tor-commits
Threads by month
- ----- 2025 -----
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
August 2021
- 15 participants
- 1353 discussions
[tor-browser/tor-browser-91.0.1-10.5-1] TB3: Tor Browser's official .mozconfigs.
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 315b093c213b7afbcf6201131f20bef9b1f60fda
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Mon May 6 15:51:06 2013 -0700
TB3: Tor Browser's official .mozconfigs.
Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken
Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds
This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.
Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds
Add an --enable-tor-browser-data-outside-app-dir configure option
Add --with-tor-browser-version configure option
Bug 21849: Don't allow SSL key logging.
Bug 31457: disable per-installation profiles
The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.
Bug 31935: Disable profile downgrade protection.
Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.
Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
Bug 25741 - TBA: Disable features at compile-time
MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo)
Bug 25741 - TBA: Add default configure options in dedicated file
Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION
Bug 29859: Disable HLS support for now
Add --disable-tor-launcher build option
Add --enable-tor-browser-update build option
Bug 33734: Set MOZ_NORMANDY to False
Bug 33851: Omit Parental Controls.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files
---
.mozconfig | 39 ++++++++++++++++++++++++
.mozconfig-android | 36 ++++++++++++++++++++++
.mozconfig-asan | 44 +++++++++++++++++++++++++++
.mozconfig-mac | 56 +++++++++++++++++++++++++++++++++++
.mozconfig-mingw | 31 +++++++++++++++++++
browser/base/moz.build | 3 ++
browser/installer/Makefile.in | 8 +++++
browser/moz.configure | 8 ++---
build/moz.configure/old.configure | 5 ++++
mobile/android/confvars.sh | 9 ++++++
mobile/android/geckoview/build.gradle | 1 +
mobile/android/moz.configure | 22 ++++++++++++--
mobile/android/torbrowser.configure | 30 +++++++++++++++++++
old-configure.in | 49 ++++++++++++++++++++++++++++++
security/moz.build | 2 +-
security/nss/lib/ssl/Makefile | 2 +-
toolkit/modules/AppConstants.jsm | 15 ++++++++++
toolkit/modules/moz.build | 3 ++
18 files changed, 355 insertions(+), 8 deletions(-)
diff --git a/.mozconfig b/.mozconfig
new file mode 100755
index 000000000000..18cd1f9b6487
--- /dev/null
+++ b/.mozconfig
@@ -0,0 +1,39 @@
+. $topsrcdir/browser/config/mozconfig
+
+# This mozconfig file is not used in official Tor Browser builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development. The platform-specific mozconfig configuration
+# files used in official Tor Browser releases can be found in the
+# tor-browser-build repo:
+# https://gitweb.torproject.org/builders/tor-browser-build.git/
+# under:
+# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+
+ac_add_options --disable-tor-launcher
+ac_add_options --with-tor-browser-version=dev-build
+ac_add_options --disable-tor-browser-update
diff --git a/.mozconfig-android b/.mozconfig-android
new file mode 100755
index 000000000000..50015ec615ef
--- /dev/null
+++ b/.mozconfig-android
@@ -0,0 +1,36 @@
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-arm-linux-androideabi
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Android
+ac_add_options --enable-application=mobile/android
+ac_add_options --target=arm-linux-androideabi
+ac_add_options --with-android-ndk="$NDK_BASE" #Enter the android ndk location(ndk r17b)
+ac_add_options --with-android-sdk="$SDK_BASE" #Enter the android sdk location
+ac_add_options --with-branding=mobile/android/branding/alpha
+
+# Use Mozilla's Clang blobs
+CC="$HOME/.mozbuild/clang/bin/clang"
+CXX="$HOME/.mozbuild/clang/bin/clang++"
+
+#enable ccache to set amount of cache assigned for build.
+ac_add_options --with-ccache
+
+ac_add_options --enable-strip
+ac_add_options --disable-tests
+ac_add_options --disable-debug
+ac_add_options --disable-rust-debug
+
+ac_add_options --disable-updater
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-asan b/.mozconfig-asan
new file mode 100644
index 000000000000..bad7ea022c9f
--- /dev/null
+++ b/.mozconfig-asan
@@ -0,0 +1,44 @@
+. $topsrcdir/browser/config/mozconfig
+
+export CFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+export CXXFLAGS="-fsanitize=address -Dxmalloc=myxmalloc"
+# We need to add -ldl explicitely due to bug 1213698
+export LDFLAGS="-fsanitize=address -ldl"
+
+# Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
+# (which is part of mar-tools and is not distributed to end-users) with
+# ASan. See bug 17858.
+export HOST_CFLAGS=""
+export HOST_CXXFLAGS=""
+export HOST_LDFLAGS="-ldl"
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+export BINDGEN_CFLAGS='--gcc-toolchain=/var/tmp/dist/gcc'
+
+ac_add_options --enable-address-sanitizer
+ac_add_options --disable-jemalloc
+ac_add_options --disable-elf-hack
+
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-official-branding
+
+# Let's support GTK3 for ESR60
+ac_add_options --enable-default-toolkit=cairo-gtk3
+
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-strip
+ac_add_options --disable-install-strip
+ac_add_options --enable-tests
+ac_add_options --enable-debug
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mac b/.mozconfig-mac
new file mode 100644
index 000000000000..26e2b6b92fdb
--- /dev/null
+++ b/.mozconfig-mac
@@ -0,0 +1,56 @@
+# ld needs libLTO.so from llvm
+mk_add_options "export LD_LIBRARY_PATH=$topsrcdir/clang/lib"
+
+CROSS_CCTOOLS_PATH=$topsrcdir/cctools
+CROSS_SYSROOT=$topsrcdir/MacOSX10.7.sdk
+CROSS_PRIVATE_FRAMEWORKS=$CROSS_SYSROOT/System/Library/PrivateFrameworks
+HARDENING_FLAGS="-Werror=format -Werror=format-security -fstack-protector-strong -D_FORTIFY_SOURCE=2"
+FLAGS="-target x86_64-apple-darwin10 -mlinker-version=136 -B $CROSS_CCTOOLS_PATH/bin -isysroot $CROSS_SYSROOT $HARDENING_FLAGS"
+
+export CC="$topsrcdir/clang/bin/clang $FLAGS"
+export CXX="$topsrcdir/clang/bin/clang++ $FLAGS"
+export CPP="$topsrcdir/clang/bin/clang $FLAGS -E"
+export LLVMCONFIG=$topsrcdir/clang/bin/llvm-config
+export LDFLAGS="-Wl,-syslibroot,$CROSS_SYSROOT -Wl,-dead_strip -Wl,-pie"
+export TOOLCHAIN_PREFIX=$CROSS_CCTOOLS_PATH/bin/x86_64-apple-darwin10-
+#TODO: bug 1184202 - would be nice if these could be detected with TOOLCHAIN_PREFIX automatically
+export AR=${TOOLCHAIN_PREFIX}ar
+export RANLIB=${TOOLCHAIN_PREFIX}ranlib
+export STRIP=${TOOLCHAIN_PREFIX}strip
+export OTOOL=${TOOLCHAIN_PREFIX}otool
+export DSYMUTIL=$topsrcdir/clang/bin/llvm-dsymutil
+
+export HOST_CC="$topsrcdir/clang/bin/clang"
+export HOST_CXX="$topsrcdir/clang/bin/clang++"
+export HOST_CPP="$topsrcdir/clang/bin/clang -E"
+export HOST_CFLAGS="-g"
+export HOST_CXXFLAGS="-g"
+export HOST_LDFLAGS="-g"
+
+ac_add_options --target=x86_64-apple-darwin
+ac_add_options --with-macos-private-frameworks=$CROSS_PRIVATE_FRAMEWORKS
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-macos
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --enable-application=browser
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --disable-debug
+
+ac_add_options --enable-tor-browser-data-outside-app-dir
+ac_add_options --enable-tor-browser-update
+
+ac_add_options --disable-crashreporter
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
new file mode 100644
index 000000000000..3ec6ff18a3e9
--- /dev/null
+++ b/.mozconfig-mingw
@@ -0,0 +1,31 @@
+CROSS_COMPILE=1
+
+ac_add_options --enable-application=browser
+ac_add_options --target=i686-w64-mingw32
+ac_add_options --with-toolchain-prefix=i686-w64-mingw32-
+ac_add_options --enable-default-toolkit=cairo-windows
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-mingw
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export MOZILLA_OFFICIAL=1
+
+ac_add_options --disable-debug
+ac_add_options --enable-optimize
+ac_add_options --enable-rust-simd
+ac_add_options --enable-strip
+ac_add_options --enable-official-branding
+
+ac_add_options --enable-tor-browser-update
+ac_add_options --disable-bits-download
+
+# Let's make sure no preference is enabling either Adobe's or Google's CDM.
+ac_add_options --disable-eme
+ac_add_options --disable-crashreporter
+ac_add_options --disable-maintenance-service
+ac_add_options --disable-webrtc
+ac_add_options --disable-parental-controls
+ac_add_options --disable-tests
+ac_add_options --enable-proxy-bypass-protection
+
+# Disable telemetry
+ac_add_options MOZ_TELEMETRY_REPORTING=
+ac_add_options --disable-default-browser-agent
diff --git a/browser/base/moz.build b/browser/base/moz.build
index 4058d6d86fea..ee3bc8028b9e 100644
--- a/browser/base/moz.build
+++ b/browser/base/moz.build
@@ -81,6 +81,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] in ("windows", "gtk", "cocoa"):
if CONFIG["MOZ_WIDGET_TOOLKIT"] in ("windows", "gtk"):
DEFINES["MENUBAR_CAN_AUTOHIDE"] = 1
+if CONFIG["TOR_BROWSER_UPDATE"]:
+ DEFINES["TOR_BROWSER_UPDATE"] = 1
+
JAR_MANIFESTS += ["jar.mn"]
GeneratedFile(
diff --git a/browser/installer/Makefile.in b/browser/installer/Makefile.in
index f98964d8a9eb..d55b373ff488 100644
--- a/browser/installer/Makefile.in
+++ b/browser/installer/Makefile.in
@@ -82,6 +82,14 @@ endif
endif
endif
+ifdef TOR_BROWSER_DISABLE_TOR_LAUNCHER
+DEFINES += -DTOR_BROWSER_DISABLE_TOR_LAUNCHER
+endif
+
+ifdef TOR_BROWSER_UPDATE
+DEFINES += -DTOR_BROWSER_UPDATE
+endif
+
ifneq (,$(filter WINNT Darwin Android,$(OS_TARGET)))
DEFINES += -DMOZ_SHARED_MOZGLUE=1
endif
diff --git a/browser/moz.configure b/browser/moz.configure
index 8653bcbb165d..5a0b722b915e 100644
--- a/browser/moz.configure
+++ b/browser/moz.configure
@@ -5,11 +5,11 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
imply_option("MOZ_PLACES", True)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
imply_option("MOZ_SERVICES_SYNC", True)
-imply_option("MOZ_DEDICATED_PROFILES", True)
-imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", True)
-imply_option("MOZ_NORMANDY", True)
+imply_option("MOZ_DEDICATED_PROFILES", False)
+imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", False)
+imply_option("MOZ_NORMANDY", False)
with only_when(target_is_linux & compile_environment):
option(env="MOZ_NO_PIE_COMPAT", help="Enable non-PIE wrapper")
diff --git a/build/moz.configure/old.configure b/build/moz.configure/old.configure
index 35ab75df3a14..95f4200d0973 100644
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -119,6 +119,11 @@ def old_configure_options(*options):
"--with-user-appdir",
"--x-includes",
"--x-libraries",
+ # Tor additions.
+ "--with-tor-browser-version",
+ "--enable-tor-browser-update",
+ "--enable-tor-browser-data-outside-app-dir",
+ "--enable-tor-launcher",
)
def prepare_configure_options(host, target, all_options, *options):
# old-configure only supports the options listed in @old_configure_options
diff --git a/mobile/android/confvars.sh b/mobile/android/confvars.sh
index 70e13c85b258..b2670451ed91 100644
--- a/mobile/android/confvars.sh
+++ b/mobile/android/confvars.sh
@@ -29,6 +29,15 @@ MOZ_ANDROID_BROWSER_INTENT_CLASS=org.mozilla.gecko.BrowserApp
MOZ_NO_SMART_CARDS=1
+# Adds MIME-type support for raw video
MOZ_RAW=1
MOZ_APP_ID={aa3c5121-dab2-40e2-81ca-7ea25febc110}
+
+### Tor Browser for Android ###
+
+# Disable telemetry at compile-time
+unset MOZ_TELEMETRY_REPORTING
+
+# Disable data reporting at compile-time
+unset MOZ_DATA_REPORTING
diff --git a/mobile/android/geckoview/build.gradle b/mobile/android/geckoview/build.gradle
index f60ea1730d5c..bdee206175db 100644
--- a/mobile/android/geckoview/build.gradle
+++ b/mobile/android/geckoview/build.gradle
@@ -93,6 +93,7 @@ android {
buildConfigField 'String', "MOZ_APP_DISPLAYNAME", "\"${mozconfig.substs.MOZ_APP_DISPLAYNAME}\"";
buildConfigField 'String', "MOZ_APP_UA_NAME", "\"${mozconfig.substs.MOZ_APP_UA_NAME}\"";
buildConfigField 'String', "MOZ_UPDATE_CHANNEL", "\"${mozconfig.substs.MOZ_UPDATE_CHANNEL}\"";
+ buildConfigField 'String', "TOR_BROWSER_VERSION", "\"${mozconfig.substs.TOR_BROWSER_VERSION}\"";
// MOZILLA_VERSION is oddly quoted from autoconf, but we don't have to handle it specially in Gradle.
buildConfigField 'String', "MOZILLA_VERSION", "\"${mozconfig.substs.MOZILLA_VERSION}\"";
diff --git a/mobile/android/moz.configure b/mobile/android/moz.configure
index 106f6c816814..531eec31475e 100644
--- a/mobile/android/moz.configure
+++ b/mobile/android/moz.configure
@@ -13,7 +13,7 @@ project_flag(
project_flag(
"MOZ_ANDROID_HLS_SUPPORT",
help="Enable HLS (HTTP Live Streaming) support (currently using the ExoPlayer library)",
- default=True,
+ default=False,
)
option(
@@ -51,10 +51,14 @@ set_config(
)
imply_option("MOZ_NORMANDY", False)
-imply_option("MOZ_SERVICES_HEALTHREPORT", True)
imply_option("MOZ_ANDROID_HISTORY", True)
imply_option("--enable-small-chunk-size", True)
+# Comment this so we can imply |False| in torbrowser.configure
+# The Build system doesn't allow multiple imply_option()
+# calls with the same key.
+# imply_option("MOZ_SERVICES_HEALTHREPORT", True)
+
@depends(target)
def check_target(target):
@@ -70,6 +74,8 @@ def check_target(target):
)
+include("torbrowser.configure")
+
include("../../toolkit/moz.configure")
include("../../build/moz.configure/android-sdk.configure")
include("../../build/moz.configure/java.configure")
@@ -87,3 +93,15 @@ set_config(
"MOZ_ANDROID_FAT_AAR_ARCHITECTURES",
depends("MOZ_ANDROID_FAT_AAR_ARCHITECTURES")(lambda x: x),
)
+
+project_flag(
+ "MOZ_ANDROID_NETWORK_STATE",
+ help="Include permission for accessing WiFi/network state on Android",
+ default=False,
+)
+
+project_flag(
+ "MOZ_ANDROID_LOCATION",
+ help="Include permission for accessing fine and course-grain Location on Android",
+ default=False,
+)
diff --git a/mobile/android/torbrowser.configure b/mobile/android/torbrowser.configure
new file mode 100644
index 000000000000..bcb725cae121
--- /dev/null
+++ b/mobile/android/torbrowser.configure
@@ -0,0 +1,30 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# Set Tor Browser default config
+
+imply_option("MOZ_ANDROID_EXCLUDE_FONTS", False)
+
+# Disable uploading crash reports and dump files to an external server
+# This is still configured in old-configure. Uncomment when this moves
+# to the python config
+# imply_option("MOZ_CRASHREPORTER", False)
+
+# Disable uploading information about the browser configuration and
+# performance to an external server
+imply_option("MOZ_SERVICES_HEALTHREPORT", False)
+
+# Disable creating telemetry and data reports that are uploaded to an
+# external server
+# These aren't actually configure options. These are disabled in
+# confvars.sh, but they look like configure options so we'll document
+# them here, as well.
+# XXX: no confvars.sh here
+# imply_option("MOZ_TELEMETRY_REPORTING", False)
+# imply_option("MOZ_DATA_REPORTING", False)
+
+imply_option("MOZ_ANDROID_NETWORK_STATE", False)
+imply_option("MOZ_ANDROID_LOCATION", False)
diff --git a/old-configure.in b/old-configure.in
index de2642f71d0f..84e7a31f52fb 100644
--- a/old-configure.in
+++ b/old-configure.in
@@ -1881,6 +1881,55 @@ if test -n "$MOZ_UPDATER"; then
AC_DEFINE(MOZ_UPDATER)
fi
+dnl ========================================================
+dnl Tor additions
+dnl ========================================================
+MOZ_ARG_WITH_STRING(tor-browser-version,
+[ --with-tor-browser-version=VERSION
+ Set Tor Browser version, e.g., 7.0a1],
+ TOR_BROWSER_VERSION="$withval")
+
+if test -z "$TOR_BROWSER_VERSION"; then
+ AC_MSG_ERROR([--with-tor-browser-version is required for Tor Browser.])
