[Git][tpo/applications/tor-browser][tor-browser-128.7.0esr-14.0-1] 6 commits: fixup! Bug 40701: Add security warning when downloading a file - tbb-commits

28 Jan 2025


      Pier Angelo Vendrame pushed to branch tor-browser-128.7.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
4cd3b8b0 by Henry Wilkes at 2025-01-28T16:26:31+01:00
fixup! Bug 40701: Add security warning when downloading a file
Bug 43312: Ensure download panel warning uses the same width as the
mozilla downloads list.
We stop setting a `width` on the download panel because this can
conflict with the default width set for the mozilla downloads list, set
by localisers. Instead, we use the same width for our Tor Browser
warning message using a wrapper element.
We also ensure that the wrapper element has `min-width: 100%` for
scenarios where the localiser width is less than the min-width of the
ancestor panel.
- - - - -
3db9163f by Pier Angelo Vendrame at 2025-01-28T16:27:09+01:00
fixup! Bug 40933: Add tor-launcher functionality
Bug 43326: Restrict the changes to LD_LIBRARY_PATH.
We used to set LD_LIBRARY_PATH for the tor daemon before launching the
browser, but this does not work well for some distributions, which
link to the latest version of OpenSSL, whereas we link to the LTS.
To avoid conflicts, we can set a custom LD_LIBRARY_PATH only for the
tor daemon.
- - - - -
b683ecb0 by Pier Angelo Vendrame at 2025-01-28T16:30:30+01:00
fixup! Firefox preference overrides.
BB 43236: Disable vsync on Wayland.
Vsync leaks the monitor refresh rate, therefore it is already disabled
on other platforms, including Linux/X11 and Windows.
- - - - -
4744d84d by Pier Angelo Vendrame at 2025-01-28T16:31:13+01:00
Bug 43386: Use Firefox in the UA in RFP-exempt request.
XHR requests initiated by extensions are exempt from RFP.
Therefore, they report the actual app name, instead of Firefox, and the
actual Firefox minor version.
This happens whenever the app name has been customized and does not
match a hardcoded "Firefox".
- - - - -
55cbbdde by Pier Angelo Vendrame at 2025-01-28T16:31:42+01:00
fixup! Firefox preference overrides.
BB 41065: Hardcode the limit of storage quota.
Currently, we return min(10GB, 0.2 * available space in the fs).
This is bad for systems that have less than 50GB free, especially live
systems, such as Tails.
Set a pref to replace the available space with a hardcoded limit
(5GiB).
- - - - -
24417b5a by Henry Wilkes at 2025-01-28T16:32:43+01:00
fixup! Bug 40458: Implement .tor.onion aliases
TB 41831: Add additional effective TLD for abc.au.securedrop.tor.onion
exception.
- - - - -
7 changed files:
- browser/app/profile/001-base-profile.js
- browser/components/downloads/content/downloads.css
- browser/components/downloads/content/downloadsPanel.inc.xhtml
- netwerk/dns/effective_tld_names.dat
- netwerk/protocol/http/nsHttpHandler.cpp
- toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs
- toolkit/components/tor-launcher/TorProcess.sys.mjs
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -87,6 +87,15 @@ pref("browser.sessionstore.privacy_level", 2);
 // Use the in-memory media cache and increase its maximum size (#29120)
 pref("browser.privatebrowsing.forceMediaMemoryCache", true);
 pref("media.memory_cache_max_size", 65536);
+// tor-browser#41065: lie about the available quota.
+// This value is in KiB, and will be divided by 5. Currently: 50GiB, to be
+// coherent with Firefox's usual value. However, this might be too much for live
+// systems.
+// This will be the limit also after granting the persistent storage permission,
+// but we are not interested in it, since we support only PBM.
+// We can come back to it, and hardcode the two spaced differently, if we ever
+// think we need it.
+pref("dom.quotaManager.temporaryStorage.fixedLimit", 52428800);
 // Disable restore in case of crash (tor-browser#41503)
 // This should not be needed in PBM, but we added it anyway like other options.
 pref("browser.sessionstore.resume_from_crash", false);
@@ -466,6 +475,8 @@ pref("pdfjs.disabled", false, locked);
 #endif
 // Bug 40057: Ensure system colors are not used for CSS4 colors
 pref("browser.display.use_system_colors", false);
+// tor-browser#43236: Disable vsync on Wayland to prevent refresh rate leaks.
+pref("widget.wayland.vsync.enabled", false);
// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162)
 pref("javascript.options.spectre.disable_for_isolated_content", false);
=====================================
browser/components/downloads/content/downloads.css
=====================================
@@ -92,15 +92,19 @@
 #downloadsPanel-mainView {
   min-width: 37em;
   padding: 0.62em;
-  /* If we don't set a width, #downloadsPanelTorWarning will request
