[tor-commits] [torbrowser/master] Update Firefox patches for 17.0.10ESR.

commit d35038d0a6af7e6033cd8a9f8a5853f116c40319 Author: Mike Perry mikeperry-git@torproject.org Date: Tue Oct 29 18:53:04 2013 -0700

Update Firefox patches for 17.0.10ESR.

This is the subset from TBB 3.0beta1 that are relevant to TBB 2.x. --- ...-Block-Components.interfaces-from-content.patch | 14 +- ...0002-Make-Permissions-Manager-memory-only.patch | 10 +- ...-Make-Intermediate-Cert-Store-memory-only.patch | 10 +- .../firefox/0004-Add-a-string-based-cacheKey.patch | 14 +- .../0005-Block-all-plugins-except-flash.patch | 14 +- ...ontent-pref-service-memory-only-clearable.patch | 10 +- ...owser-exit-when-not-launched-from-Vidalia.patch | 45 - .../0008-Disable-SSL-Session-ID-tracking.patch | 28 - ...observer-event-to-close-persistent-connec.patch | 40 - ...ice-and-system-specific-CSS-Media-Queries.patch | 147 ---- ...11-Limit-the-number-of-fonts-per-document.patch | 451 ---------- .../0012-Rebrand-Firefox-to-TorBrowser.patch | 59 -- .../0013-Make-Download-manager-memory-only.patch | 57 -- .../0014-Add-DDG-and-StartPage-to-Omnibox.patch | 103 --- ...-nsICacheService.EvictEntries-synchronous.patch | 43 - .../firefox/0016-Prevent-WebSocket-DNS-leak.patch | 133 --- ...ize-HTTP-request-order-and-pipeline-depth.patch | 791 ----------------- ...er-event-to-filter-the-Drag-Drop-url-list.patch | 74 -- ...d-mozIThirdPartyUtil.getFirstPartyURI-API.patch | 164 ---- .../0020-Add-canvas-image-extraction-prompt.patch | 548 ------------ ...nt-window-coordinates-for-mouse-event-scr.patch | 77 -- ...se-physical-screen-info.-via-window-and-w.patch | 310 ------- ...not-expose-system-colors-to-CSS-or-canvas.patch | 631 -------------- ...solate-the-Image-Cache-per-url-bar-domain.patch | 922 -------------------- .../0025-nsIHTTPChannel.redirectTo-API.patch | 474 ---------- ...26-Isolate-DOM-storage-to-first-party-URI.patch | 776 ---------------- ...27-Remove-This-plugin-is-disabled-barrier.patch | 46 - .../0028-Use-Optimistic-Data-SOCKS-variant.patch | 82 -- .../0029-Disable-library-timestamping.patch | 27 - 29 files changed, 36 insertions(+), 6064 deletions(-)

diff --git a/src/current-patches/firefox/0001-Block-Components.interfaces-from-content.patch b/src/current-patches/firefox/0001-Block-Components.interfaces-from-content.patch index a1ed5a8..035bfcd 100644 --- a/src/current-patches/firefox/0001-Block-Components.interfaces-from-content.patch +++ b/src/current-patches/firefox/0001-Block-Components.interfaces-from-content.patch @@ -1,7 +1,7 @@ -From 26ab2cbf5b925a3f1251bd536728a7e222b4f9e4 Mon Sep 17 00:00:00 2001 +From b3ea41baf4c3ff455ab9c40ab090f8f77e34924d Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org Date: Tue, 4 Dec 2012 15:41:09 -0800 -Subject: [PATCH 01/27] Block Components.interfaces from content +Subject: [PATCH 01/41] Block Components.interfaces from content

This patch removes the ability of content script to access Components.interfaces.*. @@ -16,14 +16,14 @@ https://trac.torproject.org/projects/tor/ticket/2874 Note: We no longer block Components.lookupMethod, because we no longer rely on JS hooks for fingerprinting defenses. --- - js/xpconnect/src/XPCComponents.cpp | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) + js/xpconnect/src/XPCComponents.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp -index 3a14254..4040349 100644 +index e0b03fc..aa83318 100644 --- a/js/xpconnect/src/XPCComponents.cpp +++ b/js/xpconnect/src/XPCComponents.cpp -@@ -4838,7 +4838,7 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c +@@ -4837,7 +4837,7 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c NS_IMETHODIMP nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) { @@ -33,5 +33,5 @@ index 3a14254..4040349 100644 return NS_OK; } -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch index 4a2b515..bf38d04 100644 --- a/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch +++ b/src/current-patches/firefox/0002-Make-Permissions-Manager-memory-only.patch @@ -1,7 +1,7 @@ -From 2391ce37afd5da908fc986cec6018795cb06fa63 Mon Sep 17 00:00:00 2001 +From c3c1d5555672c8348feb8f545aad7241a2f81a0a Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org Date: Tue, 4 Dec 2012 15:45:59 -0800 -Subject: [PATCH 02/27] Make Permissions Manager memory-only +Subject: [PATCH 02/41] Make Permissions Manager memory-only

This patch exposes a pref 'permissions.memory_only' that properly isolates the permissions manager to memory, which is responsible for all user specified @@ -12,8 +12,8 @@ does not need to be set in prefs.js, and can be handled by Torbutton.

https://trac.torproject.org/projects/tor/ticket/2950 --- - extensions/cookie/nsPermissionManager.cpp | 34 ++++++++++++++++++++++++++-- - 1 files changed, 31 insertions(+), 3 deletions(-) + extensions/cookie/nsPermissionManager.cpp | 34 ++++++++++++++++++++++++++++--- + 1 file changed, 31 insertions(+), 3 deletions(-)

diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index 9c50080..4102408 100644 @@ -90,5 +90,5 @@ index 9c50080..4102408 100644 // or is going away because the application is shutting down. mIsShuttingDown = true; -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch index 37daf66..23c99f7 100644 --- a/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch +++ b/src/current-patches/firefox/0003-Make-Intermediate-Cert-Store-memory-only.patch @@ -1,15 +1,15 @@ -From 5130a82dcc2dd7385d7d1cd2b15daa1dc4577f5b Mon Sep 17 00:00:00 2001 +From e10d253e44e4541a0030b041bdc430f416defcb3 Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org Date: Tue, 4 Dec 2012 15:51:07 -0800 -Subject: [PATCH 03/27] Make Intermediate Cert Store memory-only. +Subject: [PATCH 03/41] Make Intermediate Cert Store memory-only.

This patch makes the intermediate SSL cert store exist in memory only.

The pref must be set before startup in prefs.js. https://trac.torproject.org/projects/tor/ticket/2949 --- - security/manager/ssl/src/nsNSSComponent.cpp | 17 +++++++++++++++-- - 1 files changed, 15 insertions(+), 2 deletions(-) + security/manager/ssl/src/nsNSSComponent.cpp | 17 +++++++++++++++-- + 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp index c9205bc..159985c 100644 @@ -40,5 +40,5 @@ index c9205bc..159985c 100644 if (init_rv != SECSuccess) { PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch index b9f4572..c8c3bea 100644 --- a/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch +++ b/src/current-patches/firefox/0004-Add-a-string-based-cacheKey.patch @@ -1,14 +1,14 @@ -From 0d1a840e58117d83d910d3eb09e9f7deaaeabbff Mon Sep 17 00:00:00 2001 +From 7cdd6f0ac4b4b236ca5177e0fc5e7621fd012878 Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org Date: Tue, 4 Dec 2012 16:01:42 -0800 -Subject: [PATCH 04/27] Add a string-based cacheKey. +Subject: [PATCH 04/41] Add a string-based cacheKey.

Used for isolating cache according to same-origin policy. --- - netwerk/base/public/nsICachingChannel.idl | 7 +++++++ - netwerk/protocol/http/nsHttpChannel.cpp | 22 ++++++++++++++++++++++ - netwerk/protocol/http/nsHttpChannel.h | 1 + - 3 files changed, 30 insertions(+), 0 deletions(-) + netwerk/base/public/nsICachingChannel.idl | 7 +++++++ + netwerk/protocol/http/nsHttpChannel.cpp | 22 ++++++++++++++++++++++ + netwerk/protocol/http/nsHttpChannel.h | 1 + + 3 files changed, 30 insertions(+)

diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl index 3119dd9..fd2ec89 100644 @@ -81,5 +81,5 @@ index d66415f..b1f0848 100644 // auth specific data nsCOMPtr<nsIHttpChannelAuthProvider> mAuthProvider; -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch index 6f70b29..976c707 100644 --- a/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch +++ b/src/current-patches/firefox/0005-Block-all-plugins-except-flash.patch @@ -1,7 +1,7 @@ -From 7c95e69c73f64e45f9a1f5821a1e96457f9ae83a Mon Sep 17 00:00:00 2001 +From df78c79c083df8116e4312806ca3a875295e35bd Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@torproject.org Date: Tue, 4 Dec 2012 16:03:13 -0800 -Subject: [PATCH 05/27] Block all plugins except flash. +Subject: [PATCH 05/41] Block all plugins except flash.

We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space @@ -12,12 +12,12 @@ ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- - dom/plugins/base/nsPluginHost.cpp | 33 +++++++++++++++++++++++++++++++++ - dom/plugins/base/nsPluginHost.h | 2 ++ - 2 files changed, 35 insertions(+), 0 deletions(-) + dom/plugins/base/nsPluginHost.cpp | 33 +++++++++++++++++++++++++++++++++ + dom/plugins/base/nsPluginHost.h | 2 ++ + 2 files changed, 35 insertions(+)

diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp -index 858b428..c7ae680 100644 +index 858b4284..c7ae680 100644 --- a/dom/plugins/base/nsPluginHost.cpp +++ b/dom/plugins/base/nsPluginHost.cpp @@ -2052,6 +2052,35 @@ struct CompareFilesByTime @@ -81,5 +81,5 @@ index 3c48eec..2cba11d 100644 // and removes it from the cache. void RemoveCachedPluginsInfo(const char *filePath, -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch index ac514c1..81d8bea 100644 --- a/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch +++ b/src/current-patches/firefox/0006-Make-content-pref-service-memory-only-clearable.patch @@ -1,14 +1,14 @@ -From 50293cf7c107df2d76492890b945d17f63536f90 Mon Sep 17 00:00:00 2001 +From 98fb4263ec8b9f530336cbdf961323bf3380a386 Mon Sep 17 00:00:00 2001 From: Mike Perry mikeperry-git@fscked.org Date: Thu, 8 Sep 2011 08:40:17 -0700 -Subject: [PATCH 06/27] Make content pref service memory-only + clearable +Subject: [PATCH 06/41] Make content pref service memory-only + clearable

This prevents random urls from being inserted into content-prefs.sqllite in the profile directory as content prefs change (includes site-zoom and perhaps other site prefs?). --- - .../contentprefs/nsContentPrefService.js | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) + toolkit/components/contentprefs/nsContentPrefService.js | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js index ed8ad2e..794c9f3 100644 @@ -33,5 +33,5 @@ index ed8ad2e..794c9f3 100644 try { this._dbCreateSchema(dbConnection); -- -1.7.5.4 +1.8.1.2

