Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
0db7a4bd by Richard Pospesel at 2023-04-23T11:51:30+00:00
fixup! Bug 41649: Create rebase and security backport gitlab issue templates
- - - - -
3 changed files:
- .gitlab/issue_templates/Backport Android Security Fixes.md
- .gitlab/issue_templates/Rebase Browser - Alpha.md
- .gitlab/issue_templates/Rebase Browser - Stable.md
Changes:
=====================================
.gitlab/issue_templates/Backport Android Security Fixes.md
=====================================
@@ -4,6 +4,7 @@
- example : `102.8.0`
- `$(RR_VERSION)` : the Mozilla defined Rapid-Release version; Tor Browser for Android is based off of the `$(ESR_VERSION)`, but Mozilla's Firefox for Android is based off of the `$(RR_VERSION)` so we need to keep track of security vulnerabilities to backport from the monthly Rapid-Release train and our frozen ESR train.
- example: `110`
+- `$(PROJECT_NAME)` : the name of the browser project, either `base-browser` or `tor-browser`
- `$(TOR_BROWSER_MAJOR)` : the Tor Browser major version
- example : `12`
- `$(TOR_BROWSER_MINOR)` : the Tor Browser minor version
@@ -12,7 +13,7 @@
- example : `build1`
</details>
-**NOTE:** It is assumed the `tor-browser` rebase has already happened and there exists a `build1` build tag for both `base-browser` and `tor-browser`
+**NOTE:** It is assumed the `tor-browser` rebase (stable and alpha) has already happened and there exists a `build1` build tags for both `base-browser` and `tor-browser` (stable and alpha)
### **Bookkeeping**
@@ -36,26 +37,53 @@
- Create link to the CVE on [mozilla.org](https://www.mozilla.org/en-US/security/advisories/)
- example: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-257…
- Create link to the associated Bugzilla issues (found in the CVE description)
- - Create a link to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported
+ - Create links to the relevant `gecko-dev`/other commit hashes which need to be backported OR a brief justification for why the fix does not need to be backported
- To find the `gecko-dev` version of a `mozilla-central`, search for a unique string in the relevant `mozilla-central` commit message in the `gecko-dev/release` branch log.
- **NOTE:** This process is unfortunately somewhat poorly defined/ad-hoc given the general variation in how Bugzilla issues are labeled and resolved. In general this is going to involve a bit of hunting to identify needed commits or determining whether or not the fix is relevant.
+### CVEs
+
+<!-- CVE Resolution Template, foreach CVE to investigate add an entry in the form:
+- [ ] https://www.mozilla.org/en-US/security/advisories/mfsaYYYY-NN/#CVE-YYYY-XXX… // CVE description
+ - https://bugzilla.mozilla.org/show_bug.cgi?id=NNNNNN // Bugzilla issue
+ - **Note** : Any relevant info about this fix, justification for why it is not necessary, etc
+ - **Patches**
+ - firefox-android : https://link.to/relevant/patch
+ - firefox : https://link.to/relevant/patch
+ -->
### **tor-browser** : https://gitlab.torproject.org/tpo/applications/tor-browser.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- - [ ] Sign/Tag commit:
- - Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
+ - [ ] Backport patches to `tor-browser` stable branch
+ - [ ] Open MR
+ - [ ] Merge
+ - [ ] Rebase patches onto:
+ - [ ] `base-browser` stable
+ - [ ] `tor-browser` alpha
+ - [ ] `base-browser` alpha
+ - [ ] Sign/Tag commits:
+ - Tag : `$(PROJECT_NAME)-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- - [ ] Push tag to `origin`
+ - [ ] `base-browser` stable
+ - [ ] `tor-browser` stable
+ - [ ] `base-browser` alpha
+ - [ ] `tor-browser` alpha
+ - [ ] Push tags to `origin`
**OR**
- [ ] No backports
### **application-services** : *TODO: we will need to setup a gitlab copy of this repo that we can apply security backports to if there are ever any security issues here*
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- - [ ] Sign/Tag commit:
+ - [ ] Backport patches to `application-services` stable branch
+ - [ ] Open MR
+ - [ ] Merge
+ - [ ] Rebase patches onto `application-services` alpha
+ - [ ] Sign/Tag commits:
- Tag : `application-services-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha`
- - [ ] Push tag to `origin`
+ - [ ] `application-services` stable
+ - [ ] `application-services` alpha
+ - [ ] Push tags to `origin`
**OR**
- [ ] No backports
@@ -63,10 +91,16 @@
### **android-components** : https://gitlab.torproject.org/tpo/applications/android-components.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since November 2022, this repo has been merged with `fenix` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `android-components` project.
