Pier Angelo Vendrame pushed to branch mullvad-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser
Commits:
bd3fbfef by Pier Angelo Vendrame at 2024-12-16T18:25:32+01:00
fixup! Firefox preference overrides.
BB 43366: Do not use system accent color in inputs.
We did not manage to write a reliable proof of concept for
fingerprinting this, but I managed to get the color once (with Firefox
on Android, which is the worse case, as the system offers to use colors
from the wallpaper).
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -463,6 +463,9 @@ pref("pdfjs.disabled", false, locked);
#endif
// Bug 40057: Ensure system colors are not used for CSS4 colors
pref("browser.display.use_system_colors", false);
+// tor-browser#43366: do not use system accent color in inputs.
+// See also https://bugzilla.mozilla.org/show_bug.cgi?id=1861362.
+pref("widget.non-native-theme.use-theme-accent", false);
// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162)
pref("javascript.options.spectre.disable_for_isolated_content", false);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bd3…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/bd3…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch base-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
fa621bc7 by Pier Angelo Vendrame at 2024-12-16T18:23:54+01:00
fixup! Firefox preference overrides.
BB 43366: Do not use system accent color in inputs.
We did not manage to write a reliable proof of concept for
fingerprinting this, but I managed to get the color once (with Firefox
on Android, which is the worse case, as the system offers to use colors
from the wallpaper).
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -463,6 +463,9 @@ pref("pdfjs.disabled", false, locked);
#endif
// Bug 40057: Ensure system colors are not used for CSS4 colors
pref("browser.display.use_system_colors", false);
+// tor-browser#43366: do not use system accent color in inputs.
+// See also https://bugzilla.mozilla.org/show_bug.cgi?id=1861362.
+pref("widget.non-native-theme.use-theme-accent", false);
// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162)
pref("javascript.options.spectre.disable_for_isolated_content", false);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fa621bc…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/fa621bc…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch tor-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
7f8c1d43 by Pier Angelo Vendrame at 2024-12-16T18:18:53+01:00
fixup! Firefox preference overrides.
BB 43366: Do not use system accent color in inputs.
We did not manage to write a reliable proof of concept for
fingerprinting this, but I managed to get the color once (with Firefox
on Android, which is the worse case, as the system offers to use colors
from the wallpaper).
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -463,6 +463,9 @@ pref("pdfjs.disabled", false, locked);
#endif
// Bug 40057: Ensure system colors are not used for CSS4 colors
pref("browser.display.use_system_colors", false);
+// tor-browser#43366: do not use system accent color in inputs.
+// See also https://bugzilla.mozilla.org/show_bug.cgi?id=1861362.
+pref("widget.non-native-theme.use-theme-accent", false);
// tor-browser#41943: defense-in-depth, but do not lock anymore (enabled in Firefox 119, http://bugzil.la/1851162)
pref("javascript.options.spectre.disable_for_isolated_content", false);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/7f8c1d4…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/7f8c1d4…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch tor-browser-128.5.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
00d7026f by Henry Wilkes at 2024-12-16T11:27:38+00:00
fixup! Bug 40701: Add security warning when downloading a file
Bug 43312: Ensure download panel warning uses the same width as the
mozilla downloads list.
We stop setting a `width` on the download panel because this can
conflict with the default width set for the mozilla downloads list, set
by localisers. Instead, we use the same width for our Tor Browser
warning message using a wrapper element.
We also ensure that the wrapper element has `min-width: 100%` for
scenarios where the localiser width is less than the min-width of the
ancestor panel.
- - - - -
2 changed files:
- browser/components/downloads/content/downloads.css
- browser/components/downloads/content/downloadsPanel.inc.xhtml
Changes:
=====================================
browser/components/downloads/content/downloads.css
=====================================
@@ -92,15 +92,19 @@
#downloadsPanel-mainView {
min-width: 37em;
padding: 0.62em;
- /* If we don't set a width, #downloadsPanelTorWarning will request
- * its max-content width. */
- width: 37em;
}
#downloadsPanelTorWarning {
margin-block-end: var(--arrowpanel-menuitem-padding-block);
}
+#downloadsPanelTorWarningWrapper {
+ /* The wrapper element has its `width` attribute set by mozilla localisers.