diff --git a/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch deleted file mode 100644 index 5304a1a..0000000 --- a/src/current-patches/firefox/0007-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch +++ /dev/null @@ -1,45 +0,0 @@ -From b2c1cd58fda04daa92b6f69253fd2ff8bc7ce8f4 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 4 Dec 2012 16:29:24 -0800 -Subject: [PATCH 07/27] Make Tor Browser exit when not launched from Vidalia - -Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app -for easy relaunch. If they manage to do this, we should fail closed rather -than opened. Hopefully they will get the hint and dock Vidalia instead. - -This is an emergency fix for -https://trac.torproject.org/projects/tor/ticket/4192. We can do a better -localized fix w/ a translated alert menu later, if it seems like this might -actually be common. ---- - browser/base/content/browser.js | 14 ++++++++++++++ - 1 files changed, 14 insertions(+), 0 deletions(-) - -diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js -index 35664ec..bd2feed 100644 ---- a/browser/base/content/browser.js -+++ b/browser/base/content/browser.js -@@ -1093,6 +1093,20 @@ var gBrowserInit = { - // setup simple gestures support - gGestureSupport.init(true); - -+ // If this is not a TBB profile, exit. -+ // Solves https://trac.torproject.org/projects/tor/ticket/4192 -+ var foundPref = false; -+ try { -+ var ignored = gPrefService.getCharPref("torbrowser.version"); -+ foundPref = true; -+ } catch(e) { -+ //dump("No pref: "+e); -+ } -+ if(!foundPref) { -+ var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"] -+ .getService(Components.interfaces.nsIAppStartup); -+ appStartup.quit(3); // Force all windows to close, and then quit. -+ } - - if (uriToLoad && uriToLoad != "about:blank") { - if (uriToLoad instanceof Ci.nsISupportsArray) { --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch deleted file mode 100644 index 494c765..0000000 --- a/src/current-patches/firefox/0008-Disable-SSL-Session-ID-tracking.patch +++ /dev/null @@ -1,28 +0,0 @@ -From e700063f5d18e86077af8ecf7fb3f4d92f2d0ef4 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Sun, 31 Mar 2013 22:48:00 -0700 -Subject: [PATCH 08/27] Disable SSL Session ID tracking. - -We can't easily bind SSL Session ID tracking to url bar domain, -so we have to disable them to satisfy -https://www.torproject.org/projects/torbrowser/design/#identifier-linkabilit.... ---- - security/nss/lib/ssl/sslsock.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c -index 4f4b034..6ce5d11 100644 ---- a/security/nss/lib/ssl/sslsock.c -+++ b/security/nss/lib/ssl/sslsock.c -@@ -141,7 +141,7 @@ static sslOptions ssl_defaults = { - PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */ - PR_FALSE, /* unusedBit9 */ - PR_FALSE, /* unusedBit10 */ -- PR_FALSE, /* noCache */ -+ PR_TRUE, /* noCache */ - PR_FALSE, /* fdx */ - PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* detectRollBack */ --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch deleted file mode 100644 index 1457815..0000000 --- a/src/current-patches/firefox/0009-Provide-an-observer-event-to-close-persistent-connec.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 41c163c0497ef16faaf103debf5bf7ef8244849a Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Fri, 7 Sep 2012 16:18:26 -0700 -Subject: [PATCH 09/27] Provide an observer event to close persistent - connections - -We need to prevent linkability across "New Identity", which includes closing -keep-alive connections. ---- - netwerk/protocol/http/nsHttpHandler.cpp | 7 +++++++ - 1 files changed, 7 insertions(+), 0 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp -index d897a2c..e33ff08 100644 ---- a/netwerk/protocol/http/nsHttpHandler.cpp -+++ b/netwerk/protocol/http/nsHttpHandler.cpp -@@ -312,6 +312,7 @@ nsHttpHandler::Init() - mObserverService->AddObserver(this, "net:clear-active-logins", true); - mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); - mObserverService->AddObserver(this, "net:prune-dead-connections", true); -+ mObserverService->AddObserver(this, "net:prune-all-connections", true); - mObserverService->AddObserver(this, "net:failed-to-process-uri-content", true); - } - -@@ -1576,6 +1577,12 @@ nsHttpHandler::Observe(nsISupports *subject, - if (uri && mConnMgr) - mConnMgr->ReportFailedToProcess(uri); - } -+ else if (strcmp(topic, "net:prune-all-connections") == 0) { -+ if (mConnMgr) { -+ mConnMgr->ClosePersistentConnections(); -+ mConnMgr->PruneDeadConnections(); -+ } -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch b/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch deleted file mode 100644 index e2876b3..0000000 --- a/src/current-patches/firefox/0010-Limit-device-and-system-specific-CSS-Media-Queries.patch +++ /dev/null @@ -1,147 +0,0 @@ -From 0c006870b9d96a8093ca66751e9738b4237c9251 Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Wed, 28 Nov 2012 09:49:40 -0500 -Subject: [PATCH 10/27] Limit device and system specific CSS Media Queries. - ---- - layout/style/nsMediaFeatures.cpp | 68 +++++++++++++++++++++++++------------- - 1 files changed, 45 insertions(+), 23 deletions(-) - -diff --git a/layout/style/nsMediaFeatures.cpp b/layout/style/nsMediaFeatures.cpp -index d5741ea..5f2e6dd 100644 ---- a/layout/style/nsMediaFeatures.cpp -+++ b/layout/style/nsMediaFeatures.cpp -@@ -98,6 +98,9 @@ GetDeviceContextFor(nsPresContext* aPresContext) - static nsSize - GetDeviceSize(nsPresContext* aPresContext) - { -+ if (!aPresContext->IsChrome()) { -+ return GetSize(aPresContext); -+ } else { - nsSize size; - if (aPresContext->IsRootPaginatedDocument()) - // We want the page size, including unprintable areas and margins. -@@ -108,6 +111,7 @@ GetDeviceSize(nsPresContext* aPresContext) - GetDeviceContextFor(aPresContext)-> - GetDeviceSurfaceDimensions(size.width, size.height); - return size; -+ } - } - - static nsresult -@@ -204,13 +208,17 @@ static nsresult - GetColor(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- // FIXME: This implementation is bogus. nsDeviceContext -- // doesn't provide reliable information (should be fixed in bug -- // 424386). -- // FIXME: On a monochrome device, return 0! -- nsDeviceContext *dx = GetDeviceContextFor(aPresContext); -- uint32_t depth; -- dx->GetDepth(depth); -+ uint32_t depth = 24; // Always return 24 to non-chrome callers. -+ -+ if (aPresContext->IsChrome()) { -+ // FIXME: This implementation is bogus. nsDeviceContext -+ // doesn't provide reliable information (should be fixed in bug -+ // 424386). -+ // FIXME: On a monochrome device, return 0! -+ nsDeviceContext *dx = GetDeviceContextFor(aPresContext); -+ dx->GetDepth(depth); -+ } -+ - // The spec says to use bits *per color component*, so divide by 3, - // and round down, since the spec says to use the smallest when the - // color components differ. -@@ -248,18 +256,23 @@ static nsresult - GetResolution(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- // Resolution measures device pixels per CSS (inch/cm/pixel). We -- // return it in device pixels per CSS inches. -- // -- // However, on platforms where the CSS viewport is not fixed to the -- // screen viewport, use the device resolution instead (bug 779527). -- nsIPresShell *shell = aPresContext->PresShell(); -- float appUnitsPerInch = shell->GetIsViewportOverridden() ? -- GetDeviceContextFor(aPresContext)->AppUnitsPerPhysicalInch() : -- nsPresContext::AppUnitsPerCSSInch(); -- -- float dpi = appUnitsPerInch / -+ float dpi = 96; // Always return 96 to non-chrome callers. -+ -+ if (aPresContext->IsChrome()) { -+ // Resolution measures device pixels per CSS (inch/cm/pixel). We -+ // return it in device pixels per CSS inches. -+ // -+ // However, on platforms where the CSS viewport is not fixed to the -+ // screen viewport, use the device resolution instead (bug 779527). -+ nsIPresShell *shell = aPresContext->PresShell(); -+ float appUnitsPerInch = shell->GetIsViewportOverridden() ? -+ GetDeviceContextFor(aPresContext)->AppUnitsPerPhysicalInch() : -+ nsPresContext::AppUnitsPerCSSInch(); -+ -+ dpi = appUnitsPerInch / - float(aPresContext->AppUnitsPerDevPixel()); -+ } -+ - aResult.SetFloatValue(dpi, eCSSUnit_Inch); - return NS_OK; - } -@@ -288,8 +301,12 @@ static nsresult - GetDevicePixelRatio(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -- aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ if (aPresContext->IsChrome()) { -+ float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -+ aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ } else { -+ aResult.SetFloatValue(1.0, eCSSUnit_Number); -+ } - return NS_OK; - } - -@@ -297,20 +314,24 @@ static nsresult - GetSystemMetric(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -+ aResult.Reset(); -+ if (aPresContext->IsChrome()) { - NS_ABORT_IF_FALSE(aFeature->mValueType == nsMediaFeature::eBoolInteger, - "unexpected type"); - nsIAtom *metricAtom = *aFeature->mData.mMetric; - bool hasMetric = nsCSSRuleProcessor::HasSystemMetric(metricAtom); - aResult.SetIntValue(hasMetric ? 1 : 0, eCSSUnit_Integer); -- return NS_OK; -+ } -+ return NS_OK; - } - - static nsresult - GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -- aResult.Reset(); -+ aResult.Reset(); - #ifdef XP_WIN -+ if (aPresContext->IsChrome()) { - uint8_t windowsThemeId = - nsCSSRuleProcessor::GetWindowsThemeIdentifier(); - -@@ -326,8 +347,9 @@ GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - break; - } - } -+ } - #endif -- return NS_OK; -+ return NS_OK; - } - - /* --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch deleted file mode 100644 index 163968a..0000000 --- a/src/current-patches/firefox/0011-Limit-the-number-of-fonts-per-document.patch +++ /dev/null @@ -1,451 +0,0 @@ -From 81fde0b8f4af7bae20c49ac0ce0ea4df046a6701 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 5 Dec 2012 12:25:21 -0800 -Subject: [PATCH 11/28] Limit the number of fonts per document. - -We create two prefs: -browser.display.max_font_count and browser.display.max_font_attempts. -max_font_count sets a limit on the number of fonts actually used in the -document, and max_font_attempts sets a limit on the total number of CSS -queries that a document is allowed to perform. - -Once either limit is reached, the browser behaves as if -browser.display.use_document_fonts was set to 0 for subsequent font queries. - -If a pref is not set or is negative, that limit does not apply. - -The use of "User Fonts" (aka WebFonts, aka @font-face fonts) are exempt from -both of these limits. The patch also makes such fonts take precedence over -local fonts. This vastly improves typography on many sites that would -otherwise hit these limits. - -This is done to address: -https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkab... ---- - gfx/thebes/gfxFont.cpp | 2 + - gfx/thebes/gfxPangoFonts.cpp | 1 + - gfx/thebes/gfxUserFontSet.cpp | 28 ++++++++++- - gfx/thebes/gfxUserFontSet.h | 3 ++ - layout/base/nsPresContext.cpp | 100 +++++++++++++++++++++++++++++++++++++ - layout/base/nsPresContext.h | 9 ++++ - layout/style/nsCSSParser.cpp | 1 + - layout/style/nsFontFaceLoader.cpp | 4 +- - layout/style/nsFontFaceLoader.h | 2 +- - layout/style/nsRuleNode.cpp | 56 +++++++++++++++++++-- - 10 files changed, 198 insertions(+), 8 deletions(-) - -diff --git a/gfx/thebes/gfxFont.cpp b/gfx/thebes/gfxFont.cpp -index e8392e0..af5c1c8 100644 ---- a/gfx/thebes/gfxFont.cpp -+++ b/gfx/thebes/gfxFont.cpp -@@ -3045,6 +3045,7 @@ gfxFontGroup::FindPlatformFont(const nsAString& aName, - } - - // Not known in the user font set ==> check system fonts -+ // XXX: Fallback is bad.. - if (!foundFamily) { - fe = gfxPlatformFontList::PlatformFontList()-> - FindFontForFamily(aName, fontStyle, needsBold); -@@ -3260,6 +3261,7 @@ gfxFontGroup::ForEachFontInternal(const nsAString& aFamilies, - } - if (!foundFamily) { - gfxPlatform *pf = gfxPlatform::GetPlatform(); -+ // XXX: Fallback is bad - rv = pf->ResolveFontName(family, - gfxFontGroup::FontResolverProc, - &data, aborted); -diff --git a/gfx/thebes/gfxPangoFonts.cpp b/gfx/thebes/gfxPangoFonts.cpp -index c94a299..88c8b8e 100644 ---- a/gfx/thebes/gfxPangoFonts.cpp -+++ b/gfx/thebes/gfxPangoFonts.cpp -@@ -1408,6 +1408,7 @@ gfxFcFontSet::SortPreferredFonts(bool &aWaitForUserFont) - const nsTArray< nsCountedRef<FcPattern> > *familyFonts = nullptr; - - // Is this an @font-face family? -+ // XXX: Make use of this + pass to nsFont?? - bool isUserFont = false; - if (mUserFontSet) { - // Have some @font-face definitions -diff --git a/gfx/thebes/gfxUserFontSet.cpp b/gfx/thebes/gfxUserFontSet.cpp -index 020c35a..161b52f 100644 ---- a/gfx/thebes/gfxUserFontSet.cpp -+++ b/gfx/thebes/gfxUserFontSet.cpp -@@ -15,6 +15,7 @@ - #include "prlong.h" - #include "nsNetUtil.h" - #include "nsIProtocolHandler.h" -+#include "nsFont.h" - - #include "woff.h" - -@@ -517,18 +518,41 @@ gfxUserFontSet::LoadNext(gfxProxyFontEntry *aProxyEntry) - aProxyEntry->mSrcIndex++; - } - -+ /* If there are any urls, prefer them to local */ -+ bool listHasURL = false; -+ for (uint32_t i = aProxyEntry->mSrcIndex; i < numSrc; i++) { -+ const gfxFontFaceSrc& currSrc = aProxyEntry->mSrcList[i]; -+ if (!currSrc.mIsLocal) { -+ listHasURL = true; -+ break; -+ } -+ } -+ nsPresContext *pres = GetPresContext(); -+ /* If we have no pres context, simply fail this load */ -+ if (!pres) listHasURL = true; -+ - // load each src entry in turn, until a local face is found - // or a download begins successfully - while (aProxyEntry->mSrcIndex < numSrc) { - const gfxFontFaceSrc& currSrc = aProxyEntry->mSrcList[aProxyEntry->mSrcIndex]; - - // src local ==> lookup and load immediately -- -- if (currSrc.mIsLocal) { -+ if (!listHasURL && currSrc.mIsLocal) { -+ nsFont font; -+ font.name = currSrc.mLocalName; - gfxFontEntry *fe = - gfxPlatform::GetPlatform()->LookupLocalFont(aProxyEntry, - currSrc.mLocalName); -+ pres->AddFontAttempt(font); -+ -+ /* No more fonts for you */ -+ if (pres->FontAttemptCountReached(font) || -+ pres->FontUseCountReached(font)) { -+ break; -+ } -+ - if (fe) { -+ pres->AddFontUse(font); - LOG(("userfonts (%p) [src %d] loaded local: (%s) for (%s) gen: %8.8x\n", - this, aProxyEntry->mSrcIndex, - NS_ConvertUTF16toUTF8(currSrc.mLocalName).get(), -diff --git a/gfx/thebes/gfxUserFontSet.h b/gfx/thebes/gfxUserFontSet.h -index 1781a37..d6f7292 100644 ---- a/gfx/thebes/gfxUserFontSet.h -+++ b/gfx/thebes/gfxUserFontSet.h -@@ -9,6 +9,7 @@ - #include "gfxTypes.h" - #include "gfxFont.h" - #include "gfxFontUtils.h" -+#include "nsPresContext.h" - #include "nsRefPtrHashtable.h" - #include "nsAutoPtr.h" - #include "nsCOMPtr.h" -@@ -230,6 +231,8 @@ public: - - // increment the generation on font load - void IncrementGeneration(); -+ -+ virtual nsPresContext *GetPresContext() { return NULL; } - - protected: - // for a given proxy font entry, attempt to load the next resource -diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp -index d47460a..8064fb4 100644 ---- a/layout/base/nsPresContext.cpp -+++ b/layout/base/nsPresContext.cpp -@@ -63,6 +63,8 @@ - #include "nsDOMMediaQueryList.h" - #include "nsSMILAnimationController.h" - #include "mozilla/css/ImageLoader.h" -+#include "nsString.h" -+#include "nsUnicharUtils.h" - - #ifdef IBMBIDI - #include "nsBidiPresUtils.h" -@@ -712,6 +714,10 @@ nsPresContext::GetUserPreferences() - // * use fonts? - mUseDocumentFonts = - Preferences::GetInt("browser.display.use_document_fonts") != 0; -+ mMaxFonts = -+ Preferences::GetInt("browser.display.max_font_count", -1); -+ mMaxFontAttempts = -+ Preferences::GetInt("browser.display.max_font_attempts", -1); - - // * replace backslashes with Yen signs? (bug 245770) - mEnableJapaneseTransform = -@@ -1328,6 +1334,100 @@ nsPresContext::GetDefaultFont(uint8_t aFontID, nsIAtom *aLanguage) const - return font; - } - -+PRBool -+nsPresContext::FontUseCountReached(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+PRBool -+nsPresContext::FontAttemptCountReached(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+void -+nsPresContext::AddFontUse(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return; -+ } -+ -+ mFontsUsed.AppendElement(font); -+ return; -+} -+ -+void -+nsPresContext::AddFontAttempt(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return; -+ } -+ -+ mFontsTried.AppendElement(font); -+ return; -+} -+ - void - nsPresContext::SetFullZoom(float aZoom) - { -diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h -index 5f0f528..ffe4766 100644 ---- a/layout/base/nsPresContext.h -+++ b/layout/base/nsPresContext.h -@@ -467,6 +467,13 @@ public: - } - } - -+ nsTArray<nsFont> mFontsUsed; // currently for font-count limiting only -+ nsTArray<nsFont> mFontsTried; // currently for font-count limiting only -+ void AddFontUse(const nsFont &font); -+ void AddFontAttempt(const nsFont &font); -+ PRBool FontUseCountReached(const nsFont &font); -+ PRBool FontAttemptCountReached(const nsFont &font); -+ - /** - * Get the minimum font size for the specified language. If aLanguage - * is nullptr, then the document's language is used. -@@ -1104,6 +1111,8 @@ protected: - uint32_t mInterruptChecksToSkip; - - mozilla::TimeStamp mReflowStartTime; -+ PRInt32 mMaxFontAttempts; -+ PRInt32 mMaxFonts; - - unsigned mHasPendingInterrupt : 1; - unsigned mInterruptsEnabled : 1; -diff --git a/layout/style/nsCSSParser.cpp b/layout/style/nsCSSParser.cpp -index 37a19c4..30fd021 100644 ---- a/layout/style/nsCSSParser.cpp -+++ b/layout/style/nsCSSParser.cpp -@@ -8719,6 +8719,7 @@ CSSParserImpl::ParseFontSrc(nsCSSValue& aValue) - return false; - } - -+ // XXX: Getting closer... - // the style parameters to the nsFont constructor are ignored, - // because it's only being used to call EnumerateFamilies - nsFont font(family, 0, 0, 0, 0, 0, 0); -diff --git a/layout/style/nsFontFaceLoader.cpp b/layout/style/nsFontFaceLoader.cpp -index 26c8a8d..2a803ae 100644 ---- a/layout/style/nsFontFaceLoader.cpp -+++ b/layout/style/nsFontFaceLoader.cpp -@@ -86,9 +86,9 @@ nsFontFaceLoader::StartedLoading(nsIStreamLoader *aStreamLoader) - loadTimeout, - nsITimer::TYPE_ONE_SHOT); - } -- } else { -+ } else if (loadTimeout == 0) { - mFontEntry->mLoadingState = gfxProxyFontEntry::LOADING_SLOWLY; -- } -+ } // -1 disables fallback - mStreamLoader = aStreamLoader; - } - -diff --git a/layout/style/nsFontFaceLoader.h b/layout/style/nsFontFaceLoader.h -index 9cd218d..0c7473d 100644 ---- a/layout/style/nsFontFaceLoader.h -+++ b/layout/style/nsFontFaceLoader.h -@@ -48,7 +48,7 @@ public: - - bool UpdateRules(const nsTArray<nsFontFaceRuleContainer>& aRules); - -- nsPresContext *GetPresContext() { return mPresContext; } -+ virtual nsPresContext *GetPresContext() { return mPresContext; } - - virtual void ReplaceFontEntry(gfxProxyFontEntry *aProxy, - gfxFontEntry *aFontEntry); -diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index 64504fb..86eff1f 100644 ---- a/layout/style/nsRuleNode.cpp -+++ b/layout/style/nsRuleNode.cpp -@@ -42,6 +42,7 @@ - #include "mozilla/dom/Element.h" - #include "mozilla/LookAndFeel.h" - #include "mozilla/Util.h" -+#include "gfxUserFontSet.h" - - #if defined(_MSC_VER) || defined(__MINGW32__) - #include <malloc.h> -@@ -2954,6 +2955,7 @@ nsRuleNode::SetFont(nsPresContext* aPresContext, nsStyleContext* aContext, - aPresContext->GetDefaultFont(kPresContext_DefaultVariableFont_ID, - aFont->mLanguage); - -+ // XXX: Bleh. Disable these somehow? - // -moz-system-font: enum (never inherit!) - MOZ_STATIC_ASSERT( - NS_STYLE_FONT_CAPTION == LookAndFeel::eFont_Caption && -@@ -3416,6 +3418,31 @@ static bool ExtractGeneric(const nsString& aFamily, bool aGeneric, - return true; - } - -+struct smugglerStruct { -+ nsStyleFont *font; -+ gfxUserFontSet *userFonts; -+}; -+ -+/* This function forces the use of the first @font-face font we find */ -+static bool ForceFirstWebFont(const nsString& aFamily, bool aGeneric, -+ void *smuggled) -+{ -+ smugglerStruct *sm = static_cast<smugglerStruct*>(smuggled); -+ -+ if (aGeneric) { -+ return true; -+ } -+ -+ if (sm->userFonts->HasFamily(aFamily)) { -+ // Force use of this exact @font-face font since we have it. -+ sm->font->mFont.name = aFamily; -+ -+ return false; // Stop enumeration. -+ } -+ -+ return true; -+} -+ - const void* - nsRuleNode::ComputeFontData(void* aStartStruct, - const nsRuleData* aRuleData, -@@ -3439,14 +3466,16 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - - bool useDocumentFonts = - mPresContext->GetCachedBoolPref(kPresContext_UseDocumentFonts); -+ bool isXUL = PR_FALSE; -+ bool forcedWebFont = false; - - // See if we are in the chrome - // We only need to know this to determine if we have to use the - // document fonts (overriding the useDocumentFonts flag). -- if (!useDocumentFonts && mPresContext->IsChrome()) { -+ if (mPresContext->IsChrome()) { - // if we are not using document fonts, but this is a XUL document, - // then we use the document fonts anyway -- useDocumentFonts = true; -+ isXUL = true; - } - - // Figure out if we are a generic font -@@ -3460,9 +3489,28 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - // generic? - nsFont::GetGenericID(font->mFont.name, &generic); - -+ if (!isXUL) { -+ gfxUserFontSet *userFonts = mPresContext->GetUserFontSet(); -+ if (userFonts) { -+ smugglerStruct sm; -+ sm.userFonts = userFonts; -+ sm.font = font; -+ -+ if (!sm.font->mFont.EnumerateFamilies(ForceFirstWebFont, &sm)) { -+ isXUL = true; // Always allow WebFont use. -+ forcedWebFont = true; -+ } -+ } -+ } -+ -+ if (!forcedWebFont && generic == kGenericFont_NONE) -+ mPresContext->AddFontAttempt(font->mFont); -+ - // If we aren't allowed to use document fonts, then we are only entitled - // to use the user's default variable-width font and fixed-width font -- if (!useDocumentFonts) { -+ if (!isXUL && (!useDocumentFonts || -+ mPresContext->FontAttemptCountReached(font->mFont) || -+ mPresContext->FontUseCountReached(font->mFont))) { - // Extract the generic from the specified font family... - nsAutoString genericName; - if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { -@@ -3498,6 +3546,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - font); - } - -+ if (!forcedWebFont && font->mGenericID == kGenericFont_NONE) -+ mPresContext->AddFontUse(font->mFont); - COMPUTE_END_INHERITED(Font, font) - } - --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch b/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch deleted file mode 100644 index 38097b2..0000000 --- a/src/current-patches/firefox/0012-Rebrand-Firefox-to-TorBrowser.patch +++ /dev/null @@ -1,59 +0,0 @@ -From e04a04b7d3837b12c728a04b48be3748248e8342 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:05:11 -0700 -Subject: [PATCH 12/27] Rebrand Firefox to TorBrowser - -This patch does some basic renaming of Firefox to TorBrowser. The rest of the -branding is done by images and icons. ---- - browser/branding/official/configure.sh | 2 +- - browser/branding/official/locales/en-US/brand.dtd | 6 +++--- - .../official/locales/en-US/brand.properties | 6 +++--- - 3 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/browser/branding/official/configure.sh b/browser/branding/official/configure.sh -index 55f3f18..33102b0 100644 ---- a/browser/branding/official/configure.sh -+++ b/browser/branding/official/configure.sh -@@ -2,5 +2,5 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --MOZ_APP_DISPLAYNAME=Firefox -+MOZ_APP_DISPLAYNAME=TorBrowser - MOZ_UA_BUILDID=20100101 -diff --git a/browser/branding/official/locales/en-US/brand.dtd b/browser/branding/official/locales/en-US/brand.dtd -index 8e7f6c9..76e405d 100644 ---- a/browser/branding/official/locales/en-US/brand.dtd -+++ b/browser/branding/official/locales/en-US/brand.dtd -@@ -2,7 +2,7 @@ - - License, v. 2.0. If a copy of the MPL was not distributed with this - - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - --<!ENTITY brandShortName "Firefox"> --<!ENTITY brandFullName "Mozilla Firefox"> --<!ENTITY vendorShortName "Mozilla"> -+<!ENTITY brandShortName "TorBrowser"> -+<!ENTITY brandFullName "Tor Browser"> -+<!ENTITY vendorShortName "Tor Project"> - <!ENTITY trademarkInfo.part1 "Firefox and the Firefox logos are trademarks of the Mozilla Foundation."> -diff --git a/browser/branding/official/locales/en-US/brand.properties b/browser/branding/official/locales/en-US/brand.properties -index 4a67c55..9ae168e 100644 ---- a/browser/branding/official/locales/en-US/brand.properties -+++ b/browser/branding/official/locales/en-US/brand.properties -@@ -2,9 +2,9 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --brandShortName=Firefox --brandFullName=Mozilla Firefox --vendorShortName=Mozilla -+brandShortName=TorBrowser -+brandFullName=Tor Browser -+vendorShortName=Tor Project - - homePageSingleStartMain=Firefox Start, a fast home page with built-in search - homePageImport=Import your home page from %S --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch b/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch deleted file mode 100644 index 4959935..0000000 --- a/src/current-patches/firefox/0013-Make-Download-manager-memory-only.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 5f9d765db5e0f09fd64c710644dfed872cec3942 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 4 Dec 2012 16:05:55 -0800 -Subject: [PATCH 13/27] Make Download manager memory only. - -Solves https://trac.torproject.org/projects/tor/ticket/4017. - -Yes, this is an ugly hack. We *could* send the observer notification from -Torbutton to tell the download manager to switch to memory, but then we have -to dance around and tell it again if the user switches in and out of private -browsing mode.. - -The right way to do this is with a pref. Maybe I'll get to that someday, if -this breaks enough times in conflict. ---- - toolkit/components/downloads/nsDownloadManager.cpp | 4 ++-- - toolkit/components/downloads/nsDownloadManager.h | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/toolkit/components/downloads/nsDownloadManager.cpp b/toolkit/components/downloads/nsDownloadManager.cpp -index 024686f..7845544 100644 ---- a/toolkit/components/downloads/nsDownloadManager.cpp -+++ b/toolkit/components/downloads/nsDownloadManager.cpp -@@ -2002,7 +2002,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, - if (NS_LITERAL_STRING("memory").Equals(aData)) - return SwitchDatabaseTypeTo(DATABASE_MEMORY); - else if (NS_LITERAL_STRING("disk").Equals(aData)) -- return SwitchDatabaseTypeTo(DATABASE_DISK); -+ return SwitchDatabaseTypeTo(DATABASE_MEMORY); - } - else if (strcmp(aTopic, "alertclickcallback") == 0) { - nsCOMPtr<nsIDownloadManagerUI> dmui = -@@ -2079,7 +2079,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() - (void)ResumeAllDownloads(false); - - // Switch back to the on-disk DB again -- (void)SwitchDatabaseTypeTo(DATABASE_DISK); -+ //(void)SwitchDatabaseTypeTo(DATABASE_DISK); - - mInPrivateBrowsing = false; - } -diff --git a/toolkit/components/downloads/nsDownloadManager.h b/toolkit/components/downloads/nsDownloadManager.h -index bbe7f39..6bdad89 100644 ---- a/toolkit/components/downloads/nsDownloadManager.h -+++ b/toolkit/components/downloads/nsDownloadManager.h -@@ -54,7 +54,7 @@ public: - - virtual ~nsDownloadManager(); - nsDownloadManager() : -- mDBType(DATABASE_DISK) -+ mDBType(DATABASE_MEMORY) - , mInPrivateBrowsing(false) - #ifdef DOWNLOAD_SCANNER - , mScanner(nullptr) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch b/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch deleted file mode 100644 index e97642e..0000000 --- a/src/current-patches/firefox/0014-Add-DDG-and-StartPage-to-Omnibox.