December 2021 - tor-commits - lists.torproject.org

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 21952: Implement Onion-Location
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 581a52cdf10c8822d6bd01202ee10e51d240845c Author: Alex Catarineu <acat(a)torproject.org> Date: Thu Mar 5 22:16:39 2020 +0100 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML <meta> http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. --- browser/base/content/browser.js | 12 ++ browser/base/content/navigator-toolbox.inc.xhtml | 3 + browser/components/BrowserGlue.jsm | 13 ++ .../onionservices/OnionLocationChild.jsm | 39 +++++ .../onionservices/OnionLocationParent.jsm | 168 +++++++++++++++++++++ .../content/onionlocation-notification-icons.css | 5 + .../onionservices/content/onionlocation-urlbar.css | 60 ++++++++ .../content/onionlocation-urlbar.inc.xhtml | 10 ++ .../onionservices/content/onionlocation.svg | 3 + .../content/onionlocationPreferences.inc.xhtml | 11 ++ .../content/onionlocationPreferences.js | 31 ++++ browser/components/onionservices/jar.mn | 2 + browser/components/onionservices/moz.build | 2 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 17 +++ browser/themes/shared/notification-icons.inc.css | 2 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 34 ++++- dom/base/Document.h | 2 + dom/webidl/Document.webidl | 8 + modules/libpref/init/StaticPrefList.yaml | 5 + xpcom/ds/StaticAtoms.py | 1 + 22 files changed, 431 insertions(+), 1 deletion(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index b934e112eb23..090de22cb294 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -49,6 +49,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { NetUtil: "resource://gre/modules/NetUtil.jsm", NewTabUtils: "resource://gre/modules/NewTabUtils.jsm", OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PageActions: "resource:///modules/PageActions.jsm", PageThumbs: "resource://gre/modules/PageThumbs.jsm", PanelMultiView: "resource:///modules/PanelMultiView.jsm", @@ -5304,6 +5305,7 @@ var XULBrowserWindow = { CFRPageActions.updatePageActions(gBrowser.selectedBrowser); AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser); + OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser); if (!gMultiProcessBrowser) { // Bug 1108553 - Cannot rotate images with e10s @@ -5794,6 +5796,16 @@ var CombinedStopReload = { var TabsProgressListener = { onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { + // Clear OnionLocation UI + if ( + aStateFlags & Ci.nsIWebProgressListener.STATE_START && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK && + aRequest && + aWebProgress.isTopLevel + ) { + OnionLocationParent.onStateChange(aBrowser); + } + // Collect telemetry data about tab load times. if ( aWebProgress.isTopLevel && diff --git a/browser/base/content/navigator-toolbox.inc.xhtml b/browser/base/content/navigator-toolbox.inc.xhtml index 7a2715e9e604..1aad36ab3bfc 100644 --- a/browser/base/content/navigator-toolbox.inc.xhtml +++ b/browser/base/content/navigator-toolbox.inc.xhtml @@ -358,6 +358,9 @@ onclick="FullZoom.reset(); FullZoom.resetScalingZoom();" tooltip="dynamic-shortcut-tooltip" hidden="true"/> + +#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml + <hbox id="pageActionButton" class="urlbar-page-action urlbar-icon-wrapper" role="button" diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 818cbb04837a..3fc7e912ff0c 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -545,6 +545,19 @@ let JSWINDOWACTORS = { allFrames: true, }, + OnionLocation: { + parent: { + moduleURI: "resource:///modules/OnionLocationParent.jsm", + }, + child: { + moduleURI: "resource:///modules/OnionLocationChild.jsm", + events: { + pageshow: { mozSystemGroup: true }, + }, + }, + messageManagerGroups: ["browsers"], + }, + PageInfo: { child: { moduleURI: "resource:///actors/PageInfoChild.jsm", diff --git a/browser/components/onionservices/OnionLocationChild.jsm b/browser/components/onionservices/OnionLocationChild.jsm new file mode 100644 index 000000000000..9e00054ac56c --- /dev/null +++ b/browser/components/onionservices/OnionLocationChild.jsm @@ -0,0 +1,39 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationChild"]; + +class OnionLocationChild extends JSWindowActorChild { + handleEvent(event) { + this.onPageShow(event); + } + + onPageShow(event) { + if (event.target != this.document) { + return; + } + const onionLocationURI = this.document.onionLocationURI; + if (onionLocationURI) { + this.sendAsyncMessage("OnionLocation:Set"); + } + } + + receiveMessage(aMessage) { + if (aMessage.name == "OnionLocation:Refresh") { + const doc = this.document; + const docShell = this.docShell; + const onionLocationURI = doc.onionLocationURI; + const refreshURI = docShell.QueryInterface(Ci.nsIRefreshURI); + if (onionLocationURI && refreshURI) { + refreshURI.refreshURI( + onionLocationURI, + doc.nodePrincipal, + 0, + false, + true + ); + } + } + } +} diff --git a/browser/components/onionservices/OnionLocationParent.jsm b/browser/components/onionservices/OnionLocationParent.jsm new file mode 100644 index 000000000000..f6250e554862 --- /dev/null +++ b/browser/components/onionservices/OnionLocationParent.jsm @@ -0,0 +1,168 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +var EXPORTED_SYMBOLS = ["OnionLocationParent"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); + +// Prefs +const NOTIFICATION_PREF = "privacy.prioritizeonions.showNotification"; +const PRIORITIZE_ONIONS_PREF = "privacy.prioritizeonions.enabled"; + +// Element IDs +const ONIONLOCATION_BOX_ID = "onion-location-box"; +const ONIONLOCATION_BUTTON_ID = "onion-location-button"; +const ONIONLOCATION_LABEL_ID = "onion-label"; + +// Notification IDs +const NOTIFICATION_ID = "onion-location"; +const NOTIFICATION_ANCHOR_ID = "onionlocation"; + +// Strings +const STRING_ONION_AVAILABLE = TorStrings.onionLocation.onionAvailable; +const NOTIFICATION_CANCEL_LABEL = TorStrings.onionLocation.notNow; +const NOTIFICATION_CANCEL_ACCESSKEY = TorStrings.onionLocation.notNowAccessKey; +const NOTIFICATION_OK_LABEL = TorStrings.onionLocation.alwaysPrioritize; +const NOTIFICATION_OK_ACCESSKEY = + TorStrings.onionLocation.alwaysPrioritizeAccessKey; +const NOTIFICATION_TITLE = TorStrings.onionLocation.tryThis; +const NOTIFICATION_DESCRIPTION = TorStrings.onionLocation.description; +const NOTIFICATION_LEARN_MORE_URL = TorStrings.onionLocation.learnMoreURL; + +class OnionLocationParent extends JSWindowActorParent { + // Listeners are added in BrowserGlue.jsm + receiveMessage(aMsg) { + switch (aMsg.name) { + case "OnionLocation:Set": + let browser = this.browsingContext.embedderElement; + OnionLocationParent.setOnionLocation(browser); + break; + } + } + + static buttonClick(event) { + if (event.button !== 0) { + return; + } + const win = event.target.ownerGlobal; + if (win.gBrowser) { + const browser = win.gBrowser.selectedBrowser; + OnionLocationParent.redirect(browser); + } + } + + static redirect(browser) { + let windowGlobal = browser.browsingContext.currentWindowGlobal; + let actor = windowGlobal.getActor("OnionLocation"); + if (actor) { + actor.sendAsyncMessage("OnionLocation:Refresh", {}); + OnionLocationParent.setDisabled(browser); + } + } + + static onStateChange(browser) { + delete browser._onionLocation; + OnionLocationParent.hideNotification(browser); + } + + static setOnionLocation(browser) { + browser._onionLocation = true; + let tabBrowser = browser.getTabBrowser(); + if (tabBrowser && browser === tabBrowser.selectedBrowser) { + OnionLocationParent.updateOnionLocationBadge(browser); + } + } + + static hideNotification(browser) { + const win = browser.ownerGlobal; + if (browser._onionLocationPrompt) { + win.PopupNotifications.remove(browser._onionLocationPrompt); + } + } + + static showNotification(browser) { + const mustShow = Services.prefs.getBoolPref(NOTIFICATION_PREF, true); + if (!mustShow) { + return; + } + + const win = browser.ownerGlobal; + Services.prefs.setBoolPref(NOTIFICATION_PREF, false); + + const mainAction = { + label: NOTIFICATION_OK_LABEL, + accessKey: NOTIFICATION_OK_ACCESSKEY, + callback() { + Services.prefs.setBoolPref(PRIORITIZE_ONIONS_PREF, true); + OnionLocationParent.redirect(browser); + win.openPreferences("privacy-onionservices"); + }, + }; + + const cancelAction = { + label: NOTIFICATION_CANCEL_LABEL, + accessKey: NOTIFICATION_CANCEL_ACCESSKEY, + callback: () => {}, + }; + + const options = { + autofocus: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { + if (aTopic === "removed") { + delete browser._onionLocationPrompt; + delete browser.onionpopupnotificationanchor; + } + }, + learnMoreURL: NOTIFICATION_LEARN_MORE_URL, + displayURI: { + hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have a title without extra markup/css. + }, + hideClose: true, + popupIconClass: "onionlocation-notification-icon", + }; + + // A hacky way of setting the popup anchor outside the usual url bar icon box + // onionlocationpopupnotificationanchor comes from `${ANCHOR_ID}popupnotificationanchor` + // From https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c4… + browser.onionlocationpopupnotificationanchor = win.document.getElementById( + ONIONLOCATION_BUTTON_ID + ); + + browser._onionLocationPrompt = win.PopupNotifications.show( + browser, + NOTIFICATION_ID, + NOTIFICATION_DESCRIPTION, + NOTIFICATION_ANCHOR_ID, + mainAction, + [cancelAction], + options + ); + } + + static setEnabled(browser) { + const win = browser.ownerGlobal; + const label = win.document.getElementById(ONIONLOCATION_LABEL_ID); + label.textContent = STRING_ONION_AVAILABLE; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.removeAttribute("hidden"); + } + + static setDisabled(browser) { + const win = browser.ownerGlobal; + const elem = win.document.getElementById(ONIONLOCATION_BOX_ID); + elem.setAttribute("hidden", true); + } + + static updateOnionLocationBadge(browser) { + if (browser._onionLocation) { + OnionLocationParent.setEnabled(browser); + OnionLocationParent.showNotification(browser); + } else { + OnionLocationParent.setDisabled(browser); + } + } +} diff --git a/browser/components/onionservices/content/onionlocation-notification-icons.css b/browser/components/onionservices/content/onionlocation-notification-icons.css new file mode 100644 index 000000000000..7c8a6d892c6f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-notification-icons.css @@ -0,0 +1,5 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +.onionlocation-notification-icon { + display: none; +} \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocation-urlbar.css b/browser/components/onionservices/content/onionlocation-urlbar.css new file mode 100644 index 000000000000..7b7051ace675 --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.css @@ -0,0 +1,60 @@ +/* Copyright (c) 2020, The Tor Project, Inc. */ + +#onion-location-box { + height: 28px; + + background-color: var(--purple-60); + -moz-context-properties: fill; + fill: white; +} + +#onion-location-box:hover { + background-color: var(--purple-70); +} + +#onion-location-box:active { + background-color: var(--purple-80); +} + +@media (prefers-color-scheme: dark) { + #onion-location-box { + background-color: var(--purple-50); + } + + #onion-location-box:hover { + background-color: var(--purple-60); + } + + #onion-location-box:active { + background-color: var(--purple-70); + } +} + +#onion-location-button { + list-style-image: url(chrome://browser/content/onionservices/onionlocation.svg); + padding-inline-start: 0.5em; +} + +label#onion-label { + line-height: 28px; + margin: 0; + padding-block: 0; + padding-inline: 0.5em; + color: white; + font-weight: bold; +} + +/* set appropriate sizes for the non-standard ui densities */ +:root[uidensity=compact] hbox.urlbar-page-action#onion-location-box { + height: 24px; +} +:root[uidensity=compact] label#onion-label { + line-height: 24px; +} + +:root[uidensity=touch] hbox.urlbar-page-action#onion-location-box { + height: 30px; +} +:root[uidensity=touch] label#onion-label { + line-height: 30px; +} diff --git a/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml new file mode 100644 index 000000000000..b612a4236f3c --- /dev/null +++ b/browser/components/onionservices/content/onionlocation-urlbar.inc.xhtml @@ -0,0 +1,10 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<hbox id="onion-location-box" + class="urlbar-icon-wrapper urlbar-page-action" + role="button" + hidden="true" + onclick="OnionLocationParent.buttonClick(event);"> + <image id="onion-location-button" role="presentation"/> + <hbox id="onion-label-container"><label id="onion-label"/></hbox> +</hbox> diff --git a/browser/components/onionservices/content/onionlocation.svg b/browser/components/onionservices/content/onionlocation.svg new file mode 100644 index 000000000000..37f40ac1812f --- /dev/null +++ b/browser/components/onionservices/content/onionlocation.svg @@ -0,0 +1,3 @@ +<svg width="16" height="16" viewBox="0 0 16 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> + <path fill="context-fill" fill-opacity="context-fill-opacity" d="m8.016411 14.54499v-0.969784c3.071908-0.0089 5.559239-2.501304 5.559239-5.575429 0-3.073903-2.487331-5.566336-5.559239-5.575206v-0.9697843c3.607473 0.00909 6.528802 2.935521 6.528802 6.544991 0 3.609691-2.921329 6.536342-6.528802 6.545213zm0-3.394356c1.732661-0.0091 3.135111-1.415756 3.135111-3.150857 0-1.734878-1.402451-3.141542-3.135111-3.150634v-0.9695626c2.268448 0.00887 4.104895 1.849753 4.104895 4.120197 0 2.270666-1.836447 4.111549-4.104895 4.120419zm0-4.846926c0.9294227 0.00887 1.680545 0.7644289 1.680545 1.696069 0 0.9318627-0.7511226 1.687421-1.680545 1.696291zm-8.016411 1.696069c0 4.418473 3.581527 8.000222 8 8.000222 4.418251 0 8-3.581749 8-8.000222 0-4.418251-3.581749-7.999778-8-7.999778-4.418473 0-8 3.581527-8 7.999778z" /> +</svg> \ No newline at end of file diff --git a/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml new file mode 100644 index 000000000000..c285f403f99b --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.inc.xhtml @@ -0,0 +1,11 @@ +# Copyright (c) 2020, The Tor Project, Inc. + +<groupbox id="onionServicesGroup" data-category="panePrivacy" data-subcategory="onionservices" hidden="true"> + <label><html:h2 id="onionServicesTitle"></html:h2></label> + <label><label class="tail-with-learn-more" id="prioritizeOnionsDesc"></label><label + class="learnMore" is="text-link" id="onionServicesLearnMore"></label></label> + <radiogroup id="prioritizeOnionsRadioGroup" aria-labelledby="prioritizeOnionsDesc" preference="privacy.prioritizeonions.enabled"> + <radio id="onionServicesRadioAlways" value="true"/> + <radio id="onionServicesRadioAsk" value="false"/> + </radiogroup> +</groupbox> diff --git a/browser/components/onionservices/content/onionlocationPreferences.js b/browser/components/onionservices/content/onionlocationPreferences.js new file mode 100644 index 000000000000..aa569b54721c --- /dev/null +++ b/browser/components/onionservices/content/onionlocationPreferences.js @@ -0,0 +1,31 @@ +// Copyright (c) 2020, The Tor Project, Inc. + +"use strict"; + +ChromeUtils.defineModuleGetter( + this, + "TorStrings", + "resource:///modules/TorStrings.jsm" +); + +const OnionLocationPreferences = { + init() { + document.getElementById("onionServicesTitle").textContent = + TorStrings.onionLocation.onionServicesTitle; + document.getElementById("prioritizeOnionsDesc").textContent = + TorStrings.onionLocation.prioritizeOnionsDescription; + const learnMore = document.getElementById("onionServicesLearnMore"); + learnMore.textContent = TorStrings.onionLocation.learnMore; + learnMore.href = TorStrings.onionLocation.learnMoreURL; + document.getElementById("onionServicesRadioAlways").label = + TorStrings.onionLocation.always; + document.getElementById("onionServicesRadioAsk").label = + TorStrings.onionLocation.askEverytime; + }, +}; + +Object.defineProperty(this, "OnionLocationPreferences", { + value: OnionLocationPreferences, + enumerable: true, + writable: false, +}); diff --git a/browser/components/onionservices/jar.mn b/browser/components/onionservices/jar.mn index 9d6ce88d1841..f45b16dc5d29 100644 --- a/browser/components/onionservices/jar.mn +++ b/browser/components/onionservices/jar.mn @@ -7,3 +7,5 @@ browser.jar: content/browser/onionservices/onionservices.css (content/onionservices.css) content/browser/onionservices/savedKeysDialog.js (content/savedKeysDialog.js) content/browser/onionservices/savedKeysDialog.xhtml (content/savedKeysDialog.xhtml) + content/browser/onionservices/onionlocationPreferences.js (content/onionlocationPreferences.js) + content/browser/onionservices/onionlocation.svg (content/onionlocation.svg) diff --git a/browser/components/onionservices/moz.build b/browser/components/onionservices/moz.build index 815685322024..8027233d65a6 100644 --- a/browser/components/onionservices/moz.build +++ b/browser/components/onionservices/moz.build @@ -4,4 +4,6 @@ EXTRA_JS_MODULES += [ "ExtensionMessaging.jsm", "HttpsEverywhereControl.jsm", "OnionAliasStore.jsm", + "OnionLocationChild.jsm", + "OnionLocationParent.jsm", ] diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 7d3bc3a663ed..eb1cedfdd4c9 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -14,6 +14,8 @@ <html:h1 data-l10n-id="privacy-header"/> </hbox> +#include ../onionservices/content/onionlocationPreferences.inc.xhtml +  <groupbox id="trackingGroup" data-category="panePrivacy" hidden="true" aria-describedby="contentBlockingDescription"> <label id="contentBlockingHeader"><html:h2 data-l10n-id="content-blocking-enhanced-tracking-protection"/></label> diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 932d4291e486..1985b5489fc1 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -93,6 +93,12 @@ XPCOMUtils.defineLazyScriptGetter( "chrome://browser/content/securitylevel/securityLevel.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["OnionLocationPreferences"], + "chrome://browser/content/onionservices/onionlocationPreferences.js" +); + XPCOMUtils.defineLazyServiceGetter( this, "listManager", @@ -169,6 +175,9 @@ Preferences.addAll([ // Do not track { id: "privacy.donottrackheader.enabled", type: "bool" }, + // Onion Location + { id: "privacy.prioritizeonions.enabled", type: "bool" }, + // Media { id: "media.autoplay.default", type: "int" }, @@ -333,6 +342,13 @@ var gPrivacyPane = { window.addEventListener("unload", unload); }, + /** + * Show the OnionLocation preferences UI + */ + _initOnionLocation() { + OnionLocationPreferences.init(); + }, + /** * Whether the prompt to restart Firefox should appear when changing the autostart pref. */ @@ -530,6 +546,7 @@ var gPrivacyPane = { this._initTrackingProtectionExtensionControl(); OnionServicesAuthPreferences.init(); this._initSecurityLevel(); + this._initOnionLocation(); Services.telemetry.setEventRecordingEnabled("pwmgr", true); diff --git a/browser/themes/shared/notification-icons.inc.css b/browser/themes/shared/notification-icons.inc.css index 67dd640baf16..83248f71c60d 100644 --- a/browser/themes/shared/notification-icons.inc.css +++ b/browser/themes/shared/notification-icons.inc.css @@ -449,3 +449,5 @@ -moz-context-properties: fill; fill: var(--panel-banner-item-warning-icon-bgcolor); } + +%include ../../components/onionservices/content/onionlocation-notification-icons.css diff --git a/browser/themes/shared/urlbar-searchbar.inc.css b/browser/themes/shared/urlbar-searchbar.inc.css index 82675dae2041..0158597991ec 100644 --- a/browser/themes/shared/urlbar-searchbar.inc.css +++ b/browser/themes/shared/urlbar-searchbar.inc.css @@ -745,3 +745,5 @@ moz-input-box > menupopup .context-menu-add-engine > .menu-iconic-left::after { .searchbar-textbox::placeholder { opacity: 0.69; } + +%include ../../components/onionservices/content/onionlocation-urlbar.css diff --git a/dom/base/Document.cpp b/dom/base/Document.cpp index a58e76cb5258..b00399e2eccb 100644 --- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -2779,6 +2779,7 @@ void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup, // mDocumentURI. mDocumentBaseURI = nullptr; mChromeXHRDocBaseURI = nullptr; + mOnionLocationURI = nullptr; // Check if the current document is the top-level DevTools document. // For inner DevTools frames, mIsDevToolsDocument will be set when @@ -6486,6 +6487,22 @@ void Document::GetHeaderData(nsAtom* aHeaderField, nsAString& aData) const { } } +static bool IsValidOnionLocation(nsIURI* aDocumentURI, + nsIURI* aOnionLocationURI) { + bool isHttpish; + nsAutoCString host; + return aDocumentURI && aOnionLocationURI && + NS_SUCCEEDED(aDocumentURI->SchemeIs("https", &isHttpish)) && + isHttpish && NS_SUCCEEDED(aDocumentURI->GetAsciiHost(host)) && + !StringEndsWith(host, ".onion"_ns) && + ((NS_SUCCEEDED(aOnionLocationURI->SchemeIs("http", &isHttpish)) && + isHttpish) || + (NS_SUCCEEDED(aOnionLocationURI->SchemeIs("https", &isHttpish)) && + isHttpish)) && + NS_SUCCEEDED(aOnionLocationURI->GetAsciiHost(host)) && + StringEndsWith(host, ".onion"_ns); +} + void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { if (!aHeaderField) { NS_ERROR("null headerField"); @@ -6560,6 +6577,21 @@ void Document::SetHeaderData(nsAtom* aHeaderField, const nsAString& aData) { aHeaderField == nsGkAtoms::handheldFriendly) { mViewportType = Unknown; } + + if (aHeaderField == nsGkAtoms::headerOnionLocation && !aData.IsEmpty()) { + nsCOMPtr<nsIURI> onionURI; + if (NS_SUCCEEDED(NS_NewURI(getter_AddRefs(onionURI), aData)) && + IsValidOnionLocation(Document::GetDocumentURI(), onionURI)) { + if (StaticPrefs::privacy_prioritizeonions_enabled()) { + nsCOMPtr<nsIRefreshURI> refresher(mDocumentContainer); + if (refresher) { + refresher->RefreshURI(onionURI, NodePrincipal(), 0, false, true); + } + } else { + mOnionLocationURI = onionURI; + } + } + } } void Document::TryChannelCharset(nsIChannel* aChannel, int32_t& aCharsetSource, @@ -10697,7 +10729,7 @@ void Document::RetrieveRelevantHeaders(nsIChannel* aChannel) { static const char* const headers[] = { "default-style", "content-style-type", "content-language", "content-disposition", "refresh", "x-dns-prefetch-control", - "x-frame-options", + "x-frame-options", "onion-location", // add more http headers if you need // XXXbz don't add content-location support without reading bug // 238654 and its dependencies/dups first. diff --git a/dom/base/Document.h b/dom/base/Document.h index 7165496397f3..c8de049526ea 100644 --- a/dom/base/Document.h +++ b/dom/base/Document.h @@ -3365,6 +3365,7 @@ class Document : public nsINode, void ReleaseCapture() const; void MozSetImageElement(const nsAString& aImageElementId, Element* aElement); nsIURI* GetDocumentURIObject() const; + nsIURI* GetOnionLocationURI() const { return mOnionLocationURI; } // Not const because all the fullscreen goop is not const const char* GetFullscreenError(CallerType); bool FullscreenEnabled(CallerType aCallerType) { @@ -4348,6 +4349,7 @@ class Document : public nsINode, nsCOMPtr<nsIURI> mChromeXHRDocURI; nsCOMPtr<nsIURI> mDocumentBaseURI; nsCOMPtr<nsIURI> mChromeXHRDocBaseURI; + nsCOMPtr<nsIURI> mOnionLocationURI; // The base domain of the document for third-party checks. nsCString mBaseDomain; diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl index a139ace11d4a..d934cf8da045 100644 --- a/dom/webidl/Document.webidl +++ b/dom/webidl/Document.webidl @@ -711,3 +711,11 @@ partial interface Document { [ChromeOnly] void setNotifyFormOrPasswordRemoved(boolean aShouldNotify); }; + +/** + * Extension to allows chrome JS to know whether the document has a valid + * Onion-Location that we could redirect to. + */ +partial interface Document { + [ChromeOnly] readonly attribute URI? onionLocationURI; +}; diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 26ba559b79b0..eeea2e3c41ce 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -10483,6 +10483,11 @@ value: "" mirror: never +- name: privacy.prioritizeonions.enabled + type: RelaxedAtomicBool + value: false + mirror: always + #--------------------------------------------------------------------------- # Prefs starting with "prompts." #--------------------------------------------------------------------------- diff --git a/xpcom/ds/StaticAtoms.py b/xpcom/ds/StaticAtoms.py index 2f5be143517b..f620f57a1213 100644 --- a/xpcom/ds/StaticAtoms.py +++ b/xpcom/ds/StaticAtoms.py @@ -821,6 +821,7 @@ STATIC_ATOMS = [ Atom("oninputsourceschange", "oninputsourceschange"), Atom("oninstall", "oninstall"), Atom("oninvalid", "oninvalid"), + Atom("headerOnionLocation", "onion-location"), Atom("onkeydown", "onkeydown"), Atom("onkeypress", "onkeypress"), Atom("onkeyup", "onkeyup"),

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40025: Remove Mozilla add-on install permissions
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 04513c4bfac1bd336649015ffbaf89a92ce146f9 Author: Alex Catarineu <acat(a)torproject.org> Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 5 ----- 1 file changed, 5 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index b75b839e366b..d8439d49346b 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -12,11 +12,6 @@ origin uitour 1 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://fpn.firefox.com

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit dde41cebb041afaafc57c5fa5aff1fae1e9691f0 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Thu Apr 16 17:07:09 2020 -0400 Bug 32418: Allow updates to be disabled via an enterprise policy. Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } } On Linux, avoid reading policies from /etc/firefox/policies/policies.json --- .../enterprisepolicies/EnterprisePoliciesParent.jsm | 14 ++++++++++++-- toolkit/components/enterprisepolicies/moz.build | 3 +++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm index f5de14798de1..9c702ea3fde8 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm +++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm @@ -4,6 +4,10 @@ var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"]; +// To ensure that policies intended for Firefox or another browser will not +// be used, Tor Browser only looks for policies in ${InstallDir}/distribution +#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION + const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); @@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import( ); XPCOMUtils.defineLazyModuleGetters(this, { +#ifndef AVOID_SYSTEM_POLICIES WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm", macOSPoliciesParser: "resource://gre/modules/policies/macOSPoliciesParser.jsm", +#endif Policies: "resource:///modules/policies/Policies.jsm", JsonSchemaValidator: "resource://gre/modules/components-utils/JsonSchemaValidator.jsm", @@ -140,11 +146,13 @@ EnterprisePoliciesManager.prototype = { _chooseProvider() { let platformProvider = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "win") { platformProvider = new WindowsGPOPoliciesProvider(); } else if (AppConstants.platform == "macosx") { platformProvider = new macOSPoliciesProvider(); } +#endif let jsonProvider = new JSONPoliciesProvider(); if (platformProvider && platformProvider.hasPolicies) { if (jsonProvider.hasPolicies) { @@ -491,7 +499,7 @@ class JSONPoliciesProvider { _getConfigurationFile() { let configFile = null; - +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "linux") { let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance( Ci.nsIFile @@ -504,7 +512,7 @@ class JSONPoliciesProvider { return systemConfigFile; } } - +#endif try { let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false); if (perUserPath) { @@ -585,6 +593,7 @@ class JSONPoliciesProvider { } } +#ifndef AVOID_SYSTEM_POLICIES class WindowsGPOPoliciesProvider { constructor() { this._policies = null; @@ -686,3 +695,4 @@ class CombinedProvider { return false; } } +#endif diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build index 09d2046e1bd7..3f685d3fbbd6 100644 --- a/toolkit/components/enterprisepolicies/moz.build +++ b/toolkit/components/enterprisepolicies/moz.build @@ -19,6 +19,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android": EXTRA_JS_MODULES += [ "EnterprisePolicies.jsm", "EnterprisePoliciesContent.jsm", + ] + + EXTRA_PP_JS_MODULES += [ "EnterprisePoliciesParent.jsm", ]

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 2e858dd7a5968dc4ed7fd287225871bffaf46637 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 9 12:55:35 2020 +0200 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots --- browser/app/profile/000-tor-browser.js | 3 +++ browser/components/BrowserGlue.jsm | 14 ++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index a80eafff5d58..2df0140bfe74 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -335,6 +335,9 @@ pref("security.enterprise_roots.enabled", false); // Don't ping Mozilla for MitM detection, see bug 32321 pref("security.certerrors.mitm.priming.enabled", false); +// Don't automatically enable enterprise roots, see bug 40166 +pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); + // Disable the language pack signing check for now on macOS, see #31942 #ifdef XP_MACOSX pref("extensions.langpacks.signatures.required", false); diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index d7acae6d8f9d..f486d234b695 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -1365,6 +1365,20 @@ BrowserGlue.prototype = { // handle any UI migration this._migrateUI(); + // Clear possibly auto enabled enterprise_roots prefs (see bug 40166) + if ( + !Services.prefs.getBoolPref( + "security.certerrors.mitm.auto_enable_enterprise_roots" + ) && + Services.prefs.getBoolPref( + "security.enterprise_roots.auto-enabled", + false + ) + ) { + Services.prefs.clearUserPref("security.enterprise_roots.enabled"); + Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled"); + } + if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) { PdfJs.checkIsDefault(this._isNewProfile); }