- - [ ] Sign/Tag commit:
+ - [ ] Backport patches to `android-components` stable branch
+ - [ ] Open MR
+ - [ ] Merge
+ - [ ] Rebase patches onto `android-components` alpha
+ - [ ] Sign/Tag commits:
- Tag : `android-components-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- - [ ] Push tag to `origin`
+ - [ ] `android-components` stable
+ - [ ] `android-components` alpha
+ - [ ] Push tags to `origin`
**OR**
- [ ] No backports
@@ -74,15 +108,17 @@
### **fenix** : https://gitlab.torproject.org/tpo/applications/fenix.git
- [ ] Backport any Android-specific security fixes from Firefox rapid-release
- **NOTE**: Since February 2023, this repo has been merged with `android-components` into a singular `firefox-android` repo: https://github.com/mozilla-mobile/firefox-android. Any backport will require a patch rewrite to apply to our legacy `fenix` project.
- - [ ] Sign/Tag commit:
+ - [ ] Backport patches to `fenix` stable branch
+ - [ ] Open MR
+ - [ ] Merge
+ - [ ] Rebase patches onto `fenix` alpha
+ - [ ] Sign/Tag commits:
- Tag : `tor-browser-$(ESR_VERSION)-$(TOR_BROWSER_MAJOR).$(TOR_BROWSER_MINOR)-1-$(BUILD_N)`
- Message: `Tagging $(BUILD_N) for $(ESR_VERSION)-based alpha)`
- - [ ] Push tag to `origin`
+ - [ ] `fenix` stable
+ - [ ] `fenix` alpha
+ - [ ] Push tags to `origin`
**OR**
- [ ] No backports
-### CVEs
-
-<!-- Create CVE resolution here -->
-
/confidential
=====================================
.gitlab/issue_templates/Rebase Browser - Alpha.md
=====================================
@@ -27,14 +27,46 @@
- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue.
+### Update Branch Protection Rules
+
+- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…:
+ - [ ] Remove previous alpha `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased)
+ - [ ] Create new `base-browser` and `tor-browser` branch protection rule:
+ - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*`
+ - example: `*-102.8.0esr-12.5-1*`
+ - **Allowed to merge**: `Maintainers`
+ - **Allowed to push and merge**: `Maintainers`
+ - **Allowed to force push**: `false`
+
+### **Create New Branches**
+
+- [ ] Create new alpha `base-browser` branch from Firefox mercurial tag (found during the stable rebase)
+ - branch name in the form: `base-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1`
+ - example: `base-browser-102.8.0esr-12.5-1`
+- [ ] Create new alpha `tor-browser` branch from Firefox mercurial tag
+ - branch name in the form: `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1`
+ - example: `tor-browser-102.8.0esr-12.5-1`
+- [ ] Push new `base-browser` branch to `origin`
+- [ ] Push new `tor-browser` branch to `origin`
+
### **Rebase base-browser**
-- [ ] Checkout a new branch for the `base-browser` rebase
+- [ ] Checkout a new local branch for the `base-browser` rebase
- example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1`
- [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch
- example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.5-1-build1`
- [ ] Rebase and autosquash these cherry-picked commits
- example: `git rebase --autosquash --interactive FIREFOX_102_8_0esr_BUILD1 HEAD`
+ - [ ] **(Optional)** Patch reordering
+ - Relocate new `base-browser` patches in the patch-set to enforce this rough thematic ordering:
+ - **MOZILLA BACKPORTS** - official Firefox patches we have backported to our ESR branch: Android-specific security updates, critical bug fixes, worthwhile features, etc
+ - **MOZILLA REVERTS** - revert commits of official Firefox patches
+ - **UPLIFT CANDIDATES** - patches which stand on their own and should be uplifted to `mozilla-central`
+ - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc
+ - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc
+ - **SECURITY PATCHES** - security improvements, hardening, etc
+ - **PRIVACY PATCHES** - fingerprinting, linkability, proxy bypass, etc
+ - **FEATURES** - new functionality: updater, UX, letterboxing, security level, add-on integration, etc
- [ ] Cherry-pick remainder of patches after the `build1` tag
- example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1 origin/base-browser-102.7.0esr-12.5-1`
- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution:
@@ -61,15 +93,30 @@
- example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..tor-browser-102.7.0esr-12.5-1-build1`
- [ ] Rebase and autosquash these cherry-picked commits (from the last new `base-browser` commit to `HEAD`)
- example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD`
+ - [ ] **(Optional)** Patch reordering
+ - Relocate new `tor-browser` patches in the patch-set to enforce this rough thematic ordering:
+ - **BUILD CONFIGURATION** - tools/scripts, gitlab templates, etc
+ - **BROWSER CONFIGURATION** - branding, mozconfigs, preference overrides, etc
+ - **UPDATER PATCHES** - updater tweaks, signing keys, etc
+ - **SECURITY PATCHES** - non tor-dependent security improvements, hardening, etc
+ - **PRIVACY PATCHES** - non tor-dependent fingerprinting, linkability, proxy bypass, etc
+ - **FEAURES** - non tor-dependent features
+ - **TOR INTEGRATION** - legacy tor-launcher/torbutton, tor modules, bootstrapping, etc
+ - **TOR SECURITY PATCHES** - tor-specific security improvements
+ - **TOR PRIVACY PATCHES** - tor-specific privacy improvements
+ - **TOR FEATURES** - new tor-specific functionality: manual, onion-location, onion service client auth, etc
- [ ] Cherry-pick remainder of patches after the last `buildN` tag
- example: `git cherry-pick base-browser-102.7.0esr-12.5-1-build1..origin/tor-browser-102.7.0esr-12.5-1`
+- [ ] Rebase and autosquash again (from the last new `base-browser` commit to `HEAD`), this time replacing all `fixup` and `squash` commands with `pick`. The goal here is to have all of the `fixup` and `squash` commits beside the commit which they modify.
