richard pushed to branch tor-browser-115.10.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 267147ef by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Bug 30237: Add v3 onion services client authentication prompt Bug 41622: Follow net error style from mozilla. We drop our additions to the page and work with the existing files from mozilla. - - - - - 79f14f9e by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Tor Browser strings Bug 41622: Move net error page strings to Fluent. - - - - - 57dffc45 by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Bug 23247: Communicating security expectations for .onion Bug 41622: Add context-stroke to onion-warning.svg. - - - - - 357c3281 by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Bug 2176: Rebrand Firefox to TorBrowser Bug 41622: Add context-stroke to onion-warning.svg. Also drop the unnecessary clip path. - - - - - 7f240934 by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Add TorStrings module for localization Bug 41622: Move the onion net error strings to Fluent. - - - - - 9967ae76 by Henry Wilkes at 2024-04-17T18:28:11+00:00 fixup! Tor Browser localization migration scripts. Bug 41622: Migrate onion net error strings to Fluent. - - - - - 20 changed files: - − browser/components/onionservices/content/netError/browser.svg - − browser/components/onionservices/content/netError/network.svg - − browser/components/onionservices/content/netError/onionNetError.css - − browser/components/onionservices/content/netError/onionNetError.js - − browser/components/onionservices/content/netError/onionsite.svg - browser/components/onionservices/jar.mn - browser/locales/en-US/browser/tor-browser.ftl - browser/themes/shared/identity-block/identity-block.css - browser/themes/shared/identity-block/onion-slash.svg - browser/themes/shared/identity-block/onion-warning.svg - docshell/base/nsDocShell.cpp - toolkit/actors/NetErrorChild.sys.mjs - toolkit/content/aboutNetError.mjs - toolkit/content/aboutNetError.xhtml - toolkit/modules/RemotePageAccessManager.sys.mjs - toolkit/modules/TorStrings.sys.mjs - toolkit/themes/shared/aboutNetError.css - toolkit/torbutton/chrome/locale/en-US/torbutton.properties - tools/lint/eslint/eslint-plugin-mozilla/lib/environments/remote-page.js - + tools/torbrowser/l10n/migrations/bug-41622-neterror.py Changes: ===================================== browser/components/onionservices/content/netError/browser.svg deleted ===================================== @@ -1,3 +0,0 @@ -<svg fill="none" height="60" viewBox="0 0 60 60" width="60" xmlns="http://www.w3.org/2000/svg"> - <path fill="context-fill" fill-opacity="context-fill-opacity" d="m49 6h-37.5c-1.98912 0-3.89678.79018-5.3033 2.1967s-2.1967 3.3142-2.1967 5.3033v33.75c0 1.9891.79018 3.8968 2.1967 5.3033s3.31418 2.1967 5.3033 2.1967h37.5c1.9891 0 3.8968-.7902 5.3033-2.1967s2.1967-3.3142 2.1967-5.3033v-33.75c0-1.9891-.7902-3.89678-2.1967-5.3033s-3.3142-2.1967-5.3033-2.1967zm-38.0625 4.6875h38.625l2.25 2.25v8.0625h-43.125v-8.0625zm38.625 39.375h-38.625l-2.25-2.25v-22.125h43.125v22.125z"/> -</svg> ===================================== browser/components/onionservices/content/netError/network.svg deleted ===================================== @@ -1,3 +0,0 @@ -<svg fill="none" height="60" viewBox="0 0 60 60" width="60" xmlns="http://www.w3.org/2000/svg"> - <path fill="context-fill" fill-opacity="context-fill-opacity" d="m30 1.875c-7.4592 0-14.6129 2.96316-19.8874 8.2376-5.27444 5.2745-8.2376 12.4282-8.2376 19.8874s2.96316 14.6129 8.2376 19.8874c5.2745 5.2744 12.4282 8.2376 19.8874 8.2376s14.6129-2.9632 19.8874-8.2376c5.2744-5.2745 8.2376-12.4282 8.2376-19.8874s-2.9632-14.6129-8.2376-19.8874c-5.2745-5.27444-12.4282-8.2376-19.8874-8.2376zm9.1762 6.5625c3.8504 1.6533 7.1876 4.3079 9.6646 7.6877 2.477 3.3799 4.0034 7.3615 4.4205 11.531h-8.3588c-.4617-6.9829-2.9858-13.6716-7.2525-19.2187zm-7.6837 0c5.0739 5.1814 8.1562 11.9874 8.7037 19.2187h-20.3924c.5475-7.2313 3.6298-14.0373 8.7037-19.2187zm-10.6725 0h1.53c-4.2651 5.548-6.789 12.2362-7.2525 19.2187h-8.35875c.41632-4.1692 1.942-8.1508 4.41835-11.5306 2.4764-3.3799 5.813-6.0346 9.6629-7.6881zm0 43.125c-3.8504-1.6528-7.1874-4.3074-9.6639-7.6874-2.47642-3.38-4.0018-7.3619-4.41735-11.5313h8.35875c.4617 6.9829 2.9858 13.6716 7.2525 19.2187zm7.6875 0c-5.0739-5.1814-8.1562-11.9874-8.7037-19.2187h20.3887c-.5475 7.2313-3.6298 14.0373-8.7037 19.2187zm10.6725 0h-1.5338c4.2683-5.5462 6.7926-12.2354 7.2525-19.2187h8.3588c-.4156 4.1689-1.9406 8.1504-4.4163 11.5302-2.4757 3.3799-5.8118 6.0348-9.6612 7.6885z"/> -</svg> ===================================== browser/components/onionservices/content/netError/onionNetError.css deleted ===================================== @@ -1,70 +0,0 @@ -/* Copyright (c) 2020, The Tor Project, Inc. */ - -#onionErrorDiagramContainer { - margin: 0px auto 40px 0px; - /* 3 icons 64px wide each seperated by a 64px gap */ - width: 384px; - display: grid; - grid-row-gap: 15px; - grid-column-gap: 64px; - grid-template-columns: 1fr 1fr 1fr; -} - -#onionErrorDiagramContainer > div { - margin: auto; - position: relative; /* needed to allow overlay of the ok or error icon */ -} - -.onionErrorImage { - width: 64px; - height: 64px; - background-size: 64px 64px; - background-position: center; - background-repeat: no-repeat; - -moz-context-properties: fill; - fill: var(--in-content-icon-color); - opacity: 