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit b7fec4e5bb5fc9d7840483b602a0f274ad48215b Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Sep 4 12:34:35 2020 +0200 Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop This loads HTTPS Everywhere as a builtin addon from a hardcoded resource:// URI in desktop. It also ensures that the non-builtin HTTPS Everywhere addon is always uninstalled on browser startup. The reason of making this desktop-only is that there are some issues when installing a builtin extension from geckoview side, making the extension not available on first startup. So, at least for now we handle the Fenix case separately. See #40118 for a followup for investigating these. --- browser/components/BrowserGlue.jsm | 37 ++++++++++++++++++++++ toolkit/components/extensions/Extension.jsm | 10 ++++-- .../mozapps/extensions/internal/XPIProvider.jsm | 13 ++++++++ 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 04b51b1c2cc1..d7acae6d8f9d 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { DownloadsViewableInternally: "resource:///modules/DownloadsViewableInternally.jsm", E10SUtils: "resource://gre/modules/E10SUtils.jsm", + ExtensionData: "resource://gre/modules/Extension.jsm", ExtensionsUI: "resource:///modules/ExtensionsUI.jsm", FeatureGate: "resource://featuregates/FeatureGate.jsm", FxAccounts: "resource://gre/modules/FxAccounts.jsm", @@ -120,6 +121,13 @@ XPCOMUtils.defineLazyServiceGetters(this, { PushService: ["@mozilla.org/push/Service;1", "nsIPushService"], }); +XPCOMUtils.defineLazyServiceGetters(this, { + resProto: [ + "@mozilla.org/network/protocol;1?name=resource", + "nsISubstitutingProtocolHandler", + ], +}); + const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state"; /** @@ -1382,6 +1390,35 @@ BrowserGlue.prototype = { "resource://builtin-themes/alpenglow/" ); + // Install https-everywhere builtin addon if needed. + (async () => { + const HTTPS_EVERYWHERE_ID = "https-everywhere-eff(a)eff.org"; + const HTTPS_EVERYWHERE_BUILTIN_URL = + "resource://torbutton/content/extensions/https-everywhere/"; + // This does something similar as GeckoViewWebExtension.jsm: it tries + // to load the manifest to retrieve the version of the builtin and + // compares it to the currently installed one to see whether we need + // to install or not. Here we delegate that to + // AddonManager.maybeInstallBuiltinAddon. + try { + const resolvedURI = Services.io.newURI( + resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL)) + ); + const extensionData = new ExtensionData(resolvedURI); + const manifest = await extensionData.loadManifest(); + + await AddonManager.maybeInstallBuiltinAddon( + HTTPS_EVERYWHERE_ID, + manifest.version, + HTTPS_EVERYWHERE_BUILTIN_URL + ); + } catch (e) { + const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader"); + log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter())); + log.error("Could not install https-everywhere extension", e); + } + })(); + if (AppConstants.MOZ_NORMANDY) { Normandy.init(); } diff --git a/toolkit/components/extensions/Extension.jsm b/toolkit/components/extensions/Extension.jsm index 08c5cf8a9190..783ec7c3391d 100644 --- a/toolkit/components/extensions/Extension.jsm +++ b/toolkit/components/extensions/Extension.jsm @@ -267,6 +267,7 @@ const LOGGER_ID_BASE = "addons.webextension."; const UUID_MAP_PREF = "extensions.webextensions.uuids"; const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall"; const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall"; +const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-eff(a)eff.org"]); const COMMENT_REGEXP = new RegExp( String.raw` @@ -413,7 +414,8 @@ var ExtensionAddonObserver = { ); } - if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) { + if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id)) { // Clear browser.storage.local backends. AsyncShutdown.profileChangeTeardown.addBlocker( `Clear Extension Storage ${addon.id} (File Backend)`, @@ -461,7 +463,8 @@ var ExtensionAddonObserver = { ExtensionPermissions.removeAll(addon.id); - if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) { + if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id)) { // Clear the entry in the UUID map UUIDMap.remove(addon.id); } @@ -2696,7 +2699,8 @@ class Extension extends ExtensionData { ); } else if ( this.startupReason === "ADDON_INSTALL" && - !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) + !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(this.id) ) { // If the extension has been just installed, set it as migrated, // because there will not be any data to migrate. diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index ba562c92948d..dea49a8e9f79 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1501,6 +1501,19 @@ var XPIStates = { continue; } + // Uninstall HTTPS Everywhere if it is installed in the user profile. + if ( + id === "https-everywhere-eff(a)eff.org" && + loc.name === KEY_APP_PROFILE + ) { + logger.debug( + "Uninstalling the HTTPS Everywhere extension from user profile." + ); + loc.installer.uninstallAddon(id); + changed = true; + continue; + } + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 30605: Honor privacy.spoof_english in Android
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 586c43d01e9896dacb3dd18a158f08733bc95001 Author: Alex Catarineu <acat(a)torproject.org> Date: Fri Oct 16 10:45:17 2020 +0200 Bug 30605: Honor privacy.spoof_english in Android This checks `privacy.spoof_english` whenever `setLocales` is called from Fenix side and sets `intl.accept_languages` accordingly. --- mobile/android/components/geckoview/GeckoViewStartup.jsm | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mobile/android/components/geckoview/GeckoViewStartup.jsm b/mobile/android/components/geckoview/GeckoViewStartup.jsm index 055c3da638e1..2bf394f2cb3b 100644 --- a/mobile/android/components/geckoview/GeckoViewStartup.jsm +++ b/mobile/android/components/geckoview/GeckoViewStartup.jsm @@ -17,6 +17,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { EventDispatcher: "resource://gre/modules/Messaging.jsm", Preferences: "resource://gre/modules/Preferences.jsm", Services: "resource://gre/modules/Services.jsm", + RFPHelper: "resource://gre/modules/RFPHelper.jsm", }); const { debug, warn } = GeckoViewUtils.initLogging("Startup"); @@ -255,6 +256,10 @@ class GeckoViewStartup { if (aData.requestedLocales) { Services.locale.requestedLocales = aData.requestedLocales; } + RFPHelper._handleSpoofEnglishChanged(); + if (Services.prefs.getIntPref("privacy.spoof_english", 0) === 2) { + break; + } const pls = Cc["@mozilla.org/pref-localizedstring;1"].createInstance( Ci.nsIPrefLocalizedString );

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40198: Expose privacy.spoof_english pref in GeckoView
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 9c554b98ec1064c129b6dd9bcf379d006e44e046 Author: Alex Catarineu <acat(a)torproject.org> Date: Sun Oct 18 17:06:04 2020 +0200 Bug 40198: Expose privacy.spoof_english pref in GeckoView --- mobile/android/geckoview/api.txt | 3 ++ .../mozilla/geckoview/GeckoRuntimeSettings.java | 33 ++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt index f9f0c9d14a8a..3335aaffb1fb 100644 --- a/mobile/android/geckoview/api.txt +++ b/mobile/android/geckoview/api.txt @@ -737,6 +737,7 @@ package org.mozilla.geckoview { method public boolean getRemoteDebuggingEnabled(); method @Nullable public GeckoRuntime getRuntime(); method @Nullable public Rect getScreenSizeOverride(); + method public boolean getSpoofEnglish(); method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate(); method public int getTorSecurityLevel(); method public boolean getUseMaxScreenDepth(); @@ -759,6 +760,7 @@ package org.mozilla.geckoview { method @NonNull public GeckoRuntimeSettings setLoginAutofillEnabled(boolean); method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int); method @NonNull public GeckoRuntimeSettings setRemoteDebuggingEnabled(boolean); + method @NonNull public GeckoRuntimeSettings setSpoofEnglish(boolean); method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int); method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean); method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean); @@ -799,6 +801,7 @@ package org.mozilla.geckoview { method @NonNull public GeckoRuntimeSettings.Builder preferredColorScheme(int); method @NonNull public GeckoRuntimeSettings.Builder remoteDebuggingEnabled(boolean); method @NonNull public GeckoRuntimeSettings.Builder screenSizeOverride(int, int); + method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean); method @NonNull public GeckoRuntimeSettings.Builder telemetryDelegate(@NonNull RuntimeTelemetry.Delegate); method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int); method @NonNull public GeckoRuntimeSettings.Builder useMaxScreenDepth(boolean); diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java index d88e296d554a..5b54447cb6e6 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java @@ -483,6 +483,17 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { getSettings().mTorSecurityLevel.set(level); return this; } + + /** + * Sets whether we should spoof locale to English for webpages. + * + * @param flag True if we should spoof locale to English for webpages, false otherwise. + * @return This Builder instance. + */ + public @NonNull Builder spoofEnglish(final boolean flag) { + getSettings().mSpoofEnglish.set(flag ? 2 : 1); + return this; + } } private GeckoRuntime mRuntime; @@ -541,6 +552,8 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { "dom.ipc.processCount", 2); /* package */ final Pref<Integer> mTorSecurityLevel = new Pref<>( "extensions.torbutton.security_slider", 4); + /* package */ final Pref<Integer> mSpoofEnglish = new Pref<>( + "privacy.spoof_english", 0); /* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM; @@ -1319,6 +1332,26 @@ public final class GeckoRuntimeSettings extends RuntimeSettings { return this; } + /** + * Get whether we should spoof locale to English for webpages. + * + * @return Whether we should spoof locale to English for webpages. + */ + public boolean getSpoofEnglish() { + return mSpoofEnglish.get() == 2; + } + + /** + * Set whether we should spoof locale to English for webpages. + * + * @param flag A flag determining whether we should locale to English for webpages. + * @return This GeckoRuntimeSettings instance. + */ + public @NonNull GeckoRuntimeSettings setSpoofEnglish(final boolean flag) { + mSpoofEnglish.commit(flag ? 2 : 1); + return this; + } + @Override // Parcelable public void writeToParcel(final Parcel out, final int flags) { super.writeToParcel(out, flags);

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit eaa58a17f5eb72c2c3b3d53bd2dad3a514c7dacf Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Tue Jul 14 11:15:07 2020 -0400 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. --- browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++ browser/components/aboutlogins/content/aboutLogins.css | 8 +++++++- browser/components/aboutlogins/content/aboutLogins.js | 6 ++++++ .../aboutlogins/content/components/fxaccounts-button.css | 5 +++++ .../components/aboutlogins/content/components/menu-button.css | 10 ++++++++++ 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm index db0b55d26abc..39fd2356ce99 100644 --- a/browser/components/aboutlogins/AboutLoginsParent.jsm +++ b/browser/components/aboutlogins/AboutLoginsParent.jsm @@ -61,6 +61,7 @@ XPCOMUtils.defineLazyGetter(this, "AboutLoginsL10n", () => { const ABOUT_LOGINS_ORIGIN = "about:logins"; const MASTER_PASSWORD_NOTIFICATION_ID = "master-password-login-required"; +const NOCERTDB_PREF = "security.nocertdb"; // about:logins will always use the privileged content process, // even if it is disabled for other consumers such as about:newtab. @@ -273,6 +274,7 @@ class AboutLoginsParent extends JSWindowActorParent { importVisible: Services.policies.isAllowed("profileImport") && AppConstants.platform != "linux", + canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false), }); await AboutLogins._sendAllLoginRelatedObjects( diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css index e3528ca49b84..eaa224178487 100644 --- a/browser/components/aboutlogins/content/aboutLogins.css +++ b/browser/components/aboutlogins/content/aboutLogins.css @@ -69,6 +69,11 @@ login-item { grid-area: login; } +/* Do not promote Mozilla Sync in Tor Browser. */ +login-intro { + display: none !important; +} + #branding-logo { flex-basis: var(--sidebar-width); flex-shrink: 0; @@ -83,7 +88,8 @@ login-item { } } -:root:not(.official-branding) #branding-logo { +/* Hide "Firefox LockWise" branding in Tor Browser. */ +#branding-logo { visibility: hidden; } diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js index 494ef5c7a15b..27ff0295f2f6 100644 --- a/browser/components/aboutlogins/content/aboutLogins.js +++ b/browser/components/aboutlogins/content/aboutLogins.js @@ -22,6 +22,9 @@ const gElements = { ".menuitem-remove-all-logins" ); }, + get createNewLoginButton() { + return this.loginList.shadowRoot.querySelector(".create-login-button"); + }, }; let numberOfLogins = 0; @@ -128,6 +131,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); + if (!event.detail.value.canCreateLogins) { + gElements.createNewLoginButton.disabled = true; + } break; } case "ShowLoginItemError": { diff --git a/browser/components/aboutlogins/content/components/fxaccounts-button.css b/browser/components/aboutlogins/content/components/fxaccounts-button.css index c8925f6fc75d..55c2a8810fa1 100644 --- a/browser/components/aboutlogins/content/components/fxaccounts-button.css +++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css @@ -8,6 +8,11 @@ align-items: center; } +/* Do not promote Mozilla Sync in Tor Browser. */ +.logged-out-view { + display: none !important; +} + .fxaccounts-extra-text { /* Only show at most 3 lines of text to limit the text from overflowing the header. */ diff --git a/browser/components/aboutlogins/content/components/menu-button.css b/browser/components/aboutlogins/content/components/menu-button.css index 99ca6a711093..24cdb48773f9 100644 --- a/browser/components/aboutlogins/content/components/menu-button.css +++ b/browser/components/aboutlogins/content/components/menu-button.css @@ -92,3 +92,13 @@ .menuitem-preferences { background-image: url("chrome://global/skin/icons/settings.svg"); } + +/* + * Do not promote LockWise mobile apps in Tor Browser: hide the menu items + * and the separator line that precedes them. + */ +.menuitem-mobile-android, +.menuitem-mobile-ios, +button[data-event-name="AboutLoginsGetHelp"] + hr { + display: none !important; +}

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Bug 40597: Implement TorSettings module