-   * its max-content width. */
-  width: 37em;
 }
#downloadsPanelTorWarning {
   margin-block-end: var(--arrowpanel-menuitem-padding-block);
 }
+#downloadsPanelTorWarningWrapper {
+ /* The wrapper element has its `width` attribute set by mozilla localisers.
+  * We want to ensure the element occupies the available width when the
+  * localiser width is smaller. See tor-browser#43312. */
+  min-width: 100%;
+}
+
 #downloadsHistory,
 #downloadsFooterButtons {
   margin: 0;
=====================================
browser/components/downloads/content/downloadsPanel.inc.xhtml
=====================================
@@ -104,8 +104,25 @@
                   disablekeynav="true">
<panelview id="downloadsPanel-mainView">
-      <html:moz-message-bar id="downloadsPanelTorWarning">
-      </html:moz-message-bar>
+      <!-- We add a wrapper around the #downloadsPanelTorWarning and give it the
+         - same Fluent ID as #downloadsListBox. This Fluent message allows
+         - Firefox localisers to set the width of the #downloadsListBox using
+         - the style attribute. We want the same width set for our downloads
+         - warning. Otherwise the warning will occupy its max-content width.
+         - NOTE: We require a wrapper element since #downloadsPanelTorWarning
+         - needs its own Fluent attributes.
+         - NOTE: This only works if #downloadsPanelTorWarningWrapper and
+         - #downloadsListBox share the same padding relative to their common
+         - ancestor.
+         - See tor-browser#43312. -->
+      <html:div
+        id="downloadsPanelTorWarningWrapper"
+        data-l10n-id="downloads-panel-items"
+        data-l10n-attrs="style"
+      >
+        <html:moz-message-bar id="downloadsPanelTorWarning">
+        </html:moz-message-bar>
+      </html:div>
       <vbox class="panel-view-body-unscrollable">
         <richlistbox id="downloadsListBox"
                      data-l10n-id="downloads-panel-items"
=====================================
netwerk/dns/effective_tld_names.dat
=====================================
@@ -5065,6 +5065,10 @@ pro.om
 onion
 tor.onion
 securedrop.tor.onion
+// An additional TLD for abc.au.securedrop.tor.onion only.
+// See tor-browser#41831.
+// TODO: Remove once abc.au has migrated. See tor-browser#43443.
+au.securedrop.tor.onion
// org : https://www.iana.org/domains/root/db/org.html
 org
=====================================
netwerk/protocol/http/nsHttpHandler.cpp
=====================================
@@ -867,7 +867,7 @@ void nsHttpHandler::BuildUserAgent() {
   mUserAgent += '/';
   mUserAgent += mProductSub;
-  bool isFirefox = mAppName.EqualsLiteral("Firefox");
+  bool isFirefox = true;
   if (isFirefox || mCompatFirefoxEnabled) {
     // "Firefox/x.y" (compatibility) app token
     mUserAgent += ' ';
=====================================
toolkit/components/tor-launcher/TorLauncherUtil.sys.mjs
=====================================
@@ -5,6 +5,8 @@
  * Tor Launcher Util JS Module
  *************************************************************************/
+import { AppConstants } from "resource://gre/modules/AppConstants.sys.mjs";
+
 const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
@@ -335,6 +337,13 @@ export const TorLauncherUtil = Object.freeze({
     return Services.appinfo.OS === "Android";
   },
+  get isLinux() {
+    // Use AppConstants for Linux rather then appinfo because we are sure it
+    // will catch also various Unix flavors for which unofficial ports might
+    // exist (which should work as Linux, as far as we know).
+    return AppConstants.platform === "linux";
+  },
+
   get isMac() {
     return Services.appinfo.OS === "Darwin";
   },
=====================================
toolkit/components/tor-launcher/TorProcess.sys.mjs
=====================================
@@ -122,6 +122,16 @@ export class TorProcess {
         stderr: "stdout",
         workdir: lazy.TorLauncherUtil.getTorFile("pt-startup-dir", false).path,
       };
+      if (lazy.TorLauncherUtil.isLinux) {
+        let ldLibPath = Services.env.get("LD_LIBRARY_PATH") ?? "";
+        if (ldLibPath) {
+          ldLibPath = ":" + ldLibPath;
+        }
+        options.environment = {
+          LD_LIBRARY_PATH: this.#exeFile.parent.path + ldLibPath,
+        };
+        options.environmentAppend = true;
+      }
       this.#subprocess = await Subprocess.call(options);
       this.#status = TorProcessStatus.Running;
     } catch (e) {
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e2e7a71...
-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/e2e7a71...
You're receiving this email because of your account on gitlab.torproject.org.





    