tor-commits October 2012

tor-commits@lists.torproject.org

20 participants
1288 discussions

[torbrowser/master] Remove NoScript click-to-play confirmation.
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit de2b71ba70e3654aa29e6368b479c6aaf74c1f69 Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed Oct 17 01:39:09 2012 -0700 Remove NoScript click-to-play confirmation. --- build-scripts/config/prefs.js | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/build-scripts/config/prefs.js b/build-scripts/config/prefs.js index 52f6956..1ddac62 100644 --- a/build-scripts/config/prefs.js +++ b/build-scripts/config/prefs.js @@ -118,6 +118,7 @@ user_pref("noscript.ABE.enabled", false); user_pref("noscript.ABE.notify", false); user_pref("noscript.ABE.wanIpAsLocal", false); user_pref("noscript.autoReload", false); +user_pref("noscript.confirmUnblock", false); user_pref("noscript.contentBlocker", true); user_pref("noscript.default", "about:blank about:credits addons.mozilla.org flashgot.net google.com gstatic.com googlesyndication.com informaction.com yahoo.com yimg.com maone.net noscript.net hotmail.com msn.com passport.com passport.net passportimages.com live.com"); user_pref("noscript.firstRunRedirection", false);

1 0

[torbrowser/master] Bug 7128: Prevent crash on certain links.
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 74169fbecb372ad779cae276185606af28e0ed5e Author: Mike Perry <mikeperry-git(a)fscked.org> Date: Wed Oct 17 01:34:53 2012 -0700 Bug 7128: Prevent crash on certain links. NoScript was using the canvas (for ClearClick) without any context.. --- ...d-mozIThirdPartyUtil.getFirstPartyURI-API.patch | 29 ++++++++++++------- .../0021-Add-canvas-image-extraction-prompt.patch | 2 +- ...nt-window-coordinates-for-mouse-event-scr.patch | 2 +- ...se-physical-screen-info.-via-window-and-w.patch | 2 +- ...not-expose-system-colors-to-CSS-or-canvas.patch | 2 +- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch b/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch index 700a795..114301d 100644 --- a/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch +++ b/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch @@ -1,17 +1,17 @@ -From 24f62d79a6179598ed633481e2bbeac1b2ccd9bc Mon Sep 17 00:00:00 2001 +From 36d57455893bcf6dc08e91a2784970f285c5e84b Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue, 28 Aug 2012 18:35:33 -0700 Subject: [PATCH 20/24] Add mozIThirdPartyUtil.getFirstPartyURI API API allows you to get the url bar URI for a channel or nsIDocument. --- - content/base/src/ThirdPartyUtil.cpp | 52 ++++++++++++++++++++++++++++ + content/base/src/ThirdPartyUtil.cpp | 59 ++++++++++++++++++++++++++++ content/base/src/ThirdPartyUtil.h | 2 + - netwerk/base/public/mozIThirdPartyUtil.idl | 21 +++++++++++ - 3 files changed, 75 insertions(+), 0 deletions(-) + netwerk/base/public/mozIThirdPartyUtil.idl | 21 ++++++++++ + 3 files changed, 82 insertions(+), 0 deletions(-) diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp -index 6a415e9..62333f3 100644 +index 6a415e9..52b3dab 100644 --- a/content/base/src/ThirdPartyUtil.cpp +++ b/content/base/src/ThirdPartyUtil.cpp @@ -40,6 +40,9 @@ @@ -32,7 +32,7 @@ index 6a415e9..62333f3 100644 return rv; } -@@ -315,3 +319,51 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, +@@ -315,3 +319,58 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, return NS_OK; } @@ -62,12 +62,19 @@ index 6a415e9..62333f3 100644 + if (NS_FAILED(rv) && aDoc) { + nsCOMPtr<nsIDOMWindow> top; + nsCOMPtr<nsIDOMDocument> topDDoc; -+ -+ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); -+ top->GetDocument(getter_AddRefs(topDDoc)); ++ ++ if (aDoc->GetWindow()) { ++ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); ++ top->GetDocument(getter_AddRefs(topDDoc)); + -+ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); -+ *aOutput = topDoc->GetOriginalURI(); ++ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); ++ *aOutput = topDoc->GetOriginalURI(); ++ } else { ++ // XXX: Chrome callers (such as NoScript) can end up here ++ // through getImageData/canvas usage with no document state ++ // (no Window and a document URI of about:blank). Propogate ++ // rv fail (by doing nothing), and hope caller recovers. ++ } + + if (*aOutput) + rv = NS_OK; diff --git a/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch b/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch index f303683..cf5dd61 100644 --- a/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch +++ b/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch @@ -1,4 +1,4 @@ -From 3e8d778866d96e1ca82f2b08e7b8d948c1c3853d Mon Sep 17 00:00:00 2001 +From 29ce940434ebbb8e54c0d9b8f84ccf6ec6bd71bc Mon Sep 17 00:00:00 2001 From: Kathleen Brade <brade(a)pearlcrescent.com> Date: Tue, 9 Oct 2012 11:21:06 -0400 Subject: [PATCH 21/24] Add canvas image extraction prompt. diff --git a/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch b/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch index 2532e5f..6da9c72 100644 --- a/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch +++ b/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch @@ -1,4 +1,4 @@ -From eb9cc23d7b04d9c441f69e98834561622533f6ba Mon Sep 17 00:00:00 2001 +From 74215e38ba60b74df59216122c4f2cc068e33216 Mon Sep 17 00:00:00 2001 From: Kathleen Brade <brade(a)pearlcrescent.com> Date: Tue, 9 Oct 2012 11:13:45 -0400 Subject: [PATCH 22/24] Return client window coordinates for mouse event diff --git a/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch b/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch index 1907906..1b925e0 100644 --- a/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch +++ b/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch @@ -1,4 +1,4 @@ -From f842f612d98477ad36014338a72f812cf4183e2f Mon Sep 17 00:00:00 2001 +From d944531b020848e09ac280af11d039d992ab6461 Mon Sep 17 00:00:00 2001 From: Kathleen Brade <brade(a)pearlcrescent.com> Date: Wed, 3 Oct 2012 17:06:48 -0400 Subject: [PATCH 23/24] Do not expose physical screen info. via window and diff --git a/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch b/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch index 5b808ad..629a759 100644 --- a/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch +++ b/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch @@ -1,4 +1,4 @@ -From a3a36dbaebcacdcf6b4343a587ea673e6245102d Mon Sep 17 00:00:00 2001 +From 38a469e05779315cb2990be60c13fb167812e54d Mon Sep 17 00:00:00 2001 From: Kathleen Brade <brade(a)pearlcrescent.com> Date: Thu, 4 Oct 2012 14:53:13 -0400 Subject: [PATCH 24/24] Do not expose system colors to CSS or canvas.

1 0

[torbrowser/master] bump all stable tbbs to 2.2.39-4 for updated non-crashy firefox
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit f550eda4c97664237bd78a547c7f9992664e9206 Author: Erinn Clark <erinn(a)torproject.org> Date: Thu Oct 18 08:46:44 2012 +0100 bump all stable tbbs to 2.2.39-4 for updated non-crashy firefox --- README.LINUX-2.2 | 4 ++-- README.OSX-2.2 | 4 ++-- README.WIN-2.2 | 4 ++-- build-scripts/linux.mk | 2 +- build-scripts/osx.mk | 2 +- build-scripts/versions.mk | 4 ++-- build-scripts/windows.mk | 2 +- changelog.linux-2.2 | 8 ++++++++ changelog.osx-2.2 | 8 ++++++++ changelog.windows-2.2 | 8 ++++++++ 10 files changed, 35 insertions(+), 11 deletions(-) diff --git a/README.LINUX-2.2 b/README.LINUX-2.2 index 859c854..fe79874 100644 --- a/README.LINUX-2.2 +++ b/README.LINUX-2.2 @@ -8,8 +8,8 @@ Vidalia 0.2.20 (with Qt 4.8.1) Tor 0.2.2.39 (with libevent-2.0.20-stable, zlib-1.2.7 and openssl-1.0.1c) Firefox 10.0.9esr \_ Torbutton 1.4.6.3 - |_ NoScript 2.5.7 - |_ HTTPS-Everywhere 2.2.2 + |_ NoScript 2.5.8 + |_ HTTPS-Everywhere 3.0.2 Usage ----- diff --git a/README.OSX-2.2 b/README.OSX-2.2 index 3ffefa3..9250ce2 100644 --- a/README.OSX-2.2 +++ b/README.OSX-2.2 @@ -8,8 +8,8 @@ Vidalia 0.2.20 (with Qt 4.8.1) Tor 0.2.2.39 (with libevent-2.0.20-stable, zlib-1.2.7 and openssl-1.0.1c) Firefox 10.0.9esr \_ Torbutton 1.4.6.3 - |_ NoScript 2.5.7 - |_ HTTPS-Everywhere 2.2.2 + |_ NoScript 2.5.8 + |_ HTTPS-Everywhere 3.0.2 Usage ----- diff --git a/README.WIN-2.2 b/README.WIN-2.2 index 3c73b5c..bbbd27f 100644 --- a/README.WIN-2.2 +++ b/README.WIN-2.2 @@ -8,8 +8,8 @@ Vidalia 0.2.20 (with Qt 4.8.1) Tor 0.2.2.39 (with libevent-2.0.20-stable, zlib-1.2.7 and openssl-1.0.1c) Firefox 10.0.9esr \_ Torbutton 1.4.6.3 - |_ NoScript 2.5.7 - |_ HTTPS-Everywhere 2.2.2 + |_ NoScript 2.5.8 + |_ HTTPS-Everywhere 3.0.2 Usage ----- diff --git a/build-scripts/linux.mk b/build-scripts/linux.mk index 5e64cba..1d7feda 100644 --- a/build-scripts/linux.mk +++ b/build-scripts/linux.mk @@ -15,7 +15,7 @@ ## Architecture ARCH_TYPE=$(shell uname -m) -BUILD_NUM=3 +BUILD_NUM=4 PLATFORM=Linux ## Build machine specific settings diff --git a/build-scripts/osx.mk b/build-scripts/osx.mk index 6325e5f..dd6154a 100644 --- a/build-scripts/osx.mk +++ b/build-scripts/osx.mk @@ -15,7 +15,7 @@ ## Architecture ARCH_TYPE=x86_64 -BUILD_NUM=3 +BUILD_NUM=4 PLATFORM=MacOS ## Set OSX-specific backwards compatibility options diff --git a/build-scripts/versions.mk b/build-scripts/versions.mk index 6063f66..3da6032 100644 --- a/build-scripts/versions.mk +++ b/build-scripts/versions.mk @@ -14,8 +14,8 @@ FIREFOX_VER=10.0.9esr MOZBUILD_VER=1.5.1 PYMAKE_VER=87d436cd8974 TORBUTTON_VER=1.4.6.3 -NOSCRIPT_VER=2.5.7 -HTTPSEVERYWHERE_VER=2.2.2 +NOSCRIPT_VER=2.5.8 +HTTPSEVERYWHERE_VER=3.0.2 OTR_VER=3.2.0 OBFSPROXY_VER=0.1.4 diff --git a/build-scripts/windows.mk b/build-scripts/windows.mk index 54b972c..cbf4451 100644 --- a/build-scripts/windows.mk +++ b/build-scripts/windows.mk @@ -13,7 +13,7 @@ ### Configuration ### ##################### -BUILD_NUM=3 +BUILD_NUM=4 PLATFORM=Windows ## Location of required libraries diff --git a/changelog.linux-2.2 b/changelog.linux-2.2 index 386cab3..10adc35 100644 --- a/changelog.linux-2.2 +++ b/changelog.linux-2.2 @@ -1,3 +1,11 @@ +Tor Browser Bundle (2.2.39-4); suite=linux + + * Update Firefox patches to prevent crashing (closes: #7128) + * Update HTTPS Everywhere to 3.0.2 + * Update NoScript to 2.5.8 + + -- Erinn Clark <erinn(a)torproject.org> Thu Oct 18 08:40:15 BST 2012 + Tor Browser Bundle (2.2.39-3); suite=linux * Update Firefox to 10.0.9esr diff --git a/changelog.osx-2.2 b/changelog.osx-2.2 index af3069a..a0cb5d0 100644 --- a/changelog.osx-2.2 +++ b/changelog.osx-2.2 @@ -1,3 +1,11 @@ +Tor Browser Bundle (2.2.39-4); suite=osx + + * Update Firefox patches to prevent crashing (closes: #7128) + * Update HTTPS Everywhere to 3.0.2 + * Update NoScript to 2.5.8 + + -- Erinn Clark <erinn(a)torproject.org> Thu Oct 18 08:40:10 BST 2012 + Tor Browser Bundle (2.2.39-3); suite=osx * Update Firefox to 10.0.9esr diff --git a/changelog.windows-2.2 b/changelog.windows-2.2 index 094b8d2..d3006b0 100644 --- a/changelog.windows-2.2 +++ b/changelog.windows-2.2 @@ -1,3 +1,11 @@ +Tor Browser Bundle (2.2.39-4); suite=windows + + * Update Firefox patches to prevent crashing (closes: #7128) + * Update HTTPS Everywhere to 3.0.2 + * Update NoScript to 2.5.8 + + -- Erinn Clark <erinn(a)torproject.org> Thu Oct 18 08:40:12 BST 2012 + Tor Browser Bundle (2.2.39-3); suite=windows * Update Firefox to 10.0.9esr