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit dd142c5a83dbee21d4e060bad404e8f20a9e30ab Author: Richard Pospesel <richard(a)torproject.org> Date: Fri Aug 6 16:39:03 2021 +0200 Bug 40597: Implement TorSettings module - migrated in-page settings read/write implementation from about:preferences#tor to the TorSettings module - TorSettings initially loads settings from the tor daemon, and saves them to firefox prefs - TorSettings notifies observers when a setting has changed; currently only QuickStart notification is implemented for parity with previous preference notify logic in about:torconnect and about:preferences#tor - about:preferences#tor, and about:torconnect now read and write settings thorugh the TorSettings module - all tor settings live in the torbrowser.settings.* preference branch - removed unused pref modify permission for about:torconnect content page from AsyncPrefs.jsm --- browser/components/torconnect/TorConnectParent.jsm | 25 +- .../torpreferences/content/parseFunctions.jsm | 89 --- .../torpreferences/content/torBridgeSettings.jsm | 325 -------- .../torpreferences/content/torFirewallSettings.jsm | 72 -- .../components/torpreferences/content/torPane.js | 301 ++++---- .../torpreferences/content/torProxySettings.jsm | 245 ------- browser/components/torpreferences/jar.mn | 12 +- browser/modules/TorConnect.jsm | 47 +- browser/modules/TorSettings.jsm | 814 +++++++++++++++++++++ browser/modules/moz.build | 1 + .../processsingleton/MainProcessSingleton.jsm | 5 + toolkit/modules/AsyncPrefs.jsm | 1 - 12 files changed, 989 insertions(+), 948 deletions(-) diff --git a/browser/components/torconnect/TorConnectParent.jsm b/browser/components/torconnect/TorConnectParent.jsm index 526c588a423e..2fbc2a5c7c7c 100644 --- a/browser/components/torconnect/TorConnectParent.jsm +++ b/browser/components/torconnect/TorConnectParent.jsm @@ -7,10 +7,9 @@ const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import( "resource:///modules/TorConnect.jsm" ); - -const TorLauncherPrefs = Object.freeze({ - quickstart: "extensions.torlauncher.quickstart", -}); +const { TorSettings, TorSettingsTopics, TorSettingsData } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); /* This object is basically a marshalling interface between the TorConnect module @@ -31,7 +30,7 @@ class TorConnectParent extends JSWindowActorParent { BootstrapProgress: TorConnect.bootstrapProgress, BootstrapStatus: TorConnect.bootstrapStatus, ShowCopyLog: TorConnect.logHasWarningOrError, - QuickStartEnabled: Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false), + QuickStartEnabled: TorSettings.quickstart.enabled, }; // JSWindowActiveParent derived objects cannot observe directly, so create a member @@ -78,9 +77,12 @@ class TorConnectParent extends JSWindowActorParent { // TODO: handle break; } - case "nsPref:changed": { - if (aData === TorLauncherPrefs.quickstart) { - self.state.QuickStartEnabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); + case TorSettingsTopics.SettingChanged:{ + if (aData === TorSettingsData.QuickStartEnabled) { + self.state.QuickStartEnabled = obj.value; + } else { + // this isn't a setting torconnect cares about + return; } break; } @@ -98,7 +100,7 @@ class TorConnectParent extends JSWindowActorParent { const topic = TorConnectTopics[key]; Services.obs.addObserver(this.torConnectObserver, topic); } - Services.prefs.addObserver(TorLauncherPrefs.quickstart, this.torConnectObserver); + Services.obs.addObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged); } willDestroy() { @@ -107,13 +109,14 @@ class TorConnectParent extends JSWindowActorParent { const topic = TorConnectTopics[key]; Services.obs.removeObserver(this.torConnectObserver, topic); } - Services.prefs.removeObserver(TorLauncherPrefs.quickstart, this.torConnectObserver); + Services.obs.removeObserver(this.torConnectObserver, TorSettingsTopics.SettingChanged); } receiveMessage(message) { switch (message.name) { case "torconnect:set-quickstart": - Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, message.data); + TorSettings.quickstart.enabled = message.data; + TorSettings.saveToPrefs().applySettings(); break; case "torconnect:open-tor-preferences": TorConnect.openTorPreferences(); diff --git a/browser/components/torpreferences/content/parseFunctions.jsm b/browser/components/torpreferences/content/parseFunctions.jsm deleted file mode 100644 index 954759de63a5..000000000000 --- a/browser/components/torpreferences/content/parseFunctions.jsm +++ /dev/null @@ -1,89 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "parsePort", - "parseAddrPort", - "parseUsernamePassword", - "parseAddrPortList", - "parseBridgeStrings", - "parsePortList", -]; - -// expects a string representation of an integer from 1 to 65535 -let parsePort = function(aPort) { - // ensure port string is a valid positive integer - const validIntRegex = /^[0-9]+$/; - if (!validIntRegex.test(aPort)) { - throw new Error(`Invalid PORT string : '${aPort}'`); - } - - // ensure port value is on valid range - let port = Number.parseInt(aPort); - if (port < 1 || port > 65535) { - throw new Error( - `Invalid PORT value, needs to be on range [1,65535] : '${port}'` - ); - } - - return port; -}; -// expects a string in the format: "ADDRESS:PORT" -let parseAddrPort = function(aAddrColonPort) { - let tokens = aAddrColonPort.split(":"); - if (tokens.length != 2) { - throw new Error(`Invalid ADDRESS:PORT string : '${aAddrColonPort}'`); - } - let address = tokens[0]; - let port = parsePort(tokens[1]); - return [address, port]; -}; - -// expects a string in the format: "USERNAME:PASSWORD" -// split on the first colon and any subsequent go into password -let parseUsernamePassword = function(aUsernameColonPassword) { - let colonIndex = aUsernameColonPassword.indexOf(":"); - if (colonIndex < 0) { - // we don't log the contents of the potentially password containing string - throw new Error("Invalid USERNAME:PASSWORD string"); - } - - let username = aUsernameColonPassword.substring(0, colonIndex); - let password = aUsernameColonPassword.substring(colonIndex + 1); - - return [username, password]; -}; - -// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,... -// returns array of ports (as ints) -let parseAddrPortList = function(aAddrPortList) { - let addrPorts = aAddrPortList.split(","); - // parse ADDRESS:PORT string and only keep the port (second element in returned array) - let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]); - return retval; -}; - -// expects a '/n' or '/r/n' delimited bridge string, which we split and trim -// each bridge string can also optionally have 'bridge' at the beginning ie: -// bridge $(type) $(address):$(port) $(certificate) -// we strip out the 'bridge' prefix here -let parseBridgeStrings = function(aBridgeStrings) { - - // replace carriage returns ('\r') with new lines ('\n') - aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n"); - // then replace contiguous new lines ('\n') with a single one - aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n"); - - // split on the newline and for each bridge string: trim, remove starting 'bridge' string - // finally discard entries that are empty strings; empty strings could occur if we receive - // a new line containing only whitespace - let splitStrings = aBridgeStrings.split("\n"); - return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, "")) - .filter(bridgeString => bridgeString != ""); -}; - -// expecting a ',' delimited list of ints with possible white space between -// returns an array of ints -let parsePortList = function(aPortListString) { - let splitStrings = aPortListString.split(","); - return splitStrings.map(val => parsePort(val.trim())); -}; diff --git a/browser/components/torpreferences/content/torBridgeSettings.jsm b/browser/components/torpreferences/content/torBridgeSettings.jsm deleted file mode 100644 index ceb61d3ec972..000000000000 --- a/browser/components/torpreferences/content/torBridgeSettings.jsm +++ /dev/null @@ -1,325 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorBridgeSource", - "TorBridgeSettings", - "makeTorBridgeSettingsNone", - "makeTorBridgeSettingsBuiltin", - "makeTorBridgeSettingsBridgeDB", - "makeTorBridgeSettingsUserProvided", -]; - -const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); - -const TorBridgeSource = { - NONE: "NONE", - BUILTIN: "BUILTIN", - BRIDGEDB: "BRIDGEDB", - USERPROVIDED: "USERPROVIDED", -}; - -class TorBridgeSettings { - constructor() { - this._bridgeSource = TorBridgeSource.NONE; - this._selectedDefaultBridgeType = null; - this._bridgeStrings = []; - } - - get selectedDefaultBridgeType() { - if (this._bridgeSource == TorBridgeSource.BUILTIN) { - return this._selectedDefaultBridgeType; - } - return undefined; - } - - get bridgeSource() { - return this._bridgeSource; - } - - // for display - get bridgeStrings() { - return this._bridgeStrings.join("\n"); - } - - // raw - get bridgeStringsArray() { - return this._bridgeStrings; - } - - static get defaultBridgeTypes() { - if (TorBridgeSettings._defaultBridgeTypes) { - return TorBridgeSettings._defaultBridgeTypes; - } - - let bridgeListBranch = Services.prefs.getBranch( - TorStrings.preferenceBranches.defaultBridge - ); - let bridgePrefs = bridgeListBranch.getChildList("", {}); - - // an unordered set for shoving bridge types into - let bridgeTypes = new Set(); - // look for keys ending in ".N" and treat string before that as the bridge type - const pattern = /\.[0-9]+$/; - for (const key of bridgePrefs) { - const offset = key.search(pattern); - if (offset != -1) { - const bt = key.substring(0, offset); - bridgeTypes.add(bt); - } - } - - // recommended bridge type goes first in the list - let recommendedBridgeType = Services.prefs.getCharPref( - TorStrings.preferenceKeys.recommendedBridgeType, - null - ); - - let retval = []; - if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) { - retval.push(recommendedBridgeType); - } - - for (const bridgeType of bridgeTypes.values()) { - if (bridgeType != recommendedBridgeType) { - retval.push(bridgeType); - } - } - - // cache off - TorBridgeSettings._defaultBridgeTypes = retval; - return retval; - } - - _readDefaultBridges(aBridgeType) { - let bridgeBranch = Services.prefs.getBranch( - TorStrings.preferenceBranches.defaultBridge - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - - let retval = []; - - // regex matches against strings ending in ".N" where N is a positive integer - let pattern = /\.[0-9]+$/; - for (const key of bridgeBranchPrefs) { - // verify the location of the match is the correct offset required for aBridgeType - // to fit, and that the string begins with aBridgeType - if ( - key.search(pattern) == aBridgeType.length && - key.startsWith(aBridgeType) - ) { - let bridgeStr = bridgeBranch.getCharPref(key); - retval.push(bridgeStr); - } - } - - // fisher-yates shuffle - // shuffle so that Tor Browser users don't all try the built-in bridges in the same order - for (let i = retval.length - 1; i > 0; --i) { - // number n such that 0.0 <= n < 1.0 - const n = Math.random(); - // integer j such that 0 <= j <= i - const j = Math.floor(n * (i + 1)); - - // swap values at indices i and j - const tmp = retval[i]; - retval[i] = retval[j]; - retval[j] = tmp; - } - - return retval; - } - - _readBridgeDBBridges() { - let bridgeBranch = Services.prefs.getBranch( - `${TorStrings.preferenceBranches.bridgeDBBridges}` - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - // the child prefs do not come in any particular order so sort the keys - // so the values can be compared to what we get out off torrc - bridgeBranchPrefs.sort(); - - // just assume all of the prefs under the parent point to valid bridge string - let retval = bridgeBranchPrefs.map(key => - bridgeBranch.getCharPref(key).trim() - ); - - return retval; - } - - _readTorrcBridges() { - let bridgeList = TorProtocolService.readStringArraySetting( - TorStrings.configKeys.bridgeList - ); - - let retval = []; - for (const line of bridgeList) { - let trimmedLine = line.trim(); - if (trimmedLine) { - retval.push(trimmedLine); - } - } - - return retval; - } - - // analagous to initBridgeSettings() - readSettings() { - // restore to defaults - this._bridgeSource = TorBridgeSource.NONE; - this._selectedDefaultBridgeType = null; - this._bridgeStrings = []; - - // So the way tor-launcher determines the origin of the configured bridges is a bit - // weird and depends on inferring our scenario based on some firefox prefs and the - // relationship between the saved list of bridges in about:config vs the list saved in torrc - - // first off, if "extensions.torlauncher.default_bridge_type" is set to one of our - // builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the - // bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type) - - // next, we compare the list of bridges saved in torrc to the bridges stored in the - // "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume - // the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know - // we have no bridge settings - - // finally, if none of the previous conditions are not met, it is assumed the bridges stored in - // torrc are user-provided - - // what we should(?) do once we excise tor-launcher entirely is explicitly store an int/enum in - // about:config that tells us which scenario we are in so we don't have to guess - - let defaultBridgeType = Services.prefs.getCharPref( - TorStrings.preferenceKeys.defaultBridgeType, - null - ); - - // check if source is BUILTIN - if (defaultBridgeType) { - this._bridgeStrings = this._readDefaultBridges(defaultBridgeType); - this._bridgeSource = TorBridgeSource.BUILTIN; - this._selectedDefaultBridgeType = defaultBridgeType; - return; - } - - let torrcBridges = this._readTorrcBridges(); - - // no stored bridges means no bridge is in use - if (torrcBridges.length == 0) { - this._bridgeStrings = []; - this._bridgeSource = TorBridgeSource.NONE; - return; - } - - let bridgedbBridges = this._readBridgeDBBridges(); - - // if these two lists are equal then we got our bridges from bridgedb - // ie: same element in identical order - let arraysEqual = (left, right) => { - if (left.length != right.length) { - return false; - } - const length = left.length; - for (let i = 0; i < length; ++i) { - if (left[i] != right[i]) { - return false; - } - } - return true; - }; - - // agreement between prefs and torrc means bridgedb bridges - if (arraysEqual(torrcBridges, bridgedbBridges)) { - this._bridgeStrings = torrcBridges; - this._bridgeSource = TorBridgeSource.BRIDGEDB; - return; - } - - // otherwise they must be user provided - this._bridgeStrings = torrcBridges; - this._bridgeSource = TorBridgeSource.USERPROVIDED; - } - - writeSettings() { - let settingsObject = new Map(); - - // init tor bridge settings to null - settingsObject.set(TorStrings.configKeys.useBridges, null); - settingsObject.set(TorStrings.configKeys.bridgeList, null); - - // clear bridge related firefox prefs - Services.prefs.setCharPref(TorStrings.preferenceKeys.defaultBridgeType, ""); - let bridgeBranch = Services.prefs.getBranch( - `${TorStrings.preferenceBranches.bridgeDBBridges}` - ); - let bridgeBranchPrefs = bridgeBranch.getChildList("", {}); - for (const pref of