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-update,
+[ --enable-tor-browser-update
+ Enable Tor Browser update],
+ TOR_BROWSER_UPDATE=1,
+ TOR_BROWSER_UPDATE= )
+
+if test -n "$TOR_BROWSER_UPDATE"; then
+ AC_DEFINE(TOR_BROWSER_UPDATE)
+fi
+
+MOZ_ARG_ENABLE_BOOL(tor-browser-data-outside-app-dir,
+[ --enable-tor-browser-data-outside-app-dir
+ Enable Tor Browser data outside of app directory],
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR=1,
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR= )
+
+if test -n "$TOR_BROWSER_DATA_OUTSIDE_APP_DIR"; then
+ AC_DEFINE(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+fi
+
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION,$TOR_BROWSER_VERSION)
+AC_DEFINE_UNQUOTED(TOR_BROWSER_VERSION_QUOTED,"$TOR_BROWSER_VERSION")
+AC_SUBST(TOR_BROWSER_UPDATE)
+AC_SUBST(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+
+MOZ_ARG_DISABLE_BOOL(tor-launcher,
+[ --disable-tor-launcher
+ Do not include Tor Launcher],
+ TOR_BROWSER_DISABLE_TOR_LAUNCHER=1,
+ TOR_BROWSER_DISABLE_TOR_LAUNCHER=)
+
+if test -n "$TOR_BROWSER_DISABLE_TOR_LAUNCHER"; then
+ AC_DEFINE(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+fi
+
+AC_SUBST(TOR_BROWSER_DISABLE_TOR_LAUNCHER)
+
dnl ========================================================
dnl parental controls (for Windows Vista)
dnl ========================================================
diff --git a/security/moz.build b/security/moz.build
index 18e50f9dcc37..8d0427525487 100644
--- a/security/moz.build
+++ b/security/moz.build
@@ -85,7 +85,7 @@ gyp_vars["nss_dist_obj_dir"] = "$PRODUCT_DIR/dist/bin"
gyp_vars["disable_tests"] = 1
gyp_vars["disable_dbm"] = 1
gyp_vars["disable_libpkix"] = 1
-gyp_vars["enable_sslkeylogfile"] = 1
+gyp_vars["enable_sslkeylogfile"] = 0
# pkg-config won't reliably find zlib on our builders, so just force it.
# System zlib is only used for modutil and signtool unless
# SSL zlib is enabled, which we are disabling immediately below this.
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
index 8a8b06f4b508..90571bb3e256 100644
--- a/security/nss/lib/ssl/Makefile
+++ b/security/nss/lib/ssl/Makefile
@@ -41,7 +41,7 @@ endif
# Enable key logging by default in debug builds, but not opt builds.
# Logging still needs to be enabled at runtime through env vars.
-NSS_ALLOW_SSLKEYLOGFILE ?= $(if $(BUILD_OPT),0,1)
+NSS_ALLOW_SSLKEYLOGFILE ?= 0
ifeq (1,$(NSS_ALLOW_SSLKEYLOGFILE))
DEFINES += -DNSS_ALLOW_SSLKEYLOGFILE=1
endif
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 9b3acf6ecc30..ea10dc97535d 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -354,6 +354,14 @@ this.AppConstants = Object.freeze({
MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@",
ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@",
+ TOR_BROWSER_VERSION: "@TOR_BROWSER_VERSION@",
+ TOR_BROWSER_DATA_OUTSIDE_APP_DIR:
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+ true,
+#else
+ false,
+#endif
+
DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@",
MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@",
@@ -431,4 +439,11 @@ this.AppConstants = Object.freeze({
#else
false,
#endif
+
+ TOR_BROWSER_UPDATE:
+#ifdef TOR_BROWSER_UPDATE
+ true,
+#else
+ false,
+#endif
});
diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index 8ac56c81e646..c6b2c421f447 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -301,6 +301,9 @@ for var in (
if CONFIG[var]:
DEFINES[var] = True
+if CONFIG["TOR_BROWSER_UPDATE"]:
+ DEFINES["TOR_BROWSER_UPDATE"] = 1
+
JAR_MANIFESTS += ["jar.mn"]
DEFINES["TOPOBJDIR"] = TOPOBJDIR
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] TB4: Tor Browser's Firefox preference overrides.
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit bfe71b4900059fb5d13f6a719ada0d2e791fe82d
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Tue Sep 10 18:20:43 2013 -0700
TB4: Tor Browser's Firefox preference overrides.
This hack directly includes our preference changes in omni.ja.
Bug 18292: Staged updates fail on Windows
Temporarily disable staged updates on Windows.
Bug 18297: Use separate Noto JP,KR,SC,TC fonts
Bug 23404: Add Noto Sans Buginese to the macOS whitelist
Bug 23745: Set dom.indexedDB.enabled = true
Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera <ffmancera(a)riseup.net>)
Bug 17252: Enable session identifiers with FPI
Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".
The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)
Bug 14952: Enable http/2 and AltSvc
In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".
Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.
(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)
However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.
"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.
Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites
Enable ReaderView mode again (#27281).
Bug 29916: Make sure enterprise policies are disabled
Bug 2874: Block Components.interfaces from content
Bug 26146: Spoof HTTP User-Agent header for desktop platforms
In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.
Bug 12885: Windows Jump Lists fail for Tor Browser
Jumplist entries are stored in a binary file in:
%APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
[a-f0-9]+.customDestinations-ms
The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.
However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.
The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.
Unfortunately, all windows users currently have this file lurking in
the above mentioned directory and this patch will not remove it since it
was created with an unknown AUMID. However, another patch could be
written which goes to that directory and deletes any item containing the
'Tor Browser' string. See bug 28996.
Bug 31396: Disable indexedDB WebExtension storage backend.
Bug 30845: Make sure default themes and other internal extensions are enabled
Bug 28896: Enable extensions in private browsing by default
Bug 31065: Explicitly allow proxying localhost
Bug 31598: Enable letterboxing
Disable Presentation API everywhere
Bug 21549 - Use Firefox's WASM default pref. It is disabled at safer
security levels.
Bug 32321: Disable Mozilla's MitM pings
Bug 19890: Disable installation of system addons
By setting the URL to "" we make sure that already installed system
addons get deleted as well.
Bug 22548: Firefox downgrades VP9 videos to VP8.
On systems where H.264 is not available or no HWA, VP9 is preferred. But in Tor
Browser 7.0 all youtube videos are degraded to VP8.
This behaviour can be turned off by setting media.benchmark.vp9.threshold to 0.
All clients will get better experience and lower traffic, beause TBB doesn't
use "Use hardware acceleration when available".
Bug 25741 - TBA: Add mobile-override of 000-tor-browser prefs
Bug 16441: Suppress "Reset Tor Browser" prompt.
Bug 29120: Use the in-memory media cache and increase its maximum size.
Bug 33697: use old search config based on list.json
Bug 33855: Ensure that site-specific browser mode is disabled.
Bug 30682: Disable Intermediate CA Preloading.
Bug 40061: Omit the Windows default browser agent from the build
Bug 40140: Videos stop working with Tor Browser 10.0 on Windows
Bug 40308: Disable network partitioning until we evaluate dFPI
Bug 40322: Consider disabling network.connectivity-service.enabled
Bug 40383: Disable dom.enable_event_timing
Bug 40423: Disable http/3
---
.eslintignore | 3 +
browser/app/profile/000-tor-browser.js | 642 ++++++++++++++++++++++++++
browser/app/profile/firefox.js | 6 +-
browser/installer/package-manifest.in | 1 +
browser/moz.build | 1 +
mobile/android/app/000-tor-browser-android.js | 47 ++
mobile/android/app/geckoview-prefs.js | 2 +
mobile/android/app/mobile.js | 4 +
mobile/android/app/moz.build | 1 +
taskcluster/ci/source-test/mozlint.yml | 2 +
10 files changed, 706 insertions(+), 3 deletions(-)
diff --git a/.eslintignore b/.eslintignore
index c551245983a6..f518ff2c6f7b 100644
--- a/.eslintignore
+++ b/.eslintignore
@@ -136,6 +136,9 @@ js/src/Y.js
# Fuzzing code for testing only, targeting the JS shell
js/src/fuzz-tests/
+# uses `#include`
+mobile/android/app/000-tor-browser-android.js
+
# Uses `#filter substitution`
mobile/android/app/mobile.js
mobile/android/app/geckoview-prefs.js
diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
new file mode 100644
index 000000000000..0ae4d896ee7c
--- /dev/null
+++ b/browser/app/profile/000-tor-browser.js
@@ -0,0 +1,642 @@
+# Default Preferences
+# Tor Browser Bundle
+# Do not edit this file.
+
+// Please maintain unit tests at ./tbb-tests/browser_tor_TB4.js
+
+// Disable initial homepage notifications
+pref("browser.search.update", false);
+pref("browser.rights.3.shown", true);
+pref("browser.startup.homepage_override.mstone", "ignore");
+pref("startup.homepage_welcome_url", "");
+pref("startup.homepage_welcome_url.additional", "");
+
+// Set a generic, default URL that will be opened in a tab after an update.
+// Typically, this will not be used; instead, the <update> element within
+// each update manifest should contain attributes similar to:
+// actions="showURL"
+// openURL="https://blog.torproject.org/tor-browser-55a2-released"
+pref("startup.homepage_override_url", "https://blog.torproject.org/category/tags/tor-browser");
+
+// Try to nag a bit more about updates: Pop up a restart dialog an hour after the initial dialog
+pref("app.update.promptWaitTime", 3600);
+
+#ifdef XP_WIN
+// For now, disable staged updates on Windows (see #18292).
+pref("app.update.staging.enabled", false);
+#endif
+
+// Disable "Slow startup" warnings and associated disk history
+// (bug #13346)
+pref("browser.slowStartup.notificationDisabled", true);
+pref("browser.slowStartup.maxSamples", 0);
+pref("browser.slowStartup.samples", 0);
+
+// Disable the "Refresh" prompt that is displayed for stale profiles.
+pref("browser.disableResetPrompt", true);
+
+// Disk activity: Disable Browsing History Storage
+pref("browser.privatebrowsing.autostart", true);
+pref("browser.cache.disk.enable", false);
+pref("browser.cache.offline.enable", false);
+pref("permissions.memory_only", true);
+pref("network.cookie.lifetimePolicy", 2);
+pref("security.nocertdb", true);
+
+// Disk activity: TBB Directory Isolation
+pref("browser.download.useDownloadDir", false);
+pref("browser.shell.checkDefaultBrowser", false);
+pref("browser.download.manager.addToRecentDocs", false);
+
+// Misc privacy: Disk
+pref("signon.rememberSignons", false);
+pref("browser.formfill.enable", false);
+pref("signon.autofillForms", false);
+pref("browser.sessionstore.privacy_level", 2);
+// Use the in-memory media cache and increase its maximum size (#29120)
+pref("browser.privatebrowsing.forceMediaMemoryCache", true);
+pref("media.memory_cache_max_size", 16384);
+// Disable site-specific browsing to avoid sharing site icons with the OS.
+pref("browser.ssb.enabled", false);
+
+// Misc privacy: Remote
+pref("browser.send_pings", false);
+pref("geo.enabled", false);
+pref("geo.provider.network.url", "");
+pref("browser.search.suggest.enabled", false);
+pref("browser.safebrowsing.malware.enabled", false);
+pref("browser.safebrowsing.phishing.enabled", false);
+pref("browser.safebrowsing.downloads.enabled", false);
+pref("browser.safebrowsing.downloads.remote.enabled", false);
+pref("browser.safebrowsing.blockedURIs.enabled", false);
+pref("browser.safebrowsing.downloads.remote.url", "");
+pref("browser.safebrowsing.provider.google.updateURL", "");
+pref("browser.safebrowsing.provider.google.gethashURL", "");
+pref("browser.safebrowsing.provider.google4.updateURL", "");
+pref("browser.safebrowsing.provider.google4.gethashURL", "");
+pref("browser.safebrowsing.provider.mozilla.updateURL", "");
+pref("browser.safebrowsing.provider.mozilla.gethashURL", "");
+pref("extensions.ui.lastCategory", "addons://list/extension");
+pref("datareporting.healthreport.uploadEnabled", false);
+pref("datareporting.policy.dataSubmissionEnabled", false);
+// Make sure Unified Telemetry is really disabled, see: #18738.
+pref("toolkit.telemetry.unified", false);
+pref("toolkit.telemetry.enabled", false);
+#ifdef XP_WIN
+// Defense-in-depth: ensure that the Windows default browser agent will
+// not ping Mozilla if it is somehow present (we omit it at build time).
+pref("default-browser-agent.enabled", false);
+#endif
+pref("identity.fxaccounts.enabled", false); // Disable sync by default
+pref("services.sync.engine.prefs", false); // Never sync prefs, addons, or tabs with other browsers
+pref("services.sync.engine.addons", false);
+pref("services.sync.engine.tabs", false);
+pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
+pref("browser.newtabpage.enabled", false);
+pref("browser.search.region", "US"); // The next two prefs disable GeoIP search lookups (#16254)
+pref("browser.search.geoip.url", "");
+pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups
+// Make sure there is no Tracking Protection active in Tor Browser, see: #17898.
+pref("privacy.trackingprotection.enabled", false);
+pref("privacy.trackingprotection.pbmode.enabled", false);
+pref("privacy.trackingprotection.annotate_channels", false);
+pref("privacy.trackingprotection.cryptomining.enabled", false);
+pref("privacy.trackingprotection.fingerprinting.enabled", false);
+pref("privacy.trackingprotection.socialtracking.enabled", false);
+pref("privacy.socialtracking.block_cookies.enabled", false);
+pref("privacy.annotate_channels.strict_list.enabled", false);
+
+// Disable the Pocket extension (Bug #18886 and #31602)
+pref("extensions.pocket.enabled", false);
+pref("network.http.referer.hideOnionSource", true);
+
+// Disable use of WiFi location information
+pref("browser.region.network.scan", false);
+pref("browser.region.network.url", "");
+
+// Don't load Mozilla domains in a separate tab process
+pref("browser.tabs.remote.separatedMozillaDomains", "");
+
+// Avoid DNS lookups on search terms
+pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
+
+// Disable about:newtab and "first run" experiments
+pref("messaging-system.rsexperimentloader.enabled", false);
+pref("trailhead.firstrun.branches", "");
+
+// Clear the list of trusted recursive resolver services
+pref("network.trr.resolvers", "");
+
+// Disable the /etc/hosts parser
+pref("network.trr.exclude-etc-hosts", false);
+
+// Disable crlite
+pref("security.pki.crlite_mode", 0);
+
+// Disable website password breach alerts
+pref("signon.management.page.breach-alerts.enabled", false);
+pref("extensions.fxmonitor.enabled", false);
+
+// Remove mobile app tracking URLs
+pref("signon.management.page.mobileAndroidURL", "");
+pref("signon.management.page.mobileAppleURL", "");
+
+// Disable ServiceWorkers and push notifications by default
+pref("dom.serviceWorkers.enabled", false);
+pref("dom.push.enabled", false);
+
+// Fingerprinting
+pref("webgl.disable-extensions", true);
+pref("webgl.disable-fail-if-major-performance-caveat", true);
+pref("webgl.enable-webgl2", false);
+pref("gfx.downloadable_fonts.fallback_delay", -1);
+pref("browser.startup.homepage_override.buildID", "20100101");
+pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups)
+// Set video VP9 to 0 for everyone (bug 22548)
+pref("media.benchmark.vp9.threshold", 0);
+pref("dom.enable_resource_timing", false); // Bug 13024: To hell with this API
+pref("privacy.resistFingerprinting", true);
+pref("privacy.resistFingerprinting.block_mozAddonManager", true); // Bug 26114
+pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API
+pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API
+pref("dom.w3c_pointer_events.enabled", false);
+pref("dom.vr.enabled", false); // Bug 21607: Disable WebVR for now
+// Disable randomised Firefox HTTP cache decay user test groups (Bug: 13575)
+pref("security.webauth.webauthn", false); // Bug 26614: Disable Web Authentication API for now
+// Disable intermediate preloading (Bug 30682)
+pref("security.remote_settings.intermediates.enabled", false);
+// Bug 2874: Block Components.interfaces from content
+pref("dom.use_components_shim", false);
+// Enable letterboxing
+pref("privacy.resistFingerprinting.letterboxing", true);
+// Disable network information API everywhere. It gets spoofed in bug 1372072
+// but, alas, the behavior is inconsistent across platforms, see:
+// https://trac.torproject.org/projects/tor/ticket/27268#comment:19. We should
+// not leak that difference if possible.
+pref("dom.netinfo.enabled", false);
+pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status
+pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
+// Bug 40383: Disable new PerformanceEventTiming
+pref("dom.enable_event_timing", false);
+
+// Third party stuff
+pref("privacy.firstparty.isolate", true); // Always enforce first party isolation
+pref("privacy.partition.network_state", false); // Disable for now until audit
+pref("network.cookie.cookieBehavior", 1);
+pref("network.http.spdy.allow-push", false); // Disabled for now. See https://bugs.torproject.org/27127
+pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633
+
+// Proxy and proxy security
+pref("network.proxy.socks", "127.0.0.1");
+pref("network.proxy.socks_port", 9150);
+pref("network.proxy.socks_remote_dns", true);
+pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
+pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
+pref("network.proxy.type", 1);
+pref("network.security.ports.banned", "9050,9051,9150,9151");
+pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks
+pref("network.dns.disablePrefetch", true);
+pref("network.protocol-handler.external-default", false);
+pref("network.protocol-handler.external.mailto", false);
+pref("network.protocol-handler.external.news", false);
+pref("network.protocol-handler.external.nntp", false);
+pref("network.protocol-handler.external.snews", false);
+pref("network.protocol-handler.warn-external.mailto", true);
+pref("network.protocol-handler.warn-external.news", true);
+pref("network.protocol-handler.warn-external.nntp", true);
+pref("network.protocol-handler.warn-external.snews", true);
+// Make sure we don't have any GIO supported protocols (defense in depth
+// measure)
+pref("network.gio.supported-protocols", "");
+pref("plugin.disable", true); // Disable to search plugins on first start
+pref("plugin.state.flash", 0); // Disable for defense-in-depth
+pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
+// Disables media devices but only if `media.peerconnection.enabled` is set to
+// `false` as well. (see bug 16328 for this defense-in-depth measure)
+pref("media.navigator.enabled", false);
+// GMPs: We make sure they don't show up on the Add-on panel and confuse users.
+// And the external update/donwload server must not get pinged. We apply a
+// clever solution for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769716.
+pref("media.gmp-provider.enabled", false);
+pref("media.gmp-manager.url.override", "data:text/plain,");
+// Since ESR52 it is not enough anymore to block pinging the GMP update/download
+// server. There is a local fallback that must be blocked now as well. See:
+// https://bugzilla.mozilla.org/show_bug.cgi?id=1267495.