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 9e6ade2c9a98d97536cbda15be33432ca8ef8215 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 25 Apr 2012 15:03:46 -0700 -Subject: [PATCH 11/38] Add DDG and StartPage to Omnibox. - -You mean there are search engines that don't require captchas if you don't -have a cookie? Holy crap. Get those in there now. ---- - .../en-US/chrome/browser-region/region.properties | 8 +++--- - browser/locales/en-US/searchplugins/duckduckgo.xml | 29 ++++++++++++++++++++++ - browser/locales/en-US/searchplugins/list.txt | 2 ++ - browser/locales/en-US/searchplugins/startpage.xml | 11 ++++++++ - 4 files changed, 46 insertions(+), 4 deletions(-) - create mode 100644 browser/locales/en-US/searchplugins/duckduckgo.xml - create mode 100644 browser/locales/en-US/searchplugins/startpage.xml - -diff --git a/browser/locales/en-US/chrome/browser-region/region.properties b/browser/locales/en-US/chrome/browser-region/region.properties -index c3a980c..9c21f04 100644 ---- a/browser/locales/en-US/chrome/browser-region/region.properties -+++ b/browser/locales/en-US/chrome/browser-region/region.properties -@@ -3,12 +3,12 @@ - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - - # Default search engine --browser.search.defaultenginename=Google -+browser.search.defaultenginename=Startpage - - # Search engine order (order displayed in the search bar dropdown)s --browser.search.order.1=Google --browser.search.order.2=Yahoo --browser.search.order.3=Bing -+browser.search.order.1=Startpage -+browser.search.order.2=DuckDuckGo -+browser.search.order.3=Google - - # This is the default set of web based feed handlers shown in the reader - # selection UI -diff --git a/browser/locales/en-US/searchplugins/duckduckgo.xml b/browser/locales/en-US/searchplugins/duckduckgo.xml -new file mode 100644 -index 0000000..4f00b4d ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/duckduckgo.xml -@@ -0,0 +1,29 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>DuckDuckGo</ShortName> -+<Description>Duck Duck Go</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAANcNAADXDQAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAJyDsJmlk8pf6+v3s/v7+++zr/fcnIOyzJyDsgCcg7CYAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAnIOwBJyDscCcg7PZttJ7/7Pfs//////++xO7/S5GA/ycg7P8n -+IOz2JyDscCcg7AEAAAAAAAAAAAAAAAAnIOwBJyDstScg7P8nIOz/Y8p5/2fHZf9Yv0z/YcF2/1rB -+Uv8nIOz/JyDs/ycg7P8nIOy1JyDsAQAAAAAAAAAAJyDscCcg7P8nIOz/JyDs/4jQoP/p9+n///// -+/05X3v9LkYD/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAJyDsJicg7PYnIOz/JyDs/zUu7f/+/v// -+//////////89N+7/JyDs/yUo7f8nIOz/JyDs/ycg7P8nIOz2JyDsJicg7IAnIOz/JyDs/ycg7P9h -+XPH////////////t/P//GIr2/wfD+/8Gyfz/DKv5/yM57/8nIOz/JyDs/ycg7H8nIOyzJyDs/ycg -+7P8nIOz/jov1////////////Otz9/w3G/P8cWfH/JSvt/ycg7P8nIOz/JyDs/ycg7P8nIOyzJyDs -+5icg7P8nIOz/JyDs/7u5+f///////////27l/v8E0v3/BNL9/wTQ/f8Oofn/IT7v/ycg7P8nIOz/ -+JyDs5icg7OYnIOz/JyDs/ycg7P/p6P3/uWsC////////////5fr//6Po/f8Thfb/DKv5/w6f+f8n IOz/JyDs/ycg7OYnIOyzJyDs/ycg7P8nIOz/9/b+/////////////////7lrAv/V1Pv/JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOyzJyDsgCcg7P8nIOz/JyDs/8/N+///////////////////////iIX1 -+/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDsfycg7CYnIOz2JyDs/ycg7P9FP+7/q6n4/+7u/f/n5v3/ -+fXn0/yoj7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7CYAAAAAJyDscCcg7P8nIOz/wsD6/+no/f/Y -+1/z/eHTz/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAAAAAACcg7AEnIOy1JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7LUnIOwBAAAAAAAAAAAAAAAAJyDs -+AScg7HAnIOz2JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7HAnIOwBAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAJyDsJicg7IAnIOyzJyDs5icg7OYnIOyzJyDsgCcg7CYAAAAAAAAAAAAAAAAA -+AAAA+B8AAPAPAADAAwAAwAMAAIABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABAACAAQAAwAMAAMAD -+AADwDwAA+B8AAA==</Image> -+<Url type="text/html" method="POST" template="https://duckduckgo.com/html/"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://duckduckgo.com/html/</SearchForm> -+</SearchPlugin> -diff --git a/browser/locales/en-US/searchplugins/list.txt b/browser/locales/en-US/searchplugins/list.txt -index 2a1141a..0466f4e 100644 ---- a/browser/locales/en-US/searchplugins/list.txt -+++ b/browser/locales/en-US/searchplugins/list.txt -@@ -1,7 +1,9 @@ - amazondotcom - bing -+duckduckgo - eBay - google -+startpage - twitter - wikipedia - yahoo -diff --git a/browser/locales/en-US/searchplugins/startpage.xml b/browser/locales/en-US/searchplugins/startpage.xml -new file mode 100644 -index 0000000..a323fdf ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/startpage.xml -@@ -0,0 +1,11 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>Startpage</ShortName> -+<Description>Start Page</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2jkj+9YtD/vWLQ/71i0P+9otD/vaLRP72i0T+9YtE/vWLRP72i0T+9otD/vaNRP72jUT+9otF/vaLRf73kkv+9Yc///WJP//1iT//9Yk///rAmf/94Mz/+sCa//aRTv/1iUH/9ok///aJP//2i0H/9otB//aJQv/2iUL/9otC//aNRP/2jUT/9o1E//aNRP/6wpv////////////96dr/95dQ//aNRP/2kET/9pBG//aQRv/2kEb/9pBG//aRR//3lEz/95BH//mueP/7xJ3/959g//efYf/4p23//vDm//3p2//3kEr/95FJ//aRSf/niFH/95FK//aRSv/2mE//95hS/vq4iP/////////////////81bj/95xZ//q4iP//////+bF+//eZT//njFT/PSqi/2xGjv/2mVD/951V/vedVv783cX///////vQrf/++PP///////748//+8uj///////m3gf/olFr/PSuj/w8Pt/9sSJD/951V//eeWf73oVv++8ul///////5sXf/+KRi//vRsf////////////3r3v/olF//Piyk/w8Pt/9sSJH/+J5Z//ieWv/3oV/++KZf/vihXP/97N7//vn0//zTs//6wJP/+bBy//q6iP/onW//Piyl/w8Pt/8fGbH/m2iB/+icY//4pGD/96hl/viqZf74pmD/+Kxr//3iy/////////n1//ivbP/onGj/Pi2m/w8Pt/8uJKz/fFeQ/x8Zsf8+Lqb/6J9r//ivbP74rm3++Klm//mpZv/5q2f/+bR9//m0e//poW7/Pi6n/w8Pt/9sTZj/+Ktp//ira/+rd4P/Dw+3/4xijv/5snH++LN1/vmv bf/5r23/+a5t//mvb//4r2//TTuk/w8Pt/8fGrL/6ah1//ivcP/4r3P/q3yI/w8Pt/+MZpP/+bN5/vm4ev75t3X/+bV1//m1df/5t3X/+Ld3/8qUhP98XZn/Hxqz/+mse//5t3f/2p+B/x8as/8PD7f/u4qK//m7fv76u4D++bl7//m3fP/5uXz/+bl8//m5fP/5t3z/+bl//x8as/9NPKf/fWCb/x8as/8PD7f/bVOh//q5f//6v4X++sGI/vm9g//5voX/+b6F//m9hf/6vYX/+r6F//nCh/+bepr/Hxu0/w8Pt/8PD7f/fWOh//q+hf/6wof/+saN/vrGjf75xIv/+ceL//nEi//5xIv/+sSL//rHi//6x43/+ceN/+m7kP+7lpj/6ruQ//rHkP/6x43/+seQ//rLlf76ypT++seR//rJkf/6yZH/+seR//rJkf/6yZH/+8mR//vJlP/7yZT/+smU//rJlP/6yZT/+8yV//rJlf/6zpn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image> -+ -+<Url type="text/html" method="POST" template="https://startpage.com/rto/search"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://startpage.com/rto/search/</SearchForm> -+</SearchPlugin> diff --git a/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch b/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch deleted file mode 100644 index f16e57b..0000000 --- a/src/current-patches/firefox/0015-Make-nsICacheService.EvictEntries-synchronous.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 865601ec4faab63762f896c39fac69ee133d8023 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 4 Dec 2012 16:25:52 -0800 -Subject: [PATCH 15/27] Make nsICacheService.EvictEntries synchronous - -This fixes a race condition that allows cache-based EverCookies to persist for -a brief time (on the order of minutes?) after cache clearing/"New Identity". - -https://trac.torproject.org/projects/tor/ticket/5715 ---- - netwerk/cache/nsCacheService.cpp | 16 +++++++++++++++- - 1 files changed, 15 insertions(+), 1 deletions(-) - -diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp -index e88de40..5035f68 100644 ---- a/netwerk/cache/nsCacheService.cpp -+++ b/netwerk/cache/nsCacheService.cpp -@@ -1555,7 +1555,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) - - NS_IMETHODIMP nsCacheService::EvictEntries(nsCacheStoragePolicy storagePolicy) - { -- return EvictEntriesForClient(nullptr, storagePolicy); -+ NS_IMETHODIMP r; -+ r = EvictEntriesForClient(nullptr, storagePolicy); -+ -+ // XXX: Bloody hack until we get this notifier in FF14.0: -+ // https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsICacheListener#... -+ if (storagePolicy == nsICache::STORE_ANYWHERE && -+ NS_IsMainThread() && gService && gService->mInitialized) { -+ nsCacheServiceAutoLock lock(LOCK_TELEM(NSCACHESERVICE_EVICTENTRIESFORCLIENT)); -+ gService->mClearingEntries = true; -+ gService->DoomActiveEntries(); -+ gService->ClearDoomList(); -+ (void) SyncWithCacheIOThread(); -+ gService->mClearingEntries = false; -+ } -+ return r; - } - - NS_IMETHODIMP nsCacheService::GetCacheIOTarget(nsIEventTarget * *aCacheIOTarget) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch b/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch deleted file mode 100644 index 68cad05..0000000 --- a/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch +++ /dev/null @@ -1,133 +0,0 @@ -From 1c0ac4187521b5ee7f6de1a11df3bbc400fa1b53 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:07:37 -0700 -Subject: [PATCH 16/27] Prevent WebSocket DNS leak. - -This is due to an improper implementation of the WebSocket spec by Mozilla. - -"There MUST be no more than one connection in a CONNECTING state. If multiple -connections to the same IP address are attempted simultaneously, the client -MUST serialize them so that there is no more than one connection at a time -running through the following steps. - -If the client cannot determine the IP address of the remote host (for -example, because all communication is being done through a proxy server that -performs DNS queries itself), then the client MUST assume for the purposes of -this step that each host name refers to a distinct remote host," - -https://tools.ietf.org/html/rfc6455#page-15 - -They implmented the first paragraph, but not the second... - -While we're at it, we also prevent the DNS service from being used to look up -anything other than IP addresses if socks_remote_dns is set to true, so this -bug can't turn up in other components or due to 3rd party addons. ---- - netwerk/dns/nsDNSService2.cpp | 24 ++++++++++++++++++++++- - netwerk/dns/nsDNSService2.h | 1 + - netwerk/protocol/websocket/WebSocketChannel.cpp | 8 +++++- - 3 files changed, 30 insertions(+), 3 deletions(-) - -diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp -index 114af2e..4d66dc5 100644 ---- a/netwerk/dns/nsDNSService2.cpp -+++ b/netwerk/dns/nsDNSService2.cpp -@@ -374,6 +374,7 @@ nsDNSService::Init() - bool enableIDN = true; - bool disableIPv6 = false; - bool disablePrefetch = false; -+ bool disableDNS = false; - int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT; - - nsAdoptingCString ipv4OnlyDomains; -@@ -399,6 +400,10 @@ nsDNSService::Init() - - // If a manual proxy is in use, disable prefetch implicitly - prefs->GetIntPref("network.proxy.type", &proxyType); -+ -+ // If the user wants remote DNS, we should fail any lookups that still -+ // make it here. -+ prefs->GetBoolPref("network.proxy.socks_remote_dns", &disableDNS); - } - - if (mFirstTime) { -@@ -419,7 +424,7 @@ nsDNSService::Init() - - // Monitor these to see if there is a change in proxy configuration - // If a manual proxy is in use, disable prefetch implicitly -- prefs->AddObserver("network.proxy.type", this, false); -+ prefs->AddObserver("network.proxy.", this, false); - } - } - -@@ -448,6 +453,7 @@ nsDNSService::Init() - mIDN = idn; - mIPv4OnlyDomains = ipv4OnlyDomains; // exchanges buffer ownership - mDisableIPv6 = disableIPv6; -+ mDisableDNS = disableDNS; - - // Disable prefetching either by explicit preference or if a manual proxy is configured - mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL); -@@ -573,6 +579,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, - if (mDisablePrefetch && (flags & RESOLVE_SPECULATE)) - return NS_ERROR_DNS_LOOKUP_QUEUE_FULL; - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - res = mResolver; - idn = mIDN; - localDomain = mLocalDomains.GetEntry(hostname); -@@ -669,6 +683,14 @@ nsDNSService::Resolve(const nsACString &hostname, - } - NS_ENSURE_TRUE(res, NS_ERROR_OFFLINE); - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - const nsACString *hostPtr = &hostname; - - if (localDomain) { -diff --git a/netwerk/dns/nsDNSService2.h b/netwerk/dns/nsDNSService2.h -index 26d0939..c62c9dd 100644 ---- a/netwerk/dns/nsDNSService2.h -+++ b/netwerk/dns/nsDNSService2.h -@@ -41,5 +41,6 @@ private: - bool mDisableIPv6; - bool mDisablePrefetch; - bool mFirstTime; -+ bool mDisableDNS; - nsTHashtable<nsCStringHashKey> mLocalDomains; - }; -diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp -index 56a71ab..345df6e 100644 ---- a/netwerk/protocol/websocket/WebSocketChannel.cpp -+++ b/netwerk/protocol/websocket/WebSocketChannel.cpp -@@ -2157,8 +2157,12 @@ WebSocketChannel::ApplyForAdmission() - LOG(("WebSocketChannel::ApplyForAdmission: checking for concurrent open\n")); - nsCOMPtr<nsIThread> mainThread; - NS_GetMainThread(getter_AddRefs(mainThread)); -- dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -- NS_ENSURE_SUCCESS(rv, rv); -+ rv = dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -+ if (NS_FAILED(rv)) { -+ // Fall back to hostname on dispatch failure -+ mDNSRequest = nullptr; -+ OnLookupComplete(nullptr, nullptr, rv); -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch b/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch deleted file mode 100644 index 11d0e47..0000000 --- a/src/current-patches/firefox/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch +++ /dev/null @@ -1,791 +0,0 @@ -From aa6534432718dae0e3810dc441fc797ecf809c6e Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 4 Dec 2012 17:38:51 -0800 -Subject: [PATCH 17/28] Randomize HTTP request order and pipeline depth. - -This is an experimental defense against Website Traffic Fingerprinting: -http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf - -See: -https://blog.torproject.org/blog/experimental-defense-website-traffic-finger... - -This patch is different from the approach described in that post, as well as -the 10.x ESR patch, as the pipelining code has changed significantly between -the time of writing of that post and Firefox 17. - -The main control nob for this patch is now the about:config pref -"network.http.pipelining.max-optimistic-requests". The value of that pref -represents the minimum number of pipelined requests we will attempt to batch -together. - -The total outstanding pipeline size is randomized between that value and -"network.http.pipelining.maxrequests" on a per-host basis. - -Care must be taken when evaluating this defense, as pipeline behavior is -extremely sensitive to browser performance. In fact, a debug build alone is -enough to significantly impair request availability to the pipeline (due -slower document parsing and rendering). For this reason, we provide two -separate debug log defines. For most evaluation circumstances, you want to -define only WTF_TEST in an optimized build to only log request order, -combination behavior, and cases where the pipeline is forcibly disabled. - -This patch may also have some minor impact on SPDY request order, but the SPDY -implementation has not been altered directly. It has several stream queues -that may also benefit from reordering and batching, as well as a more compact -request representation that will allow more requests to be packed inside Tor -cells. If you have interest in evaluating SPDY in a study of Website Traffic -Fingerprinting, please contact me. ---- - netwerk/protocol/http/nsHttpConnectionMgr.cpp | 351 +++++++++++++++++-------- - netwerk/protocol/http/nsHttpConnectionMgr.h | 15 +- - netwerk/protocol/http/nsHttpHandler.h | 2 + - netwerk/protocol/http/nsHttpPipeline.cpp | 62 ++++- - netwerk/protocol/http/nsHttpPipeline.h | 3 + - 5 files changed, 327 insertions(+), 106 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -index 133c301..c98894c 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -@@ -20,6 +20,8 @@ - #include "prnetdb.h" - #include "mozilla/Telemetry.h" - -+#include <stdlib.h> -+ - using namespace mozilla; - using namespace mozilla::net; - -@@ -39,15 +41,26 @@ InsertTransactionSorted(nsTArray<nsHttpTransaction*> &pendingQ, nsHttpTransactio - // insert into queue with smallest valued number first. search in reverse - // order under the assumption that many of the existing transactions will - // have the same priority (usually 0). -+ uint32_t len = pendingQ.Length(); - -- for (int32_t i=pendingQ.Length()-1; i>=0; --i) { -- nsHttpTransaction *t = pendingQ[i]; -- if (trans->Priority() >= t->Priority()) { -- pendingQ.InsertElementAt(i+1, trans); -- return; -- } -+ if (pendingQ.IsEmpty()) { -+ pendingQ.InsertElementAt(0, trans); -+ return; - } -+ - pendingQ.InsertElementAt(0, trans); -+ -+ // FIXME: Refactor into standalone helper (for nsHttpPipeline) -+ // Or at least simplify this function if this shuffle ends up -+ // being an improvement. -+ uint32_t i = 0; -+ for (i=0; i < len; ++i) { -+ uint32_t ridx = rand() % len; -+ -+ nsHttpTransaction *tmp = pendingQ[i]; -+ pendingQ[i] = pendingQ[ridx]; -+ pendingQ[ridx] = tmp; -+ } - } - - //----------------------------------------------------------------------------- -@@ -919,22 +932,27 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) - nsHttpTransaction *trans; - nsresult rv; - bool dispatchedSuccessfully = false; -+ int dispatchCount = 0; -+ int total = count; - - // iterate the pending list until one is dispatched successfully. Keep - // iterating afterwards only until a transaction fails to dispatch. - for (uint32_t i = 0; i < count; ++i) { - trans = ent->mPendingQ[i]; - -- // When this transaction has already established a half-open -+ // When this entry has already established a half-open - // connection, we want to prevent any duplicate half-open - // connections from being established and bound to this -- // transaction. Allow only use of an idle persistent connection -- // (if found) for transactions referred by a half-open connection. -+ // transaction. - bool alreadyHalfOpen = false; -- for (int32_t j = 0; j < ((int32_t) ent->mHalfOpens.Length()); ++j) { -- if (ent->mHalfOpens[j]->Transaction() == trans) { -- alreadyHalfOpen = true; -- break; -+ if (ent->SupportsPipelining()) { -+ alreadyHalfOpen = (ent->UnconnectedHalfOpens() > 0); -+ } else { -+ for (int32_t j = 0; j < ((int32_t) ent->mHalfOpens.Length()); ++j) { -+ if (ent->mHalfOpens[j]->Transaction() == trans) { -+ alreadyHalfOpen = true; -+ break; -+ } - } - } - -@@ -953,16 +971,29 @@ nsHttpConnectionMgr::ProcessPendingQForEntry(nsConnectionEntry *ent) - dispatchedSuccessfully = true; - count = ent->mPendingQ.Length(); - --i; -+ dispatchCount++; - continue; - } - -- if (dispatchedSuccessfully) -- return true; -+ // We want to keep walking the dispatch table to ensure requests -+ // get combined properly. -+ //if (dispatchedSuccessfully) { -+ // return true; -+ //} - - NS_ABORT_IF_FALSE(count == ((int32_t) ent->mPendingQ.Length()), - "something mutated pending queue from " - "GetConnection()"); - } -+ -+#ifdef WTF_DEBUG -+ if (dispatchedSuccessfully) { -+ fprintf(stderr, "WTF-queue: Dispatched %d/%d pending transactions for %s\n", -+ dispatchCount, total, ent->mConnInfo->Host()); -+ return true; -+ } -+#endif -+ - return false; - } - -@@ -1247,6 +1278,10 @@ nsHttpConnectionMgr::MakeNewConnection(nsConnectionEntry *ent, - if (AtActiveConnectionLimit(ent, trans->Caps())) - return NS_ERROR_NOT_AVAILABLE; - -+#ifdef WTF_DEBUG -+ fprintf(stderr, "WTF: MakeNewConnection() is creating a transport (pipelines %d) for host %s\n", -+ ent->SupportsPipelining(), ent->mConnInfo->Host()); -+#endif - nsresult rv = CreateTransport(ent, trans, trans->Caps(), false); - if (NS_FAILED(rv)) { - /* hard failure */ -@@ -1263,7 +1298,7 @@ nsHttpConnectionMgr::MakeNewConnection(nsConnectionEntry *ent, - } - - bool --nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent, -+nsHttpConnectionMgr::AddToBestPipeline(nsConnectionEntry *ent, - nsHttpTransaction *trans, - nsHttpTransaction::Classifier classification, - uint16_t depthLimit) -@@ -1300,40 +1335,100 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent, - if (maxdepth < 2) - return false; - -- nsAHttpTransaction *activeTrans; -+ // Find out how many requests of this class we have -+ uint32_t sameClass = 0; -+ uint32_t allClasses = ent->mPendingQ.Length(); -+ for (uint32_t i = 0; i < allClasses; ++i) { -+ if (trans != ent->mPendingQ[i] && -+ classification == ent->mPendingQ[i]->Classification()) { -+ sameClass++; -+ } -+ } - -+ nsAHttpTransaction *activeTrans; -+ nsHttpPipeline *pipeline; - nsHttpConnection *bestConn = nullptr; - uint32_t activeCount = ent->mActiveConns.Length(); -- uint32_t bestConnLength = 0; -- uint32_t connLength; -+ uint32_t pipelineDepth; -+ uint32_t requestLen; -+ uint32_t totalDepth = 0; -+ -+ // Now, try to find the best pipeline -+ nsTArray<nsHttpConnection *> validConns; -+ nsTArray<nsHttpConnection *> betterConns; -+ nsTArray<nsHttpConnection *> bestConns; -+ uint32_t numPipelines = 0; - - for (uint32_t i = 0; i < activeCount; ++i) { - nsHttpConnection *conn = ent->mActiveConns[i]; -- if (!conn->SupportsPipelining()) -- continue; - -- if (conn->Classification() != classification) -+ if (!conn->SupportsPipelining()) - continue; - - activeTrans = conn->Transaction(); -+ - if (!activeTrans || - activeTrans->IsDone() || - NS_FAILED(activeTrans->Status())) - continue; - -- connLength = activeTrans->PipelineDepth(); -+ pipeline = activeTrans->QueryPipeline(); -+ if (!pipeline) -+ continue; -+ -+ numPipelines++; - -- if (maxdepth <= connLength) -+ pipelineDepth = activeTrans->PipelineDepth(); -+ requestLen = pipeline->RequestDepth(); -+ -+ totalDepth += pipelineDepth; -+ -+ // If we're within striking distance of our pipeline -+ // packaging goal, give a little slack on the depth -+ // limit to allow us to try to get there. Don't give -+ // too much slack, though, or we'll tend to have -+ // request packages of the same size when we have -+ // many content elements appear at once. -+ if (maxdepth + -+ PR_MIN(mMaxOptimisticPipelinedRequests, -+ requestLen + allClasses) -+ <= pipelineDepth) - continue; - -- if (!bestConn || (connLength < bestConnLength)) { -- bestConn = conn; -- bestConnLength = connLength; -- } -- } -+ validConns.AppendElement(conn); -+ -+ // Prefer a pipeline that either has at least two requests -+ // queued already, or for which we can add multiple requests -+ if (requestLen + allClasses < mMaxOptimisticPipelinedRequests) -+ continue; -+ -+ betterConns.AppendElement(conn); -+ -+ // Prefer a pipeline with the same classification if -+ // our current classes will put it over the line -+ if (conn->Classification() != classification) -+ continue; -+ if (requestLen + sameClass < mMaxOptimisticPipelinedRequests) -+ continue; - -- if (!bestConn) -+ bestConns.AppendElement(conn); -+ } -+ -+ const char *type; -+ if (bestConns.Length()) { -+ type = "best"; -+ bestConn = bestConns[rand()%bestConns.Length()]; -+ } else if (betterConns.Length()) { -+ type = "better"; -+ bestConn = betterConns[rand()%betterConns.Length()]; -+ } else if (validConns.Length() && totalDepth == 0) { -+ // We only use valid conns if it's a last resort -+ // (No other requests are pending or in flight) -+ type = "valid"; -+ bestConn = validConns[rand()%validConns.Length()]; -+ } else { - return false; -+ } - - activeTrans = bestConn->Transaction(); - nsresult rv = activeTrans->AddTransaction(trans); -@@ -1343,6 +1438,15 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent, - LOG((" scheduling trans %p on pipeline at position %d\n", - trans, trans->PipelinePosition())); - -+#ifdef WTF_DEBUG -+ pipeline = activeTrans->QueryPipeline(); -+ fprintf(stderr, -+ "WTF-depth: Added trans to %s of %d/%d/%d/%d pipelines. Request len %d/%d/%d for %s\n", -+ type, bestConns.Length(), betterConns.Length(), validConns.Length(), -+ numPipelines, pipeline->RequestDepth(), activeTrans->PipelineDepth(), -+ maxdepth, ent->mConnInfo->Host()); -+#endif -+ - if ((ent->PipelineState() == PS_YELLOW) && (trans->PipelinePosition() > 1)) - ent->SetYellowConnection(bestConn); - return true; -@@ -1403,26 +1507,12 @@ nsHttpConnectionMgr::TryDispatchTransaction(nsConnectionEntry *ent, - nsHttpTransaction::Classifier classification = trans->Classification(); - uint8_t caps = trans->Caps(); - -+ bool allowNewPipelines = true; -+ - // no keep-alive means no pipelines either - if (!(caps & NS_HTTP_ALLOW_KEEPALIVE)) - caps = caps & ~NS_HTTP_ALLOW_PIPELINING; - -- // 0 - If this should use spdy then dispatch it post haste. -- // 1 - If there is connection pressure then see if we can pipeline this on -- // a connection of a matching type instead of using a new conn -- // 2 - If there is an idle connection, use it! -- // 3 - if class == reval or script and there is an open conn of that type -- // then pipeline onto shortest pipeline of that class if limits allow -- // 4 - If we aren't up against our connection limit, -- // then open a new one -- // 5 - Try a pipeline if we haven't already - this will be unusual because -- // it implies a low connection pressure situation where -- // MakeNewConnection() failed.. that is possible, but unlikely, due to -- // global limits -- // 6 - no connection is available - queue it -- -- bool attemptedOptimisticPipeline = !(caps & NS_HTTP_ALLOW_PIPELINING); -- - // step 0 - // look for existing spdy connection - that's always best because it is - // essentially pipelining without head of line blocking -@@ -1436,20 +1526,27 @@ nsHttpConnectionMgr::TryDispatchTransaction(nsConnectionEntry *ent, - } - } - -- // step 1 -- // If connection pressure, then we want to favor pipelining of any kind -- if (IsUnderPressure(ent, classification) && !attemptedOptimisticPipeline) { -- attemptedOptimisticPipeline = true; -- if (AddToShortestPipeline(ent, trans, -- classification, -- mMaxOptimisticPipelinedRequests)) { -- return NS_OK; -- } -+ // step 1: Try a pipeline -+ if (caps & NS_HTTP_ALLOW_PIPELINING && -+ AddToBestPipeline(ent, trans, classification, -+ mMaxPipelinedRequests)) { -+ return NS_OK; - } - -- // step 2 -- // consider an idle persistent connection -- if (caps & NS_HTTP_ALLOW_KEEPALIVE) { -+ // Step 2: Decide if we should forbid new pipeline creation. -+ // -+ // FIXME: We repurposed mMaxOptimisticPipelinedRequests here to mean: -+ // "Don't make a new pipeline until you have this many requests pending and -+ // no potential connections to put them on". It might be nice to give this -+ // its own pref.. -+ if (HasPipelines(ent) && -+ ent->mPendingQ.Length() < mMaxOptimisticPipelinedRequests && -+ trans->Classification() != nsAHttpTransaction::CLASS_SOLO && -+ caps & NS_HTTP_ALLOW_PIPELINING) -+ allowNewPipelines = false; -+ -+ // step 3: consider an idle persistent connection -+ if (allowNewPipelines && (caps & NS_HTTP_ALLOW_KEEPALIVE)) { - nsRefPtr<nsHttpConnection> conn; - while (!conn && (ent->mIdleConns.Length() > 0)) { - conn = ent->mIdleConns[0]; -@@ -1483,21 +1580,8 @@ nsHttpConnectionMgr::TryDispatchTransaction(nsConnectionEntry *ent, - } - } - -- // step 3 -- // consider pipelining scripts and revalidations -- if (!attemptedOptimisticPipeline && -- (classification == nsHttpTransaction::CLASS_REVALIDATION || -- classification == nsHttpTransaction::CLASS_SCRIPT)) { -- attemptedOptimisticPipeline = true; -- if (AddToShortestPipeline(ent, trans, -- classification, -- mMaxOptimisticPipelinedRequests)) { -- return NS_OK; -- } -- } -- -- // step 4 -- if (!onlyReusedConnection) { -+ // step 4: Maybe make a connection? -+ if (!onlyReusedConnection && allowNewPipelines) { - nsresult rv = MakeNewConnection(ent, trans); - if (NS_SUCCEEDED(rv)) { - // this function returns NOT_AVAILABLE for asynchronous connects -@@ -1510,17 +1594,16 @@ nsHttpConnectionMgr::TryDispatchTransaction(nsConnectionEntry *ent, - return rv; - } - } -+ -+ // XXX: We dequeue and queue the same url here sometimes.. -+#ifdef WTF_DEBUG -+ nsHttpRequestHead *head = trans->RequestHead(); -+ fprintf(stderr, "WTF: Queuing url %s%s\n", -+ ent->mConnInfo->Host(), -+ head ? head->RequestURI().BeginReading() : "<unknown?