1 0

[torbrowser/maint-2.3] remove alpha directory from firefox patches
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 06557b2845665a44c11b954d24081bed0e2011ba Author: Erinn Clark <erinn(a)torproject.org> Date: Wed Oct 24 16:34:44 2012 +0100 remove alpha directory from firefox patches --- ...nents.interfaces-lookupMethod-from-conten.patch | 50 -- ...0002-Make-Permissions-Manager-memory-only.patch | 94 ---- ...-Make-Intermediate-Cert-Store-memory-only.patch | 43 -- .../alpha/0004-Add-a-string-based-cacheKey.patch | 85 --- .../0005-Block-all-plugins-except-flash.patch | 85 --- ...ontent-pref-service-memory-only-clearable.patch | 37 -- .../0007-Disable-SSL-Session-ID-tracking.patch | 28 - ...ice-and-system-specific-CSS-Media-Queries.patch | 116 ----- .../0009-Make-Download-manager-memory-only.patch | 57 -- .../0010-Add-DDG-and-StartPage-to-Omnibox.patch | 84 --- ...-nsICacheService.EvictEntries-synchronous.patch | 44 -- ...owser-exit-when-not-launched-from-Vidalia.patch | 45 -- ...13-Limit-the-number-of-fonts-per-document.patch | 225 -------- ...observer-event-to-close-persistent-connec.patch | 40 -- .../alpha/0015-Rebrand-Firefox-to-TorBrowser.patch | 59 --- .../alpha/0016-Prevent-WebSocket-DNS-leak.patch | 133 ----- ...ize-HTTP-request-order-and-pipeline-depth.patch | 151 ------ ...Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch | 545 -------------------- ...9-Add-a-redirect-API-for-HTTPS-Everywhere.patch | 345 ------------- ...d-mozIThirdPartyUtil.getFirstPartyURI-API.patch | 148 ------ 20 files changed, 0 insertions(+), 2414 deletions(-) diff --git a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch deleted file mode 100644 index 921a716..0000000 --- a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch +++ /dev/null @@ -1,50 +0,0 @@ -From caab8c136e806dcd913d637210ff187abb1b6b29 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Wed, 1 Feb 2012 15:40:40 -0800 -Subject: [PATCH 01/19] Block Components.interfaces,lookupMethod from content - -This patch removes the ability of content script to access -Components.interfaces.* as well as call or access Components.lookupMethod. - -These two interfaces seem to be exposed to content script only to make our -lives difficult. Components.lookupMethod can undo our JS hooks, and -Components.interfaces is useful for fingerprinting the platform, OS, and -Firebox version. - -They appear to have no other legitimate use. See also: -https://bugzilla.mozilla.org/show_bug.cgi?id=429070 -https://trac.torproject.org/projects/tor/ticket/2873 -https://trac.torproject.org/projects/tor/ticket/2874 ---- - js/xpconnect/src/XPCComponents.cpp | 8 ++++++-- - 1 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp -index ed7ab0a..609b73f 100644 ---- a/js/xpconnect/src/XPCComponents.cpp -+++ b/js/xpconnect/src/XPCComponents.cpp -@@ -4621,7 +4621,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) - NS_IMETHODIMP - nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval) - { -- static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; -+ // XXX: Pref observer? Also, is this what we want? Seems like a plan -+ //static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; -+ static const char* allowed[] = { "isSuccessCode", nsnull }; - *_retval = xpc_CheckAccessList(methodName, allowed); - return NS_OK; - } -@@ -4630,7 +4632,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c - NS_IMETHODIMP - nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) - { -- static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; -+ // XXX: Pref observer? Also, is this what we want? Seems like a plan -+ // static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; -+ static const char* allowed[] = { "results", nsnull}; - *_retval = xpc_CheckAccessList(propertyName, allowed); - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch deleted file mode 100644 index d73f1ab..0000000 --- a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 12acd440d185f5536eed99084c4800a46d617197 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Wed, 1 Feb 2012 15:45:16 -0800 -Subject: [PATCH 02/19] Make Permissions Manager memory-only - -This patch exposes a pref 'permissions.memory_only' that properly isolates the -permissions manager to memory, which is responsible for all user specified -site permissions, as well as stored STS policy. - -The pref does successfully clear the permissions manager memory if toggled. It -does not need to be set in prefs.js, and can be handled by Torbutton. - -https://trac.torproject.org/projects/tor/ticket/2950 ---- - extensions/cookie/nsPermissionManager.cpp | 34 ++++++++++++++++++++++++++-- - 1 files changed, 31 insertions(+), 3 deletions(-) - -diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp -index 94791ca..1f7bcbd 100644 ---- a/extensions/cookie/nsPermissionManager.cpp -+++ b/extensions/cookie/nsPermissionManager.cpp -@@ -24,6 +24,10 @@ - #include "mozStorageHelper.h" - #include "mozStorageCID.h" - #include "nsXULAppAPI.h" -+#include "nsCOMPtr.h" -+#include "nsIPrefService.h" -+#include "nsIPrefBranch.h" -+#include "nsIPrefBranch2.h" - - static nsPermissionManager *gPermissionManager = nsnull; - -@@ -167,6 +171,11 @@ nsPermissionManager::Init() - mObserverService->AddObserver(this, "profile-do-change", true); - } - -+ nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID); -+ if (pbi) { -+ pbi->AddObserver("permissions.", this, PR_FALSE); -+ } -+ - if (IsChildProcess()) { - // Get the permissions from the parent process - InfallibleTArray<IPC::Permission> perms; -@@ -215,8 +224,18 @@ nsPermissionManager::InitDB(bool aRemoveFile) - if (!storage) - return NS_ERROR_UNEXPECTED; - -+ bool memory_db = false; -+ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); -+ if (prefs) { -+ prefs->GetBoolPref("permissions.memory_only", &memory_db); -+ } -+ - // cache a connection to the hosts database -- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ if (memory_db) { -+ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); -+ } else { -+ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ } - NS_ENSURE_SUCCESS(rv, rv); - - bool ready; -@@ -226,7 +245,11 @@ nsPermissionManager::InitDB(bool aRemoveFile) - rv = permissionsFile->Remove(false); - NS_ENSURE_SUCCESS(rv, rv); - -- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ if (memory_db) { -+ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); -+ } else { -+ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ } - NS_ENSURE_SUCCESS(rv, rv); - - mDBConn->GetConnectionReady(&ready); -@@ -758,7 +781,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT - { - ENSURE_NOT_CHILD_PROCESS; - -- if (!nsCRT::strcmp(aTopic, "profile-before-change")) { -+ if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) { -+ if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("permissions.memory_only").get())) { -+ // XXX: Should we remove the file? Probably not.. -+ InitDB(PR_FALSE); -+ } -+ } else if (!nsCRT::strcmp(aTopic, "profile-before-change")) { - // The profile is about to change, - // or is going away because the application is shutting down. - if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) { --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch deleted file mode 100644 index 33cf5e9..0000000 --- a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch +++ /dev/null @@ -1,43 +0,0 @@ -From a95872e8de8230e8e0128314acd335a7cb3510fb Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Fri, 19 Aug 2011 17:58:23 -0700 -Subject: [PATCH 03/19] Make Intermediate Cert Store memory-only. - -This patch makes the intermediate SSL cert store exist in memory only. - -The pref must be set before startup in prefs.js. -https://trac.torproject.org/projects/tor/ticket/2949 ---- - security/manager/ssl/src/nsNSSComponent.cpp | 15 ++++++++++++++- - 1 files changed, 14 insertions(+), 1 deletions(-) - -diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp -index bc49de9..0f66320 100644 ---- a/security/manager/ssl/src/nsNSSComponent.cpp -+++ b/security/manager/ssl/src/nsNSSComponent.cpp -@@ -1743,8 +1743,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) - // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as - // "/usr/lib/nss/libnssckbi.so". - PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; -- SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", -+ bool nocertdb = false; -+ mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb); -+ -+ // XXX: We can also do the the following to only disable the certdb. -+ // Leaving this codepath in as a fallback in case InitNODB fails -+ if (nocertdb) -+ init_flags |= NSS_INIT_NOCERTDB; -+ -+ SECStatus init_rv; -+ if (nocertdb) { -+ init_rv = ::NSS_NoDB_Init(NULL); -+ } else { -+ init_rv = ::NSS_Initialize(profileStr.get(), "", "", - SECMOD_DB, init_flags); -+ } - - if (init_rv != SECSuccess) { - PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch deleted file mode 100644 index bbc6220..0000000 --- a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch +++ /dev/null @@ -1,85 +0,0 @@ -From df164279499b23794a112de4305f3ed99a25da68 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 17:03:57 -0700 -Subject: [PATCH 04/19] Add a string-based cacheKey. - -Used for isolating cache according to same-origin policy. ---- - netwerk/base/public/nsICachingChannel.idl | 7 +++++++ - netwerk/protocol/http/nsHttpChannel.cpp | 22 ++++++++++++++++++++++ - netwerk/protocol/http/nsHttpChannel.h | 1 + - 3 files changed, 30 insertions(+), 0 deletions(-) - -diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl -index 96a8aef..b1c6f05 100644 ---- a/netwerk/base/public/nsICachingChannel.idl -+++ b/netwerk/base/public/nsICachingChannel.idl -@@ -66,6 +66,13 @@ interface nsICachingChannel : nsICacheInfoChannel - attribute nsISupports cacheKey; - - /** -+ * Set/get the cache domain... uniquely identifies the data in the cache -+ * for this channel. Holding a reference to this key does NOT prevent -+ * the cached data from being removed. -+ */ -+ attribute AUTF8String cacheDomain; -+ -+ /** - * Specifies whether or not the data should be cached to a file. This - * may fail if the disk cache is not present. The value of this attribute - * is usually only settable during the processing of a channel's -diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 290d04c..9c10e3a 100644 ---- a/netwerk/protocol/http/nsHttpChannel.cpp -+++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -2538,6 +2538,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, - cacheKey.Append(buf); - } - -+ if (strlen(mCacheDomain.get()) > 0) { -+ cacheKey.AppendLiteral("domain="); -+ cacheKey.Append(mCacheDomain.get()); -+ cacheKey.AppendLiteral("&"); -+ } -+ - if (!cacheKey.IsEmpty()) { - cacheKey.AppendLiteral("uri="); - } -@@ -4876,6 +4882,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) - } - - NS_IMETHODIMP -+nsHttpChannel::GetCacheDomain(nsACString &value) -+{ -+ value = mCacheDomain; -+ -+ return NS_OK; -+} -+ -+NS_IMETHODIMP -+nsHttpChannel::SetCacheDomain(const nsACString &value) -+{ -+ mCacheDomain = value; -+ -+ return NS_OK; -+} -+ -+NS_IMETHODIMP - nsHttpChannel::GetOfflineCacheClientID(nsACString &value) - { - value = mOfflineCacheClientID; -diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index eaad05e..0382b1c 100644 ---- a/netwerk/protocol/http/nsHttpChannel.h -+++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -292,6 +292,7 @@ private: - nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry; - nsCacheAccessMode mOfflineCacheAccess; - nsCString mOfflineCacheClientID; -+ nsCString mCacheDomain; - - nsCOMPtr<nsILocalFile> mProfileDirectory; - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch deleted file mode 100644 index 79d92de..0000000 --- a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 5c43ec0bcc08d82d7ea1895e2586028ff0c43db2 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Wed, 1 Feb 2012 15:50:15 -0800 -Subject: [PATCH 05/19] Block all plugins except flash. - -We cannot use the @mozilla.org/extensions/blocklist;1 service, because we -actually want to stop plugins from ever entering the browser's process space -and/or executing code (for example, AV plugins that collect statistics/analyse -urls, magical toolbars that phone home or "help" the user, skype buttons that -ruin our day, and censorship filters). Hence we rolled our own. - -See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings -on a better way. Until then, it is delta-darwinism for us. ---- - dom/plugins/base/nsPluginHost.cpp | 33 +++++++++++++++++++++++++++++++++ - dom/plugins/base/nsPluginHost.h | 2 ++ - 2 files changed, 35 insertions(+), 0 deletions(-) - -diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp -index 2877669..901fbb9 100644 ---- a/dom/plugins/base/nsPluginHost.cpp -+++ b/dom/plugins/base/nsPluginHost.cpp -@@ -1876,6 +1876,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) - return false; - } - -+PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile) -+{ -+ nsCString leaf; -+ const char *leafStr; -+ nsresult rv; -+ -+ rv = pluginFile->GetNativeLeafName(leaf); -+ if (NS_FAILED(rv)) { -+ return PR_TRUE; // fuck 'em. blacklist. -+ } -+ -+ leafStr = leaf.get(); -+ -+ if (!leafStr) { -+ return PR_TRUE; // fuck 'em. blacklist. -+ } -+ -+ // libgnashplugin.so, libflashplayer.so, Flash Player-10.4-10.5.plugin, -+ // NPSWF32.dll, NPSWF64.dll -+ if (strstr(leafStr, "libgnashplugin") == leafStr || -+ strstr(leafStr, "libflashplayer") == leafStr || -+ strstr(leafStr, "Flash Player") == leafStr || -+ strstr(leafStr, "NPSWF") == leafStr) { -+ return PR_FALSE; -+ } -+ -+ return PR_TRUE; // fuck 'em. blacklist. -+} -+ - typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void); - - nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, -@@ -2009,6 +2038,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, - continue; - } - -+ if (GhettoBlacklist(localfile)) { -+ continue; -+ } -+ - // if it is not found in cache info list or has been changed, create a new one - if (!pluginTag) { - nsPluginFile pluginFile(localfile); -diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h -index 036a102..1f7bd14 100644 ---- a/dom/plugins/base/nsPluginHost.h -+++ b/dom/plugins/base/nsPluginHost.h -@@ -247,6 +247,8 @@ private: - // Loads all cached plugins info into mCachedPlugins - nsresult ReadPluginInfo(); - -+ PRBool GhettoBlacklist(nsIFile *pluginFile); -+ - // Given a file path, returns the plugins info from our cache - // and removes it from the cache. - void RemoveCachedPluginsInfo(const char *filePath, --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch deleted file mode 100644 index cc75ee1..0000000 --- a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch +++ /dev/null @@ -1,37 +0,0 @@ -From c1f6abc0766763e65c5e8b22f72171c5f8e4639b Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Thu, 8 Sep 2011 08:40:17 -0700 -Subject: [PATCH 06/19] Make content pref service memory-only + clearable - -This prevents random urls from being inserted into content-prefs.sqllite in -the profile directory as content prefs change (includes site-zoom and perhaps -other site prefs?). ---- - .../contentprefs/nsContentPrefService.js | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js -index 81f974d..31597ac 100644 ---- a/toolkit/components/contentprefs/nsContentPrefService.js -+++ b/toolkit/components/contentprefs/nsContentPrefService.js -@@ -1208,7 +1208,7 @@ ContentPrefService.prototype = { - - var dbConnection; - -- if (!dbFile.exists()) -+ if (true || !dbFile.exists()) - dbConnection = this._dbCreate(dbService, dbFile); - else { - try { -@@ -1256,7 +1256,7 @@ ContentPrefService.prototype = { - }, - - _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) { -- var dbConnection = aDBService.openDatabase(aDBFile); -+ var dbConnection = aDBService.openSpecialDatabase("memory"); - - try { - this._dbCreateSchema(dbConnection); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch deleted file mode 100644 index 5b8270a..0000000 --- a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch +++ /dev/null @@ -1,28 +0,0 @@ -From e3703799acddc621be9c64299070180721b489dc Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)fscked.org> -Date: Wed, 7 Dec 2011 19:36:38 -0800 -Subject: [PATCH 07/19] Disable SSL Session ID tracking. - -We can't easily bind SSL Session ID tracking to url bar domain, -so we have to disable them to satisfy -https://www.torproject.org/projects/torbrowser/design/#identifier-linkability. ---- - security/nss/lib/ssl/sslsock.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c -index 0c4d0c7..8d23fc0 100644 ---- a/security/nss/lib/ssl/sslsock.c -+++ b/security/nss/lib/ssl/sslsock.c -@@ -173,7 +173,7 @@ static sslOptions ssl_defaults = { - PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* enableSSL3 */ - PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */ -- PR_FALSE, /* noCache */ -+ PR_TRUE, /* noCache */ - PR_FALSE, /* fdx */ - PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* detectRollBack */ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch b/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch deleted file mode 100644 index 1b7d396..0000000 --- a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch +++ /dev/null @@ -1,116 +0,0 @@ -From fdecb1911dd0bbd9bc611931c16026de17f6cbe9 Mon Sep 17 00:00:00 2001 -From: Shondoit Walker <shondoit(a)gmail.com> -Date: Mon, 4 Jun 2012 19:15:31 +0200 -Subject: [PATCH 08/19] Limit device- and system-specific CSS Media Queries - -This is done to address -https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability - -This also fixes bug #4795 by making queries still available for chrome windows, -whilst returning nothing or non-device-specific values for web pages or extensions. ---- - layout/style/nsMediaFeatures.cpp | 42 ++++++++++++++++++++++++------------- - 1 files changed, 27 insertions(+), 15 deletions(-) - -diff --git a/layout/style/nsMediaFeatures.cpp b/layout/style/nsMediaFeatures.cpp -index a814f30..c9785b9 100644 ---- a/layout/style/nsMediaFeatures.cpp -+++ b/layout/style/nsMediaFeatures.cpp -@@ -98,6 +98,9 @@ GetDeviceContextFor(nsPresContext* aPresContext) - static nsSize - GetDeviceSize(nsPresContext* aPresContext) - { -+ if (!aPresContext->IsChrome()) { -+ return GetSize(aPresContext); -+ } else { - nsSize size; - if (aPresContext->IsRootPaginatedDocument()) - // We want the page size, including unprintable areas and margins. -@@ -108,6 +111,7 @@ GetDeviceSize(nsPresContext* aPresContext) - GetDeviceContextFor(aPresContext)-> - GetDeviceSurfaceDimensions(size.width, size.height); - return size; -+ } - } - - static nsresult -@@ -151,17 +155,17 @@ static nsresult - GetDeviceOrientation(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- nsSize size = GetDeviceSize(aPresContext); -- PRInt32 orientation; -- if (size.width > size.height) { -- orientation = NS_STYLE_ORIENTATION_LANDSCAPE; -- } else { -- // Per spec, square viewports should be 'portrait' -- orientation = NS_STYLE_ORIENTATION_PORTRAIT; -- } -- -- aResult.SetIntValue(orientation, eCSSUnit_Enumerated); -- return NS_OK; -+ nsSize size = GetDeviceSize(aPresContext); -+ PRInt32 orientation; -+ if (size.width > size.height) { -+ orientation = NS_STYLE_ORIENTATION_LANDSCAPE; -+ } else { -+ // Per spec, square viewports should be 'portrait' -+ orientation = NS_STYLE_ORIENTATION_PORTRAIT; -+ } -+ -+ aResult.SetIntValue(orientation, eCSSUnit_Enumerated); -+ return NS_OK; - } - - static nsresult -@@ -279,8 +283,12 @@ static nsresult - GetDevicePixelRatio(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -- aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ if (aPresContext->IsChrome()) { -+ float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -+ aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ } else { -+ aResult.SetFloatValue(1.0, eCSSUnit_Number); -+ } - return NS_OK; - } - -@@ -288,18 +296,21 @@ static nsresult - GetSystemMetric(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -+ if (aPresContext->IsChrome()) { - NS_ABORT_IF_FALSE(aFeature->mValueType == nsMediaFeature::eBoolInteger, - "unexpected type"); - nsIAtom *metricAtom = *aFeature->mData.mMetric; - bool hasMetric = nsCSSRuleProcessor::HasSystemMetric(metricAtom); - aResult.SetIntValue(hasMetric ? 1 : 0, eCSSUnit_Integer); -- return NS_OK; -+ } -+ return NS_OK; - } - - static nsresult - GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -+ if (aPresContext->IsChrome()) { - aResult.Reset(); - #ifdef XP_WIN - PRUint8 windowsThemeId = -@@ -318,7 +329,8 @@ GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - } - } - #endif -- return NS_OK; -+ } -+ return NS_OK; - } - - /* --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch b/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch deleted file mode 100644 index 6ee2744..0000000 --- a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch +++ /dev/null @@ -1,57 +0,0 @@ -From ec182e8a83826db0c2bae711d594a26cd0b08a22 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Wed, 25 Apr 2012 13:39:35 -0700 -Subject: [PATCH 09/19] Make Download manager memory only. - -Solves https://trac.torproject.org/projects/tor/ticket/4017. - -Yes, this is an ugly hack. We *could* send the observer notification from -Torbutton to tell the download manager to switch to memory, but then we have -to dance around and tell it again if the user switches in and out of private -browsing mode.. - -The right way to do this is with a pref. Maybe I'll get to that someday, if -this breaks enough times in conflict. ---- - toolkit/components/downloads/nsDownloadManager.cpp | 4 ++-- - toolkit/components/downloads/nsDownloadManager.h | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/toolkit/components/downloads/nsDownloadManager.cpp b/toolkit/components/downloads/nsDownloadManager.cpp -index 0e846a0..42ca743 100644 ---- a/toolkit/components/downloads/nsDownloadManager.cpp -+++ b/toolkit/components/downloads/nsDownloadManager.cpp -@@ -2005,7 +2005,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, - if (NS_LITERAL_STRING("memory").Equals(aData)) - return SwitchDatabaseTypeTo(DATABASE_MEMORY); - else if (NS_LITERAL_STRING("disk").Equals(aData)) -- return SwitchDatabaseTypeTo(DATABASE_DISK); -+ return SwitchDatabaseTypeTo(DATABASE_MEMORY); - } - else if (strcmp(aTopic, "alertclickcallback") == 0) { - nsCOMPtr<nsIDownloadManagerUI> dmui = -@@ -2082,7 +2082,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() - (void)ResumeAllDownloads(false); - - // Switch back to the on-disk DB again -- (void)SwitchDatabaseTypeTo(DATABASE_DISK); -+ //(void)SwitchDatabaseTypeTo(DATABASE_DISK); - - mInPrivateBrowsing = false; - } -diff --git a/toolkit/components/downloads/nsDownloadManager.h b/toolkit/components/downloads/nsDownloadManager.h -index 5649eeb..1e7912b 100644 ---- a/toolkit/components/downloads/nsDownloadManager.h -+++ b/toolkit/components/downloads/nsDownloadManager.h -@@ -54,7 +54,7 @@ public: - - virtual ~nsDownloadManager(); - nsDownloadManager() : -- mDBType(DATABASE_DISK) -+ mDBType(DATABASE_MEMORY) - , mInPrivateBrowsing(false) - #ifdef DOWNLOAD_SCANNER - , mScanner(nsnull) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch b/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch deleted file mode 100644 index e9c6c2c..0000000 --- a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch +++ /dev/null @@ -1,84 +0,0 @@ -From e58200766a98fc8e239c95eb19a0afcf9fcd6381 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Wed, 25 Apr 2012 15:03:46 -0700 -Subject: [PATCH 10/19] Add DDG and StartPage to Omnibox. - -You mean there are search engines that don't require captchas if you don't -have a cookie? Holy crap. Get those in there now. ---- - browser/locales/en-US/searchplugins/duckduckgo.xml | 29 ++++++++++++++++++++ - browser/locales/en-US/searchplugins/list.txt | 2 + - browser/locales/en-US/searchplugins/startpage.xml | 11 +++++++ - 3 files changed, 42 insertions(+), 0 deletions(-) - create mode 100644 browser/locales/en-US/searchplugins/duckduckgo.xml - create mode 100644 browser/locales/en-US/searchplugins/startpage.xml - -diff --git a/browser/locales/en-US/searchplugins/duckduckgo.xml b/browser/locales/en-US/searchplugins/duckduckgo.xml -new file mode 100644 -index 0000000..4f00b4d ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/duckduckgo.xml -@@ -0,0 +1,29 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>DuckDuckGo</ShortName> -+<Description>Duck Duck Go</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAANcNAADXDQAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAJyDsJmlk8pf6+v3s/v7+++zr/fcnIOyzJyDsgCcg7CYAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAnIOwBJyDscCcg7PZttJ7/7Pfs//////++xO7/S5GA/ycg7P8n -+IOz2JyDscCcg7AEAAAAAAAAAAAAAAAAnIOwBJyDstScg7P8nIOz/Y8p5/2fHZf9Yv0z/YcF2/1rB -+Uv8nIOz/JyDs/ycg7P8nIOy1JyDsAQAAAAAAAAAAJyDscCcg7P8nIOz/JyDs/4jQoP/p9+n///// -+/05X3v9LkYD/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAJyDsJicg7PYnIOz/JyDs/zUu7f/+/v// -+//////////89N+7/JyDs/yUo7f8nIOz/JyDs/ycg7P8nIOz2JyDsJicg7IAnIOz/JyDs/ycg7P9h -+XPH////////////t/P//GIr2/wfD+/8Gyfz/DKv5/yM57/8nIOz/JyDs/ycg7H8nIOyzJyDs/ycg -+7P8nIOz/jov1////////////Otz9/w3G/P8cWfH/JSvt/ycg7P8nIOz/JyDs/ycg7P8nIOyzJyDs -+5icg7P8nIOz/JyDs/7u5+f///////////27l/v8E0v3/BNL9/wTQ/f8Oofn/IT7v/ycg7P8nIOz/ -+JyDs5icg7OYnIOz/JyDs/ycg7P/p6P3/uWsC////////////5fr//6Po/f8Thfb/DKv5/w6f+f8n IOz/JyDs/ycg7OYnIOyzJyDs/ycg7P8nIOz/9/b+/////////////////7lrAv/V1Pv/JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOyzJyDsgCcg7P8nIOz/JyDs/8/N+///////////////////////iIX1 -+/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDsfycg7CYnIOz2JyDs/ycg7P9FP+7/q6n4/+7u/f/n5v3/ -+fXn0/yoj7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7CYAAAAAJyDscCcg7P8nIOz/wsD6/+no/f/Y -+1/z/eHTz/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAAAAAACcg7AEnIOy1JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7LUnIOwBAAAAAAAAAAAAAAAAJyDs -+AScg7HAnIOz2JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7HAnIOwBAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAJyDsJicg7IAnIOyzJyDs5icg7OYnIOyzJyDsgCcg7CYAAAAAAAAAAAAAAAAA -+AAAA+B8AAPAPAADAAwAAwAMAAIABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABAACAAQAAwAMAAMAD -+AADwDwAA+B8AAA==</Image> -+<Url type="text/html" method="POST" template="https://duckduckgo.com/html/"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://duckduckgo.com/html/</SearchForm> -+</SearchPlugin> -diff --git a/browser/locales/en-US/searchplugins/list.txt b/browser/locales/en-US/searchplugins/list.txt -index 2a1141a..0466f4e 100644 ---- a/browser/locales/en-US/searchplugins/list.txt -+++ b/browser/locales/en-US/searchplugins/list.txt -@@ -1,7 +1,9 @@ - amazondotcom - bing -+duckduckgo - eBay - google -+startpage - twitter - wikipedia - yahoo -diff --git a/browser/locales/en-US/searchplugins/startpage.xml b/browser/locales/en-US/searchplugins/startpage.xml -new file mode 100644 -index 0000000..1a310b1 ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/startpage.xml -@@ -0,0 +1,11 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>Startpage</ShortName> -+<Description>Start Page</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2jkj+9YtD/vWLQ/71i0P+9otD/vaLRP72i0T+9YtE/vWLRP72i0T+9otD/vaNRP72jUT+9otF/vaLRf73kkv+9Yc///WJP//1iT//9Yk///rAmf/94Mz/+sCa//aRTv/1iUH/9ok///aJP//2i0H/9otB//aJQv/2iUL/9otC//aNRP/2jUT/9o1E//aNRP/6wpv////////////96dr/95dQ//aNRP/2kET/9pBG//aQRv/2kEb/9pBG//aRR//3lEz/95BH//mueP/7xJ3/959g//efYf/4p23//vDm//3p2//3kEr/95FJ//aRSf/niFH/95FK//aRSv/2mE//95hS/vq4iP/////////////////81bj/95xZ//q4iP//////+bF+//eZT//njFT/PSqi/2xGjv/2mVD/951V/vedVv783cX///////vQrf/++PP///////748//+8uj///////m3gf/olFr/PSuj/w8Pt/9sSJD/951V//eeWf73oVv++8ul///////5sXf/+KRi//vRsf////////////3r3v/olF//Piyk/w8Pt/9sSJH/+J5Z//ieWv/3oV/++KZf/vihXP/97N7//vn0//zTs//6wJP/+bBy//q6iP/onW//Piyl/w8Pt/8fGbH/m2iB/+icY//4pGD/96hl/viqZf74pmD/+Kxr//3iy/////////n1//ivbP/onGj/Pi2m/w8Pt/8uJKz/fFeQ/x8Zsf8+Lqb/6J9r//ivbP74rm3++Klm//mpZv/5q2f/+bR9//m0e//poW7/Pi6n/w8Pt/9sTZj/+Ktp//ira/+rd4P/Dw+3/4xijv/5snH+ +LN1/vmvbf/5r23/+a5t//mvb//4r2//TTuk/w8Pt/8fGrL/6ah1//ivcP/4r3P/q3yI/w8Pt/+MZpP/+bN5/vm4ev75t3X/+bV1//m1df/5t3X/+Ld3/8qUhP98XZn/Hxqz/+mse//5t3f/2p+B/x8as/8PD7f/u4qK//m7fv76u4D++bl7//m3fP/5uXz/+bl8//m5fP/5t3z/+bl//x8as/9NPKf/fWCb/x8as/8PD7f/bVOh//q5f//6v4X++sGI/vm9g//5voX/+b6F//m9hf/6vYX/+r6F//nCh/+bepr/Hxu0/w8Pt/8PD7f/fWOh//q+hf/6wof/+saN/vrGjf75xIv/+ceL//nEi//5xIv/+sSL//rHi//6x43/+ceN/+m7kP+7lpj/6ruQ//rHkP/6x43/+seQ//rLlf76ypT++seR//rJkf/6yZH/+seR//rJkf/6yZH/+8mR//vJlP/7yZT/+smU//rJlP/6yZT/+8yV//rJlf/6zpn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image> -+ -+<Url type="text/html" method="POST" template="https://startpage.com/do/search"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://startpage.com/do/search/</SearchForm> -+</SearchPlugin> --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch b/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch deleted file mode 100644 index 879cfa6..0000000 --- a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch +++ /dev/null @@ -1,44 +0,0 @@ -From b0f594e6130bf618a25d33d80f7b66d110449dc9 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 1 May 2012 15:02:03 -0700 -Subject: [PATCH 11/19] Make nsICacheService.EvictEntries synchronous - -This fixes a race condition that allows cache-based EverCookies to persist for -a brief time (on the order of minutes?) after cache clearing/"New Identity". - -https://trac.torproject.org/projects/tor/ticket/5715 ---- - netwerk/cache/nsCacheService.cpp | 15 +++++++++++++-- - 1 files changed, 13 insertions(+), 2 deletions(-) - -diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp -index 991cc34..ef2ad25 100644 ---- a/netwerk/cache/nsCacheService.cpp -+++ b/netwerk/cache/nsCacheService.cpp -@@ -1506,10 +1506,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) - return NS_OK; - } - -- - NS_IMETHODIMP nsCacheService::EvictEntries(nsCacheStoragePolicy storagePolicy) - { -- return EvictEntriesForClient(nsnull, storagePolicy); -+ NS_IMETHODIMP r; -+ r = EvictEntriesForClient(nsnull, storagePolicy); -+ -+ // XXX: Bloody hack until we get this notifier in FF14.0: -+ // https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsICacheListener… -+ if (storagePolicy == nsICache::STORE_ANYWHERE && -+ NS_IsMainThread() && gService && gService->mInitialized) { -+ nsCacheServiceAutoLock lock; -+ gService->DoomActiveEntries(); -+ gService->ClearDoomList(); -+ (void) SyncWithCacheIOThread(); -+ } -+ return r; - } - - NS_IMETHODIMP nsCacheService::GetCacheIOTarget(nsIEventTarget * *aCacheIOTarget) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch deleted file mode 100644 index 91a5347..0000000 --- a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 07ed1fba9d99b3aa860ab75f34c7650341c59b77 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Thu, 7 Jun 2012 14:45:26 -0700 -Subject: [PATCH 12/19] Make Tor Browser exit when not launched from Vidalia - -Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app -for easy relaunch. If they manage to do this, we should fail closed rather -than opened. Hopefully they will get the hint and dock Vidalia instead. - -This is an emergency fix for -https://trac.torproject.org/projects/tor/ticket/4192. We can do a better -localized fix w/ a translated alert menu later, if it seems like this might -actually be common. ---- - browser/base/content/browser.js | 14 ++++++++++++++ - 1 files changed, 14 insertions(+), 0 deletions(-) - -diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js -index 79ab155..84f747c 100644 ---- a/browser/base/content/browser.js -+++ b/browser/base/content/browser.js -@@ -995,6 +995,20 @@ function BrowserStartup() { - - prepareForStartup(); - -+ // If this is not a TBB profile, exit. -+ // Solves https://trac.torproject.org/projects/tor/ticket/4192 -+ var foundPref = false; -+ try { -+ foundPref = gPrefService.prefHasUserValue("torbrowser.version"); -+ } catch(e) { -+ //dump("No pref: "+e); -+ } -+ if(!foundPref) { -+ var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"] -+ .getService(Components.interfaces.nsIAppStartup); -+ appStartup.quit(3); // Force all windows to close, and then quit. -+ } -+ - if (uriToLoad && uriToLoad != "about:blank") { - if (uriToLoad instanceof Ci.nsISupportsArray) { - let count = uriToLoad.Count(); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch deleted file mode 100644 index 95e3f48..0000000 --- a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch +++ /dev/null @@ -1,225 +0,0 @@ -From a94c453f1b68acddb84d1a97e10de3994dfdf2cd Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Thu, 7 Jun 2012 15:09:59 -0700 -Subject: [PATCH 13/19] Limit the number of fonts per document. - -We create two prefs: -browser.display.max_font_count and browser.display.max_font_attempts. -max_font_count sets a limit on the number of fonts actually used in the -document, and max_font_attempts sets a limit on the total number of CSS -queries that a document is allowed to perform. - -Once either limit is reached, the browser behaves as if -browser.display.use_document_fonts was set to 0 for subsequent font queries. - -If a pref is not set or is negative, that limit does not apply. - -This is done to address: -https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability ---- - layout/base/nsPresContext.cpp | 100 +++++++++++++++++++++++++++++++++++++++++ - layout/base/nsPresContext.h | 9 ++++ - layout/style/nsRuleNode.cpp | 13 ++++- - 3 files changed, 119 insertions(+), 3 deletions(-) - -diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp -index f49d9f3..53f0b12 100644 ---- a/layout/base/nsPresContext.cpp -+++ b/layout/base/nsPresContext.cpp -@@ -63,6 +63,8 @@ - #include "FrameLayerBuilder.h" - #include "nsDOMMediaQueryList.h" - #include "nsSMILAnimationController.h" -+#include "nsString.h" -+#include "nsUnicharUtils.h" - - #ifdef IBMBIDI - #include "nsBidiPresUtils.h" -@@ -740,6 +742,10 @@ nsPresContext::GetUserPreferences() - // * use fonts? - mUseDocumentFonts = - Preferences::GetInt("browser.display.use_document_fonts") != 0; -+ mMaxFonts = -+ Preferences::GetInt("browser.display.max_font_count", -1); -+ mMaxFontAttempts = -+ Preferences::GetInt("browser.display.max_font_attempts", -1); - - // * replace backslashes with Yen signs? (bug 245770) - mEnableJapaneseTransform = -@@ -1363,6 +1369,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID, nsIAtom *aLanguage) const - return font; - } - -+PRBool -+nsPresContext::FontUseCountReached(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+PRBool -+nsPresContext::FontAttemptCountReached(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+void -+nsPresContext::AddFontUse(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return; -+ } -+ -+ mFontsUsed.AppendElement(font); -+ return; -+} -+ -+void -+nsPresContext::AddFontAttempt(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return; -+ } -+ -+ mFontsTried.AppendElement(font); -+ return; -+} -+ - void - nsPresContext::SetFullZoom(float aZoom) - { -diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h -index 0c42c6b..f37c7a2 100644 ---- a/layout/base/nsPresContext.h -+++ b/layout/base/nsPresContext.h -@@ -514,6 +514,13 @@ public: - } - } - -+ nsTArray<nsFont> mFontsUsed; // currently for font-count limiting only -+ nsTArray<nsFont> mFontsTried; // currently for font-count limiting only -+ void AddFontUse(const nsFont &font); -+ void AddFontAttempt(const nsFont &font); -+ PRBool FontUseCountReached(const nsFont &font); -+ PRBool FontAttemptCountReached(const nsFont &font); -+ - /** - * Get the minimum font size for the specified language. If aLanguage - * is nsnull, then the document's language is used. -@@ -1174,6 +1181,8 @@ protected: - PRUint32 mInterruptChecksToSkip; - - mozilla::TimeStamp mReflowStartTime; -+ PRInt32 mMaxFontAttempts; -+ PRInt32 mMaxFonts; - - unsigned mHasPendingInterrupt : 1; - unsigned mInterruptsEnabled : 1; -diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index 01613b8..fb19eba 100644 ---- a/layout/style/nsRuleNode.cpp -+++ b/layout/style/nsRuleNode.cpp -@@ -3387,14 +3387,15 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - - bool useDocumentFonts = - mPresContext->GetCachedBoolPref(kPresContext_UseDocumentFonts); -+ bool isXUL = PR_FALSE; - - // See if we are in the chrome - // We only need to know this to determine if we have to use the - // document fonts (overriding the useDocumentFonts flag). -- if (!useDocumentFonts && mPresContext->IsChrome()) { -+ if (mPresContext->IsChrome()) { - // if we are not using document fonts, but this is a XUL document, - // then we use the document fonts anyway -- useDocumentFonts = true; -+ isXUL = true; - } - - // Figure out if we are a generic font -@@ -3408,9 +3409,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - // generic? - nsFont::GetGenericID(font->mFont.name, &generic); - -+ mPresContext->AddFontAttempt(font->mFont); -+ - // If we aren't allowed to use document fonts, then we are only entitled - // to use the user's default variable-width font and fixed-width font -- if (!useDocumentFonts) { -+ if (!isXUL && (!useDocumentFonts || -+ mPresContext->FontAttemptCountReached(font->mFont) || -+ mPresContext->FontUseCountReached(font->mFont))) { - // Extract the generic from the specified font family... - nsAutoString genericName; - if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { -@@ -3446,6 +3451,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - font); - } - -+ if (font->mGenericID == kGenericFont_NONE) -+ mPresContext->AddFontUse(font->mFont); - COMPUTE_END_INHERITED(Font, font) - } - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch deleted file mode 100644 index 6f63876..0000000 --- a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch +++ /dev/null @@ -1,40 +0,0 @@ -From af43ed872bd64b623ea1d5b83926c4d06e8fcd7d Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Fri, 7 Sep 2012 16:18:26 -0700 -Subject: [PATCH 14/19] Provide an observer event to close persistent - connections - -We need to prevent linkability across "New Identity", which includes closing -keep-alive connections. ---- - netwerk/protocol/http/nsHttpHandler.cpp | 7 +++++++ - 1 files changed, 7 insertions(+), 0 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp -index 2f71837..b066140 100644 ---- a/netwerk/protocol/http/nsHttpHandler.cpp -+++ b/netwerk/protocol/http/nsHttpHandler.cpp -@@ -309,6 +309,7 @@ nsHttpHandler::Init() - mObserverService->AddObserver(this, "net:clear-active-logins", true); - mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); - mObserverService->AddObserver(this, "net:prune-dead-connections", true); -+ mObserverService->AddObserver(this, "net:prune-all-connections", true); - mObserverService->AddObserver(this, "net:failed-to-process-uri-content", true); - } - -@@ -1651,6 +1652,12 @@ nsHttpHandler::Observe(nsISupports *subject, - if (uri && mConnMgr) - mConnMgr->ReportFailedToProcess(uri); - } -+ else if (strcmp(topic, "net:prune-all-connections") == 0) { -+ if (mConnMgr) { -+ mConnMgr->ClosePersistentConnections(); -+ mConnMgr->PruneDeadConnections(); -+ } -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch b/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch deleted file mode 100644 index 2a6a9c5..0000000 --- a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch +++ /dev/null @@ -1,59 +0,0 @@ -From d14732e7069aa8c33733f067e1e706bd852e3aba Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:05:11 -0700 -Subject: [PATCH 15/19] Rebrand Firefox to TorBrowser - -This patch does some basic renaming of Firefox to TorBrowser. The rest of the -branding is done by images and icons. ---- - browser/branding/official/configure.sh | 2 +- - browser/branding/official/locales/en-US/brand.dtd | 6 +++--- - .../official/locales/en-US/brand.properties | 6 +++--- - 3 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/browser/branding/official/configure.sh b/browser/branding/official/configure.sh -index 55f3f18..33102b0 100644 ---- a/browser/branding/official/configure.sh -+++ b/browser/branding/official/configure.sh -@@ -2,5 +2,5 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --MOZ_APP_DISPLAYNAME=Firefox -+MOZ_APP_DISPLAYNAME=TorBrowser - MOZ_UA_BUILDID=20100101 -diff --git a/browser/branding/official/locales/en-US/brand.dtd b/browser/branding/official/locales/en-US/brand.dtd -index 8e7f6c9..76e405d 100644 ---- a/browser/branding/official/locales/en-US/brand.dtd -+++ b/browser/branding/official/locales/en-US/brand.dtd -@@ -2,7 +2,7 @@ - - License, v. 2.0. If a copy of the MPL was not distributed with this - - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - --<!ENTITY brandShortName "Firefox"> --<!ENTITY brandFullName "Mozilla Firefox"> --<!ENTITY vendorShortName "Mozilla"> -+<!ENTITY brandShortName "TorBrowser"> -+<!ENTITY brandFullName "Tor Browser"> -+<!ENTITY vendorShortName "Tor Project"> - <!ENTITY trademarkInfo.part1 "Firefox and the Firefox logos are trademarks of the Mozilla Foundation."