+pref("media.gmp-manager.updateEnabled", false);
+// Mozilla is relying on preferences to make sure no DRM blob is downloaded and
+// run. Even though those prefs should be set correctly by specifying
+// --disable-eme (which we do), we disable all of them here as well for defense
+// in depth (see bug 16285 for more details).
+pref("browser.eme.ui.enabled", false);
+pref("media.gmp-widevinecdm.visible", false);
+pref("media.gmp-widevinecdm.enabled", false);
+pref("media.eme.enabled", false);
+pref("media.mediadrm-widevinecdm.visible", false);
+// WebIDE can bypass proxy settings for remote debugging. It also downloads
+// some additional addons that we have not reviewed. Turn all that off.
+pref("devtools.webide.autoinstallADBExtension", false);
+pref("devtools.webide.enabled", false);
+// The in-browser debugger for debugging chrome code is not coping with our
+// restrictive DNS look-up policy. We use "127.0.0.1" instead of "localhost" as
+// a workaround. See bug 16523 for more details.
+pref("devtools.debugger.chrome-debugging-host", "127.0.0.1");
+// Disable using UNC paths (bug 26424 and Mozilla's bug 1413868)
+pref("network.file.disable_unc_paths", true);
+// Enhance our treatment of file:// to avoid proxy bypasses (see Mozilla's bug
+// 1412081)
+pref("network.file.path_blacklist", "/net");
+// Make sure no enterprise policy can interfere with our proxy settings, see
+// #29916.
+pref("browser.policies.testing.disallowEnterprise", true);
+
+// Security slider
+pref("svg.in-content.enabled", true);
+pref("mathml.disabled", false);
+
+// Network and performance
+pref("security.ssl.enable_false_start", true);
+pref("network.http.connection-retry-timeout", 0);
+pref("network.http.max-persistent-connections-per-proxy", 256);
+pref("network.manage-offline-status", false);
+// No need to leak things to Mozilla, see bug 21790 and tor-browser#40322
+pref("network.captive-portal-service.enabled", false);
+pref("network.connectivity-service.enabled", false);
+// As a "defense in depth" measure, configure an empty push server URL (the
+// DOM Push features are disabled by default via other prefs).
+pref("dom.push.serverURL", "");
+// Bug 40423: Disable http/3
+pref("network.http.http3.enabled", false);
+
+// Extension support
+pref("extensions.autoDisableScopes", 0);
+pref("extensions.bootstrappedAddons", "{}");
+pref("extensions.checkCompatibility.4.*", false);
+pref("extensions.databaseSchema", 3);
+pref("extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5");
+pref("extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8");
+pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4
+pref("extensions.pendingOperations", false);
+pref("xpinstall.whitelist.add", "");
+pref("xpinstall.whitelist.add.36", "");
+// We don't know what extensions Mozilla is advertising to our users and we
+// don't want to have some random Google Analytics script running either on the
+// about:addons page, see bug 22073, 22900 and 31601.
+pref("extensions.getAddons.showPane", false);
+pref("extensions.htmlaboutaddons.recommendations.enabled", false);
+// Show our legacy extensions directly on about:addons and get rid of the
+// warning for the default theme.
+pref("extensions.legacy.exceptions", "{972ce4c6-7e08-4474-a285-3208198ce6fd},torbutton(a)torproject.org");
+// Bug 26114: Allow NoScript to access addons.mozilla.org etc.
+pref("extensions.webextensions.restrictedDomains", "");
+// Bug 31396: Disable indexedDB WebExtension storage backend.
+pref("extensions.webextensions.ExtensionStorageIDB.enabled", false);
+// Bug 28896: Make sure our bundled WebExtensions are running in Private Browsing Mode
+pref("extensions.allowPrivateBrowsingByDefault", true);
+
+// Toolbar layout
+pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"https-everywhere-eff_eff_org-browser-action\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount
\":1}");
+
+// Enforce certificate pinning, see: https://bugs.torproject.org/16206
+pref("security.cert_pinning.enforcement_level", 2);
+
+// Don't allow MitM via Microsoft Family Safety, see bug 21686
+pref("security.family_safety.mode", 0);
+
+// Don't allow MitM via enterprise roots, see bug 30681
+pref("security.enterprise_roots.enabled", false);
+
+// Don't ping Mozilla for MitM detection, see bug 32321
+pref("security.certerrors.mitm.priming.enabled", false);
+
+// Disable the language pack signing check for now on macOS, see #31942
+#ifdef XP_MACOSX
+pref("extensions.langpacks.signatures.required", false);
+#endif
+
+// Avoid report TLS errors to Mozilla. We might want to repurpose this feature
+// one day to help detecting bad relays (which is bug 19119). For now we just
+// hide the checkbox, see bug 22072.
+pref("security.ssl.errorReporting.enabled", false);
+
+// Workaround for https://bugs.torproject.org/13579. Progress on
+// `about:downloads` is only shown if the following preference is set to `true`
+// in case the download panel got removed from the toolbar.
+pref("browser.download.panel.shown", true);
+
+// Treat .onions as secure
+pref("dom.securecontext.whitelist_onions", true);
+
+// Disable special URL bar behaviors
+pref("browser.urlbar.suggest.topsites", false);
+pref("browser.urlbar.update1.interventions", false);
+pref("browser.urlbar.update1.searchTips", false);
+
+// Skip checking omni.ja and other files for corruption since the result
+// is only reported via telemetry (which is disabled).
+pref("corroborator.enabled", false);
+
+// Having the RDD Opus option enabled on Windows breaks videos for us.
+// See: https://bugzilla.mozilla.org/show_bug.cgi?id=1667360 and
+// tor-browser#40140.
+#ifdef XP_WIN
+pref("media.rdd-opus.enabled", false);
+#endif
+
+// prefs to disable jump-list entries in the taskbar on Windows (see bug #12885)
+#ifdef XP_WIN
+// this pref changes the app's set AUMID to be dependent on the profile path, rather than
+// attempting to read it from the registry; this is necessary so that the file generated
+// by the jumplist system can be properly deleted if it is disabled
+pref("taskbar.grouping.useprofile", true);
+pref("browser.taskbar.lists.enabled", false);
+pref("browser.taskbar.lists.frequent.enabled", false);
+pref("browser.taskbar.lists.tasks.enabled", false);
+pref("browser.taskbar.lists.recent.enabled", false);
+#endif
+
+// Disable Presentation API
+pref("dom.presentation.controller.enabled", false);
+pref("dom.presentation.enabled", false);
+pref("dom.presentation.discoverable", false);
+pref("dom.presentation.discoverable.encrypted", false);
+pref("dom.presentation.discovery.enabled", false);
+pref("dom.presentation.receiver.enabled", false);
+
+pref("dom.audiochannel.audioCompeting", false);
+pref("dom.audiochannel.mediaControl", false);
+
+#expand pref("torbrowser.version", __TOR_BROWSER_VERSION_QUOTED__);
+
+// Old torbutton prefs
+
+// debug prefs
+pref("extensions.torbutton.loglevel",4);
+pref("extensions.torbutton.logmethod",1); // 0=stdout, 1=errorconsole, 2=debuglog
+
+// Display prefs
+pref("extensions.torbutton.display_circuit", true);
+pref("extensions.torbutton(a)torproject.org.description", "chrome://torbutton/locale/torbutton.properties");
+pref("extensions.torbutton.updateNeeded", false);
+
+// Tor check and proxy prefs
+pref("extensions.torbutton.test_enabled",true);
+pref("extensions.torbutton.test_url","https://check.torproject.org/?TorButton=true");
+pref("extensions.torbutton.local_tor_check",true);
+pref("extensions.torbutton.versioncheck_url","https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions");
+pref("extensions.torbutton.versioncheck_enabled",true);
+pref("extensions.torbutton.use_nontor_proxy",false);
+
+// State prefs:
+pref("extensions.torbutton.startup",false);
+pref("extensions.torbutton.inserted_button",false);
+pref("extensions.torbutton.inserted_security_level",false);
+
+// This is only used when letterboxing is disabled.
+// See #7255 for details. We display the warning three times to make sure the
+// user did not click on it by accident.
+pref("extensions.torbutton.maximize_warnings_remaining", 3);
+
+// Security prefs:
+pref("extensions.torbutton.clear_http_auth",true);
+pref("extensions.torbutton.close_newnym",true);
+pref("extensions.torbutton.resize_new_windows",false);
+pref("extensions.torbutton.startup_state", 2); // 0=non-tor, 1=tor, 2=last
+pref("extensions.torbutton.tor_memory_jar",false);
+pref("extensions.torbutton.nontor_memory_jar",false);
+pref("extensions.torbutton.launch_warning",true);
+
+// Opt out of Firefox addon pings:
+// https://developer.mozilla.org/en/Addons/Working_with_AMO
+pref("extensions.torbutton(a)torproject.org.getAddons.cache.enabled", false);
+
+// Security Slider
+pref("extensions.torbutton.security_slider", 4);
+pref("extensions.torbutton.security_custom", false);
+
+pref("extensions.torbutton.confirm_plugins", true);
+pref("extensions.torbutton.confirm_newnym", true);
+
+pref("extensions.torbutton.noscript_inited", false);
+pref("extensions.torbutton.noscript_persist", false);
+
+// Browser home page:
+pref("browser.startup.homepage", "about:tor");
+
+// This pref specifies an ad-hoc "version" for various pref update hacks we need to do
+pref("extensions.torbutton.pref_fixup_version", 0);
+
+// If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection.
+
+#ifdef MOZ_BUNDLED_FONTS
+
+#ifdef XP_MACOSX
+pref("font.system.whitelist", "AppleGothic, Apple Color Emoji, Arial, Courier, Geneva, Georgia, Heiti TC, Helvetica, Helvetica Neue, .Helvetica Neue DeskInterface, Hiragino Kaku Gothic ProN, Lucida Grande, Monaco, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi, STHeiti, STIX Math, Tahoma, Thonburi, Times, Times New Roman, Verdana");
+pref("font.name-list.cursive.x-unicode", "Apple Chancery, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
+pref("font.name-list.fantasy.x-unicode", "Papyrus, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
+pref("font.name-list.monospace.x-unicode", "Courier, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
+pref("font.name-list.sans-serif.x-unicode", "Helvetica, Tahoma, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
+pref("font.name-list.serif.x-unicode", "Times, Arial, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Tibetan, Noto Sans Yi");
+pref("font.name.cursive.ar", "Arial");
+pref("font.name.fantasy.ar", "Arial");
+pref("font.name.monospace.ar", "Arial");
+pref("font.name.sans-serif.ar", "Arial");
+#endif
+
+#ifdef XP_WIN
+pref("font.system.whitelist", "Arial, Batang, 바탕, Cambria Math, Courier New, Euphemia, Gautami, Georgia, Gulim, 굴림, GulimChe, 굴림체, Iskoola Pota, Kalinga, Kartika, Latha, Lucida Console, MS Gothic, MS ゴシック, MS Mincho, MS 明朝, MS PGothic, MS Pゴシック, MS PMincho, MS P明朝, MV Boli, Malgun Gothic, Mangal, Meiryo, Meiryo UI, Microsoft Himalaya, Microsoft JhengHei, Microsoft JhengHei UI, Microsoft YaHei, 微软雅黑, Microsoft YaHei UI, MingLiU, 細明體, Noto Sans Buginese, Noto Sans Khmer, Noto Sans Lao, Noto Sans Myanmar, Noto Sans Yi, Nyala, PMingLiU, 新細明體, Plantagenet Cherokee, Raavi, Segoe UI, Shruti, SimSun, 宋体, Sylfaen, Tahoma, Times New Roman, Tunga, Verdana, Vrinda, Yu Gothic UI");
+#endif
+
+#ifdef XP_LINUX
+pref("font.default.lo", "Noto Sans Lao");
+pref("font.default.my", "Noto Sans Myanmar");
+pref("font.default.x-western", "sans-serif");
+pref("font.name-list.cursive.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.cursive.he", "Noto Sans Hebrew, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.cursive.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.cursive.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.cursive.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.el", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.he", "Noto Sans Hebrew, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.fantasy.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.ar", "Noto Naskh Arabic, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.el", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.he", "Noto Sans Hebrew, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.ja", "Noto Sans JP Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.ko", "Noto Sans KR Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.th", "Noto Sans Thai, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-armn", "Noto Sans Armenian, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-beng", "Noto Sans Bengali, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-cyrillic", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-devanagari", "Noto Sans Devanagari, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-ethi", "Noto Sans Ethiopic, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-geor", "Noto Sans Georgian, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-gujr", "Noto Sans Gujarati, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-guru", "Noto Sans Gurmukhi, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-khmr", "Noto Sans Khmer, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-knda", "Noto Sans Kannada, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-mlym", "Noto Sans Malayalam, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-orya", "Noto Sans Oriya, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-sinh", "Noto Sans Sinhala, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-tamil", "Noto Sans Tamil, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-telu", "Noto Sans Telugu, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-tibt", "Noto Sans Tibetan, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-unicode", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.x-western", "Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.zh-CN", "Noto Sans SC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.zh-HK", "Noto Sans TC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.monospace.zh-TW", "Noto Sans TC Regular, Cousine, Courier, Courier New, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.ar", "Noto Naskh Arabic, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.el", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.he", "Noto Sans Hebrew, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.ja", "Noto Sans JP Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.ko", "Noto Sans KR Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.th", "Noto Sans Thai, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-armn", "Noto Sans Armenian, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-beng", "Noto Sans Bengali, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-cyrillic", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-devanagari", "Noto Sans Devanagari, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-ethi", "Noto Sans Ethiopic, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-geor", "Noto Sans Georgian, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-gujr", "Noto Sans Gujarati, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-guru", "Noto Sans Gurmukhi, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-khmr", "Noto Sans Khmer, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-knda", "Noto Sans Kannada, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-mlym", "Noto Sans Malayalam, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-orya", "Noto Sans Oriya, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-sinh", "Noto Sans Sinhala, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-tamil", "Noto Sans Tamil, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-telu", "Noto Sans Telugu, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-tibt", "Noto Sans Tibetan, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-unicode", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.x-western", "Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.zh-CN", "Noto Sans SC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.zh-HK", "Noto Sans TC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.sans-serif.zh-TW", "Noto Sans TC Regular, Arimo, Arial, Verdana, Noto Naskh Arabic, Noto Sans Armenian, Noto Sans Bengali, Noto Sans Buginese, Noto Sans JP Regular, Noto Sans KR Regular, Noto Sans SC Regular, Noto Sans TC Regular, Noto Sans Canadian Aboriginal, Noto Sans Cherokee, Noto Sans Devanagari, Noto Sans Ethiopic, Noto Sans Georgian, Noto Sans Gujarati, Noto Sans Gurmukhi, Noto Sans Hebrew, Noto Sans Kannada, Noto Sans Khmer, Noto Sans Lao, Noto Sans Malayalam, Noto Sans Mongolian, Noto Sans Myanmar, Noto Sans Oriya, Noto Sans Sinhala, Noto Sans Tamil, Noto Sans Telugu, Noto Sans Thaana, Noto Sans Thai, Noto Sans Tibetan, Noto Sans Yi, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.ar", "Noto Naskh Arabic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.el", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.he", "Tinos, Georgia, Noto Sans Hebrew, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.ja", "Noto Sans JP Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.ko", "Noto Sans KR Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.th", "Noto Serif Thai, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-armn", "Noto Serif Armenian, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-beng", "Noto Sans Bengali, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-cyrillic", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-devanagari", "Noto Sans Devanagari, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-ethi", "Noto Sans Ethiopic, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-geor", "Noto Sans Georgian, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-gujr", "Noto Sans Gujarati, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-guru", "Noto Sans Gurmukhi, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-khmr", "Noto Serif Khmer, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-knda", "Noto Sans Kannada, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-mlym", "Noto Sans Malayalam, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-orya", "Noto Sans Oriya, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-sinh", "Noto Sans Sinhala, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-tamil", "Noto Sans Tamil, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-telu", "Noto Sans Telugu, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-tibt", "Noto Sans Tibetan, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-unicode", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.x-western", "Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.zh-CN", "Noto Sans SC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.zh-HK", "Noto Sans TC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name-list.serif.zh-TW", "Noto Sans TC Regular, Tinos, Georgia, Noto Serif Armenian, Noto Serif Khmer, Noto Serif Lao, Noto Serif Thai");