50%; -} - -.onionErrorImage[status] { - opacity: 100%; -} - -#onionErrorBrowserImage { - background-image: url("browser.svg"); -} - -#onionErrorNetworkImage { - background-image: url("network.svg"); -} - -#onionErrorOnionSiteImage { - background-image: url("onionsite.svg"); -} - -/* rules to support overlay of the ok or error icon */ -.onionErrorImage[status]::after { - content: " "; - position: absolute; - left: -8px; - top: calc((64px - 24px) / 2); - width: 24px; - height: 24px; - -moz-context-properties: fill; - fill: var(--in-content-page-background); - - background-repeat: no-repeat; - background-position: center; - border: 3px solid var(--in-content-page-background); - border-radius: 50%; -} - -.onionErrorImage[status="ok"]::after { - background-color: var(--in-content-icon-color); - background-image: url("chrome://global/skin/icons/check.svg"); -} - -.onionErrorImage[status="error"]::after { - background-color: var(--warning-color); - background-image: url("chrome://global/skin/icons/close.svg"); -} ===================================== browser/components/onionservices/content/netError/onionNetError.js deleted ===================================== @@ -1,240 +0,0 @@ -// Copyright (c) 2020, The Tor Project, Inc. - -"use strict"; - -/* eslint-env mozilla/remote-page */ - -var OnionServicesAboutNetError = { - _selector: { - textContainer: "div#text-container", - header: ".title-text", - longDesc: "#errorLongDesc", - learnMoreContainer: "#learnMoreContainer", - learnMoreLink: "#learnMoreLink", - tryAgainButtonContainer: "#netErrorButtonContainer", - }, - _status: { - ok: "ok", - error: "error", - }, - - _diagramInfoMap: undefined, - - // Public functions (called from outside this file). - // - // This initPage() function may need to be updated if the structure of - // browser/base/content/aboutNetError.xhtml changes. Specifically, it - // references the following elements: - // query string parameter e - // class title-text - // id errorLongDesc - // id learnMoreContainer - // id learnMoreLink - // id errorLongContent - initPage(aDoc) { - const searchParams = new URLSearchParams(aDoc.documentURI.split("?")[1]); - const err = searchParams.get("e"); - - const errPrefix = "onionServices."; - const errName = err.substring(errPrefix.length); - - this._strings = RPMGetTorStrings(); - - const stringsObj = this._strings[errName]; - if (!stringsObj) { - return; - } - - this._insertStylesheet(aDoc); - - const pageTitle = stringsObj.pageTitle; - const header = stringsObj.header; - const longDescription = stringsObj.longDescription; // optional - const learnMoreURL = stringsObj.learnMoreURL; - - if (pageTitle) { - aDoc.title = pageTitle; - } - - if (header) { - const headerElem = aDoc.querySelector(this._selector.header); - if (headerElem) { - headerElem.textContent = header; - } - } - - const ld = aDoc.querySelector(this._selector.longDesc); - if (ld) { - if (longDescription) { - const hexErr = this._hexErrorFromName(errName); - ld.textContent = longDescription.replace("%S", hexErr); - } else { - // This onion service error does not have a long description. Since - // it is set to a generic error string by the code in - // browser/base/content/aboutNetError.js, hide it here. - ld.style.display = "none"; - } - } - - if (learnMoreURL) { - const lmContainer = aDoc.querySelector(this._selector.learnMoreContainer); - if (lmContainer) { - lmContainer.style.display = "block"; - } - const lmLink = lmContainer.querySelector(this._selector.learnMoreLink); - if (lmLink) { - lmLink.setAttribute("href", learnMoreURL); - } - } - - // Remove the "Try Again" button if the user made a typo in the .onion - // address since it is not useful in that case. - if (errName === "badAddress") { - const tryAgainButton = aDoc.querySelector( - this._selector.tryAgainButtonContainer - ); - if (tryAgainButton) { - tryAgainButton.style.display = "none"; - } - } - - this._insertDiagram(aDoc, errName); - }, // initPage() - - _insertStylesheet(aDoc) { - const url = - "chrome://browser/content/onionservices/netError/onionNetError.css"; - let linkElem = aDoc.createElement("link"); - linkElem.rel = "stylesheet"; - linkElem.href = url; - linkElem.type = "text/css"; - aDoc.head.appendChild(linkElem); - }, - - _insertDiagram(aDoc, aErrorName) { - // The onion error diagram consists of a grid of div elements. - // The first row contains three images (Browser, Network, Onionsite) and - // the second row contains labels for the images that are in the first row. - // The _diagramInfoMap describes for each type of onion service error - // whether a small ok or error status icon is overlaid on top of the main - // Browser/Network/Onionsite images. - if (!this._diagramInfoMap) { - this._diagramInfoMap = new Map(); - this._diagramInfoMap.set("descNotFound", { - browser: this._status.ok, - network: this._status.ok, - onionSite: this._status.error, - }); - this._diagramInfoMap.set("descInvalid", { - browser: this._status.ok, - network: this._status.error, - }); - this._diagramInfoMap.set("introFailed", { - browser: this._status.ok, - network: this._status.error, - }); - this._diagramInfoMap.set("rendezvousFailed", { - browser: this._status.ok, - network: this._status.error, - }); - this._diagramInfoMap.set("clientAuthMissing", { - browser: this._status.error, - }); - this._diagramInfoMap.set("clientAuthIncorrect", { - browser: this._status.error, - }); - this._diagramInfoMap.set("badAddress", { - browser: this._status.error, - }); - this._diagramInfoMap.set("introTimedOut", { - browser: this._status.ok, - network: this._status.error, - }); - } - - const diagramInfo = this._diagramInfoMap.get(aErrorName); - - const container = this._createDiv(aDoc, "onionErrorDiagramContainer"); - const imageClass = "onionErrorImage"; - - const browserImage = this._createDiv( - aDoc, - "onionErrorBrowserImage", - imageClass, - container - ); - if (diagramInfo && diagramInfo.browser) { - browserImage.setAttribute("status", diagramInfo.browser); - } - - const networkImage = this._createDiv( - aDoc, - "onionErrorNetworkImage", - imageClass, - container - ); - if (diagramInfo && diagramInfo.network) { - networkImage.setAttribute("status", diagramInfo.network); - } - - const onionSiteImage = this._createDiv( - aDoc, - "onionErrorOnionSiteImage", - imageClass, - container - ); - if (diagramInfo && diagramInfo.onionSite) { - onionSiteImage.setAttribute("status", diagramInfo.onionSite); - } - - let labelDiv = this._createDiv(aDoc, undefined, undefined, container); - labelDiv.textContent = this._strings.errorPage.browser; - labelDiv = this._createDiv(aDoc, undefined, undefined, container); - labelDiv.textContent = this._strings.errorPage.network; - labelDiv = this._createDiv(aDoc, undefined, undefined, container); - labelDiv.textContent = this._strings.errorPage.onionSite; - - const textContainer = aDoc.querySelector(this._selector.textContainer); - textContainer?.insertBefore(container, textContainer.firstChild); - }, // _insertDiagram() - - _createDiv(aDoc, aID, aClass, aParentElem) { - const div = aDoc.createElement("div"); - if (aID) { - div.id = aID; - } - if (aClass) { - div.setAttribute("class", aClass); - } - if (aParentElem) { - aParentElem.appendChild(div); - } - - return div; - }, - - _hexErrorFromName(aErrorName) { - // We do not have access to the original Tor SOCKS error code here, so - // perform a reverse mapping from the error name. - switch (aErrorName) { - case "descNotFound": - return "0xF0"; - case "descInvalid": - return "0xF1"; - case "introFailed": - return "0xF2"; - case "rendezvousFailed": - return "0xF3"; - case "clientAuthMissing": - return "0xF4"; - case "clientAuthIncorrect": - return "0xF5"; - case "badAddress": - return "0xF6"; - case "introTimedOut": - return "0xF7"; - } - - return ""; - }, -}; ===================================== browser/components/onionservices/content/netError/onionsite.svg deleted ===================================== @@ -1,8 +0,0 @@ -<svg fill="none" height="60" viewBox="0 0 60 60" width="60" xmlns="http://www.w3.org/2000/svg"> - <g fill="context-fill" fill-opacity="context-fill-opacity"> - <path clip-rule="evenodd" d="m11.25 6h37.5c1.9891 0 3.8968.79018 5.3033 2.1967s2.1967 3.3142 2.1967 5.3033v33.75c0 1.9891-.7902 3.8968-2.1967 5.3033s-3.3142 2.1967-5.3033 2.1967h-37.5c-1.98912 0-3.89678-.7902-5.3033-2.1967s-2.1967-3.3142-2.1967-5.3033v-33.75c0-1.9891.79018-3.89678 2.1967-5.3033s3.31418-2.1967 5.3033-2.1967zm-.5625 4.6875h38.625l2.25 2.25v34.875l-2.25 2.25h-38.625l-2.25-2.25v-34.875z" fill-rule="evenodd"/> - <path d="m15.9606 22c-.52 0-1.0187-.2107-1.3863-.5858-.3677-.3751-.5743-.8838-.5743-1.4142s.2066-1.0391.5743-1.4142c.3676-.3751.8663-.5858 1.3863-.5858h14.0788c.52 0 1.0187.2107 1.3863.5858.3677.3751.5743.8838.5743 1.4142s-.2066 1.0391-.5743 1.4142c-.3676.3751-.8663.5858-1.3863.5858z"/> - <path d="m44.0709 32h-28.1418c-.5116 0-1.0023-.2107-1.3641-.5858s-.565-.8838-.565-1.4142.2032-1.0391.565-1.4142.8525-.5858 1.3641-.5858h28.1418c.5116 0 1.0023.2107 1.3641.5858s.565.8838.565 1.4142-.2032 1.0391-.565 1.4142-.8525.5858-1.3641.5858z"/> - <path d="m44.0709 42h-28.1418c-.5116 0-1.0023-.2107-1.3641-.5858s-.565-.8838-.565-1.4142.2032-1.0391.565-1.4142.8525-.5858 1.3641-.5858h28.1418c.5116 0 1.0023.2107 1.3641.5858s.565.8838.565 1.4142-.2032 1.0391-.565 1.4142-.8525.5858-1.3641.5858z"/> - </g> -</svg> ===================================== browser/components/onionservices/jar.mn ===================================== @@ -2,7 +2,6 @@ browser.jar: content/browser/onionservices/authPreferences.css (content/authPreferences.css) content/browser/onionservices/authPreferences.js (content/authPreferences.js) content/browser/onionservices/authPrompt.js (content/authPrompt.js) - content/browser/onionservices/netError/ (content/netError/*) content/browser/onionservices/onionservices.css (content/onionservices.css) content/browser/onionservices/savedKeysDialog.js (content/savedKeysDialog.js) content/browser/onionservices/savedKeysDialog.xhtml (content/savedKeysDialog.xhtml) ===================================== browser/locales/en-US/browser/tor-browser.ftl ===================================== @@ -607,3 +607,26 @@ rulesets-details-scope-input = .placeholder = Regular expression for the scope of the rules # "Regular expression" refers to the computing term for a special pattern used for matching: https://en.wikipedia.org/wiki/Regular_expression. rulesets-details-scope-input-invalid = The scope could not be parsed as a regular expression + +## Onionsite error page. +## "Onionsite" is an abbreviation of "onion website": a website whose domain URL ends in ".onion", which is reachable through the Tor network. + +onion-neterror-page-title = Problem loading onionsite +onion-neterror-authorization-title = Authentication required +onion-neterror-not-found-header = Onionsite not found +onion-neterror-not-found-description = The most likely cause is that the onionsite is offline. Contact the onionsite administrator. +onion-neterror-unreachable-header = Onionsite cannot be reached +onion-neterror-unreachable-description = The onionsite is unreachable due an internal error. +onion-neterror-disconnected-header = Onionsite has disconnected +onion-neterror-disconnected-description = The most likely cause is that the onionsite is offline. Contact the onionsite administrator. +onion-neterror-connection-failed-header = Unable to connect to onionsite +onion-neterror-connection-failed-description = The onionsite is busy or the Tor network is overloaded. Try again later. +onion-neterror-missing-authentication-header = Onionsite requires authentication +onion-neterror-missing-authentication-description = Access to the onionsite requires a key but none was provided. +onion-neterror-incorrect-authentication-header = Onionsite authentication failed +onion-neterror-incorrect-authetication-description = The provided key is incorrect or has been revoked. Contact the onionsite administrator. +onion-neterror-invalid-address-header = Invalid onionsite address +onion-neterror-invalid-address-description = The provided onionsite address is invalid. Please check that you entered it correctly. +# "Circuit" refers to a Tor network circuit. +onion-neterror-timed-out-header = Onionsite circuit creation timed out +onion-neterror-timed-out-description = Failed to connect to the onionsite, possibly due to a poor network connection. ===================================== browser/themes/shared/identity-block/identity-block.css ===================================== @@ -204,6 +204,10 @@ #identity-box[pageproxystate="valid"].onionCertUserOverridden #identity-icon { list-style-image: url(chrome://browser/skin/onion-warning.svg); visibility: visible; + /* onion-warning includes another context-stroke color. Here we want it to + * match the context-fill color, which should be currentColor. */ + -moz-context-properties: fill, fill-opacity, stroke; + stroke: currentColor; } #identity-box[pageproxystate="valid"].onionMixedActiveContent #identity-icon { ===================================== browser/themes/shared/identity-block/onion-slash.svg ===================================== @@ -1,5 +1,4 @@ <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> -<g clip-path="url(#clip0_1827_6565)"> <path d="M6.62435 8.54824C6.23983 8.91273 6 9.42836 6 10C6 11.1046 6.89543 12 8 12C8.57164 12 9.08727 11.7602 9.45176 11.3757L8.74414 10.668C8.56107 10.8718 8.29551 11 8 11C7.44772 11 7 10.5523 7 10C7 9.70449 7.12818 9.43893 7.33197 9.25586L6.62435 8.54824Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path d="M9.99442 10.1505C9.99812 10.1008 10 10.0506 10 10C10 8.89543 9.10457 8 8 8C7.94936 8 7.89915 8.00188 7.84946 8.00558L9.99442 10.1505Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path d="M5.20988 7.13377C4.46354 7.86041 4 8.87607 4 10C4 12.2091 5.79086 14 8 14C9.12393 14 10.1396 13.5365 10.8662 12.7901L10.159 12.0829C9.61343 12.6483 8.84778 13 8 13C6.34315 13 5 11.6569 5 10C5 9.15222 5.35166 8.38657 5.91707 7.84097L5.20988 7.13377Z" fill-opacity="context-fill-opacity" fill="context-fill"/> @@ -7,10 +6,4 @@ <path fill-rule="evenodd" clip-rule="evenodd" d="M14 10C14 8.223 13.2275 6.62643 12 5.52779V4C12 1.79086 10.2091 0 8 0C5.79086 0 4 1.79086 4 4V4.15613L5.50811 5.66423C6.2417 5.2417 7.09263 5 8 5C10.7614 5 13 7.23858 13 10C13 10.9074 12.7583 11.7583 12.3358 12.4919L13.0637 13.2199C13.6565 12.2896 14 11.1849 14 10ZM8 4C7.00883 4 6.0738 4.24033 5.25 4.66591V4C5.25 2.48122 6.48122 1.25 8 1.25C9.51878 1.25 10.75 2.48122 10.75 4V4.66591C9.9262 4.24033 8.99117 4 8 4Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path d="M12.2805 14.2044C11.1919 15.3126 9.67621 16 8 16C4.68629 16 2 13.3137 2 10C2 8.32379 2.68736 6.80812 3.79558 5.71948L4.50272 6.42662C3.57545 7.33427 3 8.59993 3 10C3 12.7614 5.23858 15 8 15C9.40007 15 10.6657 14.4246 11.5734 13.4973L12.2805 14.2044Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path fill-rule="evenodd" clip-rule="evenodd" d="M1.25801 3.93806C1.50209 3.69398 1.89782 3.69398 2.14189 3.93806L13.1419 14.9381C13.386 15.1821 13.386 15.5779 13.1419 15.8219C12.8978 16.066 12.5021 16.066 12.258 15.8219L1.25801 4.82194C1.01393 4.57787 1.01393 4.18214 1.25801 3.93806Z" fill="#F90D3F"/> -</g> -<defs> -<clipPath id="clip0_1827_6565"> -<rect width="16" height="16" fill="white"/> -</clipPath> -</defs> </svg> ===================================== browser/themes/shared/identity-block/onion-warning.svg ===================================== @@ -1,13 +1,6 @@ <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> -<g clip-path="url(#clip0_1827_6566)"> <path fill-rule="evenodd" clip-rule="evenodd" d="M7.92788 10.5342L7.42044 11.408C7.05803 11.7736 6.55546 12 6 12C4.89543 12 4 11.1046 4 10C4 8.89543 4.89543 8 6 8C7.10457 8 8 8.89543 8 10C8 10.185 7.97488 10.3641 7.92788 10.5342ZM7 10C7 10.5523 6.55228 11 6 11C5.44772 11 5 10.5523 5 10C5 9.44772 5.44772 9 6 9C6.55228 9 7 9.44772 7 10Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path d="M6.52221 12.9547C6.35262 12.9845 6.17812 13 6 13C4.34315 13 3 11.6569 3 10C3 8.34315 4.34315 7 6 7C7.30202 7 8.41032 7.82945 