+ * We want to ensure the element occupies the available width when the
+ * localiser width is smaller. See tor-browser#43312. */
+ min-width: 100%;
+}
+
#downloadsHistory,
#downloadsFooterButtons {
margin: 0;
=====================================
browser/components/downloads/content/downloadsPanel.inc.xhtml
=====================================
@@ -104,8 +104,25 @@
disablekeynav="true">
<panelview id="downloadsPanel-mainView">
- <html:moz-message-bar id="downloadsPanelTorWarning">
- </html:moz-message-bar>
+ <!-- We add a wrapper around the #downloadsPanelTorWarning and give it the
+ - same Fluent ID as #downloadsListBox. This Fluent message allows
+ - Firefox localisers to set the width of the #downloadsListBox using
+ - the style attribute. We want the same width set for our downloads
+ - warning. Otherwise the warning will occupy its max-content width.
+ - NOTE: We require a wrapper element since #downloadsPanelTorWarning
+ - needs its own Fluent attributes.
+ - NOTE: This only works if #downloadsPanelTorWarningWrapper and
+ - #downloadsListBox share the same padding relative to their common
+ - ancestor.
+ - See tor-browser#43312. -->
+ <html:div
+ id="downloadsPanelTorWarningWrapper"
+ data-l10n-id="downloads-panel-items"
+ data-l10n-attrs="style"
+ >
+ <html:moz-message-bar id="downloadsPanelTorWarning">
+ </html:moz-message-bar>
+ </html:div>
<vbox class="panel-view-body-unscrollable">
<richlistbox id="downloadsListBox"
data-l10n-id="downloads-panel-items"
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/00d7026…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/00d7026…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build
Commits:
36c06687 by Nicolas Vigier at 2024-12-16T12:54:30+00:00
Bug 41311: Remove apparmor profile if abi 4.0 is not present
When abi 4.0 file not available, loading the apparmor profile is failing.
But the profile is only useful on Ubuntu 24.04 (and later), where the
abi 4.0 file is present.
We're doing something similar to:
https://github.com/CollaboraOnline/online/commit/5f7b37c7412c3e1d81d9c50a0f…
- - - - -
2 changed files:
- projects/linux-packages/config
- + projects/linux-packages/debian/postinst.in
Changes:
=====================================
projects/linux-packages/config
=====================================
@@ -171,6 +171,10 @@ input_files:
content: "[% INCLUDE 'debian/docs.in' %]"
refresh_input: 1
enable: '[% c("var/build_deb_pkg") %]'
+ - filename: debian/postinst
+ content: "[% INCLUDE 'debian/postinst.in' %]"
+ refresh_input: 1
+ enable: '[% c("var/build_deb_pkg") %]'
- filename: debian/rules
content: "[% INCLUDE 'debian/rules.in' %]"
refresh_input: 1
=====================================
projects/linux-packages/debian/postinst.in
=====================================
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ install|upgrade|configure)
+ # If abi 4.0 is not present, then remove the apparmor profile config
+ if [ ! -e /etc/apparmor.d/abi/4.0 ]; then
+ rm -f /etc/apparmor.d/[% c("var/system_pkg/pkg_name") %]
+ fi
+ ;;
+esac
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3…
You're receiving this email because of your account on gitlab.torproject.org.
morgan pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
ee82c7f8 by Nicolas Vigier at 2024-12-12T12:13:31+01:00
Bug 41311: Remove apparmor profile if abi 4.0 is not present
When abi 4.0 file not available, loading the apparmor profile is failing.
But the profile is only useful on Ubuntu 24.04 (and later), where the
abi 4.0 file is present.
We're doing something similar to:
https://github.com/CollaboraOnline/online/commit/5f7b37c7412c3e1d81d9c50a0f…
- - - - -
2 changed files:
- projects/linux-packages/config
- + projects/linux-packages/debian/postinst.in
Changes:
=====================================
projects/linux-packages/config
=====================================
@@ -201,6 +201,10 @@ input_files:
content: "[% INCLUDE 'debian/docs.in' %]"
refresh_input: 1
enable: '[% c("var/build_deb_pkg") %]'
+ - filename: debian/postinst
+ content: "[% INCLUDE 'debian/postinst.in' %]"
+ refresh_input: 1
+ enable: '[% c("var/build_deb_pkg") %]'
- filename: debian/rules
content: "[% INCLUDE 'debian/rules.in' %]"
refresh_input: 1
=====================================
projects/linux-packages/debian/postinst.in
=====================================
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ install|upgrade|configure)
+ # If abi 4.0 is not present, then remove the apparmor profile config
+ if [ ! -e /etc/apparmor.d/abi/4.0 ]; then
+ rm -f /etc/apparmor.d/[% c("var/system_pkg/pkg_name") %]
+ fi
+ ;;
+esac
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e…
You're receiving this email because of your account on gitlab.torproject.org.