+pref("font.name.cursive.ar", "Noto Naskh Arabic");
+pref("font.name.cursive.el", "Tinos, Georgia");
+pref("font.name.cursive.he", "Noto Sans Hebrew");
+pref("font.name.cursive.x-cyrillic", "Tinos, Georgia");
+pref("font.name.cursive.x-unicode", "Tinos, Georgia");
+pref("font.name.cursive.x-western", "Tinos, Georgia");
+pref("font.name.fantasy.ar", "Noto Naskh Arabic");
+pref("font.name.fantasy.el", "Tinos, Georgia");
+pref("font.name.fantasy.he", "Noto Sans Hebrew");
+pref("font.name.fantasy.x-cyrillic", "Tinos, Georgia");
+pref("font.name.fantasy.x-unicode", "Tinos, Georgia");
+pref("font.name.fantasy.x-western", "Tinos, Georgia");
+pref("font.name.monospace.ar", "Noto Naskh Arabic");
+pref("font.name.monospace.el", "Tinos, Georgia");
+pref("font.name.monospace.he", "Noto Sans Hebrew");
+pref("font.name.monospace.ja", "Noto Sans JP Regular");
+pref("font.name.monospace.ko", "Noto Sans KR Regular");
+pref("font.name.monospace.my", "Noto Sans Myanmar");
+pref("font.name.monospace.th", "Noto Sans Thai");
+pref("font.name.monospace.x-armn", "Noto Sans Armenian");
+pref("font.name.monospace.x-beng", "Noto Sans Bengali");
+pref("font.name.monospace.x-cyrillic", "Cousine, Courier, Courier New");
+pref("font.name.monospace.x-devanagari", "Noto Sans Devanagari");
+pref("font.name.monospace.x-ethi", "Noto Sans Ethiopic");
+pref("font.name.monospace.x-geor", "Noto Sans Georgian");
+pref("font.name.monospace.x-gujr", "Noto Sans Gujarati");
+pref("font.name.monospace.x-guru", "Noto Sans Gurmukhi");
+pref("font.name.monospace.x-khmr", "Noto Sans Khmer");
+pref("font.name.monospace.x-knda", "Noto Sans Kannada");
+pref("font.name.monospace.x-mlym", "Noto Sans Malayalam");
+pref("font.name.monospace.x-orya", "Noto Sans Oriya");
+pref("font.name.monospace.x-sinh", "Noto Sans Sinhala");
+pref("font.name.monospace.x-tamil", "Noto Sans Tamil");
+pref("font.name.monospace.x-telu", "Noto Sans Telugu");
+pref("font.name.monospace.x-tibt", "Noto Sans Tibetan");
+pref("font.name.monospace.x-unicode", "Cousine, Courier, Courier New");
+pref("font.name.monospace.x-western", "Cousine, Courier, Courier New");
+pref("font.name.monospace.zh-CN", "Noto Sans SC Regular");
+pref("font.name.monospace.zh-HK", "Noto Sans TC Regular");
+pref("font.name.monospace.zh-TW", "Noto Sans TC Regular");
+pref("font.name.sans-serif.ar", "Noto Naskh Arabic");
+pref("font.name.sans-serif.el", "Arimo, Arial, Verdana");
+pref("font.name.sans-serif.he", "Noto Sans Hebrew");
+pref("font.name.sans-serif.ja", "Noto Sans JP Regular");
+pref("font.name.sans-serif.ko", "Noto Sans KR Regular");
+pref("font.name.sans-serif.th", "Noto Sans Thai");
+pref("font.name.sans-serif.x-armn", "Noto Sans Armenian");
+pref("font.name.sans-serif.x-beng", "Noto Sans Bengali");
+pref("font.name.sans-serif.x-cyrillic", "Arimo, Arial, Verdana");
+pref("font.name.sans-serif.x-devanagari", "Noto Sans Devanagari");
+pref("font.name.sans-serif.x-ethi", "Noto Sans Ethiopic");
+pref("font.name.sans-serif.x-geor", "Noto Sans Georgian");
+pref("font.name.sans-serif.x-gujr", "Noto Sans Gujarati");
+pref("font.name.sans-serif.x-guru", "Noto Sans Gurmukhi");
+pref("font.name.sans-serif.x-khmr", "Noto Sans Khmer");
+pref("font.name.sans-serif.x-knda", "Noto Sans Kannada");
+pref("font.name.sans-serif.x-mlym", "Noto Sans Malayalam");
+pref("font.name.sans-serif.x-orya", "Noto Sans Oriya");
+pref("font.name.sans-serif.x-sinh", "Noto Sans Sinhala");
+pref("font.name.sans-serif.x-tamil", "Noto Sans Tamil");
+pref("font.name.sans-serif.x-telu", "Noto Sans Telugu");
+pref("font.name.sans-serif.x-tibt", "Noto Sans Tibetan");
+pref("font.name.sans-serif.x-unicode", "Arimo, Arial, Verdana");
+pref("font.name.sans-serif.x-western", "Arimo, Arial, Verdana");
+pref("font.name.sans-serif.zh-CN", "Noto Sans SC Regular");
+pref("font.name.sans-serif.zh-HK", "Noto Sans TC Regular");
+pref("font.name.sans-serif.zh-TW", "Noto Sans TC Regular");
+pref("font.name.sans.my", "Noto Sans Myanmar");
+pref("font.name.serif.ar", "Noto Naskh Arabic");
+pref("font.name.serif.el", "Tinos, Georgia");
+pref("font.name.serif.he", "Noto Sans Hebrew");
+pref("font.name.serif.ja", "Noto Sans JP Regular");
+pref("font.name.serif.ko", "Noto Sans KR Regular");
+pref("font.name.serif.my", "Noto Sans Myanmar");
+pref("font.name.serif.th", "Noto Serif Thai");
+pref("font.name.serif.x-armn", "Noto Serif Armenian");
+pref("font.name.serif.x-beng", "Noto Sans Bengali");
+pref("font.name.serif.x-cyrillic", "Tinos, Georgia");
+pref("font.name.serif.x-devanagari", "Noto Sans Devanagari");
+pref("font.name.serif.x-ethi", "Noto Sans Ethiopic");
+pref("font.name.serif.x-geor", "Noto Sans Georgian");
+pref("font.name.serif.x-gujr", "Noto Sans Gujarati");
+pref("font.name.serif.x-guru", "Noto Sans Gurmukhi");
+pref("font.name.serif.x-khmr", "Noto Serif Khmer");
+pref("font.name.serif.x-knda", "Noto Sans Kannada");
+pref("font.name.serif.x-mlym", "Noto Sans Malayalam");
+pref("font.name.serif.x-orya", "Noto Sans Oriya");
+pref("font.name.serif.x-sinh", "Noto Sans Sinhala");
+pref("font.name.serif.x-tamil", "Noto Sans Tamil");
+pref("font.name.serif.x-telu", "Noto Sans Telugu");
+pref("font.name.serif.x-tibt", "Noto Sans Tibetan");
+pref("font.name.serif.x-unicode", "Tinos, Georgia");
+pref("font.name.serif.x-western", "Tinos, Georgia");
+pref("font.name.serif.zh-CN", "Noto Sans SC Regular");
+pref("font.name.serif.zh-HK", "Noto Sans TC Regular");
+pref("font.name.serif.zh-TW", "Noto Sans TC Regular");
+#endif
+#endif
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index fba09ecef718..8ace92e9bf07 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -51,9 +51,9 @@ pref("extensions.recommendations.themeRecommendationUrl", "https://color.firefox
pref("extensions.update.autoUpdateDefault", true);
-// Check AUS for system add-on updates.
-pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_…");
-pref("extensions.systemAddon.update.enabled", true);
+// No AUS check for system add-on updates for Tor Browser users.
+pref("extensions.systemAddon.update.url", "");
+pref("extensions.systemAddon.update.enabled", false);
// Disable add-ons that are not installed by the user in all scopes by default.
// See the SCOPE constants in AddonManager.jsm for values to use here.
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
index 7bb8dbfbfc61..deed2c129139 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -284,6 +284,7 @@
@RESPATH@/browser/defaults/settings/pinning
@RESPATH@/browser/defaults/settings/main
@RESPATH@/browser/defaults/settings/security-state
+@RESPATH@/browser/@PREF_DIR@/000-tor-browser.js
; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325)
; Technically this is an app pref file, but we are keeping it in the original
diff --git a/browser/moz.build b/browser/moz.build
index 7b5566ac5de7..d72932988fac 100644
--- a/browser/moz.build
+++ b/browser/moz.build
@@ -56,6 +56,7 @@ if CONFIG["MOZ_UPDATE_AGENT"]:
# These files are specified in this moz.build to pick up DIST_SUBDIR as set in
# this directory, which is un-set in browser/app.
JS_PREFERENCE_PP_FILES += [
+ "app/profile/000-tor-browser.js",
"app/profile/firefox.js",
]
FINAL_TARGET_FILES.defaults += ["app/permissions"]
diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js
new file mode 100644
index 000000000000..61c8a0cd7fa1
--- /dev/null
+++ b/mobile/android/app/000-tor-browser-android.js
@@ -0,0 +1,47 @@
+// Import all prefs from the canonical file
+// We override mobile-specific prefs below
+// Tor Browser for Android
+// Do not edit this file.
+
+#include ../../../browser/app/profile/000-tor-browser.js
+
+// Space separated list of URLs that are allowed to send objects (instead of
+// only strings) through webchannels. This list is duplicated in browser/app/profile/firefox.js
+pref("webchannel.allowObject.urlWhitelist", "");
+
+// Disable browser auto updaters
+pref("app.update.auto", false);
+pref("browser.startup.homepage_override.mstone", "ignore");
+
+// Clear data on quit
+pref("privacy.clearOnShutdown.cache", true);
+pref("privacy.clearOnShutdown.cookies",true);
+pref("privacy.clearOnShutdown.downloads",true);
+pref("privacy.clearOnShutdown.formdata",true);
+pref("privacy.clearOnShutdown.history",true);
+pref("privacy.clearOnShutdown.offlineApps",true);
+pref("privacy.clearOnShutdown.passwords",true);
+pref("privacy.clearOnShutdown.sessions",true);
+pref("privacy.clearOnShutdown.siteSettings",true);
+
+// controls if we want camera support
+pref("media.realtime_decoder.enabled", false);
+
+// Enable touch events on Android (highlighting text, etc)
+pref("dom.w3c_touch_events.enabled", 2);
+
+// Ensure that pointer events are disabled
+pref("dom.w3c_pointer_events.multiprocess.android.enabled", false);
+
+// No HLS support for now due to browser freezing, see: #29859.
+pref("media.hls.enabled", false);
+
+// Inherit locale from the OS, used for multi-locale builds
+pref("intl.locale.requested", "");
+
+// Disable WebAuthn. It requires Google Play Services, so it isn't
+// available, but avoid any potential problems.
+pref("security.webauth.webauthn_enable_android_fido2", false);
+
+// Disable the External App Blocker on Android
+pref("extensions.torbutton.launch_warning", false);
diff --git a/mobile/android/app/geckoview-prefs.js b/mobile/android/app/geckoview-prefs.js
index d16b3e75169e..b6035bdc40f3 100644
--- a/mobile/android/app/geckoview-prefs.js
+++ b/mobile/android/app/geckoview-prefs.js
@@ -98,3 +98,5 @@ pref("extensions.formautofill.addresses.capture.enabled", true);
// Debug prefs.
pref("browser.formfill.debug", false);
pref("extensions.formautofill.loglevel", "Warn");
+
+#include 000-tor-browser-android.js
diff --git a/mobile/android/app/mobile.js b/mobile/android/app/mobile.js
index 3d0b2e8c020f..a1703b759405 100644
--- a/mobile/android/app/mobile.js
+++ b/mobile/android/app/mobile.js
@@ -365,7 +365,11 @@ pref("app.update.timerMinimumDelay", 30); // seconds
// used by update service to decide whether or not to
// automatically download an update
pref("app.update.autodownload", "wifi");
+#ifdef TOR_BROWSER_VERSION
+pref("app.update.url.android", "");
+#else
pref("app.update.url.android", "https://aus5.mozilla.org/update/4/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TAR…");
+#endif
#ifdef MOZ_UPDATER
/* prefs used specifically for updating the app */
diff --git a/mobile/android/app/moz.build b/mobile/android/app/moz.build
index 21fa8617c5ff..4686e3df08b8 100644
--- a/mobile/android/app/moz.build
+++ b/mobile/android/app/moz.build
@@ -17,6 +17,7 @@ if CONFIG["MOZ_PKG_SPECIAL"]:
DEFINES["MOZ_PKG_SPECIAL"] = CONFIG["MOZ_PKG_SPECIAL"]
JS_PREFERENCE_PP_FILES += [
+ "000-tor-browser-android.js",
"mobile.js",
]
diff --git a/taskcluster/ci/source-test/mozlint.yml b/taskcluster/ci/source-test/mozlint.yml
index 59cceb4900bb..464295aba286 100644
--- a/taskcluster/ci/source-test/mozlint.yml
+++ b/taskcluster/ci/source-test/mozlint.yml
@@ -163,7 +163,9 @@ lintpref:
files-changed:
- 'modules/libpref/init/all.js'
- 'modules/libpref/init/StaticPrefList.yaml'
+ - 'browser/app/profile/000-tor-browser.js'
- 'browser/app/profile/firefox.js'
+ - 'mobile/android/app/000-tor-browser-android.js'
- 'mobile/android/app/mobile.js'
- 'devtools/client/preferences/debugger.js'
- 'mobile/android/app/geckoview-prefs.js'
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 40069: Add helpers for message passing with extensions
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 722244fc0018eb4051025d3c123c174fb5afe650
Author: Alex Catarineu <acat(a)torproject.org>
Date: Sun Aug 2 19:12:25 2020 +0200
Bug 40069: Add helpers for message passing with extensions
---
toolkit/components/extensions/ExtensionParent.jsm | 47 +++++++++++++++++++++++
1 file changed, 47 insertions(+)
diff --git a/toolkit/components/extensions/ExtensionParent.jsm b/toolkit/components/extensions/ExtensionParent.jsm
index 39ce6d608b86..32d264ed6a4f 100644
--- a/toolkit/components/extensions/ExtensionParent.jsm
+++ b/toolkit/components/extensions/ExtensionParent.jsm
@@ -263,6 +263,8 @@ const ProxyMessenger = {
/** @type Map<number, ParentPort> */
ports: new Map(),
+ _torRuntimeMessageListeners: [],
+
init() {
this.conduit = new BroadcastConduit(ProxyMessenger, {
id: "ProxyMessenger",
@@ -328,6 +330,10 @@ const ProxyMessenger = {
},
async recvRuntimeMessage(arg, { sender }) {
+ // We need to listen to some extension messages in Tor Browser
+ for (const listener of this._torRuntimeMessageListeners) {
+ listener(arg);
+ }
arg.firstResponse = true;
let kind = await this.normalizeArgs(arg, sender);
let result = await this.conduit.castRuntimeMessage(kind, arg);
@@ -1881,6 +1887,45 @@ for (let name of StartupCache.STORE_NAMES) {
StartupCache[name] = new CacheStore(name);
}
+async function torSendExtensionMessage(extensionId, message) {
+ // This should broadcast the message to all children "conduits"
+ // listening for a "RuntimeMessage". Those children conduits
+ // will either be extension background pages or other extension
+ // pages listening to browser.runtime.onMessage.
+ const result = await ProxyMessenger.conduit.castRuntimeMessage("messenger", {
+ extensionId,
+ holder: new StructuredCloneHolder(message),
+ firstResponse: true,
+ sender: {
+ id: extensionId,
+ envType: "addon_child",
+ },
+ });
+ return result
+ ? result.value
+ : Promise.reject({ message: ERROR_NO_RECEIVERS });
+}
+
+async function torWaitForExtensionMessage(extensionId, checker) {
+ return new Promise(resolve => {
+ const msgListener = msg => {
+ try {
+ if (msg && msg.extensionId === extensionId) {
+ const deserialized = msg.holder.deserialize({});
+ if (checker(deserialized)) {
+ const idx = ProxyMessenger._torRuntimeMessageListeners.indexOf(
+ msgListener
+ );
+ ProxyMessenger._torRuntimeMessageListeners.splice(idx, 1);
+ resolve(deserialized);
+ }
+ }
+ } catch (e) {}
+ };
+ ProxyMessenger._torRuntimeMessageListeners.push(msgListener);
+ });
+}
+
var ExtensionParent = {
GlobalManager,
HiddenExtensionPage,
@@ -1892,6 +1937,8 @@ var ExtensionParent = {
promiseExtensionViewLoaded,
watchExtensionProxyContextLoad,
DebugUtils,
+ torSendExtensionMessage,
+ torWaitForExtensionMessage,
};
// browserPaintedPromise and browserStartupPromise are promises that
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 12620: TorBrowser regression tests
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 4dbc0cde00209aaf94172272a761ed3d1bf0dddd
Author: Arthur Edelstein <arthuredelstein(a)gmail.com>
Date: Wed Aug 27 16:25:00 2014 -0700
Bug 12620: TorBrowser regression tests
Regression tests for Bug #2950: Make Permissions Manager memory-only
Regression tests for TB4: Tor Browser's Firefox preference overrides.
Note: many more functional tests could be made here
Regression tests for #2874: Block Components.interfaces from content
Bug 18923: Add a script to run all Tor Browser specific tests
Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
---
run-tbb-tests | 66 +++++++++++++++++++++++++++++++++++
tbb-tests-ignore.txt | 13 +++++++
tbb-tests/browser.ini | 5 +++
tbb-tests/browser_tor_TB4.js | 35 +++++++++++++++++++
tbb-tests/browser_tor_bug2950.js | 74 ++++++++++++++++++++++++++++++++++++++++
tbb-tests/mochitest.ini | 3 ++
tbb-tests/moz.build | 9 +++++
tbb-tests/test_tor_bug2874.html | 25 ++++++++++++++
toolkit/toolkit.mozbuild | 3 +-
9 files changed, 232 insertions(+), 1 deletion(-)
diff --git a/run-tbb-tests b/run-tbb-tests
new file mode 100755
index 000000000000..bc09839f9f05
--- /dev/null
+++ b/run-tbb-tests
@@ -0,0 +1,66 @@
+#!/bin/bash
+
+# This script runs all the Mochitest tests that have been added or
+# modified since the last ffxbld commit.
+#
+# It does not currently run XPCShell tests. We should change this if we
+# start using this type or other types of tests.
+#
+# The logs of the tests are stored in the tbb-tests.log file.
+# Ignored tests are listed in the tbb-tests-ignore.txt file.
+#
+# https://trac.torproject.org/projects/tor/ticket/18923
+
+IFS=$'\n'
+
+if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ]
+then
+ echo "Using tests list from file tbb-tests-list.txt"
+ tests=($(cat tbb-tests-list.txt))
+else
+ ffxbld_commit=$(git log -500 --format='oneline' | grep "TB3: Tor Browser's official .mozconfigs." \
+ | head -1 | cut -d ' ' -f 1)
+
+ tests=($(git diff --name-status "$ffxbld_commit" HEAD | \
+ grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \
+ -e '^[AM].*/browser_[^/]\+\.js$' \
+ | sed 's/^[AM]\s\+//'))
+fi
+
+echo 'The following tests will be run:'
+for i in "${!tests[@]}"
+do
+ if [ -z "$USE_TESTS_LIST" ] \
+ && grep -q "^${tests[$i]}$" tbb-tests-ignore.txt
+ then
+ unset "tests[$i]"
+ continue
+ fi
+ echo "- ${tests[$i]}"
+done
+
+if [ -n "$WRITE_TESTS_LIST" ]
+then
+ rm -f tbb-tests-list.txt
+ for i in "${!tests[@]}"
+ do
+ echo "${tests[$i]}" >> tbb-tests-list.txt
+ done
+ exit 0
+fi
+
+rm -f tbb-tests.log
+echo $'\n''Starting tests'
+# We need `security.nocertdb = false` because of #18087. That pref is
+# forced to have the same value as `browser.privatebrowsing.autostart` in
+# torbutton, so we just set `browser.privatebrowsing.autostart=false` here.