+ - example: `git rebase --autosquash --interactive base-browser-102.8.0esr-12.5-1-build1 HEAD`
+ - **NOTE**: Do not allow `fixup` or `squash` commands here!
- [ ] Compare patch sets to ensure nothing *weird* happened during conflict resolution:
- [ ] diff of diffs:
- Do the diff between `current_patchset.diff` and `rebased_patchset.diff` with your preferred difftool and look at differences on lines that starts with + or -
- `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff`
- `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff`
- diff `current_patchset.diff` and `rebased_patchset.diff`
- - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456`
+ - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch)
- [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD`
- example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.5-1 FIREFOX_102_8_0esr_BUILD1..HEAD`
- [ ] Open MR for the `tor-browser` rebase
=====================================
.gitlab/issue_templates/Rebase Browser - Stable.md
=====================================
@@ -25,6 +25,17 @@
- [ ] Link this issue to the appropriate [Release Prep](https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/is… issue.
+### Update Branch Protection Rules
+
+- [ ] In [Repository Settings](https://gitlab.torproject.org/tpo/applications/tor-browser/-/sett…:
+ - [ ] Remove previous stable `base-browser` and `tor-browser` branch protection rules (this will prevent pushing new changes to the branches being rebased)
+ - [ ] Create new `base-browser` and `tor-browser` branch protection rule:
+ - **Branch**: `*-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1*`
+ - example: `*-102.8.0esr-12.0-1*`
+ - **Allowed to merge**: `Maintainers`
+ - **Allowed to push and merge**: `Maintainers`
+ - **Allowed to force push**: `false`
+
### **Identify the Firefox Tagged Commit and Create New Branches**
- [ ] Find the Firefox mercurial tag here : https://hg.mozilla.org/releases/mozilla-esr102/tags
@@ -48,7 +59,7 @@
### **Rebase base-browser**
-- [ ] Checkout a new branch for the `base-browser` rebase
+- [ ] Checkout a new local branch for the `base-browser` rebase
- example: `git branch base-browser-rebase FIREFOX_102_8_0esr_BUILD1`
- [ ] Cherry-pick the previous `base-browser` commits up to `base-browser`'s `build1` tag onto new `base-browser` rebase branch
- example: `git cherry-pick FIREFOX_102_7_0esr_BUILD1..base-browser-102.7.0esr-12.0-1-build1`
@@ -72,6 +83,7 @@
- Message : `Tagging build1 for $(ESR_VERSION)esr-based stable`
- [ ] Push tag to `origin`
+
### **Rebase tor-browser**
- [ ] Checkout a new branch for the `tor-browser` rebase starting from the `base-browser` `build1` tag
@@ -88,7 +100,7 @@
- `git diff $(ESR_TAG_PREV)..$(BROWSER_BRANCH_PREV) > current_patchset.diff`
- `git diff $(ESR_TAG)..$(BROWSER_BRANCH) > rebased_patchset.diff`
- diff `current_patchset.diff` and `rebased_patchset.diff`
- - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456`
+ - If everything went correctly, the only lines which should differ should be the lines starting with `index abc123...def456` (unless the previous `base-browser` branch includes changes not included in the previous `tor-browser` branch)
- [ ] rangediff: `git range-diff $(ESR_TAG_PREV)..$(TOR_BROWSER_BRANCH_PREV) $(ESR_TAG)..HEAD`
- example: `git range-dif FIREFOX_102_7_0esr_BUILD1..origin/tor-browser-102.7.0esr-12.0-1 FIREFOX_102_8_0esr_BUILD1..HEAD`
- [ ] Open MR for the `tor-browser` rebase
@@ -97,4 +109,3 @@
- Tag : `tor-browser-$(ESR_VERSION)esr-$(BROWSER_MAJOR).$(BROWSER_MINOR)-1-build1`
- Message : `Tagging build1 for $(ESR_VERSION)esr-based stable`
- [ ] Push tag to `origin`
-
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0db7a4b…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch base-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
ca768445 by Henry Wilkes at 2023-04-20T20:00:45+00:00
Bug 41736 - Customize toolbar for base-browser.