> -diff --git a/browser/branding/official/locales/en-US/brand.properties b/browser/branding/official/locales/en-US/brand.properties -index 4a67c55..9ae168e 100644 ---- a/browser/branding/official/locales/en-US/brand.properties -+++ b/browser/branding/official/locales/en-US/brand.properties -@@ -2,9 +2,9 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --brandShortName=Firefox --brandFullName=Mozilla Firefox --vendorShortName=Mozilla -+brandShortName=TorBrowser -+brandFullName=Tor Browser -+vendorShortName=Tor Project - - homePageSingleStartMain=Firefox Start, a fast home page with built-in search - homePageImport=Import your home page from %S --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch b/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch deleted file mode 100644 index 3c0367d..0000000 --- a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch +++ /dev/null @@ -1,133 +0,0 @@ -From 727bc1103bc663e1bc2a25bb4fb8e9c9fb31763b Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:07:37 -0700 -Subject: [PATCH 16/19] Prevent WebSocket DNS leak. - -This is due to an improper implementation of the WebSocket spec by Mozilla. - -"There MUST be no more than one connection in a CONNECTING state. If multiple -connections to the same IP address are attempted simultaneously, the client -MUST serialize them so that there is no more than one connection at a time -running through the following steps. - -If the client cannot determine the IP address of the remote host (for -example, because all communication is being done through a proxy server that -performs DNS queries itself), then the client MUST assume for the purposes of -this step that each host name refers to a distinct remote host," - -https://tools.ietf.org/html/rfc6455#page-15 - -They implmented the first paragraph, but not the second... - -While we're at it, we also prevent the DNS service from being used to look up -anything other than IP addresses if socks_remote_dns is set to true, so this -bug can't turn up in other components or due to 3rd party addons. ---- - netwerk/dns/nsDNSService2.cpp | 24 ++++++++++++++++++++++- - netwerk/dns/nsDNSService2.h | 1 + - netwerk/protocol/websocket/WebSocketChannel.cpp | 8 +++++- - 3 files changed, 30 insertions(+), 3 deletions(-) - -diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp -index a59b6e3..d54ebf3 100644 ---- a/netwerk/dns/nsDNSService2.cpp -+++ b/netwerk/dns/nsDNSService2.cpp -@@ -373,6 +373,7 @@ nsDNSService::Init() - bool enableIDN = true; - bool disableIPv6 = false; - bool disablePrefetch = false; -+ bool disableDNS = false; - int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT; - - nsAdoptingCString ipv4OnlyDomains; -@@ -398,6 +399,10 @@ nsDNSService::Init() - - // If a manual proxy is in use, disable prefetch implicitly - prefs->GetIntPref("network.proxy.type", &proxyType); -+ -+ // If the user wants remote DNS, we should fail any lookups that still -+ // make it here. -+ prefs->GetBoolPref("network.proxy.socks_remote_dns", &disableDNS); - } - - if (mFirstTime) { -@@ -418,7 +423,7 @@ nsDNSService::Init() - - // Monitor these to see if there is a change in proxy configuration - // If a manual proxy is in use, disable prefetch implicitly -- prefs->AddObserver("network.proxy.type", this, false); -+ prefs->AddObserver("network.proxy.", this, false); - } - } - -@@ -447,6 +452,7 @@ nsDNSService::Init() - mIDN = idn; - mIPv4OnlyDomains = ipv4OnlyDomains; // exchanges buffer ownership - mDisableIPv6 = disableIPv6; -+ mDisableDNS = disableDNS; - - // Disable prefetching either by explicit preference or if a manual proxy is configured - mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL); -@@ -572,6 +578,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, - if (mDisablePrefetch && (flags & RESOLVE_SPECULATE)) - return NS_ERROR_DNS_LOOKUP_QUEUE_FULL; - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - res = mResolver; - idn = mIDN; - localDomain = mLocalDomains.GetEntry(hostname); -@@ -668,6 +682,14 @@ nsDNSService::Resolve(const nsACString &hostname, - } - NS_ENSURE_TRUE(res, NS_ERROR_OFFLINE); - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - const nsACString *hostPtr = &hostname; - - if (localDomain) { -diff --git a/netwerk/dns/nsDNSService2.h b/netwerk/dns/nsDNSService2.h -index b60572c..3cf00e9 100644 ---- a/netwerk/dns/nsDNSService2.h -+++ b/netwerk/dns/nsDNSService2.h -@@ -40,5 +40,6 @@ private: - bool mDisableIPv6; - bool mDisablePrefetch; - bool mFirstTime; -+ bool mDisableDNS; - nsTHashtable<nsCStringHashKey> mLocalDomains; - }; -diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp -index a87e1e0..4bee667 100644 ---- a/netwerk/protocol/websocket/WebSocketChannel.cpp -+++ b/netwerk/protocol/websocket/WebSocketChannel.cpp -@@ -1897,8 +1897,12 @@ WebSocketChannel::ApplyForAdmission() - LOG(("WebSocketChannel::ApplyForAdmission: checking for concurrent open\n")); - nsCOMPtr<nsIThread> mainThread; - NS_GetMainThread(getter_AddRefs(mainThread)); -- dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -- NS_ENSURE_SUCCESS(rv, rv); -+ rv = dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -+ if (NS_FAILED(rv)) { -+ // Fall back to hostname on dispatch failure -+ mDNSRequest = nsnull; -+ OnLookupComplete(nsnull, nsnull, rv); -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch b/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch deleted file mode 100644 index 76330a3..0000000 --- a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch +++ /dev/null @@ -1,151 +0,0 @@ -From c5b94226e50a5502ef7902e2d05874f36d678769 Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:08:27 -0700 -Subject: [PATCH 17/19] Randomize HTTP request order and pipeline depth. - -This is an experimental defense against -http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf - -See: -https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting - -This defense has been improved since that blog post to additionally randomize -the order and concurrency of non-pipelined HTTP requests. - -This patch is also different from the 10.x ESR patch, as the pipelining -code has changed. We may want to set network.http.pipelining.aggressive to get -similar behavior... - -The good news is we now randomize SPDY request order as well as pipeline -request order (though SPDY is still disabled by default in TBB). ---- - netwerk/protocol/http/nsHttpConnectionMgr.cpp | 58 +++++++++++++++++++++++-- - netwerk/protocol/http/nsHttpConnectionMgr.h | 3 + - 2 files changed, 57 insertions(+), 4 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -index 0bfaf3b..d565532 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -@@ -20,6 +20,8 @@ - #include "prnetdb.h" - #include "mozilla/Telemetry.h" - -+#include <stdlib.h> -+ - using namespace mozilla; - using namespace mozilla::net; - -@@ -39,15 +41,39 @@ InsertTransactionSorted(nsTArray<nsHttpTransaction*> &pendingQ, nsHttpTransactio - // insert into queue with smallest valued number first. search in reverse - // order under the assumption that many of the existing transactions will - // have the same priority (usually 0). -+ PRInt32 begin = 0, end = -1; -+ -+ if (pendingQ.IsEmpty()) { -+ pendingQ.InsertElementAt(0, trans); -+ return; -+ } - - for (PRInt32 i=pendingQ.Length()-1; i>=0; --i) { - nsHttpTransaction *t = pendingQ[i]; -- if (trans->Priority() >= t->Priority()) { -- pendingQ.InsertElementAt(i+1, trans); -- return; -+ if (end == -1 && trans->Priority() >= t->Priority()) { -+ end = i+1; -+ } else if (trans->Priority() < t->Priority()) { -+ begin = i+1; -+ break; - } - } -- pendingQ.InsertElementAt(0, trans); -+ -+ if (end == -1) { -+ pendingQ.AppendElement(trans); -+ return; -+ } -+ -+ // Choose random destination begin..end -+ PRInt32 count = 1+end - begin; -+ -+ if (count == 0) count = 1; // shouldn't happen... -+ -+ // FIXME: rand() is not crypto-secure.. but meh, this code will probably -+ // change like 2 dozen more times before merge, and rand() is probably -+ // good enough for our purposes anyways. -+ pendingQ.InsertElementAt(begin + (rand()%count), trans); -+ -+ // XXX Verify length, ordering inside a DEBUG ifdef?? - } - - //----------------------------------------------------------------------------- -@@ -70,6 +96,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() - mCT.Init(); - mAlternateProtocolHash.Init(16); - mSpdyPreferredHash.Init(); -+ -+ nsresult rv; -+ mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv); -+ if (NS_FAILED(rv)) { -+ mRandomGenerator = nsnull; -+ } - } - - nsHttpConnectionMgr::~nsHttpConnectionMgr() -@@ -1141,6 +1173,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap - maxPersistConns = mMaxPersistConnsPerHost; - } - -+ // Fuzz maxConns for website fingerprinting attack -+ // We create a range of maxConns/5 up to 6*maxConns/5 -+ // because this function is called repeatedly, and we'll -+ // end up converging on the high side of concurrent connections -+ // after a short while. -+ PRUint8 *bytes = nsnull; -+ nsresult rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); -+ NS_ENSURE_SUCCESS(rv, rv); -+ -+ bytes[0] = bytes[0] % (maxConns + 1); -+ maxConns = (maxConns/5) + bytes[0]; -+ NS_Free(bytes); -+ - // use >= just to be safe - bool result = (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) && - (persistCount >= maxPersistConns) ); -@@ -1307,6 +1352,11 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent, - - maxdepth = PR_MIN(maxdepth, depthLimit); - -+ if (maxdepth/2 > 1) { -+ // This is a crazy hack to randomize pipeline depth a bit more.. -+ maxdepth = 1 + maxdepth/2 + (rand() % (maxdepth/2)); -+ } -+ - if (maxdepth < 2) - return false; - -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h -index 9e65da0..07c93b1 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.h -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h -@@ -22,6 +22,7 @@ - #include "nsIObserver.h" - #include "nsITimer.h" - #include "nsIX509Cert3.h" -+#include "nsIRandomGenerator.h" - - class nsHttpPipeline; - -@@ -579,6 +580,8 @@ private: - PRUint64 mTimeOfNextWakeUp; - // Timer for next pruning of dead connections. - nsCOMPtr<nsITimer> mTimer; -+ // Random number generator for reordering HTTP pipeline -+ nsCOMPtr<nsIRandomGenerator> mRandomGenerator; - - // A 1s tick to call nsHttpConnection::ReadTimeoutTick on - // active http/1 connections. Disabled when there are no --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch b/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch deleted file mode 100644 index 109574a..0000000 --- a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch +++ /dev/null @@ -1,545 +0,0 @@ -From d705e4bb2b7efd4166d46d6fcb3183212902707c Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:22:32 -0700 -Subject: [PATCH 18/19] Adapt Steven Michaud's Mac crashfix patch - -Source is: https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35 - -Some minor tweaks were needed to get it to apply and to compile on -MacOS. ---- - widget/Makefile.in | 1 + - widget/cocoa/nsChildView.mm | 28 +++++++++++------ - widget/gtk2/nsDragService.cpp | 9 +++-- - widget/nsIDragService.idl | 4 +-- - widget/nsPIDragService.idl | 48 +++++++++++++++++++++++++++++ - widget/qt/nsDragService.h | 2 + - widget/windows/Makefile.in | 4 ++ - widget/windows/nsDragService.cpp | 13 +++++--- - widget/windows/nsDragService.h | 12 +++--- - widget/windows/nsNativeDragSource.cpp | 7 ++-- - widget/windows/nsNativeDragTarget.cpp | 28 ++++++++++------ - widget/windows/nsPIDragServiceWindows.idl | 46 +++++++++++++++++++++++++++ - widget/xpwidgets/nsBaseDragService.cpp | 16 +++++++++- - widget/xpwidgets/nsBaseDragService.h | 9 ++--- - 14 files changed, 179 insertions(+), 48 deletions(-) - create mode 100644 widget/nsPIDragService.idl - create mode 100644 widget/windows/nsPIDragServiceWindows.idl - -diff --git a/widget/Makefile.in b/widget/Makefile.in -index f1df966..eb6eec2 100644 ---- a/widget/Makefile.in -+++ b/widget/Makefile.in -@@ -105,6 +105,7 @@ XPIDLSRCS = \ - nsIClipboardDragDropHooks.idl \ - nsIClipboardDragDropHookList.idl \ - nsIDragSession.idl \ -+ nsPIDragService.idl \ - nsIDragService.idl \ - nsIFormatConverter.idl \ - nsIClipboard.idl \ -diff --git a/widget/cocoa/nsChildView.mm b/widget/cocoa/nsChildView.mm -index 9cbc1e3..92b93cb 100644 ---- a/widget/cocoa/nsChildView.mm -+++ b/widget/cocoa/nsChildView.mm -@@ -4513,11 +4513,12 @@ NSEvent* gLastDragMouseDownEvent = nil; - if (!dragService) { - dragService = do_GetService(kDragServiceContractID); - } -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); - - if (dragService) { - NSPoint pnt = [NSEvent mouseLocation]; - FlipCocoaScreenCoordinate(pnt); -- dragService->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ dragServicePriv->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); - } - } - -@@ -4538,11 +4539,13 @@ NSEvent* gLastDragMouseDownEvent = nil; - } - - if (mDragService) { -- // set the dragend point from the current mouse location -- nsDragService* dragService = static_cast<nsDragService *>(mDragService); -- NSPoint pnt = [NSEvent mouseLocation]; -- FlipCocoaScreenCoordinate(pnt); -- dragService->SetDragEndPoint(nsIntPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y))); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ // set the dragend point from the current mouse location -+ NSPoint pnt = [NSEvent mouseLocation]; -+ FlipCocoaScreenCoordinate(pnt); -+ dragServicePriv->SetDragEndPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ } - - // XXX: dropEffect should be updated per |operation|. - // As things stand though, |operation| isn't well handled within "our" -@@ -4553,10 +4556,15 @@ NSEvent* gLastDragMouseDownEvent = nil; - // value for NSDragOperationGeneric that is passed by other applications. - // All that said, NSDragOperationNone is still reliable. - if (operation == NSDragOperationNone) { -- nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -- dragService->GetDataTransfer(getter_AddRefs(dataTransfer)); -- if (dataTransfer) -- dataTransfer->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ nsCOMPtr<nsIDragSession> dragSession; -+ mDragService->GetCurrentSession(getter_AddRefs(dragSession)); -+ if (dragSession) { -+ nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -+ dragSession->GetDataTransfer(getter_AddRefs(dataTransfer)); -+ if (dataTransfer) { -+ dataTransfer->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ } -+ } - } - - mDragService->EndDragSession(true); -diff --git a/widget/gtk2/nsDragService.cpp b/widget/gtk2/nsDragService.cpp -index e0ff5d6..2c10c10 100644 ---- a/widget/gtk2/nsDragService.cpp -+++ b/widget/gtk2/nsDragService.cpp -@@ -239,8 +239,8 @@ OnSourceGrabEventAfter(GtkWidget *widget, GdkEvent *event, gpointer user_data) - // Update the cursor position. The last of these recorded gets used for - // the NS_DRAGDROP_END event. - nsDragService *dragService = static_cast<nsDragService*>(user_data); -- dragService->SetDragEndPoint(nsIntPoint(event->motion.x_root, -- event->motion.y_root)); -+ dragService->SetDragEndPoint(event->motion.x_root, -+ event->motion.y_root); - } else if (sMotionEvent && (event->type != GDK_KEY_PRESS || - event->type != GDK_KEY_RELEASE)) { - // Update modifier state from keypress events. -@@ -1348,7 +1348,7 @@ nsDragService::SourceEndDragSession(GdkDragContext *aContext, - GdkDisplay* display = gdk_display_get_default(); - if (display) { - gdk_display_get_pointer(display, NULL, &x, &y, NULL); -- SetDragEndPoint(nsIntPoint(x, y)); -+ SetDragEndPoint(x, y); - } - } - -@@ -1765,8 +1765,9 @@ nsDragService::ScheduleDropEvent(nsWindow *aWindow, - NS_WARNING("Additional drag drop ignored"); - return FALSE; - } -+ nsIntPoint pt = aWindowPoint + aWindow->WidgetToScreenOffset(); - -- SetDragEndPoint(aWindowPoint + aWindow->WidgetToScreenOffset()); -+ SetDragEndPoint(pt.x, pt.y); - - // We'll reply with gtk_drag_finish(). - return TRUE; -diff --git a/widget/nsIDragService.idl b/widget/nsIDragService.idl -index 196761e..c0565bb 100644 ---- a/widget/nsIDragService.idl -+++ b/widget/nsIDragService.idl -@@ -15,7 +15,7 @@ interface nsIDOMDragEvent; - interface nsIDOMDataTransfer; - interface nsISelection; - --[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052), builtinclass] -+[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052)] - interface nsIDragService : nsISupports - { - const long DRAGDROP_ACTION_NONE = 0; -@@ -112,8 +112,6 @@ interface nsIDragService : nsISupports - */ - void suppress(); - void unsuppress(); -- -- [noscript] void dragMoved(in long aX, in long aY); - }; - - -diff --git a/widget/nsPIDragService.idl b/widget/nsPIDragService.idl -new file mode 100644 -index 0000000..93a144d ---- /dev/null -+++ b/widget/nsPIDragService.idl -@@ -0,0 +1,48 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud <smichaud(a)pobox.com> -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(FAD8C90B-8E1D-446A-9B6C-241486A85CBD)] -+interface nsPIDragService : nsISupports -+{ -+ void dragMoved(in long aX, in long aY); -+ -+ PRUint16 getInputSource(); -+ -+ void setDragEndPoint(in long aX, in long aY); -+}; -diff --git a/widget/qt/nsDragService.h b/widget/qt/nsDragService.h -index 393be99..56d0312 100644 ---- a/widget/qt/nsDragService.h -+++ b/widget/qt/nsDragService.h -@@ -17,6 +17,8 @@ public: - NS_DECL_ISUPPORTS - NS_DECL_NSIDRAGSERVICE - -+ NS_IMETHOD DragMoved(PRInt32 aX, PRInt32 aY); -+ - nsDragService(); - - private: -diff --git a/widget/windows/Makefile.in b/widget/windows/Makefile.in -index 160c941..12f6dc7 100644 ---- a/widget/windows/Makefile.in -+++ b/widget/windows/Makefile.in -@@ -88,6 +88,10 @@ ifdef MOZ_ENABLE_D3D10_LAYER - DEFINES += -DMOZ_ENABLE_D3D10_LAYER - endif - -+XPIDLSRCS += \ -+ nsPIDragServiceWindows.idl \ -+ $(NULL) -+ - SHARED_LIBRARY_LIBS = \ - ../xpwidgets/$(LIB_PREFIX)xpwidgets_s.$(LIB_SUFFIX) \ - $(NULL) -diff --git a/widget/windows/nsDragService.cpp b/widget/windows/nsDragService.cpp -index efe8ce1..62e7d97 100644 ---- a/widget/windows/nsDragService.cpp -+++ b/widget/windows/nsDragService.cpp -@@ -60,6 +60,8 @@ nsDragService::~nsDragService() - NS_IF_RELEASE(mDataObject); - } - -+NS_IMPL_ISUPPORTS_INHERITED1(nsDragService, nsBaseDragService, nsPIDragServiceWindows) -+ - bool - nsDragService::CreateDragImage(nsIDOMNode *aDOMNode, - nsIScriptableRegion *aRegion, -@@ -305,7 +307,7 @@ nsDragService::StartInvokingDragSession(IDataObject * aDataObj, - POINT cpos; - cpos.x = GET_X_LPARAM(pos); - cpos.y = GET_Y_LPARAM(pos); -- SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ SetDragEndPoint(cpos.x, cpos.y); - EndDragSession(true); - - mDoingDrag = false; -@@ -423,25 +425,26 @@ nsDragService::GetData(nsITransferable * aTransferable, PRUint32 anItem) - - //--------------------------------------------------------- - NS_IMETHODIMP --nsDragService::SetIDataObject(IDataObject * aDataObj) -+nsDragService::SetIDataObject(nsISupports * aDataObj) - { -+ IDataObject *dataObj = (IDataObject*) aDataObj; - // When the native drag starts the DragService gets - // the IDataObject that is being dragged - NS_IF_RELEASE(mDataObject); -- mDataObject = aDataObj; -+ mDataObject = dataObj; - NS_IF_ADDREF(mDataObject); - - return NS_OK; - } - - //--------------------------------------------------------- --void -+NS_IMETHODIMP - nsDragService::SetDroppedLocal() - { - // Sent from the native drag handler, letting us know - // a drop occurred within the application vs. outside of it. - mSentLocalDropEvent = true; -- return; -+ return NS_OK; - } - - //------------------------------------------------------------------------- -diff --git a/widget/windows/nsDragService.h b/widget/windows/nsDragService.h -index 93b5480..bd2125b 100644 ---- a/widget/windows/nsDragService.h -+++ b/widget/windows/nsDragService.h -@@ -7,6 +7,7 @@ - #define nsDragService_h__ - - #include "nsBaseDragService.h" -+#include "nsPIDragServiceWindows.h" - #include <windows.h> - #include <shlobj.h> - -@@ -20,12 +21,15 @@ class nsString; - * Native Win32 DragService wrapper - */ - --class nsDragService : public nsBaseDragService -+class nsDragService : public nsBaseDragService, public nsPIDragServiceWindows - { - public: - nsDragService(); - virtual ~nsDragService(); -- -+ -+ NS_DECL_ISUPPORTS_INHERITED -+ NS_DECL_NSPIDRAGSERVICEWINDOWS -+ - // nsIDragService - NS_IMETHOD InvokeDragSession(nsIDOMNode *aDOMNode, - nsISupportsArray *anArrayTransferables, -@@ -39,13 +43,9 @@ public: - NS_IMETHOD EndDragSession(bool aDoneDrag); - - // native impl. -- NS_IMETHOD SetIDataObject(IDataObject * aDataObj); - NS_IMETHOD StartInvokingDragSession(IDataObject * aDataObj, - PRUint32 aActionType); - -- // A drop occurred within the application vs. outside of it. -- void SetDroppedLocal(); -- - protected: - nsDataObjCollection* GetDataObjCollection(IDataObject * aDataObj); - -diff --git a/widget/windows/nsNativeDragSource.cpp b/widget/windows/nsNativeDragSource.cpp -index e981ff9..e34613f 100644 ---- a/widget/windows/nsNativeDragSource.cpp -+++ b/widget/windows/nsNativeDragSource.cpp -@@ -10,7 +10,7 @@ - #include "nsIServiceManager.h" - #include "nsToolkit.h" - #include "nsWidgetsCID.h" --#include "nsIDragService.h" -+#include "nsDragService.h" - - static NS_DEFINE_IID(kCDragServiceCID, NS_DRAGSERVICE_CID); - -@@ -69,9 +69,10 @@ STDMETHODIMP - nsNativeDragSource::QueryContinueDrag(BOOL fEsc, DWORD grfKeyState) - { - nsCOMPtr<nsIDragService> dragService = do_GetService(kCDragServiceCID); -- if (dragService) { -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); -+ if (dragServicePriv) { - DWORD pos = ::GetMessagePos(); -- dragService->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); -+ dragServicePriv->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); - } - - if (fEsc) { -diff --git a/widget/windows/nsNativeDragTarget.cpp b/widget/windows/nsNativeDragTarget.cpp -index da1cd1f..96303c3 100644 ---- a/widget/windows/nsNativeDragTarget.cpp -+++ b/widget/windows/nsNativeDragTarget.cpp -@@ -172,7 +172,11 @@ nsNativeDragTarget::DispatchDragDropEvent(PRUint32 aEventType, POINTL aPT) - nsModifierKeyState modifierKeyState; - modifierKeyState.InitInputEvent(event); - -- event.inputSource = static_cast<nsBaseDragService*>(mDragService)->GetInputSource(); -+ event.inputSource = 0; -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ dragServicePriv->GetInputSource(&event.inputSource); -+ } - - mWindow->DispatchEvent(&event, status); - } -@@ -259,9 +263,8 @@ nsNativeDragTarget::DragEnter(LPDATAOBJECT pIDataSource, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService. It should be a private interface, though. -- nsDragService * winDragService = -- static_cast<nsDragService *>(mDragService); -- winDragService->SetIDataObject(pIDataSource); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pIDataSource); - - // Now process the native drag state and then dispatch the event - ProcessDrag(NS_DRAGDROP_ENTER, grfKeyState, ptl, pdwEffect); -@@ -399,8 +402,8 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService (but it should still be a private interface) -- nsDragService* winDragService = static_cast<nsDragService*>(mDragService); -- winDragService->SetIDataObject(pData); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pData); - - // NOTE: ProcessDrag spins the event loop which may destroy arbitrary objects. - // We use strong refs to prevent it from destroying these: -@@ -424,11 +427,14 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // tell the drag service we're done with the session - // Use GetMessagePos to get the position of the mouse at the last message - // seen by the event loop. (Bug 489729) -- DWORD pos = ::GetMessagePos(); -- POINT cpos; -- cpos.x = GET_X_LPARAM(pos); -- cpos.y = GET_Y_LPARAM(pos); -- winDragService->SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ DWORD pos = ::GetMessagePos(); -+ POINT cpos; -+ cpos.x = GET_X_LPARAM(pos); -+ cpos.y = GET_Y_LPARAM(pos); -+ dragServicePriv->SetDragEndPoint(cpos.x, cpos.y); -+ } - serv->EndDragSession(true); - - // release the ref that was taken in DragEnter -diff --git a/widget/windows/nsPIDragServiceWindows.idl b/widget/windows/nsPIDragServiceWindows.idl -new file mode 100644 -index 0000000..c8a46dd ---- /dev/null -+++ b/widget/windows/nsPIDragServiceWindows.idl -@@ -0,0 +1,46 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud <smichaud(a)pobox.com> -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(6FC2117D-5EB4-441A-9C12-62A783BEBC0C)] -+interface nsPIDragServiceWindows : nsISupports -+{ -+ void setIDataObject(in nsISupports aDataObj); -+ -+ void setDroppedLocal(); -+}; -diff --git a/widget/xpwidgets/nsBaseDragService.cpp b/widget/xpwidgets/nsBaseDragService.cpp -index 1b2ef0d..627ebd2 100644 ---- a/widget/xpwidgets/nsBaseDragService.cpp -+++ b/widget/xpwidgets/nsBaseDragService.cpp -@@ -55,7 +55,7 @@ nsBaseDragService::~nsBaseDragService() - { - } - --NS_IMPL_ISUPPORTS2(nsBaseDragService, nsIDragService, nsIDragSession) -+NS_IMPL_ISUPPORTS3(nsBaseDragService, nsIDragService, nsPIDragService, nsIDragSession) - - //--------------------------------------------------------- - NS_IMETHODIMP -@@ -403,6 +403,20 @@ nsBaseDragService::DragMoved(PRInt32 aX, PRInt32 aY) - return NS_OK; - } - -+NS_IMETHODIMP -+nsBaseDragService::SetDragEndPoint(PRInt32 aX, PRInt32 aY) -+{ -+ mEndDragPoint = nsIntPoint(aX, aY); -+ return NS_OK; -+} -+ -+NS_IMETHODIMP -+nsBaseDragService::GetInputSource(PRUint16* aInputSource) -+{ -+ *aInputSource = mInputSource; -+ return NS_OK; -+} -+ - static nsIPresShell* - GetPresShellForContent(nsIDOMNode* aDOMNode) - { -diff --git a/widget/xpwidgets/nsBaseDragService.h b/widget/xpwidgets/nsBaseDragService.h -index 006747f..d825b53 100644 ---- a/widget/xpwidgets/nsBaseDragService.h -+++ b/widget/xpwidgets/nsBaseDragService.h -@@ -7,6 +7,7 @@ - #define nsBaseDragService_h__ - - #include "nsIDragService.h" -+#include "nsPIDragService.h" - #include "nsIDragSession.h" - #include "nsITransferable.h" - #include "nsISupportsArray.h" -@@ -32,6 +33,7 @@ class nsICanvasElementExternal; - */ - - class nsBaseDragService : public nsIDragService, -+ public nsPIDragService, - public nsIDragSession - { - -@@ -42,14 +44,11 @@ public: - //nsISupports - NS_DECL_ISUPPORTS - -- //nsIDragSession and nsIDragService -+ //nsIDragSession, nsIDragService and nsPIDragService - NS_DECL_NSIDRAGSERVICE -+ NS_DECL_NSPIDRAGSERVICE - NS_DECL_NSIDRAGSESSION - -- void SetDragEndPoint(nsIntPoint aEndDragPoint) { mEndDragPoint = aEndDragPoint; } -- -- PRUint16 GetInputSource() { return mInputSource; } -- - protected: - - /** --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch b/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch deleted file mode 100644 index 7f8ac2d..0000000 --- a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch +++ /dev/null @@ -1,345 +0,0 @@ -From b5d6491427d18bbae057a2974ea80421163fbc0a Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:30:22 -0700 -Subject: [PATCH 19/19] Add a redirect API for HTTPS-Everywhere. - ---- - netwerk/protocol/http/HttpChannelChild.cpp | 15 ++++- - netwerk/protocol/http/HttpChannelChild.h | 4 + - netwerk/protocol/http/HttpChannelParent.cpp | 4 + - netwerk/protocol/http/HttpChannelParent.h | 1 + - netwerk/protocol/http/PHttpChannel.ipdl | 1 + - netwerk/protocol/http/nsHttpChannel.cpp | 67 +++++++++++++++++--- - netwerk/protocol/http/nsHttpChannel.h | 12 +++- - netwerk/protocol/http/nsIHttpChannel.idl | 12 ++++ - .../protocol/viewsource/nsViewSourceChannel.cpp | 13 ++++- - 9 files changed, 117 insertions(+), 12 deletions(-) - -diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp -index cc88184..c26c8f4 100644 ---- a/netwerk/protocol/http/HttpChannelChild.cpp -+++ b/netwerk/protocol/http/HttpChannelChild.cpp -@@ -1035,7 +1035,8 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) - gNeckoChild->SendPHttpChannelConstructor(this, tabChild); - - SendAsyncOpen(IPC::URI(mURI), IPC::URI(mOriginalURI), -- IPC::URI(mDocumentURI), IPC::URI(mReferrer), mLoadFlags, -+ IPC::URI(mDocumentURI), IPC::URI(mReferrer), -+ IPC::URI(mInternalRedirectURI), mLoadFlags, - mClientSetRequestHeaders, mRequestHead.Method(), - IPC::InputStream(mUploadStream), mUploadStreamHasHeaders, - mPriority, mRedirectionLimit, mAllowPipelining, -@@ -1079,6 +1080,18 @@ HttpChannelChild::SetupFallbackChannel(const char *aFallbackKey) - DROP_DEAD(); - } - -+NS_IMETHODIMP -+HttpChannelChild::RedirectTo(nsIURI *uri) -+{ -+ // We can only redirect unopened channels -+ NS_ENSURE_TRUE(!mIPCOpen, NS_ERROR_ALREADY_OPENED); -+ -+ // The redirect is stored internally for use in AsyncOpen -+ mInternalRedirectURI = uri; -+ -+ return NS_OK; -+} -+ - // The next four _should_ be implemented, but we need to figure out how - // to transfer the data from the chrome process first. - -diff --git a/netwerk/protocol/http/HttpChannelChild.h b/netwerk/protocol/http/HttpChannelChild.h -index 6b699c7..b29a4a7 100644 ---- a/netwerk/protocol/http/HttpChannelChild.h -+++ b/netwerk/protocol/http/HttpChannelChild.h -@@ -75,6 +75,9 @@ public: - NS_IMETHOD GetLocalPort(PRInt32* port); - NS_IMETHOD GetRemoteAddress(nsACString& addr); - NS_IMETHOD GetRemotePort(PRInt32* port); -+ -+ NS_IMETHOD RedirectTo(nsIURI *uri); -+ - // nsISupportsPriority - NS_IMETHOD SetPriority(PRInt32 value); - // nsIResumableChannel -@@ -125,6 +128,7 @@ private: - RequestHeaderTuples mClientSetRequestHeaders; - nsCOMPtr<nsIChildChannel> mRedirectChannelChild; - nsCOMPtr<nsISupports> mSecurityInfo; -+ nsCOMPtr<nsIURI> mInternalRedirectURI; - - bool mIsFromCache; - bool mCacheEntryAvailable; -diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp -index 8f95076..22f3bba 100644 ---- a/netwerk/protocol/http/HttpChannelParent.cpp -+++ b/netwerk/protocol/http/HttpChannelParent.cpp -@@ -97,6 +97,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - const IPC::URI& aOriginalURI, - const IPC::URI& aDocURI, - const IPC::URI& aReferrerURI, -+ const IPC::URI& aInternalRedirectURI, - const PRUint32& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -@@ -117,6 +118,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - nsCOMPtr<nsIURI> originalUri(aOriginalURI); - nsCOMPtr<nsIURI> docUri(aDocURI); - nsCOMPtr<nsIURI> referrerUri(aReferrerURI); -+ nsCOMPtr<nsIURI> internalRedirectUri(aInternalRedirectURI); - - nsCString uriSpec; - uri->GetSpec(uriSpec); -@@ -144,6 +146,8 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - httpChan->SetDocumentURI(docUri); - if (referrerUri) - httpChan->SetReferrerInternal(referrerUri); -+ if (internalRedirectUri) -+ httpChan->SetInternalRedirectURI(internalRedirectUri); - if (loadFlags != nsIRequest::LOAD_NORMAL) - httpChan->SetLoadFlags(loadFlags); - -diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h -index 9650aa9..2ac7e81 100644 ---- a/netwerk/protocol/http/HttpChannelParent.h -+++ b/netwerk/protocol/http/HttpChannelParent.h -@@ -49,6 +49,7 @@ protected: - const IPC::URI& originalUri, - const IPC::URI& docUri, - const IPC::URI& referrerUri, -+ const IPC::URI& internalRedirectUri, - const PRUint32& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl -index 10af59f..6053541 100644 ---- a/netwerk/protocol/http/PHttpChannel.ipdl -+++ b/netwerk/protocol/http/PHttpChannel.ipdl -@@ -35,6 +35,7 @@ parent: - URI original, - URI doc, - URI referrer, -+ URI internalRedirect, - PRUint32 loadFlags, - RequestHeaderTuples requestHeaders, - nsHttpAtom requestMethod, -diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 9c10e3a..57afae4 100644 ---- a/netwerk/protocol/http/nsHttpChannel.cpp -+++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -1396,18 +1396,17 @@ nsHttpChannel::HandleAsyncRedirectChannelToHttps() - return; - } - -- nsresult rv = AsyncRedirectChannelToHttps(); -+ nsresult rv = InternalRedirectChannelToHttps(); - if (NS_FAILED(rv)) -- ContinueAsyncRedirectChannelToHttps(rv); -+ ContinueInternalRedirectChannelToURI(rv); - } - - nsresult --nsHttpChannel::AsyncRedirectChannelToHttps() -+nsHttpChannel::InternalRedirectChannelToHttps() - { - nsresult rv = NS_OK; - LOG(("nsHttpChannel::HandleAsyncRedirectChannelToHttps() [STS]\n")); - -- nsCOMPtr<nsIChannel> newChannel; - nsCOMPtr<nsIURI> upgradedURI; - - rv = mURI->Clone(getter_AddRefs(upgradedURI)); -@@ -1429,6 +1428,48 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - else - upgradedURI->SetPort(oldPort); - -+ return InternalRedirectChannelToURI(upgradedURI); -+} -+ -+NS_IMETHODIMP -+nsHttpChannel::RedirectTo(nsIURI *newURI) -+{ -+ // We can only redirect unopened channels -+ NS_ENSURE_TRUE(!mWasOpened, NS_ERROR_ALREADY_OPENED); -+ -+ // The redirect is stored internally for use in AsyncOpen -+ mInternalRedirectURI = newURI; -+ -+ return NS_OK; -+} -+ -+void -+nsHttpChannel::HandleAsyncInternalRedirect() -+{ -+ NS_PRECONDITION(!mCallOnResume, "How did that happen?"); -+ NS_PRECONDITION(mInternalRedirectURI, "How did that happen?"); -+ -+ if (mSuspendCount) { -+ LOG(("Waiting until resume to do async API redirect [this=%p]\n", this)); -+ mCallOnResume = &nsHttpChannel::HandleAsyncInternalRedirect; -+ return; -+ } -+ -+ nsresult rv = InternalRedirectChannelToURI(mInternalRedirectURI); -+ if (NS_FAILED(rv)) -+ ContinueInternalRedirectChannelToURI(rv); -+ -+ return; -+} -+ -+nsresult -+nsHttpChannel::InternalRedirectChannelToURI(nsIURI *upgradedURI) -+{ -+ nsresult rv = NS_OK; -+ LOG(("nsHttpChannel::InternalRedirectChannelToURI()\n")); -+ -+ nsCOMPtr<nsIChannel> newChannel; -+ - nsCOMPtr<nsIIOService> ioService; - rv = gHttpHandler->GetIOService(getter_AddRefs(ioService)); - NS_ENSURE_SUCCESS(rv, rv); -@@ -1444,7 +1485,7 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - PRUint32 flags = nsIChannelEventSink::REDIRECT_PERMANENT; - - PushRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueInternalRedirectChannelToURI); - rv = gHttpHandler->AsyncOnChannelRedirect(this, newChannel, flags); - - if (NS_SUCCEEDED(rv)) -@@ -1453,14 +1494,18 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - if (NS_FAILED(rv)) { - AutoRedirectVetoNotifier notifier(this); - PopRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueInternalRedirectChannelToURI); -+ -+ // If we've failed so far, cancel the current channel, too, -+ // as both HSTS and the redirectTo codepaths prefer -+ // request failure to insecurity. -+ Cancel(rv); - } - - return rv; - } -- - nsresult --nsHttpChannel::ContinueAsyncRedirectChannelToHttps(nsresult rv) -+nsHttpChannel::ContinueInternalRedirectChannelToURI(nsresult rv) - { - AutoRedirectVetoNotifier notifier(this); - -@@ -3905,6 +3950,12 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) - if (mLoadGroup) - mLoadGroup->AddRequest(this, nsnull); - -+ // Check to see if we should redirect this channel elsewhere by -+ // nsIHttpChannel.redirectTo API request -+ if (mInternalRedirectURI) { -+ return AsyncCall(&nsHttpChannel::HandleAsyncInternalRedirect); -+ } -+ - // Collect mAsyncOpenTime after we have called all obsrevers like - // "http-on-modify-request" and load group observers that may set - // mTimingEnabled flag. -diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index 0382b1c..2c50507 100644 ---- a/netwerk/protocol/http/nsHttpChannel.h -+++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -103,6 +103,8 @@ public: - // nsIChannel - NS_IMETHOD GetSecurityInfo(nsISupports **aSecurityInfo); - NS_IMETHOD AsyncOpen(nsIStreamListener *listener, nsISupports *aContext); -+ // nsIHttpChannel -+ NS_IMETHOD RedirectTo(nsIURI *newURI); - // nsIHttpChannelInternal - NS_IMETHOD SetupFallbackChannel(const char *aFallbackKey); - // nsISupportsPriority -@@ -117,6 +119,9 @@ public: /* internal necko use only */ - void SetUploadStreamHasHeaders(bool hasHeaders) - { mUploadStreamHasHeaders = hasHeaders; } - -+ void SetInternalRedirectURI(nsIURI *redirectTo) -+ { mInternalRedirectURI = redirectTo; } -+ - nsresult SetReferrerInternal(nsIURI *referrer) { - nsCAutoString spec; - nsresult rv = referrer->GetAsciiSpec(spec); -@@ -173,11 +178,13 @@ private: - - // redirection specific methods - void HandleAsyncRedirect(); -+ void HandleAsyncInternalRedirect(); - nsresult ContinueHandleAsyncRedirect(nsresult); - void HandleAsyncNotModified(); - void HandleAsyncFallback(); - nsresult ContinueHandleAsyncFallback(nsresult); - nsresult PromptTempRedirect(); -+ nsresult InternalRedirectChannelToURI(nsIURI *); - virtual nsresult SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod); - - // proxy specific methods -@@ -237,8 +244,8 @@ private: - bool MustValidateBasedOnQueryUrl(); - - void HandleAsyncRedirectChannelToHttps(); -- nsresult AsyncRedirectChannelToHttps(); -- nsresult ContinueAsyncRedirectChannelToHttps(nsresult rv); -+ nsresult InternalRedirectChannelToHttps(); -+ nsresult ContinueInternalRedirectChannelToURI(nsresult rv); - - /** - * A function that takes care of reading STS headers and enforcing STS -@@ -310,6 +317,7 @@ private: - friend class AutoRedirectVetoNotifier; - friend class HttpAsyncAborter<nsHttpChannel>; - nsCOMPtr<nsIURI> mRedirectURI; -+ nsCOMPtr<nsIURI> mInternalRedirectURI; - nsCOMPtr<nsIChannel> mRedirectChannel; - PRUint32 mRedirectType; - -diff --git a/netwerk/protocol/http/nsIHttpChannel.idl b/netwerk/protocol/http/nsIHttpChannel.idl -index c541df1..2ee3cbc 100644 ---- a/netwerk/protocol/http/nsIHttpChannel.idl -+++ b/netwerk/protocol/http/nsIHttpChannel.idl -@@ -257,4 +257,16 @@ interface nsIHttpChannel : nsIChannel - * has been received (before onStartRequest). - */ - boolean isNoCacheResponse(); -+ -+ /** -+ * Instructs the channel to immediately redirect to a new destination. -+ * Can only be called on channels not yet opened. -+ * -+ * This method provides no explicit conflict resolution. The last -+ * caller to call it wins. -+ * -+ * @throws NS_ERROR_ALREADY_OPENED if called after the channel -+ * has been opened. -+ */ -+ void redirectTo(in nsIURI aNewURI); - }; -diff --git a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -index 8f6d159..d1ca639 100644 ---- a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -@@ -671,4 +671,15 @@ nsViewSourceChannel::IsNoCacheResponse(bool *_retval) - { - return !mHttpChannel ? NS_ERROR_NULL_POINTER : - mHttpChannel->IsNoCacheResponse(_retval); --} -+} -+ -+// XXX: Is this the right thing to do here? Or should we have -+// made an nsIHTTPChannelRedirect that only nsHttpChannel implements? -+// Also, will this mean that some ViewSource requests may be non-https? -+// Or will the mHttpChannel take care of that for us? -+NS_IMETHODIMP -+nsViewSourceChannel::RedirectTo(nsIURI *uri) -+{ -+ return NS_ERROR_NOT_IMPLEMENTED; -+} -+ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch b/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch deleted file mode 100644 index d7a24d9..0000000 --- a/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch +++ /dev/null @@ -1,148 +0,0 @@ -From e91ad38f3db238eebf2f1cae9383a6f317717bef Mon Sep 17 00:00:00 2001 -From: Mike Perry <mikeperry-git(a)torproject.org> -Date: Tue, 28 Aug 2012 18:35:33 -0700 -Subject: [PATCH 20/21] Add mozIThirdPartyUtil.getFirstPartyURI API - -API allows you to get the url bar URI for a channel or nsIDocument. ---- - content/base/src/ThirdPartyUtil.cpp | 52 ++++++++++++++++++++++++++++ - content/base/src/ThirdPartyUtil.h | 2 + - netwerk/base/public/mozIThirdPartyUtil.idl | 21 +++++++++++ - 3 files changed, 75 insertions(+), 0 deletions(-) - -diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp -index 97a000e..87ffc8a 100644 ---- a/content/base/src/ThirdPartyUtil.cpp -+++ b/content/base/src/ThirdPartyUtil.cpp -@@ -7,6 +7,9 @@ - #include "nsIServiceManager.h" - #include "nsIHttpChannelInternal.h" - #include "nsIDOMWindow.h" -+#include "nsICookiePermission.h" -+#include "nsIDOMDocument.h" -+#include "nsIDocument.h" - #include "nsILoadContext.h" - #include "nsIPrincipal.h" - #include "nsIScriptObjectPrincipal.h" -@@ -21,6 +24,7 @@ ThirdPartyUtil::Init() - - nsresult rv; - mTLDService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID, &rv); -+ mCookiePermissions = do_GetService(NS_COOKIEPERMISSION_CONTRACTID); - return rv; - } - -@@ -282,3 +286,51 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, - - return NS_OK; - } -+ -+NS_IMETHODIMP -+ThirdPartyUtil::GetFirstPartyURI(nsIChannel *aChannel, -+ nsIDocument *aDoc, -+ nsIURI **aOutput) -+{ -+ nsresult rv = NS_ERROR_NULL_POINTER; -+ -+ if (!aChannel && aDoc) { -+ aChannel = aDoc->GetChannel(); -+ } -+ -+ // If aChannel is specified or available, use the official route -+ // for sure -+ if (aChannel) { -+ rv = mCookiePermissions->GetOriginatingURI(aChannel, aOutput); -+ } -+ -+ // If the channel was missing, closed or broken, try the -+ // window hierarchy directly. -+ // -+ // This might fail to work for first-party loads themselves, but -+ // we don't need this codepath for that case. -+ if (NS_FAILED(rv) && aDoc) { -+ nsCOMPtr<nsIDOMWindow> top; -+ nsCOMPtr<nsIDOMDocument> topDDoc; -+ -+ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); -+ top->GetDocument(getter_AddRefs(topDDoc)); -+ -+ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); -+ *aOutput = topDoc->GetOriginalURI(); -+ -+ if (*aOutput) -+ rv = NS_OK; -+ } -+ -+ // TODO: We could provide a route through the loadgroup + notification -+ // callbacks too, but either channel or document was always available -+ // in the cases where this function was originally needed (the image cache). -+ // The notification callbacks also appear to suffers from the same limitation -+ // as the document path. See nsICookiePermissions.GetOriginatingURI() for -+ // details. -+ -+ return rv; -+} -+ -+ -diff --git a/content/base/src/ThirdPartyUtil.h b/content/base/src/ThirdPartyUtil.h -index 269069b..37c30e8 100644 ---- a/content/base/src/ThirdPartyUtil.h -+++ b/content/base/src/ThirdPartyUtil.h -@@ -9,6 +9,7 @@ - #include "nsString.h" - #include "mozIThirdPartyUtil.h" - #include "nsIEffectiveTLDService.h" -+#include "nsICookiePermission.h" - - class nsIURI; - class nsIChannel; -@@ -28,6 +29,7 @@ private: - static already_AddRefed<nsIURI> GetURIFromWindow(nsIDOMWindow* aWin); - - nsCOMPtr<nsIEffectiveTLDService> mTLDService; -+ nsCOMPtr<nsICookiePermission> mCookiePermissions; - }; - - #endif -diff --git a/netwerk/base/public/mozIThirdPartyUtil.idl b/netwerk/base/public/mozIThirdPartyUtil.idl -index 578d8db..1869d14 100644 ---- a/netwerk/base/public/mozIThirdPartyUtil.idl -+++ b/netwerk/base/public/mozIThirdPartyUtil.idl -@@ -7,6 +7,7 @@ - interface nsIURI; - interface nsIDOMWindow; - interface nsIChannel; -+interface nsIDocument; - - /** - * Utility functions for determining whether a given URI, channel, or window -@@ -140,6 +141,26 @@ interface mozIThirdPartyUtil : nsISupports - * @return the base domain. - */ - AUTF8String getBaseDomain(in nsIURI aHostURI); -+ -+ -+ /** -+ * getFirstPartyURI -+ * -+ * Obtain the top-level url bar URI for either a channel or a document. -+ * Either parameter may be null (but not both). -+ * -+ * @param aChannel -+ * An arbitrary channel for some content element of a first party -+ * load. Can be null. -+ * -+ * @param aDoc -+ * An arbitrary third party document. Can be null. -+ * -+ * @return the first party url bar URI for the load. -+ */ -+ nsIURI getFirstPartyURI(in nsIChannel aChannel, -+ in nsIDocument aDoc); -+ - }; - - %{ C++ --- -1.7.5.4 -

