ma1 pushed to branch tor-browser-115.22.0esr-13.5-1 at The Tor Project / Applications / Tor Browser

Commits: 8e51811f by Ray Kraesig at 2025-03-31T22:42:56+02:00 Bug 1950056 - extend use of FOS_NODEREFERENCELINKS r=Gijs,win-reviewers,gstoll

In the modern era of user-customizable Quick Access sidebars on every file dialog, navigating via `.lnk` files is rather less useful than it was twenty years ago.

Disable link-following in file-open dialogs by default, to prevent any of the usual security issues involving symlink smuggling. Allow overriding this behavior via a pref, for users who don't care.

(File-save dialogs have a more nuanced guard against that sort of thing; this patch doesn't affect that.)

Differential Revision: https://phabricator.services.mozilla.com/D239833

- - - - - b26d6ce0 by Dana Keeler at 2025-03-31T22:43:05+02:00 Bug 1951494 - ensure socket control is released on the socket thread a=pascalc

Original Revision: https://phabricator.services.mozilla.com/D240234

Differential Revision: https://phabricator.services.mozilla.com/D241059 - - - - -

3 changed files:

- modules/libpref/init/StaticPrefList.yaml - security/manager/ssl/SSLServerCertVerification.cpp - widget/windows/nsFilePicker.cpp

Changes:

===================================== modules/libpref/init/StaticPrefList.yaml ===================================== @@ -15792,6 +15792,17 @@ value: 0 mirror: always

+# Whether to follow `.lnk` (etc.) shortcuts in the Windows file-open dialog. +# +# Valid values: +# * 0: never +# * 1: always +# * 2: auto +- name: widget.windows.follow_shortcuts_on_file_open + type: RelaxedAtomicInt32 + value: 2 + mirror: always + # The number of messages of each type to keep for display in # about:windows-messages - name: widget.windows.messages_to_log

===================================== security/manager/ssl/SSLServerCertVerification.cpp ===================================== @@ -1211,6 +1211,9 @@ SSLServerCertVerificationResult::Run() { }

mSocketControl->SetCertVerificationResult(mFinalError); + // Release this reference to the socket control so that it will be freed on + // the socket thread. + mSocketControl = nullptr; return NS_OK; }

===================================== widget/windows/nsFilePicker.cpp ===================================== @@ -181,19 +181,29 @@ bool nsFilePicker::ShowFilePicker(const nsString& aInitialDir) {

// mode specific switch (mMode) { + case modeOpenMultiple: + fos |= FOS_ALLOWMULTISELECT; + [[fallthrough]]; + case modeOpen: fos |= FOS_FILEMUSTEXIST; - break; - - case modeOpenMultiple: - fos |= FOS_FILEMUSTEXIST | FOS_ALLOWMULTISELECT; + switch (mozilla::StaticPrefs:: + widget_windows_follow_shortcuts_on_file_open()) { + case 1: + break; + default: + fos |= FOS_NODEREFERENCELINKS; + } break;

case modeSave: fos |= FOS_NOREADONLYRETURN; - // Don't follow shortcuts when saving a shortcut, this can be used - // to trick users (bug 271732) - if (IsDefaultPathLink()) fos |= FOS_NODEREFERENCELINKS; + // Don't follow shortcuts when saving a shortcut; this can be used to + // trick users (bug 271732). _Do_ follow shortcuts when not saving a + // shortcut (bug 283730). + if (IsDefaultPathLink()) { + fos |= FOS_NODEREFERENCELINKS; + } break;

case modeGetFolder:

View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/cec982e...