- - - - -
1cc48456 by Henry Wilkes at 2023-04-20T20:00:45+00:00
fixup! Bug 40926: Implemented the New Identity feature
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
4bea1315 by Henry Wilkes at 2023-04-20T20:00:46+00:00
fixup! Bug 40925: Implemented the Security Level component
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
90750ca9 by Henry Wilkes at 2023-04-20T20:00:46+00:00
fixup! Firefox preference overrides.
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
3 changed files:
- browser/app/profile/001-base-profile.js
- browser/components/customizableui/CustomizableUI.jsm
- browser/components/extensions/parent/ext-browserAction.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false);
// Disk activity: Disable storage.sync (tor-browser#41424)
pref("webextensions.storage.sync.enabled", false);
-// Toolbar layout
-pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}");
-
// Enforce certificate pinning, see: https://bugs.torproject.org/16206
pref("security.cert_pinning.enforcement_level", 2);
=====================================
browser/components/customizableui/CustomizableUI.jsm
=====================================
@@ -65,6 +65,11 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"];
*/
var kVersion = 17;
+/**
+ * The current version for base browser.
+ */
+var kVersionBaseBrowser = 1;
+
/**
* Buttons removed from built-ins by version they were removed. kVersion must be
* bumped any time a new id is added to this. Use the button id as key, and
@@ -218,6 +223,7 @@ var CustomizableUIInternal = {
this._updateForNewVersion();
this._updateForNewProtonVersion();
this._markObsoleteBuiltinButtonsSeen();
+ this._updateForBaseBrowser();
this.registerArea(
CustomizableUI.AREA_FIXED_OVERFLOW_PANEL,
@@ -236,10 +242,15 @@ var CustomizableUIInternal = {
Services.policies.isAllowed("removeHomeButtonByDefault")
? null
: "home-button",
- "spring",
+ // Don't want springs either side of the urlbar. tor-browser#41736
"urlbar-container",
- "spring",
- "save-to-pocket-button",
+ // save-to-pocket-button is entirely disabled. See tor-browser#18886 and
+ // tor-browser#31602.
+ // Base-browser additions tor-browser#41736. If you want to add to, remove
+ // from, or rearrange this list, then bump the kVersionBaseBrowser and
+ // update existing saved states in _updateForBaseBrowser.
+ "security-level-button",
+ "new-identity-button",
"downloads-button",
AppConstants.MOZ_DEV_EDITION ? "developer-button" : null,
"fxa-toolbar-menu-button",
@@ -255,6 +266,10 @@ var CustomizableUIInternal = {
},
true
);
+ // navbarPlacements does not match the initial default XHTML layout.
+ // Therefore we always need to rebuild the navbar area when
+ // registerToolbarNode is called. tor-browser#41736
+ gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR);
if (AppConstants.MENUBAR_CAN_AUTOHIDE) {
this.registerArea(
@@ -687,6 +702,104 @@ var CustomizableUIInternal = {
}
},
+ _updateForBaseBrowser() {
+ if (!gSavedState) {
+ // Use the defaults.
+ return;
+ }
+
+ const currentVersion = gSavedState.currentVersionBaseBrowser;
+
+ if (currentVersion < 1) {
+ // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the
+ // toolbar was configured by setting the full JSON string for the default
+ // "browser.uiCustomization.state" preference value. The disadvantage is
+ // that we could not update this value in a way that existing users (who
+ // would have non-default preference values) would also get the desired
+ // change (e.g. for adding or removing a button).
+ //
+ // With tor-browser#41736 we want to switch to changing the toolbar
+ // dynamically like firefox. Therefore, this first version transfer simply
+ // gets the toolbar into the same state we wanted before, away from the
+ // default firefox state.
+ //
+ // If an existing user state aligned with the previous default
+ // "browser.uiCustomization.state" then this shouldn't visibly change
+ // anything.
+ // If a user explicitly customized the toolbar to go back to the firefox
+ // default, then this may undo those changes.
+ const navbarPlacements =
+ gSavedState.placements[CustomizableUI.AREA_NAVBAR];
+ if (navbarPlacements) {
+ const getBeforeAfterUrlbar = () => {
+ // NOTE: The urlbar is non-removable from the navbar, so should have
+ // an index.
+ const index = navbarPlacements.indexOf("urlbar-container");
+ let after = index + 1;
+ if (
+ after < navbarPlacements.length &&
+ navbarPlacements[after] === "search-container"
+ ) {
+ // Skip past the search-container.