8.8253 8.98878L9.35089 8.08372C9.37772 8.03755 9.40587 7.99285 9.43523 7.94962C8.73673 6.78186 7.45967 6 6 6C3.79086 6 2 7.79086 2 10C2 12.1857 3.75302 13.9619 5.92975 13.9994C5.96208 13.9274 5.99884 13.8558 6.0402 13.7847L6.52221 12.9547Z" fill-opacity="context-fill-opacity" fill="context-fill"/> <path fill-rule="evenodd" clip-rule="evenodd" d="M11.1978 7.00088C10.8782 6.44807 10.4728 5.95098 10 5.52779V4C10 1.79086 8.20914 0 6 0C3.79086 0 2 1.79086 2 4V5.52779C0.772501 6.62643 0 8.223 0 10C0 13.3137 2.68629 16 6 16C6.03024 16 6.06043 15.9998 6.09057 15.9993C5.89561 15.7007 5.77424 15.3557 5.749 14.9938C3.10419 14.8631 1 12.6773 1 10C1 7.23858 3.23858 5 6 5C7.75288 5 9.29509 5.90201 10.1878 7.26719C10.5002 7.0977 10.8482 7.00893 11.1978 7.00088ZM6 4C5.00883 4 4.0738 4.24033 3.25 4.66591V4C3.25 2.48122 4.48122 1.25 6 1.25C7.51878 1.25 8.75 2.48122 8.75 4V4.66591C7.9262 4.24033 6.99117 4 6 4Z" fill-opacity="context-fill-opacity" fill="context-fill"/> -<path d="M15.5956 14.2875L12.2846 8.58591C11.8306 7.8047 10.6696 7.8047 10.2156 8.58591L6.90465 14.2875C6.45865 15.0529 7.03065 16 7.93865 16H14.5616C15.4686 16 16.0406 15.0529 15.5956 14.2875ZM11.8746 12.4189C11.8746 12.5826 11.8088 12.7396 11.6916 12.8553C11.5744 12.9711 11.4154 13.0361 11.2496 13.0361C11.0839 13.0361 10.9249 12.9711 10.8077 12.8553C10.6905 12.7396 10.6246 12.5826 10.6246 12.4189V10.6935C10.6246 10.5298 10.6905 10.3728 10.8077 10.257C10.9249 10.1413 11.0839 10.0762 11.2496 10.0762C11.4154 10.0762 11.5744 10.1413 11.6916 10.257C11.8088 10.3728 11.8746 10.5298 11.8746 10.6935V12.4189ZM11.2496 15.0124C11.0839 15.0124 10.9249 14.9473 10.8077 14.8316C10.6905 14.7158 10.6246 14.5588 10.6246 14.3951C10.6246 14.2314 10.6905 14.0744 10.8077 13.9586C10.9249 13.8429 11.0839 13.7778 11.2496 13.7778C11.4154 13.7778 11.5744 13.8429 11.6916 13.9586C11.8088 14.0744 11.8746 14.2314 11.8746 14.3951C11.8746 14.5588 11.8088 14.7158 11.6916 14.8316C11.5744 14.9473 11.4154 15.0124 11.2496 15.0124Z" fill-opacity="context-fill-opacity" fill="context-fill"/> -</g> -<defs> -<clipPath id="clip0_1827_6566"> -<rect width="16" height="16" fill="white"/> -</clipPath> -</defs> +<path d="M15.5956 14.2875L12.2846 8.58591C11.8306 7.8047 10.6696 7.8047 10.2156 8.58591L6.90465 14.2875C6.45865 15.0529 7.03065 16 7.93865 16H14.5616C15.4686 16 16.0406 15.0529 15.5956 14.2875ZM11.8746 12.4189C11.8746 12.5826 11.8088 12.7396 11.6916 12.8553C11.5744 12.9711 11.4154 13.0361 11.2496 13.0361C11.0839 13.0361 10.9249 12.9711 10.8077 12.8553C10.6905 12.7396 10.6246 12.5826 10.6246 12.4189V10.6935C10.6246 10.5298 10.6905 10.3728 10.8077 10.257C10.9249 10.1413 11.0839 10.0762 11.2496 10.0762C11.4154 10.0762 11.5744 10.1413 11.6916 10.257C11.8088 10.3728 11.8746 10.5298 11.8746 10.6935V12.4189ZM11.2496 15.0124C11.0839 15.0124 10.9249 14.9473 10.8077 14.8316C10.6905 14.7158 10.6246 14.5588 10.6246 14.3951C10.6246 14.2314 10.6905 14.0744 10.8077 13.9586C10.9249 13.8429 11.0839 13.7778 11.2496 13.7778C11.4154 13.7778 11.5744 13.8429 11.6916 13.9586C11.8088 14.0744 11.8746 14.2314 11.8746 14.3951C11.8746 14.5588 11.8088 14.7158 11.6916 14.8316C11.5744 14.9473 11.4154 15.0124 11.2496 15.0124Z" fill-opacity="context-fill-opacity" fill="context-stroke"/> </svg> ===================================== docshell/base/nsDocShell.cpp ===================================== @@ -3695,6 +3695,7 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, } else { // Errors requiring simple formatting bool isOnionAuthError = false; + bool isOnionError = false; switch (aError) { case NS_ERROR_MALFORMED_URI: // URI is malformed @@ -3778,29 +3779,37 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, break; case NS_ERROR_TOR_ONION_SVC_NOT_FOUND: error = "onionServices.descNotFound"; + isOnionError = true; break; case NS_ERROR_TOR_ONION_SVC_IS_INVALID: error = "onionServices.descInvalid"; + isOnionError = true; break; case NS_ERROR_TOR_ONION_SVC_INTRO_FAILED: error = "onionServices.introFailed"; + isOnionError = true; break; case NS_ERROR_TOR_ONION_SVC_REND_FAILED: error = "onionServices.rendezvousFailed"; + isOnionError = true; break; case NS_ERROR_TOR_ONION_SVC_MISSING_CLIENT_AUTH: error = "onionServices.clientAuthMissing"; + isOnionError = true; isOnionAuthError = true; break; case NS_ERROR_TOR_ONION_SVC_BAD_CLIENT_AUTH: error = "onionServices.clientAuthIncorrect"; + isOnionError = true; isOnionAuthError = true; break; case NS_ERROR_TOR_ONION_SVC_BAD_ADDRESS: error = "onionServices.badAddress"; + isOnionError = true; break; case NS_ERROR_TOR_ONION_SVC_INTRO_TIMEDOUT: error = "onionServices.introTimedOut"; + isOnionError = true; break; default: break; @@ -3816,6 +3825,13 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, // will mess with the failed channel information persistence! cssClass.AssignLiteral("onionAuthPrompt"); } + if (isOnionError) { + // DisplayLoadError requires a non-empty messageStr to proceed and call + // LoadErrorPage. We use a blank space. + if (messageStr.IsEmpty()) { + messageStr.AssignLiteral(u" "); + } + } } nsresult delegateErrorCode = aError; @@ -3902,20 +3918,6 @@ nsDocShell::DisplayLoadError(nsresult aError, nsIURI* aURI, nsAutoString str; rv = stringBundle->FormatStringFromName(errorDescriptionID, formatStrs, str); - if (NS_FAILED(rv)) { - // As a fallback, check torbutton.properties for the error string. - const char