>"); -+#endif - -- // step 5 -- if (caps & NS_HTTP_ALLOW_PIPELINING) { -- if (AddToShortestPipeline(ent, trans, -- classification, -- mMaxPipelinedRequests)) { -- return NS_OK; -- } -- } -- -- // step 6 -+ // step 5: Queue it - return NS_ERROR_NOT_AVAILABLE; /* queue it */ - } - -@@ -1590,10 +1673,28 @@ nsHttpConnectionMgr::DispatchAbstractTransaction(nsConnectionEntry *ent, - if (!NS_SUCCEEDED(rv)) - return rv; - transaction = pipeline; -+#ifdef WTF_DEBUG -+ if (HasPipelines(ent) && -+ ent->mPendingQ.Length()+1 < mMaxOptimisticPipelinedRequests) { -+ fprintf(stderr, "WTF-new-bug: New pipeline created from %d idle conns for host %s with %d/%d pending\n", -+ ent->mIdleConns.Length(), ent->mConnInfo->Host(), ent->mPendingQ.Length(), -+ mMaxOptimisticPipelinedRequests); -+ } else { -+ fprintf(stderr, "WTF-new: New pipeline created from %d idle conns for host %s with %d/%d pending\n", -+ ent->mIdleConns.Length(), ent->mConnInfo->Host(), ent->mPendingQ.Length(), -+ mMaxOptimisticPipelinedRequests); -+ } -+#endif - } - else { - LOG((" not using pipeline datastructure due to class solo.\n")); - transaction = aTrans; -+#ifdef WTF_TEST -+ nsHttpRequestHead *head = transaction->RequestHead(); -+ fprintf(stderr, "WTF-order: Pipeline forbidden for url %s%s\n", -+ ent->mConnInfo->Host(), -+ head ? head->RequestURI().BeginReading() : "<unknown?>"); -+#endif - } - - nsRefPtr<nsConnectionHandle> handle = new nsConnectionHandle(conn); -@@ -1691,28 +1792,20 @@ nsHttpConnectionMgr::ProcessNewTransaction(nsHttpTransaction *trans) - NS_ABORT_IF_FALSE(((int32_t)ent->mActiveConns.IndexOf(conn)) != -1, - "Sticky Connection Not In Active List"); - trans->SetConnection(nullptr); -+#ifdef WTF_TEST -+ fprintf(stderr, "WTF-bad: Sticky connection status on 1 transaction to host %s\n", -+ ent->mConnInfo->Host()); -+#endif - rv = DispatchTransaction(ent, trans, conn); -- } -- else -- rv = TryDispatchTransaction(ent, false, trans); -- -- if (NS_SUCCEEDED(rv)) { -- LOG((" ProcessNewTransaction Dispatch Immediately trans=%p\n", trans)); - return rv; - } -- -- if (rv == NS_ERROR_NOT_AVAILABLE) { -- LOG((" adding transaction to pending queue " -- "[trans=%p pending-count=%u]\n", -- trans, ent->mPendingQ.Length()+1)); -- // put this transaction on the pending queue... -+ else { -+ // XXX: maybe check the queue first and directly call TryDispatch? - InsertTransactionSorted(ent->mPendingQ, trans); - NS_ADDREF(trans); -+ ProcessPendingQForEntry(ent); - return NS_OK; - } -- -- LOG((" ProcessNewTransaction Hard Error trans=%p rv=%x\n", trans, rv)); -- return rv; - } - - -@@ -2311,10 +2404,48 @@ nsHttpConnectionMgr::OnMsgSpeculativeConnect(int32_t, void *param) - if (preferredEntry) - ent = preferredEntry; - -- if (!ent->mIdleConns.Length() && !RestrictConnections(ent) && -- !AtActiveConnectionLimit(ent, trans->Caps())) { -+ if (ent->SupportsPipelining()) { -+ /* Only speculative connect if we're not pipelining and have no other pending -+ * unconnected half-opens.. */ -+ if (ent->UnconnectedHalfOpens() == 0 && ent->mIdleConns.Length() == 0 -+ && !RestrictConnections(ent) && !HasPipelines(ent) -+ && !AtActiveConnectionLimit(ent, trans->Caps())) { -+#ifdef WTF_DEBUG -+ fprintf(stderr, "WTF: Creating speculative connection because we have no pipelines\n"); -+#endif -+ CreateTransport(ent, trans, trans->Caps(), true); -+ } -+ } else if (!ent->mIdleConns.Length() && !RestrictConnections(ent) && -+ !AtActiveConnectionLimit(ent, trans->Caps())) { -+#ifdef WTF_DEBUG -+ fprintf(stderr, "WTF: Creating speculative connection because we can't pipeline\n"); -+#endif - CreateTransport(ent, trans, trans->Caps(), true); - } -+ -+} -+ -+bool -+nsHttpConnectionMgr::HasPipelines(nsConnectionEntry *ent) -+{ -+ uint32_t activeCount = ent->mActiveConns.Length(); -+ -+ if (!ent->SupportsPipelining()) { -+ return false; -+ } -+ -+ for (uint32_t i = 0; i < activeCount; ++i) { -+ nsHttpConnection *conn = ent->mActiveConns[i]; -+ if (!conn->SupportsPipelining()) -+ continue; -+ -+ nsAHttpTransaction *activeTrans = conn->Transaction(); -+ -+ if (activeTrans && !activeTrans->IsDone() && -+ !NS_FAILED(activeTrans->Status())) -+ return true; -+ } -+ return false; - } - - bool -@@ -2661,6 +2792,10 @@ nsHalfOpenSocket::OnOutputStreamReady(nsIAsyncOutputStream *out) - nsRefPtr<nsHttpTransaction> temp = dont_AddRef(mEnt->mPendingQ[index]); - mEnt->mPendingQ.RemoveElementAt(index); - gHttpHandler->ConnMgr()->AddActiveConn(conn, mEnt); -+#ifdef WTF_DEBUG -+ fprintf(stderr, "WTF: Speculative half-opened connection is now ready for %s (pipelines %d)\n", -+ mEnt->mConnInfo->Host(), mEnt->SupportsPipelining()); -+#endif - rv = gHttpHandler->ConnMgr()->DispatchTransaction(mEnt, temp, conn); - } - else { -@@ -2852,9 +2987,13 @@ nsConnectionEntry::nsConnectionEntry(nsHttpConnectionInfo *ci) - { - NS_ADDREF(mConnInfo); - if (gHttpHandler->GetPipelineAggressive()) { -- mGreenDepth = kPipelineUnlimited; -+ // Randomize the pipeline depth (3..12) -+ mGreenDepth = gHttpHandler->GetMaxOptimisticPipelinedRequests() -+ + rand() % (gHttpHandler->GetMaxPipelinedRequests() -+ - gHttpHandler->GetMaxOptimisticPipelinedRequests()); - mPipelineState = PS_GREEN; - } -+ - mInitialGreenDepth = mGreenDepth; - memset(mPipeliningClassPenalty, 0, sizeof(int16_t) * nsAHttpTransaction::CLASS_MAX); - } -@@ -2892,8 +3031,9 @@ nsConnectionEntry::OnPipelineFeedbackInfo( - LOG(("Transaction completed at pipeline depth of %d. Host = %s\n", - depth, mConnInfo->Host())); - -- if (depth >= 3) -- mGreenDepth = kPipelineUnlimited; -+ // Don't set this. We want to keep our initial random value.. -+ //if (depth >= 3) -+ // mGreenDepth = kPipelineUnlimited; - } - - nsAHttpTransaction::Classifier classification; -@@ -2921,6 +3061,11 @@ nsConnectionEntry::OnPipelineFeedbackInfo( - mPipelineState, mConnInfo->Host())); - mPipelineState = PS_RED; - mPipeliningPenalty = 0; -+#ifdef WTF_TEST -+ fprintf(stderr, "WTF-bad: Red pipeline status disabled host %s\n", -+ mConnInfo->Host()); -+#endif -+ - } - - if (mLastCreditTime.IsNull()) -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h -index 580710a..7aecb68 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.h -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h -@@ -23,11 +23,23 @@ - #include "nsIObserver.h" - #include "nsITimer.h" - #include "nsIX509Cert3.h" -+#include "nsIRandomGenerator.h" - - class nsHttpPipeline; - - class nsIHttpUpgradeListener; - -+// We need our own optional debug define because pipelining behavior -+// is significantly altered by rendering speed (which is abysmal on -+// debug builds) -+#ifdef DEBUG -+# define WTF_DEBUG -+#endif -+ -+#ifdef WTF_DEBUG -+# define WTF_TEST -+#endif -+ - //----------------------------------------------------------------------------- - - class nsHttpConnectionMgr : public nsIObserver -@@ -478,6 +490,7 @@ private: - nsresult BuildPipeline(nsConnectionEntry *, - nsAHttpTransaction *, - nsHttpPipeline **); -+ bool HasPipelines(nsConnectionEntry *); - bool RestrictConnections(nsConnectionEntry *); - nsresult ProcessNewTransaction(nsHttpTransaction *); - nsresult EnsureSocketThreadTargetIfOnline(); -@@ -492,7 +505,7 @@ private: - - nsresult MakeNewConnection(nsConnectionEntry *ent, - nsHttpTransaction *trans); -- bool AddToShortestPipeline(nsConnectionEntry *ent, -+ bool AddToBestPipeline(nsConnectionEntry *ent, - nsHttpTransaction *trans, - nsHttpTransaction::Classifier classification, - uint16_t depthLimit); -diff --git a/netwerk/protocol/http/nsHttpHandler.h b/netwerk/protocol/http/nsHttpHandler.h -index 2963195..cd79069 100644 ---- a/netwerk/protocol/http/nsHttpHandler.h -+++ b/netwerk/protocol/http/nsHttpHandler.h -@@ -215,6 +215,8 @@ public: - nsCString& hostLine); - - bool GetPipelineAggressive() { return mPipelineAggressive; } -+ uint32_t GetMaxPipelinedRequests() { return mMaxPipelinedRequests; } -+ uint32_t GetMaxOptimisticPipelinedRequests() { return mMaxOptimisticPipelinedRequests; } - void GetMaxPipelineObjectSize(int64_t *outVal) - { - *outVal = mMaxPipelineObjectSize; -diff --git a/netwerk/protocol/http/nsHttpPipeline.cpp b/netwerk/protocol/http/nsHttpPipeline.cpp -index 9e59878..a9e9911 100644 ---- a/netwerk/protocol/http/nsHttpPipeline.cpp -+++ b/netwerk/protocol/http/nsHttpPipeline.cpp -@@ -87,6 +87,32 @@ nsHttpPipeline::~nsHttpPipeline() - free(mPushBackBuf); - } - -+// Generate a shuffled request ordering sequence -+void -+nsHttpPipeline::ShuffleTransOrder(uint32_t count) -+{ -+ if (count < 2) -+ return; -+ -+ uint32_t pos = mRequestQ[0]->PipelinePosition(); -+ uint32_t i = 0; -+ -+ for (i=0; i < count; ++i) { -+ uint32_t ridx = rand() % count; -+ -+ nsAHttpTransaction *tmp = mRequestQ[i]; -+ mRequestQ[i] = mRequestQ[ridx]; -+ mRequestQ[ridx] = tmp; -+ } -+ -+ for (i=0; i < count; ++i) { -+ mRequestQ[i]->SetPipelinePosition(pos); -+ pos++; -+ } -+ -+ LOG(("nsHttpPipeline::ShuffleTransOrder: Shuffled %d transactions.\n", count)); -+} -+ - nsresult - nsHttpPipeline::AddTransaction(nsAHttpTransaction *trans) - { -@@ -112,6 +138,8 @@ nsHttpPipeline::AddTransaction(nsAHttpTransaction *trans) - // the pipeline object. - trans->SetConnection(this); - -+ ShuffleTransOrder(mRequestQ.Length()); -+ - if (mConnection && !mClosed && mRequestQ.Length() == 1) - mConnection->ResumeSend(); - -@@ -760,8 +788,11 @@ nsHttpPipeline::CancelPipeline(nsresult originalReason) - if (respLen > 1) - mResponseQ.TruncateLength(1); - -- DontReuse(); -- Classify(nsAHttpTransaction::CLASS_SOLO); -+ /* Don't flag timed out connections as unreusable.. Tor is just slow :( */ -+ if (originalReason != NS_ERROR_NET_TIMEOUT) { -+ DontReuse(); -+ Classify(nsAHttpTransaction::CLASS_SOLO); -+ } - - return total; - } -@@ -842,8 +873,19 @@ nsHttpPipeline::FillSendBuf() - - uint32_t n; - uint64_t avail; -+ uint64_t totalAvailable = Available(); -+ uint64_t totalSent = 0; -+ uint64_t reqsSent = 0; -+ uint64_t alreadyPending = 0; -+ -+ mSendBufIn->Available(&alreadyPending); -+ - nsAHttpTransaction *trans; - nsITransport *transport = Transport(); -+#ifdef WTF_TEST -+ nsRefPtr<nsHttpConnectionInfo> ci; -+ GetConnectionInfo(getter_AddRefs(ci)); -+#endif - - while ((trans = Request(0)) != nullptr) { - avail = trans->Available(); -@@ -864,6 +906,7 @@ nsHttpPipeline::FillSendBuf() - } - - mSendingToProgress += n; -+ totalSent += n; - if (!mSuppressSendEvents && transport) { - // Simulate a SENDING_TO event - trans->OnTransportStatus(transport, -@@ -874,6 +917,14 @@ nsHttpPipeline::FillSendBuf() - - avail = trans->Available(); - if (avail == 0) { -+#ifdef WTF_TEST -+ nsHttpRequestHead *head = trans->RequestHead(); -+ fprintf(stderr, "WTF-order: Pipelined req %d/%d (%dB). Url: %s%s\n", -+ trans->PipelinePosition(), PipelineDepth(), n, -+ ci->Host(), head ? head->RequestURI().BeginReading() : "<unknown?>"); -+#endif -+ reqsSent++; -+ - // move transaction from request queue to response queue - mRequestQ.RemoveElementAt(0); - mResponseQ.AppendElement(trans); -@@ -893,5 +944,12 @@ nsHttpPipeline::FillSendBuf() - else - mRequestIsPartial = true; - } -+ -+#ifdef WTF_TEST -+ if (totalSent) -+ fprintf(stderr, "WTF-combine: Sent %d/%d bytes of %d combined pipelined requests for host %s\n", -+ alreadyPending+totalSent, totalAvailable, reqsSent, ci->Host()); -+#endif -+ - return NS_OK; - } -diff --git a/netwerk/protocol/http/nsHttpPipeline.h b/netwerk/protocol/http/nsHttpPipeline.h -index 746a196..4dc06c1 100644 ---- a/netwerk/protocol/http/nsHttpPipeline.h -+++ b/netwerk/protocol/http/nsHttpPipeline.h -@@ -27,11 +27,14 @@ public: - nsHttpPipeline(); - virtual ~nsHttpPipeline(); - -+ uint32_t RequestDepth() { return mRequestQ.Length(); } -+ - private: - nsresult FillSendBuf(); - - static NS_METHOD ReadFromPipe(nsIInputStream *, void *, const char *, - uint32_t, uint32_t, uint32_t *); -+ void ShuffleTransOrder(uint32_t); - - // convenience functions - nsAHttpTransaction *Request(int32_t i) --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0018-Emit-observer-event-to-filter-the-Drag-Drop-url-list.patch b/src/current-patches/firefox/0018-Emit-observer-event-to-filter-the-Drag-Drop-url-list.patch deleted file mode 100644 index 437329b..0000000 --- a/src/current-patches/firefox/0018-Emit-observer-event-to-filter-the-Drag-Drop-url-list.