+ after++;
+ }
+ return { before: index - 1, after };
+ };
+
+ // Remove the urlbar springs either side of the urlbar.
+ const { before, after } = getBeforeAfterUrlbar();
+ if (
+ after < navbarPlacements.length &&
+ this.matchingSpecials(navbarPlacements[after], "spring")
+ ) {
+ // Remove the spring after.
+ navbarPlacements.splice(after, 1);
+ // NOTE: The `before` index does not change.
+ }
+ if (
+ before >= 0 &&
+ this.matchingSpecials(navbarPlacements[before], "spring")
+ ) {
+ // Remove the spring before.
+ navbarPlacements.splice(before, 1);
+ }
+
+ // Make sure the security-level-button and new-identity-button appears
+ // in the toolbar.
+ for (const id of ["new-identity-button", "security-level-button"]) {
+ let alreadyAdded = false;
+ for (const placements of Object.values(gSavedState.placements)) {
+ if (placements.includes(id)) {
+ alreadyAdded = true;
+ break;
+ }
+ }
+ if (alreadyAdded) {
+ continue;
+ }
+
+ // Add to the nav-bar, after the urlbar-container.
+ // NOTE: We have already removed the spring after the urlbar.
+ navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id);
+ }
+ }
+
+ // Remove save-to-pocket-button. See tor-browser#18886 and
+ // tor-browser#31602.
+ for (const placements of Object.values(gSavedState.placements)) {
+ let buttonIndex = placements.indexOf("save-to-pocket-button");
+ if (buttonIndex != -1) {
+ placements.splice(buttonIndex, 1);
+ }
+ }
+
+ // Remove unused fields that used to be part of
+ // "browser.uiCustomization.state".
+ delete gSavedState.placements["PanelUI-contents"];
+ delete gSavedState.placements["addon-bar"];
+ }
+ },
+
_placeNewDefaultWidgetsInArea(aArea) {
let futurePlacedWidgets = gFuturePlacements.get(aArea);
let savedPlacements =
@@ -2501,6 +2614,10 @@ var CustomizableUIInternal = {
gSavedState.currentVersion = 0;
}
+ if (!("currentVersionBaseBrowser" in gSavedState)) {
+ gSavedState.currentVersionBaseBrowser = 0;
+ }
+
gSeenWidgets = new Set(gSavedState.seen || []);
gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []);
gNewElementCount = gSavedState.newElementCount || 0;
@@ -2579,6 +2696,7 @@ var CustomizableUIInternal = {
seen: gSeenWidgets,
dirtyAreaCache: gDirtyAreaCache,
currentVersion: kVersion,
+ currentVersionBaseBrowser: kVersionBaseBrowser,
newElementCount: gNewElementCount,
};
=====================================
browser/components/extensions/parent/ext-browserAction.js
=====================================
@@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent {
}
build() {
+ // The extension ID for NoScript (WebExtension)
+ const isNoScript =
+ this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}";
+
let widget = CustomizableUI.createWidget({
id: this.id,
viewId: this.viewId,
@@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent {
removable: true,
label: this.action.getProperty(null, "title"),
tooltiptext: this.action.getProperty(null, "title"),
- defaultArea: browserAreas[this.action.getDefaultArea()],
+ // Do not want to add the NoScript extension to the toolbar by default.
+ // tor-browser#41736
+ defaultArea: isNoScript
+ ? null
+ : browserAreas[this.action.getDefaultArea()],
showInPrivateBrowsing: this.extension.privateBrowsingAllowed,
// Don't attempt to load properties from the built-in widget string
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/fd31ee…
You're receiving this email because of your account on gitlab.torproject.org.
Richard Pospesel pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
1ce930e3 by Henry Wilkes at 2023-04-20T20:03:08+00:00
Bug 41736 - Customize toolbar for base-browser.
- - - - -
d354800c by Henry Wilkes at 2023-04-20T20:03:08+00:00
fixup! Bug 40926: Implemented the New Identity feature
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
adacb2c3 by Henry Wilkes at 2023-04-20T20:03:08+00:00
fixup! Bug 40925: Implemented the Security Level component
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
491718d1 by Henry Wilkes at 2023-04-20T20:03:08+00:00
fixup! Firefox preference overrides.
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
352acb10 by Henry Wilkes at 2023-04-20T20:03:08+00:00
Bug 41736 - Customize toolbar for tor-browser.
- - - - -
96796fa5 by Henry Wilkes at 2023-04-20T20:03:08+00:00
fixup! Bug 40562: Added Tor Browser preferences to 000-tor-browser.js
Bug 41736 - Stop setting the browser.uiCustomization.state preference.