+./mach mochitest --log-tbpl tbb-tests.log \
+ --setpref network.file.path_blacklist='' \
+ --setpref extensions.torbutton.use_nontor_proxy=true \
+ --setpref browser.privatebrowsing.autostart=false \
+ "${tests[@]}"
+
+echo "*************************"
+echo "*************************"
+echo "Summary of failed tests:"
+grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log
diff --git a/tbb-tests-ignore.txt b/tbb-tests-ignore.txt
new file mode 100644
index 000000000000..ee3927a9e7c4
--- /dev/null
+++ b/tbb-tests-ignore.txt
@@ -0,0 +1,13 @@
+browser/extensions/onboarding/test/browser/browser_onboarding_accessibility.js
+browser/extensions/onboarding/test/browser/browser_onboarding_keyboard.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification_2.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification_3.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification_4.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification_5.js
+browser/extensions/onboarding/test/browser/browser_onboarding_notification_click_auto_complete_tour.js
+browser/extensions/onboarding/test/browser/browser_onboarding_select_default_tour.js
+browser/extensions/onboarding/test/browser/browser_onboarding_skip_tour.js
+browser/extensions/onboarding/test/browser/browser_onboarding_tours.js
+browser/extensions/onboarding/test/browser/browser_onboarding_tourset.js
+browser/extensions/onboarding/test/browser/browser_onboarding_uitour.js
diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini
new file mode 100644
index 000000000000..f481660f1417
--- /dev/null
+++ b/tbb-tests/browser.ini
@@ -0,0 +1,5 @@
+[DEFAULT]
+
+[browser_tor_bug2950.js]
+[browser_tor_omnibox.js]
+[browser_tor_TB4.js]
diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js
new file mode 100644
index 000000000000..8bb12f360e5e
--- /dev/null
+++ b/tbb-tests/browser_tor_TB4.js
@@ -0,0 +1,35 @@
+// # Test for TB4: Tor Browser's Firefox preference overrides
+// This is a minimal test to check whether the 000-tor-browser.js
+// pref overrides are being used at all or not. More comprehensive
+// pref tests are maintained in the tor-browser-bundle-testsuite project.
+
+function test() {
+
+let expectedPrefs = [
+ // Homepage
+ ["browser.startup.homepage", "about:tor"],
+
+ // Disable the "Refresh" prompt that is displayed for stale profiles.
+ ["browser.disableResetPrompt", true],
+
+ // Version placeholder
+ ["torbrowser.version", "dev-build"],
+ ];
+
+let getPref = function (prefName) {
+ let type = Services.prefs.getPrefType(prefName);
+ if (type === Services.prefs.PREF_INT) return Services.prefs.getIntPref(prefName);
+ if (type === Services.prefs.PREF_BOOL) return Services.prefs.getBoolPref(prefName);
+ if (type === Services.prefs.PREF_STRING) return Services.prefs.getCharPref(prefName);
+ // Something went wrong.
+ throw new Error("Can't access pref " + prefName);
+};
+
+let testPref = function([key, expectedValue]) {
+ let foundValue = getPref(key);
+ is(foundValue, expectedValue, "Pref '" + key + "' should be '" + expectedValue +"'.");
+};
+
+expectedPrefs.map(testPref);
+
+} // end function test()
diff --git a/tbb-tests/browser_tor_bug2950.js b/tbb-tests/browser_tor_bug2950.js
new file mode 100644
index 000000000000..16e41344a3c4
--- /dev/null
+++ b/tbb-tests/browser_tor_bug2950.js
@@ -0,0 +1,74 @@
+// # Regression tests for tor Bug #2950, Make Permissions Manager memory-only
+// Ensures that permissions.sqlite file in profile directory is not written to,
+// even when we write a value to Firefox's permissions database.
+
+// The requisite test() function.
+function test() {
+
+// Needed because of asynchronous part later in the test.
+waitForExplicitFinish();
+
+// Shortcut
+let Ci = Components.interfaces;
+
+// ## utility functions
+
+// __principal(spec)__.
+// Creates a principal instance from a spec
+// (string address such as "https://www.torproject.org").
+let principal = spec => Services.scriptSecurityManager.createContentPrincipalFromOrigin(spec);
+
+// __setPermission(spec, key, value)__.
+// Sets the site permission of type key to value, for the site located at address spec.
+let setPermission = (spec, key, value) => SitePermissions.setForPrincipal(principal(spec), key, value);
+
+// __getPermission(spec, key)__.
+// Reads the site permission value for permission type key, for the site
+// located at address spec.
+let getPermission = (spec, key) => SitePermissions.getForPrincipal(principal(spec), key);
+
+// __profileDirPath__.
+// The Firefox Profile directory. Expected location of various persistent files.
+let profileDirPath = Services.dirsvc.get("ProfD", Components.interfaces.nsIFile).path;
+
+// __fileInProfile(fileName)__.
+// Returns an nsIFile instance corresponding to a file in the Profile directory.
+let fileInProfile = fileName => FileUtils.File(profileDirPath + "/" + fileName);
+
+// ## Now let's run the test.
+
+let SITE = "https://www.torproject.org",
+ KEY = "popup";
+
+let permissionsFile = fileInProfile("permissions.sqlite"),
+ lastModifiedTime = null,
+ newModifiedTime = null;
+if (permissionsFile.exists()) {
+ lastModifiedTime = permissionsFile.lastModifiedTime;
+}
+// Read the original value of the permission.
+let originalValue = getPermission(SITE, KEY);
+
+// We need to delay by at least 1000 ms, because that's the granularity
+// of file time stamps, it seems.
+window.setTimeout(
+ function () {
+ // Set the permission to a new value.
+ setPermission(SITE, KEY, SitePermissions.BLOCK);
+ // Now read back the permission value again.
+ let newReadValue = getPermission(SITE, KEY);
+ // Compare to confirm that the permission
+ // value was successfully changed.
+ Assert.notDeepEqual(originalValue, newReadValue, "Set a value in permissions db (perhaps in memory).");
+ // If file existed or now exists, get the current time stamp.
+ if (permissionsFile.exists()) {
+ newModifiedTime = permissionsFile.lastModifiedTime;
+ }
+ // If file was created or modified since we began this test,
+ // then permissions db is not memory only. Complain!
+ is(lastModifiedTime, newModifiedTime, "Don't write to permissions.sqlite file on disk.");
+ // We are done with the test.
+ finish();
+ }, 1100);
+
+} // test()
diff --git a/tbb-tests/mochitest.ini b/tbb-tests/mochitest.ini
new file mode 100644
index 000000000000..cc5172733bbe
--- /dev/null
+++ b/tbb-tests/mochitest.ini
@@ -0,0 +1,3 @@
+[DEFAULT]
+
+[test_tor_bug2874.html]
diff --git a/tbb-tests/moz.build b/tbb-tests/moz.build
new file mode 100644
index 000000000000..01db60b9c28a
--- /dev/null
+++ b/tbb-tests/moz.build
@@ -0,0 +1,9 @@
+# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+MOCHITEST_MANIFESTS += ["mochitest.ini"]
+
+BROWSER_CHROME_MANIFESTS += ["browser.ini"]
diff --git a/tbb-tests/test_tor_bug2874.html b/tbb-tests/test_tor_bug2874.html
new file mode 100644
index 000000000000..c0a956e9f687
--- /dev/null
+++ b/tbb-tests/test_tor_bug2874.html
@@ -0,0 +1,25 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+Tor bug
+https://trac.torproject.org/projects/tor/ticket/2874
+-->
+<head>
+ <meta charset="utf-8">
+ <title>Test for Tor Bug 2874</title>
+ <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+ <script type="application/javascript">
+ is(typeof Components, 'undefined', "The global window object should not expose a Components property to untrusted content.");
+ </script>
+</head>
+<body>
+<a target="_blank" href="https://trac.torproject.org/projects/tor/ticket/2874">Tor Bug 2874</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+</pre>
+</body>
+</html>
diff --git a/toolkit/toolkit.mozbuild b/toolkit/toolkit.mozbuild
index 5576f6acc427..a2c3ddf2dc38 100644
--- a/toolkit/toolkit.mozbuild
+++ b/toolkit/toolkit.mozbuild
@@ -99,7 +99,8 @@ if CONFIG['MOZ_WEBRTC'] and CONFIG['COMPILE_ENVIRONMENT']:
]
if CONFIG['ENABLE_TESTS']:
- DIRS += ['/testing/specialpowers']
+ DIRS += ['/testing/specialpowers',
+ '/tbb-tests']
DIRS += [
'/testing/gtest',
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 10760: Integrate TorButton to TorBrowser core
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit e2dab37c37401b6a5811339edcfa6f01f71df943
Author: Alex Catarineu <acat(a)torproject.org>
Date: Wed Feb 19 23:05:08 2020 +0100
Bug 10760: Integrate TorButton to TorBrowser core
Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.
Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.
Additionally, this patch also fixes Bug 27611.
Bug 26321: New Circuit and New Identity menu items
Bug 14392: Make about:tor behave like other initial pages.
Bug 25013: Add torbutton as a tor-browser submodule
---
.gitmodules | 3 ++
browser/base/content/aboutDialog.xhtml | 38 +++++++++++------
browser/base/content/appmenu-viewcache.inc.xhtml | 17 +++++++-
browser/base/content/browser-doctype.inc | 6 +++
browser/base/content/browser-menubar.inc | 47 ++++++++++++++++++----
browser/base/content/browser-sets.inc | 2 +
browser/base/content/browser.js | 1 +
browser/base/content/browser.xhtml | 9 +++++
.../controlcenter/content/identityPanel.inc.xhtml | 44 ++++++++++++++++++++
browser/installer/package-manifest.in | 2 +
docshell/base/nsAboutRedirector.cpp | 6 ++-
docshell/build/components.conf | 1 +
mobile/android/installer/package-manifest.in | 4 ++
toolkit/moz.build | 1 +
.../mozapps/extensions/internal/XPIProvider.jsm | 9 +++++
toolkit/torproject/torbutton | 1 +
.../lib/environments/browser-window.js | 6 ++-
17 files changed, 172 insertions(+), 25 deletions(-)
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 000000000000..2f03bd8e22df
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "toolkit/torproject/torbutton"]
+ path = toolkit/torproject/torbutton
+ url = https://git.torproject.org/torbutton.git
diff --git a/browser/base/content/aboutDialog.xhtml b/browser/base/content/aboutDialog.xhtml
index 55c8b1c2c5f7..4eb122b0b2d8 100644
--- a/browser/base/content/aboutDialog.xhtml
+++ b/browser/base/content/aboutDialog.xhtml
@@ -7,11 +7,11 @@
<?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?>
<?xml-stylesheet href="chrome://browser/content/aboutDialog.css" type="text/css"?>
<?xml-stylesheet href="chrome://branding/content/aboutDialog.css" type="text/css"?>
+<?xml-stylesheet href="chrome://torbutton/skin/aboutDialog.css" type="text/css"?>
+<!-- We need to include the localization DTDs until we migrate to Fluent -->
<!DOCTYPE window [
-#ifdef XP_MACOSX
#include browser-doctype.inc
-#endif
]>
<window xmlns:html="http://www.w3.org/1999/xhtml"
@@ -28,7 +28,7 @@
data-l10n-id="aboutDialog-title"
#endif
role="dialog"
- aria-describedby="version distribution distributionId communityDesc contributeDesc trademark"
+ aria-describedby="version distribution distributionId projectDesc helpDesc trademark trademarkTor"
>
#ifdef XP_MACOSX
#include macWindow.inc.xhtml
@@ -146,24 +146,36 @@
<label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-exp-creditsLink"/>
</description>
</vbox>
- <description class="text-blurb" id="communityDesc" data-l10n-id="community-2">
- <label is="text-link" href="https://www.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-…" data-l10n-name="community-mozillaLink"/>
- <label is="text-link" useoriginprincipal="true" href="about:credits" data-l10n-name="community-creditsLink"/>
+ <!-- Keep communityDesc and contributeDesc to avoid JS errors trying to hide them -->
+ <description class="text-blurb" id="communityDesc" data-l10n-id="community-2" hidden="true"></description>
+ <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus" hidden="true"></description>
+ <description class="text-blurb" id="projectDesc">
+ &project.start;
+ <label is="text-link" href="https://www.torproject.org/">
+ &project.tpoLink;
+ </label>&project.end;
</description>
- <description class="text-blurb" id="contributeDesc" data-l10n-id="helpus">
- <label is="text-link" href="https://donate.mozilla.org/?utm_source=firefox&utm_medium=referral&…" data-l10n-name="helpus-donateLink"/>
- <label is="text-link" href="https://www.mozilla.org/contribute/?utm_source=firefox-browser&utm_medi…" data-l10n-name="helpus-getInvolvedLink"/>
+ <description class="text-blurb" id="helpDesc">
+ &help.start;
+ <label is="text-link" href="https://donate.torproject.org/">
+ &help.donateLink;
+ </label>
+ &help.or;
+ <label is="text-link" href="https://community.torproject.org/">
+ &help.getInvolvedLink;
+ </label>&help.end;
</description>
</vbox>
</vbox>
</hbox>
<vbox id="bottomBox">
- <hbox pack="center">
- <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license" data-l10n-id="bottomLinks-license"/>
- <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:rights" data-l10n-id="bottomLinks-rights"/>
- <label is="text-link" class="bottom-link" href="https://www.mozilla.org/privacy/?utm_source=firefox-browser&utm_medium=…" data-l10n-id="bottomLinks-privacy"/>
+ <hbox id="newBottom" pack="center" position="1">
+ <label is="text-link" class="bottom-link" href="https://support.torproject.org/">&bottomLinks.questions;</label>
+ <label is="text-link" class="bottom-link" href="https://community.torproject.org/relay/">&bottomLinks.grow;</label>
+ <label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license">&bottomLinks.license;</label>
</hbox>
<description id="trademark" data-l10n-id="trademarkInfo"></description>
+ <description id="trademarkTor">&tor.TrademarkStatement;</description>
</vbox>
</vbox>
diff --git a/browser/base/content/appmenu-viewcache.inc.xhtml b/browser/base/content/appmenu-viewcache.inc.xhtml
index 204b84f00000..7c067ef8fbb3 100644
--- a/browser/base/content/appmenu-viewcache.inc.xhtml
+++ b/browser/base/content/appmenu-viewcache.inc.xhtml
@@ -45,7 +45,8 @@
class="subviewbutton subviewbutton-iconic"
data-l10n-id="appmenuitem-new-private-window"
key="key_privatebrowsing"
- command="Tools:PrivateBrowsing"/>
+ command="Tools:PrivateBrowsing"
+ hidden="true"/>
#ifdef NIGHTLY_BUILD
<toolbarbutton id="appMenu-fission-window-button"
class="subviewbutton subviewbutton-iconic"
@@ -61,7 +62,19 @@
<toolbarbutton id="appMenuRestoreLastSession"
data-l10n-id="appmenu-restore-session"
class="subviewbutton subviewbutton-iconic"
- command="Browser:RestoreLastSession"/>
+ command="Browser:RestoreLastSession"
+ hidden="true"/>
+ <toolbarseparator/>
+ <toolbarbutton id="appMenuNewIdentity"
+ class="subviewbutton subviewbutton-iconic"
+ key="torbutton-new-identity-key"
+ label="&torbutton.context_menu.new_identity;"
+ oncommand="torbutton_new_identity();"/>
+ <toolbarbutton id="appMenuNewCircuit"
+ class="subviewbutton subviewbutton-iconic"
+ key="torbutton-new-circuit-key"
+ label="&torbutton.context_menu.new_circuit;"
+ oncommand="torbutton_new_circuit();"/>
<toolbarseparator/>
<toolbaritem id="appMenu-zoom-controls" class="toolbaritem-combined-buttons" closemenu="none">
<!-- Use a spacer, because panel sizing code gets confused when using CSS methods. -->
diff --git a/browser/base/content/browser-doctype.inc b/browser/base/content/browser-doctype.inc
index cea0382acde2..691d16a7b2e5 100644
--- a/browser/base/content/browser-doctype.inc
+++ b/browser/base/content/browser-doctype.inc
@@ -6,3 +6,9 @@
%textcontextDTD;
<!ENTITY % placesDTD SYSTEM "chrome://browser/locale/places/places.dtd">
%placesDTD;
+<!ENTITY % torbuttonDTD SYSTEM "chrome://torbutton/locale/torbutton.dtd">
+%torbuttonDTD;
+<!ENTITY % aboutTorDTD SYSTEM "chrome://torbutton/locale/aboutTor.dtd">
+%aboutTorDTD;
+<!ENTITY % aboutDialogDTD SYSTEM "chrome://torbutton/locale/aboutDialog.dtd">
+%aboutDialogDTD;
diff --git a/browser/base/content/browser-menubar.inc b/browser/base/content/browser-menubar.inc
index cd348e8e7817..cd84dc0c55eb 100644
--- a/browser/base/content/browser-menubar.inc
+++ b/browser/base/content/browser-menubar.inc
@@ -38,6 +38,18 @@
command="Tools:NonFissionWindow"
accesskey="s" label="New Non-Fission Window"/>
#endif
+ <menuseparator/>
+ <menuitem id="menu_newIdentity"
+ accesskey="&torbutton.context_menu.new_identity_key;"
+ key="torbutton-new-identity-key"
+ label="&torbutton.context_menu.new_identity;"
+ oncommand="torbutton_new_identity();"/>
+ <menuitem id="menu_newCircuit"
+ accesskey="&torbutton.context_menu.new_circuit_key;"
+ key="torbutton-new-circuit-key"
+ label="&torbutton.context_menu.new_circuit;"
+ oncommand="torbutton_new_circuit();"/>
+ <menuseparator/>
<menuitem id="menu_openLocation"
hidden="true"
command="Browser:OpenLocation"
@@ -463,19 +475,37 @@
<menupopup id="menu_HelpPopup" onpopupshowing="buildHelpMenu();">
<!-- Note: Items under here are cloned to the AppMenu Help submenu. The cloned items
have their strings defined by appmenu-data-l10n-id. -->
- <menuitem id="menu_openHelp"
+#ifdef MOZ_UPDATER
+ <menuitem id="checkForUpdates"
+ data-l10n-id="menu-help-check-for-update"
+ appmenu-data-l10n-id="appmenu-help-check-for-update"
+ class="menuitem-iconic"
+ oncommand="openAboutDialog();"/>
+#endif
+ <!-- dummy elements to avoid 'getElementById' errors -->
+ <box id="feedbackPage"/>
+ <box id="helpSafeMode"/>
+ <box id="menu_HelpPopup_reportPhishingtoolmenu"/>
+ <box id="menu_HelpPopup_reportPhishingErrortoolmenu"/>
+ <!-- Add Tor Browser manual link -->
+ <menuitem id="torBrowserUserManual"
+ oncommand="gBrowser.selectedTab = gBrowser.addTab('https://tb-manual.torproject.org/' + Services.locale.requestedLocale, {triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal()});"
+ label="&aboutTor.torbrowser_user_manual.label;"
+ accesskey="&aboutTor.torbrowser_user_manual.accesskey;"/>
+ <!-- Bug 18905: Hide unused help menu items -->
+ <!-- <menuitem id="menu_openHelp"
oncommand="openHelpLink('firefox-help')"
data-l10n-id="menu-get-help"
appmenu-data-l10n-id="appmenu-get-help"
#ifdef XP_MACOSX
- key="key_openHelpMac"/>
+ key="key_openHelpMac"/> -->
#else
- />
+ /> -->
#endif
- <menuitem id="feedbackPage"
+ <!-- <menuitem id="feedbackPage"
oncommand="openFeedbackPage()"
data-l10n-id="menu-help-feedback-page"
- appmenu-data-l10n-id="appmenu-help-feedback-page"/>
+ appmenu-data-l10n-id="appmenu-help-feedback-page"/> -->
<menuitem id="helpSafeMode"
oncommand="safeModeRestart();"
data-l10n-id="menu-help-enter-troubleshoot-mode2"
@@ -490,17 +520,18 @@
appmenu-data-l10n-id="appmenu-help-report-site-issue"
hidden="true"/>
<menuitem id="menu_HelpPopup_reportPhishingtoolmenu"
+ <!-- <menuitem id="menu_HelpPopup_reportPhishingtoolmenu"
disabled="true"
oncommand="openUILink(gSafeBrowsing.getReportURL('Phish'), event, {triggeringPrincipal: Services.scriptSecurityManager.createNullPrincipal({})});"
hidden="true"
data-l10n-id="menu-help-report-deceptive-site"
- appmenu-data-l10n-id="appmenu-help-report-deceptive-site"/>
- <menuitem id="menu_HelpPopup_reportPhishingErrortoolmenu"
+ appmenu-data-l10n-id="appmenu-help-report-deceptive-site"/> -->
+ <!-- <menuitem id="menu_HelpPopup_reportPhishingErrortoolmenu"
disabled="true"
oncommand="ReportFalseDeceptiveSite();"
data-l10n-id="menu-help-not-deceptive"
appmenu-data-l10n-id="appmenu-help-not-deceptive"
- hidden="true"/>
+ hidden="true"/> -->
<menuseparator id="aboutSeparator"/>
<menuitem id="aboutName"
oncommand="openAboutDialog();"
diff --git a/browser/base/content/browser-sets.inc b/browser/base/content/browser-sets.inc
index fdd83f64896e..c3129d6aae07 100644
--- a/browser/base/content/browser-sets.inc
+++ b/browser/base/content/browser-sets.inc
@@ -383,4 +383,6 @@
data-l10n-id="hide-other-apps-shortcut"
modifiers="accel,alt"/>
#endif
+ <key id="torbutton-new-identity-key" modifiers="accel shift" key="U" oncommand="torbutton_new_identity()"/>
+ <key id="torbutton-new-circuit-key" modifiers="accel shift" key="L" oncommand="torbutton_new_circuit()"/>
</keyset>
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index d53189b3654a..7f370894bf95 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -633,6 +633,7 @@ var gPageIcons = {
};
var gInitialPages = [
+ "about:tor",
"about:blank",
"about:newtab",
"about:home",
diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml
index 82fd0d32d670..8efb544918b8 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -29,6 +29,8 @@
<?xml-stylesheet href="chrome://browser/skin/searchbar.css" type="text/css"?>
<?xml-stylesheet href="chrome://browser/skin/places/tree-icons.css" type="text/css"?>
<?xml-stylesheet href="chrome://browser/skin/places/editBookmark.css" type="text/css"?>
+<?xml-stylesheet href="chrome://torbutton/skin/tor-circuit-display.css" type="text/css"?>