1 0

[torbrowser/master] Merge branch 'maint-2.2' into maint-2.3
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 9d2b5c639160349d6aa02cc28c7df58fcf1bcd16 Merge: 8ff89c0 f550eda Author: Erinn Clark <erinn(a)torproject.org> Date: Wed Oct 24 16:33:09 2012 +0100 Merge branch 'maint-2.2' into maint-2.3 build-scripts/config/prefs.js | 1 + 1 files changed, 1 insertions(+), 0 deletions(-)

1 0

[torbrowser/master] update recommended-versions
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 09ea4a73a71aa67f842bcdf845f1b7d9fc7ff4ff Author: Erinn Clark <erinn(a)torproject.org> Date: Wed Oct 24 16:34:03 2012 +0100 update recommended-versions --- build-scripts/recommended-versions | 18 +++++++++--------- 1 files changed, 9 insertions(+), 9 deletions(-) diff --git a/build-scripts/recommended-versions b/build-scripts/recommended-versions index c252fbb..a63051a 100644 --- a/build-scripts/recommended-versions +++ b/build-scripts/recommended-versions @@ -1,11 +1,11 @@ [ -"2.2.39-3-MacOS-i386", -"2.2.39-3-MacOS-x86_64", -"2.2.39-3-Windows", -"2.2.39-3-Linux-i686", -"2.2.39-3-Linux-x86_64", -"2.3.22-alpha-1-MacOS-i386", -"2.3.22-alpha-1-Windows", -"2.3.22-alpha-1-Linux-i386", -"2.3.22-alpha-1-Linux-x86_64" +"2.2.39-4-MacOS-i386", +"2.2.39-4-MacOS-x86_64", +"2.2.39-4-Windows", +"2.2.39-4-Linux-i686", +"2.2.39-4-Linux-x86_64", +"2.3.23-alpha-1-MacOS-i386", +"2.3.23-alpha-1-Windows", +"2.3.23-alpha-1-Linux-i386", +"2.3.23-alpha-1-Linux-x86_64" ]