bundleURL[] = "chrome://torbutton/locale/torbutton.properties"; - nsCOMPtr<nsIStringBundleService> stringBundleService = - components::StringBundle::Service(); - if (stringBundleService) { - nsCOMPtr<nsIStringBundle> tbStringBundle; - if (NS_SUCCEEDED(stringBundleService->CreateBundle( - bundleURL, getter_AddRefs(tbStringBundle)))) { - rv = tbStringBundle->FormatStringFromName(errorDescriptionID, - formatStrs, str); - } - } - } NS_ENSURE_SUCCESS(rv, rv); messageStr.Assign(str); } ===================================== toolkit/actors/NetErrorChild.sys.mjs ===================================== @@ -7,7 +7,6 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { AppInfo: "chrome://remote/content/shared/AppInfo.sys.mjs", - TorStrings: "resource://gre/modules/TorStrings.sys.mjs", }); import { RemotePageChild } from "resource://gre/actors/RemotePageChild.sys.mjs"; @@ -34,7 +33,6 @@ export class NetErrorChild extends RemotePageChild { "RPMIsSiteSpecificTRRError", "RPMSetTRRDisabledLoadFlags", "RPMGetCurrentTRRMode", - "RPMGetTorStrings", ]; this.exportFunctions(exportableFunctions); } @@ -246,8 +244,4 @@ export class NetErrorChild extends RemotePageChild { this.contentWindow.docShell.browsingContext.defaultLoadFlags |= Ci.nsIRequest.LOAD_TRR_DISABLED_MODE; } - - RPMGetTorStrings() { - return Cu.cloneInto(lazy.TorStrings.onionServices, this.contentWindow); - } } ===================================== toolkit/content/aboutNetError.mjs ===================================== @@ -4,7 +4,6 @@ /* eslint-env mozilla/remote-page */ /* eslint-disable import/no-unassigned-import */ -/* import-globals-from ../../browser/components/onionservices/content/netError/onionNetError.js */ import { parse, @@ -291,6 +290,92 @@ function recordTRREventTelemetry( } } +/** + * Initialize the onion error page. + * + * @return {boolean} Whether the page was initialized as an onion error page. + */ +function initOnionError() { + const docTitle = document.querySelector("title"); + + if (getCSSClass() === "onionAuthPrompt") { + // Only showing the authorization prompt. The page will be blank. + document.l10n.setAttributes(docTitle, "onion-neterror-authorization-title"); + return true; + } + + const onionErrors = { + // Tor SOCKS error 0xF0: + "onionServices.descNotFound": { + headerId: "onion-neterror-not-found-header", + descriptionId: "onion-neterror-not-found-description", + }, + // Tor SOCKS error 0xF1: + "onionServices.descInvalid": { + headerId: "onion-neterror-unreachable-header", + descriptionId: "onion-neterror-unreachable-description", + }, + // Tor SOCKS error 0xF2: + "onionServices.introFailed": { + headerId: "onion-neterror-disconnected-header", + descriptionId: "onion-neterror-disconnected-description", + }, + // Tor SOCKS error 0xF3: + "onionServices.rendezvousFailed": { + headerId: "onion-neterror-connection-failed-header", + descriptionId: "onion-neterror-connection-failed-description", + }, + // Tor SOCKS error 0xF4: + "onionServices.clientAuthMissing": { + headerId: "onion-neterror-missing-authentication-header", + descriptionId: "onion-neterror-missing-authentication-description", + }, + // Tor SOCKS error 0xF5: + "onionServices.clientAuthIncorrect": { + headerId: "onion-neterror-incorrect-authentication-header", + descriptionId: "onion-neterror-incorrect-authetication-description", + }, + // Tor SOCKS error 0xF6: + "onionServices.badAddress": { + headerId: "onion-neterror-invalid-address-header", + descriptionId: "onion-neterror-invalid-address-description", + }, + // Tor SOCKS error 0xF7: + "onionServices.introTimedOut": { + headerId: "onion-neterror-timed-out-header", + descriptionId: "onion-neterror-timed-out-description", + }, + }; + + if (!Object.hasOwn(onionErrors, gErrorCode)) { + return false; + } + + document.body.classList.add("onion-error"); + + document.l10n.setAttributes(docTitle, "onion-neterror-page-title"); + document.l10n.setAttributes( + document.querySelector(".title-text"), + onionErrors[gErrorCode].headerId + ); + document.l10n.setAttributes( + document.getElementById("errorShortDesc"), + onionErrors[gErrorCode].descriptionId + ); + + const tryAgain = document.getElementById("netErrorButtonContainer"); + tryAgain.hidden = false; + + const learnMore = document.getElementById("learnMoreContainer"); + learnMore.hidden = false; + const learnMoreLink = document.getElementById("learnMoreLink"); + learnMoreLink.href = "about:manual#onion-services"; + + setFocus("#netErrorButtonContainer > .try-again"); + + return true; +} + async function initPage() { // We show an offline support page in case of a system-wide error, // when a user cannot connect to the internet and access the SUMO website. @@ -314,7 +399,6 @@ async function initPage() { } const isTRROnlyFailure = gErrorCode == "dnsNotFound" && RPMIsTRROnlyFailure(); - const isOnionError = gErrorCode.startsWith("onionServices."); let isNativeFallbackWarning = false; if (RPMGetBoolPref("network.trr.display_fallback_warning")) { @@ -361,8 +445,7 @@ async function initPage() { document.body.classList.add("neterror"); - if (isOnionError) { - OnionServicesAboutNetError.initPage(document); + if (initOnionError()) { return; } ===================================== toolkit/content/aboutNetError.xhtml ===================================== @@ -16,6 +16,7 @@ <link rel="localization" href="branding/brand.ftl"/> <link rel="localization" href="toolkit/neterror/certError.ftl" /> <link