+<?xml-stylesheet href="chrome://torbutton/skin/torbutton.css" type="text/css"?>
# All DTD information is stored in a separate file so that it can be shared by
# hiddenWindowMac.xhtml.
@@ -106,11 +108,18 @@
Services.scriptloader.loadSubScript("chrome://browser/content/places/places-menupopup.js", this);
Services.scriptloader.loadSubScript("chrome://browser/content/search/autocomplete-popup.js", this);
Services.scriptloader.loadSubScript("chrome://browser/content/search/searchbar.js", this);
+ Services.scriptloader.loadSubScript("chrome://torbutton/content/tor-circuit-display.js", this);
+ Services.scriptloader.loadSubScript("chrome://torbutton/content/torbutton.js", this);
window.onload = gBrowserInit.onLoad.bind(gBrowserInit);
window.onunload = gBrowserInit.onUnload.bind(gBrowserInit);
window.onclose = WindowIsClosing;
+ //onLoad Handler
+ try {
+ window.addEventListener("load", torbutton_init, false);
+ } catch (e) {}
+
window.addEventListener("MozBeforeInitialXULLayout",
gBrowserInit.onBeforeInitialXULLayout.bind(gBrowserInit), { once: true });
diff --git a/browser/components/controlcenter/content/identityPanel.inc.xhtml b/browser/components/controlcenter/content/identityPanel.inc.xhtml
index 9a41ac1f33cc..834a472e16ae 100644
--- a/browser/components/controlcenter/content/identityPanel.inc.xhtml
+++ b/browser/components/controlcenter/content/identityPanel.inc.xhtml
@@ -92,6 +92,50 @@
</vbox>
</hbox>
+ <!-- Circuit display section -->
+ <hbox id="circuit-display-container" class="identity-popup-section">
+ <vbox id="circuit-display-content" flex="1" role="group"
+ aria-labelledby="circuit-display-headline">
+ <hbox id="circuit-display-header" align="center">
+ <label id="circuit-display-headline"
+ role="heading" aria-level="2">&torbutton.circuit_display.title;</label>
+ </hbox>
+ <html:ul id="circuit-display-nodes" dir="auto"/>
+ </vbox>
+ <vbox id="circuit-reload-content" flex="1">
+ <html:button id="circuit-reload-button"
+ onclick="torbutton_new_circuit()">&torbutton.circuit_display.new_circuit;</html:button>
+ <hbox id="circuit-guard-note-container"/>
+ </vbox>
+ </hbox>
+
+ <!-- Permissions Section -->
+ <hbox class="identity-popup-section"
+ when-connection="not-secure secure secure-ev secure-cert-user-overridden file extension cert-error-page https-only-error-page">
+ <vbox id="identity-popup-permissions-content" flex="1" role="group"
+ aria-labelledby="identity-popup-permissions-headline">
+ <hbox id="identity-popup-permissions-header" align="center">
+ <label id="identity-popup-permissions-headline"
+ role="heading" aria-level="2"
+ data-l10n-id="identity-permissions"/>
+ </hbox>
+ <vbox id="identity-popup-permission-list">
+ <vbox id="identity-popup-permission-list-default-anchor" class="identity-popup-permission-list-anchor"/>
+ <vbox class="identity-popup-permission-list-anchor" anchorfor="3rdPartyStorage">
+ <vbox id="identity-popup-storage-access-permission-list-header">
+ <hbox align="center" role="group">
+ <image class="identity-popup-permission-icon storage-access-icon"/>
+ <label data-l10n-id="identity-permissions-storage-access-header" class="identity-popup-permission-header-label"/>
+ </hbox>
+ <description id="identity-popup-storage-access-permission-list-hint" data-l10n-id="identity-permissions-storage-access-hint"></description>
+ </vbox>
+ </vbox>
+ </vbox>
+ <description id="identity-popup-permission-reload-hint" data-l10n-id="identity-permissions-reload-hint"></description>
+ <description id="identity-popup-permission-empty-hint" data-l10n-id="identity-permissions-empty"></description>
+ </vbox>
+ </hbox>
+
<!-- Clear Site Data Button -->
<vbox hidden="true"
id="identity-popup-clear-sitedata-footer">
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
index e31386ba0c40..58f6c8b9f990 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -244,6 +244,8 @@
@RESPATH@/browser/chrome/torlauncher/*
@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js
#endif
+@RESPATH@/chrome/torbutton.manifest
+@RESPATH@/chrome/torbutton/*
@RESPATH@/chrome/toolkit@JAREXT@
@RESPATH@/chrome/toolkit.manifest
@RESPATH@/chrome/recording.manifest
diff --git a/docshell/base/nsAboutRedirector.cpp b/docshell/base/nsAboutRedirector.cpp
index a320b4ebd431..6ab1a57f92cf 100644
--- a/docshell/base/nsAboutRedirector.cpp
+++ b/docshell/base/nsAboutRedirector.cpp
@@ -158,7 +158,11 @@ static const RedirEntry kRedirMap[] = {
{"crashcontent", "about:blank",
nsIAboutModule::HIDE_FROM_ABOUTABOUT |
nsIAboutModule::URI_CAN_LOAD_IN_CHILD |
- nsIAboutModule::URI_MUST_LOAD_IN_CHILD}};
+ nsIAboutModule::URI_MUST_LOAD_IN_CHILD},
+ {"tor", "chrome://torbutton/content/aboutTor/aboutTor.xhtml",
+ nsIAboutModule::URI_MUST_LOAD_IN_CHILD |
+ nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
+ nsIAboutModule::ALLOW_SCRIPT}};
static const int kRedirTotal = mozilla::ArrayLength(kRedirMap);
NS_IMETHODIMP
diff --git a/docshell/build/components.conf b/docshell/build/components.conf
index 9987b60fa2ec..475546757fd4 100644
--- a/docshell/build/components.conf
+++ b/docshell/build/components.conf
@@ -29,6 +29,7 @@ about_pages = [
'srcdoc',
'support',
'telemetry',
+ 'tor',
'url-classifier',
'webrtc',
]
diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in
index f0664be7b6ee..dc65078b7014 100644
--- a/mobile/android/installer/package-manifest.in
+++ b/mobile/android/installer/package-manifest.in
@@ -132,6 +132,10 @@
@BINPATH@/chrome/devtools@JAREXT@
@BINPATH@/chrome/devtools.manifest
+; Torbutton
+@BINPATH@/chrome/torbutton@JAREXT@
+@BINPATH@/chrome/torbutton.manifest
+
; [Default Preferences]
; All the pref files must be part of base to prevent migration bugs
#ifndef MOZ_ANDROID_FAT_AAR_ARCHITECTURES
diff --git a/toolkit/moz.build b/toolkit/moz.build
index 14f4638b693e..4edccfac6d62 100644
--- a/toolkit/moz.build
+++ b/toolkit/moz.build
@@ -22,6 +22,7 @@ DIRS += [
"mozapps/preferences",
"profile",
"themes",
+ "torproject/torbutton",
]
if CONFIG["OS_ARCH"] == "WINNT" and CONFIG["MOZ_DEFAULT_BROWSER_AGENT"]:
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index acabe8cad3bc..7b6c904aad3f 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -1472,6 +1472,15 @@ var XPIStates = {
for (let [id, file] of loc.readAddons()) {
knownIds.delete(id);
+ // Uninstall torbutton if it is installed in the user profile
+ if (id === "torbutton(a)torproject.org" &&
+ loc.name === KEY_APP_PROFILE) {
+ logger.debug("Uninstalling torbutton from user profile.");
+ loc.installer.uninstallAddon(id);
+ changed = true;
+ continue;
+ }
+
// Since it is now part of the browser, uninstall the Tor Launcher
// extension. This will remove the Tor Launcher .xpi from user
// profiles on macOS.
diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton
new file mode 160000
index 000000000000..5264bddf8bc7
--- /dev/null
+++ b/toolkit/torproject/torbutton
@@ -0,0 +1 @@
+Subproject commit 5264bddf8bc71cbb4e88921b55e7b95fa4522b69
diff --git a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js
index 76e03f2d49bb..2ff107b553b2 100644
--- a/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js
+++ b/tools/lint/eslint/eslint-plugin-mozilla/lib/environments/browser-window.js
@@ -75,7 +75,11 @@ function getGlobalScriptIncludes(scriptPath) {
"browser/components/search/content/"
)
.replace("chrome://browser/content/", "browser/base/content/")
- .replace("chrome://global/content/", "toolkit/content/");
+ .replace("chrome://global/content/", "toolkit/content/")
+ .replace(
+ "chrome://torbutton/content/",
+ "toolkit/torproject/torbutton/chrome/content/"
+ );
for (let mapping of Object.getOwnPropertyNames(MAPPINGS)) {
if (sourceFile.includes(mapping)) {
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Add TorStrings module for localization
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit df922c9888c283c18d6fe19e5dacffbfd336c663
Author: Alex Catarineu <acat(a)torproject.org>
Date: Fri Jul 24 21:15:20 2020 +0200
Add TorStrings module for localization
---
browser/modules/TorStrings.jsm | 490 +++++++++++++++++++++++++++++++++++++++++
browser/modules/moz.build | 1 +
2 files changed, 491 insertions(+)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
new file mode 100644
index 000000000000..e8a8d37ae373
--- /dev/null
+++ b/browser/modules/TorStrings.jsm
@@ -0,0 +1,490 @@
+"use strict";
+
+var EXPORTED_SYMBOLS = ["TorStrings"];
+
+const { XPCOMUtils } = ChromeUtils.import(
+ "resource://gre/modules/XPCOMUtils.jsm"
+);
+const { Services } = ChromeUtils.import(
+ "resource://gre/modules/Services.jsm"
+);
+const { getLocale } = ChromeUtils.import(
+ "resource://torbutton/modules/utils.js"
+);
+
+XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]);
+XPCOMUtils.defineLazyGetter(this, "domParser", () => {
+ const parser = new DOMParser();
+ parser.forceEnableDTD();
+ return parser;
+});
+
+/*
+ Tor DTD String Bundle
+
+ DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available
+*/
+class TorDTDStringBundle {
+ constructor(aBundleURLs, aPrefix) {
+ let locations = [];
+ for (const [index, url] of aBundleURLs.entries()) {
+ locations.push(`<!ENTITY % dtd_${index} SYSTEM "${url}">%dtd_${index};`);
+ }
+ this._locations = locations;
+ this._prefix = aPrefix;
+ }
+
+ // copied from testing/marionette/l10n.js
+ localizeEntity(urls, id) {
+ // Use the DOM parser to resolve the entity and extract its real value
+ let header = `<?xml version="1.0"?><!DOCTYPE elem [${this._locations.join(
+ ""
+ )}]>`;
+ let elem = `<elem id="elementID">&${id};</elem>`;
+ let doc = domParser.parseFromString(header + elem, "text/xml");
+ let element = doc.querySelector("elem[id='elementID']");
+
+ if (element === null) {
+ throw new Error(`Entity with id='${id}' hasn't been found`);
+ }
+
+ return element.textContent;
+ }
+
+ getString(key, fallback) {
+ if (key) {
+ try {
+ return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`);
+ } catch (e) {}
+ }
+
+ // on failure, assign the fallback if it exists
+ if (fallback) {
+ return fallback;
+ }
+ // otherwise return string key
+ return `$(${key})`;
+ }
+}
+
+/*
+ Tor Property String Bundle
+
+ Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available
+*/
+class TorPropertyStringBundle {
+ constructor(aBundleURL, aPrefix) {
+ try {
+ this._bundle = Services.strings.createBundle(aBundleURL);
+ } catch (e) {}
+
+ this._prefix = aPrefix;
+ }
+
+ getString(key, fallback) {
+ if (key) {
+ try {
+ return this._bundle.GetStringFromName(`${this._prefix}${key}`);
+ } catch (e) {}
+ }
+
+ // on failure, assign the fallback if it exists
+ if (fallback) {
+ return fallback;
+ }
+ // otherwise return string key
+ return `$(${key})`;
+ }
+}
+
+/*
+ Security Level Strings
+*/
+var TorStrings = {
+ /*
+ Tor Browser Security Level Strings
+ */
+ securityLevel: (function() {
+ let tsb = new TorDTDStringBundle(
+ ["chrome://torbutton/locale/torbutton.dtd"],
+ "torbutton.prefs.sec_"
+ );
+ let getString = function(key, fallback) {
+ return tsb.getString(key, fallback);
+ };
+
+ // read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error
+ let retval = {
+ securityLevel: getString("caption", "Security Level"),
+ customWarning: getString("custom_warning", "Custom"),
+ overview: getString(
+ "overview",
+ "Disable certain web features that can be used to attack your security and anonymity."
+ ),
+ standard: {
+ level: getString("standard_label", "Standard"),
+ tooltip: getString("standard_tooltip", "Security Level : Standard"),
+ summary: getString(
+ "standard_description",
+ "All Tor Browser and website features are enabled."
+ ),
+ },
+ safer: {
+ level: getString("safer_label", "Safer"),
+ tooltip: getString("safer_tooltip", "Security Level : Safer"),
+ summary: getString(
+ "safer_description",
+ "Disables website features that are often dangerous, causing some sites to lose functionality."
+ ),
+ description1: getString(
+ "js_on_https_sites_only",
+ "JavaScript is disabled on non-HTTPS sites."
+ ),
+ description2: getString(
+ "limit_typography",
+ "Some fonts and math symbols are disabled."
+ ),
+ description3: getString(
+ "click_to_play_media",
+ "Audio and video (HTML5 media), and WebGL are click-to-play."