- - - - -
4 changed files:
- browser/app/profile/000-tor-browser.js
- browser/app/profile/001-base-profile.js
- browser/components/customizableui/CustomizableUI.jsm
- browser/components/extensions/parent/ext-browserAction.js
Changes:
=====================================
browser/app/profile/000-tor-browser.js
=====================================
@@ -30,8 +30,6 @@ pref("network.security.ports.banned", "", locked);
pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks
pref("network.http.max-persistent-connections-per-proxy", 256);
-pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\",\"_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}");
-
// Treat .onions as secure
pref("dom.securecontext.allowlist_onions", true);
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -464,9 +464,6 @@ pref("intl.multilingual.downloadEnabled", false);
// Disk activity: Disable storage.sync (tor-browser#41424)
pref("webextensions.storage.sync.enabled", false);
-// Toolbar layout
-pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"security-level-button\",\"new-identity-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"]},\"seen\":[\"developer-button\"],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\"],\"currentVersion\":14,\"newElementCount\":1}");
-
// Enforce certificate pinning, see: https://bugs.torproject.org/16206
pref("security.cert_pinning.enforcement_level", 2);
=====================================
browser/components/customizableui/CustomizableUI.jsm
=====================================
@@ -65,6 +65,16 @@ const kSubviewEvents = ["ViewShowing", "ViewHiding"];
*/
var kVersion = 17;
+/**
+ * The current version for base browser.
+ */
+var kVersionBaseBrowser = 1;
+
+/**
+ * The current version for tor browser.
+ */
+var kVersionTorBrowser = 1;
+
/**
* Buttons removed from built-ins by version they were removed. kVersion must be
* bumped any time a new id is added to this. Use the button id as key, and
@@ -218,6 +228,8 @@ var CustomizableUIInternal = {
this._updateForNewVersion();
this._updateForNewProtonVersion();
this._markObsoleteBuiltinButtonsSeen();
+ this._updateForBaseBrowser();
+ this._updateForTorBrowser();
this.registerArea(
CustomizableUI.AREA_FIXED_OVERFLOW_PANEL,
@@ -236,10 +248,17 @@ var CustomizableUIInternal = {
Services.policies.isAllowed("removeHomeButtonByDefault")
? null
: "home-button",
- "spring",
+ // Don't want springs either side of the urlbar. tor-browser#41736
"urlbar-container",
- "spring",
- "save-to-pocket-button",
+ // save-to-pocket-button is entirely disabled. See tor-browser#18886 and
+ // tor-browser#31602.
+ // Base-browser additions tor-browser#41736. If you want to add to, remove
+ // from, or rearrange this list, then bump the kVersionBaseBrowser and
+ // update existing saved states in _updateForBaseBrowser.
+ // Or if the change is only meant for tor-browser, bump kVersionTorBrowser
+ // instead and update the existing saved states in _updateForTorBrowser.
+ "security-level-button",
+ "new-identity-button",
"downloads-button",
AppConstants.MOZ_DEV_EDITION ? "developer-button" : null,
"fxa-toolbar-menu-button",
@@ -255,6 +274,10 @@ var CustomizableUIInternal = {
},
true
);
+ // navbarPlacements does not match the initial default XHTML layout.
+ // Therefore we always need to rebuild the navbar area when
+ // registerToolbarNode is called. tor-browser#41736
+ gDirtyAreaCache.add(CustomizableUI.AREA_NAVBAR);
if (AppConstants.MENUBAR_CAN_AUTOHIDE) {
this.registerArea(
@@ -687,6 +710,123 @@ var CustomizableUIInternal = {
}
},
+ _updateForBaseBrowser() {
+ if (!gSavedState) {
+ // Use the defaults.
+ return;
+ }
+
+ const currentVersion = gSavedState.currentVersionBaseBrowser;
+
+ if (currentVersion < 1) {
+ // NOTE: In base-browser/tor-browser version 12.5a5, and earlier, the
+ // toolbar was configured by setting the full JSON string for the default
+ // "browser.uiCustomization.state" preference value. The disadvantage is
+ // that we could not update this value in a way that existing users (who
+ // would have non-default preference values) would also get the desired
+ // change (e.g. for adding or removing a button).
+ //
+ // With tor-browser#41736 we want to switch to changing the toolbar
+ // dynamically like firefox. Therefore, this first version transfer simply
+ // gets the toolbar into the same state we wanted before, away from the
+ // default firefox state.
+ //
+ // If an existing user state aligned with the previous default
+ // "browser.uiCustomization.state" then this shouldn't visibly change
+ // anything.
+ // If a user explicitly customized the toolbar to go back to the firefox
+ // default, then this may undo those changes.