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 5e505dec0ee00899a1fa22e1759e856bb5381468 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 28 Feb 2013 18:10:16 -0800 -Subject: [PATCH 18/27] Emit observer event to filter the Drag+Drop url list - -This patch creates an "on-modify-drag-list" observer that addons can listen -to. For us, it supports Torbutton code that filters out Drag+Drop mime types -that the OS Desktop sniffs and attempts to load without Tor. - -Such proxy bypass behavior is immediate on Mac and Ubuntu: you don't even have -to release the object for it to get sniffed and cause the OS to load it -without Tor. In fact, accidentally clicking for too long on an image is enough -to cause proxy bypass on those systems. ---- - widget/xpwidgets/nsBaseDragService.cpp | 8 ++++++++ - widget/xpwidgets/nsBaseDragService.h | 2 ++ - 2 files changed, 10 insertions(+), 0 deletions(-) - -diff --git a/widget/xpwidgets/nsBaseDragService.cpp b/widget/xpwidgets/nsBaseDragService.cpp -index 805d83f..4c99b9c 100644 ---- a/widget/xpwidgets/nsBaseDragService.cpp -+++ b/widget/xpwidgets/nsBaseDragService.cpp -@@ -34,6 +34,7 @@ - #include "nsXULPopupManager.h" - #include "nsMenuPopupFrame.h" - #include "mozilla/Preferences.h" -+#include "mozilla/Services.h" - - #include "gfxContext.h" - #include "gfxPlatform.h" -@@ -49,6 +50,7 @@ nsBaseDragService::nsBaseDragService() - mImageX(0), mImageY(0), mScreenX(-1), mScreenY(-1), mSuppressLevel(0), - mInputSource(nsIDOMMouseEvent::MOZ_SOURCE_MOUSE) - { -+ mObserverService = mozilla::services::GetObserverService(); - } - - nsBaseDragService::~nsBaseDragService() -@@ -203,6 +205,12 @@ nsBaseDragService::InvokeDragSession(nsIDOMNode *aDOMNode, - NS_ENSURE_TRUE(aDOMNode, NS_ERROR_INVALID_ARG); - NS_ENSURE_TRUE(mSuppressLevel == 0, NS_ERROR_FAILURE); - -+ // Emit observer event to allow addons to modify the transfer array. -+ if (mObserverService) -+ mObserverService->NotifyObservers(aTransferableArray, -+ "on-modify-drag-list", -+ nullptr); -+ - // stash the document of the dom node - aDOMNode->GetOwnerDocument(getter_AddRefs(mSourceDocument)); - mSourceNode = aDOMNode; -diff --git a/widget/xpwidgets/nsBaseDragService.h b/widget/xpwidgets/nsBaseDragService.h -index cb00f8e..8b91899 100644 ---- a/widget/xpwidgets/nsBaseDragService.h -+++ b/widget/xpwidgets/nsBaseDragService.h -@@ -6,6 +6,7 @@ - #ifndef nsBaseDragService_h__ - #define nsBaseDragService_h__ - -+#include "nsIObserverService.h" - #include "nsIDragService.h" - #include "nsIDragSession.h" - #include "nsITransferable.h" -@@ -113,6 +114,7 @@ protected: - - uint32_t mDragAction; - nsSize mTargetSize; -+ nsCOMPtr<nsIObserverService> mObserverService; - nsCOMPtr<nsIDOMNode> mSourceNode; - nsCOMPtr<nsIDOMDocument> mSourceDocument; // the document at the drag source. will be null - // if it came from outside the app. --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0019-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch b/src/current-patches/firefox/0019-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch deleted file mode 100644 index 4baf190..0000000 --- a/src/current-patches/firefox/0019-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch +++ /dev/null @@ -1,164 +0,0 @@ -From f98cbea138095a46570912a2f624b82dff109d55 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 28 Nov 2012 17:08:29 -0500 -Subject: [PATCH 19/27] Add mozIThirdPartyUtil.getFirstPartyURI API - -API allows you to get the url bar URI for a channel or nsIDocument. ---- - content/base/src/ThirdPartyUtil.cpp | 68 ++++++++++++++++++++++++++++ - content/base/src/ThirdPartyUtil.h | 2 + - netwerk/base/public/mozIThirdPartyUtil.idl | 21 +++++++++ - 3 files changed, 91 insertions(+), 0 deletions(-) - -diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp -index 97a000e..ad1b0fa 100644 ---- a/content/base/src/ThirdPartyUtil.cpp -+++ b/content/base/src/ThirdPartyUtil.cpp -@@ -7,6 +7,9 @@ - #include "nsIServiceManager.h" - #include "nsIHttpChannelInternal.h" - #include "nsIDOMWindow.h" -+#include "nsICookiePermission.h" -+#include "nsIDOMDocument.h" -+#include "nsIDocument.h" - #include "nsILoadContext.h" - #include "nsIPrincipal.h" - #include "nsIScriptObjectPrincipal.h" -@@ -21,6 +24,7 @@ ThirdPartyUtil::Init() - - nsresult rv; - mTLDService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID, &rv); -+ mCookiePermissions = do_GetService(NS_COOKIEPERMISSION_CONTRACTID); - return rv; - } - -@@ -282,3 +286,67 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, - - return NS_OK; - } -+ -+NS_IMETHODIMP -+ThirdPartyUtil::GetFirstPartyURI(nsIChannel *aChannel, -+ nsIDocument *aDoc, -+ nsIURI **aOutput) -+{ -+ nsresult rv = NS_ERROR_NULL_POINTER; -+ -+ if (!aOutput) -+ return rv; -+ -+ *aOutput = nullptr; -+ -+ if (!aChannel && aDoc) { -+ aChannel = aDoc->GetChannel(); -+ } -+ -+ // If aChannel is specified or available, use the official route -+ // for sure -+ if (aChannel) { -+ rv = mCookiePermissions->GetOriginatingURI(aChannel, aOutput); -+ } -+ -+ // If the channel was missing, closed or broken, try the -+ // window hierarchy directly. -+ // -+ // This might fail to work for first-party loads themselves, but -+ // we don't need this codepath for that case. -+ if (NS_FAILED(rv) && aDoc) { -+ nsCOMPtr<nsIDOMWindow> top; -+ nsCOMPtr<nsIDOMDocument> topDDoc; -+ nsIURI *docURI = nullptr; -+ -+ if (aDoc->GetWindow()) { -+ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); -+ top->GetDocument(getter_AddRefs(topDDoc)); -+ -+ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); -+ docURI = topDoc->GetOriginalURI(); -+ if (docURI) { -+ // Give us a mutable URI and also addref -+ rv = NS_EnsureSafeToReturn(docURI, aOutput); -+ } -+ } else { -+ // XXX: Chrome callers (such as NoScript) can end up here -+ // through getImageData/canvas usage with no document state -+ // (no Window and a document URI of about:blank). Propogate -+ // rv fail (by doing nothing), and hope caller recovers. -+ } -+ -+ if (*aOutput) -+ rv = NS_OK; -+ } -+ -+ // TODO: We could provide a route through the loadgroup + notification -+ // callbacks too, but either channel or document was always available -+ // in the cases where this function was originally needed (the image cache). -+ // The notification callbacks also appear to suffers from the same limitation -+ // as the document path. See nsICookiePermissions.GetOriginatingURI() for -+ // details. -+ -+ return rv; -+} -+ -diff --git a/content/base/src/ThirdPartyUtil.h b/content/base/src/ThirdPartyUtil.h -index 3f50ac3..fe7b214 100644 ---- a/content/base/src/ThirdPartyUtil.h -+++ b/content/base/src/ThirdPartyUtil.h -@@ -9,6 +9,7 @@ - #include "nsString.h" - #include "mozIThirdPartyUtil.h" - #include "nsIEffectiveTLDService.h" -+#include "nsICookiePermission.h" - #include "mozilla/Attributes.h" - - class nsIURI; -@@ -29,6 +30,7 @@ private: - static already_AddRefed<nsIURI> GetURIFromWindow(nsIDOMWindow* aWin); - - nsCOMPtr<nsIEffectiveTLDService> mTLDService; -+ nsCOMPtr<nsICookiePermission> mCookiePermissions; - }; - - #endif -diff --git a/netwerk/base/public/mozIThirdPartyUtil.idl b/netwerk/base/public/mozIThirdPartyUtil.idl -index 578d8db..963385c 100644 ---- a/netwerk/base/public/mozIThirdPartyUtil.idl -+++ b/netwerk/base/public/mozIThirdPartyUtil.idl -@@ -7,6 +7,7 @@ - interface nsIURI; - interface nsIDOMWindow; - interface nsIChannel; -+interface nsIDocument; - - /** - * Utility functions for determining whether a given URI, channel, or window -@@ -140,6 +141,26 @@ interface mozIThirdPartyUtil : nsISupports - * @return the base domain. - */ - AUTF8String getBaseDomain(in nsIURI aHostURI); -+ -+ -+ /** -+ * getFirstPartyURI -+ * -+ * Obtain the top-level url bar URI for either a channel or a document. -+ * Either parameter may be null (but not both). -+ * -+ * @param aChannel -+ * An arbitrary channel for some content element of a first party -+ * load. Can be null. -+ * -+ * @param aDoc -+ * An arbitrary third party document. Can be null. -+ * -+ * @return the first party url bar URI for the load. -+ */ -+ nsIURI getFirstPartyURI(in nsIChannel aChannel, -+ in nsIDocument aDoc); -+ - }; - - %{ C++ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0020-Add-canvas-image-extraction-prompt.patch b/src/current-patches/firefox/0020-Add-canvas-image-extraction-prompt.patch deleted file mode 100644 index b5d2f93..0000000 --- a/src/current-patches/firefox/0020-Add-canvas-image-extraction-prompt.patch +++ /dev/null @@ -1,548 +0,0 @@ -From 43871b07e1ae9a55136f5a4d4454011eae5569f8 Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Tue, 27 Nov 2012 13:13:40 -0500 -Subject: [PATCH 20/27] Add canvas image extraction prompt. - ---- - browser/base/content/browser.js | 102 ++++++++++++++++++++ - browser/base/content/browser.xul | 1 + - .../en-US/chrome/browser/browser.properties | 7 ++ - browser/themes/gnomestripe/browser.css | 2 + - browser/themes/pinstripe/browser.css | 2 + - browser/themes/winstripe/browser.css | 2 + - content/canvas/src/CanvasUtils.cpp | 65 +++++++++++++ - content/canvas/src/CanvasUtils.h | 2 + - content/canvas/src/nsCanvasRenderingContext2D.cpp | 16 +++ - .../canvas/src/nsCanvasRenderingContext2DAzure.cpp | 16 +++ - content/html/content/public/nsHTMLCanvasElement.h | 3 + - content/html/content/src/Makefile.in | 1 + - content/html/content/src/nsHTMLCanvasElement.cpp | 40 ++++++-- - 13 files changed, 249 insertions(+), 10 deletions(-) - -diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js -index bd2feed..50054e7 100644 ---- a/browser/base/content/browser.js -+++ b/browser/base/content/browser.js -@@ -1280,6 +1280,7 @@ var gBrowserInit = { - BrowserOffline.init(); - OfflineApps.init(); - IndexedDBPromptHelper.init(); -+ CanvasPermissionPromptHelper.init(); - gFormSubmitObserver.init(); - SocialUI.init(); - AddonManager.addAddonListener(AddonsMgrListener); -@@ -1637,6 +1638,7 @@ var gBrowserInit = { - BrowserOffline.uninit(); - OfflineApps.uninit(); - IndexedDBPromptHelper.uninit(); -+ CanvasPermissionPromptHelper.uninit(); - AddonManager.removeAddonListener(AddonsMgrListener); - SocialUI.uninit(); - } -@@ -6127,6 +6129,106 @@ var IndexedDBPromptHelper = { - } - }; - -+var CanvasPermissionPromptHelper = { -+ _permissionsPrompt: "canvas-permissions-prompt", -+ _notificationIcon: "canvas-notification-icon", -+ -+ init: -+ function CanvasPermissionPromptHelper_init() { -+ Services.obs.addObserver(this, this._permissionsPrompt, false); -+ }, -+ -+ uninit: -+ function CanvasPermissionPromptHelper_uninit() { -+ Services.obs.removeObserver(this, this._permissionsPrompt, false); -+ }, -+ -+ // aSubject is an nsIDOMWindow. -+ // aData is an URL string. -+ observe: -+ function CanvasPermissionPromptHelper_observe(aSubject, aTopic, aData) { -+ if ((aTopic != this._permissionsPrompt) || !aData) -+ throw new Error("Unexpected topic or missing URL"); -+ -+ var uri = makeURI(aData); -+ var contentWindow = aSubject.QueryInterface(Ci.nsIDOMWindow); -+ var contentDocument = contentWindow.document; -+ var browserWindow = -+ OfflineApps._getBrowserWindowForContentWindow(contentWindow); -+ -+ if (browserWindow != window) { -+ // Must belong to some other window. -+ return; -+ } -+ -+ // If canvas prompt is already displayed, just return. This is OK (and -+ // more efficient) since this permission is associated with the top -+ // browser's URL. -+ if (PopupNotifications.getNotification(aTopic, browser)) -+ return; -+ -+ var bundleSvc = Cc["@mozilla.org/intl/stringbundle;1"]. -+ getService(Ci.nsIStringBundleService); -+ var torBtnBundle; -+ try { -+ torBtnBundle = bundleSvc.createBundle( -+ "chrome://torbutton/locale/torbutton.properties"); -+ } catch (e) {} -+ -+ var message = getLocalizedString("canvas.siteprompt", [ uri.asciiHost ]); -+ -+ var mainAction = { -+ label: getLocalizedString("canvas.allow"), -+ accessKey: getLocalizedString("canvas.allowAccessKey"), -+ callback: function() { -+ setCanvasPermission(uri, Ci.nsIPermissionManager.ALLOW_ACTION); -+ } -+ }; -+ -+ var secondaryActions = [ -+ { -+ label: getLocalizedString("canvas.never"), -+ accessKey: getLocalizedString("canvas.neverAccessKey"), -+ callback: function() { -+ setCanvasPermission(uri, Ci.nsIPermissionManager.DENY_ACTION); -+ } -+ } -+ ]; -+ -+ // Since we have a process in place to perform localization for the -+ // Torbutton extension, get our strings from the extension if possible. -+ function getLocalizedString(aID, aParams) { -+ var s; -+ if (torBtnBundle) try { -+ if (aParams) -+ s = torBtnBundle.formatStringFromName(aID, aParams, aParams.length); -+ else -+ s = torBtnBundle.GetStringFromName(aID); -+ } catch (e) {} -+ -+ if (!s) { -+ if (aParams) -+ s = gNavigatorBundle.getFormattedString(aID, aParams); -+ else -+ s = gNavigatorBundle.getString(aID); -+ } -+ -+ return s; -+ } -+ -+ function setCanvasPermission(aURI, aPerm) { -+ Services.perms.add(aURI, "canvas/extractData", aPerm, -+ Ci.nsIPermissionManager.EXPIRE_NEVER); -+ } -+ -+ var browser = OfflineApps._getBrowserForContentWindow(browserWindow, -+ contentWindow); -+ notification = PopupNotifications.show(browser, aTopic, message, -+ this._notificationIcon, mainAction, -+ secondaryActions, null); -+ } -+}; -+ - function WindowIsClosing() - { - if (TabView.isVisible()) { -diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul -index 1982eb1..d4a20cd 100644 ---- a/browser/base/content/browser.xul -+++ b/browser/base/content/browser.xul -@@ -573,6 +573,7 @@ - <image id="identity-notification-icon" class="notification-anchor-icon" role="button"/> - <image id="geo-notification-icon" class="notification-anchor-icon" role="button"/> - <image id="addons-notification-icon" class="notification-anchor-icon" role="button"/> -+ <image id="canvas-notification-icon" class="notification-anchor-icon" role="button"/> - <image id="indexedDB-notification-icon" class="notification-anchor-icon" role="button"/> - <image id="password-notification-icon" class="notification-anchor-icon" role="button"/> - <image id="webapps-notification-icon" class="notification-anchor-icon" role="button"/> -diff --git a/browser/locales/en-US/chrome/browser/browser.properties b/browser/locales/en-US/chrome/browser/browser.properties -index 1a9f457..4e61cb9 100644 ---- a/browser/locales/en-US/chrome/browser/browser.properties -+++ b/browser/locales/en-US/chrome/browser/browser.properties -@@ -218,6 +218,13 @@ offlineApps.usage=This website (%S) is now storing more than %SMB of data on you - offlineApps.manageUsage=Show settings - offlineApps.manageUsageAccessKey=S - -+# Canvas permission prompt -+canvas.siteprompt=This website (%S) attempted to access