+ ),
+ },
+ safest: {
+ level: getString("safest_label", "Safest"),
+ tooltip: getString("safest_tooltip", "Security Level : Safest"),
+ summary: getString(
+ "safest_description",
+ "Only allows website features required for static sites and basic services. These changes affect images, media, and scripts."
+ ),
+ description1: getString(
+ "js_disabled",
+ "JavaScript is disabled by default on all sites."
+ ),
+ description2: getString(
+ "limit_graphics_and_typography",
+ "Some fonts, icons, math symbols, and images are disabled."
+ ),
+ description3: getString(
+ "click_to_play_media",
+ "Audio and video (HTML5 media), and WebGL are click-to-play."
+ ),
+ },
+ custom: {
+ summary: getString(
+ "custom_summary",
+ "Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels."
+ ),
+ },
+ learnMore: getString("learn_more_label", "Learn more"),
+ learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/security-settings/`,
+ restoreDefaults: getString("restore_defaults", "Restore Defaults"),
+ advancedSecuritySettings: getString(
+ "advanced_security_settings",
+ "Advanced Security Settings\u2026"
+ ),
+ };
+ return retval;
+ })() /* Security Level Strings */,
+
+ /*
+ Tor about:preferences#tor Strings
+ */
+ settings: (function() {
+ let tsb = new TorDTDStringBundle(
+ ["chrome://torlauncher/locale/network-settings.dtd"],
+ ""
+ );
+ let getString = function(key, fallback) {
+ return tsb.getString(key, fallback);
+ };
+
+ let retval = {
+ categoryTitle: getString("torPreferences.categoryTitle", "Tor"),
+ torPreferencesHeading: getString(
+ "torPreferences.torSettings",
+ "Tor Settings"
+ ),
+ torPreferencesDescription: getString(
+ "torPreferences.torSettingsDescription",
+ "Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world."
+ ),
+ learnMore: getString("torPreferences.learnMore", "Learn More"),
+ bridgesHeading: getString("torPreferences.bridges", "Bridges"),
+ bridgesDescription: getString(
+ "torPreferences.bridgesDescription",
+ "Bridges help you access the Tor Network in places where Tor is blocked. Depending on where you are, one bridge may work better than another."
+ ),
+ useBridge: getString("torPreferences.useBridge", "Use a bridge"),
+ selectBridge: getString(
+ "torsettings.useBridges.default",
+ "Select a bridge"
+ ),
+ requestBridgeFromTorProject: getString(
+ "torsettings.useBridges.bridgeDB",
+ "Request a bridge from torproject.org"
+ ),
+ requestNewBridge: getString(
+ "torPreferences.requestNewBridge",
+ "Request a New Bridge\u2026"
+ ),
+ provideBridge: getString(
+ "torPreferences.provideBridge",
+ "Provide a bridge"
+ ),
+ provideBridgeDirections: getString(
+ "torsettings.useBridges.label",
+ "Enter bridge information from a trusted source."
+ ),
+ provideBridgePlaceholder: getString(
+ "torsettings.useBridges.placeholder",
+ "type address:port (one per line)"
+ ),
+ advancedHeading: getString("torPreferences.advanced", "Advanced"),
+ advancedDescription: getString(
+ "torPreferences.advancedDescription",
+ "Configure how Tor Browser connects to the internet."
+ ),
+ useLocalProxy: getString("torsettings.useProxy.checkbox", "I use a proxy to connect to the Internet"),
+ proxyType: getString("torsettings.useProxy.type", "Proxy Type"),
+ proxyTypeSOCKS4: getString("torsettings.useProxy.type.socks4", "SOCKS4"),
+ proxyTypeSOCKS5: getString("torsettings.useProxy.type.socks5", "SOCKS5"),
+ proxyTypeHTTP: getString("torsettings.useProxy.type.http", "HTTP/HTTPS"),
+ proxyAddress: getString("torsettings.useProxy.address", "Address"),
+ proxyAddressPlaceholder: getString(
+ "torsettings.useProxy.address.placeholder",
+ "IP address or hostname"
+ ),
+ proxyPort: getString("torsettings.useProxy.port", "Port"),
+ proxyUsername: getString("torsettings.useProxy.username", "Username"),
+ proxyPassword: getString("torsettings.useProxy.password", "Password"),
+ proxyUsernamePasswordPlaceholder: getString(
+ "torsettings.optional",
+ "Optional"
+ ),
+ useFirewall: getString(
+ "torsettings.firewall.checkbox",
+ "This computer goes through a firewall that only allows connections to certain ports"
+ ),
+ allowedPorts: getString(
+ "torsettings.firewall.allowedPorts",
+ "Allowed Ports"
+ ),
+ allowedPortsPlaceholder: getString(
+ "torPreferences.firewallPortsPlaceholder",
+ "Comma-seperated values"
+ ),
+ requestBridgeDialogTitle: getString(
+ "torPreferences.requestBridgeDialogTitle",
+ "Request Bridge"
+ ),
+ submitCaptcha: getString(
+ "torsettings.useBridges.captchaSubmit",
+ "Submit"
+ ),
+ contactingBridgeDB: getString(
+ "torPreferences.requestBridgeDialogWaitPrompt",
+ "Contacting BridgeDB. Please Wait."
+ ),
+ solveTheCaptcha: getString(
+ "torPreferences.requestBridgeDialogSolvePrompt",
+ "Solve the CAPTCHA to request a bridge."
+ ),
+ captchaTextboxPlaceholder: getString(
+ "torsettings.useBridges.captchaSolution.placeholder",
+ "Enter the characters from the image"
+ ),
+ incorrectCaptcha: getString(
+ "torPreferences.requestBridgeErrorBadSolution",
+ "The solution is not correct. Please try again."
+ ),
+ showTorDaemonLogs: getString(
+ "torPreferences.viewTorLogs",
+ "View the Tor logs."
+ ),
+ showLogs: getString("torPreferences.viewLogs", "View Logs\u2026"),
+ torLogDialogTitle: getString(
+ "torPreferences.torLogsDialogTitle",
+ "Tor Logs"
+ ),
+ copyLog: getString("torsettings.copyLog", "Copy Tor Log to Clipboard"),
+
+ learnMoreTorBrowserURL: `https://tb-manual.torproject.org/${getLocale()}/about/`,
+ learnMoreBridgesURL: `https://tb-manual.torproject.org/${getLocale()}/bridges/`,
+ learnMoreNetworkSettingsURL: `about:blank`,
+ };
+
+ return retval;
+ })() /* Tor Network Settings Strings */,
+
+ /*
+ Tor Onion Services Strings, e.g., for the authentication prompt.
+ */
+ onionServices: (function() {
+ let tsb = new TorPropertyStringBundle(
+ "chrome://torbutton/locale/torbutton.properties",
+ "onionServices."
+ );
+ let getString = function(key, fallback) {
+ return tsb.getString(key, fallback);
+ };
+
+ const kProblemLoadingSiteFallback = "Problem Loading Onionsite";
+ const kLongDescFallback = "Details: %S";
+
+ let retval = {
+ learnMore: getString("learnMore", "Learn more"),
+ learnMoreURL: `https://support.torproject.org/${getLocale()}/onionservices/client-auth/`,
+ errorPage: {
+ browser: getString("errorPage.browser", "Browser"),
+ network: getString("errorPage.network", "Network"),
+ onionSite: getString("errorPage.onionSite", "Onionsite"),
+ },
+ descNotFound: { // Tor SOCKS error 0xF0
+ pageTitle: getString("descNotFound.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("descNotFound.header", "Onionsite Not Found"),
+ longDescription: getString("descNotFound.longDescription", kLongDescFallback),
+ },
+ descInvalid: { // Tor SOCKS error 0xF1
+ pageTitle: getString("descInvalid.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("descInvalid.header", "Onionsite Cannot Be Reached"),
+ longDescription: getString("descInvalid.longDescription", kLongDescFallback),
+ },
+ introFailed: { // Tor SOCKS error 0xF2
+ pageTitle: getString("introFailed.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("introFailed.header", "Onionsite Has Disconnected"),
+ longDescription: getString("introFailed.longDescription", kLongDescFallback),
+ },
+ rendezvousFailed: { // Tor SOCKS error 0xF3
+ pageTitle: getString("rendezvousFailed.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("rendezvousFailed.header", "Unable to Connect to Onionsite"),
+ longDescription: getString("rendezvousFailed.longDescription", kLongDescFallback),
+ },
+ clientAuthMissing: { // Tor SOCKS error 0xF4
+ pageTitle: getString("clientAuthMissing.pageTitle", "Authorization Required"),
+ header: getString("clientAuthMissing.header", "Onionsite Requires Authentication"),
+ longDescription: getString("clientAuthMissing.longDescription", kLongDescFallback),
+ },
+ clientAuthIncorrect: { // Tor SOCKS error 0xF5
+ pageTitle: getString("clientAuthIncorrect.pageTitle", "Authorization Failed"),
+ header: getString("clientAuthIncorrect.header", "Onionsite Authentication Failed"),
+ longDescription: getString("clientAuthIncorrect.longDescription", kLongDescFallback),
+ },
+ badAddress: { // Tor SOCKS error 0xF6
+ pageTitle: getString("badAddress.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("badAddress.header", "Invalid Onionsite Address"),
+ longDescription: getString("badAddress.longDescription", kLongDescFallback),
+ },
+ introTimedOut: { // Tor SOCKS error 0xF7
+ pageTitle: getString("introTimedOut.pageTitle", kProblemLoadingSiteFallback),
+ header: getString("introTimedOut.header", "Onionsite Circuit Creation Timed Out"),
+ longDescription: getString("introTimedOut.longDescription", kLongDescFallback),
+ },
+ authPrompt: {
+ description:
+ getString("authPrompt.description2", "%S is requesting that you authenticate."),
+ keyPlaceholder: getString("authPrompt.keyPlaceholder", "Enter your key"),
+ done: getString("authPrompt.done", "Done"),
+ doneAccessKey: getString("authPrompt.doneAccessKey", "d"),
+ invalidKey: getString("authPrompt.invalidKey", "Invalid key"),
+ failedToSetKey:
+ getString("authPrompt.failedToSetKey", "Failed to set key"),
+ },
+ authPreferences: {
+ header: getString("authPreferences.header", "Onion Services Authentication"),
+ overview: getString("authPreferences.overview", "Some onion services require that you identify yourself with a key"),
+ savedKeys: getString("authPreferences.savedKeys", "Saved Keys"),
+ dialogTitle: getString("authPreferences.dialogTitle", "Onion Services Keys"),
+ dialogIntro: getString("authPreferences.dialogIntro", "Keys for the following onionsites are stored on your computer"),
+ onionSite: getString("authPreferences.onionSite", "Onionsite"),
+ onionKey: getString("authPreferences.onionKey", "Key"),
+ remove: getString("authPreferences.remove", "Remove"),
+ removeAll: getString("authPreferences.removeAll", "Remove All"),
+ failedToGetKeys: getString("authPreferences.failedToGetKeys", "Failed to get keys"),
+ failedToRemoveKey: getString("authPreferences.failedToRemoveKey", "Failed to remove key"),
+ },
+ };
+
+ return retval;
+ })() /* Tor Onion Services Strings */,
+
+ /*
+ OnionLocation
+ */
+ onionLocation: (function() {
+ const tsb = new TorPropertyStringBundle(
+ ["chrome://torbutton/locale/torbutton.properties"],
+ "onionLocation."
+ );
+ const getString = function(key, fallback) {
+ return tsb.getString(key, fallback);
+ };
+
+ const retval = {
+ alwaysPrioritize: getString(
+ "alwaysPrioritize",
+ "Always Prioritize Onionsites"
+ ),
+ alwaysPrioritizeAccessKey: getString("alwaysPrioritizeAccessKey", "a"),
+ notNow: getString("notNow", "Not Now"),
+ notNowAccessKey: getString("notNowAccessKey", "n"),
+ description: getString(
+ "description",
+ "Website publishers can protect users by adding a security layer. This prevents eavesdroppers from knowing that you are the one visiting that website."
+ ),
+ tryThis: getString("tryThis", "Try this: Onionsite"),
+ onionAvailable: getString("onionAvailable", "Onionsite available"),
+ learnMore: getString("learnMore", "Learn more"),
+ learnMoreURL: `https://tb-manual.torproject.org/${getLocale()}/onion-services/`,
+ always: getString("always", "Always"),
+ askEverytime: getString("askEverytime", "Ask you every time"),
+ prioritizeOnionsDescription: getString(
+ "prioritizeOnionsDescription",
+ "Prioritize onionsites when they are available."
+ ),
+ onionServicesTitle: getString("onionServicesTitle", "Onion Services"),
+ };
+
+ return retval;
+ })() /* OnionLocation */,
+
+ /*
+ Tor Deamon Configuration Key Strings
+ */
+
+ // TODO: proper camel case
+ configKeys: {
+ /* Bridge Conf Settings */
+ useBridges: "UseBridges",
+ bridgeList: "Bridge",
+ /* Proxy Conf Strings */
+ socks4Proxy: "Socks4Proxy",
+ socks5Proxy: "Socks5Proxy",
+ socks5ProxyUsername: "Socks5ProxyUsername",
+ socks5ProxyPassword: "Socks5ProxyPassword",
+ httpsProxy: "HTTPSProxy",
+ httpsProxyAuthenticator: "HTTPSProxyAuthenticator",
+ /* Firewall Conf Strings */
+ reachableAddresses: "ReachableAddresses",
+
+ /* BridgeDB Strings */
+ clientTransportPlugin: "ClientTransportPlugin",
+ },
+
+ /*
+ about:config preference keys
+ */
+
+ preferenceKeys: {
+ defaultBridgeType: "extensions.torlauncher.default_bridge_type",
+ recommendedBridgeType:
+ "extensions.torlauncher.default_bridge_recommended_type",
+ },
+
+ /*
+ about:config preference branches
+ */
+ preferenceBranches: {
+ defaultBridge: "extensions.torlauncher.default_bridge.",
+ bridgeDBBridges: "extensions.torlauncher.bridgedb_bridge.",
+ },
+};
diff --git a/browser/modules/moz.build b/browser/modules/moz.build
index b069f1b641f7..3774c12f4ef0 100644
--- a/browser/modules/moz.build
+++ b/browser/modules/moz.build
@@ -152,6 +152,7 @@ EXTRA_JS_MODULES += [
"TabsList.jsm",
"TabUnloader.jsm",
"ThemeVariableMap.jsm",
+ "TorStrings.jsm",
"TransientPrefs.jsm",
"webrtcUI.jsm",
"ZoomUI.jsm",
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 4606fc40ba8c16b37c938997cac6241b032097df
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Wed Aug 27 15:19:10 2014 -0700
Bug 12974: Disable NTLM and Negotiate HTTP Auth
This is technically an embargoed Mozilla bug, so I probably shouldn't provide
too many details.
Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt
very many (or any of them) actually need it.
The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421
---
extensions/auth/nsHttpNegotiateAuth.cpp | 4 ++++
netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++
2 files changed, 7 insertions(+)
diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp
index fde44d6ce9ef..a3b3422e2c42 100644
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -155,6 +155,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel,
nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState;
*identityInvalid = false;
+
+ /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+ return NS_ERROR_ABORT;
+
if (rawModule) {
return NS_OK;
}
diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
index a98093b484fa..e44fc4153e2e 100644
--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
@@ -169,6 +169,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel,
*identityInvalid = false;
+ /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+ return NS_ERROR_ABORT;
+
// Start a new auth sequence if the challenge is exactly "NTLM".
// If native NTLM auth apis are available and enabled through prefs,
// try to use them.
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 13028: Prevent potential proxy bypass cases.
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit bcbbd51765db97eac98777ae1b8a5da4fde41e30
Author: Mike Perry <mikeperry-git(a)torproject.org>
Date: Mon Sep 29 14:30:19 2014 -0700
Bug 13028: Prevent potential proxy bypass cases.
It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
---
security/nss/lib/certhigh/ocsp.c | 8 ++++++++
.../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +++++++++++++++++++++
2 files changed, 29 insertions(+)
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
index cea8456606bf..86fa971cfbef 100644
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port)
PRNetAddr addr;
char *netdbbuf = NULL;
+ // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+ // we want to ensure nothing can ever hit this code in production.
+#if 1
+ printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host,
+ port);
+ goto loser;
+#endif
+
sock = PR_NewTCPSocket();
if (sock == NULL)
goto loser;
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
index e8698376b5be..85791d84a932 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create(
plContext),
PKIX_COULDNOTCREATESOCKETOBJECT);
+ // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+ // we want to ensure nothing can ever hit this code in production.
+#if 1
+ printf("Tor Browser BUG: Attempted pkix direct socket connect\n");
+ PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
socket->isServer = isServer;
socket->timeout = timeout;
socket->clientSock = NULL;
@@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName(
localCopyName = PL_strdup(serverName);
+ // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+ // we want to ensure nothing can ever hit this code in production.
+#if 1
+ printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName);
+ PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
sepPtr = strchr(localCopyName, ':');
/* First strip off the portnum, if present, from the end of the name */
if (sepPtr) {
@@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort(
PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort");
PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
+ // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
+ // we want to ensure nothing can ever hit this code in production.
+#if 1
+ printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname,
+ portnum);
+ PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 16439: Remove screencasting code
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 15ce725a441d87c2debf21ed405bb92842e729da
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Wed Jun 24 11:01:11 2015 -0400
Bug 16439: Remove screencasting code
We avoid including the screencasting code on mobile (it got ripped out
for desktop in bug 1393582) by simply excluding the related JS modules
from Tor Browser.
