ma1 pushed to branch tor-browser-102.2.1-12.0-1 at The Tor Project / Applications / fenix
Commits: a8b8273e by ma1 at 2022-09-22T19:36:20+00:00 tor-browser#41159 Remove HTTPS Everywhere from Tor Browser Android
- - - - - 81f03fff by ma1 at 2022-09-22T19:36:20+00:00 Merge branch 'bug_41159' into 'tor-browser-102.2.1-12.0-1'
tor-browser#41159 Remove HTTPS Everywhere from Tor Browser Android
See merge request tpo/applications/fenix!152 - - - - -
3 changed files:
- app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt - app/src/main/java/org/mozilla/fenix/utils/Settings.kt - app/src/main/res/values/preference_keys.xml
Changes:
===================================== app/src/main/java/org/mozilla/fenix/components/TorBrowserFeatures.kt ===================================== @@ -8,8 +8,14 @@ package org.mozilla.fenix.components
import android.os.StrictMode import android.content.Context +import kotlinx.coroutines.DelicateCoroutinesApi +import kotlinx.coroutines.Dispatchers +import kotlinx.coroutines.GlobalScope +import kotlinx.coroutines.launch +import kotlinx.coroutines.withContext import mozilla.components.concept.engine.webextension.WebExtension import mozilla.components.concept.engine.webextension.WebExtensionRuntime +import mozilla.components.support.webextensions.WebExtensionSupport import mozilla.components.support.base.log.logger.Logger import org.mozilla.fenix.ext.components import org.mozilla.fenix.ext.settings @@ -66,47 +72,57 @@ object TorBrowserFeatures { onError = { _, throwable -> onError(throwable) }) }
- private fun installHTTPSEverywhere( + @OptIn(DelicateCoroutinesApi::class) // GlobalScope usage + private fun uninstallHTTPSEverywhere( runtime: WebExtensionRuntime, - onSuccess: ((WebExtension) -> Unit), + onSuccess: (() -> Unit), onError: ((Throwable) -> Unit) ) { - runtime.installWebExtension( - id = "https-everywhere-eff@eff.org", - url = "resource://android/assets/extensions/https-everywhere/", - onSuccess = onSuccess, - onError = { _, throwable -> onError(throwable) } - ) + // Wait for WebExtensionSupport on the I/O thread to avoid deadlocks. + GlobalScope.launch(Dispatchers.IO) { + WebExtensionSupport.awaitInitialization() + // Back to the main thread. + withContext(Dispatchers.Main) { + val extension = + WebExtensionSupport.installedExtensions["https-everywhere-eff@eff.org"] + ?: return@withContext onSuccess() // Fine, nothing to uninstall. + runtime.uninstallWebExtension( + extension, + onSuccess = onSuccess, + onError = { _, throwable -> onError(throwable) } + ) + } + } }
fun install(context: Context, runtime: WebExtensionRuntime) { + val settings = context.settings() /** - * Install HTTPS Everywhere as a builtin addon, with a resource://android/ URI. - * No signatures will be checked/required and there will be no automatic - * extension updates. It's ok to always try to install, since for builtin extensions it will - * be checked internally whether it is necessary to install or not: it will only be done - * if this is the first time or if it's a newer version. + * Remove HTTPS Everywhere if we didn't yet, unless HTTPS-Only is disabled, which might + * mean user opted out from the built-in mechanism and still relies on the extension. */ - installHTTPSEverywhere( - runtime, - onSuccess = { - logger.debug("HTTPS Everywhere extension was installed successfully") - }, - onError = { throwable -> - logger.error("Could not install HTTPS Everywhere extension", throwable) - } - ) - + if (!settings.httpsEverywhereRemoved && settings.shouldUseHttpsOnly) { + uninstallHTTPSEverywhere( + runtime, + onSuccess = { + settings.httpsEverywhereRemoved = true + logger.debug("HTTPS Everywhere extension was uninstalled successfully") + }, + onError = { throwable -> + logger.error("Could not uninstall HTTPS Everywhere extension", throwable) + } + ) + } /** * Install NoScript as a user WebExtension if we have not already done so. * AMO signature is checked, but automatic updates still need to be enabled. */ - if (!context.settings().noscriptInstalled) { + if (!settings.noscriptInstalled) { installNoScript( context, runtime, onSuccess = { - context.settings().noscriptInstalled = true + settings.noscriptInstalled = true logger.debug("NoScript extension was installed successfully") }, onError = { throwable -> @@ -123,7 +139,7 @@ object TorBrowserFeatures { * causing automatic update checks failures (components.addonUpdater being a lazy prop). * The extension, from then on, should behave as if the user had installed it manually. */ - if (context.settings().noscriptUpdated == 0) { + if (settings.noscriptUpdated == 0) { context.components.torController.registerTorListener(object : TorEvents { override fun onTorConnected() { context.components.torController.unregisterTorListener(this) @@ -131,7 +147,7 @@ object TorBrowserFeatures { context.components.addonUpdater.registerForFutureUpdates(NOSCRIPT_ID) // Force an immediate update check context.components.addonUpdater.update(NOSCRIPT_ID) - context.settings().noscriptUpdated = 1 + settings.noscriptUpdated = 1 }
@SuppressWarnings("EmptyFunctionBlock")
===================================== app/src/main/java/org/mozilla/fenix/utils/Settings.kt ===================================== @@ -1384,4 +1384,9 @@ class Settings(private val appContext: Context) : PreferencesHolder { appContext.getPreferenceKey(R.string.pref_key_noscript_updated), default = 0 ) + + var httpsEverywhereRemoved by booleanPreference( + appContext.getPreferenceKey(R.string.pref_key_https_everywhere_removed), + default = false + ) }
===================================== app/src/main/res/values/preference_keys.xml ===================================== @@ -298,6 +298,7 @@
<string name="pref_key_noscript_installed" translatable="false">pref_key_noscript_installed</string> <string name="pref_key_noscript_updated" translatable="false">pref_key_noscript_updated</string> + <string name="pref_key_https_everywhere_removed" translatable="false">pref_key_https_everywhere_removed</string>
<!-- Security Level Settings --> <string name="pref_key_tor_security_level_settings" translatable="false">pref_key_tor_security_level_settings</string>
View it on GitLab: https://gitlab.torproject.org/tpo/applications/fenix/-/compare/be7201c2e4100...