ma1 pushed to branch tor-browser-115.21.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits: dc7ca927 by Emma Zuehlcke at 2025-03-02T22:59:10+01:00 Bug 1866661 - Tests, a=dmeehan
Differential Revision: https://phabricator.services.mozilla.com/D237737 - - - - - 5f732399 by Rob Wu at 2025-03-02T23:50:30+01:00 Bug 1939087 - Truncate long name and log warning a=dmeehan
Original Revision: https://phabricator.services.mozilla.com/D233025
Differential Revision: https://phabricator.services.mozilla.com/D236900 - - - - - 4642da84 by Tom Schuster at 2025-03-02T23:55:34+01:00 Bug 1942022 - Improve the about:protections CSP. r=firefox-desktop-core-reviewers ,mossop
Differential Revision: https://phabricator.services.mozilla.com/D234507 - - - - - 5d037355 by Tom Schuster at 2025-03-03T00:00:34+01:00 Bug 1942025 - Improve the about:privatebrowsing CSP. r=firefox-desktop-core-reviewers ,Gijs
Differential Revision: https://phabricator.services.mozilla.com/D234508 - - - - - 6b0945a7 by Nazım Can Altınova at 2025-03-03T00:11:34+01:00 Bug 1943912 - Do not reset the chunk manager while shutdown a=dmeehan
Original Revision: https://phabricator.services.mozilla.com/D235642
Differential Revision: https://phabricator.services.mozilla.com/D237219 - - - - -
10 changed files:
- browser/components/privatebrowsing/content/aboutPrivateBrowsing.html - browser/components/protections/content/protections.html - browser/components/protocolhandler/test/browser/browser_registerProtocolHandler_notification.js - toolkit/components/extensions/Extension.sys.mjs - toolkit/components/extensions/schemas/manifest.json - toolkit/components/extensions/test/xpcshell/test_ext_manifest.js - toolkit/mozapps/extensions/internal/XPIInstall.jsm - toolkit/mozapps/extensions/test/xpcshell/test_locale.js - tools/profiler/gecko/ProfilerChild.cpp - tools/profiler/public/ProfilerChild.h
Changes:
===================================== browser/components/privatebrowsing/content/aboutPrivateBrowsing.html ===================================== @@ -10,7 +10,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; img-src chrome: blob:; object-src 'none';" /> <meta name="color-scheme" content="light dark" /> <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" />
===================================== browser/components/protections/content/protections.html ===================================== @@ -8,7 +8,7 @@ <meta charset="utf-8" /> <meta http-equiv="Content-Security-Policy" - content="default-src chrome: blob:; object-src 'none'" + content="default-src chrome:; object-src 'none'" /> <meta name="color-scheme" content="light dark" /> <link rel="localization" href="branding/brand.ftl" />
===================================== browser/components/protocolhandler/test/browser/browser_registerProtocolHandler_notification.js ===================================== @@ -6,7 +6,16 @@ const TEST_PATH = getRootDirectory(gTestPath).replace( "chrome://mochitests/content", "https://example.com" ); + +const SECURITY_DELAY = 3000; + add_task(async function () { + // Set a custom, higher security delay for the test to avoid races on slow + // builds. + await SpecialPowers.pushPrefEnv({ + set: [["security.notification_enable_delay", SECURITY_DELAY]], + }); + let notificationValue = "Protocol Registration: web+testprotocol"; let testURI = TEST_PATH + "browser_registerProtocolHandler_notification.html";
@@ -58,4 +67,16 @@ add_task(async function () { let button = buttons[0]; isnot(button.label, null, "We expect the add button to have a label."); todo(button.accesskey, "We expect the add button to have a accesskey."); + + ok(button.disabled, "We expect the button to be disabled initially."); + + let timeoutMS = SECURITY_DELAY + 100; + info(`Wait ${timeoutMS}ms for the button to enable.`); + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, SECURITY_DELAY + 100)); + + ok( + !button.disabled, + "We expect the button to be enabled after the security delay." + ); });
===================================== toolkit/components/extensions/Extension.sys.mjs ===================================== @@ -1367,6 +1367,17 @@ export class ExtensionData { ); }
+ // AMO enforces a maximum length of 45 on the name since at least 2017, via + // https://github.com/mozilla/addons-linter/blame/c4507688899aaafe29c522f1b1aec... + // added in https://github.com/mozilla/addons-linter/pull/1169 + // To avoid breaking add-ons that do not go through AMO (e.g. temporarily + // loaded extensions), we enforce the limit by truncating and warning if + // needed, instead enforcing a maxLength on "name" in schemas/manifest.json. + // + // We set the limit to 75, which is a safe limit that matches the CWS, + // see https://bugzilla.mozilla.org/show_bug.cgi?id=1939087#c5 + static EXT_NAME_MAX_LEN = 75; + async initializeAddonTypeAndID() { if (this.type) { // Already initialized. @@ -1486,6 +1497,14 @@ export class ExtensionData { } }