---
toolkit/modules/moz.build | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index c6b2c421f447..9d349d9f3394 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -255,10 +255,11 @@ if "Android" != CONFIG["OS_TARGET"]:
]
else:
DEFINES["ANDROID"] = True
- EXTRA_JS_MODULES += [
- "secondscreen/RokuApp.jsm",
- "secondscreen/SimpleServiceDiscovery.jsm",
- ]
+ if not CONFIG["TOR_BROWSER_VERSION"]:
+ EXTRA_JS_MODULES += [
+ "secondscreen/RokuApp.jsm",
+ "secondscreen/SimpleServiceDiscovery.jsm",
+ ]
if CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
1
0
[tor-browser/tor-browser-91.0.1-10.5-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
by sysrqb@torproject.org 17 Aug '21
by sysrqb@torproject.org 17 Aug '21
17 Aug '21
commit 9bcdb4f7bae99138ea9a06616582ab7b564a20b4
Author: Kathy Brade <brade(a)pearlcrescent.com>
Date: Fri Oct 18 15:20:06 2013 -0400
Bug 9173: Change the default Firefox profile directory to be TBB-relative.
This should eliminate our need to rely on a wrapper script that
sets /Users/arthur and launches Firefox with -profile.
---
toolkit/profile/nsToolkitProfileService.cpp | 5 +-
toolkit/xre/nsAppRunner.cpp | 2 +-
toolkit/xre/nsConsoleWriter.cpp | 2 +-
toolkit/xre/nsXREDirProvider.cpp | 149 ++++++----------------------
toolkit/xre/nsXREDirProvider.h | 16 +--
xpcom/io/nsAppFileLocationProvider.cpp | 97 +++++++-----------
6 files changed, 84 insertions(+), 187 deletions(-)
diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp
index 42c06a1bce45..811e7f969280 100644
--- a/toolkit/profile/nsToolkitProfileService.cpp
+++ b/toolkit/profile/nsToolkitProfileService.cpp
@@ -819,10 +819,11 @@ nsresult nsToolkitProfileService::Init() {
NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!");
nsresult rv;
- rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData));
+ rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData));
NS_ENSURE_SUCCESS(rv, rv);
- rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData));
+ rv =
+ gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData));
NS_ENSURE_SUCCESS(rv, rv);
rv = mAppData->Clone(getter_AddRefs(mProfileDBFile));
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index d3bb8096ad02..c6f5622e88bc 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -3729,7 +3729,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) &&
NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) {
nsCOMPtr<nsIFile> file;
- rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file));
+ rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file));
if (NS_SUCCEEDED(rv)) {
CrashReporter::SetUserAppDataDirectory(file);
}
diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp
index d89ea3bde31d..4a9a6d28034a 100644
--- a/toolkit/xre/nsConsoleWriter.cpp
+++ b/toolkit/xre/nsConsoleWriter.cpp
@@ -29,7 +29,7 @@ void WriteConsoleLog() {
} else {
if (!gLogConsoleErrors) return;
- rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile));
+ rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile));
if (NS_FAILED(rv)) return;
lfile->AppendNative("console.log"_ns);
diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
index d6def8aee83d..b958258424a2 100644
--- a/toolkit/xre/nsXREDirProvider.cpp
+++ b/toolkit/xre/nsXREDirProvider.cpp
@@ -32,6 +32,7 @@
#include "nsArrayEnumerator.h"
#include "nsEnumeratorUtils.h"
#include "nsReadableUtils.h"
+#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR
#include "SpecialSystemDirectory.h"
@@ -255,9 +256,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) {
nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false);
if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
- rv = file->AppendNative("Profiles"_ns);
-#endif
// We must create the profile directory here if it does not exist.
nsresult tmp = EnsureDirectoryExists(file);
if (NS_FAILED(tmp)) {
@@ -273,9 +271,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) {
nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true);
if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
- rv = file->AppendNative("Profiles"_ns);
-#endif
// We must create the profile directory here if it does not exist.
nsresult tmp = EnsureDirectoryExists(file);
if (NS_FAILED(tmp)) {
@@ -1370,7 +1365,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr<nsIFile>& aFile,
nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
bool aLocal) {
// Copied from nsAppFileLocationProvider (more or less)
- nsresult rv;
+ NS_ENSURE_ARG_POINTER(aFile);
nsCOMPtr<nsIFile> localDir;
if (aLocal && gDataDirHomeLocal) {
@@ -1380,80 +1375,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
return gDataDirHome->Clone(aFile);
}
-#if defined(XP_MACOSX)
- FSRef fsRef;
- OSType folderType;
- if (aLocal) {
- folderType = kCachedDataFolderType;
- } else {
-# ifdef MOZ_THUNDERBIRD
- folderType = kDomainLibraryFolderType;
-# else
- folderType = kApplicationSupportFolderType;
-# endif
- }
- OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
- NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
-
- rv = NS_NewNativeLocalFile(""_ns, true, getter_AddRefs(localDir));
+ nsresult rv = GetAppDir()->Clone(getter_AddRefs(localDir));
NS_ENSURE_SUCCESS(rv, rv);
- nsCOMPtr<nsILocalFileMac> dirFileMac = do_QueryInterface(localDir);
- NS_ENSURE_TRUE(dirFileMac, NS_ERROR_UNEXPECTED);
-
- rv = dirFileMac->InitWithFSRef(&fsRef);
- NS_ENSURE_SUCCESS(rv, rv);
+ int levelsToRemove = 1; // In FF21+, appDir points to browser subdirectory.
+#if defined(XP_MACOSX)
+ levelsToRemove += 2;
+#endif
+ while (localDir && (levelsToRemove > 0)) {
+ // When crawling up the hierarchy, components named "." do not count.
+ nsAutoCString removedName;
+ rv = localDir->GetNativeLeafName(removedName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ bool didRemove = !removedName.Equals(".");
- localDir = dirFileMac;
-#elif defined(XP_IOS)
- nsAutoCString userDir;
- if (GetUIKitDirectory(aLocal, userDir)) {
- rv = NS_NewNativeLocalFile(userDir, true, getter_AddRefs(localDir));
- } else {
- rv = NS_ERROR_FAILURE;
- }
- NS_ENSURE_SUCCESS(rv, rv);
-#elif defined(XP_WIN)
- nsString path;
- if (aLocal) {
- rv = GetShellFolderPath(FOLDERID_LocalAppData, path);
- if (NS_FAILED(rv)) rv = GetRegWindowsAppDataFolder(aLocal, path);
- }
- if (!aLocal || NS_FAILED(rv)) {
- rv = GetShellFolderPath(FOLDERID_RoamingAppData, path);
- if (NS_FAILED(rv)) {
- if (!aLocal) rv = GetRegWindowsAppDataFolder(aLocal, path);
- }
+ // Remove a directory component.
+ nsCOMPtr<nsIFile> parentDir;
+ rv = localDir->GetParent(getter_AddRefs(parentDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ localDir = parentDir;
+ if (didRemove) --levelsToRemove;
}
- NS_ENSURE_SUCCESS(rv, rv);
- rv = NS_NewLocalFile(path, true, getter_AddRefs(localDir));
-#elif defined(XP_UNIX)
- const char* homeDir = getenv("HOME");
- if (!homeDir || !*homeDir) return NS_ERROR_FAILURE;
+ if (!localDir) return NS_ERROR_FAILURE;
-# ifdef ANDROID /* We want (ProfD == ProfLD) on Android. */
- aLocal = false;
-# endif
+ rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR
+ "Data" XPCOM_FILE_PATH_SEPARATOR
+ "Browser"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
if (aLocal) {
- // If $XDG_CACHE_HOME is defined use it, otherwise use $HOME/.cache.
- const char* cacheHome = getenv("XDG_CACHE_HOME");
- if (cacheHome && *cacheHome) {
- rv = NS_NewNativeLocalFile(nsDependentCString(cacheHome), true,
- getter_AddRefs(localDir));
- } else {
- rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
- getter_AddRefs(localDir));
- if (NS_SUCCEEDED(rv)) rv = localDir->AppendNative(".cache"_ns);
- }
- } else {
- rv = NS_NewNativeLocalFile(nsDependentCString(homeDir), true,
- getter_AddRefs(localDir));
+ rv = localDir->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
}
-#else
-# error "Don't know how to get product dir on your platform"
-#endif
NS_IF_ADDREF(*aFile = localDir);
return rv;
@@ -1636,39 +1590,23 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
}
nsAutoCString profile;
- nsAutoCString appName;
- nsAutoCString vendor;
if (gAppData->profile) {
profile = gAppData->profile;
- } else {
- appName = gAppData->name;
- vendor = gAppData->vendor;
}
- nsresult rv = NS_OK;
+ nsresult rv = NS_ERROR_FAILURE;
#if defined(XP_MACOSX)
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
- } else {
- // Note that MacOS ignores the vendor when creating the profile hierarchy -
- // all application preferences directories live alongside one another in
- // ~/Library/Application Support/
- rv = aFile->AppendNative(appName);
+ NS_ENSURE_SUCCESS(rv, rv);
}
- NS_ENSURE_SUCCESS(rv, rv);
#elif defined(XP_WIN)
if (!profile.IsEmpty()) {
rv = AppendProfileString(aFile, profile.get());
- } else {
- if (!vendor.IsEmpty()) {
- rv = aFile->AppendNative(vendor);
- NS_ENSURE_SUCCESS(rv, rv);
- }
- rv = aFile->AppendNative(appName);
+ NS_ENSURE_SUCCESS(rv, rv);
}
- NS_ENSURE_SUCCESS(rv, rv);
#elif defined(ANDROID)
// The directory used for storing profiles
@@ -1678,11 +1616,6 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
rv = aFile->AppendNative(nsDependentCString("mozilla"));
NS_ENSURE_SUCCESS(rv, rv);
#elif defined(XP_UNIX)
- nsAutoCString folder;
- // Make it hidden (by starting with "."), except when local (the
- // profile is already under ~/.cache or XDG_CACHE_HOME).
- if (!aLocal) folder.Assign('.');
-
if (!profile.IsEmpty()) {
// Skip any leading path characters
const char* profileStart = profile.get();
@@ -1690,32 +1623,16 @@ nsresult nsXREDirProvider::AppendProfilePath(nsIFile* aFile, bool aLocal) {
// On the off chance that someone wanted their folder to be hidden don't
// let it become ".."
- if (*profileStart == '.' && !aLocal) profileStart++;
+ if (*profileStart == '.') profileStart++;
+ // Make it hidden (by starting with ".").
+ nsAutoCString folder(".");
folder.Append(profileStart);
ToLowerCase(folder);
rv = AppendProfileString(aFile, folder.BeginReading());
- } else {
- if (!vendor.IsEmpty()) {
- folder.Append(vendor);
- ToLowerCase(folder);
-
- rv = aFile->AppendNative(folder);
- NS_ENSURE_SUCCESS(rv, rv);
-
- folder.Truncate();
- }
-
- // This can be the case in tests.
- if (!appName.IsEmpty()) {
- folder.Append(appName);
- ToLowerCase(folder);
-
- rv = aFile->AppendNative(folder);
- }
+ NS_ENSURE_SUCCESS(rv, rv);
}
- NS_ENSURE_SUCCESS(rv, rv);
#else
# error "Don't know how to get profile path on your platform"
diff --git a/toolkit/xre/nsXREDirProvider.h b/toolkit/xre/nsXREDirProvider.h
index e28a4fef5bc6..acea2e689821 100644
--- a/toolkit/xre/nsXREDirProvider.h
+++ b/toolkit/xre/nsXREDirProvider.h
@@ -63,15 +63,19 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
void DoShutdown();
- static nsresult GetUserAppDataDirectory(nsIFile** aFile) {
+ nsresult GetUserAppDataDirectory(nsIFile** aFile) {
return GetUserDataDirectory(aFile, false);
}
- static nsresult GetUserLocalDataDirectory(nsIFile** aFile) {
+ nsresult GetUserLocalDataDirectory(nsIFile** aFile) {
return GetUserDataDirectory(aFile, true);
}
// GetUserDataDirectory gets the profile path from gAppData.
- static nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal);
+
+ // This function now calls GetAppDir(), so it cannot be static anymore.
+ // The same happens with all the functions (in)directly calling this one (the
+ // rest of Get*Directory functions in this file)
+ nsresult GetUserDataDirectory(nsIFile** aFile, bool aLocal);
/* make sure you clone it, if you need to do stuff to it */
nsIFile* GetGREDir() { return mGREDir; }
@@ -112,9 +116,9 @@ class nsXREDirProvider final : public nsIDirectoryServiceProvider2,
protected:
nsresult GetFilesInternal(const char* aProperty,
nsISimpleEnumerator** aResult);
- static nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal);
- static nsresult GetSysUserExtensionsDirectory(nsIFile** aFile);
- static nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile);
+ nsresult GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal);
+ nsresult GetSysUserExtensionsDirectory(nsIFile** aFile);
+ nsresult GetSysUserExtensionsDevDirectory(nsIFile** aFile);
#if defined(XP_UNIX) || defined(XP_MACOSX)
static nsresult GetSystemExtensionsDirectory(nsIFile** aFile);
#endif
diff --git a/xpcom/io/nsAppFileLocationProvider.cpp b/xpcom/io/nsAppFileLocationProvider.cpp
index ef974f99048f..2bbcee92aedb 100644
--- a/xpcom/io/nsAppFileLocationProvider.cpp
+++ b/xpcom/io/nsAppFileLocationProvider.cpp
@@ -15,6 +15,7 @@
#include "nsSimpleEnumerator.h"
#include "prenv.h"
#include "nsCRT.h"
+#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR
#if defined(MOZ_WIDGET_COCOA)
# include <Carbon/Carbon.h>
# include "nsILocalFileMac.h"
@@ -233,9 +234,8 @@ nsresult nsAppFileLocationProvider::CloneMozBinDirectory(nsIFile** aLocalFile) {
// GetProductDirectory - Gets the directory which contains the application data
// folder
//
-// UNIX : ~/.mozilla/
-// WIN : <Application Data folder on user's machine>\Mozilla
-// Mac : :Documents:Mozilla:
+// UNIX and WIN : <App Folder>/TorBrowser/Data/Browser
+// Mac : <App Folder>/../../TorBrowser/Data/Browser
//----------------------------------------------------------------------------------------
nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
bool aLocal) {
@@ -247,49 +247,45 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
bool exists;
nsCOMPtr<nsIFile> localDir;
-#if defined(MOZ_WIDGET_COCOA)
- FSRef fsRef;
- OSType folderType =
- aLocal ? (OSType)kCachedDataFolderType : (OSType)kDomainLibraryFolderType;
- OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, &fsRef);
- if (err) {
- return NS_ERROR_FAILURE;
+ rv = CloneMozBinDirectory(getter_AddRefs(localDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ int levelsToRemove = 1; // In FF21+, bin dir points to browser subdirectory.
+#if defined(XP_MACOSX)
+ levelsToRemove += 2;
+#endif
+ while (localDir && (levelsToRemove > 0)) {
+ // When crawling up the hierarchy, components named "." do not count.
+ nsAutoCString removedName;
+ rv = localDir->GetNativeLeafName(removedName);
+ NS_ENSURE_SUCCESS(rv, rv);
+ bool didRemove = !removedName.Equals(".");
+
+ // Remove a directory component.
+ nsCOMPtr<nsIFile> parentDir;
+ rv = localDir->GetParent(getter_AddRefs(parentDir));
+ NS_ENSURE_SUCCESS(rv, rv);
+ localDir = parentDir;
+
+ if (didRemove) {
+ --levelsToRemove;
+ }
}
- NS_NewLocalFile(u""_ns, true, getter_AddRefs(localDir));
+
if (!localDir) {
return NS_ERROR_FAILURE;
}
- nsCOMPtr<nsILocalFileMac> localDirMac(do_QueryInterface(localDir));
- rv = localDirMac->InitWithFSRef(&fsRef);
- if (NS_FAILED(rv)) {
- return rv;
- }
-#elif defined(XP_WIN)
- nsCOMPtr<nsIProperties> directoryService =
- do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv);
- if (NS_FAILED(rv)) {
- return rv;
- }
- const char* prop = aLocal ? NS_WIN_LOCAL_APPDATA_DIR : NS_WIN_APPDATA_DIR;
- rv = directoryService->Get(prop, NS_GET_IID(nsIFile),
- getter_AddRefs(localDir));
- if (NS_FAILED(rv)) {
- return rv;
- }
-#elif defined(XP_UNIX)
- rv = NS_NewNativeLocalFile(nsDependentCString(PR_GetEnv("HOME")), true,
- getter_AddRefs(localDir));
- if (NS_FAILED(rv)) {
- return rv;
- }
-#else
-# error dont_know_how_to_get_product_dir_on_your_platform
-#endif
- rv = localDir->AppendRelativeNativePath(DEFAULT_PRODUCT_DIR);
- if (NS_FAILED(rv)) {
- return rv;
+ rv = localDir->AppendRelativeNativePath("TorBrowser" XPCOM_FILE_PATH_SEPARATOR
+ "Data" XPCOM_FILE_PATH_SEPARATOR
+ "Browser"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ if (aLocal) {
+ rv = localDir->AppendNative("Caches"_ns);
+ NS_ENSURE_SUCCESS(rv, rv);
}
+
rv = localDir->Exists(&exists);
if (NS_SUCCEEDED(rv) && !exists) {
@@ -308,10 +304,6 @@ nsresult nsAppFileLocationProvider::GetProductDirectory(nsIFile** aLocalFile,
//----------------------------------------------------------------------------------------
// GetDefaultUserProfileRoot - Gets the directory which contains each user
// profile dir
-//
-// UNIX : ~/.mozilla/
-// WIN : <Application Data folder on user's machine>\Mozilla\Profiles
-// Mac : :Documents:Mozilla:Profiles:
//----------------------------------------------------------------------------------------
nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot(
nsIFile** aLocalFile, bool aLocal) {
@@ -327,23 +319,6 @@ nsresult nsAppFileLocationProvider::GetDefaultUserProfileRoot(
return rv;
}
-#if defined(MOZ_WIDGET_COCOA) || defined(XP_WIN)
- // These 3 platforms share this part of the path - do them as one
- rv = localDir->AppendRelativeNativePath("Profiles"_ns);
- if (NS_FAILED(rv)) {
- return rv;
- }
-
- bool exists;
- rv = localDir->Exists(&exists);
- if (NS_SUCCEEDED(rv) && !exists) {
- rv = localDir->Create(nsIFile::DIRECTORY_TYPE, 0775);
- }
- if (NS_FAILED(rv)) {
- return rv;
- }
-#endif
-
localDir.forget(aLocalFile);
return rv;
1
0