bridgeBranchPrefs) { - Services.prefs.clearUserPref( - `${TorStrings.preferenceBranches.bridgeDBBridges}${pref}` - ); - } - - switch (this._bridgeSource) { - case TorBridgeSource.BUILTIN: - // set builtin bridge type to use in prefs - Services.prefs.setCharPref( - TorStrings.preferenceKeys.defaultBridgeType, - this._selectedDefaultBridgeType - ); - break; - case TorBridgeSource.BRIDGEDB: - // save bridges off to prefs - for (let i = 0; i < this.bridgeStringsArray.length; ++i) { - Services.prefs.setCharPref( - `${TorStrings.preferenceBranches.bridgeDBBridges}${i}`, - this.bridgeStringsArray[i] - ); - } - break; - } - - // write over our bridge list if bridges are enabled - if (this._bridgeSource != TorBridgeSource.NONE) { - settingsObject.set(TorStrings.configKeys.useBridges, true); - settingsObject.set( - TorStrings.configKeys.bridgeList, - this.bridgeStringsArray - ); - } - TorProtocolService.writeSettings(settingsObject); - } -} - -function makeTorBridgeSettingsNone() { - return new TorBridgeSettings(); -} - -function makeTorBridgeSettingsBuiltin(aBridgeType) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.BUILTIN; - retval._selectedDefaultBridgeType = aBridgeType; - retval._bridgeStrings = retval._readDefaultBridges(aBridgeType); - - return retval; -} - -function makeTorBridgeSettingsBridgeDB(aBridges) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.BRIDGEDB; - retval._selectedDefaultBridgeType = null; - retval._bridgeStrings = aBridges; - - return retval; -} - -function makeTorBridgeSettingsUserProvided(aBridges) { - let retval = new TorBridgeSettings(); - retval._bridgeSource = TorBridgeSource.USERPROVIDED; - retval._selectedDefaultBridgeType = null; - retval._bridgeStrings = aBridges; - - return retval; -} diff --git a/browser/components/torpreferences/content/torFirewallSettings.jsm b/browser/components/torpreferences/content/torFirewallSettings.jsm deleted file mode 100644 index e77f18ef2fae..000000000000 --- a/browser/components/torpreferences/content/torFirewallSettings.jsm +++ /dev/null @@ -1,72 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorFirewallSettings", - "makeTorFirewallSettingsNone", - "makeTorFirewallSettingsCustom", -]; - -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); -const { parseAddrPortList } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -class TorFirewallSettings { - constructor() { - this._allowedPorts = []; - } - - get portsConfigurationString() { - let portStrings = this._allowedPorts.map(port => `*:${port}`); - return portStrings.join(","); - } - - get commaSeparatedListString() { - return this._allowedPorts.join(","); - } - - get hasPorts() { - return this._allowedPorts.length > 0; - } - - readSettings() { - let addressPortList = TorProtocolService.readStringSetting( - TorStrings.configKeys.reachableAddresses - ); - - let allowedPorts = []; - if (addressPortList) { - allowedPorts = parseAddrPortList(addressPortList); - } - this._allowedPorts = allowedPorts; - } - - writeSettings() { - let settingsObject = new Map(); - - // init to null so Tor daemon resets if no ports - settingsObject.set(TorStrings.configKeys.reachableAddresses, null); - - if (this._allowedPorts.length > 0) { - settingsObject.set( - TorStrings.configKeys.reachableAddresses, - this.portsConfigurationString - ); - } - - TorProtocolService.writeSettings(settingsObject); - } -} - -function makeTorFirewallSettingsNone() { - return new TorFirewallSettings(); -} - -function makeTorFirewallSettingsCustom(aPortsList) { - let retval = new TorFirewallSettings(); - retval._allowedPorts = aPortsList; - return retval; -} diff --git a/browser/components/torpreferences/content/torPane.js b/browser/components/torpreferences/content/torPane.js index 1f169cbe1a55..6905cbe473ac 100644 --- a/browser/components/torpreferences/content/torPane.js +++ b/browser/components/torpreferences/content/torPane.js @@ -2,6 +2,10 @@ /* global Services */ +const { TorSettings, TorSettingsTopics, TorSettingsData, TorBridgeSource, TorBuiltinBridgeTypes, TorProxyType } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); + const { TorProtocolService } = ChromeUtils.import( "resource:///modules/TorProtocolService.jsm" ); @@ -10,35 +14,6 @@ const { TorConnect, TorConnectTopics, TorConnectState } = ChromeUtils.import( "resource:///modules/TorConnect.jsm" ); -const { - TorBridgeSource, - TorBridgeSettings, - makeTorBridgeSettingsNone, - makeTorBridgeSettingsBuiltin, - makeTorBridgeSettingsBridgeDB, - makeTorBridgeSettingsUserProvided, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torBridgeSettings.jsm" -); - -const { - TorProxyType, - TorProxySettings, - makeTorProxySettingsNone, - makeTorProxySettingsSocks4, - makeTorProxySettingsSocks5, - makeTorProxySettingsHTTPS, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torProxySettings.jsm" -); -const { - TorFirewallSettings, - makeTorFirewallSettingsNone, - makeTorFirewallSettingsCustom, -} = ChromeUtils.import( - "chrome://browser/content/torpreferences/torFirewallSettings.jsm" -); - const { TorLogDialog } = ChromeUtils.import( "chrome://browser/content/torpreferences/torLogDialog.jsm" ); @@ -53,14 +28,6 @@ ChromeUtils.defineModuleGetter( "resource:///modules/TorStrings.jsm" ); -const { parsePort, parseBridgeStrings, parsePortList } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -const TorLauncherPrefs = { - quickstart: "extensions.torlauncher.quickstart", -} - /* Tor Pane @@ -261,10 +228,11 @@ const gTorPane = (function() { ); this._enableQuickstartCheckbox.addEventListener("command", e => { const checked = this._enableQuickstartCheckbox.checked; - Services.prefs.setBoolPref(TorLauncherPrefs.quickstart, checked); + TorSettings.quickstart.enabled = checked; + TorSettings.saveToPrefs().applySettings(); }); - this._enableQuickstartCheckbox.checked = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart); - Services.prefs.addObserver(TorLauncherPrefs.quickstart, this); + this._enableQuickstartCheckbox.checked = TorSettings.quickstart.enabled; + Services.obs.addObserver(this, TorSettingsTopics.SettingChanged); // Bridge setup prefpane.querySelector(selectors.bridges.header).innerText = @@ -291,7 +259,7 @@ const gTorPane = (function() { this._bridgeSelectionRadiogroup = prefpane.querySelector( selectors.bridges.bridgeSelectionRadiogroup ); - this._bridgeSelectionRadiogroup.value = TorBridgeSource.BUILTIN; + this._bridgeSelectionRadiogroup.value = TorBridgeSource.BuiltIn; this._bridgeSelectionRadiogroup.addEventListener("command", e => { const value = this._bridgeSelectionRadiogroup.value; gTorPane.onSelectBridgeOption(value).onUpdateBridgeSettings(); @@ -305,7 +273,7 @@ const gTorPane = (function() { "label", TorStrings.settings.selectBridge ); - this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BUILTIN); + this._builtinBridgeOption.setAttribute("value", TorBridgeSource.BuiltIn); this._builtinBridgeMenulist = prefpane.querySelector( selectors.bridges.builtinBridgeList ); @@ -321,7 +289,7 @@ const gTorPane = (function() { "label", TorStrings.settings.requestBridgeFromTorProject ); - this._requestBridgeOption.setAttribute("value", TorBridgeSource.BRIDGEDB); + this._requestBridgeOption.setAttribute("value", TorBridgeSource.BridgeDB); this._requestBridgeButton = prefpane.querySelector( selectors.bridges.requestBridgeButton ); @@ -346,7 +314,7 @@ const gTorPane = (function() { ); this._provideBridgeOption.setAttribute( "value", - TorBridgeSource.USERPROVIDED + TorBridgeSource.UserProvided ); prefpane.querySelector( selectors.bridges.provideBridgeDescription @@ -395,11 +363,11 @@ const gTorPane = (function() { let mockProxies = [ { - value: TorProxyType.SOCKS4, + value: TorProxyType.Socks4, label: TorStrings.settings.proxyTypeSOCKS4, }, { - value: TorProxyType.SOCKS5, + value: TorProxyType.Socks5, label: TorStrings.settings.proxyTypeSOCKS5, }, { value: TorProxyType.HTTPS, label: TorStrings.settings.proxyTypeHTTP }, @@ -550,12 +518,8 @@ const gTorPane = (function() { true ); - // load bridge settings - let torBridgeSettings = new TorBridgeSettings(); - torBridgeSettings.readSettings(); - - // populate the bridge list - for (let currentBridge of TorBridgeSettings.defaultBridgeTypes) { + // init bridge UI + for (let currentBridge of TorBuiltinBridgeTypes) { let menuEntry = document.createXULElement("menuitem"); menuEntry.setAttribute("value", currentBridge); menuEntry.setAttribute("label", currentBridge); @@ -564,53 +528,41 @@ const gTorPane = (function() { .appendChild(menuEntry); } - this.onSelectBridgeOption(torBridgeSettings.bridgeSource); - this.onToggleBridge( - torBridgeSettings.bridgeSource != TorBridgeSource.NONE - ); - switch (torBridgeSettings.bridgeSource) { - case TorBridgeSource.NONE: - break; - case TorBridgeSource.BUILTIN: - this._builtinBridgeMenulist.value = - torBridgeSettings.selectedDefaultBridgeType; - break; - case TorBridgeSource.BRIDGEDB: - this._requestBridgeTextarea.value = torBridgeSettings.bridgeStrings; - break; - case TorBridgeSource.USERPROVIDED: - this._provideBridgeTextarea.value = torBridgeSettings.bridgeStrings; - break; + if (TorSettings.bridges.enabled) { + this.onSelectBridgeOption(TorSettings.bridges.source); + this.onToggleBridge( + TorSettings.bridges.source != TorBridgeSource.Invalid + ); + switch (TorSettings.bridges.source) { + case TorBridgeSource.Invalid: + break; + case TorBridgeSource.BuiltIn: + this._builtinBridgeMenulist.value = TorSettings.bridges.builtin_type; + break; + case TorBridgeSource.BridgeDB: + this._requestBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n"); + break; + case TorBridgeSource.UserProvided: + this._provideBridgeTextarea.value = TorSettings.bridges.bridge_strings.join("\n"); + break; + } } - this._bridgeSettings = torBridgeSettings; - - // load proxy settings - let torProxySettings = new TorProxySettings(); - torProxySettings.readSettings(); - - if (torProxySettings.type != TorProxyType.NONE) { + // init proxy UI + if (TorSettings.proxy.enabled) { this.onToggleProxy(true); - this.onSelectProxyType(torProxySettings.type); - this._proxyAddressTextbox.value = torProxySettings.address; - this._proxyPortTextbox.value = torProxySettings.port; - this._proxyUsernameTextbox.value = torProxySettings.username; - this._proxyPasswordTextbox.value = torProxySettings.password; + this.onSelectProxyType(TorSettings.proxy.type); + this._proxyAddressTextbox.value = TorSettings.proxy.address; + this._proxyPortTextbox.value = TorSettings.proxy.port; + this._proxyUsernameTextbox.value = TorSettings.proxy.username; + this._proxyPasswordTextbox.value = TorSettings.proxy.password; } - this._proxySettings = torProxySettings; - - // load firewall settings - let torFirewallSettings = new TorFirewallSettings(); - torFirewallSettings.readSettings(); - - if (torFirewallSettings.hasPorts) { + // init firewall + if (TorSettings.firewall.enabled) { this.onToggleFirewall(true); - this._allowedPortsTextbox.value = - torFirewallSettings.commaSeparatedListString; + this._allowedPortsTextbox.value = TorSettings.firewall.allowed_ports.join(", "); } - - this._firewallSettings = torFirewallSettings; }, init() { @@ -683,13 +635,17 @@ const gTorPane = (function() { if (enabled) { this.onSelectBridgeOption(this._bridgeSelectionRadiogroup.value); } else { - this.onSelectBridgeOption(TorBridgeSource.NONE); + this.onSelectBridgeOption(TorBridgeSource.Invalid); } return this; }, // callback when a bridge option is selected onSelectBridgeOption(source) { + if (typeof source === "string") { + source = parseInt(source); + } + // disable all of the bridge elements under radio buttons this._setElementsDisabled( [ @@ -701,23 +657,23 @@ const gTorPane = (function() { true ); - if (source != TorBridgeSource.NONE) { + if (source != TorBridgeSource.Invalid) { this._bridgeSelectionRadiogroup.value = source; } switch (source) { - case TorBridgeSource.BUILTIN: { + case TorBridgeSource.BuiltIn: { this._setElementsDisabled([this._builtinBridgeMenulist], false); break; } - case TorBridgeSource.BRIDGEDB: { + case TorBridgeSource.BridgeDB: { this._setElementsDisabled( [this._requestBridgeButton, this._requestBridgeTextarea], false ); break; } - case TorBridgeSource.USERPROVIDED: { + case TorBridgeSource.UserProvided: { this._setElementsDisabled([this._provideBridgeTextarea], false); break; } @@ -730,14 +686,17 @@ const gTorPane = (function() { let requestBridgeDialog = new RequestBridgeDialog(); requestBridgeDialog.openDialog( gSubDialog, - this._proxySettings.proxyURI, + TorSettings.proxy.uri, aBridges => { if (aBridges.length > 0) { - let bridgeSettings = makeTorBridgeSettingsBridgeDB(aBridges); - bridgeSettings.writeSettings(); - this._bridgeSettings = bridgeSettings; - - this._requestBridgeTextarea.value = bridgeSettings.bridgeStrings; + let bridgeStrings = aBridges.join("\n"); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BridgeDB; + TorSettings.bridges.bridge_strings = bridgeStrings; + TorSettings.saveToPrefs(); + TorSettings.applySettings().then((result) => { + this._requestBridgeTextarea.value = bridgeStrings; + }); } } ); @@ -746,53 +705,56 @@ const gTorPane = (function() { // pushes bridge settings from UI to tor onUpdateBridgeSettings() { - let bridgeSettings = null; - let source = this._useBridgeCheckbox.checked - ? this._bridgeSelectionRadiogroup.value - : TorBridgeSource.NONE; + ? parseInt(this._bridgeSelectionRadiogroup.value) + : TorBridgeSource.Invalid; + switch (source) { - case TorBridgeSource.NONE: { - bridgeSettings = makeTorBridgeSettingsNone(); - break; + case TorBridgeSource.Invalid: { + TorSettings.bridges.enabled = false; } - case TorBridgeSource.BUILTIN: { + break; + case TorBridgeSource.BuiltIn: { // if there is a built-in bridge already selected, use that let bridgeType = this._builtinBridgeMenulist.value; + console.log(`bridge type: ${bridgeType}`); if (bridgeType) { - bridgeSettings = makeTorBridgeSettingsBuiltin(bridgeType); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BuiltIn; + TorSettings.bridges.builtin_type = bridgeType; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } - case TorBridgeSource.BRIDGEDB: { + case TorBridgeSource.BridgeDB: { // if there are bridgedb bridges saved in the text area, use them let bridgeStrings = this._requestBridgeTextarea.value; if (bridgeStrings) { - let bridgeStringList = parseBridgeStrings(bridgeStrings); - bridgeSettings = makeTorBridgeSettingsBridgeDB(bridgeStringList); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.BridgeDB; + TorSettings.bridges.bridge_strings = bridgeStrings; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } - case TorBridgeSource.USERPROVIDED: { + case TorBridgeSource.UserProvided: { // if bridges already exist in the text area, use them let bridgeStrings = this._provideBridgeTextarea.value; if (bridgeStrings) { - let bridgeStringList = parseBridgeStrings(bridgeStrings); - bridgeSettings = makeTorBridgeSettingsUserProvided( - bridgeStringList - ); + TorSettings.bridges.enabled = true; + TorSettings.bridges.source = TorBridgeSource.UserProvided; + TorSettings.bridges.bridge_strings = bridgeStrings; } else { - bridgeSettings = makeTorBridgeSettingsNone(); + TorSettings.bridges.enabled = false; } break; } } - bridgeSettings.writeSettings(); - this._bridgeSettings = bridgeSettings; + TorSettings.saveToPrefs(); + TorSettings.applySettings(); + return this; }, @@ -822,12 +784,13 @@ const gTorPane = (function() { // callback when proxy type is changed onSelectProxyType(value) { - if (value == "") { - value = TorProxyType.NONE; + if (typeof value === "string") { + value = parseInt(value); } + this._proxyTypeMenulist.value = value; switch (value) { - case TorProxyType.NONE: { + case TorProxyType.Invalid: { this._setElementsDisabled( [ this._proxyAddressLabel, @@ -848,7 +811,7 @@ const gTorPane = (function() { this._proxyPasswordTextbox.value = ""; break; } - case TorProxyType.SOCKS4: { + case TorProxyType.Socks4: { this._setElementsDisabled( [ this._proxyAddressLabel, @@ -872,7 +835,7 @@ const gTorPane = (function() { this._proxyPasswordTextbox.value = ""; break; } - case TorProxyType.SOCKS5: + case TorProxyType.Socks5: case TorProxyType.HTTPS: { this._setElementsDisabled( [ @@ -895,46 +858,45 @@ const gTorPane = (function() { // pushes proxy settings from UI to tor onUpdateProxySettings() { - const proxyType = this._useProxyCheckbox.checked - ? this._proxyTypeMenulist.value - : TorProxyType.NONE; - const addressString = this._proxyAddressTextbox.value; - const portString = this._proxyPortTextbox.value; - const usernameString = this._proxyUsernameTextbox.value; - const passwordString = this._proxyPasswordTextbox.value; - - let proxySettings = null; - - switch (proxyType) { - case TorProxyType.NONE: - proxySettings = makeTorProxySettingsNone(); + const type = this._useProxyCheckbox.checked + ? parseInt(this._proxyTypeMenulist.value) + : TorProxyType.Invalid; + const address = this._proxyAddressTextbox.value; + const port = this._proxyPortTextbox.value; + const username = this._proxyUsernameTextbox.value; + const password = this._proxyPasswordTextbox.value; + + switch (type) { + case TorProxyType.Invalid: + TorSettings.proxy.enabled = false; break; - case TorProxyType.SOCKS4: - proxySettings = makeTorProxySettingsSocks4( - addressString, - parsePort(portString) - ); + case TorProxyType.Socks4: + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + break; - case TorProxyType.SOCKS5: - proxySettings = makeTorProxySettingsSocks5( - addressString, - parsePort(portString), - usernameString, - passwordString - ); + case TorProxyType.Socks5: + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + TorSettings.proxy.username = username; + TorSettings.proxy.password = password; break; case TorProxyType.HTTPS: - proxySettings = makeTorProxySettingsHTTPS( - addressString, - parsePort(portString), - usernameString, - passwordString - ); + TorSettings.proxy.enabled = true; + TorSettings.proxy.type = type; + TorSettings.proxy.address = address; + TorSettings.proxy.port = port; + TorSettings.proxy.username = username; + TorSettings.proxy.password = password; break; } + TorSettings.saveToPrefs(); + TorSettings.applySettings(); - proxySettings.writeSettings(); - this._proxySettings = proxySettings; return this; }, @@ -953,21 +915,20 @@ const gTorPane = (function() { // pushes firewall settings from UI to tor onUpdateFirewallSettings() { + let portListString = this._useFirewallCheckbox.checked ? this._allowedPortsTextbox.value : ""; - let firewallSettings = null; if (portListString) { - firewallSettings = makeTorFirewallSettingsCustom( - parsePortList(portListString) - ); + TorSettings.firewall.enabled = true; + TorSettings.firewall.allowed_ports = portListString; } else { - firewallSettings = makeTorFirewallSettingsNone(); + TorSettings.firewall.enabled = false; } + TorSettings.saveToPrefs(); + TorSettings.applySettings(); - firewallSettings.writeSettings(); - this._firewallSettings = firewallSettings; return this; }, diff --git a/browser/components/torpreferences/content/torProxySettings.jsm b/browser/components/torpreferences/content/torProxySettings.jsm deleted file mode 100644 index 98bb5e8d5cbf..000000000000 --- a/browser/components/torpreferences/content/torProxySettings.jsm +++ /dev/null @@ -1,245 +0,0 @@ -"use strict"; - -var EXPORTED_SYMBOLS = [ - "TorProxyType", - "TorProxySettings", - "makeTorProxySettingsNone", - "makeTorProxySettingsSocks4", - "makeTorProxySettingsSocks5", - "makeTorProxySettingsHTTPS", -]; - -const { TorProtocolService } = ChromeUtils.import( - "resource:///modules/TorProtocolService.jsm" -); -const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); -const { parseAddrPort, parseUsernamePassword } = ChromeUtils.import( - "chrome://browser/content/torpreferences/parseFunctions.jsm" -); - -const TorProxyType = { - NONE: "NONE", - SOCKS4: "SOCKS4", - SOCKS5: "SOCKS5", - HTTPS: "HTTPS", -}; - -class TorProxySettings { - constructor() { - this._proxyType = TorProxyType.NONE; - this._proxyAddress = undefined; - this._proxyPort = undefined; - this._proxyUsername = undefined; - this._proxyPassword = undefined; - } - - get type() { - return this._proxyType; - } - get address() { - return this._proxyAddress; - } - get port() { - return this._proxyPort; - } - get username() { - return this._proxyUsername; - } - get password() { - return this._proxyPassword; - } - get proxyURI() { - switch (this._proxyType) { - case TorProxyType.SOCKS4: - return `socks4a://${this._proxyAddress}:${this._proxyPort}`; - case TorProxyType.SOCKS5: - if (this._proxyUsername) { - return `socks5://${this._proxyUsername}:${this._proxyPassword}@${ - this._proxyAddress - }:${this._proxyPort}`; - } - return `socks5://${this._proxyAddress}:${this._proxyPort}`; - case TorProxyType.HTTPS: - if (this._proxyUsername) { - return `http://${this._proxyUsername}:${this._proxyPassword}@${ - this._proxyAddress - }:${this._proxyPort}`; - } - return `http://${this._proxyAddress}:${this._proxyPort}`; - } - return undefined; - } - - // attempts to read proxy settings from Tor daemon - readSettings() { - // SOCKS4 - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks4Proxy - ); - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - - this._proxyType = TorProxyType.SOCKS4; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = ""; - this._proxyPassword = ""; - - return; - } - } - - // SOCKS5 - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5Proxy - ); - - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - // username - let proxyUsername = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5ProxyUsername - ); - // password - let proxyPassword = TorProtocolService.readStringSetting( - TorStrings.configKeys.socks5ProxyPassword - ); - - this._proxyType = TorProxyType.SOCKS5; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = proxyUsername; - this._proxyPassword = proxyPassword; - - return; - } - } - - // HTTP - { - let addressPort = TorProtocolService.readStringSetting( - TorStrings.configKeys.httpsProxy - ); - - if (addressPort) { - // address+port - let [proxyAddress, proxyPort] = parseAddrPort(addressPort); - - // username:password - let proxyAuthenticator = TorProtocolService.readStringSetting( - TorStrings.configKeys.httpsProxyAuthenticator - ); - - let [proxyUsername, proxyPassword] = ["", ""]; - if (proxyAuthenticator) { - [proxyUsername, proxyPassword] = parseUsernamePassword( - proxyAuthenticator - ); - } - - this._proxyType = TorProxyType.HTTPS; - this._proxyAddress = proxyAddress; - this._proxyPort = proxyPort; - this._proxyUsername = proxyUsername; - this._proxyPassword = proxyPassword; - } - } - // no proxy settings - } /* TorProxySettings::ReadFromTor() */ - - // attempts to write proxy settings to Tor daemon - // throws on error - writeSettings() { - let settingsObject = new Map(); - - // init proxy related settings to null so Tor daemon resets them - settingsObject.set(TorStrings.configKeys.socks4Proxy, null); - settingsObject.set(TorStrings.configKeys.socks5Proxy, null); - settingsObject.set(TorStrings.configKeys.socks5ProxyUsername, null); - settingsObject.set(TorStrings.configKeys.socks5ProxyPassword, null); - settingsObject.set(TorStrings.configKeys.httpsProxy, null); - settingsObject.set(TorStrings.configKeys.httpsProxyAuthenticator, null); - - switch (this._proxyType) { - case TorProxyType.SOCKS4: - settingsObject.set( - TorStrings.configKeys.socks4Proxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - break; - case TorProxyType.SOCKS5: - settingsObject.set( - TorStrings.configKeys.socks5Proxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - settingsObject.set( - TorStrings.configKeys.socks5ProxyUsername, - this._proxyUsername - ); - settingsObject.set( - TorStrings.configKeys.socks5ProxyPassword, - this._proxyPassword - ); - break; - case TorProxyType.HTTPS: - settingsObject.set( - TorStrings.configKeys.httpsProxy, - `${this._proxyAddress}:${this._proxyPort}` - ); - settingsObject.set( - TorStrings.configKeys.httpsProxyAuthenticator, - `${this._proxyUsername}:${this._proxyPassword}` - ); - break; - } - - TorProtocolService.writeSettings(settingsObject); - } /* TorProxySettings::WriteToTor() */ -} - -// factory methods for our various supported proxies -function makeTorProxySettingsNone() { - return new TorProxySettings(); -} - -function makeTorProxySettingsSocks4(aProxyAddress, aProxyPort) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.SOCKS4; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - return retval; -} - -function makeTorProxySettingsSocks5( - aProxyAddress, - aProxyPort, - aProxyUsername, - aProxyPassword -) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.SOCKS5; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - retval._proxyUsername = aProxyUsername; - retval._proxyPassword = aProxyPassword; - return retval; -} - -function makeTorProxySettingsHTTPS( - aProxyAddress, - aProxyPort, - aProxyUsername, - aProxyPassword -) { - let retval = new TorProxySettings(); - retval._proxyType = TorProxyType.HTTPS; - retval._proxyAddress = aProxyAddress; - retval._proxyPort = aProxyPort; - retval._proxyUsername = aProxyUsername; - retval._proxyPassword = aProxyPassword; - return retval; -} diff --git a/browser/components/torpreferences/jar.mn b/browser/components/torpreferences/jar.mn index 857bc9ee3eac..552c92b2feff 100644 --- a/browser/components/torpreferences/jar.mn +++ b/browser/components/torpreferences/jar.mn @@ -1,14 +1,10 @@ browser.jar: - content/browser/torpreferences/parseFunctions.jsm (content/parseFunctions.jsm) - content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml) + content/browser/torpreferences/requestBridgeDialog.xhtml (content/requestBridgeDialog.xhtml) content/browser/torpreferences/requestBridgeDialog.jsm (content/requestBridgeDialog.jsm) - content/browser/torpreferences/torBridgeSettings.jsm (content/torBridgeSettings.jsm) - content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml) - content/browser/torpreferences/torFirewallSettings.jsm (content/torFirewallSettings.jsm) + content/browser/torpreferences/torCategory.inc.xhtml (content/torCategory.inc.xhtml) content/browser/torpreferences/torLogDialog.jsm (content/torLogDialog.jsm) - content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml) + content/browser/torpreferences/torLogDialog.xhtml (content/torLogDialog.xhtml) content/browser/torpreferences/torPane.js (content/torPane.js) - content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml) + content/browser/torpreferences/torPane.xhtml (content/torPane.xhtml) content/browser/torpreferences/torPreferences.css (content/torPreferences.css) content/browser/torpreferences/torPreferencesIcon.svg (content/torPreferencesIcon.svg) - content/browser/torpreferences/torProxySettings.jsm (content/torProxySettings.jsm) diff --git a/browser/modules/TorConnect.jsm b/browser/modules/TorConnect.jsm index 19a3f595d490..e7b8b364db86 100644 --- a/browser/modules/TorConnect.jsm +++ b/browser/modules/TorConnect.jsm @@ -18,6 +18,10 @@ const { TorLauncherUtil } = ChromeUtils.import( "resource://torlauncher/modules/tl-util.jsm" ); +const { TorSettings, TorSettingsTopics } = ChromeUtils.import( + "resource:///modules/TorSettings.jsm" +); + /* Browser observer topis */ const BrowserTopics = Object.freeze({ ProfileAfterChange: "profile-after-change", @@ -25,7 +29,6 @@ const BrowserTopics = Object.freeze({ /* tor-launcher observer topics */ const TorTopics = Object.freeze({ - ProcessIsReady: "TorProcessIsReady", BootstrapStatus: "TorBootstrapStatus", BootstrapError: "TorBootstrapError", ProcessExited: "TorProcessExited", @@ -34,7 +37,6 @@ const TorTopics = Object.freeze({ /* Relevant prefs used by tor-launcher */ const TorLauncherPrefs = Object.freeze({ - quickstart: "extensions.torlauncher.quickstart", prompt_at_startup: "extensions.torlauncher.prompt_at_startup", }); @@ -250,38 +252,29 @@ const TorConnect = (() => { // Disabled this.legacyOrSystemTor(); } else { - // register the Tor topics we always care about - for (const topicKey in TorTopics) { - const topic = TorTopics[topicKey]; + let observeTopic = (topic) => { Services.obs.addObserver(this, topic); console.log(`TorConnect: observing topic '${topic}'`); - } + }; - if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) { - if (this.shouldQuickStart) { - // Quickstart - this.beginBootstrap(); - } else { - // Configuring - this.beginConfigure(); - } + // register the Tor topics we always care about + for (const topicKey in TorTopics) { + const topic = TorTopics[topicKey]; + observeTopic(topic); } + observeTopic(TorSettingsTopics.Ready); } - Services.obs.removeObserver(this, topic); break; } - /* Transition out of Initial if Tor daemon wasn't running yet in BrowserTopics.ProfileAfterChange */ - case TorTopics.ProcessIsReady: { - if (this.state === TorConnectState.Initial) - { - if (this.shouldQuickStart) { - // Quickstart - this.beginBootstrap(); - } else { - // Configuring - this.beginConfigure(); - } + /* We need to wait until TorSettings have been loaded and applied before we can Quickstart */ + case TorSettingsTopics.Ready: { + if (this.shouldQuickStart) { + // Quickstart + this.beginBootstrap(); + } else { + // Configuring + this.beginConfigure(); } break; } @@ -342,7 +335,7 @@ const TorConnect = (() => { get shouldQuickStart() { // quickstart must be enabled - return Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false) && + return TorSettings.quickstart.enabled && // and the previous bootstrap attempt must have succeeded !Services.prefs.getBoolPref(TorLauncherPrefs.prompt_at_startup, true); }, diff --git a/browser/modules/TorSettings.jsm b/browser/modules/TorSettings.jsm new file mode 100644 index 000000000000..6d2a6c4a07cf --- /dev/null +++ b/browser/modules/TorSettings.jsm @@ -0,0 +1,814 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorSettings", "TorSettingsTopics", "TorSettingsData", "TorBridgeSource", "TorBuiltinBridgeTypes", "TorProxyType"]; + +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); + +const { TorProtocolService, TorProcessStatus } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + +/* Browser observer topics */ +const BrowserTopics = Object.freeze({ + ProfileAfterChange: "profile-after-change", +}); + +/* tor-launcher observer topics */ +const TorTopics = Object.freeze({ + ProcessIsReady: "TorProcessIsReady", +}); + +/* TorSettings observer topics */ +const TorSettingsTopics = Object.freeze({ + Ready: "torsettings:ready", + SettingChanged: "torsettings:setting-changed", +}); + +/* TorSettings observer data (for SettingChanged topic) */ +const TorSettingsData = Object.freeze({ + QuickStartEnabled : "torsettings:quickstart_enabled", +}); + +/* Prefs used to store settings in TorBrowser prefs */ +const TorSettingsPrefs = Object.freeze({ + /* bool: are we pulling tor settings from the preferences */ + enabled: 'torbrowser.settings.enabled', + quickstart : { + /* bool: does tor connect automatically on launch */ + enabled: 'torbrowser.settings.quickstart.enabled', + }, + bridges : { + /* bool: does tor use bridges */ + enabled : 'torbrowser.settings.bridges.enabled', + /* int: -1=invalid|0=builtin|1=bridge_db|2=user_provided */ + source : 'torbrowser.settings.bridges.source', + /* string: obfs4|meek_azure|snowflake|etc */ + builtin_type : 'torbrowser.settings.bridges.builtin_type', + /* preference branch: each child branch should be a bridge string */ + bridge_strings : 'torbrowser.settings.bridges.bridge_strings', + }, + proxy : { + /* bool: does tor use a proxy */ + enabled : 'torbrowser.settings.proxy.enabled', + /* -1=invalid|0=socks4,1=socks5,2=https */ + type: 'torbrowser.settings.proxy.type', + /* string: proxy server address */ + address: 'torbrowser.settings.proxy.address', + /* int: [1,65535], proxy port */ + port: 'torbrowser.settings.proxy.port', + /* string: username */ + username: 'torbrowser.settings.proxy.username', + /* string: password */ + password: 'torbrowser.settings.proxy.password', + }, + firewall : { + /* bool: does tor have a port allow list */ + enabled: 'torbrowser.settings.firewall.enabled', + /* string: comma-delimitted list of port numbers */ + allowed_ports: 'torbrowser.settings.firewall.allowed_ports', + }, +}); + +/* Legacy tor-launcher prefs and pref branches*/ +const TorLauncherPrefs = Object.freeze({ + quickstart: "extensions.torlauncher.quickstart", + default_bridge_type: "extensions.torlauncher.default_bridge_type", + default_bridge: "extensions.torlauncher.default_bridge.", + default_bridge_recommended_type: "extensions.torlauncher.default_bridge_recommended_type", + bridgedb_bridge: "extensions.torlauncher.bridgedb_bridge.", +}); + +/* Config Keys used to configure tor daemon */ +const TorConfigKeys = Object.freeze({ + useBridges: "UseBridges", + bridgeList: "Bridge", + socks4Proxy: "Socks4Proxy", + socks5Proxy: "Socks5Proxy", + socks5ProxyUsername: "Socks5ProxyUsername", + socks5ProxyPassword: "Socks5ProxyPassword", + httpsProxy: "HTTPSProxy", + httpsProxyAuthenticator: "HTTPSProxyAuthenticator", + reachableAddresses: "ReachableAddresses", + clientTransportPlugin: "ClientTransportPlugin", +}); + +const TorBridgeSource = Object.freeze({ + Invalid: -1, + BuiltIn: 0, + BridgeDB: 1, + UserProvided: 2, +}); + +const TorProxyType = Object.freeze({ + Invalid: -1, + Socks4: 0, + Socks5: 1, + HTTPS: 2, +}); + + +const TorBuiltinBridgeTypes = Object.freeze( + (() => { + let bridgeListBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge); + let bridgePrefs = bridgeListBranch.getChildList(""); + + // an unordered set for shoving bridge types into + let bridgeTypes = new Set(); + // look for keys ending in ".N" and treat string before that as the bridge type + const pattern = /\.[0-9]+$/; + for (const key of bridgePrefs) { + const offset = key.search(pattern); + if (offset != -1) { + const bt = key.substring(0, offset); + bridgeTypes.add(bt); + } + } + + // recommended bridge type goes first in the list + let recommendedBridgeType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_recommended_type, null); + + let retval = []; + if (recommendedBridgeType && bridgeTypes.has(recommendedBridgeType)) { + retval.push(recommendedBridgeType); + } + + for (const bridgeType of bridgeTypes.values()) { + if (bridgeType != recommendedBridgeType) { + retval.push(bridgeType); + } + } + return retval; + })() +); + +/* Parsing Methods */ + +// expects a string representation of an integer from 1 to 65535 +let parsePort = function(aPort) { + // ensure port string is a valid positive integer + const validIntRegex = /^[0-9]+$/; + if (!validIntRegex.test(aPort)) { + return 0; + } + + // ensure port value is on valid range + let port = Number.parseInt(aPort); + if (port < 1 || port > 65535) { + return 0; + } + + return port; +}; +// expects a string in the format: "ADDRESS:PORT" +let parseAddrPort = function(aAddrColonPort) { + let tokens = aAddrColonPort.split(":"); + if (tokens.length != 2) { + return ["", 0]; + } + let address = tokens[0]; + let port = parsePort(tokens[1]); + return [address, port]; +}; + +// expects a string in the format: "USERNAME:PASSWORD" +// split on the first colon and any subsequent go into password +let parseUsernamePassword = function(aUsernameColonPassword) { + let colonIndex = aUsernameColonPassword.indexOf(":"); + if (colonIndex < 0) { + return ["", ""]; + } + + let username = aUsernameColonPassword.substring(0, colonIndex); + let password = aUsernameColonPassword.substring(colonIndex + 1); + + return [username, password]; +}; + +// expects a string in the format: ADDRESS:PORT,ADDRESS:PORT,... +// returns array of ports (as ints) +let parseAddrPortList = function(aAddrPortList) { + let addrPorts = aAddrPortList.split(","); + // parse ADDRESS:PORT string and only keep the port (second element in returned array) + let retval = addrPorts.map(addrPort => parseAddrPort(addrPort)[1]); + return retval; +}; + +// expects a '/n' or '/r/n' delimited bridge string, which we split and trim +// each bridge string can also optionally have 'bridge' at the beginning ie: +// bridge $(type) $(address):$(port) $(certificate) +// we strip out the 'bridge' prefix here +let parseBridgeStrings = function(aBridgeStrings) { + + // replace carriage returns ('\r') with new lines ('\n') + aBridgeStrings = aBridgeStrings.replace(/\r/g, "\n"); + // then replace contiguous new lines ('\n') with a single one + aBridgeStrings = aBridgeStrings.replace(/[\n]+/g, "\n"); + + // split on the newline and for each bridge string: trim, remove starting 'bridge' string + // finally discard entries that are empty strings; empty strings could occur if we receive + // a new line containing only whitespace + let splitStrings = aBridgeStrings.split("\n"); + return splitStrings.map(val => val.trim().replace(/^bridge\s+/i, "")) + .filter(bridgeString => bridgeString != ""); +}; + +// expecting a ',' delimited list of ints with possible white space between +// returns an array of ints +let parsePortList = function(aPortListString) { + let splitStrings = aPortListString.split(","); + // parse and remove duplicates + let portSet = new Set(splitStrings.map(val => parsePort(val.trim()))); + // parsePort returns 0 for failed parses, so remove 0 from list + portSet.delete(0); + return Array.from(portSet); +}; + +let getBuiltinBridgeStrings = function(builtinType) { + let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.default_bridge); + let bridgeBranchPrefs = bridgeBranch.getChildList(""); + let retval = []; + + // regex matches against strings ending in ".N" where N is a positive integer + let pattern = /\.[0-9]+$/; + for (const key of bridgeBranchPrefs) { + // verify the location of the match is the correct offset required for aBridgeType + // to fit, and that the string begins with aBridgeType + if (key.search(pattern) == builtinType.length && + key.startsWith(builtinType)) { + let bridgeStr = bridgeBranch.getCharPref(key); + retval.push(bridgeStr); + } + } + + // shuffle so that Tor Browser users don't all try the built-in bridges in the same order + arrayShuffle(retval); + + return retval; +}; + +/* Array methods */ + +let arrayShuffle = function(array) { + // fisher-yates shuffle + for (let i = array.length - 1; i > 0; --i) { + // number n such that 0.0 <= n < 1.0 + const n = Math.random(); + // integer j such that 0 <= j <= i + const j = Math.floor(n * (i + 1)); + + // swap values at indices i and j + const tmp = array[i]; + array[i] = array[j]; + array[j] = tmp; + } +} + +let arrayCopy = function(array) { + return [].concat(array); +} + +/* TorSettings module */ + +const TorSettings = (() => { + let self = { + _settings: null, + + // tor daemon related settings + defaultSettings: function() { + let settings = { + quickstart: { + enabled: false + }, + bridges : { + enabled: false, + source: TorBridgeSource.Invalid, + builtin_type: null, + bridge_strings: [], + }, + proxy: { + enabled: false, + type: TorProxyType.Invalid, + address: null, + port: 0, + username: null, + password: null, + }, + firewall: { + enabled: false, + allowed_ports: [], + }, + }; + return settings; + }, + + /* try and load our settings, and register observers */ + init: function() { + if (TorProtocolService.ownsTorDaemon) { + // if the settings branch exists, load settings from prefs + if (Services.prefs.getBoolPref(TorSettingsPrefs.enabled, false)) { + this.loadFromPrefs(); + Services.obs.notifyObservers(null, TorSettingsTopics.Ready); + } + Services.obs.addObserver(this, BrowserTopics.ProfileAfterChange); + Services.obs.addObserver(this, TorTopics.ProcessIsReady); + } + }, + + /* wait for relevant life-cycle events to load and/or apply saved settings */ + observe: async function(subject, topic, data) { + console.log(`TorSettings: observed ${topic}`); + + // once the process is ready, we need to apply our settings + let handleProcessReady = async () => { + Services.obs.removeObserver(this, TorTopics.ProcessIsReady); + if (this._settings == null) { + // load settings from tor if our load in init() failed and save them to prefs + await this.loadLegacy(); + this.saveToPrefs(); + } else { + // push down settings to tor + await this.applySettings(); + } + Services.obs.notifyObservers(null, TorSettingsTopics.Ready); + }; + + switch (topic) { + case BrowserTopics.ProfileAfterChange: { + if (TorProtocolService.torProcessStatus == TorProcessStatus.Running) { + await handleProcessReady(); + } + } + break; + case TorTopics.ProcessIsReady: { + await handleProcessReady(); + } + break; + } + }, + + // load our settings from old locations (misc prefs and from tor daemon) + // TODO: remove this after some time has elapsed to ensure users have migrated to pref settings + loadLegacy: async function() { + console.log("TorSettings: loadLegacy()"); + + let settings = this.defaultSettings(); + + /* Quickstart */ + settings.quickstart.enabled = Services.prefs.getBoolPref(TorLauncherPrefs.quickstart, false); + + /* Bridges + + So the way tor-launcher determines the origin of the configured bridges is a bit + weird and depends on inferring our scenario based on some firefox prefs and the + relationship between the saved list of bridges in about:config vs the list saved in torrc + + first off, if "extensions.torlauncher.default_bridge_type" is set to one of our + builtin default types (obfs4, meek-azure, snowflake, etc) then we provide the + bridges in "extensions.torlauncher.default_bridge.*" (filtered by our default_bridge_type) + + next, we compare the list of bridges saved in torrc to the bridges stored in the + "extensions.torlauncher.bridgedb_bridge."" branch. If they match *exactly* then we assume + the bridges were retrieved from BridgeDB and use those. If the torrc list is empty then we know + we have no bridge settings + + finally, if none of the previous conditions are not met, it is assumed the bridges stored in + torrc are user-provided + */ + + let builtinType = Services.prefs.getCharPref(TorLauncherPrefs.default_bridge_type, null); + + // check if source is built-in + if (builtinType) { + let builtinBridgeStrings = getBuiltinBridgeStrings(builtinType); + if (builtinBridgeStrings.length > 0) { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.BuiltIn; + settings.bridges.builtin_type = builtinType; + settings.bridges.bridge_strings = builtinBridgeStrings; + } + } else { + // get our currently configured bridges from tor + let torrcBridgeStrings = await (async () => { + let bridgeList = await TorProtocolService.readStringArraySetting(TorConfigKeys.bridgeList); + let retval = []; + for (const line of bridgeList) { + let trimmedLine = line.trim(); + if (trimmedLine) { + retval.push(trimmedLine); + } + } + return retval; + })(); + + // torrc has bridges configured + if (torrcBridgeStrings.length > 0) { + // compare tor's bridges to our saved bridgedb bridges + let bridgedbBBridgeStrings = (() => { + let bridgeBranch = Services.prefs.getBranch(TorLauncherPrefs.bridgedb_bridge); + let bridgeBranchPrefs = bridgeBranch.getChildList(""); + // the child prefs do not come in any particular order so sort the keys + // so the values can be compared to what we get out off torrc + bridgeBranchPrefs.sort(); + + // just assume all of the prefs under the parent point to valid bridge string + let retval = bridgeBranchPrefs.map(key => + bridgeBranch.getCharPref(key).trim() + ); + return retval; + })(); + + let arraysEqual = (left, right) => { + if (left.length != right.length) { + return false; + } + const length = left.length; + for (let i = 0; i < length; ++i) { + if (left[i] != right[i]) { + return false; + } + } + return true; + }; + + if (arraysEqual(torrcBridgeStrings, bridgedbBBridgeStrings)) { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.BridgeDB; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = torrcBridgeStrings; + } else { + settings.bridges.enabled = true; + settings.bridges.source = TorBridgeSource.UserProvided; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = torrcBridgeStrings; + } + } else { + // tor has no bridge strings saved, so bridges not in use + settings.bridges.enabled = false; + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = []; + } + } + + /* Proxy */ + + let proxyString = null; + if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks4Proxy)) { + let [address, port] = parseAddrPort(proxyString); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.Socks4; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = null; + settings.proxy.password = null; + } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.socks5Proxy)) { + let [address, port] = parseAddrPort(proxyString); + let username = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyUsername); + let password = await TorProtocolService.readStringSetting(TorConfigKeys.socks5ProxyPassword); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.Socks5; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = username; + settings.proxy.password = password; + } else if (proxyString = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxy)) { + let [address, port] = parseAddrPort(proxyString); + let authenticator = await TorProtocolService.readStringSetting(TorConfigKeys.httpsProxyAuthenticator); + let [username, password] = parseUsernamePassword(authenticator); + + settings.proxy.enabled = true; + settings.proxy.type = TorProxyType.HTTPS; + settings.proxy.address = address; + settings.proxy.port = port; + settings.proxy.username = username; + settings.proxy.password = password; + } else { + settings.proxy.enabled = false; + settings.proxy.type = TorProxyType.Invalid; + settings.proxy.address = null; + settings.proxy.port = 0; + settings.proxy.username = null; + settings.proxy.password = null; + } + + /* Firewall */ + let firewallString = await TorProtocolService.readStringSetting(TorConfigKeys.reachableAddresses); + if (firewallString) { + let allowedPorts = parseAddrPortList(firewallString); + settings.firewall.enabled = allowedPorts.length > 0; + settings.firewall.allowed_ports = allowedPorts; + } else { + settings.firewall.enabled = false; + settings.firewall.allowed_ports = []; + } + + this._settings = settings; + + return this; + }, + + // load our settings from prefs + loadFromPrefs: function() { + console.log("TorSettings: loadFromPrefs()"); + + let settings = this.defaultSettings(); + + /* Quickstart */ + settings.quickstart.