1 0

[torbrowser/master] add stable firefox patches for alpha bundles
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 8ff89c09c4856a91cb2787af97c214bbaefe1cc7 Author: Erinn Clark <erinn(a)torproject.org> Date: Wed Oct 24 16:32:39 2012 +0100 add stable firefox patches for alpha bundles --- ...nents.interfaces-lookupMethod-from-conten.patch | 50 ++ ...0002-Make-Permissions-Manager-memory-only.patch | 94 ++++ ...-Make-Intermediate-Cert-Store-memory-only.patch | 43 ++ .../firefox/0004-Add-a-string-based-cacheKey.patch | 85 +++ .../0005-Block-all-plugins-except-flash.patch | 85 +++ ...ontent-pref-service-memory-only-clearable.patch | 37 ++ ...owser-exit-when-not-launched-from-Vidalia.patch | 46 ++ .../0008-Disable-SSL-Session-ID-tracking.patch | 28 + ...observer-event-to-close-persistent-connec.patch | 40 ++ ...ice-and-system-specific-CSS-Media-Queries.patch | 154 ++++++ ...11-Limit-the-number-of-fonts-per-document.patch | 228 ++++++++ .../0012-Rebrand-Firefox-to-TorBrowser.patch | 50 ++ .../0013-Make-Download-manager-memory-only.patch | 57 ++ .../0014-Add-DDG-and-StartPage-to-Omnibox.patch | 84 +++ ...-nsICacheService.EvictEntries-synchronous.patch | 44 ++ .../firefox/0016-Prevent-WebSocket-DNS-leak.patch | 132 +++++ ...ize-HTTP-request-order-and-pipeline-depth.patch | 251 +++++++++ ...th-headers-before-the-modify-request-obse.patch | 52 ++ ...Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch | 532 +++++++++++++++++++ ...d-mozIThirdPartyUtil.getFirstPartyURI-API.patch | 31 +- .../0021-Add-canvas-image-extraction-prompt.patch | 551 ++++++++++++++++++++ ...nt-window-coordinates-for-mouse-event-scr.patch | 43 ++ ...se-physical-screen-info.-via-window-and-w.patch | 312 +++++++++++ ...not-expose-system-colors-to-CSS-or-canvas.patch | 537 +++++++++++++++++++ 24 files changed, 3554 insertions(+), 12 deletions(-) diff --git a/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch new file mode 100644 index 0000000..1a82800 --- /dev/null +++ b/src/current-patches/firefox/0001-Block-Components.interfaces-lookupMethod-from-conten.patch @@ -0,0 +1,50 @@ +From 1c2ccbea73720db5405602e4033c69b706068a8b Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:40:40 -0800 +Subject: [PATCH 01/24] Block Components.interfaces,lookupMethod from content + +This patch removes the ability of content script to access +Components.interfaces.* as well as call or access Components.lookupMethod. + +These two interfaces seem to be exposed to content script only to make our +lives difficult. Components.lookupMethod can undo our JS hooks, and +Components.interfaces is useful for fingerprinting the platform, OS, and +Firebox version. + +They appear to have no other legitimate use. See also: +https://bugzilla.mozilla.org/show_bug.cgi?id=429070 +https://trac.torproject.org/projects/tor/ticket/2873 +https://trac.torproject.org/projects/tor/ticket/2874 +--- + js/xpconnect/src/XPCComponents.cpp | 8 ++++++-- + 1 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp +index 38bfe08..7224b9b 100644 +--- a/js/xpconnect/src/XPCComponents.cpp ++++ b/js/xpconnect/src/XPCComponents.cpp +@@ -4502,7 +4502,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) + NS_IMETHODIMP + nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval) + { +- static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; ++ // XXX: Pref observer? Also, is this what we want? Seems like a plan ++ //static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; ++ static const char* allowed[] = { "isSuccessCode", nsnull }; + *_retval = xpc_CheckAccessList(methodName, allowed); + return NS_OK; + } +@@ -4511,7 +4513,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c + NS_IMETHODIMP + nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) + { +- static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; ++ // XXX: Pref observer? Also, is this what we want? Seems like a plan ++ // static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; ++ static const char* allowed[] = { "results", nsnull}; + *_retval = xpc_CheckAccessList(propertyName, allowed); + return NS_OK; + } +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch new file mode 100644 index 0000000..fa23d93 --- /dev/null +++ b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch @@ -0,0 +1,94 @@ +From cd983b1b57b1f4ae10c8deec5aa12ec957fdc855 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:45:16 -0800 +Subject: [PATCH 02/24] Make Permissions Manager memory-only + +This patch exposes a pref 'permissions.memory_only' that properly isolates the +permissions manager to memory, which is responsible for all user specified +site permissions, as well as stored STS policy. + +The pref does successfully clear the permissions manager memory if toggled. It +does not need to be set in prefs.js, and can be handled by Torbutton. + +https://trac.torproject.org/projects/tor/ticket/2950 +--- + extensions/cookie/nsPermissionManager.cpp | 34 ++++++++++++++++++++++++++-- + 1 files changed, 31 insertions(+), 3 deletions(-) + +diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp +index 67eb216..12cc7cf 100644 +--- a/extensions/cookie/nsPermissionManager.cpp ++++ b/extensions/cookie/nsPermissionManager.cpp +@@ -58,6 +58,10 @@ + #include "mozStorageHelper.h" + #include "mozStorageCID.h" + #include "nsXULAppAPI.h" ++#include "nsCOMPtr.h" ++#include "nsIPrefService.h" ++#include "nsIPrefBranch.h" ++#include "nsIPrefBranch2.h" + + static nsPermissionManager *gPermissionManager = nsnull; + +@@ -203,6 +207,11 @@ nsPermissionManager::Init() + mObserverService->AddObserver(this, "profile-do-change", true); + } + ++ nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID); ++ if (pbi) { ++ pbi->AddObserver("permissions.", this, PR_FALSE); ++ } ++ + if (IsChildProcess()) { + // Get the permissions from the parent process + InfallibleTArray<IPC::Permission> perms; +@@ -251,8 +260,18 @@ nsPermissionManager::InitDB(bool aRemoveFile) + if (!storage) + return NS_ERROR_UNEXPECTED; + ++ bool memory_db = false; ++ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); ++ if (prefs) { ++ prefs->GetBoolPref("permissions.memory_only", &memory_db); ++ } ++ + // cache a connection to the hosts database +- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); ++ if (memory_db) { ++ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); ++ } else { ++ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); ++ } + NS_ENSURE_SUCCESS(rv, rv); + + bool ready; +@@ -262,7 +281,11 @@ nsPermissionManager::InitDB(bool aRemoveFile) + rv = permissionsFile->Remove(false); + NS_ENSURE_SUCCESS(rv, rv); + +- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); ++ if (memory_db) { ++ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); ++ } else { ++ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); ++ } + NS_ENSURE_SUCCESS(rv, rv); + + mDBConn->GetConnectionReady(&ready); +@@ -783,7 +806,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT + { + ENSURE_NOT_CHILD_PROCESS; + +- if (!nsCRT::strcmp(aTopic, "profile-before-change")) { ++ if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) { ++ if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("permissions.memory_only").get())) { ++ // XXX: Should we remove the file? Probably not.. ++ InitDB(PR_FALSE); ++ } ++ } else if (!nsCRT::strcmp(aTopic, "profile-before-change")) { + // The profile is about to change, + // or is going away because the application is shutting down. + if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) { +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch new file mode 100644 index 0000000..b10fb85 --- /dev/null +++ b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch @@ -0,0 +1,43 @@ +From f100a7979e1a44863a8a67a09743f0e17b5dd14e Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Fri, 19 Aug 2011 17:58:23 -0700 +Subject: [PATCH 03/24] Make Intermediate Cert Store memory-only. + +This patch makes the intermediate SSL cert store exist in memory only. + +The pref must be set before startup in prefs.js. +https://trac.torproject.org/projects/tor/ticket/2949 +--- + security/manager/ssl/src/nsNSSComponent.cpp | 15 ++++++++++++++- + 1 files changed, 14 insertions(+), 1 deletions(-) + +diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp +index a08c4ef..0ec3713 100644 +--- a/security/manager/ssl/src/nsNSSComponent.cpp ++++ b/security/manager/ssl/src/nsNSSComponent.cpp +@@ -1730,8 +1730,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) + // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as + // "/usr/lib/nss/libnssckbi.so". + PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; +- SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", ++ bool nocertdb = false; ++ mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb); ++ ++ // XXX: We can also do the the following to only disable the certdb. ++ // Leaving this codepath in as a fallback in case InitNODB fails ++ if (nocertdb) ++ init_flags |= NSS_INIT_NOCERTDB; ++ ++ SECStatus init_rv; ++ if (nocertdb) { ++ init_rv = ::NSS_NoDB_Init(NULL); ++ } else { ++ init_rv = ::NSS_Initialize(profileStr.get(), "", "", + SECMOD_DB, init_flags); ++ } + + if (init_rv != SECSuccess) { + PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch new file mode 100644 index 0000000..f3afa97 --- /dev/null +++ b/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch @@ -0,0 +1,85 @@ +From d674d09bc233d200b1ebc47f8e6ac4ebd6e4225a Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Fri, 2 Sep 2011 20:47:02 -0700 +Subject: [PATCH 04/24] Add a string-based cacheKey. + +Used for isolating cache according to same-origin policy. +--- + netwerk/base/public/nsICachingChannel.idl | 7 +++++++ + netwerk/protocol/http/nsHttpChannel.cpp | 22 ++++++++++++++++++++++ + netwerk/protocol/http/nsHttpChannel.h | 1 + + 3 files changed, 30 insertions(+), 0 deletions(-) + +diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl +index 2da46d6..4ee5774 100644 +--- a/netwerk/base/public/nsICachingChannel.idl ++++ b/netwerk/base/public/nsICachingChannel.idl +@@ -98,6 +98,13 @@ interface nsICachingChannel : nsICacheInfoChannel + attribute nsISupports cacheKey; + + /** ++ * Set/get the cache domain... uniquely identifies the data in the cache ++ * for this channel. Holding a reference to this key does NOT prevent ++ * the cached data from being removed. ++ */ ++ attribute AUTF8String cacheDomain; ++ ++ /** + * Specifies whether or not the data should be cached to a file. This + * may fail if the disk cache is not present. The value of this attribute + * is usually only settable during the processing of a channel's +diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp +index dec2a83..97bd84c 100644 +--- a/netwerk/protocol/http/nsHttpChannel.cpp ++++ b/netwerk/protocol/http/nsHttpChannel.cpp +@@ -2392,6 +2392,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, + cacheKey.Append(buf); + } + ++ if (strlen(mCacheDomain.get()) > 0) { ++ cacheKey.AppendLiteral("domain="); ++ cacheKey.Append(mCacheDomain.get()); ++ cacheKey.AppendLiteral("&"); ++ } ++ + if (!cacheKey.IsEmpty()) { + cacheKey.AppendLiteral("uri="); + } +@@ -4695,6 +4701,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) + } + + NS_IMETHODIMP ++nsHttpChannel::GetCacheDomain(nsACString &value) ++{ ++ value = mCacheDomain; ++ ++ return NS_OK; ++} ++ ++NS_IMETHODIMP ++nsHttpChannel::SetCacheDomain(const nsACString &value) ++{ ++ mCacheDomain = value; ++ ++ return NS_OK; ++} ++ ++NS_IMETHODIMP + nsHttpChannel::GetOfflineCacheClientID(nsACString &value) + { + value = mOfflineCacheClientID; +diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h +index 88ce469..53538cf 100644 +--- a/netwerk/protocol/http/nsHttpChannel.h ++++ b/netwerk/protocol/http/nsHttpChannel.h +@@ -303,6 +303,7 @@ private: + nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry; + nsCacheAccessMode mOfflineCacheAccess; + nsCString mOfflineCacheClientID; ++ nsCString mCacheDomain; + + // auth specific data + nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider; +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch new file mode 100644 index 0000000..e7a831e --- /dev/null +++ b/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch @@ -0,0 +1,85 @@ +From 88a390822d232ba037de1f15091977ca7e1064bf Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:50:15 -0800 +Subject: [PATCH 05/24] Block all plugins except flash. + +We cannot use the @mozilla.org/extensions/blocklist;1 service, because we +actually want to stop plugins from ever entering the browser's process space +and/or executing code (for example, AV plugins that collect statistics/analyse +urls, magical toolbars that phone home or "help" the user, skype buttons that +ruin our day, and censorship filters). Hence we rolled our own. + +See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings +on a better way. Until then, it is delta-darwinism for us. +--- + dom/plugins/base/nsPluginHost.cpp | 33 +++++++++++++++++++++++++++++++++ + dom/plugins/base/nsPluginHost.h | 2 ++ + 2 files changed, 35 insertions(+), 0 deletions(-) + +diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp +index 992bcd4..f56f231 100644 +--- a/dom/plugins/base/nsPluginHost.cpp ++++ b/dom/plugins/base/nsPluginHost.cpp +@@ -1968,6 +1968,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) + return false; + } + ++PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile) ++{ ++ nsCString leaf; ++ const char *leafStr; ++ nsresult rv; ++ ++ rv = pluginFile->GetNativeLeafName(leaf); ++ if (NS_FAILED(rv)) { ++ return PR_TRUE; // fuck 'em. blacklist. ++ } ++ ++ leafStr = leaf.get(); ++ ++ if (!leafStr) { ++ return PR_TRUE; // fuck 'em. blacklist. ++ } ++ ++ // libgnashplugin.so, libflashplayer.so, Flash Player-10.4-10.5.plugin, ++ // NPSWF32.dll, NPSWF64.dll ++ if (strstr(leafStr, "libgnashplugin") == leafStr || ++ strstr(leafStr, "libflashplayer") == leafStr || ++ strstr(leafStr, "Flash Player") == leafStr || ++ strstr(leafStr, "NPSWF") == leafStr) { ++ return PR_FALSE; ++ } ++ ++ return PR_TRUE; // fuck 'em. blacklist. ++} ++ + typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void); + + nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, +@@ -2101,6 +2130,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, + continue; + } + ++ if (GhettoBlacklist(localfile)) { ++ continue; ++ } ++ + // if it is not found in cache info list or has been changed, create a new one + if (!pluginTag) { + nsPluginFile pluginFile(localfile); +diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h +index 39a8891..c262abf 100644 +--- a/dom/plugins/base/nsPluginHost.h ++++ b/dom/plugins/base/nsPluginHost.h +@@ -278,6 +278,8 @@ private: + // Loads all cached plugins info into mCachedPlugins + nsresult ReadPluginInfo(); + ++ PRBool GhettoBlacklist(nsIFile *pluginFile); ++ + // Given a file path, returns the plugins info from our cache + // and removes it from the cache. + void RemoveCachedPluginsInfo(const char *filePath, +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch new file mode 100644 index 0000000..17af793 --- /dev/null +++ b/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch @@ -0,0 +1,37 @@ +From 71ba98d81a6ecada62af4d2ee03be050d371d996 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Thu, 8 Sep 2011 08:40:17 -0700 +Subject: [PATCH 06/24] Make content pref service memory-only + clearable + +This prevents random urls from being inserted into content-prefs.sqllite in +the profile directory as content prefs change (includes site-zoom and perhaps +other site prefs?). +--- + .../contentprefs/nsContentPrefService.js | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js +index adfb650..1619d5f 100644 +--- a/toolkit/components/contentprefs/nsContentPrefService.js ++++ b/toolkit/components/contentprefs/nsContentPrefService.js +@@ -1240,7 +1240,7 @@ ContentPrefService.prototype = { + + var dbConnection; + +- if (!dbFile.exists()) ++ if (true || !dbFile.exists()) + dbConnection = this._dbCreate(dbService, dbFile); + else { + try { +@@ -1288,7 +1288,7 @@ ContentPrefService.prototype = { + }, + + _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) { +- var dbConnection = aDBService.openDatabase(aDBFile); ++ var dbConnection = aDBService.openSpecialDatabase("memory"); + + try { + this._dbCreateSchema(dbConnection); +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch new file mode 100644 index 0000000..cc496d3 --- /dev/null +++ b/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch @@ -0,0 +1,46 @@ +From 12579def59d67416b841f6b0a6eadfd94bba72e9 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Sun, 9 Oct 2011 22:50:07 -0700 +Subject: [PATCH 07/24] Make Tor Browser exit when not launched from Vidalia + +Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app +for easy relaunch. If they manage to do this, we should fail closed rather +than opened. Hopefully they will get the hint and dock Vidalia instead. + +This is an emergency fix for +https://trac.torproject.org/projects/tor/ticket/4192. We can do a better +localized fix w/ a translated alert menu later, if it seems like this might +actually be common. +--- + browser/base/content/browser.js | 15 +++++++++++++++ + 1 files changed, 15 insertions(+), 0 deletions(-) + +diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js +index f16a0c5..20e3666 100644 +--- a/browser/base/content/browser.js ++++ b/browser/base/content/browser.js +@@ -1217,6 +1217,21 @@ function BrowserStartup() { + + prepareForStartup(); + ++ // If this is not a TBB profile, exit. ++ // Solves https://trac.torproject.org/projects/tor/ticket/4192 ++ var foundPref = false; ++ try { ++ foundPref = gPrefService.prefHasUserValue("torbrowser.version"); ++ } catch(e) { ++ //dump("No pref: "+e); ++ } ++ if(!foundPref) { ++ var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"] ++ .getService(Components.interfaces.nsIAppStartup); ++ appStartup.quit(3); // Force all windows to close, and then quit. ++ } ++ ++ + if (uriToLoad && !isLoadingBlank) { + if (uriToLoad instanceof Ci.nsISupportsArray) { + let count = uriToLoad.Count(); +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch new file mode 100644 index 0000000..39e1483 --- /dev/null +++ b/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch @@ -0,0 +1,28 @@ +From 7586e413761858ce705d25d4a1673e608a162bed Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Wed, 7 Dec 2011 19:36:38 -0800 +Subject: [PATCH 08/24] Disable SSL Session ID tracking. + +We can't easily bind SSL Session ID tracking to url bar domain, +so we have to disable them to satisfy +https://www.torproject.org/projects/torbrowser/design/#identifier-linkability. +--- + security/nss/lib/ssl/sslsock.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c +index 0c4d0c7..8d23fc0 100644 +--- a/security/nss/lib/ssl/sslsock.c ++++ b/security/nss/lib/ssl/sslsock.c +@@ -173,7 +173,7 @@ static sslOptions ssl_defaults = { + PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */ + PR_TRUE, /* enableSSL3 */ + PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */ +- PR_FALSE, /* noCache */ ++ PR_TRUE, /* noCache */ + PR_FALSE, /* fdx */ + PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ + PR_TRUE, /* detectRollBack */ +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch new file mode 100644 index 0000000..e693c71 --- /dev/null +++ b/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch @@ -0,0 +1,40 @@ +From 9c6f997dd9a44336af9a1db17f5b680cc80a0e6c Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 15:53:28 -0800 +Subject: [PATCH 09/24] Provide an observer event to close persistent + connections + +We need to prevent linkability across "New Identity", which includes closing +keep-alive connections. +--- + netwerk/protocol/http/nsHttpHandler.cpp | 7 +++++++ + 1 files changed, 7 insertions(+), 0 deletions(-) + +diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp +index 281d6ff..8125681 100644 +--- a/netwerk/protocol/http/nsHttpHandler.cpp ++++ b/netwerk/protocol/http/nsHttpHandler.cpp +@@ -325,6 +325,7 @@ nsHttpHandler::Init() + mObserverService->AddObserver(this, "net:clear-active-logins", true); + mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); + mObserverService->AddObserver(this, "net:prune-dead-connections", true); ++ mObserverService->AddObserver(this, "net:prune-all-connections", PR_TRUE); + } + + return NS_OK; +@@ -1504,6 +1505,12 @@ nsHttpHandler::Observe(nsISupports *subject, + mConnMgr->PruneDeadConnections(); + } + } ++ else if (strcmp(topic, "net:prune-all-connections") == 0) { ++ if (mConnMgr) { ++ mConnMgr->ClosePersistentConnections(); ++ mConnMgr->PruneDeadConnections(); ++ } ++ } + + return NS_OK; + } +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch b/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch new file mode 100644 index 0000000..14e584c --- /dev/null +++ b/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch @@ -0,0 +1,154 @@ +From 8f97f2f36adb9e4416f3d19af10880c800c846c2 Mon Sep 17 00:00:00 2001 +From: Kathleen Brade <brade(a)pearlcrescent.com> +Date: Thu, 4 Oct 2012 14:28:48 -0400 +Subject: [PATCH 10/24] Limit device and system specific CSS Media Queries. + +--- + layout/style/nsMediaFeatures.cpp | 71 ++++++++++++++++++++++++------------- + 1 files changed, 46 insertions(+), 25 deletions(-) + +diff --git a/layout/style/nsMediaFeatures.cpp b/layout/style/nsMediaFeatures.cpp +index 6eca06e..5b1df7e 100644 +--- a/layout/style/nsMediaFeatures.cpp ++++ b/layout/style/nsMediaFeatures.cpp +@@ -130,6 +130,9 @@ GetDeviceContextFor(nsPresContext* aPresContext) + static nsSize + GetDeviceSize(nsPresContext* aPresContext) + { ++ if (!aPresContext->IsChrome()) { ++ return GetSize(aPresContext); ++ } else { + nsSize size; + if (aPresContext->IsRootPaginatedDocument()) + // We want the page size, including unprintable areas and margins. +@@ -140,6 +143,7 @@ GetDeviceSize(nsPresContext* aPresContext) + GetDeviceContextFor(aPresContext)-> + GetDeviceSurfaceDimensions(size.width, size.height); + return size; ++ } + } + + static nsresult +@@ -183,17 +187,17 @@ static nsresult + GetDeviceOrientation(nsPresContext* aPresContext, const nsMediaFeature*, + nsCSSValue& aResult) + { +- nsSize size = GetDeviceSize(aPresContext); +- PRInt32 orientation; +- if (size.width > size.height) { +- orientation = NS_STYLE_ORIENTATION_LANDSCAPE; +- } else { +- // Per spec, square viewports should be 'portrait' +- orientation = NS_STYLE_ORIENTATION_PORTRAIT; +- } +- +- aResult.SetIntValue(orientation, eCSSUnit_Enumerated); +- return NS_OK; ++ nsSize size = GetDeviceSize(aPresContext); ++ PRInt32 orientation; ++ if (size.width > size.height) { ++ orientation = NS_STYLE_ORIENTATION_LANDSCAPE; ++ } else { ++ // Per spec, square viewports should be 'portrait' ++ orientation = NS_STYLE_ORIENTATION_PORTRAIT; ++ } ++ ++ aResult.SetIntValue(orientation, eCSSUnit_Enumerated); ++ return NS_OK; + } + + static nsresult +@@ -236,13 +240,17 @@ static nsresult + GetColor(nsPresContext* aPresContext, const nsMediaFeature*, + nsCSSValue& aResult) + { +- // FIXME: This implementation is bogus. nsDeviceContext +- // doesn't provide reliable information (should be fixed in bug +- // 424386). +- // FIXME: On a monochrome device, return 0! +- nsDeviceContext *dx = GetDeviceContextFor(aPresContext); +- PRUint32 depth; +- dx->GetDepth(depth); ++ PRUint32 depth = 24; // Always return 24 to non-chrome callers. ++ ++ if (aPresContext->IsChrome()) { ++ // FIXME: This implementation is bogus. nsDeviceContext ++ // doesn't provide reliable information (should be fixed in bug ++ // 424386). ++ // FIXME: On a monochrome device, return 0! ++ nsDeviceContext *dx = GetDeviceContextFor(aPresContext); ++ dx->GetDepth(depth); ++ } ++ + // The spec says to use bits *per color component*, so divide by 3, + // and round down, since the spec says to use the smallest when the + // color components differ. +@@ -280,9 +288,14 @@ static nsresult + GetResolution(nsPresContext* aPresContext, const nsMediaFeature*, + nsCSSValue& aResult) + { +- // Resolution values are in device pixels, not CSS pixels. +- nsDeviceContext *dx = GetDeviceContextFor(aPresContext); +- float dpi = float(dx->AppUnitsPerPhysicalInch()) / float(dx->AppUnitsPerDevPixel()); ++ float dpi = 96; // Always return 96 to non-chrome callers. ++ ++ if (aPresContext->IsChrome()) { ++ // Resolution values are in device pixels, not CSS pixels. ++ nsDeviceContext *dx = GetDeviceContextFor(aPresContext); ++ dpi = float(dx->AppUnitsPerPhysicalInch()) / float(dx->AppUnitsPerDevPixel()); ++ } ++ + aResult.SetFloatValue(dpi, eCSSUnit_Inch); + return NS_OK; + } +@@ -311,8 +324,12 @@ static nsresult + GetDevicePixelRatio(nsPresContext* aPresContext, const nsMediaFeature*, + nsCSSValue& aResult) + { +- float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); +- aResult.SetFloatValue(ratio, eCSSUnit_Number); ++ if (aPresContext->IsChrome()) { ++ float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); ++ aResult.SetFloatValue(ratio, eCSSUnit_Number); ++ } else { ++ aResult.SetFloatValue(1.0, eCSSUnit_Number); ++ } + return NS_OK; + } + +@@ -320,18 +337,21 @@ static nsresult + GetSystemMetric(nsPresContext* aPresContext, const nsMediaFeature* aFeature, + nsCSSValue& aResult) + { ++ if (aPresContext->IsChrome()) { + NS_ABORT_IF_FALSE(aFeature->mValueType == nsMediaFeature::eBoolInteger, + "unexpected type"); + nsIAtom *metricAtom = *aFeature->mData.mMetric; + bool hasMetric = nsCSSRuleProcessor::HasSystemMetric(metricAtom); + aResult.SetIntValue(hasMetric ? 1 : 0, eCSSUnit_Integer); +- return NS_OK; ++ } ++ return NS_OK; + } + + static nsresult + GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, + nsCSSValue& aResult) + { ++ if (aPresContext->IsChrome()) { + aResult.Reset(); + #ifdef XP_WIN + PRUint8 windowsThemeId = +@@ -350,7 +370,8 @@ GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, + } + } + #endif +- return NS_OK; ++ } ++ return NS_OK; + } + + /* +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch new file mode 100644 index 0000000..ff9e618 --- /dev/null +++ b/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch @@ -0,0 +1,228 @@ +From cb3a6f45dd2c15d6b75084e1a4dded18ed638632 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 1 Feb 2012 16:01:21 -0800 +Subject: [PATCH 11/24] Limit the number of fonts per document. + +We create two prefs: +browser.display.max_font_count and browser.display.max_font_attempts. +max_font_count sets a limit on the number of fonts actually used in the +document, and max_font_attempts sets a limit on the total number of CSS +queries that a document is allowed to perform. + +Once either limit is reached, the browser behaves as if +browser.display.use_document_fonts was set to 0 for subsequent font queries. + +If a pref is not set or is negative, that limit does not apply. + +This is done to address: +https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability +--- + layout/base/nsPresContext.cpp | 100 +++++++++++++++++++++++++++++++++++++++++ + layout/base/nsPresContext.h | 9 ++++ + layout/style/nsRuleNode.cpp | 13 ++++- + 3 files changed, 119 insertions(+), 3 deletions(-) + +diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp +index e1587db..9690d9c 100644 +--- a/layout/base/nsPresContext.cpp ++++ b/layout/base/nsPresContext.cpp +@@ -98,6 +98,8 @@ + #include "FrameLayerBuilder.h" + #include "nsDOMMediaQueryList.h" + #include "nsSMILAnimationController.h" ++#include "nsString.h" ++#include "nsUnicharUtils.h" + + #ifdef IBMBIDI + #include "nsBidiPresUtils.h" +@@ -706,6 +708,10 @@ nsPresContext::GetUserPreferences() + // * use fonts? + mUseDocumentFonts = + Preferences::GetInt("browser.display.use_document_fonts") != 0; ++ mMaxFonts = ++ Preferences::GetInt("browser.display.max_font_count", -1); ++ mMaxFontAttempts = ++ Preferences::GetInt("browser.display.max_font_attempts", -1); + + // * replace backslashes with Yen signs? (bug 245770) + mEnableJapaneseTransform = +@@ -1300,6 +1306,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID) const + return font; + } + ++PRBool ++nsPresContext::FontUseCountReached(const nsFont &font) { ++ if (mMaxFonts < 0) { ++ return PR_FALSE; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { ++ if (mFontsUsed[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsUsed[i].style == font.style*/) { ++ // seen it before: OK ++ return PR_FALSE; ++ } ++ } ++ ++ if (mFontsUsed.Length() >= mMaxFonts) { ++ return PR_TRUE; ++ } ++ ++ return PR_FALSE; ++} ++ ++PRBool ++nsPresContext::FontAttemptCountReached(const nsFont &font) { ++ if (mMaxFontAttempts < 0) { ++ return PR_FALSE; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { ++ if (mFontsTried[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsTried[i].style == font.style*/) { ++ // seen it before: OK ++ return PR_FALSE; ++ } ++ } ++ ++ if (mFontsTried.Length() >= mMaxFontAttempts) { ++ return PR_TRUE; ++ } ++ ++ return PR_FALSE; ++} ++ ++void ++nsPresContext::AddFontUse(const nsFont &font) { ++ if (mMaxFonts < 0) { ++ return; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { ++ if (mFontsUsed[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsUsed[i].style == font.style*/) { ++ // seen it before: OK ++ return; ++ } ++ } ++ ++ if (mFontsUsed.Length() >= mMaxFonts) { ++ return; ++ } ++ ++ mFontsUsed.AppendElement(font); ++ return; ++} ++ ++void ++nsPresContext::AddFontAttempt(const nsFont &font) { ++ if (mMaxFontAttempts < 0) { ++ return; ++ } ++ ++ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { ++ if (mFontsTried[i].name.Equals(font.name, ++ nsCaseInsensitiveStringComparator()) ++ // XXX: Style is sometimes filled with garbage?? ++ /*&& mFontsTried[i].style == font.style*/) { ++ // seen it before: OK ++ return; ++ } ++ } ++ ++ if (mFontsTried.Length() >= mMaxFontAttempts) { ++ return; ++ } ++ ++ mFontsTried.AppendElement(font); ++ return; ++} ++ + void + nsPresContext::SetFullZoom(float aZoom) + { +diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h +index ecd01d8..552a69a 100644 +--- a/layout/base/nsPresContext.h ++++ b/layout/base/nsPresContext.h +@@ -548,6 +548,13 @@ public: + } + } + ++ nsTArray<nsFont> mFontsUsed; // currently for font-count limiting only ++ nsTArray<nsFont> mFontsTried; // currently for font-count limiting only ++ void AddFontUse(const nsFont &font); ++ void AddFontAttempt(const nsFont &font); ++ PRBool FontUseCountReached(const nsFont &font); ++ PRBool FontAttemptCountReached(const nsFont &font); ++ + PRInt32 MinFontSize() const { + return NS_MAX(mMinFontSize, mMinimumFontSizePref); + } +@@ -1117,6 +1124,8 @@ protected: + PRUint32 mInterruptChecksToSkip; + + mozilla::TimeStamp mReflowStartTime; ++ PRInt32 mMaxFontAttempts; ++ PRInt32 mMaxFonts; + + unsigned mHasPendingInterrupt : 1; + unsigned mInterruptsEnabled : 1; +diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp +index 27336bf..827585a 100644 +--- a/layout/style/nsRuleNode.cpp ++++ b/layout/style/nsRuleNode.cpp +@@ -3091,6 +3091,7 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + + // See if there is a minimum font-size constraint to honor + nscoord minimumFontSize = mPresContext->MinFontSize(); ++ PRBool isXUL = PR_FALSE; + + if (minimumFontSize < 0) + minimumFontSize = 0; +@@ -3102,10 +3103,10 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + // We only need to know this to determine if we have to use the + // document fonts (overriding the useDocumentFonts flag), or to + // determine if we have to override the minimum font-size constraint. +- if ((!useDocumentFonts || minimumFontSize > 0) && mPresContext->IsChrome()) { ++ if (mPresContext->IsChrome()) { + // if we are not using document fonts, but this is a XUL document, + // then we use the document fonts anyway +- useDocumentFonts = true; ++ isXUL = PR_TRUE; + minimumFontSize = 0; + } + +@@ -3120,9 +3121,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + // generic? + nsFont::GetGenericID(font->mFont.name, &generic); + ++ mPresContext->AddFontAttempt(font->mFont); ++ + // If we aren't allowed to use document fonts, then we are only entitled + // to use the user's default variable-width font and fixed-width font +- if (!useDocumentFonts) { ++ if (!isXUL && (!useDocumentFonts || ++ mPresContext->FontAttemptCountReached(font->mFont) || ++ mPresContext->FontUseCountReached(font->mFont))) { + // Extract the generic from the specified font family... + nsAutoString genericName; + if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { +@@ -3158,6 +3163,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, + minimumFontSize, font); + } + ++ if (font->mGenericID == kGenericFont_NONE) ++ mPresContext->AddFontUse(font->mFont); + COMPUTE_END_INHERITED(Font, font) + } + +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch b/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch new file mode 100644 index 0000000..e627238 --- /dev/null +++ b/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch @@ -0,0 +1,50 @@ +From 5820fc300fe1cae27752673e8721a19e70bf727c Mon Sep 17 00:00:00 2001 +From: Erinn Clark <erinn(a)torproject.org> +Date: Wed, 25 Apr 2012 09:14:00 -0300 +Subject: [PATCH 12/24] Rebrand Firefox to TorBrowser + +This patch does some basic renaming of Firefox to TorBrowser. The rest of the +branding is done by images and icons. +--- + browser/branding/official/configure.sh | 2 +- + browser/branding/official/locales/en-US/brand.dtd | 6 +++--- + .../official/locales/en-US/brand.properties | 6 +++--- + 3 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/browser/branding/official/configure.sh b/browser/branding/official/configure.sh +index 4d3d297..e9b3738 100644 +--- a/browser/branding/official/configure.sh ++++ b/browser/branding/official/configure.sh +@@ -1,2 +1,2 @@ +-MOZ_APP_DISPLAYNAME=Firefox ++MOZ_APP_DISPLAYNAME=TorBrowser + MOZ_UA_BUILDID=20100101 +diff --git a/browser/branding/official/locales/en-US/brand.dtd b/browser/branding/official/locales/en-US/brand.dtd +index 142d79b..c137e04 100644 +--- a/browser/branding/official/locales/en-US/brand.dtd ++++ b/browser/branding/official/locales/en-US/brand.dtd +@@ -1,4 +1,4 @@ +-<!ENTITY brandShortName "Firefox"> +-<!ENTITY brandFullName "Mozilla Firefox"> +-<!ENTITY vendorShortName "Mozilla"> ++<!ENTITY brandShortName "TorBrowser"> ++<!ENTITY brandFullName "Tor Browser"> ++<!ENTITY vendorShortName "Tor Project"> + <!ENTITY trademarkInfo.part1 "Firefox and the Firefox logos are trademarks of the Mozilla Foundation."> +diff --git a/browser/branding/official/locales/en-US/brand.properties b/browser/branding/official/locales/en-US/brand.properties +index 5f3ad54..62ac2fd 100644 +--- a/browser/branding/official/locales/en-US/brand.properties ++++ b/browser/branding/official/locales/en-US/brand.properties +@@ -1,6 +1,6 @@ +-brandShortName=Firefox +-brandFullName=Mozilla Firefox +-vendorShortName=Mozilla ++brandShortName=TorBrowser ++brandFullName=Tor Browser ++vendorShortName=Tor Project + + homePageSingleStartMain=Firefox Start, a fast home page with built-in search + homePageImport=Import your home page from %S +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch b/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch new file mode 100644 index 0000000..1ad0972 --- /dev/null +++ b/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch @@ -0,0 +1,57 @@ +From 28178fb406d86b317b13b16ade3b06e5e1500c7e Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 25 Apr 2012 13:39:35 -0700 +Subject: [PATCH 13/24] Make Download manager memory only. + +Solves https://trac.torproject.org/projects/tor/ticket/4017. + +Yes, this is an ugly hack. We *could* send the observer notification from +Torbutton to tell the download manager to switch to memory, but then we have +to dance around and tell it again if the user switches in and out of private +browsing mode.. + +The right way to do this is with a pref. Maybe I'll get to that someday, if +this breaks enough times in conflict. +--- + toolkit/components/downloads/nsDownloadManager.cpp | 4 ++-- + toolkit/components/downloads/nsDownloadManager.h | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/toolkit/components/downloads/nsDownloadManager.cpp b/toolkit/components/downloads/nsDownloadManager.cpp +index 00a6e7d..2e83f61 100644 +--- a/toolkit/components/downloads/nsDownloadManager.cpp ++++ b/toolkit/components/downloads/nsDownloadManager.cpp +@@ -1992,7 +1992,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, + if (NS_LITERAL_STRING("memory").Equals(aData)) + return SwitchDatabaseTypeTo(DATABASE_MEMORY); + else if (NS_LITERAL_STRING("disk").Equals(aData)) +- return SwitchDatabaseTypeTo(DATABASE_DISK); ++ return SwitchDatabaseTypeTo(DATABASE_MEMORY); + } + else if (strcmp(aTopic, "alertclickcallback") == 0) { + nsCOMPtr<nsIDownloadManagerUI> dmui = +@@ -2069,7 +2069,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() + (void)ResumeAllDownloads(false); + + // Switch back to the on-disk DB again +- (void)SwitchDatabaseTypeTo(DATABASE_DISK); ++ //(void)SwitchDatabaseTypeTo(DATABASE_DISK); + + mInPrivateBrowsing = false; + } +diff --git a/toolkit/components/downloads/nsDownloadManager.h b/toolkit/components/downloads/nsDownloadManager.h +index 54312e4..cb63b52 100644 +--- a/toolkit/components/downloads/nsDownloadManager.h ++++ b/toolkit/components/downloads/nsDownloadManager.h +@@ -90,7 +90,7 @@ public: + + virtual ~nsDownloadManager(); + nsDownloadManager() : +- mDBType(DATABASE_DISK) ++ mDBType(DATABASE_MEMORY) + , mInPrivateBrowsing(false) + #ifdef DOWNLOAD_SCANNER + , mScanner(nsnull) +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch b/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch new file mode 100644 index 0000000..adbd3d4 --- /dev/null +++ b/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch @@ -0,0 +1,84 @@ +From 2a80e84755c97cf4ff3ab63bda1bd5f0936d9594 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 25 Apr 2012 15:03:46 -0700 +Subject: [PATCH 14/24] Add DDG and StartPage to Omnibox. + +You mean there are search engines that don't require captchas if you don't +have a cookie? Holy crap. Get those in there now. +--- + browser/locales/en-US/searchplugins/duckduckgo.xml | 29 ++++++++++++++++++++ + browser/locales/en-US/searchplugins/list.txt | 2 + + browser/locales/en-US/searchplugins/startpage.xml | 11 +++++++ + 3 files changed, 42 insertions(+), 0 deletions(-) + create mode 100644 browser/locales/en-US/searchplugins/duckduckgo.xml + create mode 100644 browser/locales/en-US/searchplugins/startpage.xml + +diff --git a/browser/locales/en-US/searchplugins/duckduckgo.xml b/browser/locales/en-US/searchplugins/duckduckgo.xml +new file mode 100644 +index 0000000..4f00b4d +--- /dev/null ++++ b/browser/locales/en-US/searchplugins/duckduckgo.xml +@@ -0,0 +1,29 @@ ++<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> ++<ShortName>DuckDuckGo</ShortName> ++<Description>Duck Duck Go</Description> ++<InputEncoding>UTF-8</InputEncoding> ++<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAANcNAADXDQAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAJyDsJmlk8pf6+v3s/v7+++zr/fcnIOyzJyDsgCcg7CYAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAnIOwBJyDscCcg7PZttJ7/7Pfs//////++xO7/S5GA/ycg7P8n ++IOz2JyDscCcg7AEAAAAAAAAAAAAAAAAnIOwBJyDstScg7P8nIOz/Y8p5/2fHZf9Yv0z/YcF2/1rB ++Uv8nIOz/JyDs/ycg7P8nIOy1JyDsAQAAAAAAAAAAJyDscCcg7P8nIOz/JyDs/4jQoP/p9+n///// ++/05X3v9LkYD/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAJyDsJicg7PYnIOz/JyDs/zUu7f/+/v// ++//////////89N+7/JyDs/yUo7f8nIOz/JyDs/ycg7P8nIOz2JyDsJicg7IAnIOz/JyDs/ycg7P9h ++XPH////////////t/P//GIr2/wfD+/8Gyfz/DKv5/yM57/8nIOz/JyDs/ycg7H8nIOyzJyDs/ycg ++7P8nIOz/jov1////////////Otz9/w3G/P8cWfH/JSvt/ycg7P8nIOz/JyDs/ycg7P8nIOyzJyDs ++5icg7P8nIOz/JyDs/7u5+f///////////27l/v8E0v3/BNL9/wTQ/f8Oofn/IT7v/ycg7P8nIOz/ ++JyDs5icg7OYnIOz/JyDs/ycg7P/p6P3/uWsC////////////5fr//6Po/f8Thfb/DKv5/w6f+f8n IOz/JyDs/ycg7OYnIOyzJyDs/ycg7P8nIOz/9/b+/////////////////7lrAv/V1Pv/JyDs/ycg ++7P8nIOz/JyDs/ycg7P8nIOyzJyDsgCcg7P8nIOz/JyDs/8/N+///////////////////////iIX1 ++/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDsfycg7CYnIOz2JyDs/ycg7P9FP+7/q6n4/+7u/f/n5v3/ ++fXn0/yoj7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7CYAAAAAJyDscCcg7P8nIOz/wsD6/+no/f/Y ++1/z/eHTz/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAAAAAACcg7AEnIOy1JyDs/ycg ++7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7LUnIOwBAAAAAAAAAAAAAAAAJyDs ++AScg7HAnIOz2JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7HAnIOwBAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAJyDsJicg7IAnIOyzJyDs5icg7OYnIOyzJyDsgCcg7CYAAAAAAAAAAAAAAAAA ++AAAA+B8AAPAPAADAAwAAwAMAAIABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABAACAAQAAwAMAAMAD ++AADwDwAA+B8AAA==</Image> ++<Url type="text/html" method="POST" template="https://duckduckgo.com/html/"> ++ <Param name="q" value="{searchTerms}"/> ++</Url> ++<SearchForm>https://duckduckgo.com/html/</SearchForm> ++</SearchPlugin> +diff --git a/browser/locales/en-US/searchplugins/list.txt b/browser/locales/en-US/searchplugins/list.txt +index 2a1141a..0466f4e 100644 +--- a/browser/locales/en-US/searchplugins/list.txt ++++ b/browser/locales/en-US/searchplugins/list.txt +@@ -1,7 +1,9 @@ + amazondotcom + bing ++duckduckgo + eBay + google ++startpage + twitter + wikipedia + yahoo +diff --git a/browser/locales/en-US/searchplugins/startpage.xml b/browser/locales/en-US/searchplugins/startpage.xml +new file mode 100644 +index 0000000..1a310b1 +--- /dev/null ++++ b/browser/locales/en-US/searchplugins/startpage.xml +@@ -0,0 +1,11 @@ ++<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> ++<ShortName>Startpage</ShortName> ++<Description>Start Page</Description> ++<InputEncoding>UTF-8</InputEncoding> ++<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2jkj+9YtD/vWLQ/71i0P+9otD/vaLRP72i0T+9YtE/vWLRP72i0T+9otD/vaNRP72jUT+9otF/vaLRf73kkv+9Yc///WJP//1iT//9Yk///rAmf/94Mz/+sCa//aRTv/1iUH/9ok///aJP//2i0H/9otB//aJQv/2iUL/9otC//aNRP/2jUT/9o1E//aNRP/6wpv////////////96dr/95dQ//aNRP/2kET/9pBG//aQRv/2kEb/9pBG//aRR//3lEz/95BH//mueP/7xJ3/959g//efYf/4p23//vDm//3p2//3kEr/95FJ//aRSf/niFH/95FK//aRSv/2mE//95hS/vq4iP/////////////////81bj/95xZ//q4iP//////+bF+//eZT//njFT/PSqi/2xGjv/2mVD/951V/vedVv783cX///////vQrf/++PP///////748//+8uj///////m3gf/olFr/PSuj/w8Pt/9sSJD/951V//eeWf73oVv++8ul///////5sXf/+KRi//vRsf////////////3r3v/olF//Piyk/w8Pt/9sSJH/+J5Z//ieWv/3oV/++KZf/vihXP/97N7//vn0//zTs//6wJP/+bBy//q6iP/onW//Piyl/w8Pt/8fGbH/m2iB/+icY//4pGD/96hl/viqZf74pmD/+Kxr//3iy/////////n1//ivbP/onGj/Pi2m/w8Pt/8uJKz/fFeQ/x8Zsf8+Lqb/6J9r//ivbP74rm3++Klm//mpZv/5q2f/+bR9//m0e//poW7/Pi6n/w8Pt/9sTZj/+Ktp//ira/+rd4P/Dw+3/4xijv/5snH+ +LN1/vmvbf/5r23/+a5t//mvb//4r2//TTuk/w8Pt/8fGrL/6ah1//ivcP/4r3P/q3yI/w8Pt/+MZpP/+bN5/vm4ev75t3X/+bV1//m1df/5t3X/+Ld3/8qUhP98XZn/Hxqz/+mse//5t3f/2p+B/x8as/8PD7f/u4qK//m7fv76u4D++bl7//m3fP/5uXz/+bl8//m5fP/5t3z/+bl//x8as/9NPKf/fWCb/x8as/8PD7f/bVOh//q5f//6v4X++sGI/vm9g//5voX/+b6F//m9hf/6vYX/+r6F//nCh/+bepr/Hxu0/w8Pt/8PD7f/fWOh//q+hf/6wof/+saN/vrGjf75xIv/+ceL//nEi//5xIv/+sSL//rHi//6x43/+ceN/+m7kP+7lpj/6ruQ//rHkP/6x43/+seQ//rLlf76ypT++seR//rJkf/6yZH/+seR//rJkf/6yZH/+8mR//vJlP/7yZT/+smU//rJlP/6yZT/+8yV//rJlf/6zpn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image> ++ ++<Url type="text/html" method="POST" template="https://startpage.com/do/search"> ++ <Param name="q" value="{searchTerms}"/> ++</Url> ++<SearchForm>https://startpage.com/do/search/</SearchForm> ++</SearchPlugin> +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch b/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch new file mode 100644 index 0000000..93a989b --- /dev/null +++ b/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch @@ -0,0 +1,44 @@ +From 20c94cb890a8872c07ba13686e293ca147b85cd6 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Tue, 1 May 2012 15:02:03 -0700 +Subject: [PATCH 15/24] Make nsICacheService.EvictEntries synchronous + +This fixes a race condition that allows cache-based EverCookies to persist for +a brief time (on the order of minutes?) after cache clearing/"New Identity". + +https://trac.torproject.org/projects/tor/ticket/5715 +--- + netwerk/cache/nsCacheService.cpp | 15 +++++++++++++-- + 1 files changed, 13 insertions(+), 2 deletions(-) + +diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp +index 83ce887..e9f1a76 100644 +--- a/netwerk/cache/nsCacheService.cpp ++++ b/netwerk/cache/nsCacheService.cpp +@@ -1316,10 +1316,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) + return NS_OK; + } + +- + NS_IMETHODIMP nsCacheService::EvictEntries(nsCacheStoragePolicy storagePolicy) + { +- return EvictEntriesForClient(nsnull, storagePolicy); ++ NS_IMETHODIMP r; ++ r = EvictEntriesForClient(nsnull, storagePolicy); ++ ++ // XXX: Bloody hack until we get this notifier in FF14.0: ++ // https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsICacheListener… ++ if (storagePolicy == nsICache::STORE_ANYWHERE && ++ NS_IsMainThread() && gService && gService->mInitialized) { ++ nsCacheServiceAutoLock lock; ++ gService->DoomActiveEntries(); ++ gService->ClearDoomList(); ++ (void) SyncWithCacheIOThread(); ++ } ++ return r; + } + + NS_IMETHODIMP nsCacheService::GetCacheIOTarget(nsIEventTarget * *aCacheIOTarget) +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch b/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch new file mode 100644 index 0000000..bb70b17 --- /dev/null +++ b/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch @@ -0,0 +1,132 @@ +From 976f0d4fabb6b0b50c83192d622827357c761bd3 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 2 May 2012 17:44:39 -0700 +Subject: [PATCH 16/24] Prevent WebSocket DNS leak. + +This is due to an improper implementation of the WebSocket spec by Mozilla. + +"There MUST be no more than one connection in a CONNECTING state. If multiple +connections to the same IP address are attempted simultaneously, the client +MUST serialize them so that there is no more than one connection at a time +running through the following steps. + +If the client cannot determine the IP address of the remote host (for +example, because all communication is being done through a proxy server that +performs DNS queries itself), then the client MUST assume for the purposes of +this step that each host name refers to a distinct remote host," + +https://tools.ietf.org/html/rfc6455#page-15 + +They implmented the first paragraph, but not the second... + +While we're at it, we also prevent the DNS service from being used to look up +anything other than IP addresses if socks_remote_dns is set to true, so this +bug can't turn up in other components or due to 3rd party addons. +--- + netwerk/dns/nsDNSService2.cpp | 24 ++++++++++++++++++++++- + netwerk/dns/nsDNSService2.h | 1 + + netwerk/protocol/websocket/WebSocketChannel.cpp | 8 +++++- + 3 files changed, 30 insertions(+), 3 deletions(-) + +diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp +index 68ad8a5..1253b2f 100644 +--- a/netwerk/dns/nsDNSService2.cpp ++++ b/netwerk/dns/nsDNSService2.cpp +@@ -383,6 +383,7 @@ nsDNSService::Init() + bool enableIDN = true; + bool disableIPv6 = false; + bool disablePrefetch = false; ++ bool disableDNS = false; + int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT; + + nsAdoptingCString ipv4OnlyDomains; +@@ -404,6 +405,10 @@ nsDNSService::Init() + + // If a manual proxy is in use, disable prefetch implicitly + prefs->GetIntPref("network.proxy.type", &proxyType); ++ ++ // If the user wants remote DNS, we should fail any lookups that still ++ // make it here. ++ prefs->GetBoolPref("network.proxy.socks_remote_dns", &disableDNS); + } + + if (mFirstTime) { +@@ -420,7 +425,7 @@ nsDNSService::Init() + + // Monitor these to see if there is a change in proxy configuration + // If a manual proxy is in use, disable prefetch implicitly +- prefs->AddObserver("network.proxy.type", this, false); ++ prefs->AddObserver("network.proxy.", this, false); + } + } + +@@ -448,6 +453,7 @@ nsDNSService::Init() + mIDN = idn; + mIPv4OnlyDomains = ipv4OnlyDomains; // exchanges buffer ownership + mDisableIPv6 = disableIPv6; ++ mDisableDNS = disableDNS; + + // Disable prefetching either by explicit preference or if a manual proxy is configured + mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL); +@@ -547,6 +553,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, + if (mDisablePrefetch && (flags & RESOLVE_SPECULATE)) + return NS_ERROR_DNS_LOOKUP_QUEUE_FULL; + ++ PRNetAddr tempAddr; ++ if (mDisableDNS) { ++ // Allow IP lookups through, but nothing else. ++ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { ++ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? ++ } ++ } ++ + res = mResolver; + idn = mIDN; + } +@@ -597,6 +611,14 @@ nsDNSService::Resolve(const nsACString &hostname, + MutexAutoLock lock(mLock); + res = mResolver; + idn = mIDN; ++ ++ PRNetAddr tempAddr; ++ if (mDisableDNS) { ++ // Allow IP lookups through, but nothing else. ++ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { ++ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? ++ } ++ } + } + NS_ENSURE_TRUE(res, NS_ERROR_OFFLINE); + +diff --git a/netwerk/dns/nsDNSService2.h b/netwerk/dns/nsDNSService2.h +index 1749b41..3ec8eba 100644 +--- a/netwerk/dns/nsDNSService2.h ++++ b/netwerk/dns/nsDNSService2.h +@@ -70,4 +70,5 @@ private: + bool mDisableIPv6; + bool mDisablePrefetch; + bool mFirstTime; ++ bool mDisableDNS; + }; +diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp +index 9e446e9..42aa6ca 100644 +--- a/netwerk/protocol/websocket/WebSocketChannel.cpp ++++ b/netwerk/protocol/websocket/WebSocketChannel.cpp +@@ -1698,8 +1698,12 @@ WebSocketChannel::ApplyForAdmission() + LOG(("WebSocketChannel::ApplyForAdmission: checking for concurrent open\n")); + nsCOMPtr<nsIThread> mainThread; + NS_GetMainThread(getter_AddRefs(mainThread)); +- dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); +- NS_ENSURE_SUCCESS(rv, rv); ++ rv = dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); ++ if (NS_FAILED(rv)) { ++ // Fall back to hostname on dispatch failure ++ mDNSRequest = nsnull; ++ OnLookupComplete(nsnull, nsnull, rv); ++ } + + return NS_OK; + } +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch b/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch new file mode 100644 index 0000000..f1814e7 --- /dev/null +++ b/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch @@ -0,0 +1,251 @@ +From 36f826e64411a74912ba1adebd1a30b84716bf84 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Wed, 6 Jun 2012 11:08:56 -0700 +Subject: [PATCH 17/24] Randomize HTTP request order and pipeline depth. + +This is an experimental defense against +http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf + +See: +https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting + +This defense has been improved since that blog post to additionally randomize +the order and concurrency of non-pipelined HTTP requests. +--- + netwerk/protocol/http/nsHttpConnectionMgr.cpp | 136 ++++++++++++++++++++++++- + netwerk/protocol/http/nsHttpConnectionMgr.h | 5 + + 2 files changed, 136 insertions(+), 5 deletions(-) + +diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp +index 23ef893..788368f 100644 +--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp ++++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp +@@ -94,6 +94,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() + { + LOG(("Creating nsHttpConnectionMgr @%x\n", this)); + mCT.Init(); ++ ++ nsresult rv; ++ mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv); ++ if (NS_FAILED(rv)) { ++ mRandomGenerator = nsnull; ++ } + } + + nsHttpConnectionMgr::~nsHttpConnectionMgr() +@@ -342,8 +348,12 @@ nsHttpConnectionMgr::AddTransactionToPipeline(nsHttpPipeline *pipeline) + nsConnectionEntry *ent = mCT.Get(ci->HashKey()); + if (ent) { + // search for another request to pipeline... +- PRInt32 i, count = ent->mPendingQ.Length(); +- for (i=0; i<count; ++i) { ++ PRInt32 i, h, count = ent->mPendingQ.Length(); ++ PRInt32* ind = new PRInt32[count]; ++ ShuffleRequestOrder((PRUint32*)ind, (PRUint32)count); ++ ++ for (h=0; h<count; ++h) { ++ i = ind[h]; // random request sequence + nsHttpTransaction *trans = ent->mPendingQ[i]; + if (trans->Caps() & NS_HTTP_ALLOW_PIPELINING) { + pipeline->AddTransaction(trans); +@@ -354,6 +364,8 @@ nsHttpConnectionMgr::AddTransactionToPipeline(nsHttpPipeline *pipeline) + break; + } + } ++ ++ delete [] ind; + } + } + } +@@ -585,12 +597,17 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) + LOG(("nsHttpConnectionMgr::ProcessPendingQForEntry [ci=%s]\n", + ent->mConnInfo->HashKey().get())); + +- PRInt32 i, count = ent->mPendingQ.Length(); ++ PRUint32 h, i = 0, count = ent->mPendingQ.Length(); + if (count > 0) { + LOG((" pending-count=%u\n", count)); + nsHttpTransaction *trans = nsnull; + nsHttpConnection *conn = nsnull; +- for (i=0; i<count; ++i) { ++ ++ PRUint32* ind = new PRUint32[count]; ++ ShuffleRequestOrder(ind, count); ++ ++ for (h=0; h<count; ++h) { ++ i = ind[h]; // random request sequence + trans = ent->mPendingQ[i]; + + // When this transaction has already established a half-open +@@ -610,6 +627,7 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) + if (conn) + break; + } ++ delete [] ind; + if (conn) { + LOG((" dispatching pending transaction...\n")); + +@@ -694,6 +712,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap + maxPersistConns = mMaxPersistConnsPerHost; + } + ++ // Fuzz maxConns for website fingerprinting attack ++ // We create a range of maxConns/5 up to 6*maxConns/5 ++ // because this function is called repeatedly, and we'll ++ // end up converging to the high side of concurrent connections ++ // after a short while. ++ PRUint8 *bytes = nsnull; ++ nsresult rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); ++ NS_ENSURE_SUCCESS(rv, rv); ++ ++ bytes[0] = bytes[0] % (maxConns + 1); ++ maxConns = (maxConns/5) + bytes[0]; ++ NS_Free(bytes); ++ + // use >= just to be safe + return (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) && + (persistCount >= maxPersistConns) ); +@@ -865,7 +896,7 @@ nsHttpConnectionMgr::DispatchTransaction(nsConnectionEntry *ent, + nsHttpPipeline *pipeline = nsnull; + if (conn->SupportsPipelining() && (caps & NS_HTTP_ALLOW_PIPELINING)) { + LOG((" looking to build pipeline...\n")); +- if (BuildPipeline(ent, trans, &pipeline)) ++ if (BuildRandomizedPipeline(ent, trans, &pipeline)) + trans = pipeline; + } + +@@ -938,6 +969,101 @@ nsHttpConnectionMgr::BuildPipeline(nsConnectionEntry *ent, + return true; + } + ++ ++// Generate a shuffled request ordering sequence ++void ++nsHttpConnectionMgr::ShuffleRequestOrder(PRUint32 *ind, PRUint32 count) ++{ ++ PRUint32 i; ++ PRUint32 *rints; ++ ++ for (i=0; i<count; ++i) { ++ ind[i] = i; ++ } ++ nsresult rv = mRandomGenerator->GenerateRandomBytes(sizeof(PRUint32)*count, ++ (PRUint8**)&rints); ++ if (NS_FAILED(rv)) ++ return; // Leave unshuffled if error ++ ++ for (i=0; i < count; ++i) { ++ PRInt32 temp = ind[i]; ++ ind[i] = ind[rints[i]%count]; ++ ind[rints[i]%count] = temp; ++ } ++ NS_Free(rints); ++} ++ ++bool ++nsHttpConnectionMgr::BuildRandomizedPipeline(nsConnectionEntry *ent, ++ nsAHttpTransaction *firstTrans, ++ nsHttpPipeline **result) ++{ ++ if (mRandomGenerator == nsnull) ++ return BuildPipeline(ent, firstTrans, result); ++ if (mMaxPipelinedRequests < 2) ++ return PR_FALSE; ++ ++ nsresult rv; ++ PRUint8 *bytes = nsnull; ++ ++ nsHttpPipeline *pipeline = nsnull; ++ nsHttpTransaction *trans; ++ ++ PRUint32 i = 0, numAdded = 0, numAllowed = 0; ++ PRUint32 max = 0; ++ ++ while (i < ent->mPendingQ.Length()) { ++ if (ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING) ++ numAllowed++; ++ i++; ++ } ++ ++ rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); ++ NS_ENSURE_SUCCESS(rv, rv); ++ // 4...12 ++ max = 4 + (bytes[0] % (mMaxPipelinedRequests + 1)); ++ NS_Free(bytes); ++ ++ while (numAllowed > 0) { ++ rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); ++ NS_ENSURE_SUCCESS(rv, rv); ++ i = bytes[0] % ent->mPendingQ.Length(); ++ NS_Free(bytes); ++ ++ trans = ent->mPendingQ[i]; ++ ++ if (!(ent->mPendingQ[i]->Caps() & NS_HTTP_ALLOW_PIPELINING)) ++ continue; ++ ++ if (numAdded == 0) { ++ pipeline = new nsHttpPipeline; ++ if (!pipeline) ++ return PR_FALSE; ++ pipeline->AddTransaction(firstTrans); ++ numAdded = 1; ++ } ++ pipeline->AddTransaction(trans); ++ ++ // remove transaction from pending queue ++ ent->mPendingQ.RemoveElementAt(i); ++ NS_RELEASE(trans); ++ ++ numAllowed--; ++ ++ if (++numAdded == max) ++ break; ++ } ++ ++ //fprintf(stderr, "Yay!!! pipelined %u/%u transactions\n", numAdded, max); ++ LOG((" pipelined %u/%u transactions\n", numAdded, max)); ++ ++ if (numAdded == 0) ++ return PR_FALSE; ++ ++ NS_ADDREF(*result = pipeline); ++ return PR_TRUE; ++} ++ + nsresult + nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans) + { +diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h +index cdf21a9..81b282a 100644 +--- a/netwerk/protocol/http/nsHttpConnectionMgr.h ++++ b/netwerk/protocol/http/nsHttpConnectionMgr.h +@@ -51,6 +51,7 @@ + + #include "nsIObserver.h" + #include "nsITimer.h" ++#include "nsIRandomGenerator.h" + + class nsHttpPipeline; + +@@ -276,6 +277,8 @@ private: + nsresult DispatchTransaction(nsConnectionEntry *, nsAHttpTransaction *, + PRUint8 caps, nsHttpConnection *); + bool BuildPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); ++ bool BuildRandomizedPipeline(nsConnectionEntry *, nsAHttpTransaction *, nsHttpPipeline **); ++ void ShuffleRequestOrder(PRUint32 *, PRUint32); + nsresult ProcessNewTransaction(nsHttpTransaction *); + nsresult EnsureSocketThreadTargetIfOnline(); + void ClosePersistentConnections(nsConnectionEntry *ent); +@@ -353,6 +356,8 @@ private: + PRUint64 mTimeOfNextWakeUp; + // Timer for next pruning of dead connections. + nsCOMPtr<nsITimer> mTimer; ++ // Random number generator for reordering HTTP pipeline ++ nsCOMPtr<nsIRandomGenerator> mRandomGenerator; + + // + // the connection table +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch b/src/current-patches/firefox/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch new file mode 100644 index 0000000..46cf611 --- /dev/null +++ b/src/current-patches/firefox/0018-Add-HTTP-auth-headers-before-the-modify-request-obse.patch @@ -0,0 +1,52 @@ +From c1e26c8a294abe426fd6fb84508db6074ef23379 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)fscked.org> +Date: Fri, 2 Sep 2011 15:33:20 -0700 +Subject: [PATCH 18/24] Add HTTP auth headers before the modify-request + observer. + +Otherwise, how are we supposed to modify them? + +Thanks to Georg Koppen for spotting both the problem and this fix. +--- + netwerk/protocol/http/nsHttpChannel.cpp | 11 +++++++---- + 1 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp +index 97bd84c..6205d62 100644 +--- a/netwerk/protocol/http/nsHttpChannel.cpp ++++ b/netwerk/protocol/http/nsHttpChannel.cpp +@@ -316,9 +316,6 @@ nsHttpChannel::Connect(bool firstTime) + return NS_ERROR_DOCUMENT_NOT_CACHED; + } + +- // check to see if authorization headers should be included +- mAuthProvider->AddAuthorizationHeaders(); +- + if (mLoadFlags & LOAD_NO_NETWORK_IO) { + return NS_ERROR_DOCUMENT_NOT_CACHED; + } +@@ -3707,6 +3704,9 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) + + AddCookiesToRequest(); + ++ // check to see if authorization headers should be included ++ mAuthProvider->AddAuthorizationHeaders(); ++ + // notify "http-on-modify-request" observers + gHttpHandler->OnModifyRequest(this); + +@@ -4817,7 +4817,10 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn) + // this authentication attempt (bug 84794). + // TODO: save cookies from auth response and send them here (bug 572151). + AddCookiesToRequest(); +- ++ ++ // check to see if authorization headers should be included ++ mAuthProvider->AddAuthorizationHeaders(); ++ + // notify "http-on-modify-request" observers + gHttpHandler->OnModifyRequest(this); + +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0019-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch b/src/current-patches/firefox/0019-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch new file mode 100644 index 0000000..7f3869c --- /dev/null +++ b/src/current-patches/firefox/0019-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch @@ -0,0 +1,532 @@ +From 49cccdba3e6fc10e0e376d423b3ba1b6135f62e1 Mon Sep 17 00:00:00 2001 +From: Mike Perry <mikeperry-git(a)torproject.org> +Date: Thu, 7 Jun 2012 16:25:48 -0700 +Subject: [PATCH 19/24] Adapt Steven Michaud's Mac crashfix patch + +Source is: https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35 + +Some minor tweaks were needed to get it to apply and to compile on +MacOS. +--- + widget/public/Makefile.in | 2 + + widget/public/nsIDragService.idl | 1 - + widget/public/nsPIDragService.idl | 48 ++++++++++++++++++++++++++++ + widget/public/nsPIDragServiceWindows.idl | 46 ++++++++++++++++++++++++++ + widget/src/cocoa/nsChildView.mm | 35 +++++++++++++------- + widget/src/gtk2/nsDragService.cpp | 2 +- + widget/src/gtk2/nsWindow.cpp | 2 +- + widget/src/qt/nsDragService.h | 2 + + widget/src/windows/Makefile.in | 1 - + widget/src/windows/nsDragService.cpp | 13 +++++--- + widget/src/windows/nsDragService.h | 12 +++--- + widget/src/windows/nsNativeDragSource.cpp | 7 ++-- + widget/src/windows/nsNativeDragTarget.cpp | 28 ++++++++++------ + widget/src/xpwidgets/nsBaseDragService.cpp | 16 +++++++++- + widget/src/xpwidgets/nsBaseDragService.h | 9 ++--- + 15 files changed, 176 insertions(+), 48 deletions(-) + create mode 100644 widget/public/nsPIDragService.idl + create mode 100644 widget/public/nsPIDragServiceWindows.idl + +diff --git a/widget/public/Makefile.in b/widget/public/Makefile.in +index a70e65a..8a9b73d 100644 +--- a/widget/public/Makefile.in ++++ b/widget/public/Makefile.in +@@ -110,6 +110,8 @@ XPIDLSRCS = \ + nsIClipboardDragDropHooks.idl \ + nsIClipboardDragDropHookList.idl \ + nsIDragSession.idl \ ++ nsPIDragService.idl \ ++ nsPIDragServiceWindows.idl \ + nsIDragService.idl \ + nsIFormatConverter.idl \ + nsIClipboard.idl \ +diff --git a/widget/public/nsIDragService.idl b/widget/public/nsIDragService.idl +index 6863a88..c4a1e26 100644 +--- a/widget/public/nsIDragService.idl ++++ b/widget/public/nsIDragService.idl +@@ -146,7 +146,6 @@ interface nsIDragService : nsISupports + void suppress(); + void unsuppress(); + +- [noscript] void dragMoved(in long aX, in long aY); + }; + + +diff --git a/widget/public/nsPIDragService.idl b/widget/public/nsPIDragService.idl +new file mode 100644 +index 0000000..93a144d +--- /dev/null ++++ b/widget/public/nsPIDragService.idl +@@ -0,0 +1,48 @@ ++/* ***** BEGIN LICENSE BLOCK ***** ++ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 ++ * ++ * The contents of this file are subject to the Mozilla Public License Version ++ * 1.1 (the "License"); you may not use this file except in compliance with ++ * the License. You may obtain a copy of the License at ++ * http://www.mozilla.org/MPL/ ++ * ++ * Software distributed under the License is distributed on an "AS IS" basis, ++ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License ++ * for the specific language governing rights and limitations under the ++ * License. ++ * ++ * The Original Code is mozilla.org code. ++ * ++ * The Initial Developer of the Original Code is ++ * The Mozilla Foundation. ++ * Portions created by the Initial Developer are Copyright (C) 2012 ++ * the Initial Developer. All Rights Reserved. ++ * ++ * Contributor(s): ++ * Steven Michaud <smichaud(a)pobox.com> ++ * ++ * Alternatively, the contents of this file may be used under the terms of ++ * either the GNU General Public License Version 2 or later (the "GPL"), or ++ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), ++ * in which case the provisions of the GPL or the LGPL are applicable instead ++ * of those above. If you wish to allow use of your version of this file only ++ * under the terms of either the GPL or the LGPL, and not to allow others to ++ * use your version of this file under the terms of the MPL, indicate your ++ * decision by deleting the provisions above and replace them with the notice ++ * and other provisions required by the GPL or the LGPL. If you do not delete ++ * the provisions above, a recipient may use your version of this file under ++ * the terms of any one of the MPL, the GPL or the LGPL. ++ * ++ * ***** END LICENSE BLOCK ***** */ ++ ++#include "nsISupports.idl" ++ ++[scriptable, uuid(FAD8C90B-8E1D-446A-9B6C-241486A85CBD)] ++interface nsPIDragService : nsISupports ++{ ++ void dragMoved(in long aX, in long aY); ++ ++ PRUint16 getInputSource(); ++ ++ void setDragEndPoint(in long aX, in long aY); ++}; +diff --git a/widget/public/nsPIDragServiceWindows.idl b/widget/public/nsPIDragServiceWindows.idl +new file mode 100644 +index 0000000..c8a46dd +--- /dev/null ++++ b/widget/public/nsPIDragServiceWindows.idl +@@ -0,0 +1,46 @@ ++/* ***** BEGIN LICENSE BLOCK ***** ++ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 ++ * ++ * The contents of this file are subject to the Mozilla Public License Version ++ * 1.1 (the "License"); you may not use this file except in compliance with ++ * the License. You may obtain a copy of the License at ++ * http://www.mozilla.org/MPL/ ++ * ++ * Software distributed under the License is distributed on an "AS IS" basis, ++ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License ++ * for the specific language governing rights and limitations under the ++ * License. ++ * ++ * The Original Code is mozilla.org code. ++ * ++ * The Initial Developer of the Original Code is ++ * The Mozilla Foundation. ++ * Portions created by the Initial Developer are Copyright (C) 2012 ++ * the Initial Developer. All Rights Reserved. ++ * ++ * Contributor(s): ++ * Steven Michaud <smichaud(a)pobox.com> ++ * ++ * Alternatively, the contents of this file may be used under the terms of ++ * either the GNU General Public License Version 2 or later (the "GPL"), or ++ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), ++ * in which case the provisions of the GPL or the LGPL are applicable instead ++ * of those above. If you wish to allow use of your version of this file only ++ * under the terms of either the GPL or the LGPL, and not to allow others to ++ * use your version of this file under the terms of the MPL, indicate your ++ * decision by deleting the provisions above and replace them with the notice ++ * and other provisions required by the GPL or the LGPL. If you do not delete ++ * the provisions above, a recipient may use your version of this file under ++ * the terms of any one of the MPL, the GPL or the LGPL. ++ * ++ * ***** END LICENSE BLOCK ***** */ ++ ++#include "nsISupports.idl" ++ ++[scriptable, uuid(6FC2117D-5EB4-441A-9C12-62A783BEBC0C)] ++interface nsPIDragServiceWindows : nsISupports ++{ ++ void setIDataObject(in nsISupports aDataObj); ++ ++ void setDroppedLocal(); ++}; +diff --git a/widget/src/cocoa/nsChildView.mm b/widget/src/cocoa/nsChildView.mm +index 64336e3..b2ab6bc 100644 +--- a/widget/src/cocoa/nsChildView.mm ++++ b/widget/src/cocoa/nsChildView.mm +@@ -4513,11 +4513,12 @@ NSEvent* gLastDragMouseDownEvent = nil; + if (!dragService) { + dragService = do_GetService(kDragServiceContractID); + } ++ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); + + if (dragService) { + NSPoint pnt = [NSEvent mouseLocation]; + FlipCocoaScreenCoordinate(pnt); +- dragService->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); ++ dragServicePriv->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); + } + } + +@@ -4538,11 +4539,13 @@ NSEvent* gLastDragMouseDownEvent = nil; + } + + if (mDragService) { +- // set the dragend point from the current mouse location +- nsDragService* dragService = static_cast<nsDragService *>(mDragService); +- NSPoint pnt = [NSEvent mouseLocation]; +- FlipCocoaScreenCoordinate(pnt); +- dragService->SetDragEndPoint(nsIntPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y))); ++ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); ++ if (dragServicePriv) { ++ // set the dragend point from the current mouse location ++ NSPoint pnt = [NSEvent mouseLocation]; ++ FlipCocoaScreenCoordinate(pnt); ++ dragServicePriv->SetDragEndPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); ++ } + + // XXX: dropEffect should be updated per |operation|. + // As things stand though, |operation| isn't well handled within "our" +@@ -4553,13 +4556,19 @@ NSEvent* gLastDragMouseDownEvent = nil; + // value for NSDragOperationGeneric that is passed by other applications. + // All that said, NSDragOperationNone is still reliable. + if (operation == NSDragOperationNone) { +- nsCOMPtr<nsIDOMDataTransfer> dataTransfer; +- dragService->GetDataTransfer(getter_AddRefs(dataTransfer)); +- nsCOMPtr<nsIDOMNSDataTransfer> dataTransferNS = +- do_QueryInterface(dataTransfer); +- +- if (dataTransferNS) +- dataTransferNS->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); ++ nsCOMPtr<nsIDragSession> dragSession; ++ mDragService->GetCurrentSession(getter_AddRefs(dragSession)); ++ if (dragSession) { ++ nsCOMPtr<nsIDOMDataTransfer> dataTransfer; ++ dragSession->GetDataTransfer(getter_AddRefs(dataTransfer)); ++ if (dataTransfer) { ++ nsCOMPtr<nsIDOMNSDataTransfer> dataTransferNS = ++ do_QueryInterface(dataTransfer); ++ if (dataTransferNS) { ++ dataTransferNS->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); ++ } ++ } ++ } + } + + mDragService->EndDragSession(true); +diff --git a/widget/src/gtk2/nsDragService.cpp b/widget/src/gtk2/nsDragService.cpp +index ca5a42c..876fd55 100644 +--- a/widget/src/gtk2/nsDragService.cpp ++++ b/widget/src/gtk2/nsDragService.cpp +@@ -1334,7 +1334,7 @@ nsDragService::SourceEndDragSession(GdkDragContext *aContext, + GdkDisplay* display = gdk_display_get_default(); + if (display) { + gdk_display_get_pointer(display, NULL, &x, &y, NULL); +- SetDragEndPoint(nsIntPoint(x, y)); ++ SetDragEndPoint(x, y); + } + + // Either the drag was aborted or the drop occurred outside the app. +diff --git a/widget/src/gtk2/nsWindow.cpp b/widget/src/gtk2/nsWindow.cpp +index 2fd6f64..a2e27e1 100644 +--- a/widget/src/gtk2/nsWindow.cpp ++++ b/widget/src/gtk2/nsWindow.cpp +@@ -3738,7 +3738,7 @@ nsWindow::OnDragDropEvent(GtkWidget *aWidget, + if (display) { + // get the current cursor position + gdk_display_get_pointer(display, NULL, &x, &y, NULL); +- ((nsDragService *)dragService.get())->SetDragEndPoint(nsIntPoint(x, y)); ++ ((nsDragService *)dragService.get())->SetDragEndPoint(x, y); + } + dragService->EndDragSession(true); + +diff --git a/widget/src/qt/nsDragService.h b/widget/src/qt/nsDragService.h +index 5a3e5bb..50dcfac 100644 +--- a/widget/src/qt/nsDragService.h ++++ b/widget/src/qt/nsDragService.h +@@ -50,6 +50,8 @@ public: + NS_DECL_ISUPPORTS + NS_DECL_NSIDRAGSERVICE + ++ NS_IMETHOD DragMoved(PRInt32 aX, PRInt32 aY); ++ + nsDragService(); + + private: +diff --git a/widget/src/windows/Makefile.in b/widget/src/windows/Makefile.in +index 53277ea..d7ff7ce 100644 +--- a/widget/src/windows/Makefile.in ++++ b/widget/src/windows/Makefile.in +@@ -115,7 +115,6 @@ ifdef MOZ_ENABLE_D3D10_LAYER + DEFINES += -DMOZ_ENABLE_D3D10_LAYER + endif + +- + EXPORTS = nsdefs.h WindowHook.h + EXPORTS_NAMESPACES = mozilla/widget + EXPORTS_mozilla/widget = AudioSession.h +diff --git a/widget/src/windows/nsDragService.cpp b/widget/src/windows/nsDragService.cpp +index 2dcede3..3d8af21 100644 +--- a/widget/src/windows/nsDragService.cpp ++++ b/widget/src/windows/nsDragService.cpp +@@ -97,6 +97,8 @@ nsDragService::~nsDragService() + NS_IF_RELEASE(mDataObject); + } + ++NS_IMPL_ISUPPORTS_INHERITED1(nsDragService, nsBaseDragService, nsPIDragServiceWindows) ++ + bool + nsDragService::CreateDragImage(nsIDOMNode *aDOMNode, + nsIScriptableRegion *aRegion, +@@ -350,7 +352,7 @@ nsDragService::StartInvokingDragSession(IDataObject * aDataObj, + POINT cpos; + cpos.x = GET_X_LPARAM(pos); + cpos.y = GET_Y_LPARAM(pos); +- SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); ++ SetDragEndPoint(cpos.x, cpos.y); + EndDragSession(true); + + mDoingDrag = false; +@@ -468,25 +470,26 @@ nsDragService::GetData(nsITransferable * aTransferable, PRUint32 anItem) + + //--------------------------------------------------------- + NS_IMETHODIMP +-nsDragService::SetIDataObject(IDataObject * aDataObj) ++nsDragService::SetIDataObject(nsISupports * aDataObj) + { ++ IDataObject *dataObj = (IDataObject*) aDataObj; + // When the native drag starts the DragService gets + // the IDataObject that is being dragged + NS_IF_RELEASE(mDataObject); +- mDataObject = aDataObj; ++ mDataObject = dataObj; + NS_IF_ADDREF(mDataObject); + + return NS_OK; + } + + //--------------------------------------------------------- +-void ++NS_IMETHODIMP + nsDragService::SetDroppedLocal() + { + // Sent from the native drag handler, letting us know + // a drop occurred within the application vs. outside of it. + mSentLocalDropEvent = true; +- return; ++ return NS_OK; + } + + //------------------------------------------------------------------------- +diff --git a/widget/src/windows/nsDragService.h b/widget/src/windows/nsDragService.h +index 067bcf2..2699e47 100644 +--- a/widget/src/windows/nsDragService.h ++++ b/widget/src/windows/nsDragService.h +@@ -39,6 +39,7 @@ + #define nsDragService_h__ + + #include "nsBaseDragService.h" ++#include "nsPIDragServiceWindows.h" + #include <windows.h> + #include <shlobj.h> + +@@ -52,12 +53,15 @@ class nsString; + * Native Win32 DragService wrapper + */ + +-class nsDragService : public nsBaseDragService ++class nsDragService : public nsBaseDragService, public nsPIDragServiceWindows + { + public: + nsDragService(); + virtual ~nsDragService(); +- ++ ++ NS_DECL_ISUPPORTS_INHERITED ++ NS_DECL_NSPIDRAGSERVICEWINDOWS ++ + // nsIDragService + NS_IMETHOD InvokeDragSession(nsIDOMNode *aDOMNode, + nsISupportsArray *anArrayTransferables, +@@ -71,13 +75,9 @@ public: + NS_IMETHOD EndDragSession(bool aDoneDrag); + + // native impl. +- NS_IMETHOD SetIDataObject(IDataObject * aDataObj); + NS_IMETHOD StartInvokingDragSession(IDataObject * aDataObj, + PRUint32 aActionType); + +- // A drop occurred within the application vs. outside of it. +- void SetDroppedLocal(); +- + protected: + nsDataObjCollection* GetDataObjCollection(IDataObject * aDataObj); + +diff --git a/widget/src/windows/nsNativeDragSource.cpp b/widget/src/windows/nsNativeDragSource.cpp +index e51101e..0fe6ffe 100644 +--- a/widget/src/windows/nsNativeDragSource.cpp ++++ b/widget/src/windows/nsNativeDragSource.cpp +@@ -42,7 +42,7 @@ + #include "nsIServiceManager.h" + #include "nsToolkit.h" + #include "nsWidgetsCID.h" +-#include "nsIDragService.h" ++#include "nsDragService.h" + + static NS_DEFINE_IID(kCDragServiceCID, NS_DRAGSERVICE_CID); + +@@ -101,9 +101,10 @@ STDMETHODIMP + nsNativeDragSource::QueryContinueDrag(BOOL fEsc, DWORD grfKeyState) + { + nsCOMPtr<nsIDragService> dragService = do_GetService(kCDragServiceCID); +- if (dragService) { ++ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); ++ if (dragServicePriv) { + DWORD pos = ::GetMessagePos(); +- dragService->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); ++ dragServicePriv->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); + } + + if (fEsc) { +diff --git a/widget/src/windows/nsNativeDragTarget.cpp b/widget/src/windows/nsNativeDragTarget.cpp +index cf6196b..82ad3c6 100644 +--- a/widget/src/windows/nsNativeDragTarget.cpp ++++ b/widget/src/windows/nsNativeDragTarget.cpp +@@ -209,7 +209,11 @@ nsNativeDragTarget::DispatchDragDropEvent(PRUint32 aEventType, POINTL aPT) + event.isControl = IsKeyDown(NS_VK_CONTROL); + event.isMeta = false; + event.isAlt = IsKeyDown(NS_VK_ALT); +- event.inputSource = static_cast<nsBaseDragService*>(mDragService)->GetInputSource(); ++ event.inputSource = 0; ++ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); ++ if (dragServicePriv) { ++ dragServicePriv->GetInputSource(&event.inputSource); ++ } + + mWindow->DispatchEvent(&event, status); + } +@@ -296,9 +300,8 @@ nsNativeDragTarget::DragEnter(LPDATAOBJECT pIDataSource, + // This cast is ok because in the constructor we created a + // the actual implementation we wanted, so we know this is + // a nsDragService. It should be a private interface, though. +- nsDragService * winDragService = +- static_cast<nsDragService *>(mDragService); +- winDragService->SetIDataObject(pIDataSource); ++ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); ++ winDragService->SetIDataObject((nsISupports*)pIDataSource); + + // Now process the native drag state and then dispatch the event + ProcessDrag(NS_DRAGDROP_ENTER, grfKeyState, ptl, pdwEffect); +@@ -436,8 +439,8 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, + // This cast is ok because in the constructor we created a + // the actual implementation we wanted, so we know this is + // a nsDragService (but it should still be a private interface) +- nsDragService* winDragService = static_cast<nsDragService*>(mDragService); +- winDragService->SetIDataObject(pData); ++ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); ++ winDragService->SetIDataObject((nsISupports*)pData); + + // NOTE: ProcessDrag spins the event loop which may destroy arbitrary objects. + // We use strong refs to prevent it from destroying these: +@@ -461,11 +464,14 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, + // tell the drag service we're done with the session + // Use GetMessagePos to get the position of the mouse at the last message + // seen by the event loop. (Bug 489729) +- DWORD pos = ::GetMessagePos(); +- POINT cpos; +- cpos.x = GET_X_LPARAM(pos); +- cpos.y = GET_Y_LPARAM(pos); +- winDragService->SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); ++ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); ++ if (dragServicePriv) { ++ DWORD pos = ::GetMessagePos(); ++ POINT cpos; ++ cpos.x = GET_X_LPARAM(pos); ++ cpos.y = GET_Y_LPARAM(pos); ++ dragServicePriv->SetDragEndPoint(cpos.x, cpos.y); ++ } + serv->EndDragSession(true); + + // release the ref that was taken in DragEnter +diff --git a/widget/src/xpwidgets/nsBaseDragService.cpp b/widget/src/xpwidgets/nsBaseDragService.cpp +index 52efb7e..1c35673 100644 +--- a/widget/src/xpwidgets/nsBaseDragService.cpp ++++ b/widget/src/xpwidgets/nsBaseDragService.cpp +@@ -89,7 +89,7 @@ nsBaseDragService::~nsBaseDragService() + { + } + +-NS_IMPL_ISUPPORTS2(nsBaseDragService, nsIDragService, nsIDragSession) ++NS_IMPL_ISUPPORTS3(nsBaseDragService, nsIDragService, nsPIDragService, nsIDragSession) + + //--------------------------------------------------------- + NS_IMETHODIMP +@@ -443,6 +443,20 @@ nsBaseDragService::DragMoved(PRInt32 aX, PRInt32 aY) + return NS_OK; + } + ++NS_IMETHODIMP ++nsBaseDragService::SetDragEndPoint(PRInt32 aX, PRInt32 aY) ++{ ++ mEndDragPoint = nsIntPoint(aX, aY); ++ return NS_OK; ++} ++ ++NS_IMETHODIMP ++nsBaseDragService::GetInputSource(PRUint16* aInputSource) ++{ ++ *aInputSource = mInputSource; ++ return NS_OK; ++} ++ + static nsIPresShell* + GetPresShellForContent(nsIDOMNode* aDOMNode) + { +diff --git a/widget/src/xpwidgets/nsBaseDragService.h b/widget/src/xpwidgets/nsBaseDragService.h +index 290c0cb..2ceac2b 100644 +--- a/widget/src/xpwidgets/nsBaseDragService.h ++++ b/widget/src/xpwidgets/nsBaseDragService.h +@@ -39,6 +39,7 @@ + #define nsBaseDragService_h__ + + #include "nsIDragService.h" ++#include "nsPIDragService.h" + #include "nsIDragSession.h" + #include "nsITransferable.h" + #include "nsISupportsArray.h" +@@ -64,6 +65,7 @@ class nsICanvasElementExternal; + */ + + class nsBaseDragService : public nsIDragService, ++ public nsPIDragService, + public nsIDragSession + { + +@@ -74,14 +76,11 @@ public: + //nsISupports + NS_DECL_ISUPPORTS + +- //nsIDragSession and nsIDragService ++ //nsIDragSession, nsIDragService and nsPIDragService + NS_DECL_NSIDRAGSERVICE ++ NS_DECL_NSPIDRAGSERVICE + NS_DECL_NSIDRAGSESSION + +- void SetDragEndPoint(nsIntPoint aEndDragPoint) { mEndDragPoint = aEndDragPoint; } +- +- PRUint16 GetInputSource() { return mInputSource; } +- + protected: + + /** +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch b/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch index 56d9848..114301d 100644 --- a/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch +++ b/src/current-patches/firefox/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch @@ -1,17 +1,17 @@ -From 73e548ceee36b99f06e33010163ed8b8cc86b3dd Mon Sep 17 00:00:00 2001 +From 36d57455893bcf6dc08e91a2784970f285c5e84b Mon Sep 17 00:00:00 2001 From: Mike Perry <mikeperry-git(a)torproject.org> Date: Tue, 28 Aug 2012 18:35:33 -0700 -Subject: [PATCH 20/20] Add mozIThirdPartyUtil.getFirstPartyURI API +Subject: [PATCH 20/24] Add mozIThirdPartyUtil.getFirstPartyURI API API allows you to get the url bar URI for a channel or nsIDocument. --- - content/base/src/ThirdPartyUtil.cpp | 52 ++++++++++++++++++++++++++++ + content/base/src/ThirdPartyUtil.cpp | 59 ++++++++++++++++++++++++++++ content/base/src/ThirdPartyUtil.h | 2 + - netwerk/base/public/mozIThirdPartyUtil.idl | 21 +++++++++++ - 3 files changed, 75 insertions(+), 0 deletions(-) + netwerk/base/public/mozIThirdPartyUtil.idl | 21 ++++++++++ + 3 files changed, 82 insertions(+), 0 deletions(-) diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp -index 6a415e9..62333f3 100644 +index 6a415e9..52b3dab 100644 --- a/content/base/src/ThirdPartyUtil.cpp +++ b/content/base/src/ThirdPartyUtil.cpp @@ -40,6 +40,9 @@ @@ -32,7 +32,7 @@ index 6a415e9..62333f3 100644 return rv; } -@@ -315,3 +319,51 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, +@@ -315,3 +319,58 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, return NS_OK; } @@ -62,12 +62,19 @@ index 6a415e9..62333f3 100644 + if (NS_FAILED(rv) && aDoc) { + nsCOMPtr<nsIDOMWindow> top; + nsCOMPtr<nsIDOMDocument> topDDoc; -+ -+ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); -+ top->GetDocument(getter_AddRefs(topDDoc)); ++ ++ if (aDoc->GetWindow()) { ++ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); ++ top->GetDocument(getter_AddRefs(topDDoc)); + -+ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); -+ *aOutput = topDoc->GetOriginalURI(); ++ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); ++ *aOutput = topDoc->GetOriginalURI(); ++ } else { ++ // XXX: Chrome callers (such as NoScript) can end up here ++ // through getImageData/canvas usage with no document state ++ // (no Window and a document URI of about:blank). Propogate ++ // rv fail (by doing nothing), and hope caller recovers. ++ } + + if (*aOutput) + rv = NS_OK; diff --git a/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch b/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch new file mode 100644 index 0000000..cf5dd61 --- /dev/null +++ b/src/current-patches/firefox/0021-Add-canvas-image-extraction-prompt.patch @@ -0,0 +1,551 @@ +From 29ce940434ebbb8e54c0d9b8f84ccf6ec6bd71bc Mon Sep 17 00:00:00 2001 +From: Kathleen Brade <brade(a)pearlcrescent.com> +Date: Tue, 9 Oct 2012 11:21:06 -0400 +Subject: [PATCH 21/24] Add canvas image extraction prompt. + +--- + browser/base/content/browser.css | 1 + + browser/base/content/browser.js | 102 ++++++++++++++++++++ + browser/base/content/browser.xul | 1 + + .../en-US/chrome/browser/browser.properties | 7 ++ + browser/themes/gnomestripe/browser/browser.css | 2 + + browser/themes/pinstripe/browser/browser.css | 2 + + browser/themes/winstripe/browser/browser.css | 2 + + content/canvas/src/CanvasUtils.cpp | 63 ++++++++++++ + content/canvas/src/CanvasUtils.h | 2 + + content/canvas/src/nsCanvasRenderingContext2D.cpp | 15 +++ + .../canvas/src/nsCanvasRenderingContext2DAzure.cpp | 15 +++ + content/html/content/public/nsHTMLCanvasElement.h | 3 + + content/html/content/src/Makefile.in | 1 + + content/html/content/src/nsHTMLCanvasElement.cpp | 39 ++++++-- + 14 files changed, 246 insertions(+), 9 deletions(-) + +diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css +index f033c2b..c709631 100644 +--- a/browser/base/content/browser.css ++++ b/browser/base/content/browser.css +@@ -440,6 +440,7 @@ window[chromehidden~="toolbar"] toolbar:not(.toolbar-primary):not(.chromeclass-m + created with a null anchorID, so in that case use a default anchor icon. */ + #notification-popup-box[anchorid="notification-popup-box"] > #default-notification-icon, + #notification-popup-box[anchorid="geo-notification-icon"] > #geo-notification-icon, ++#notification-popup-box[anchorid="canvas-notification-icon"] > #canvas-notification-icon, + #notification-popup-box[anchorid="indexedDB-notification-icon"] > #indexedDB-notification-icon, + #notification-popup-box[anchorid="addons-notification-icon"] > #addons-notification-icon, + #notification-popup-box[anchorid="password-notification-icon"] > #password-notification-icon { +diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js +index 20e3666..0c6bd46 100644 +--- a/browser/base/content/browser.js ++++ b/browser/base/content/browser.js +@@ -1522,6 +1522,7 @@ function delayedStartup(isLoadingBlank, mustLoadSidebar) { + BrowserOffline.init(); + OfflineApps.init(); + IndexedDBPromptHelper.init(); ++ CanvasPermissionPromptHelper.init(); + gFormSubmitObserver.init(); + AddonManager.addAddonListener(AddonsMgrListener); + +@@ -1834,6 +1835,7 @@ function BrowserShutdown() { + BrowserOffline.uninit(); + OfflineApps.uninit(); + IndexedDBPromptHelper.uninit(); ++ CanvasPermissionPromptHelper.uninit(); + AddonManager.removeAddonListener(AddonsMgrListener); + } + +@@ -6656,6 +6658,106 @@ var IndexedDBPromptHelper = { + } + }; + ++var CanvasPermissionPromptHelper = { ++ _permissionsPrompt: "canvas-permissions-prompt", ++ _notificationIcon: "canvas-notification-icon", ++ ++ init: ++ function CanvasPermissionPromptHelper_init() { ++ Services.obs.addObserver(this, this._permissionsPrompt, false); ++ }, ++ ++ uninit: ++ function CanvasPermissionPromptHelper_uninit() { ++ Services.obs.removeObserver(this, this._permissionsPrompt, false); ++ }, ++ ++ // aSubject is an nsIDOMWindow. ++ // aData is an URL string. ++ observe: ++ function CanvasPermissionPromptHelper_observe(aSubject, aTopic, aData) { ++ if ((aTopic != this._permissionsPrompt) || !aData) ++ throw new Error("Unexpected topic or missing URL"); ++ ++ var uri = makeURI(aData); ++ var contentWindow = aSubject.QueryInterface(Ci.nsIDOMWindow); ++ var contentDocument = contentWindow.document; ++ var browserWindow = ++ OfflineApps._getBrowserWindowForContentWindow(contentWindow); ++ ++ if (browserWindow != window) { ++ // Must belong to some other window. ++ return; ++ } ++ ++ // If canvas prompt is already displayed, just return. This is OK (and ++ // more efficient) since this permission is associated with the top ++ // browser's URL. ++ if (PopupNotifications.getNotification(aTopic, browser)) ++ return; ++ ++ var bundleSvc = Cc["@mozilla.org/intl/stringbundle;1"]. ++ getService(Ci.nsIStringBundleService); ++ var torBtnBundle; ++ try { ++ torBtnBundle = bundleSvc.createBundle( ++ "chrome://torbutton/locale/torbutton.properties"); ++ } catch (e) {} ++ ++ var message = getLocalizedString("canvas.siteprompt", [ uri.asciiHost ]); ++ ++ var mainAction = { ++ label: getLocalizedString("canvas.allow"), ++ accessKey: getLocalizedString("canvas.allowAccessKey"), ++ callback: function() { ++ setCanvasPermission(uri, Ci.nsIPermissionManager.ALLOW_ACTION); ++ } ++ }; ++ ++ var secondaryActions = [ ++ { ++ label: getLocalizedString("canvas.never"), ++ accessKey: getLocalizedString("canvas.neverAccessKey"), ++ callback: function() { ++ setCanvasPermission(uri, Ci.nsIPermissionManager.DENY_ACTION); ++ } ++ } ++ ]; ++ ++ // Since we have a process in place to perform localization for the ++ // Torbutton extension, get our strings from the extension if possible. ++ function getLocalizedString(aID, aParams) { ++ var s; ++ if (torBtnBundle) try { ++ if (aParams) ++ s = torBtnBundle.formatStringFromName(aID, aParams, aParams.length); ++ else ++ s = torBtnBundle.GetStringFromName(aID); ++ } catch (e) {} ++ ++ if (!s) { ++ if (aParams) ++ s = gNavigatorBundle.getFormattedString(aID, aParams); ++ else ++ s = gNavigatorBundle.getString(aID); ++ } ++ ++ return s; ++ } ++ ++ function setCanvasPermission(aURI, aPerm) { ++ Services.perms.add(aURI, "canvas/extractData", aPerm, ++ Ci.nsIPermissionManager.EXPIRE_NEVER); ++ } ++ ++ var browser = OfflineApps._getBrowserForContentWindow(browserWindow, ++ contentWindow); ++ notification = PopupNotifications.show(browser, aTopic, message, ++ this._notificationIcon, mainAction, ++ secondaryActions, null); ++ } ++}; ++ + function WindowIsClosing() + { + if (TabView.isVisible()) { +diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul +index ba2a7cb..1acea43 100644 +--- a/browser/base/content/browser.xul ++++ b/browser/base/content/browser.xul +@@ -520,6 +520,7 @@ + <image id="default-notification-icon" class="notification-anchor-icon" role="button"/> + <image id="geo-notification-icon" class="notification-anchor-icon" role="button"/> + <image id="addons-notification-icon" class="notification-anchor-icon" role="button"/> ++ <image id="canvas-notification-icon" class="notification-anchor-icon" role="button"/> + <image id="indexedDB-notification-icon" class="notification-anchor-icon" role="button"/> + <image id="password-notification-icon" class="notification-anchor-icon" role="button"/> + </box> +diff --git a/browser/locales/en-US/chrome/browser/browser.properties b/browser/locales/en-US/chrome/browser/browser.properties +index 380e3c3..98154d1 100644 +--- a/browser/locales/en-US/chrome/browser/browser.properties ++++ b/browser/locales/en-US/chrome/browser/browser.properties +@@ -197,6 +197,13 @@ offlineApps.usage=This website (%S) is now storing more than %SMB of data on you + offlineApps.manageUsage=Show settings + offlineApps.manageUsageAccessKey=S + ++# Canvas permission prompt ++canvas.siteprompt=This website (%S) attempted to access image data on a canvas. Blank (white) image data was returned this time. ++canvas.allow=Allow in the Future ++canvas.allowAccessKey=A ++canvas.never=Never for This Site ++canvas.neverAccessKey=e ++ + # LOCALIZATION NOTE (indexedDB.usage): %1$S is the website host name + # %2$S a number of megabytes. + indexedDB.usage=This website (%1$S) is attempting to store more than %2$S MB of data on your computer for offline use. +diff --git