+ const navbarPlacements =
+ gSavedState.placements[CustomizableUI.AREA_NAVBAR];
+ if (navbarPlacements) {
+ const getBeforeAfterUrlbar = () => {
+ // NOTE: The urlbar is non-removable from the navbar, so should have
+ // an index.
+ const index = navbarPlacements.indexOf("urlbar-container");
+ let after = index + 1;
+ if (
+ after < navbarPlacements.length &&
+ navbarPlacements[after] === "search-container"
+ ) {
+ // Skip past the search-container.
+ after++;
+ }
+ return { before: index - 1, after };
+ };
+
+ // Remove the urlbar springs either side of the urlbar.
+ const { before, after } = getBeforeAfterUrlbar();
+ if (
+ after < navbarPlacements.length &&
+ this.matchingSpecials(navbarPlacements[after], "spring")
+ ) {
+ // Remove the spring after.
+ navbarPlacements.splice(after, 1);
+ // NOTE: The `before` index does not change.
+ }
+ if (
+ before >= 0 &&
+ this.matchingSpecials(navbarPlacements[before], "spring")
+ ) {
+ // Remove the spring before.
+ navbarPlacements.splice(before, 1);
+ }
+
+ // Make sure the security-level-button and new-identity-button appears
+ // in the toolbar.
+ for (const id of ["new-identity-button", "security-level-button"]) {
+ let alreadyAdded = false;
+ for (const placements of Object.values(gSavedState.placements)) {
+ if (placements.includes(id)) {
+ alreadyAdded = true;
+ break;
+ }
+ }
+ if (alreadyAdded) {
+ continue;
+ }
+
+ // Add to the nav-bar, after the urlbar-container.
+ // NOTE: We have already removed the spring after the urlbar.
+ navbarPlacements.splice(getBeforeAfterUrlbar().after, 0, id);
+ }
+ }
+
+ // Remove save-to-pocket-button. See tor-browser#18886 and
+ // tor-browser#31602.
+ for (const placements of Object.values(gSavedState.placements)) {
+ let buttonIndex = placements.indexOf("save-to-pocket-button");
+ if (buttonIndex != -1) {
+ placements.splice(buttonIndex, 1);
+ }
+ }
+
+ // Remove unused fields that used to be part of
+ // "browser.uiCustomization.state".
+ delete gSavedState.placements["PanelUI-contents"];
+ delete gSavedState.placements["addon-bar"];
+ }
+ },
+
+ _updateForTorBrowser() {
+ if (!gSavedState) {
+ // Use the defaults.
+ return;
+ }
+
+ const currentVersion = gSavedState.currentVersionTorBrowser;
+
+ if (currentVersion < 1) {
+ // Remove torbutton-button, which no longer exists.
+ for (const placements of Object.values(gSavedState.placements)) {
+ let buttonIndex = placements.indexOf("torbutton-button");
+ if (buttonIndex != -1) {
+ placements.splice(buttonIndex, 1);
+ }
+ }
+ }
+ },
+
_placeNewDefaultWidgetsInArea(aArea) {
let futurePlacedWidgets = gFuturePlacements.get(aArea);
let savedPlacements =
@@ -2501,6 +2641,14 @@ var CustomizableUIInternal = {
gSavedState.currentVersion = 0;
}
+ if (!("currentVersionBaseBrowser" in gSavedState)) {
+ gSavedState.currentVersionBaseBrowser = 0;
+ }
+
+ if (!("currentVersionTorBrowser" in gSavedState)) {
+ gSavedState.currentVersionTorBrowser = 0;
+ }
+
gSeenWidgets = new Set(gSavedState.seen || []);
gDirtyAreaCache = new Set(gSavedState.dirtyAreaCache || []);
gNewElementCount = gSavedState.newElementCount || 0;
@@ -2579,6 +2727,8 @@ var CustomizableUIInternal = {
seen: gSeenWidgets,
dirtyAreaCache: gDirtyAreaCache,
currentVersion: kVersion,
+ currentVersionBaseBrowser: kVersionBaseBrowser,
+ currentVersionTorBrowser: kVersionTorBrowser,
newElementCount: gNewElementCount,
};
=====================================
browser/components/extensions/parent/ext-browserAction.js
=====================================
@@ -193,6 +193,10 @@ this.browserAction = class extends ExtensionAPIPersistent {
}
build() {
+ // The extension ID for NoScript (WebExtension)
+ const isNoScript =
+ this.extension.id === "{73a6fe31-595d-460b-a920-fcc0f8843232}";
+
let widget = CustomizableUI.createWidget({
id: this.id,
viewId: this.viewId,
@@ -200,7 +204,11 @@ this.browserAction = class extends ExtensionAPIPersistent {
removable: true,
label: this.action.getProperty(null, "title"),
tooltiptext: this.action.getProperty(null, "title"),
- defaultArea: browserAreas[this.action.getDefaultArea()],
+ // Do not want to add the NoScript extension to the toolbar by default.