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.quickstart.enabled); + /* Bridges */ + settings.bridges.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.bridges.enabled); + if (settings.bridges.enabled) { + settings.bridges.source = Services.prefs.getIntPref(TorSettingsPrefs.bridges.source); + // builtin bridge (obfs4, meek, snowlfake, etc) + if (settings.bridges.source == TorBridgeSource.BuiltIn) { + let builtinType = Services.prefs.getStringPref(TorSettingsPrefs.bridges.builtin_type); + settings.bridges.builtin_type = builtinType; + // always dynamically load builtin bridges rather than loading the cached versions + // if the user upgrades and the builtin bridges have changed, we want to ensure the user + // can still bootstrap using the provided bridges + let bridgeStrings = getBuiltinBridgeStrings(builtinType); + if (bridgeStrings.length > 0) { + settings.bridges.bridge_strings = bridgeStrings; + } else { + // in this case the user is using a builtin bridge that is no longer supported, + // reset to settings to default values + settings.bridges.enabled = false; + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + } + } else { + settings.bridges.bridge_strings = []; + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + let bridgeString = Services.prefs.getStringPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + settings.bridges.bridge_strings.push(bridgeString); + }); + } + } else { + settings.bridges.source = TorBridgeSource.Invalid; + settings.bridges.builtin_type = null; + settings.bridges.bridge_strings = []; + } + /* Proxy */ + settings.proxy.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.proxy.enabled); + if (settings.proxy.enabled) { + settings.proxy.type = Services.prefs.getIntPref(TorSettingsPrefs.proxy.type); + settings.proxy.address = Services.prefs.getStringPref(TorSettingsPrefs.proxy.address); + settings.proxy.port = Services.prefs.getIntPref(TorSettingsPrefs.proxy.port); + settings.proxy.username = Services.prefs.getStringPref(TorSettingsPrefs.proxy.username); + settings.proxy.password = Services.prefs.getStringPref(TorSettingsPrefs.proxy.password); + } else { + settings.proxy.type = TorProxyType.Invalid; + settings.proxy.address = null; + settings.proxy.port = 0; + settings.proxy.username = null; + settings.proxy.password = null; + } + + /* Firewall */ + settings.firewall.enabled = Services.prefs.getBoolPref(TorSettingsPrefs.firewall.enabled); + if(settings.firewall.enabled) { + let portList = Services.prefs.getStringPref(TorSettingsPrefs.firewall.allowed_ports); + settings.firewall.allowed_ports = parsePortList(portList); + } else { + settings.firewall.allowed_ports = 0; + } + + this._settings = settings; + + return this; + }, + + // save our settings to prefs + saveToPrefs: function() { + console.log("TorSettings: saveToPrefs()"); + + let settings = this._settings; + + /* Quickstart */ + Services.prefs.setBoolPref(TorSettingsPrefs.quickstart.enabled, settings.quickstart.enabled); + /* Bridges */ + Services.prefs.setBoolPref(TorSettingsPrefs.bridges.enabled, settings.bridges.enabled); + if (settings.bridges.enabled) { + Services.prefs.setIntPref(TorSettingsPrefs.bridges.source, settings.bridges.source); + if (settings.bridges.source === TorBridgeSource.BuiltIn) { + Services.prefs.setStringPref(TorSettingsPrefs.bridges.builtin_type, settings.bridges.builtin_type); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type); + } + // erase existing bridge strings + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + }); + // write new ones + settings.bridges.bridge_strings.forEach((string, index) => { + Services.prefs.setStringPref(`${TorSettingsPrefs.bridges.bridge_strings}.${index}`, string); + }); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.source); + Services.prefs.clearUserPref(TorSettingsPrefs.bridges.builtin_type); + let bridgeBranchPrefs = Services.prefs.getBranch(TorSettingsPrefs.bridges.bridge_strings).getChildList(""); + bridgeBranchPrefs.forEach(pref => { + Services.prefs.clearUserPref(`${TorSettingsPrefs.bridges.bridge_strings}${pref}`); + }); + } + /* Proxy */ + Services.prefs.setBoolPref(TorSettingsPrefs.proxy.enabled, settings.proxy.enabled); + if (settings.proxy.enabled) { + Services.prefs.setIntPref(TorSettingsPrefs.proxy.type, settings.proxy.type); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.address, settings.proxy.address); + Services.prefs.setIntPref(TorSettingsPrefs.proxy.port, settings.proxy.port); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.username, settings.proxy.username); + Services.prefs.setStringPref(TorSettingsPrefs.proxy.password, settings.proxy.password); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.type); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.address); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.port); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.username); + Services.prefs.clearUserPref(TorSettingsPrefs.proxy.password); + } + /* Firewall */ + Services.prefs.setBoolPref(TorSettingsPrefs.firewall.enabled, settings.firewall.enabled); + if (settings.firewall.enabled) { + Services.prefs.setStringPref(TorSettingsPrefs.firewall.allowed_ports, settings.firewall.allowed_ports.join(",")); + } else { + Services.prefs.clearUserPref(TorSettingsPrefs.firewall.allowed_ports); + } + + // all tor settings now stored in prefs :) + Services.prefs.setBoolPref(TorSettingsPrefs.enabled, true); + + return this; + }, + + // push our settings down to the tor daemon + applySettings: async function() { + console.log("TorSettings: applySettings()"); + let settings = this._settings; + let settingsMap = new Map(); + + /* Bridges */ + settingsMap.set(TorConfigKeys.useBridges, settings.bridges.enabled); + if (settings.bridges.enabled) { + settingsMap.set(TorConfigKeys.bridgeList, settings.bridges.bridge_strings); + } else { + // shuffle bridge list + settingsMap.set(TorConfigKeys.bridgeList, null); + } + + /* Proxy */ + settingsMap.set(TorConfigKeys.socks4Proxy, null); + settingsMap.set(TorConfigKeys.socks5Proxy, null); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, null); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, null); + settingsMap.set(TorConfigKeys.httpsProxy, null); + settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, null); + if (settings.proxy.enabled) { + let address = settings.proxy.address; + let port = settings.proxy.port; + let username = settings.proxy.username; + let password = settings.proxy.password; + + switch (settings.proxy.type) { + case TorProxyType.Socks4: + settingsMap.set(TorConfigKeys.socks4Proxy, `${address}:${port}`); + break; + case TorProxyType.Socks5: + settingsMap.set(TorConfigKeys.socks5Proxy, `${address}:${port}`); + settingsMap.set(TorConfigKeys.socks5ProxyUsername, username); + settingsMap.set(TorConfigKeys.socks5ProxyPassword, password); + break; + case TorProxyType.HTTPS: + settingsMap.set(TorConfigKeys.httpsProxy, `${address}:${port}`); + settingsMap.set(TorConfigKeys.httpsProxyAuthenticator, `${username}:${password}`); + break; + } + } + + /* Firewall */ + if (settings.firewall.enabled) { + let reachableAddresses = settings.firewall.allowed_ports.map(port => `*:${port}`).join(","); + settingsMap.set(TorConfigKeys.reachableAddresses, reachableAddresses); + } else { + settingsMap.set(TorConfigKeys.reachableAddresses, null); + } + + /* Push to Tor */ + await TorProtocolService.writeSettings(settingsMap); + + return this; + }, + + /* Getters and Setters */ + + + // Quickstart + get quickstart() { + return { + // Avoid a race-condition on first-start where this property + // may be accessed before `self._settings` is initialized. + // This work-around can be removed when #40598 is resolved. + get enabled() { return (self._settings ? self._settings.quickstart.enabled : false); }, + set enabled(val) { + if (val != self._settings.quickstart.enabled) + { + self._settings.quickstart.enabled = val; + Services.obs.notifyObservers({value: val}, TorSettingsTopics.SettingChanged, TorSettingsData.QuickStartEnabled); + } + }, + }; + }, + + // Bridges + get bridges() { + return { + get enabled() { return self._settings.bridges.enabled; }, + set enabled(val) { + self._settings.bridges.enabled = val; + // reset bridge settings + self._settings.bridges.source = TorBridgeSource.Invalid; + self._settings.bridges.builtin_type = null; + self._settings.bridges.bridge_strings = []; + }, + get source() { return self._settings.bridges.source; }, + set source(val) { self._settings.bridges.source = val; }, + get builtin_type() { return self._settings.bridges.builtin_type; }, + set builtin_type(val) { + let bridgeStrings = getBuiltinBridgeStrings(val); + if (bridgeStrings.length > 0) { + self._settings.bridges.builtin_type = val; + self._settings.bridges.bridge_strings = bridgeStrings; + } + }, + get bridge_strings() { return arrayCopy(self._settings.bridges.bridge_strings); }, + set bridge_strings(val) { + self._settings.bridges.bridge_strings = parseBridgeStrings(val); + }, + }; + }, + + // Proxy + get proxy() { + return { + get enabled() { return self._settings.proxy.enabled; }, + set enabled(val) { + self._settings.proxy.enabled = val; + // reset proxy settings + self._settings.proxy.type = TorProxyType.Invalid; + self._settings.proxy.address = null; + self._settings.proxy.port = 0; + self._settings.proxy.username = null; + self._settings.proxy.password = null; + }, + get type() { return self._settings.proxy.type; }, + set type(val) { self._settings.proxy.type = val; }, + get address() { return self._settings.proxy.address; }, + set address(val) { self._settings.proxy.address = val; }, + get port() { return arrayCopy(self._settings.proxy.port); }, + set port(val) { self._settings.proxy.port = parsePort(val); }, + get username() { return self._settings.proxy.username; }, + set username(val) { self._settings.proxy.username = val; }, + get password() { return self._settings.proxy.password; }, + set password(val) { self._settings.proxy.password = val; }, + get uri() { + switch (this.type) { + case TorProxyType.Socks4: + return `socks4a://${this.address}:${this.port}`; + case TorProxyType.Socks5: + if (this.username) { + return `socks5://${this.username}:${this.password}@${this.address}:${this.port}`; + } + return `socks5://${this.address}:${this.port}`; + case TorProxyType.HTTPS: + if (this._proxyUsername) { + return `http://${this.username}:${this.password}@${this.address}:${this.port}`; + } + return `http://${this.address}:${this.port}`; + } + return null; + }, + }; + }, + + // Firewall + get firewall() { + return { + get enabled() { return self._settings.firewall.enabled; }, + set enabled(val) { + self._settings.firewall.enabled = val; + // reset firewall settings + self._settings.firewall.allowed_ports = []; + }, + get allowed_ports() { return self._settings.firewall.allowed_ports; }, + set allowed_ports(val) { self._settings.firewall.allowed_ports = parsePortList(val); }, + }; + }, + }; + self.init(); + return self; +})(); diff --git a/browser/modules/moz.build b/browser/modules/moz.build index 1ea57aba1a93..8c001d4ac6ed 100644 --- a/browser/modules/moz.build +++ b/browser/modules/moz.build @@ -156,6 +156,7 @@ EXTRA_JS_MODULES += [ 'TorConnect.jsm', 'TorProcessService.jsm', "TorProtocolService.jsm", + "TorSettings.jsm", "TorStrings.jsm", "TransientPrefs.jsm", "webrtcUI.jsm", diff --git a/toolkit/components/processsingleton/MainProcessSingleton.jsm b/toolkit/components/processsingleton/MainProcessSingleton.jsm index 62afa98e1ffc..ba8cd0f3f97d 100644 --- a/toolkit/components/processsingleton/MainProcessSingleton.jsm +++ b/toolkit/components/processsingleton/MainProcessSingleton.jsm @@ -24,6 +24,11 @@ MainProcessSingleton.prototype = { null ); + ChromeUtils.import( + "resource:///modules/TorSettings.jsm", + null + ); + ChromeUtils.import( "resource:///modules/TorConnect.jsm", null diff --git a/toolkit/modules/AsyncPrefs.jsm b/toolkit/modules/AsyncPrefs.jsm index f7d867e47dc0..2834c484c919 100644 --- a/toolkit/modules/AsyncPrefs.jsm +++ b/toolkit/modules/AsyncPrefs.jsm @@ -20,7 +20,6 @@ const kAllowedPrefs = new Set([ "browser.contentblocking.report.hide_vpn_banner", "browser.contentblocking.report.show_mobile_app", - "extensions.torlauncher.quickstart", "narrate.rate", "narrate.voice",

1 0

[tor-browser/tor-browser-91.4.0esr-11.0-1] Adding issue template for bugs.
by sysrqb＠torproject.org 02 Dec '21

02 Dec '21

commit 8922bb36d8d2a80a829e98666e2d07b79f3d08e0 Author: Gaba <gaba(a)torproject.org> Date: Mon Jun 28 11:44:16 2021 -0700 Adding issue template for bugs. --- .gitlab/issue_templates/UXBug.md | 29 +++++++++++++++++++++++++++++ .gitlab/issue_templates/bug.md | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) diff --git a/.gitlab/issue_templates/UXBug.md b/.gitlab/issue_templates/UXBug.md new file mode 100644 index 000000000000..8e7cb2a5e163 --- /dev/null +++ b/.gitlab/issue_templates/UXBug.md @@ -0,0 +1,29 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +## Relevant logs and/or screenshots +**Do you have screenshots? Attach them to this ticket please.** + +/label ~tor-ux ~needs-investigation ~bug +/assign @nah diff --git a/.gitlab/issue_templates/bug.md b/.gitlab/issue_templates/bug.md new file mode 100644 index 000000000000..6ce85a4864be --- /dev/null +++ b/.gitlab/issue_templates/bug.md @@ -0,0 +1,32 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +### Environment +**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.** +**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.** + +### Relevant logs and/or screenshots + + +/label ~bug

1 0