a/browser/themes/gnomestripe/browser/browser.css b/browser/themes/gnomestripe/browser/browser.css +index edc0b72..8ba057e 100644 +--- a/browser/themes/gnomestripe/browser/browser.css ++++ b/browser/themes/gnomestripe/browser/browser.css +@@ -1227,6 +1227,7 @@ toolbar[iconsize="small"] #feed-button { + list-style-image: url("moz-icon://stock/gtk-cancel?size=menu"); + } + ++.popup-notification-icon[popupid="canvas-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-quota-prompt"] { + list-style-image: url(chrome://global/skin/icons/question-64.png); +@@ -1281,6 +1282,7 @@ toolbar[iconsize="small"] #feed-button { + list-style-image: url(chrome://mozapps/skin/extensions/extensionGeneric-16.png); + } + ++#canvas-notification-icon, + #indexedDB-notification-icon { + list-style-image: url(chrome://global/skin/icons/question-16.png); + } +diff --git a/browser/themes/pinstripe/browser/browser.css b/browser/themes/pinstripe/browser/browser.css +index 2a96556..f94a6f2 100644 +--- a/browser/themes/pinstripe/browser/browser.css ++++ b/browser/themes/pinstripe/browser/browser.css +@@ -2404,10 +2404,12 @@ toolbarbutton.chevron > .toolbarbutton-menu-dropmarker { + -moz-image-region: rect(0px, 48px, 16px, 32px); + } + ++#canvas-notification-icon, + #indexedDB-notification-icon { + list-style-image: url(chrome://global/skin/icons/question-16.png); + } + ++.popup-notification-icon[popupid="canvas-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-quota-prompt"] { + list-style-image: url(chrome://global/skin/icons/question-64.png); +diff --git a/browser/themes/winstripe/browser/browser.css b/browser/themes/winstripe/browser/browser.css +index 0103c79..d352790 100644 +--- a/browser/themes/winstripe/browser/browser.css ++++ b/browser/themes/winstripe/browser/browser.css +@@ -2294,6 +2294,7 @@ toolbarbutton.bookmark-item[dragover="true"][open="true"] { + -moz-image-region: rect(32px, 32px, 48px, 16px); + } + ++.popup-notification-icon[popupid="canvas-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-permissions-prompt"], + .popup-notification-icon[popupid="indexedDB-quota-prompt"] { + list-style-image: url(chrome://global/skin/icons/question-64.png); +@@ -2346,6 +2347,7 @@ toolbarbutton.bookmark-item[dragover="true"][open="true"] { + list-style-image: url(chrome://mozapps/skin/extensions/extensionGeneric-16.png); + } + ++#canvas-notification-icon, + #indexedDB-notification-icon { + list-style-image: url(chrome://global/skin/icons/question-16.png); + } +diff --git a/content/canvas/src/CanvasUtils.cpp b/content/canvas/src/CanvasUtils.cpp +index 2f822eb..d7d0591 100644 +--- a/content/canvas/src/CanvasUtils.cpp ++++ b/content/canvas/src/CanvasUtils.cpp +@@ -59,6 +59,15 @@ + #include "CanvasUtils.h" + #include "mozilla/gfx/Matrix.h" + ++#include "nsIScriptObjectPrincipal.h" ++#include "nsIPermissionManager.h" ++#include "mozIThirdPartyUtil.h" ++#include "nsContentUtils.h" ++#include "nsUnicharUtils.h" ++ ++#define TOPIC_CANVAS_PERMISSIONS_PROMPT "canvas-permissions-prompt" ++#define PERMISSION_CANVAS_EXTRACT_DATA "canvas/extractData" ++ + namespace mozilla { + namespace CanvasUtils { + +@@ -101,6 +110,60 @@ DoDrawImageSecurityCheck(nsHTMLCanvasElement *aCanvasElement, + aCanvasElement->SetWriteOnly(); + } + ++// Check site-specific permission and display prompt if appropriate. ++bool ++IsImageExtractionAllowed(nsIDocument *aDocument) ++{ ++ if (!aDocument) ++ return false; ++ ++ nsPIDOMWindow *win = aDocument->GetWindow(); ++ nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(win)); ++ if (sop && nsContentUtils::IsSystemPrincipal(sop->GetPrincipal())) ++ return true; ++ ++ bool isAllowed = false; ++ nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = ++ do_GetService(THIRDPARTYUTIL_CONTRACTID); ++ nsCOMPtr<nsIPermissionManager> permissionManager = ++ do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); ++ if (thirdPartyUtil && permissionManager) { ++ nsCOMPtr<nsIURI> uri; ++ nsresult rv = thirdPartyUtil->GetFirstPartyURI(NULL, aDocument, ++ getter_AddRefs(uri)); ++ uint32_t permission = nsIPermissionManager::UNKNOWN_ACTION; ++ if (NS_SUCCEEDED(rv)) { ++ // Allow local files to access canvas data; check content permissions ++ // for remote pages. ++ bool isFileURL = false; ++ (void)uri->SchemeIs("file", &isFileURL); ++ if (isFileURL) ++ permission = nsIPermissionManager::ALLOW_ACTION; ++ else { ++ rv = permissionManager->TestPermission(uri, ++ PERMISSION_CANVAS_EXTRACT_DATA, &permission); ++ } ++ } ++ ++ if (NS_SUCCEEDED(rv)) { ++ isAllowed = (permission == nsIPermissionManager::ALLOW_ACTION); ++ ++ if (!isAllowed && (permission != nsIPermissionManager::DENY_ACTION)) { ++ // Send notification so that a prompt is displayed. ++ nsCString spec; ++ rv = uri->GetSpec(spec); ++ NS_ENSURE_SUCCESS(rv, rv); ++ nsCOMPtr<nsIObserverService> obs = ++ mozilla::services::GetObserverService(); ++ obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT, ++ NS_ConvertUTF8toUTF16(spec).get()); ++ } ++ } ++ } ++ ++ return isAllowed; ++} ++ + void + LogMessage (const nsCString& errorString) + { +diff --git a/content/canvas/src/CanvasUtils.h b/content/canvas/src/CanvasUtils.h +index 36186dd..067ee46 100644 +--- a/content/canvas/src/CanvasUtils.h ++++ b/content/canvas/src/CanvasUtils.h +@@ -77,6 +77,8 @@ void DoDrawImageSecurityCheck(nsHTMLCanvasElement *aCanvasElement, + bool forceWriteOnly, + bool CORSUsed); + ++bool IsImageExtractionAllowed(nsIDocument *aDocument); ++ + void LogMessage (const nsCString& errorString); + void LogMessagef (const char *fmt, ...); + +diff --git a/content/canvas/src/nsCanvasRenderingContext2D.cpp b/content/canvas/src/nsCanvasRenderingContext2D.cpp +index 36389b0..0cf97ce 100644 +--- a/content/canvas/src/nsCanvasRenderingContext2D.cpp ++++ b/content/canvas/src/nsCanvasRenderingContext2D.cpp +@@ -3886,6 +3886,21 @@ nsCanvasRenderingContext2D::GetImageData_explicit(PRInt32 x, PRInt32 y, PRUint32 + if (!rightMost.valid() || !bottomMost.valid()) + return NS_ERROR_DOM_SYNTAX_ERR; + ++ // Check for site-specific permission and return all-white, opaque pixel ++ // data if no permission. This check is not needed if the canvas was ++ // created with a docshell (that is only done for special internal uses). ++ bool usePlaceholder = false; ++ if (mCanvasElement) { ++ nsCOMPtr<nsIDocument> ownerDoc = HTMLCanvasElement()->OwnerDoc(); ++ usePlaceholder = !ownerDoc || ++ !CanvasUtils::IsImageExtractionAllowed(ownerDoc); ++ } ++ ++ if (usePlaceholder) { ++ memset(aData, 0xFF, aDataLen); ++ return NS_OK; ++ } ++ + /* Copy the surface contents to the buffer */ + nsRefPtr<gfxImageSurface> tmpsurf = + new gfxImageSurface(aData, +diff --git a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp +index 13baaa5..e8dfb1e 100644 +--- a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp ++++ b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp +@@ -4038,6 +4038,21 @@ nsCanvasRenderingContext2DAzure::GetImageData_explicit(PRInt32 x, PRInt32 y, PRU + return NS_OK; + } + ++ // Check for site-specific permission and return all-white, opaque pixel ++ // data if no permission. This check is not needed if the canvas was ++ // created with a docshell (that is only done for special internal uses). ++ bool usePlaceholder = false; ++ if (mCanvasElement) { ++ nsCOMPtr<nsIDocument> ownerDoc = HTMLCanvasElement()->OwnerDoc(); ++ usePlaceholder = !ownerDoc || ++ !CanvasUtils::IsImageExtractionAllowed(ownerDoc); ++ } ++ ++ if (usePlaceholder) { ++ memset(aData, 0xFF, aDataLen); ++ return NS_OK; ++ } ++ + IntRect srcRect(0, 0, mWidth, mHeight); + IntRect destRect(x, y, w, h); + +diff --git a/content/html/content/public/nsHTMLCanvasElement.h b/content/html/content/public/nsHTMLCanvasElement.h +index 86202a8..66176f2 100644 +--- a/content/html/content/public/nsHTMLCanvasElement.h ++++ b/content/html/content/public/nsHTMLCanvasElement.h +@@ -188,13 +188,16 @@ protected: + nsresult UpdateContext(nsIPropertyBag *aNewContextOptions = nsnull); + nsresult ExtractData(const nsAString& aType, + const nsAString& aOptions, ++ bool aUsePlaceholder, + nsIInputStream** aStream, + bool& aFellBackToPNG); + nsresult ToDataURLImpl(const nsAString& aMimeType, + nsIVariant* aEncoderOptions, ++ bool aUsePlaceholder, + nsAString& aDataURL); + nsresult MozGetAsFileImpl(const nsAString& aName, + const nsAString& aType, ++ bool aUsePlaceholder, + nsIDOMFile** aResult); + nsresult GetContextHelper(const nsAString& aContextId, + bool aForceThebes, +diff --git a/content/html/content/src/Makefile.in b/content/html/content/src/Makefile.in +index 019d297..3db4f7c 100644 +--- a/content/html/content/src/Makefile.in ++++ b/content/html/content/src/Makefile.in +@@ -138,6 +138,7 @@ INCLUDES += \ + -I$(srcdir)/../../../events/src \ + -I$(srcdir)/../../../xbl/src \ + -I$(srcdir)/../../../xul/content/src \ ++ -I$(srcdir)/../../../canvas/src/ \ + -I$(srcdir)/../../../../layout/forms \ + -I$(srcdir)/../../../../layout/style \ + -I$(srcdir)/../../../../layout/tables \ +diff --git a/content/html/content/src/nsHTMLCanvasElement.cpp b/content/html/content/src/nsHTMLCanvasElement.cpp +index a302f67..572a81b 100644 +--- a/content/html/content/src/nsHTMLCanvasElement.cpp ++++ b/content/html/content/src/nsHTMLCanvasElement.cpp +@@ -60,6 +60,8 @@ + + #include "nsIWritablePropertyBag2.h" + ++#include "CanvasUtils.h" ++ + #define DEFAULT_CANVAS_WIDTH 300 + #define DEFAULT_CANVAS_HEIGHT 150 + +@@ -213,25 +215,36 @@ nsHTMLCanvasElement::ToDataURL(const nsAString& aType, nsIVariant* aParams, + return NS_ERROR_DOM_SECURITY_ERR; + } + +- return ToDataURLImpl(aType, aParams, aDataURL); ++ // Check site-specific permission and display prompt if appropriate. ++ // If no permission, return all-white, opaque image data. ++ bool usePlaceholder = !CanvasUtils::IsImageExtractionAllowed(OwnerDoc()); ++ return ToDataURLImpl(aType, aParams, usePlaceholder, aDataURL); + } + ++// TODO: on FF trunk, we also need to patch mozFetchAsStream(). + nsresult + nsHTMLCanvasElement::ExtractData(const nsAString& aType, + const nsAString& aOptions, ++ bool aUsePlaceholder, + nsIInputStream** aStream, + bool& aFellBackToPNG) + { + // note that if we don't have a current context, the spec says we're + // supposed to just return transparent black pixels of the canvas + // dimensions. ++ // If placeholder data was requested, return all-white, opaque image data. + nsRefPtr<gfxImageSurface> emptyCanvas; + nsIntSize size = GetWidthHeight(); +- if (!mCurrentContext) { ++ if (aUsePlaceholder || !mCurrentContext) { + emptyCanvas = new gfxImageSurface(gfxIntSize(size.width, size.height), gfxASurface::ImageFormatARGB32); + if (emptyCanvas->CairoStatus()) { + return NS_ERROR_INVALID_ARG; + } ++ ++ if (aUsePlaceholder) { ++ int32_t dataSize = emptyCanvas->GetDataSize(); ++ memset(emptyCanvas->Data(), 0xFF, dataSize); ++ } + } + + nsresult rv; +@@ -241,12 +254,13 @@ nsHTMLCanvasElement::ExtractData(const nsAString& aType, + NS_ConvertUTF16toUTF8 encoderType(aType); + + try_again: +- if (mCurrentContext) { ++ if (!aUsePlaceholder && mCurrentContext) { + rv = mCurrentContext->GetInputStream(encoderType.get(), + nsPromiseFlatString(aOptions).get(), + getter_AddRefs(imgStream)); + } else { +- // no context, so we have to encode the empty image we created above ++ // Using placeholder or we have no context: encode the empty/white image ++ // we created above. + nsCString enccid("@mozilla.org/image/encoder;2?type="); + enccid += encoderType; + +@@ -284,6 +298,7 @@ nsHTMLCanvasElement::ExtractData(const nsAString& aType, + nsresult + nsHTMLCanvasElement::ToDataURLImpl(const nsAString& aMimeType, + nsIVariant* aEncoderOptions, ++ bool aUsePlaceholder, + nsAString& aDataURL) + { + bool fallbackToPNG = false; +@@ -339,13 +354,15 @@ nsHTMLCanvasElement::ToDataURLImpl(const nsAString& aMimeType, + } + + nsCOMPtr<nsIInputStream> stream; +- rv = ExtractData(type, params, getter_AddRefs(stream), fallbackToPNG); ++ rv = ExtractData(type, params, aUsePlaceholder, ++ getter_AddRefs(stream), fallbackToPNG); + + // If there are unrecognized custom parse options, we should fall back to + // the default values for the encoder without any options at all. + if (rv == NS_ERROR_INVALID_ARG && usingCustomParseOptions) { + fallbackToPNG = false; +- rv = ExtractData(type, EmptyString(), getter_AddRefs(stream), fallbackToPNG); ++ rv = ExtractData(type, EmptyString(), aUsePlaceholder, ++ getter_AddRefs(stream), fallbackToPNG); + } + + NS_ENSURE_SUCCESS(rv, rv); +@@ -376,19 +393,23 @@ nsHTMLCanvasElement::MozGetAsFile(const nsAString& aName, + return NS_ERROR_DOM_SECURITY_ERR; + } + +- return MozGetAsFileImpl(aName, aType, aResult); ++ // Check site-speciifc permission and display prompt if appropriate. ++ // If no permission, return all-white, opaque image data. ++ bool usePlaceholder = !CanvasUtils::IsImageExtractionAllowed(OwnerDoc()); ++ return MozGetAsFileImpl(aName, aType, usePlaceholder, aResult); + } + + nsresult + nsHTMLCanvasElement::MozGetAsFileImpl(const nsAString& aName, + const nsAString& aType, ++ bool aUsePlaceholder, + nsIDOMFile** aResult) + { + bool fallbackToPNG = false; + + nsCOMPtr<nsIInputStream> stream; +- nsresult rv = ExtractData(aType, EmptyString(), getter_AddRefs(stream), +- fallbackToPNG); ++ nsresult rv = ExtractData(aType, EmptyString(), aUsePlaceholder, ++ getter_AddRefs(stream), fallbackToPNG); + NS_ENSURE_SUCCESS(rv, rv); + + nsAutoString type(aType); +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch b/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch new file mode 100644 index 0000000..6da9c72 --- /dev/null +++ b/src/current-patches/firefox/0022-Return-client-window-coordinates-for-mouse-event-scr.patch @@ -0,0 +1,43 @@ +From 74215e38ba60b74df59216122c4f2cc068e33216 Mon Sep 17 00:00:00 2001 +From: Kathleen Brade <brade(a)pearlcrescent.com> +Date: Tue, 9 Oct 2012 11:13:45 -0400 +Subject: [PATCH 22/24] Return client window coordinates for mouse event + screenX/Y (for dragend, 0,0 is returned). + +--- + content/events/src/nsDOMUIEvent.cpp | 15 +++++++++++++++ + 1 files changed, 15 insertions(+), 0 deletions(-) + +diff --git a/content/events/src/nsDOMUIEvent.cpp b/content/events/src/nsDOMUIEvent.cpp +index fe57f52..d641f0d 100644 +--- a/content/events/src/nsDOMUIEvent.cpp ++++ b/content/events/src/nsDOMUIEvent.cpp +@@ -135,10 +135,25 @@ nsDOMUIEvent::GetScreenPoint() + return nsIntPoint(0, 0); + } + ++ bool isChrome = nsContentUtils::IsCallerChrome(); ++ + if (!((nsGUIEvent*)mEvent)->widget ) { ++ // For non-chrome callers, return 0,0 if there is no widget associated ++ // with this event, e.g., for dragend events. Since dragend is for the ++ // drag originator and not for the receiver, it is probably not widely ++ // used (receivers get a drop event). Therefore, returning 0,0 should ++ // not break many web pages. Also, a few years ago Firefox returned 0,0. ++ // See: https://bugzilla.mozilla.org/show_bug.cgi?id=466379 ++ if (!isChrome) ++ return nsIntPoint(0, 0); ++ + return mEvent->refPoint; + } + ++ // For non-chrome callers, return client area coordinates instead. ++ if (!isChrome) ++ return GetClientPoint(); ++ + nsIntPoint offset = mEvent->refPoint + + ((nsGUIEvent*)mEvent)->widget->WidgetToScreenOffset(); + nscoord factor = mPresContext->DeviceContext()->UnscaledAppUnitsPerDevPixel(); +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch b/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch new file mode 100644 index 0000000..1b925e0 --- /dev/null +++ b/src/current-patches/firefox/0023-Do-not-expose-physical-screen-info.-via-window-and-w.patch @@ -0,0 +1,312 @@ +From d944531b020848e09ac280af11d039d992ab6461 Mon Sep 17 00:00:00 2001 +From: Kathleen Brade <brade(a)pearlcrescent.com> +Date: Wed, 3 Oct 2012 17:06:48 -0400 +Subject: [PATCH 23/24] Do not expose physical screen info. via window and + window.screen. + +--- + dom/base/nsGlobalWindow.cpp | 46 +++++++++++++++++++++ + dom/base/nsGlobalWindow.h | 2 + + dom/base/nsScreen.cpp | 92 +++++++++++++++++++++++++++++++++++++++++++ + dom/base/nsScreen.h | 3 + + 4 files changed, 143 insertions(+), 0 deletions(-) + +diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp +index 2c99571..982d931 100644 +--- a/dom/base/nsGlobalWindow.cpp ++++ b/dom/base/nsGlobalWindow.cpp +@@ -3817,6 +3817,10 @@ nsGlobalWindow::GetOuterWidth(PRInt32* aOuterWidth) + { + FORWARD_TO_OUTER(GetOuterWidth, (aOuterWidth), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, return inner width to prevent fingerprinting. ++ if (!IsChrome()) ++ return GetInnerWidth(aOuterWidth); ++ + nsIntSize sizeCSSPixels; + nsresult rv = GetOuterSize(&sizeCSSPixels); + NS_ENSURE_SUCCESS(rv, rv); +@@ -3830,6 +3834,10 @@ nsGlobalWindow::GetOuterHeight(PRInt32* aOuterHeight) + { + FORWARD_TO_OUTER(GetOuterHeight, (aOuterHeight), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, return inner height to prevent fingerprinting. ++ if (!IsChrome()) ++ return GetInnerHeight(aOuterHeight); ++ + nsIntSize sizeCSSPixels; + nsresult rv = GetOuterSize(&sizeCSSPixels); + NS_ENSURE_SUCCESS(rv, rv); +@@ -3892,6 +3900,12 @@ nsGlobalWindow::GetScreenX(PRInt32* aScreenX) + { + FORWARD_TO_OUTER(GetScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aScreenX = 0; ++ return NS_OK; ++ } ++ + nsCOMPtr<nsIBaseWindow> treeOwnerAsWin; + GetTreeOwner(getter_AddRefs(treeOwnerAsWin)); + NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE); +@@ -3933,6 +3947,12 @@ nsGlobalWindow::GetMozInnerScreenX(float* aScreenX) + { + FORWARD_TO_OUTER(GetMozInnerScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aScreenX = 0; ++ return NS_OK; ++ } ++ + nsRect r = GetInnerScreenRect(); + *aScreenX = nsPresContext::AppUnitsToFloatCSSPixels(r.x); + return NS_OK; +@@ -3943,6 +3963,12 @@ nsGlobalWindow::GetMozInnerScreenY(float* aScreenY) + { + FORWARD_TO_OUTER(GetMozInnerScreenY, (aScreenY), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aScreenY = 0; ++ return NS_OK; ++ } ++ + nsRect r = GetInnerScreenRect(); + *aScreenY = nsPresContext::AppUnitsToFloatCSSPixels(r.y); + return NS_OK; +@@ -4064,6 +4090,12 @@ nsGlobalWindow::GetScreenY(PRInt32* aScreenY) + { + FORWARD_TO_OUTER(GetScreenY, (aScreenY), NS_ERROR_NOT_INITIALIZED); + ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aScreenY = 0; ++ return NS_OK; ++ } ++ + nsCOMPtr<nsIBaseWindow> treeOwnerAsWin; + GetTreeOwner(getter_AddRefs(treeOwnerAsWin)); + NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE); +@@ -4110,6 +4142,20 @@ nsGlobalWindow::SetScreenY(PRInt32 aScreenY) + return NS_OK; + } + ++bool ++nsGlobalWindow::IsChrome() ++{ ++ bool isChrome = false; ++ ++ if (mDocShell) { ++ nsRefPtr<nsPresContext> presContext; ++ mDocShell->GetPresContext(getter_AddRefs(presContext)); ++ isChrome = (presContext && presContext->IsChrome()); ++ } ++ ++ return isChrome; ++} ++ + // NOTE: Arguments to this function should have values scaled to + // CSS pixels, not device pixels. + nsresult +diff --git a/dom/base/nsGlobalWindow.h b/dom/base/nsGlobalWindow.h +index 2ffe4a7..863329c 100644 +--- a/dom/base/nsGlobalWindow.h ++++ b/dom/base/nsGlobalWindow.h +@@ -744,6 +744,8 @@ protected: + nsresult SetOuterSize(PRInt32 aLengthCSSPixels, bool aIsWidth); + nsRect GetInnerScreenRect(); + ++ bool IsChrome(); ++ + bool IsFrame() + { + return GetParentInternal() != nsnull; +diff --git a/dom/base/nsScreen.cpp b/dom/base/nsScreen.cpp +index 33a03dc..29a3598 100644 +--- a/dom/base/nsScreen.cpp ++++ b/dom/base/nsScreen.cpp +@@ -82,6 +82,12 @@ nsScreen::SetDocShell(nsIDocShell* aDocShell) + NS_IMETHODIMP + nsScreen::GetTop(PRInt32* aTop) + { ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aTop = 0; ++ return NS_OK; ++ } ++ + nsRect rect; + nsresult rv = GetRect(rect); + +@@ -94,6 +100,12 @@ nsScreen::GetTop(PRInt32* aTop) + NS_IMETHODIMP + nsScreen::GetLeft(PRInt32* aLeft) + { ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aLeft = 0; ++ return NS_OK; ++ } ++ + nsRect rect; + nsresult rv = GetRect(rect); + +@@ -106,6 +118,14 @@ nsScreen::GetLeft(PRInt32* aLeft) + NS_IMETHODIMP + nsScreen::GetWidth(PRInt32* aWidth) + { ++ // For non-chrome callers, return content width to prevent fingerprinting. ++ if (!IsChrome()) { ++ nsCOMPtr<nsIDOMWindow> win; ++ nsresult rv = GetDOMWindow(getter_AddRefs(win)); ++ NS_ENSURE_SUCCESS(rv, rv); ++ return win->GetInnerWidth(aWidth); ++ } ++ + nsRect rect; + nsresult rv = GetRect(rect); + +@@ -117,6 +137,14 @@ nsScreen::GetWidth(PRInt32* aWidth) + NS_IMETHODIMP + nsScreen::GetHeight(PRInt32* aHeight) + { ++ // For non-chrome callers, return content height to prevent fingerprinting. ++ if (!IsChrome()) { ++ nsCOMPtr<nsIDOMWindow> win; ++ nsresult rv = GetDOMWindow(getter_AddRefs(win)); ++ NS_ENSURE_SUCCESS(rv, rv); ++ return win->GetInnerHeight(aHeight); ++ } ++ + nsRect rect; + nsresult rv = GetRect(rect); + +@@ -128,6 +156,12 @@ nsScreen::GetHeight(PRInt32* aHeight) + NS_IMETHODIMP + nsScreen::GetPixelDepth(PRInt32* aPixelDepth) + { ++ // For non-chrome callers, always return 24 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aPixelDepth = 24; ++ return NS_OK; ++ } ++ + nsDeviceContext* context = GetDeviceContext(); + + if (!context) { +@@ -153,6 +187,14 @@ nsScreen::GetColorDepth(PRInt32* aColorDepth) + NS_IMETHODIMP + nsScreen::GetAvailWidth(PRInt32* aAvailWidth) + { ++ // For non-chrome callers, return content width to prevent fingerprinting. ++ if (!IsChrome()) { ++ nsCOMPtr<nsIDOMWindow> win; ++ nsresult rv = GetDOMWindow(getter_AddRefs(win)); ++ NS_ENSURE_SUCCESS(rv, rv); ++ return win->GetInnerWidth(aAvailWidth); ++ } ++ + nsRect rect; + nsresult rv = GetAvailRect(rect); + +@@ -164,6 +206,14 @@ nsScreen::GetAvailWidth(PRInt32* aAvailWidth) + NS_IMETHODIMP + nsScreen::GetAvailHeight(PRInt32* aAvailHeight) + { ++ // For non-chrome callers, return content height to prevent fingerprinting. ++ if (!IsChrome()) { ++ nsCOMPtr<nsIDOMWindow> win; ++ nsresult rv = GetDOMWindow(getter_AddRefs(win)); ++ NS_ENSURE_SUCCESS(rv, rv); ++ return win->GetInnerHeight(aAvailHeight); ++ } ++ + nsRect rect; + nsresult rv = GetAvailRect(rect); + +@@ -175,6 +225,12 @@ nsScreen::GetAvailHeight(PRInt32* aAvailHeight) + NS_IMETHODIMP + nsScreen::GetAvailLeft(PRInt32* aAvailLeft) + { ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aAvailLeft = 0; ++ return NS_OK; ++ } ++ + nsRect rect; + nsresult rv = GetAvailRect(rect); + +@@ -186,6 +242,12 @@ nsScreen::GetAvailLeft(PRInt32* aAvailLeft) + NS_IMETHODIMP + nsScreen::GetAvailTop(PRInt32* aAvailTop) + { ++ // For non-chrome callers, always return 0 to prevent fingerprinting. ++ if (!IsChrome()) { ++ *aAvailTop = 0; ++ return NS_OK; ++ } ++ + nsRect rect; + nsresult rv = GetAvailRect(rect); + +@@ -237,3 +299,33 @@ nsScreen::GetAvailRect(nsRect& aRect) + + return NS_OK; + } ++ ++bool ++nsScreen::IsChrome() ++{ ++ bool isChrome = false; ++ if (mDocShell) { ++ nsRefPtr<nsPresContext> presContext; ++ mDocShell->GetPresContext(getter_AddRefs(presContext)); ++ if (presContext) ++ isChrome = presContext->IsChrome(); ++ } ++ ++ return isChrome; ++} ++ ++nsresult ++nsScreen::GetDOMWindow(nsIDOMWindow **aResult) ++{ ++ NS_ENSURE_ARG_POINTER(aResult); ++ *aResult = NULL; ++ ++ if (!mDocShell) ++ return NS_ERROR_FAILURE; ++ ++ nsCOMPtr<nsIDOMWindow> win = do_GetInterface(mDocShell); ++ NS_ENSURE_STATE(win); ++ win.swap(*aResult); ++ ++ return NS_OK; ++} +diff --git a/dom/base/nsScreen.h b/dom/base/nsScreen.h +index 52eab29..d4edaa3 100644 +--- a/dom/base/nsScreen.h ++++ b/dom/base/nsScreen.h +@@ -44,6 +44,7 @@ + + class nsIDocShell; + class nsDeviceContext; ++class nsIDOMWindow; + struct nsRect; + + // Script "screen" object +@@ -62,6 +63,8 @@ protected: + nsDeviceContext* GetDeviceContext(); + nsresult GetRect(nsRect& aRect); + nsresult GetAvailRect(nsRect& aRect); ++ bool IsChrome(); ++ nsresult GetDOMWindow(nsIDOMWindow **aResult); + + nsIDocShell* mDocShell; // Weak Reference + }; +-- +1.7.5.4 + diff --git a/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch b/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch new file mode 100644 index 0000000..629a759 --- /dev/null +++ b/src/current-patches/firefox/0024-Do-not-expose-system-colors-to-CSS-or-canvas.patch @@ -0,0 +1,537 @@ +From 38a469e05779315cb2990be60c13fb167812e54d Mon Sep 17 00:00:00 2001 +From: Kathleen Brade <brade(a)pearlcrescent.com> +Date: Thu, 4 Oct 2012 14:53:13 -0400 +Subject: [PATCH 24/24] Do not expose system colors to CSS or canvas. + +--- + content/canvas/src/nsCanvasRenderingContext2D.cpp | 36 +++- + .../canvas/src/nsCanvasRenderingContext2DAzure.cpp | 51 ++++-- + layout/style/nsCSSParser.cpp | 19 ++- + layout/style/nsRuleNode.cpp | 4 +- + widget/public/LookAndFeel.h | 9 + + widget/src/xpwidgets/nsXPLookAndFeel.cpp | 173 +++++++++++++++++++- + widget/src/xpwidgets/nsXPLookAndFeel.h | 5 +- + 7 files changed, 269 insertions(+), 28 deletions(-) + +diff --git a/content/canvas/src/nsCanvasRenderingContext2D.cpp b/content/canvas/src/nsCanvasRenderingContext2D.cpp +index 0cf97ce..6c47821 100644 +--- a/content/canvas/src/nsCanvasRenderingContext2D.cpp ++++ b/content/canvas/src/nsCanvasRenderingContext2D.cpp +@@ -186,8 +186,9 @@ class nsCanvasGradient : public nsIDOMCanvasGradient + public: + NS_DECLARE_STATIC_IID_ACCESSOR(NS_CANVASGRADIENT_PRIVATE_IID) + +- nsCanvasGradient(gfxPattern* pat) +- : mPattern(pat) ++ nsCanvasGradient(mozilla::css::Loader* aLoader, gfxPattern* pat) ++ : mCSSLoader(aLoader) ++ , mPattern(pat) + { + } + +@@ -203,7 +204,7 @@ public: + return NS_ERROR_DOM_INDEX_SIZE_ERR; + + nscolor color; +- nsCSSParser parser; ++ nsCSSParser parser(mCSSLoader); + nsresult rv = parser.ParseColorString(nsString(colorstr), + nsnull, 0, &color); + if (NS_FAILED(rv)) +@@ -217,6 +218,7 @@ public: + NS_DECL_ISUPPORTS + + protected: ++ mozilla::css::Loader* mCSSLoader; // not ref counted, it owns us + nsRefPtr<gfxPattern> mPattern; + }; + +@@ -875,7 +877,9 @@ nsCanvasRenderingContext2D::SetStyleFromStringOrInterface(const nsAString& aStr, + HTMLCanvasElement()->OwnerDoc() : nsnull; + + // Pass the CSS Loader object to the parser, to allow parser error +- // reports to include the outer window ID. ++ // reports to include the outer window ID. The parser also uses it to ++ // detect whether the caller is chrome in order to avoid exposing ++ // system colors. + nsCSSParser parser(document ? document->CSSLoader() : nsnull); + rv = parser.ParseColorString(aStr, nsnull, 0, &color); + if (NS_FAILED(rv)) { +@@ -1778,7 +1782,14 @@ nsCanvasRenderingContext2D::CreateLinearGradient(float x0, float y0, float x1, f + if (!gradpat) + return NS_ERROR_OUT_OF_MEMORY; + +- nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(gradpat); ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. ++ nsIDocument* doc = mCanvasElement ? HTMLCanvasElement()->OwnerDoc() ++ : nsnull; ++ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nsnull; ++ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(cssLoader, ++ gradpat); + if (!grad) + return NS_ERROR_OUT_OF_MEMORY; + +@@ -1800,7 +1811,14 @@ nsCanvasRenderingContext2D::CreateRadialGradient(float x0, float y0, float r0, f + if (!gradpat) + return NS_ERROR_OUT_OF_MEMORY; + +- nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(gradpat); ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. ++ nsIDocument* doc = mCanvasElement ? HTMLCanvasElement()->OwnerDoc() ++ : nsnull; ++ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nsnull; ++ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(cssLoader, ++ gradpat); + if (!grad) + return NS_ERROR_OUT_OF_MEMORY; + +@@ -1922,7 +1940,8 @@ nsCanvasRenderingContext2D::SetShadowColor(const nsAString& colorstr) + HTMLCanvasElement()->OwnerDoc() : nsnull; + + // Pass the CSS Loader object to the parser, to allow parser error reports +- // to include the outer window ID. ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. + nsCSSParser parser(document ? document->CSSLoader() : nsnull); + nscolor color; + nsresult rv = parser.ParseColorString(colorstr, nsnull, 0, &color); +@@ -3694,7 +3713,8 @@ nsCanvasRenderingContext2D::DrawWindow(nsIDOMWindow* aWindow, float aX, float aY + HTMLCanvasElement()->OwnerDoc() : nsnull; + + // Pass the CSS Loader object to the parser, to allow parser error reports +- // to include the outer window ID. ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. + nsCSSParser parser(elementDoc ? elementDoc->CSSLoader() : nsnull); + nsresult rv = parser.ParseColorString(PromiseFlatString(aBGColor), + nsnull, 0, &bgColor); +diff --git a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp +index e8dfb1e..cb5a5f5 100644 +--- a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp ++++ b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp +@@ -201,7 +201,10 @@ public: + } + + nscolor color; +- nsCSSParser parser; ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. ++ nsCSSParser parser(mCSSLoader);; + nsresult rv = parser.ParseColorString(nsString(colorstr), + nsnull, 0, &color); + if (NS_FAILED(rv)) { +@@ -221,20 +224,24 @@ public: + } + + protected: +- nsCanvasGradientAzure(Type aType) : mType(aType) ++ nsCanvasGradientAzure(mozilla::css::Loader* aLoader, Type aType) ++ : mCSSLoader(aLoader) ++ , mType(aType) + {} + + nsTArray<GradientStop> mRawStops; + RefPtr<GradientStops> mStops; ++ mozilla::css::Loader* mCSSLoader; // not ref counted, it owns us + Type mType; + }; + + class nsCanvasRadialGradientAzure : public nsCanvasGradientAzure + { + public: +- nsCanvasRadialGradientAzure(const Point &aBeginOrigin, Float aBeginRadius, ++ nsCanvasRadialGradientAzure(mozilla::css::Loader* aLoader, ++ const Point &aBeginOrigin, Float aBeginRadius, + const Point &aEndOrigin, Float aEndRadius) +- : nsCanvasGradientAzure(RADIAL) ++ : nsCanvasGradientAzure(aLoader, RADIAL) + , mCenter1(aBeginOrigin) + , mCenter2(aEndOrigin) + , mRadius1(aBeginRadius) +@@ -251,8 +258,9 @@ public: + class nsCanvasLinearGradientAzure : public nsCanvasGradientAzure + { + public: +- nsCanvasLinearGradientAzure(const Point &aBegin, const Point &aEnd) +- : nsCanvasGradientAzure(LINEAR) ++ nsCanvasLinearGradientAzure(mozilla::css::Loader* aLoader, ++ const Point &aBegin, const Point &aEnd) ++ : nsCanvasGradientAzure(aLoader, LINEAR) + , mBegin(aBegin) + , mEnd(aEnd) + { +@@ -1066,8 +1074,9 @@ nsCanvasRenderingContext2DAzure::SetStyleFromStringOrInterface(const nsAString& + nsIDocument* document = mCanvasElement ? + HTMLCanvasElement()->OwnerDoc() : nsnull; + +- // Pass the CSS Loader object to the parser, to allow parser error +- // reports to include the outer window ID. ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. + nsCSSParser parser(document ? document->CSSLoader() : nsnull); + rv = parser.ParseColorString(aStr, nsnull, 0, &color); + if (NS_FAILED(rv)) { +@@ -1855,8 +1864,14 @@ nsCanvasRenderingContext2DAzure::CreateLinearGradient(float x0, float y0, float + return NS_ERROR_DOM_NOT_SUPPORTED_ERR; + } + +- nsRefPtr<nsIDOMCanvasGradient> grad = +- new nsCanvasLinearGradientAzure(Point(x0, y0), Point(x1, y1)); ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. ++ nsIDocument* doc = mCanvasElement ? HTMLCanvasElement()->OwnerDoc() ++ : nsnull; ++ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nsnull; ++ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasLinearGradientAzure( ++ cssLoader, Point(x0, y0), Point(x1, y1)); + + *_retval = grad.forget().get(); + return NS_OK; +@@ -1875,8 +1890,14 @@ nsCanvasRenderingContext2DAzure::CreateRadialGradient(float x0, float y0, float + return NS_ERROR_DOM_INDEX_SIZE_ERR; + } + +- nsRefPtr<nsIDOMCanvasGradient> grad = +- new nsCanvasRadialGradientAzure(Point(x0, y0), r0, Point(x1, y1), r1); ++ // Pass the CSS Loader object to the parser, to allow parser error reports ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. ++ nsIDocument* doc = mCanvasElement ? HTMLCanvasElement()->OwnerDoc() ++ : nsnull; ++ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nsnull; ++ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasRadialGradientAzure( ++ cssLoader, Point(x0, y0), r0, Point(x1, y1), r1); + + *_retval = grad.forget().get(); + return NS_OK; +@@ -2024,7 +2045,8 @@ nsCanvasRenderingContext2DAzure::SetShadowColor(const nsAString& colorstr) + HTMLCanvasElement()->OwnerDoc() : nsnull; + + // Pass the CSS Loader object to the parser, to allow parser error reports +- // to include the outer window ID. ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. + nsCSSParser parser(document ? document->CSSLoader() : nsnull); + nscolor color; + nsresult rv = parser.ParseColorString(colorstr, nsnull, 0, &color); +@@ -3847,7 +3869,8 @@ nsCanvasRenderingContext2DAzure::DrawWindow(nsIDOMWindow* aWindow, float aX, flo + HTMLCanvasElement()->OwnerDoc() : nsnull; + + // Pass the CSS Loader object to the parser, to allow parser error reports +- // to include the outer window ID. ++ // to include the outer window ID. The parser also uses it to detect ++ // whether the caller is chrome in order to avoid exposing system colors. + nsCSSParser parser(elementDoc ? elementDoc->CSSLoader() : nsnull); + nsresult rv = parser.ParseColorString(PromiseFlatString(aBGColor), + nsnull, 0, &bgColor); +diff --git a/layout/style/nsCSSParser.cpp b/layout/style/nsCSSParser.cpp +index ae1a474..30e179c 100644 +--- a/layout/style/nsCSSParser.cpp ++++ b/layout/style/nsCSSParser.cpp +@@ -1216,8 +1216,25 @@ CSSParserImpl::ParseColorString(const nsSubstring& aBuffer, + // Should remove this limitation at some point. + return NS_ERROR_FAILURE; + } ++ ++ // We do not want to expose system/native colors to content. All callers ++ // who are working with content should ensure that they set the CSS ++ // loader (mChildLoader) so we can check here if the content is chrome. ++ bool isChrome = true; ++ if (mChildLoader) { ++ nsIDocument *doc = mChildLoader->GetDocument(); ++ if (doc) { ++ nsIPresShell *presShell = doc->GetShell(); ++ if (presShell) { ++ nsPresContext* presCtxt = presShell->GetPresContext(); ++ if (presCtxt) ++ isChrome = presCtxt->IsChrome(); ++ } ++ } ++ } + nscolor rgba; +- nsresult rv = LookAndFeel::GetColor(LookAndFeel::ColorID(val), &rgba); ++ nsresult rv = LookAndFeel::GetColor(LookAndFeel::ColorID(val), !isChrome, ++ &rgba); + if (NS_FAILED(rv)) { + return rv; + } +diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp +index 827585a..d19524e 100644 +--- a/layout/style/nsRuleNode.cpp ++++ b/layout/style/nsRuleNode.cpp +@@ -768,7 +768,9 @@ static bool SetColor(const nsCSSValue& aValue, const nscolor aParentColor, + PRInt32 intValue = aValue.GetIntValue(); + if (0 <= intValue) { + LookAndFeel::ColorID colorID = (LookAndFeel::ColorID) intValue; +- if (NS_SUCCEEDED(LookAndFeel::GetColor(colorID, &aResult))) { ++ bool useStandinsForNativeColors = !aPresContext->IsChrome(); ++ if (NS_SUCCEEDED(LookAndFeel::GetColor(colorID, ++ useStandinsForNativeColors, &aResult))) { + result = true; + } + } +diff --git a/widget/public/LookAndFeel.h b/widget/public/LookAndFeel.h +index aae3b28..bb7be3c 100644 +--- a/widget/public/LookAndFeel.h ++++ b/widget/public/LookAndFeel.h +@@ -445,6 +445,15 @@ public: + static nsresult GetColor(ColorID aID, nscolor* aResult); + + /** ++ * This variant of GetColor() take an extra Boolean parameter that allows ++ * the caller to ask that hard-coded color values be substituted for ++ * native colors (used when it is desireable to hide system colors to ++ * avoid system fingerprinting). ++ */ ++ static nsresult GetColor(ColorID aID, bool aUseStandinsForNativeColors, ++ nscolor* aResult); ++ ++ /** + * GetInt() and GetFloat() return a int or float value for aID. The result + * might be distance, time, some flags or a int value which has particular + * meaning. See each document at definition of each ID for the detail. +diff --git a/widget/src/xpwidgets/nsXPLookAndFeel.cpp b/widget/src/xpwidgets/nsXPLookAndFeel.cpp +index 8053432..96937ac 100644 +--- a/widget/src/xpwidgets/nsXPLookAndFeel.cpp ++++ b/widget/src/xpwidgets/nsXPLookAndFeel.cpp +@@ -502,6 +502,155 @@ nsXPLookAndFeel::IsSpecialColor(ColorID aID, nscolor &aColor) + return false; + } + ++bool ++nsXPLookAndFeel::ColorIsNotCSSAccessible(ColorID aID) ++{ ++ bool result = false; ++ ++ switch (aID) { ++ case eColorID_WindowBackground: ++ case eColorID_WindowForeground: ++ case eColorID_WidgetBackground: ++ case eColorID_WidgetForeground: ++ case eColorID_WidgetSelectBackground: ++ case eColorID_WidgetSelectForeground: ++ case eColorID_Widget3DHighlight: ++ case eColorID_Widget3DShadow: ++ case eColorID_TextBackground: ++ case eColorID_TextForeground: ++ case eColorID_TextSelectBackground: ++ case eColorID_TextSelectForeground: ++ case eColorID_TextSelectBackgroundDisabled: ++ case eColorID_TextSelectBackgroundAttention: ++ case eColorID_TextHighlightBackground: ++ case eColorID_TextHighlightForeground: ++ case eColorID_IMERawInputBackground: ++ case eColorID_IMERawInputForeground: ++ case eColorID_IMERawInputUnderline: ++ case eColorID_IMESelectedRawTextBackground: ++ case eColorID_IMESelectedRawTextForeground: ++ case eColorID_IMESelectedRawTextUnderline: ++ case eColorID_IMEConvertedTextBackground: ++ case eColorID_IMEConvertedTextForeground: ++ case eColorID_IMEConvertedTextUnderline: ++ case eColorID_IMESelectedConvertedTextBackground: ++ case eColorID_IMESelectedConvertedTextForeground: ++ case eColorID_IMESelectedConvertedTextUnderline: ++ case eColorID_SpellCheckerUnderline: ++ result = true; ++ break; ++ default: ++ break; ++ } ++ ++ return result; ++} ++ ++nscolor ++nsXPLookAndFeel::GetStandinForNativeColor(ColorID aID) ++{ ++ nscolor result = NS_RGB(0xFF, 0xFF, 0xFF); ++ ++ // The stand-in colors are taken from the Windows 7 Aero theme ++ // except Mac-specific colors which are taken from Mac OS 10.7. ++ switch (aID) { ++ // CSS 2 colors: ++ case eColorID_activeborder: result = NS_RGB(0xB4, 0xB4, 0xB4); break; ++ case eColorID_activecaption: result = NS_RGB(0x99, 0xB4, 0xD1); break; ++ case eColorID_appworkspace: result = NS_RGB(0xAB, 0xAB, 0xAB); break; ++ case eColorID_background: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID_buttonface: result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID_buttonhighlight: result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID_buttonshadow: result = NS_RGB(0xA0, 0xA0, 0xA0); break; ++ case eColorID_buttontext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID_captiontext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID_graytext: result = NS_RGB(0x6D, 0x6D, 0x6D); break; ++ case eColorID_highlight: result = NS_RGB(0x33, 0x99, 0xFF); break; ++ case eColorID_highlighttext: result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID_inactiveborder: result = NS_RGB(0xF4, 0xF7, 0xFC); break; ++ case eColorID_inactivecaption: result = NS_RGB(0xBF, 0xCD, 0xDB); break; ++ case eColorID_inactivecaptiontext: ++ result = NS_RGB(0x43, 0x4E, 0x54); break; ++ case eColorID_infobackground: result = NS_RGB(0xFF, 0xFF, 0xE1); break; ++ case eColorID_infotext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID_menu: result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID_menutext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID_scrollbar: result = NS_RGB(0xC8, 0xC8, 0xC8); break; ++ case eColorID_threeddarkshadow: result = NS_RGB(0x69, 0x69, 0x69); break; ++ case eColorID_threedface: result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID_threedhighlight: result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID_threedlightshadow: result = NS_RGB(0xE3, 0xE3, 0xE3); break; ++ case eColorID_threedshadow: result = NS_RGB(0xA0, 0xA0, 0xA0); break; ++ case eColorID_window: result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID_windowframe: result = NS_RGB(0x64, 0x64, 0x64); break; ++ case eColorID_windowtext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_buttondefault: ++ result = NS_RGB(0x69, 0x69, 0x69); break; ++ case eColorID__moz_field: result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_fieldtext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_dialog: result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID__moz_dialogtext: result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_dragtargetzone: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_cellhighlight: ++ result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID__moz_cellhighlighttext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_html_cellhighlight: ++ result = NS_RGB(0x33, 0x99, 0xFF); break; ++ case eColorID__moz_html_cellhighlighttext: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_buttonhoverface: ++ result = NS_RGB(0xF0, 0xF0, 0xF0); break; ++ case eColorID__moz_buttonhovertext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_menuhover: ++ result = NS_RGB(0x33, 0x99, 0xFF); break; ++ case eColorID__moz_menuhovertext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_menubartext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_menubarhovertext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_oddtreerow: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_mac_chrome_active: ++ result = NS_RGB(0xB2, 0xB2, 0xB2); break; ++ case eColorID__moz_mac_chrome_inactive: ++ result = NS_RGB(0xE1, 0xE1, 0xE1); break; ++ case eColorID__moz_mac_focusring: ++ result = NS_RGB(0x60, 0x9D, 0xD7); break; ++ case eColorID__moz_mac_menuselect: ++ result = NS_RGB(0x38, 0x75, 0xD7); break; ++ case eColorID__moz_mac_menushadow: ++ result = NS_RGB(0xA3, 0xA3, 0xA3); break; ++ case eColorID__moz_mac_menutextdisable: ++ result = NS_RGB(0x88, 0x88, 0x88); break; ++ case eColorID__moz_mac_menutextselect: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_mac_disabledtoolbartext: ++ result = NS_RGB(0x3F, 0x3F, 0x3F); break; ++ case eColorID__moz_mac_alternateprimaryhighlight: ++ result = NS_RGB(0x38, 0x75, 0xD7); break; ++ case eColorID__moz_mac_secondaryhighlight: ++ result = NS_RGB(0xD4, 0xD4, 0xD4); break; ++ case eColorID__moz_win_mediatext: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_win_communicationstext: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ case eColorID__moz_nativehyperlinktext: ++ result = NS_RGB(0x00, 0x66, 0xCC); break; ++ case eColorID__moz_comboboxtext: ++ result = NS_RGB(0x00, 0x00, 0x00); break; ++ case eColorID__moz_combobox: ++ result = NS_RGB(0xFF, 0xFF, 0xFF); break; ++ default: ++ break; ++ } ++ ++ return result; ++} ++ + // + // All these routines will return NS_OK if they have a value, + // in which case the nsLookAndFeel should use that value; +@@ -509,7 +658,8 @@ nsXPLookAndFeel::IsSpecialColor(ColorID aID, nscolor &aColor) + // platform-specific nsLookAndFeel should use its own values instead. + // + nsresult +-nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) ++nsXPLookAndFeel::GetColorImpl(ColorID aID, bool aUseStandinsForNativeColors, ++ nscolor &aResult) + { + if (!sInitialized) + Init(); +@@ -595,7 +745,10 @@ nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) + } + #endif // DEBUG_SYSTEM_COLOR_USE + +- if (IS_COLOR_CACHED(aID)) { ++ if (aUseStandinsForNativeColors && ColorIsNotCSSAccessible(aID)) ++ aUseStandinsForNativeColors = false; ++ ++ if (!aUseStandinsForNativeColors && IS_COLOR_CACHED(aID)) { + aResult = sCachedColors[aID]; + return NS_OK; + } +@@ -629,6 +782,12 @@ nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) + return NS_OK; + } + ++ if (sUseNativeColors && aUseStandinsForNativeColors) ++ { ++ aResult = GetStandinForNativeColor(aID); ++ return NS_OK; ++ } ++ + if (sUseNativeColors && NS_SUCCEEDED(NativeGetColor(aID, aResult))) { + if ((gfxPlatform::GetCMSMode() == eCMSMode_All) && + !IsSpecialColor(aID, aResult)) { +@@ -719,7 +878,15 @@ namespace mozilla { + nsresult + LookAndFeel::GetColor(ColorID aID, nscolor* aResult) + { +- return nsLookAndFeel::GetInstance()->GetColorImpl(aID, *aResult); ++ return nsLookAndFeel::GetInstance()->GetColorImpl(aID, false, *aResult); ++} ++ ++nsresult ++LookAndFeel::GetColor(ColorID aID, bool aUseStandinsForNativeColors, ++ nscolor* aResult) ++{ ++ return nsLookAndFeel::GetInstance()->GetColorImpl(aID, ++ aUseStandinsForNativeColors, *aResult); + } + + // static +diff --git a/widget/src/xpwidgets/nsXPLookAndFeel.h b/widget/src/xpwidgets/nsXPLookAndFeel.h +index ce06575..c0ecc32 100644 +--- a/widget/src/xpwidgets/nsXPLookAndFeel.h ++++ b/widget/src/xpwidgets/nsXPLookAndFeel.h +@@ -84,7 +84,8 @@ public: + // otherwise we'll return NS_ERROR_NOT_AVAILABLE, in which case, the + // platform-specific nsLookAndFeel should use its own values instead. + // +- nsresult GetColorImpl(ColorID aID, nscolor &aResult); ++ nsresult GetColorImpl(ColorID aID, bool aUseStandinsForNativeColors, ++ nscolor &aResult); + virtual nsresult GetIntImpl(IntID aID, PRInt32 &aResult); + virtual nsresult GetFloatImpl(FloatID aID, float &aResult); + +@@ -111,6 +112,8 @@ protected: + void InitColorFromPref(PRInt32 aIndex); + virtual nsresult NativeGetColor(ColorID aID, nscolor &aResult) = 0; + bool IsSpecialColor(ColorID aID, nscolor &aColor); ++ bool ColorIsNotCSSAccessible(ColorID aID); ++ nscolor GetStandinForNativeColor(ColorID aID); + + static int OnPrefChanged(const char* aPref, void* aClosure); + +-- +1.7.5.4 +

