This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-102.5.0esr-12.0-2 in repository tor-browser.
commit c9bc13ba8b47e886778334091771ab05742fa43c Author: Pier Angelo Vendrame pierov@torproject.org AuthorDate: Tue Jan 18 19:18:48 2022 +0100
Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Before reordering patches, we used to keep the Tor-related patches (torbutton and tor-launcher) at the beginning. After that issue, we decided to move them towards the end.
In addition to that, we have decided to move Tor Browser-only preferences there, too, to make Base Browser-only fixups easier to apply. --- browser/app/profile/000-tor-browser.js | 146 ++++++++++++++++++++++++++ browser/installer/package-manifest.in | 2 +- browser/moz.build | 2 +- mobile/android/app/000-tor-browser-android.js | 37 +++++++ taskcluster/ci/source-test/mozlint.yml | 2 +- 5 files changed, 186 insertions(+), 3 deletions(-)
diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js new file mode 100644 index 000000000000..08db037faeb0 --- /dev/null +++ b/browser/app/profile/000-tor-browser.js @@ -0,0 +1,146 @@ +#include 001-base-profile.js + +pref("app.update.notifyDuringDownload", true); +pref("app.update.url.manual", "https://www.torproject.org/download/languages/"); +pref("app.update.url.details", "https://www.torproject.org/download/"); +pref("app.update.badgeWaitTime", 0); +pref("app.releaseNotesURL", "about:blank"); +// disables the 'What's New?' link in the about dialog, otherwise we need to +// duplicate logic for generating the url to the blog post that is already more +// easily found in about:tor +pref("app.releaseNotesURL.aboutDialog", "about:blank"); +// point to our feedback url rather than Mozilla's +pref("app.feedback.baseURL", "https://support.torproject.org/%LOCALE%/get-in-touch/"); + +pref("browser.shell.checkDefaultBrowser", false); + +// Proxy and proxy security +pref("network.proxy.socks", "127.0.0.1"); +pref("network.proxy.socks_port", 9150); +pref("network.proxy.socks_remote_dns", true); +pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419) +pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065) +pref("network.proxy.type", 1); +// Bug 40548: Disable proxy-bypass +pref("network.proxy.failover_direct", false); +// localhost is already blocked by setting `network.proxy.allow_hijacking_localhost` to +// true, allowing users to explicitly block ports makes them fingerprintable; for details, see +// Bug 41317: Tor Browser leaks banned ports in network.security.ports.banned +pref("network.security.ports.banned", "", locked); +pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks +pref("network.http.max-persistent-connections-per-proxy", 256); + +pref("browser.uiCustomization.state", "{"placements":{"widget-overflow-fixed-list":[],"PersonalToolbar":["personal-bookmarks"],"nav-bar":["back-button","forward-button","stop-reload-button","urlbar-container","torbutton-button","security-level-button","new-identity-button","downloads-button"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"toolbar-menubar":["menubar-items"],"PanelUI-contents":["home-button","edit-controls", [...] + +// Treat .onions as secure +pref("dom.securecontext.allowlist_onions", true); + +// Disable HTTPS-Only mode for .onion domains (tor-browser#19850) +pref("dom.security.https_only_mode.upgrade_onion", false); + +// tor-browser#22320: Hide referer when comming from a .onion address +pref("network.http.referer.hideOnionSource", true); + +// Bug 40423/41137: Disable http/3 +// We should re-enable it as soon as Tor gets UDP support +pref("network.http.http3.enabled", false); + +// 0 = do not use a second connection, see all.js and #7656 +pref("network.http.connection-retry-timeout", 0); + +#expand pref("torbrowser.version", __TOR_BROWSER_VERSION_QUOTED__); + +// Old torbutton prefs + +// debug prefs +pref("extensions.torbutton.loglevel", 4); +pref("extensions.torbutton.logmethod", 1); // 0=stdout, 1=errorconsole, 2=debuglog + +// Display prefs +pref("extensions.torbutton.display_circuit", true); + +// Tor check and proxy prefs +pref("extensions.torbutton.test_enabled", true); +pref("extensions.torbutton.test_url", "https://check.torproject.org/?TorButton=true"); +pref("extensions.torbutton.local_tor_check", true); +pref("extensions.torbutton.use_nontor_proxy", false); + +// State prefs: +pref("extensions.torbutton.startup", false); + +// This is only used when letterboxing is disabled. +// See #7255 for details. We display the warning three times to make sure the +// user did not click on it by accident. +pref("extensions.torbutton.maximize_warnings_remaining", 3); + +// Security prefs: +pref("extensions.torbutton.resize_new_windows", false); +pref("extensions.torbutton.launch_warning", true); + +// Browser home page: +pref("browser.startup.homepage", "about:tor"); + +// This pref specifies an ad-hoc "version" for various pref update hacks we need to do +pref("extensions.torbutton.pref_fixup_version", 0); + +// Formerly tor-launcher defaults +// When presenting the setup wizard, first prompt for locale. +pref("intl.locale.matchOS", true); +pref("extensions.torlauncher.prompt_for_locale", true); + +pref("extensions.torlauncher.start_tor", true); +pref("extensions.torlauncher.prompt_at_startup", true); +pref("extensions.torlauncher.quickstart", false); + +pref("extensions.torlauncher.loglevel", 4); // 1=verbose, 2=debug, 3=info, 4=note, 5=warn +pref("extensions.torlauncher.logmethod", 1); // 0=stdout, 1=errorconsole, 2=debuglog +pref("extensions.torlauncher.max_tor_log_entries", 1000); + +// By default, Tor Launcher configures a TCP listener for the Tor +// control port, as defined by control_host and control_port. +// Set control_port_use_ipc to true to use an IPC object (e.g., a Unix +// domain socket) instead. You may also modify control_ipc_path to +// override the default IPC object location. If a relative path is used, +// it is handled like torrc_path (see below). +pref("extensions.torlauncher.control_host", "127.0.0.1"); +pref("extensions.torlauncher.control_port", 9151); +pref("extensions.torlauncher.control_port_use_ipc", false); +pref("extensions.torlauncher.control_ipc_path", ""); + +// By default, Tor Launcher configures a TCP listener for the Tor +// SOCKS port. The host is taken from the network.proxy.socks pref and +// the port is taken from the network.proxy.socks_port pref. +// Set socks_port_use_ipc to true to use an IPC object (e.g., a Unix +// domain socket) instead. You may also modify socks_ipc_path to +// override the default IPC object location. If a relative path is used, +// it is handled like torrc_path (see below). +// Modify socks_port_flags to use a different set of SocksPort flags (but be +// careful). +pref("extensions.torlauncher.socks_port_use_ipc", false); +pref("extensions.torlauncher.socks_ipc_path", ""); +pref("extensions.torlauncher.socks_port_flags", "ExtendedErrors IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth"); + +// The tor_path is relative to the application directory. On Linux and +// Windows this is the Browser/ directory that contains the firefox +// executables, and on Mac OS it is the TorBrowser.app directory. +pref("extensions.torlauncher.tor_path", ""); + +// The torrc_path and tordatadir_path are relative to the data directory, +// which is TorBrowser-Data/ if it exists as a sibling of the application +// directory. If TorBrowser-Data/ does not exist, these paths are relative +// to the TorBrowser/ directory within the application directory. +pref("extensions.torlauncher.torrc_path", ""); +pref("extensions.torlauncher.tordatadir_path", ""); + +// BridgeDB-related preferences (used for Moat). +pref("extensions.torlauncher.bridgedb_front", "cdn.sstatic.net"); +pref("extensions.torlauncher.bridgedb_reflector", "https://moat.torproject.org.global.prod.fastly.net/"); +pref("extensions.torlauncher.moat_service", "https://bridges.torproject.org/moat"); +pref("extensions.torlauncher.bridgedb_bridge_type", "obfs4"); + +// Recommended default bridge type (can be set per localized bundle). +// pref("extensions.torlauncher.default_bridge_recommended_type", "obfs3"); + +// Default bridges. +// pref("extensions.torlauncher.default_bridge.TYPE.1", "TYPE x.x.x.x:yy"); +// pref("extensions.torlauncher.default_bridge.TYPE.2", "TYPE x.x.x.x:yy"); diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index ee53c9ffeb05..bc0803aef688 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -283,7 +283,7 @@ @RESPATH@/browser/defaults/settings/blocklists @RESPATH@/browser/defaults/settings/main @RESPATH@/browser/defaults/settings/security-state -@RESPATH@/browser/@PREF_DIR@/001-base-profile.js +@RESPATH@/browser/@PREF_DIR@/000-tor-browser.js
; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325) ; Technically this is an app pref file, but we are keeping it in the original diff --git a/browser/moz.build b/browser/moz.build index 0df0a824f9ad..d72932988fac 100644 --- a/browser/moz.build +++ b/browser/moz.build @@ -56,7 +56,7 @@ if CONFIG["MOZ_UPDATE_AGENT"]: # These files are specified in this moz.build to pick up DIST_SUBDIR as set in # this directory, which is un-set in browser/app. JS_PREFERENCE_PP_FILES += [ - "app/profile/001-base-profile.js", + "app/profile/000-tor-browser.js", "app/profile/firefox.js", ] FINAL_TARGET_FILES.defaults += ["app/permissions"] diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js new file mode 100644 index 000000000000..7d440ec6a66e --- /dev/null +++ b/mobile/android/app/000-tor-browser-android.js @@ -0,0 +1,37 @@ +// Import all prefs from the canonical file +// We override mobile-specific prefs below +// Tor Browser for Android +// Do not edit this file. + +#include ../../../browser/app/profile/000-tor-browser.js + +// Disable browser auto updaters +pref("app.update.auto", false); +pref("browser.startup.homepage_override.mstone", "ignore"); + +// Clear data on quit +pref("privacy.clearOnShutdown.cache", true); +pref("privacy.clearOnShutdown.cookies", true); +pref("privacy.clearOnShutdown.downloads", true); +pref("privacy.clearOnShutdown.formdata", true); +pref("privacy.clearOnShutdown.history", true); +pref("privacy.clearOnShutdown.offlineApps", true); +pref("privacy.clearOnShutdown.passwords", true); +pref("privacy.clearOnShutdown.sessions", true); +pref("privacy.clearOnShutdown.siteSettings", true); + +// controls if we want camera support +pref("media.realtime_decoder.enabled", false); + +// Enable touch events on Android (highlighting text, etc) +pref("dom.w3c_touch_events.enabled", 2); + +// No HLS support for now due to browser freezing, see: #29859. +pref("media.hls.enabled", false); + +// Disable WebAuthn. It requires Google Play Services, so it isn't +// available, but avoid any potential problems. +pref("security.webauth.webauthn_enable_android_fido2", false); + +// Disable the External App Blocker on Android +pref("extensions.torbutton.launch_warning", false); diff --git a/taskcluster/ci/source-test/mozlint.yml b/taskcluster/ci/source-test/mozlint.yml index d354c81e71d3..ddff137ae9b4 100644 --- a/taskcluster/ci/source-test/mozlint.yml +++ b/taskcluster/ci/source-test/mozlint.yml @@ -151,7 +151,7 @@ lintpref: files-changed: - 'modules/libpref/init/all.js' - 'modules/libpref/init/StaticPrefList.yaml' - - 'browser/app/profile/001-base-profile.js' + - 'browser/app/profile/000-tor-browser.js' - 'browser/app/profile/firefox.js' - 'mobile/android/app/mobile.js' - 'devtools/client/preferences/debugger.js'