Pier Angelo Vendrame pushed to branch mullvad-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser
Commits:
e67e2a7e by Dan Ballard at 2024-09-02T11:15:49+02:00
fixup! Firefox preference overrides.
Bug 43023: Remove whitelist of samsung color emoji font
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -677,6 +677,12 @@ pref("toolkit.winRegisterApplicationRestart", false);
pref("browser.startup.windowsLaunchOnLogin.enabled", false);
#endif
+#ifdef ANDROID
+// tor-browser#43023 Force use of only standard emoji font
+// (not actually stopping samsung emoji font detection, but defense in depth and a step towards normalization)
+pref("font.name-list.emoji", "Noto Color Emoji");
+#endif
+
// If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection.
#ifdef MOZ_BUNDLED_FONTS
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/e67…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/e67…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch base-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
bd93d2a7 by Dan Ballard at 2024-09-02T11:15:16+02:00
fixup! Firefox preference overrides.
Bug 43023: Remove whitelist of samsung color emoji font
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -678,6 +678,12 @@ pref("toolkit.winRegisterApplicationRestart", false);
pref("browser.startup.windowsLaunchOnLogin.enabled", false);
#endif
+#ifdef ANDROID
+// tor-browser#43023 Force use of only standard emoji font
+// (not actually stopping samsung emoji font detection, but defense in depth and a step towards normalization)
+pref("font.name-list.emoji", "Noto Color Emoji");
+#endif
+
// If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection.
#ifdef MOZ_BUNDLED_FONTS
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bd93d2a…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/bd93d2a…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
e464b173 by Dan Ballard at 2024-09-02T08:37:47+00:00
fixup! Firefox preference overrides.
Bug 43023: Remove whitelist of samsung color emoji font
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -678,6 +678,12 @@ pref("toolkit.winRegisterApplicationRestart", false);
pref("browser.startup.windowsLaunchOnLogin.enabled", false);
#endif
+#ifdef ANDROID
+// tor-browser#43023 Force use of only standard emoji font
+// (not actually stopping samsung emoji font detection, but defense in depth and a step towards normalization)
+pref("font.name-list.emoji", "Noto Color Emoji");
+#endif
+
// If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection.
#ifdef MOZ_BUNDLED_FONTS
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e464b17…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/e464b17…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch mullvad-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser
Commits:
3f90b231 by Pier Angelo Vendrame at 2024-09-02T10:23:18+02:00
fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
Bug 42747: Discard unsupported updates earlier.
Firefox's updater has a function to select updates, which checks mainly
the version number.
Therefore, a more recent update that is unsupported will be chosen over
a compatible one.
We patch this to be able to provide an alternative update path to
Windows 7.
- - - - -
1 changed file:
- toolkit/mozapps/update/UpdateService.sys.mjs
Changes:
=====================================
toolkit/mozapps/update/UpdateService.sys.mjs
=====================================
@@ -3700,18 +3700,20 @@ export class UpdateService {
switch (update.type) {
case "major":
- if (!majorUpdate) {
+ if (!majorUpdate || majorUpdate.unsupported) {
majorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(majorUpdate.appVersion, update.appVersion) <= 0
) {
majorUpdate = update;
}
break;
case "minor":
- if (!minorUpdate) {
+ if (!minorUpdate || minorUpdate.unsupported) {
minorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(minorUpdate.appVersion, update.appVersion) <= 0
) {
minorUpdate = update;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/3f9…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/3f9…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch base-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
5661f525 by Pier Angelo Vendrame at 2024-09-02T10:23:38+02:00
fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
Bug 42747: Discard unsupported updates earlier.
Firefox's updater has a function to select updates, which checks mainly
the version number.
Therefore, a more recent update that is unsupported will be chosen over
a compatible one.
We patch this to be able to provide an alternative update path to
Windows 7.
- - - - -
1 changed file:
- toolkit/mozapps/update/UpdateService.sys.mjs
Changes:
=====================================
toolkit/mozapps/update/UpdateService.sys.mjs
=====================================
@@ -3700,18 +3700,20 @@ export class UpdateService {
switch (update.type) {
case "major":
- if (!majorUpdate) {
+ if (!majorUpdate || majorUpdate.unsupported) {
majorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(majorUpdate.appVersion, update.appVersion) <= 0
) {
majorUpdate = update;
}
break;
case "minor":
- if (!minorUpdate) {
+ if (!minorUpdate || minorUpdate.unsupported) {
minorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(minorUpdate.appVersion, update.appVersion) <= 0
) {
minorUpdate = update;
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5661f52…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/5661f52…
You're receiving this email because of your account on gitlab.torproject.org.
Pier Angelo Vendrame pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits:
af856ef0 by Pier Angelo Vendrame at 2024-09-02T10:11:08+02:00
fixup! Bug 4234: Use the Firefox Update Process for Base Browser.
Bug 42747: Discard unsupported updates earlier.
Firefox's updater has a function to select updates, which checks mainly
the version number.
Therefore, a more recent update that is unsupported will be chosen over
a compatible one.
We patch this to be able to provide an alternative update path to
Windows 7.
- - - - -
aa6ba139 by Pier Angelo Vendrame at 2024-09-02T10:11:12+02:00
fixup! Bug 19121: reinstate the update.xml hash check
Bug 42737: Drop the hash check on updates.
Updates are already signed, the hash check is redundant.
Revert "Bug 19121: reinstate the update.xml hash check"
This reverts commit 14ac8e5c0aff14dda4b15e435db58bea80960389.