1 0

[torbrowser/master] Merge branch 'maint-2.2' into maint-2.3
by erinn＠torproject.org 24 Oct '12

24 Oct '12

commit 41056c205ca5628ad746570c6b23bec4f4533fe7 Merge: 9d2b5c6 09ea4a7 Author: Erinn Clark <erinn(a)torproject.org> Date: Wed Oct 24 16:34:16 2012 +0100 Merge branch 'maint-2.2' into maint-2.3 build-scripts/recommended-versions | 18 +++++++++--------- 1 files changed, 9 insertions(+), 9 deletions(-)

1 0

[torbrowser/master] remove alpha directory from firefox patches
by erinn＠torproject.org 24 Oct '12

24 Oct '12

1 0

[metrics-tasks/master] Add code behind bridge user counting report (#5807).
by karsten＠torproject.org 24 Oct '12

24 Oct '12

commit d301479e3fdd8c1d17f02f6d72a8cf6eaa87e17e Author: Karsten Loesing <karsten.loesing(a)gmx.net> Date: Wed Oct 24 11:34:10 2012 -0400 Add code behind bridge user counting report (#5807). --- task-5807/bridge-dirreq-stats.R | 222 +++++++++++ task-5807/run.sh | 3 + task-5807/src/EvalBridgeDirreqStats.java | 603 ++++++++++++++++++++++++++++++ 3 files changed, 828 insertions(+), 0 deletions(-) diff --git a/task-5807/bridge-dirreq-stats.R b/task-5807/bridge-dirreq-stats.R new file mode 100644 index 0000000..2a07a3a --- /dev/null +++ b/task-5807/bridge-dirreq-stats.R @@ -0,0 +1,222 @@ +library(ggplot2) +library(reshape) +library(scales) + +# Commented out, because this graph takes a while to draw... +#d <- read.csv("out/dirreq-responses", stringsAsFactors = FALSE, +# header = FALSE) +#d <- data.frame(date = as.Date(d$V1), requests = d$V4, +# asrelay = ifelse(d$V3, "also seen as\nnon-bridge relays", +# "only seen as\nbridges")) +#ggplot(d, aes(x = date, y = requests)) + +#geom_point() + +#facet_grid(asrelay ~ .) + +#scale_x_date(name = "", +# labels = date_format("%b %Y"), +# minor_breaks = date_breaks("1 month")) + +#scale_y_continuous(name = "", labels = comma_format(digits = 1)) +#ggsave("graphs/responses-single-bridges.png", width = 6, height = 3.5, +# dpi = 100) + +# ALTERNATIVE: out/bridge-dirreq-stats-no-relays +b <- read.csv("out/bridge-dirreq-stats-all-bridges", + stringsAsFactors = FALSE) +b <- b[b$date >= "2011-07-01" & b$date <= "2012-09-30", ] + +x <- data.frame(date = b$date, + value = (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb) / + ((b$ha + b$hc) * b$nabcd)) +x <- melt(x, id = "date") +ggplot(x, aes(x = as.Date(date), y = value)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", limit = c(0, 1), labels = percent) +ggsave("graphs/fraction.pdf", width = 6, height = 3, dpi = 100) + +ggplot(b, aes(x = as.Date(date), y = (ra + rb) / 86400)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/responses.pdf", width = 6, height = 3, dpi = 72) + +x <- data.frame( + date = as.Date(b$date), + responses = (b$ra + b$rb) / 86400, + fraction = (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb) / + ((b$ha + b$hc) * b$nabcd), + totalresponses = ((b$ra + b$rb) * (b$ha + b$hc) * + b$nabcd) / (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb) / 86400) +x <- melt(x, id = "date") +x <- data.frame(date = x$date, value = x$value, variable = + ifelse(x$variable == "responses", + "1. Reported directory\nrequests", + ifelse(x$variable == "fraction", paste("2. Estimated fraction\n", + "of bridges reporting\ndirectory requests", sep = ""), + "3. Estimated directory\nrequests in the\nnetwork"))) +ggplot(x, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ ., scales = "free_y") + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/extrapolated-responses.pdf", width = 6, height = 5, + dpi = 72) + +ggplot(b, aes(x = as.Date(date), y = (na + nb) / nabcd)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", limit = c(0, 1), labels = percent) +ggsave("graphs/fraction-unweighted.pdf", width = 6, height = 3, dpi = 72) + +x <- data.frame(date = b$date, + #x1 = (b$ra + b$rb) * b$nabcd / (b$na + b$nb), + x2 = ((b$ra + b$rb) * (b$ha + b$hc) * + b$nabcd) / (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb)) +#x <- melt(x, id = "date") +ggplot(x, aes(x = as.Date(date), y = x2 / 86400)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/totalresponses.pdf", width = 6, height = 3, dpi = 72) + +n <- data.frame(date = b$date, na = b$na / 86400, nb = b$nb / 86400, + nc = b$nc / 86400, nd = (b$nabcd - b$na - b$nb - b$nc) / 86400) +n <- melt(n, id = "date") +ggplot(n, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ .) + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/n.pdf", width = 6, height = 7, dpi = 100) + +h <- data.frame(date = b$date, value = (b$ha + b$hc) / 86400) +ggplot(h, aes(x = as.Date(date), y = value)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/history-bytes.pdf", width = 6, height = 3, dpi = 100) + +h <- data.frame(date = b$date, ha = b$ha / 86400, hc = b$hc / 86400) +h <- melt(h, id = "date") +ggplot(h, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ .) + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/h.pdf", width = 6, height = 5, dpi = 100) + +r <- data.frame(date = b$date, ra = b$ra / 86400, rb = b$rb / 86400) +r <- melt(r, id = "date") +ggplot(r, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ .) + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/r.pdf", width = 6, height = 5, dpi = 100) + +x <- data.frame(date = b$date, + value = ((b$ra + b$rb) * (b$ha + b$hc) * + b$nabcd) / (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb) / 864000, + stringsAsFactors = FALSE) +x <- melt(x, id = "date") +ggplot(x, aes(x = as.Date(date), y = value)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/totalusers.pdf", width = 6, height = 3, dpi = 100) +x <- x[x$date >= '2012-07-01', ] +#max_y <- max(x$value / 864000, na.omit = FALSE) +ggplot(x, aes(x = as.Date(date), y = value)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + breaks = date_breaks("1 month"), + minor_breaks = date_breaks("1 week")) + +scale_y_continuous(name = "", #limit = c(0, max_y), + labels = comma_format(digits = 1)) +ggsave("graphs/totalusers-q3-2012.pdf", width = 6, height = 3, dpi = 100) + +ggplot(b, aes(x = as.Date(date), y = consensuses)) + +geom_point() + +geom_hline(yintercept = 19.5, linetype = 2) + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/consensuses.pdf", width = 6, height = 3, dpi = 100) + +x <- data.frame(date = b$date, + value = (b$sy * (b$ra + b$rb) * (b$ha + b$hc) * + b$nabcd) / (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb)) +x <- melt(x, id = "date") +ggplot(x, aes(x = as.Date(date), y = value / 864000)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/syusers.pdf", width = 6, height = 3, dpi = 100) + +u <- read.csv("bridge-users.csv", stringsAsFactors = FALSE) +u <- u[u$date >= "2011-07-01" & u$date <= "2012-09-30", ] +u <- data.frame(date = u$date, all = u$all) +ggplot(u, aes(x = as.Date(date), y = all)) + +geom_line() + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/totalusers-oldapproach.pdf", width = 6, height = 3, + dpi = 100) + +u <- read.csv("bridge-users.csv", stringsAsFactors = FALSE) +u <- u[u$date >= "2011-07-01" & u$date <= "2012-09-30", ] +u <- data.frame(date = u$date, value = u$all, + variable = "old approach based on\nunique IP addresses", + stringsAsFactors = FALSE) +x <- data.frame(date = b$date, + value = ((b$ra + b$rb) * (b$ha + b$hc) * + b$nabcd) / (b$ha * (b$na + b$nc) + (b$ha + b$hc) * b$nb) / 864000, + variable = "new approach based on\ndirectory requests", + stringsAsFactors = FALSE) +u <- rbind(u, x) +ggplot(u, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ ., scales = "free_y") + +scale_x_date(name = "", + labels = date_format("%b %Y"), + minor_breaks = date_breaks("1 month")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/compare-totalusers.pdf", width = 6, height = 4, + dpi = 100) +u <- u[u$date >= '2012-07-01', ] +ggplot(u, aes(x = as.Date(date), y = value)) + +geom_line() + +facet_grid(variable ~ ., scales = "free_y") + +scale_x_date(name = "", + labels = date_format("%b %Y"), + breaks = date_breaks("1 month"), + minor_breaks = date_breaks("1 week")) + +scale_y_continuous(name = "", labels = comma_format(digits = 1)) +ggsave("graphs/compare-totalusers-q3-2012.pdf", width = 6, height = 4, + dpi = 100) + diff --git a/task-5807/run.sh b/task-5807/run.sh new file mode 100755 index 0000000..52d1ee7 --- /dev/null +++ b/task-5807/run.sh @@ -0,0 +1,3 @@ +#!/bin/bash +javac -d bin/ -cp lib/commons-codec-1.4.jar:lib/commons-compress-1.3.jar:lib/descriptor.jar src/EvalBridgeDirreqStats.java && time java -Xmx6g -cp bin/:lib/commons-codec-1.4.jar:lib/commons-compress-1.3.jar:lib/descriptor.jar EvalBridgeDirreqStats + diff --git a/task-5807/src/EvalBridgeDirreqStats.java b/task-5807/src/EvalBridgeDirreqStats.java new file mode 100644 index 0000000..c996a26 --- /dev/null +++ b/task-5807/src/EvalBridgeDirreqStats.java @@ -0,0 +1,603 @@ +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.File; +import java.io.FileReader; +import java.io.FileWriter; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.SortedMap; +import java.util.SortedSet; +import java.util.TimeZone; +import java.util.TreeMap; +import java.util.TreeSet; + +import org.apache.commons.codec.binary.Hex; +import org.apache.commons.codec.digest.DigestUtils; +import org.torproject.descriptor.BridgeNetworkStatus; +import org.torproject.descriptor.Descriptor; +import org.torproject.descriptor.DescriptorFile; +import org.torproject.descriptor.DescriptorReader; +import org.torproject.descriptor.DescriptorSourceFactory; +import org.torproject.descriptor.ExtraInfoDescriptor; +import org.torproject.descriptor.NetworkStatusEntry; +import org.torproject.descriptor.RelayNetworkStatusConsensus; + +/* Extract relevant pieces of information from relay consensuses and + * bridge descriptors to estimate daily bridge users. See README for + * usage instructions. */ +public class EvalBridgeDirreqStats { + public static void main(String[] args) throws Exception { + + /* Parse relay consensuses from in/relay-descriptors/. Skip this step + * if in/relay-descriptors/ does not exist. */ + File consensusesDirectory = new File("in/relay-descriptors"); + File hashedFingerprintsFile = new File("out/hashed-fingerprints"); + File consensusesPerDayFile = new File("out/consensuses-per-day"); + SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd"); + dateFormat.setTimeZone(TimeZone.getTimeZone("UTC")); + if (consensusesDirectory.exists()) { + SortedSet<String> hashedFingerprints = new TreeSet<String>(); + SortedMap<String, Integer> consensusesPerDay = + new TreeMap<String, Integer>(); + DescriptorReader descriptorReader = + DescriptorSourceFactory.createDescriptorReader(); + descriptorReader.addDirectory(consensusesDirectory); + Iterator<DescriptorFile> descriptorFiles = + descriptorReader.readDescriptors(); + while (descriptorFiles.hasNext()) { + DescriptorFile descriptorFile = descriptorFiles.next(); + for (Descriptor descriptor : descriptorFile.getDescriptors()) { + if (!(descriptor instanceof RelayNetworkStatusConsensus)) { + continue; + } + RelayNetworkStatusConsensus consensus = + (RelayNetworkStatusConsensus) descriptor; + + /* Extract hashed fingerprints of all known relays to remove + * those fingerprints from bridge usage statistics later on. */ + for (NetworkStatusEntry statusEntry : + consensus.getStatusEntries().values()) { + hashedFingerprints.add(Hex.encodeHexString(DigestUtils.sha( + Hex.decodeHex(statusEntry.getFingerprint(). + toCharArray()))).toUpperCase()); + } + + /* Count the number of consensuses per day. */ + String date = dateFormat.format( + consensus.getValidAfterMillis()); + int consensuses = 1; + if (consensusesPerDay.containsKey(date)) { + consensuses += consensusesPerDay.get(date); + } + consensusesPerDay.put(date, consensuses); + } + } + hashedFingerprintsFile.getParentFile().mkdirs(); + BufferedWriter bw = new BufferedWriter(new FileWriter( + hashedFingerprintsFile)); + for (String hashedFingerprint : hashedFingerprints) { + bw.write(hashedFingerprint + "\n"); + } + bw.close(); + consensusesPerDayFile.getParentFile().mkdirs(); + bw = new BufferedWriter(new FileWriter(consensusesPerDayFile)); + for (Map.Entry<String, Integer> e : consensusesPerDay.entrySet()) { + bw.write(e.getKey() + "," + e.getValue() + "\n"); + } + bw.close(); + } + + /* Parse bridge network statuses from in/bridge-descriptors/. Skip + * this step if in/bridge-descriptors/ does not exist. */ + File bridgeDescriptorsDirectory = new File("in/bridge-descriptors"); + File bridgesPerDayFile = new File("out/bridges-per-day"); + File dirreqResponsesFile = new File("out/dirreq-responses"); + File dirreqWriteHistoryFile = new File("out/dirreq-write-history"); + File bridgeStatsUsersFile = new File("out/bridge-stats-users"); + SimpleDateFormat dateTimeFormat = new SimpleDateFormat( + "yyyy-MM-dd HH:mm:ss"); + dateTimeFormat.setTimeZone(TimeZone.getTimeZone("UTC")); + if (bridgeDescriptorsDirectory.exists()) { + + /* Read hashed fingerprints from disk, so that we can include in the + * intermediate files whether a bridge was running as non-bridge + * relay before. */ + SortedSet<String> hashedFingerprints = new TreeSet<String>(); + String line; + BufferedReader br = new BufferedReader(new FileReader( + hashedFingerprintsFile)); + while ((line = br.readLine()) != null) { + hashedFingerprints.add(line.toUpperCase()); + } + br.close(); + + /* Prepare data structures for first collecting everything we parse. + * There may be duplicates which we can best remove in memory. */ + SortedMap<String, List<Integer>> bridgesPerDay = + new TreeMap<String, List<Integer>>(); + SortedSet<String> dirreqResponses = new TreeSet<String>(); + SortedMap<String, SortedMap<Long, Long>> dirreqWriteHistory = + new TreeMap<String, SortedMap<Long, Long>>(); + SortedSet<String> bridgeIps = new TreeSet<String>(); + + /* Parse everything in in/bridge-descriptors/. */ + DescriptorReader descriptorReader = + DescriptorSourceFactory.createDescriptorReader(); + descriptorReader.addDirectory(bridgeDescriptorsDirectory); + Iterator<DescriptorFile> descriptorFiles = + descriptorReader.readDescriptors(); + while (descriptorFiles.hasNext()) { + DescriptorFile descriptorFile = descriptorFiles.next(); + for (Descriptor descriptor : descriptorFile.getDescriptors()) { + if (descriptor instanceof BridgeNetworkStatus) { + BridgeNetworkStatus status = (BridgeNetworkStatus) descriptor; + + /* Extract number of running bridges to calculate daily means. + * Skip network statuses where less than 1% of bridges have + * the Running flag. */ + String date = dateFormat.format(status.getPublishedMillis()); + int totalBridges = 0, runningBridges = 0; + for (NetworkStatusEntry statusEntry : + status.getStatusEntries().values()) { + totalBridges++; + if (statusEntry.getFlags().contains("Running")) { + runningBridges++; + } + } + if (runningBridges * 100 > totalBridges) { + if (!bridgesPerDay.containsKey(date)) { + bridgesPerDay.put(date, new ArrayList<Integer>()); + } + bridgesPerDay.get(date).add(runningBridges); + } + } else if (descriptor instanceof ExtraInfoDescriptor) { + ExtraInfoDescriptor extraInfoDescriptor = + (ExtraInfoDescriptor) descriptor; + String fingerprint = extraInfoDescriptor.getFingerprint(). + toUpperCase(); + String wasSeenAsRelay = hashedFingerprints.contains( + fingerprint) ? "TRUE" : "FALSE"; + + /* Extract v3 directory request response numbers from dirreq + * stats, if available. */ + if (extraInfoDescriptor.getDirreqStatsEndMillis() >= 0 && + extraInfoDescriptor.getDirreqStatsIntervalLength() + == 86400 && + extraInfoDescriptor.getDirreqV3Resp() != null && + extraInfoDescriptor.getDirreqV3Resp().containsKey("ok")) { + String dirreqStatsEnd = dateTimeFormat.format( + extraInfoDescriptor.getDirreqStatsEndMillis()); + SortedMap<String, Integer> resp = + extraInfoDescriptor.getDirreqV3Resp(); + String ok = String.valueOf(resp.get("ok")); + String notEnoughSigs = resp.containsKey("not-enough-sigs") + ? String.valueOf(resp.get("not-enough-sigs")) : "NA"; + String unavailable = resp.containsKey("unavailable") + ? String.valueOf(resp.get("unavailable")) : "NA"; + String notFound = resp.containsKey("not-found") + ? String.valueOf(resp.get("not-found")) : "NA"; + String notModified = resp.containsKey("not-modified") + ? String.valueOf(resp.get("not-modified")) : "NA"; + String busy = resp.containsKey("busy") + ? String.valueOf(resp.get("busy")) : "NA"; + dirreqResponses.add(String.format( + "%s,%s,%s,%s,%s,%s,%s,%s%n", dirreqStatsEnd, + fingerprint, wasSeenAsRelay, ok, notEnoughSigs, + unavailable, notFound, notModified, busy)); + } + + /* Extract written directory bytes, if available. */ + if (extraInfoDescriptor.getDirreqWriteHistory() != null && + extraInfoDescriptor.getDirreqWriteHistory(). + getIntervalLength() == 900) { + if (!dirreqWriteHistory.containsKey(fingerprint)) { + dirreqWriteHistory.put(fingerprint, + new TreeMap<Long, Long>()); + } + dirreqWriteHistory.get(fingerprint).putAll( + extraInfoDescriptor.getDirreqWriteHistory(). + getBandwidthValues()); + } + + /* Sum up unique IP address counts from .sy and from all + * countries from bridge stats, if available. */ + if (extraInfoDescriptor.getBridgeStatsEndMillis() >= 0 && + extraInfoDescriptor.getBridgeStatsIntervalLength() + == 86400 && + extraInfoDescriptor.getBridgeIps() != null) { + String bridgeStatsEnd = dateTimeFormat.format( + extraInfoDescriptor.getBridgeStatsEndMillis()); + int sy = 0, all = 0; + for (Map.Entry<String, Integer> e : + extraInfoDescriptor.getBridgeIps().entrySet()) { + String country = e.getKey(); + int adjustedIps = e.getValue() - 4; + if (country.equals("sy")) { + sy = adjustedIps; + } + all += adjustedIps; + } + bridgeIps.add(String.format("%s,%s,%s,%d,%d%n", + bridgeStatsEnd, fingerprint, wasSeenAsRelay, sy, all)); + } + } + } + } + + /* Write to disk what we learned while parsing bridge extra-info + * descriptors. */ + bridgesPerDayFile.getParentFile().mkdirs(); + BufferedWriter bw = new BufferedWriter(new FileWriter( + bridgesPerDayFile)); + for (Map.Entry<String, List<Integer>> e : + bridgesPerDay.entrySet()) { + String date = e.getKey(); + List<Integer> bridges = e.getValue(); + int sum = 0; + for (int b : bridges) { + sum += b; + } + bw.write(String.format("%s,%d%n", date, sum / bridges.size())); + } + bw.close(); + dirreqResponsesFile.getParentFile().mkdirs(); + bw = new BufferedWriter(new FileWriter(dirreqResponsesFile)); + for (String resp : dirreqResponses) { + bw.write(resp); + } + bw.close(); + bridgeStatsUsersFile.getParentFile().mkdirs(); + bw = new BufferedWriter(new FileWriter(bridgeStatsUsersFile)); + for (String ips : bridgeIps) { + bw.write(ips); + } + bw.close(); + bw = new BufferedWriter(new FileWriter(dirreqWriteHistoryFile)); + for (Map.Entry<String, SortedMap<Long, Long>> e : + dirreqWriteHistory.entrySet()) { + String fingerprint = e.getKey(); + String wasSeenAsRelay = hashedFingerprints.contains( + fingerprint) ? "TRUE" : "FALSE"; + for (Map.Entry<Long, Long> f : e.getValue().entrySet()) { + String historyIntervalEnd = dateTimeFormat.format(f.getKey()); + bw.write(String.format("%s,%s,%d,%s%n", fingerprint, + historyIntervalEnd, f.getValue(), wasSeenAsRelay)); + } + } + bw.close(); + } + + /* Aggregate the parse results from above and write relevant data for + * estimating daily bridge users to disk. Write results to + * out/bridge-dirreq-stats. This step is distinct from the parsing + * steps, so that the parsing only has to be done once, whereas the + * aggregation can be tweaked and re-run easily. */ + File bridgeDirreqStatsNoRelaysFile = + new File("out/bridge-dirreq-stats-no-relays"); + File bridgeDirreqStatsAllBridgesFile = + new File("out/bridge-dirreq-stats-all-bridges"); + if (bridgesPerDayFile.exists() && + dirreqResponsesFile.exists() && + bridgeStatsUsersFile.exists() && + dirreqWriteHistoryFile.exists() && + consensusesPerDayFile.exists()) { + + /* Run the aggregation twice, once for all bridges and once for only + * bridges which haven't been seen as non-bridge relays before. */ + boolean[] exclude = new boolean[] { true, false }; + File[] outFiles = new File[] { bridgeDirreqStatsNoRelaysFile, + bridgeDirreqStatsAllBridgesFile }; + for (int r = 0; r < 2; r++) { + boolean excludeHashedFingerprints = exclude[r]; + File outFile = outFiles[r]; + + /* Read parse results back to memory. */ + SortedMap<String, Integer> bridgesPerDay = + new TreeMap<String, Integer>(); + BufferedReader br = new BufferedReader(new FileReader( + bridgesPerDayFile)); + String line; + while ((line = br.readLine()) != null) { + String[] parts = line.split(","); + bridgesPerDay.put(parts[0], Integer.parseInt(parts[1])); + } + br.close(); + SortedMap<String, SortedMap<Long, Long>> dirreqOkResponses = + new TreeMap<String, SortedMap<Long, Long>>(); + br = new BufferedReader(new FileReader(dirreqResponsesFile)); + while ((line = br.readLine()) != null) { + String[] parts = line.split(","); + if (excludeHashedFingerprints && parts[2].equals("TRUE")) { + /* Skip, because this bridge has been seen as relay before. */ + continue; + } + String fingerprint = parts[1].toUpperCase(); + long dirreqStatsEndMillis = dateTimeFormat.parse(parts[0]). + getTime(); + long ok = Long.parseLong(parts[3]); + if (!dirreqOkResponses.containsKey(fingerprint)) { + dirreqOkResponses.put(fingerprint, new TreeMap<Long, Long>()); + } + dirreqOkResponses.get(fingerprint).put(dirreqStatsEndMillis, + ok); + } + br.close(); + SortedMap<String, long[]> ipsPerDay = + new TreeMap<String, long[]>(); + br = new BufferedReader(new FileReader(bridgeStatsUsersFile)); + while ((line = br.readLine()) != null) { + String[] parts = line.split(","); + if (excludeHashedFingerprints && parts[2].equals("TRUE")) { + /* Skip, because this bridge has been seen as relay before. */ + continue; + } + long bridgeStatsEndMillis = dateTimeFormat.parse(parts[0]). + getTime(); + long bridgeStatsStartMillis = bridgeStatsEndMillis - 86400000L; + long currentStartMillis = bridgeStatsStartMillis; + + /* Find UTC date break in the interval and make sure that we + * distribute IPs to the two days correctly. */ + String[] dates = new String[] { + dateFormat.format(bridgeStatsStartMillis), + dateFormat.format(bridgeStatsEndMillis) }; + long[] seconds = new long[2]; + if (!dates[0].equals(dates[1])) { + long dateBreakMillis = (bridgeStatsEndMillis / 86400000L) + * 86400000L; + seconds[0] = (dateBreakMillis - bridgeStatsStartMillis) + / 1000L; + bridgeStatsStartMillis = dateBreakMillis; + } + seconds[1] = (bridgeStatsEndMillis - bridgeStatsStartMillis) + / 1000L; + + /* Update per-day counters. */ + for (int i = 0; i < dates.length; i++) { + String date = dates[i]; + long sy = seconds[i] * Long.parseLong(parts[3]); + long all = seconds[i] * Long.parseLong(parts[4]); + if (!ipsPerDay.containsKey(date)) { + ipsPerDay.put(date, new long[] { 0L, 0L }); + } + ipsPerDay.get(date)[0] += sy; + ipsPerDay.get(date)[1] += all; + } + } + br.close(); + SortedMap<String, Integer> consensusesPerDay = + new TreeMap<String, Integer>(); + br = new BufferedReader(new FileReader(consensusesPerDayFile)); + while ((line = br.readLine()) != null) { + String[] parts = line.split(","); + consensusesPerDay.put(parts[0], Integer.parseInt(parts[1])); + } + br.close(); + br = new BufferedReader(new FileReader(dirreqWriteHistoryFile)); + SortedMap<String, SortedMap<Long, Long>> dirreqWriteHistory = + new TreeMap<String, SortedMap<Long, Long>>(); + while ((line = br.readLine()) != null) { + String[] parts = line.split(","); + if (excludeHashedFingerprints && parts[3].equals("TRUE")) { + /* Skip, because this bridge has been seen as relay before. */ + continue; + } + String fingerprint = parts[0].toUpperCase(); + long historyIntervalEndMillis = dateTimeFormat.parse(parts[1]). + getTime(); + long writtenBytes = Long.parseLong(parts[2]); + if (!dirreqWriteHistory.containsKey(fingerprint)) { + dirreqWriteHistory.put(fingerprint, new TreeMap<Long, Long>()); + } + dirreqWriteHistory.get(fingerprint).put(historyIntervalEndMillis, + writtenBytes); + } + br.close(); + + /* For every day, count reported v3 directory request responses, + * reported written directory bytes, and reporting bridges. + * Distinguish between bridges reporting both responses and bytes, + * bridges reporting only responses, and bridges reporting. Map + * keys are dates, map values are the number of responses, bytes, + * or bridges. */ + SortedMap<String, Long> + responsesReportingBoth = new TreeMap<String, Long>(), + responsesNotReportingBytes = new TreeMap<String, Long>(), + bytesReportingBoth = new TreeMap<String, Long>(), + bytesNotReportingResponses = new TreeMap<String, Long>(), + bridgesReportingBoth = new TreeMap<String, Long>(), + bridgesNotReportingBytes = new TreeMap<String, Long>(), + bridgesNotReportingResponses = new TreeMap<String, Long>(); + + /* Consider each bridge separately. */ + SortedSet<String> allFingerprints = new TreeSet<String>(); + allFingerprints.addAll(dirreqOkResponses.keySet()); + allFingerprints.addAll(dirreqWriteHistory.keySet()); + for (String fingerprint : allFingerprints) { + + /* Obtain iterators over dirreq stats intervals and dirreq write + * history intervals, from oldest to newest. Either iterator + * may contain zero elements if the bridge did not report any + * values, but not both. */ + SortedMap<Long, Long> bridgeDirreqOkResponses = + dirreqOkResponses.containsKey(fingerprint) ? + dirreqOkResponses.get(fingerprint) : + new TreeMap<Long, Long>(); + SortedMap<Long, Long> bridgeDirreqWriteHistory = + dirreqWriteHistory.containsKey(fingerprint) ? + dirreqWriteHistory.get(fingerprint) : + new TreeMap<Long, Long>(); + Iterator<Long> responsesIterator = + bridgeDirreqOkResponses.keySet().iterator(); + Iterator<Long> historyIterator = + bridgeDirreqWriteHistory.keySet().iterator(); + + /* Keep references to the currently considered intervals. */ + long responseEndMillis = responsesIterator.hasNext() ? + responsesIterator.next() : Long.MAX_VALUE; + long historyEndMillis = historyIterator.hasNext() ? + historyIterator.next() : Long.MAX_VALUE; + + /* Keep the time until when we have processed statistics. */ + long currentStartMillis = 0L; + + /* Iterate over both responses and byte histories until we set + * both to Long.MAX_VALUE, indicating that there are no further + * values. */ + while (responseEndMillis < Long.MAX_VALUE || + historyEndMillis < Long.MAX_VALUE) { + + /* Dirreq-stats intervals are guaranteed to be 24 hours long, + * and dirreq-write-history intervals are 15 minutes long. + * This is guaranteed in the parsing code above. It allows us + * to calculate interval starts. Also, if we have already + * processed part of an interval, move the considered interval + * start accordingly. */ + long historyStartMillis = Math.max(currentStartMillis, + historyEndMillis - 900000L); + long responseStartMillis = Math.max(currentStartMillis, + responseEndMillis - 86400000L); + + /* Determine start and end time of the next interval, and + * whether the bridge reported dirreq-stats in that interval, + * or dirreq histories, or both. */ + long currentEndMillis; + boolean addHistory = false, addResponses = false; + if (historyStartMillis < responseStartMillis) { + currentStartMillis = historyStartMillis; + currentEndMillis = Math.min(historyEndMillis, + responseStartMillis); + addHistory = true; + } else if (responseStartMillis < historyStartMillis) { + currentStartMillis = responseStartMillis; + currentEndMillis = Math.min(historyStartMillis, + responseEndMillis); + addResponses = true; + } else { + currentStartMillis = historyStartMillis; + currentEndMillis = Math.min(historyEndMillis, + responseEndMillis); + addHistory = true; + addResponses = true; + } + + /* Depending on which statistics the bridge reported in the + * determined interval, obtain the number of bytes or + * responses to add. */ + long bytesInInterval = 0L, responsesInInterval = 0L; + if (addHistory) { + bytesInInterval = bridgeDirreqWriteHistory. + get(historyEndMillis); + } + if (addResponses) { + responsesInInterval = bridgeDirreqOkResponses. + get(responseEndMillis); + } + + /* Find out if there is a UTC date break in the interval to be + * added. If there is, make sure that we distribute responses + * and bytes to the two days correctly. */ + String[] dates = new String[] { + dateFormat.format(currentStartMillis), + dateFormat.format(currentEndMillis) }; + long[] seconds = new long[2]; + if (!dates[0].equals(dates[1])) { + long dateBreakMillis = (currentEndMillis / 86400000L) + * 86400000L; + seconds[0] = (dateBreakMillis - currentStartMillis) / 1000L; + currentStartMillis = dateBreakMillis; + } + seconds[1] = (currentEndMillis - currentStartMillis) / 1000L; + + /* Update per-day counters. */ + for (int i = 0; i < dates.length; i++) { + String date = dates[i]; + long bytes = seconds[i] * bytesInInterval; + long responses = seconds[i] * responsesInInterval; + if (!bytesReportingBoth.containsKey(date)) { + bytesReportingBoth.put(date, 0L); + bytesNotReportingResponses.put(date, 0L); + responsesReportingBoth.put(date, 0L); + responsesNotReportingBytes.put(date, 0L); + bridgesReportingBoth.put(date, 0L); + bridgesNotReportingBytes.put(date, 0L); + bridgesNotReportingResponses.put(date, 0L); + } + if (addHistory) { + if (addResponses) { + bytesReportingBoth.put(date, + bytesReportingBoth.get(date) + bytes); + responsesReportingBoth.put(date, + responsesReportingBoth.get(date) + responses); + bridgesReportingBoth.put(date, + bridgesReportingBoth.get(date) + seconds[i]); + } else { + bytesNotReportingResponses.put(date, + bytesNotReportingResponses.get(date) + bytes); + bridgesNotReportingResponses.put(date, + bridgesNotReportingResponses.get(date) + + seconds[i]); + } + } else if (addResponses) { + responsesNotReportingBytes.put(date, + responsesNotReportingBytes.get(date) + responses); + bridgesNotReportingBytes.put(date, + bridgesNotReportingBytes.get(date) + seconds[i]); + } + } + + /* Move next interval start to the current interval end, and + * possibly move to the next stats intervals. If we have run + * out of intervals in either or both of the sets, change the + * reference to Long.MAX_VALUE to add the other intervals and + * finally exit the loop. */ + currentStartMillis = currentEndMillis; + if (historyEndMillis <= currentStartMillis) { + historyEndMillis = historyIterator.hasNext() ? + historyIterator.next() : Long.MAX_VALUE; + } + if (responseEndMillis <= currentStartMillis) { + responseEndMillis = responsesIterator.hasNext() ? + responsesIterator.next() : Long.MAX_VALUE; + } + } + } + + /* Put together what we learned about bridge usage per day. */ + outFile.getParentFile().mkdirs(); + BufferedWriter bw = new BufferedWriter(new FileWriter(outFile)); + bw.write("date,nabcd,sy,consensuses,ha,hc,ra,rb,na,nb,nc\n"); + for (String date : bytesReportingBoth.keySet()) { + String bridges = "NA"; + if (bridgesPerDay.containsKey(date)) { + bridges = String.valueOf(bridgesPerDay.get(date) * 86400L); + } + String sy = "NA"; + if (ipsPerDay.containsKey(date)) { + long[] ips = ipsPerDay.get(date); + sy = String.format("%.5f", ((double) ips[0]) + / ((double) ips[1])); + } + String consensuses = "NA"; + if (consensusesPerDay.containsKey(date)) { + consensuses = String.valueOf(consensusesPerDay.get(date)); + } + bw.write(String.format("%s,%s,%s,%s,%d,%d,%d,%d,%d,%d,%d%n", + date, bridges, sy, consensuses, + bytesReportingBoth.get(date), + bytesNotReportingResponses.get(date), + responsesReportingBoth.get(date), + responsesNotReportingBytes.get(date), + bridgesReportingBoth.get(date), + bridgesNotReportingBytes.get(date), + bridgesNotReportingResponses.get(date))); + } + bw.close(); + } + } + } +} +

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits October 2012