rel="localization" href="toolkit/neterror/netError.ftl"/> + <link rel="localization" href="browser/tor-browser.ftl"/> </head> <body> @@ -123,6 +124,5 @@ </div> </body> <script src="chrome://global/content/neterror/aboutNetErrorCodes.js"></script> - <script src="chrome://browser/content/onionservices/netError/onionNetError.js"></script> <script type="module" src="chrome://global/content/aboutNetError.mjs"></script> </html> ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -119,7 +119,6 @@ export let RemotePageAccessManager = { RPMSetTRRDisabledLoadFlags: ["*"], RPMSendQuery: ["Browser:AddTRRExcludedDomain", "ShouldShowTorConnect"], RPMGetIntPref: ["network.trr.mode"], - RPMGetTorStrings: ["*"], }, "about:newtab": { RPMSendAsyncMessage: ["ActivityStream:ContentToMain"], ===================================== toolkit/modules/TorStrings.sys.mjs ===================================== @@ -231,124 +231,8 @@ const Loader = { ); const getString = tsb.getString.bind(tsb); - const kProblemLoadingSiteFallback = "Problem Loading Onionsite"; - const kLongDescFallback = "Details: %S"; - const retval = { learnMore: getString("learnMore", "Learn more"), - errorPage: { - browser: getString("errorPage.browser", "Browser"), - network: getString("errorPage.network", "Network"), - onionSite: getString("errorPage.onionSite", "Onionsite"), - }, - descNotFound: { - // Tor SOCKS error 0xF0 - pageTitle: getString( - "descNotFound.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString("descNotFound.header", "Onionsite Not Found"), - longDescription: getString( - "descNotFound.longDescription", - kLongDescFallback - ), - }, - descInvalid: { - // Tor SOCKS error 0xF1 - pageTitle: getString( - "descInvalid.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString("descInvalid.header", "Onionsite Cannot Be Reached"), - longDescription: getString( - "descInvalid.longDescription", - kLongDescFallback - ), - }, - introFailed: { - // Tor SOCKS error 0xF2 - pageTitle: getString( - "introFailed.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString("introFailed.header", "Onionsite Has Disconnected"), - longDescription: getString( - "introFailed.longDescription", - kLongDescFallback - ), - }, - rendezvousFailed: { - // Tor SOCKS error 0xF3 - pageTitle: getString( - "rendezvousFailed.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString( - "rendezvousFailed.header", - "Unable to Connect to Onionsite" - ), - longDescription: getString( - "rendezvousFailed.longDescription", - kLongDescFallback - ), - }, - clientAuthMissing: { - // Tor SOCKS error 0xF4 - pageTitle: getString( - "clientAuthMissing.pageTitle", - "Authorization Required" - ), - header: getString( - "clientAuthMissing.header", - "Onionsite Requires Authentication" - ), - longDescription: getString( - "clientAuthMissing.longDescription", - kLongDescFallback - ), - }, - clientAuthIncorrect: { - // Tor SOCKS error 0xF5 - pageTitle: getString( - "clientAuthIncorrect.pageTitle", - "Authorization Failed" - ), - header: getString( - "clientAuthIncorrect.header", - "Onionsite Authentication Failed" - ), - longDescription: getString( - "clientAuthIncorrect.longDescription", - kLongDescFallback - ), - }, - badAddress: { - // Tor SOCKS error 0xF6 - pageTitle: getString( - "badAddress.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString("badAddress.header", "Invalid Onionsite Address"), - longDescription: getString( - "badAddress.longDescription", - kLongDescFallback - ), - }, - introTimedOut: { - // Tor SOCKS error 0xF7 - pageTitle: getString( - "introTimedOut.pageTitle", - kProblemLoadingSiteFallback - ), - header: getString( - "introTimedOut.header", - "Onionsite Circuit Creation Timed Out" - ), - longDescription: getString( - "introTimedOut.longDescription", - kLongDescFallback - ), - }, authPrompt: { description: getString( "authPrompt.description2", ===================================== toolkit/themes/shared/aboutNetError.css ===================================== @@ -8,11 +8,11 @@ body { --warning-color: #ffa436; } +/** + * Blank page whilst we show the prompt. + */ body.onionAuthPrompt { - background: white; -} -.onionAuthPrompt > * { - display: none; + display: none !important; } @media (prefers-color-scheme: dark) { @@ -50,6 +50,13 @@ body.certerror .title { color: var(--warning-color); } +body.onion-error .title { + background-image: url("chrome://browser/skin/onion-warning.svg"); + -moz-context-properties: fill, stroke; + fill: currentColor; + stroke: var(--warning-color); +} + body.blocked .title { background-image: url("chrome://global/skin/icons/blocked.svg"); } ===================================== toolkit/torbutton/chrome/locale/en-US/torbutton.properties ===================================== @@ -32,53 +32,6 @@ onionServices.authPreferences.removeAll=Remove All onionServices.authPreferences.failedToGetKeys=Unable to retrieve keys from tor onionServices.authPreferences.failedToRemoveKey=Unable to remove key -# Onion services error strings. -onionServices.errorPage.browser=Browser -onionServices.errorPage.network=Network -onionServices.errorPage.onionSite=Onionsite -# LOCALIZATION NOTE: In the longDescription strings, %S will be replaced with -# an error code, e.g., 0xF3. -# Tor SOCKS error 0xF0: -onionServices.descNotFound.pageTitle=Problem Loading Onionsite -onionServices.descNotFound.header=Onionsite