- - - - -
3 changed files:
- toolkit/mozapps/update/UpdateService.sys.mjs
- toolkit/mozapps/update/UpdateTelemetry.sys.mjs
- toolkit/mozapps/update/nsIUpdateService.idl
Changes:
=====================================
toolkit/mozapps/update/UpdateService.sys.mjs
=====================================
@@ -2110,8 +2110,6 @@ class UpdatePatch {
// over writing nsIUpdatePatch attributes.
_attrNames = [
"errorCode",
- "hashFunction",
- "hashValue",
"finalURL",
"selected",
"size",
@@ -2164,8 +2162,6 @@ class UpdatePatch {
}
break;
case "finalURL":
- case "hashFunction":
- case "hashValue":
case "state":
case "type":
case "URL":
@@ -2186,8 +2182,6 @@ class UpdatePatch {
*/
serialize(updates) {
var patch = updates.createElementNS(URI_UPDATE_NS, "patch");
- patch.setAttribute("hashFunction", this.hashFunction);
- patch.setAttribute("hashValue", this.hashValue);
patch.setAttribute("size", this.size);
patch.setAttribute("type", this.type);
patch.setAttribute("URL", this.URL);
@@ -3757,18 +3751,20 @@ export class UpdateService {
switch (update.type) {
case "major":
- if (!majorUpdate) {
+ if (!majorUpdate || majorUpdate.unsupported) {
majorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(majorUpdate.appVersion, update.appVersion) <= 0
) {
majorUpdate = update;
}
break;
case "minor":
- if (!minorUpdate) {
+ if (!minorUpdate || minorUpdate.unsupported) {
minorUpdate = update;
} else if (
+ !update.unsupported &&
vc.compare(minorUpdate.appVersion, update.appVersion) <= 0
) {
minorUpdate = update;
@@ -5876,56 +5872,7 @@ class Downloader {
}
LOG("Downloader:_verifyDownload downloaded size == expected size.");
- let fileStream = Cc[
- "@mozilla.org/network/file-input-stream;1"
- ].createInstance(Ci.nsIFileInputStream);
- fileStream.init(
- destination,
- FileUtils.MODE_RDONLY,
- FileUtils.PERMS_FILE,
- 0
- );
-
- let digest;
- try {
- let hash = Cc["@mozilla.org/security/hash;1"].createInstance(
- Ci.nsICryptoHash
- );
- var hashFunction =
- Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()];
- if (hashFunction == undefined) {
- throw Components.Exception("", Cr.NS_ERROR_UNEXPECTED);
- }
- hash.init(hashFunction);
- hash.updateFromStream(fileStream, -1);
- // NOTE: For now, we assume that the format of _patch.hashValue is hex
- // encoded binary (such as what is typically output by programs like
- // sha1sum). In the future, this may change to base64 depending on how
- // we choose to compute these hashes.
- hash = hash.finish(false);
- digest = Array.from(hash, (c, i) =>
- hash.charCodeAt(i).toString(16).padStart(2, "0")
- ).join("");
- } catch (e) {
- LOG(
- "Downloader:_verifyDownload - failed to compute hash of the downloaded update archive"
- );
- digest = "";
- }
-
- fileStream.close();
-
- if (digest == this._patch.hashValue.toLowerCase()) {
- LOG("Downloader:_verifyDownload hashes match.");
- return true;
- }
-
- LOG("Downloader:_verifyDownload hashes do not match. ");
- AUSTLMY.pingDownloadCode(
- this.isCompleteUpdate,
- AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH
- );
- return false;
+ return true;
}
/**
@@ -6565,9 +6512,6 @@ class Downloader {
" is higher than patch size: " +
this._patch.size
);
- // It's important that we use a different code than
- // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference
- // between a hash error and a wrong download error.
AUSTLMY.pingDownloadCode(
this.isCompleteUpdate,
AUSTLMY.DWNLD_ERR_PATCH_SIZE_LARGER
@@ -6586,9 +6530,6 @@ class Downloader {
" is not equal to expected patch size: " +
this._patch.size
);
- // It's important that we use a different code than
- // NS_ERROR_CORRUPTED_CONTENT so that tests can verify the difference
- // between a hash error and a wrong download error.
AUSTLMY.pingDownloadCode(
this.isCompleteUpdate,
AUSTLMY.DWNLD_ERR_PATCH_SIZE_NOT_EQUAL
=====================================
toolkit/mozapps/update/UpdateTelemetry.sys.mjs
=====================================
@@ -190,7 +190,6 @@ export var AUSTLMY = {
DWNLD_ERR_VERIFY_NO_REQUEST: 13,
DWNLD_ERR_VERIFY_PATCH_SIZE_NOT_EQUAL: 14,
DWNLD_ERR_WRITE_FAILURE: 15,
- DWNLD_ERR_VERIFY_NO_HASH_MATCH: 16,
// Temporary failure code to see if there are failures without an update phase
DWNLD_UNKNOWN_PHASE_ERR_WRITE_FAILURE: 40,
=====================================
toolkit/mozapps/update/nsIUpdateService.idl
=====================================
@@ -39,17 +39,6 @@ interface nsIUpdatePatch : nsISupports
*/
attribute AString finalURL;
- /**
- * The hash function to use when determining this file's integrity
- */
- attribute AString hashFunction;
-
- /**
- * The value of the hash function named above that should be computed if
- * this file is not corrupt.
- */
- attribute AString hashValue;
-
/**
* The size of this file, in bytes.
*/
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a6ebf6…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a6ebf6…
You're receiving this email because of your account on gitlab.torproject.org.