+ if (manifest.name.length > ExtensionData.EXT_NAME_MAX_LEN) { + // Truncate and warn - see comment in EXT_NAME_MAX_LEN. + manifest.name = manifest.name.slice(0, ExtensionData.EXT_NAME_MAX_LEN); + this.manifestWarning( + `Warning processing "name": must be shorter than ${ExtensionData.EXT_NAME_MAX_LEN}` + ); + } + if ( this.manifestVersion < 3 && manifest.background &&
===================================== toolkit/components/extensions/schemas/manifest.json ===================================== @@ -29,6 +29,7 @@
"name": { "type": "string", + "description": "Name must be at least 2, at should be at most 75 characters", "optional": false, "preprocess": "localize" },
===================================== toolkit/components/extensions/test/xpcshell/test_ext_manifest.js ===================================== @@ -156,6 +156,28 @@ add_task( } );
+add_task(async function test_name_too_long() { + let extension = ExtensionTestUtils.loadExtension({ + manifest: { + // This length is 80, which exceeds ExtensionData.EXT_NAME_MAX_LEN: + name: "123456789_".repeat(8), + }, + }); + await extension.startup(); + equal( + extension.extension.name, + "123456789_123456789_123456789_123456789_123456789_123456789_123456789_12345", + "Name should be truncated" + ); + Assert.deepEqual( + extension.extension.warnings, + ['Reading manifest: Warning processing "name": must be shorter than 75'], + "Expected error message when the name is too long" + ); + + await extension.unload(); +}); + add_task(async function test_simpler_version_format() { const TEST_CASES = [ // Valid cases
===================================== toolkit/mozapps/extensions/internal/XPIInstall.jsm ===================================== @@ -560,6 +560,11 @@ async function loadManifestFromWebManifest(aPackage, aLocation) { contributors: null, locales: [aLocale], }; + if (result.name.length > lazy.ExtensionData.EXT_NAME_MAX_LEN) { + // See comment at EXT_NAME_MAX_LEN in Extension.sys.mjs. + logger.warn(`Truncating add-on name ${addon.id} for locale ${aLocale}`); + result.name = result.name.slice(0, lazy.ExtensionData.EXT_NAME_MAX_LEN); + } return result; }
===================================== toolkit/mozapps/extensions/test/xpcshell/test_locale.js ===================================== @@ -51,6 +51,13 @@ add_task(async function test_1() { description: "name", }, }, + "_locales/es-ES/messages.json": { + name: { + // This length is 80, which exceeds ExtensionData.EXT_NAME_MAX_LEN: + message: "123456789_".repeat(8), + description: "name with 80 chars, should truncate to 75", + }, + }, }, });
@@ -101,3 +108,18 @@ add_task(async function test_6() {
await addon.enable(); }); + +add_task(async function test_name_too_long() { + await restartWithLocales(["es-ES"]); + + let addon = await AddonManager.getAddonByID("addon1@tests.mozilla.org"); + Assert.notEqual(addon, null); + + Assert.equal( + addon.name, + "123456789_123456789_123456789_123456789_123456789_123456789_123456789_12345", + "Name should be truncated" + ); + + await addon.enable(); +});
===================================== tools/profiler/gecko/ProfilerChild.cpp ===================================== @@ -139,6 +139,12 @@ void ProfilerChild::SetupChunkManager() { }); }
+/* static */ void ProfilerChild::ClearPendingUpdate() { + auto lockedUpdate = sPendingChunkManagerUpdate.Lock(); + lockedUpdate->mProfilerChild = nullptr; + lockedUpdate->mUpdate.Clear(); +} + void ProfilerChild::ResetChunkManager() { if (!mChunkManager) { return; @@ -149,9 +155,7 @@ void ProfilerChild::ResetChunkManager() { mChunkManager->SetUpdateCallback({});
// Clear the pending update. - auto lockedUpdate = sPendingChunkManagerUpdate.Lock(); - lockedUpdate->mProfilerChild = nullptr; - lockedUpdate->mUpdate.Clear(); + ClearPendingUpdate(); // And process a final update right now. ProcessChunkManagerUpdate( ProfileBufferControlledChunkManager::Update(nullptr)); @@ -483,7 +487,7 @@ void ProfilerChild::ActorDestroy(ActorDestroyReason aActorDestroyReason) { }
void ProfilerChild::Destroy() { - ResetChunkManager(); + ClearPendingUpdate(); if (!mDestroyed) { Close(); }
===================================== tools/profiler/public/ProfilerChild.h ===================================== @@ -81,6 +81,8 @@ class ProfilerChild final : public PProfilerChild, void ProcessChunkManagerUpdate( ProfileBufferControlledChunkManager::Update&& aUpdate);
+ static void ClearPendingUpdate(); + static void GatherProfileThreadFunction(void* already_AddRefedParameters);
nsCOMPtr<nsIThread> mThread;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/48d984f...