dns/mdns/libmdns/moz.build @@ -4,34 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': - UNIFIED_SOURCES += [ - 'MDNSResponderOperator.cpp', - 'MDNSResponderReply.cpp', - 'nsDNSServiceDiscovery.cpp', - ] - - LOCAL_INCLUDES += [ - '/netwerk/base', - ] - -else: - EXTRA_JS_MODULES += [ - 'DNSServiceDiscovery.jsm', - 'fallback/DataReader.jsm', - 'fallback/DataWriter.jsm', - 'fallback/DNSPacket.jsm', - 'fallback/DNSRecord.jsm', - 'fallback/DNSResourceRecord.jsm', - 'fallback/DNSTypes.jsm', - 'fallback/MulticastDNS.jsm', - ] - - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': - EXTRA_JS_MODULES += [ - 'MulticastDNSAndroid.jsm', - ] - UNIFIED_SOURCES += [ 'nsDNSServiceInfo.cpp', ]

1 0

[tor-browser/tor-browser-81.0b9-10.0-1] Bug 11641: change TBB directory structure to be more like Firefox's
by gk＠torproject.org 15 Sep '20

15 Sep '20

commit 32dfc39772d153633839352222cb416126dd5909 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Apr 29 13:08:24 2014 -0400 Bug 11641: change TBB directory structure to be more like Firefox's Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. --- toolkit/xre/nsAppRunner.cpp | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 50ea53c6ee72..d13a33ecab89 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1445,8 +1445,10 @@ static void DumpHelp() { " --migration Start with migration wizard.\n" " --ProfileManager Start with ProfileManager.\n" #ifdef MOZ_HAS_REMOTE - " --no-remote Do not accept or send remote commands; implies\n" + " --no-remote (default) Do not accept or send remote commands; " + "implies\n" " --new-instance.\n" + " --allow-remote Accept and send remote commands.\n" " --new-instance Open new instance, not a new window in running " "instance.\n" #endif @@ -3623,16 +3625,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { gSafeMode); #if defined(MOZ_HAS_REMOTE) + // In Tor Browser, remoting is disabled by default unless -osint is used. + bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND); + bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND); + if (!allowRemote && !isOsint) { + SaveToEnv("MOZ_NO_REMOTE=1"); + } // Handle --no-remote and --new-instance command line arguments. Setup // the environment to better accommodate other components and various // restart scenarios. ar = CheckArg("no-remote"); - if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) { + if ((ar == ARG_FOUND) && allowRemote) { + PR_fprintf(PR_STDERR, + "Error: argument --no-remote is invalid when argument " + "--allow-remote is specified\n"); + return 1; + } + if (EnvHasValue("MOZ_NO_REMOTE")) { mDisableRemoteClient = true; mDisableRemoteServer = true; - if (!EnvHasValue("MOZ_NO_REMOTE")) { - SaveToEnv("MOZ_NO_REMOTE=1"); - } } ar = CheckArg("new-instance");

1 0