+ // tor-browser#41736
+ defaultArea: isNoScript
+ ? null
+ : browserAreas[this.action.getDefaultArea()],
showInPrivateBrowsing: this.extension.privateBrowsingAllowed,
// Don't attempt to load properties from the built-in widget string
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/4ae885…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch tor-browser-102.10.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits:
7cf4e447 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00
fixup! Bug 41417: Always prompt users to restart after changing language
Bug 41738: Drop the patch to disable live reload
Revert "Bug 41417: Always prompt users to restart after changing language"
This reverts commit bad85a459ea24b34f3c09924c6d2b9f0bc750d88.
- - - - -
4ae88530 by Pier Angelo Vendrame at 2023-04-20T20:16:02+02:00
fixup! Firefox preference overrides.
Bug 41738: Drop the patch to disable live reload and use the pref
- - - - -
2 changed files:
- browser/app/profile/001-base-profile.js
- browser/components/preferences/main.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -499,6 +499,10 @@ pref("browser.urlbar.suggest.topsites", false);
// is only reported via telemetry (which is disabled). See tor-browser#40048.
pref("corroborator.enabled", false);
+// tor-browser#41417: do not allow live reload until we switch to Fluent and
+// stop using .textContent.
+pref("intl.multilingual.liveReload", false);
+
// Onboarding.
pref("browser.onboarding.tourset-version", 5);
pref("browser.onboarding.newtour", "welcome,privacy,tor-network-9.0,circuit-display,security,expect-differences,onion-services,learn-more");
=====================================
browser/components/preferences/main.js
=====================================
@@ -1196,17 +1196,18 @@ var gMainPane = {
gMainPane.recordBrowserLanguagesTelemetry("reorder");
switch (gMainPane.getLanguageSwitchTransitionType(newLocales)) {
- // tor-browser#41417: Always prompt for the restart, until we switch to
- // Fluent, since the current way we use to update languages does not allow
- // live-reload. We could also call showConfirmLanguageChangeMessageBar in
- // the official live-reload case, but the result is inconsistent and makes
- // handling the locales-match case harder.
case "requires-restart":
- case "live-reload":
// Prepare to change the locales, as they were different.
gMainPane.showConfirmLanguageChangeMessageBar(newLocales);
gMainPane.updatePrimaryBrowserLanguageUI(newLocales[0]);
break;
+ case "live-reload":
+ Services.locale.requestedLocales = newLocales;
+ gMainPane.updatePrimaryBrowserLanguageUI(
+ Services.locale.appLocaleAsBCP47
+ );
+ gMainPane.hideConfirmLanguageChangeMessageBar();
+ break;
case "locales-match":
// They matched, so we can reset the UI.
gMainPane.updatePrimaryBrowserLanguageUI(
@@ -1459,12 +1460,18 @@ var gMainPane = {
}
switch (gMainPane.getLanguageSwitchTransitionType(selected)) {
- // tor-browser#41417: see onPrimaryBrowserLanguageMenuChange
case "requires-restart":
- case "live-reload":
gMainPane.showConfirmLanguageChangeMessageBar(selected);
gMainPane.updatePrimaryBrowserLanguageUI(selected[0]);
break;
+ case "live-reload":
+ Services.locale.requestedLocales = selected;
+
+ gMainPane.updatePrimaryBrowserLanguageUI(
+ Services.locale.appLocaleAsBCP47
+ );
+ gMainPane.hideConfirmLanguageChangeMessageBar();
+ break;
case "locales-match":
// They matched, so we can reset the UI.
gMainPane.updatePrimaryBrowserLanguageUI(
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/337dcb…
You're receiving this email because of your account on gitlab.torproject.org.
This is an automated email from the git hooks/post-receive script.
meskio pushed a change to branch main
in repository pluggable-transports/snowflake.
from 297ca91 Use goptlib from gitlab.torproject.org
new 17829d8 Comment typo.
new 6bdd48c Restore ListenAndServe error return in Transport.Listen.
new 590d158 Comment typo.
new 6bae31f Use a static array in benchmarks.
new 97c9300 Fix loop termination in TestQueuePacketConnWriteToKCP.
new c097d5f Use a sync.Pool to reuse packet buffers in QueuePacketConn.
new f723cf5 Merge remote-tracking branch 'gitlab/main'
The 7 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
common/turbotunnel/queuepacketconn.go | 49 +++++++++++++---
common/turbotunnel/queuepacketconn_test.go | 89 +++++++++++++++++++++++++-----
server/lib/http.go | 5 +-
server/lib/snowflake.go | 10 +++-
server/stats.go | 2 +-
5 files changed, 127 insertions(+), 28 deletions(-)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.