Not Found -onionServices.descNotFound=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onionServices.descNotFound.longDescription=Details: %S — The requested onion service descriptor can't be found on the hashring and therefore the service is not reachable by the client. -# Tor SOCKS error 0xF1: -onionServices.descInvalid.pageTitle=Problem Loading Onionsite -onionServices.descInvalid.header=Onionsite Cannot Be Reached -onionServices.descInvalid=The onionsite is unreachable due an internal error. -onionServices.descInvalid.longDescription=Details: %S — The requested onion service descriptor can't be parsed or signature validation failed. -# Tor SOCKS error 0xF2: -onionServices.introFailed.pageTitle=Problem Loading Onionsite -onionServices.introFailed.header=Onionsite Has Disconnected -onionServices.introFailed=The most likely cause is that the onionsite is offline. Contact the onionsite administrator. -onionServices.introFailed.longDescription=Details: %S — Introduction failed, which means that the descriptor was found but the service is no longer connected to the introduction point. It is likely that the service has changed its descriptor or that it is not running. -# Tor SOCKS error 0xF3: -onionServices.rendezvousFailed.pageTitle=Problem Loading Onionsite -onionServices.rendezvousFailed.header=Unable to Connect to Onionsite -onionServices.rendezvousFailed=The onionsite is busy or the Tor network is overloaded. Try again later. -onionServices.rendezvousFailed.longDescription=Details: %S — The client failed to rendezvous with the service, which means that the client was unable to finalize the connection. -# Tor SOCKS error 0xF4: -onionServices.clientAuthMissing.pageTitle=Authorization Required -onionServices.clientAuthMissing.header=Onionsite Requires Authentication -onionServices.clientAuthMissing=Access to the onionsite requires a key but none was provided. -onionServices.clientAuthMissing.longDescription=Details: %S — The client downloaded the requested onion service descriptor but was unable to decrypt its content because client authorization information is missing. -# Tor SOCKS error 0xF5: -onionServices.clientAuthIncorrect.pageTitle=Authorization Failed -onionServices.clientAuthIncorrect.header=Onionsite Authentication Failed -onionServices.clientAuthIncorrect=The provided key is incorrect or has been revoked. Contact the onionsite administrator. -onionServices.clientAuthIncorrect.longDescription=Details: %S — The client was able to download the requested onion service descriptor but was unable to decrypt its content using the provided client authorization information. This may mean that access has been revoked. -# Tor SOCKS error 0xF6: -onionServices.badAddress.pageTitle=Problem Loading Onionsite -onionServices.badAddress.header=Invalid Onionsite Address -onionServices.badAddress=The provided onionsite address is invalid. Please check that you entered it correctly. -onionServices.badAddress.longDescription=Details: %S — The provided .onion address is invalid. This error is returned due to one of the following reasons: the address checksum doesn't match, the ed25519 public key is invalid, or the encoding is invalid. -# Tor SOCKS error 0xF7: -onionServices.introTimedOut.pageTitle=Problem Loading Onionsite -onionServices.introTimedOut.header=Onionsite Circuit Creation Timed Out -onionServices.introTimedOut=Failed to connect to the onionsite, possibly due to a poor network connection. -onionServices.introTimedOut.longDescription=Details: %S — The connection to the requested onion service timed out while trying to build the rendezvous circuit. - # Profile/startup error messages. # LOCALIZATION NOTE: %S is the application name. profileProblemTitle=%S Profile Problem ===================================== tools/lint/eslint/eslint-plugin-mozilla/lib/environments/remote-page.js ===================================== @@ -39,6 +39,5 @@ module.exports = { RPMGetTRRDomain: false, RPMIsSiteSpecificTRRError: false, RPMSetTRRDisabledLoadFlags: false, - RPMGetTorStrings: false, }, }; ===================================== tools/torbrowser/l10n/migrations/bug-41622-neterror.py ===================================== @@ -0,0 +1,21 @@ +from fluent.migrate.helpers import transforms_from + + +def migrate(ctx): + ctx.add_transforms( + "tor-browser.ftl", + "tor-browser.ftl", + transforms_from( + """ +onion-neterror-not-found-description = { COPY(path, "onionServices.descNotFound") } +onion-neterror-unreachable-description = { COPY(path, "onionServices.descInvalid") } +onion-neterror-disconnected-description = { COPY(path, "onionServices.introFailed") } +onion-neterror-connection-failed-description = { COPY(path, "onionServices.rendezvousFailed") } +onion-neterror-missing-authentication-description = { COPY(path, "onionServices.clientAuthMissing") } +onion-neterror-incorrect-authetication-description = { COPY(path, "onionServices.clientAuthIncorrect") } +onion-neterror-invalid-address-description = { COPY(path, "onionServices.badAddress") } +onion-neterror-timed-out-description = { COPY(path, "onionServices.introTimedOut") } +""", + path="torbutton.properties", + ), + ) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/795d4d3... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/795d4d3... You're receiving this email because of your account on gitlab.torproject.org.