image data on a canvas. Since canvas image data can be used to discover information about your computer, blank image data was returned this time. -+canvas.allow=Allow in the Future -+canvas.allowAccessKey=A -+canvas.never=Never for This Site -+canvas.neverAccessKey=e -+ - # LOCALIZATION NOTE (indexedDB.usage): %1$S is the website host name - # %2$S a number of megabytes. - indexedDB.usage=This website (%1$S) is attempting to store more than %2$S MB of data on your computer for offline use. -diff --git a/browser/themes/gnomestripe/browser.css b/browser/themes/gnomestripe/browser.css -index a90d500..fd5d042 100644 ---- a/browser/themes/gnomestripe/browser.css -+++ b/browser/themes/gnomestripe/browser.css -@@ -1185,6 +1185,7 @@ toolbar[iconsize="small"] #feed-button { - list-style-image: url("moz-icon://stock/gtk-cancel?size=menu"); - } - -+.popup-notification-icon[popupid="canvas-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-quota-prompt"] { - list-style-image: url(chrome://global/skin/icons/question-64.png); -@@ -1250,6 +1251,7 @@ toolbar[iconsize="small"] #feed-button { - list-style-image: url(chrome://mozapps/skin/extensions/extensionGeneric-16.png); - } - -+#canvas-notification-icon, - #indexedDB-notification-icon { - list-style-image: url(chrome://global/skin/icons/question-16.png); - } -diff --git a/browser/themes/pinstripe/browser.css b/browser/themes/pinstripe/browser.css -index cb98808..69b908f 100644 ---- a/browser/themes/pinstripe/browser.css -+++ b/browser/themes/pinstripe/browser.css -@@ -2433,10 +2433,12 @@ toolbarbutton.chevron > .toolbarbutton-menu-dropmarker { - -moz-image-region: rect(0px, 48px, 16px, 32px); - } - -+#canvas-notification-icon, - #indexedDB-notification-icon { - list-style-image: url(chrome://global/skin/icons/question-16.png); - } - -+.popup-notification-icon[popupid="canvas-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-quota-prompt"] { - list-style-image: url(chrome://global/skin/icons/question-64.png); -diff --git a/browser/themes/winstripe/browser.css b/browser/themes/winstripe/browser.css -index d02eed6..70aab91 100644 ---- a/browser/themes/winstripe/browser.css -+++ b/browser/themes/winstripe/browser.css -@@ -2319,6 +2319,7 @@ toolbarbutton.bookmark-item[dragover="true"][open="true"] { - -moz-image-region: rect(32px, 32px, 48px, 16px); - } - -+.popup-notification-icon[popupid="canvas-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-permissions-prompt"], - .popup-notification-icon[popupid="indexedDB-quota-prompt"] { - list-style-image: url(chrome://global/skin/icons/question-64.png); -@@ -2382,6 +2383,7 @@ toolbarbutton.bookmark-item[dragover="true"][open="true"] { - list-style-image: url(chrome://mozapps/skin/extensions/extensionGeneric-16.png); - } - -+#canvas-notification-icon, - #indexedDB-notification-icon { - list-style-image: url(chrome://global/skin/icons/question-16.png); - } -diff --git a/content/canvas/src/CanvasUtils.cpp b/content/canvas/src/CanvasUtils.cpp -index 4173891..2ec463f 100644 ---- a/content/canvas/src/CanvasUtils.cpp -+++ b/content/canvas/src/CanvasUtils.cpp -@@ -24,9 +24,74 @@ - #include "CanvasUtils.h" - #include "mozilla/gfx/Matrix.h" - -+#include "nsIScriptObjectPrincipal.h" -+#include "nsIPermissionManager.h" -+#include "nsIObserverService.h" -+#include "mozilla/Services.h" -+#include "mozIThirdPartyUtil.h" -+#include "nsContentUtils.h" -+#include "nsUnicharUtils.h" -+ -+#define TOPIC_CANVAS_PERMISSIONS_PROMPT "canvas-permissions-prompt" -+#define PERMISSION_CANVAS_EXTRACT_DATA "canvas/extractData" -+ - namespace mozilla { - namespace CanvasUtils { - -+// Check site-specific permission and display prompt if appropriate. -+bool -+IsImageExtractionAllowed(nsIDocument *aDocument) -+{ -+ if (!aDocument) -+ return false; -+ -+ nsPIDOMWindow *win = aDocument->GetWindow(); -+ nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(win)); -+ if (sop && nsContentUtils::IsSystemPrincipal(sop->GetPrincipal())) -+ return true; -+ -+ bool isAllowed = false; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = -+ do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ nsCOMPtr<nsIPermissionManager> permissionManager = -+ do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); -+ if (thirdPartyUtil && permissionManager) { -+ nsCOMPtr<nsIURI> uri; -+ nsresult rv = thirdPartyUtil->GetFirstPartyURI(NULL, aDocument, -+ getter_AddRefs(uri)); -+ uint32_t permission = nsIPermissionManager::UNKNOWN_ACTION; -+ if (NS_SUCCEEDED(rv)) { -+ // Allow local files to access canvas data; check content permissions -+ // for remote pages. -+ bool isFileURL = false; -+ (void)uri->SchemeIs("file", &isFileURL); -+ if (isFileURL) -+ permission = nsIPermissionManager::ALLOW_ACTION; -+ else { -+ rv = permissionManager->TestPermission(uri, -+ PERMISSION_CANVAS_EXTRACT_DATA, &permission); -+ } -+ } -+ -+ if (NS_SUCCEEDED(rv)) { -+ isAllowed = (permission == nsIPermissionManager::ALLOW_ACTION); -+ -+ if (!isAllowed && (permission != nsIPermissionManager::DENY_ACTION)) { -+ // Send notification so that a prompt is displayed. -+ nsCString spec; -+ rv = uri->GetSpec(spec); -+ NS_ENSURE_SUCCESS(rv, rv); -+ nsCOMPtr<nsIObserverService> obs = -+ mozilla::services::GetObserverService(); -+ obs->NotifyObservers(win, TOPIC_CANVAS_PERMISSIONS_PROMPT, -+ NS_ConvertUTF8toUTF16(spec).get()); -+ } -+ } -+ } -+ -+ return isAllowed; -+} -+ - void - DoDrawImageSecurityCheck(nsHTMLCanvasElement *aCanvasElement, - nsIPrincipal *aPrincipal, -diff --git a/content/canvas/src/CanvasUtils.h b/content/canvas/src/CanvasUtils.h -index d464d0b..f266de6 100644 ---- a/content/canvas/src/CanvasUtils.h -+++ b/content/canvas/src/CanvasUtils.h -@@ -45,6 +45,8 @@ void DoDrawImageSecurityCheck(nsHTMLCanvasElement *aCanvasElement, - bool forceWriteOnly, - bool CORSUsed); - -+bool IsImageExtractionAllowed(nsIDocument *aDocument); -+ - // Make a double out of |v|, treating undefined values as 0.0 (for - // the sake of sparse arrays). Return true iff coercion - // succeeded. -diff --git a/content/canvas/src/nsCanvasRenderingContext2D.cpp b/content/canvas/src/nsCanvasRenderingContext2D.cpp -index 1ee7a02..0dec654 100644 ---- a/content/canvas/src/nsCanvasRenderingContext2D.cpp -+++ b/content/canvas/src/nsCanvasRenderingContext2D.cpp -@@ -3946,6 +3946,22 @@ nsCanvasRenderingContext2D::GetImageDataArray(JSContext* aCx, - - uint8_t* data = JS_GetUint8ClampedArrayData(darray, aCx); - -+ // Check for site-specific permission and return all-white, opaque pixel -+ // data if no permission. This check is not needed if the canvas was -+ // created with a docshell (that is only done for special internal uses). -+ bool usePlaceholder = false; -+ if (mCanvasElement) { -+ nsCOMPtr<nsIDocument> ownerDoc = mCanvasElement->OwnerDoc(); -+ usePlaceholder = !ownerDoc || -+ !CanvasUtils::IsImageExtractionAllowed(ownerDoc); -+ } -+ -+ if (usePlaceholder) { -+ memset(data, 0xFF, len.value()); -+ *aRetval = darray; -+ return NS_OK; -+ } -+ - /* Copy the surface contents to the buffer */ - nsRefPtr<gfxImageSurface> tmpsurf = - new gfxImageSurface(data, -diff --git a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -index 07b5236..d86ba32 100644 ---- a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -+++ b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -@@ -4251,6 +4251,22 @@ nsCanvasRenderingContext2DAzure::GetImageDataArray(JSContext* aCx, - - uint8_t* data = JS_GetUint8ClampedArrayData(darray, aCx); - -+ // Check for site-specific permission and return all-white, opaque pixel -+ // data if no permission. This check is not needed if the canvas was -+ // created with a docshell (that is only done for special internal uses). -+ bool usePlaceholder = false; -+ if (mCanvasElement) { -+ nsCOMPtr<nsIDocument> ownerDoc = mCanvasElement->OwnerDoc(); -+ usePlaceholder = !ownerDoc || -+ !CanvasUtils::IsImageExtractionAllowed(ownerDoc); -+ } -+ -+ if (usePlaceholder) { -+ memset(data, 0xFF, len.value()); -+ *aRetval = darray; -+ return NS_OK; -+ } -+ - IntRect srcRect(0, 0, mWidth, mHeight); - IntRect destRect(aX, aY, aWidth, aHeight); - -diff --git a/content/html/content/public/nsHTMLCanvasElement.h b/content/html/content/public/nsHTMLCanvasElement.h -index 2c11600..65da344 100644 ---- a/content/html/content/public/nsHTMLCanvasElement.h -+++ b/content/html/content/public/nsHTMLCanvasElement.h -@@ -157,13 +157,16 @@ protected: - nsresult UpdateContext(nsIPropertyBag *aNewContextOptions = nullptr); - nsresult ExtractData(const nsAString& aType, - const nsAString& aOptions, -+ bool aUsePlaceholder, - nsIInputStream** aStream, - bool& aFellBackToPNG); - nsresult ToDataURLImpl(const nsAString& aMimeType, - nsIVariant* aEncoderOptions, -+ bool aUsePlaceholder, - nsAString& aDataURL); - nsresult MozGetAsFileImpl(const nsAString& aName, - const nsAString& aType, -+ bool aUsePlaceholder, - nsIDOMFile** aResult); - nsresult GetContextHelper(const nsAString& aContextId, - bool aForceThebes, -diff --git a/content/html/content/src/Makefile.in b/content/html/content/src/Makefile.in -index 9466587..86368a2 100644 ---- a/content/html/content/src/Makefile.in -+++ b/content/html/content/src/Makefile.in -@@ -113,6 +113,7 @@ INCLUDES += \ - -I$(srcdir)/../../../events/src \ - -I$(srcdir)/../../../xbl/src \ - -I$(srcdir)/../../../xul/content/src \ -+ -I$(srcdir)/../../../canvas/src/ \ - -I$(srcdir)/../../../../layout/forms \ - -I$(srcdir)/../../../../layout/style \ - -I$(srcdir)/../../../../layout/tables \ -diff --git a/content/html/content/src/nsHTMLCanvasElement.cpp b/content/html/content/src/nsHTMLCanvasElement.cpp -index 961ebf1..13a6910 100644 ---- a/content/html/content/src/nsHTMLCanvasElement.cpp -+++ b/content/html/content/src/nsHTMLCanvasElement.cpp -@@ -31,6 +31,8 @@ - - #include "nsIWritablePropertyBag2.h" - -+#include "CanvasUtils.h" -+ - #define DEFAULT_CANVAS_WIDTH 300 - #define DEFAULT_CANVAS_HEIGHT 150 - -@@ -184,7 +186,10 @@ nsHTMLCanvasElement::ToDataURL(const nsAString& aType, nsIVariant* aParams, - return NS_ERROR_DOM_SECURITY_ERR; - } - -- return ToDataURLImpl(aType, aParams, aDataURL); -+ // Check site-specific permission and display prompt if appropriate. -+ // If no permission, return all-white, opaque image data. -+ bool usePlaceholder = !CanvasUtils::IsImageExtractionAllowed(OwnerDoc()); -+ return ToDataURLImpl(aType, aParams, usePlaceholder, aDataURL); - } - - // nsHTMLCanvasElement::mozFetchAsStream -@@ -200,7 +205,7 @@ nsHTMLCanvasElement::MozFetchAsStream(nsIInputStreamCallback *aCallback, - bool fellBackToPNG = false; - nsCOMPtr<nsIInputStream> inputData; - -- rv = ExtractData(aType, EmptyString(), getter_AddRefs(inputData), fellBackToPNG); -+ rv = ExtractData(aType, EmptyString(), false, getter_AddRefs(inputData), fellBackToPNG); - NS_ENSURE_SUCCESS(rv, rv); - - nsCOMPtr<nsIAsyncInputStream> asyncData = do_QueryInterface(inputData, &rv); -@@ -220,19 +225,26 @@ nsHTMLCanvasElement::MozFetchAsStream(nsIInputStreamCallback *aCallback, - nsresult - nsHTMLCanvasElement::ExtractData(const nsAString& aType, - const nsAString& aOptions, -+ bool aUsePlaceholder, - nsIInputStream** aStream, - bool& aFellBackToPNG) - { - // note that if we don't have a current context, the spec says we're - // supposed to just return transparent black pixels of the canvas - // dimensions. -+ // If placeholder data was requested, return all-white, opaque image data. - nsRefPtr<gfxImageSurface> emptyCanvas; - nsIntSize size = GetWidthHeight(); -- if (!mCurrentContext) { -+ if (aUsePlaceholder || !mCurrentContext) { - emptyCanvas = new gfxImageSurface(gfxIntSize(size.width, size.height), gfxASurface::ImageFormatARGB32); - if (emptyCanvas->CairoStatus()) { - return NS_ERROR_INVALID_ARG; - } -+ -+ if (aUsePlaceholder) { -+ int32_t dataSize = emptyCanvas->GetDataSize(); -+ memset(emptyCanvas->Data(), 0xFF, dataSize); -+ } - } - - nsresult rv; -@@ -242,12 +254,13 @@ nsHTMLCanvasElement::ExtractData(const nsAString& aType, - NS_ConvertUTF16toUTF8 encoderType(aType); - - try_again: -- if (mCurrentContext) { -+ if (!aUsePlaceholder && mCurrentContext) { - rv = mCurrentContext->GetInputStream(encoderType.get(), - nsPromiseFlatString(aOptions).get(), - getter_AddRefs(imgStream)); - } else { -- // no context, so we have to encode the empty image we created above -+ // Using placeholder or we have no context: encode the empty/white image -+ // we created above. - nsCString enccid("@mozilla.org/image/encoder;2?type="); - enccid += encoderType; - -@@ -285,6 +298,7 @@ nsHTMLCanvasElement::ExtractData(const nsAString& aType, - nsresult - nsHTMLCanvasElement::ToDataURLImpl(const nsAString& aMimeType, - nsIVariant* aEncoderOptions, -+ bool aUsePlaceholder, - nsAString& aDataURL) - { - bool fallbackToPNG = false; -@@ -340,13 +354,15 @@ nsHTMLCanvasElement::ToDataURLImpl(const nsAString& aMimeType, - } - - nsCOMPtr<nsIInputStream> stream; -- rv = ExtractData(type, params, getter_AddRefs(stream), fallbackToPNG); -+ rv = ExtractData(type, params, aUsePlaceholder, -+ getter_AddRefs(stream), fallbackToPNG); - - // If there are unrecognized custom parse options, we should fall back to - // the default values for the encoder without any options at all. - if (rv == NS_ERROR_INVALID_ARG && usingCustomParseOptions) { - fallbackToPNG = false; -- rv = ExtractData(type, EmptyString(), getter_AddRefs(stream), fallbackToPNG); -+ rv = ExtractData(type, EmptyString(), aUsePlaceholder, -+ getter_AddRefs(stream), fallbackToPNG); - } - - NS_ENSURE_SUCCESS(rv, rv); -@@ -378,19 +394,23 @@ nsHTMLCanvasElement::MozGetAsFile(const nsAString& aName, - return NS_ERROR_DOM_SECURITY_ERR; - } - -- return MozGetAsFileImpl(aName, aType, aResult); -+ // Check site-speciifc permission and display prompt if appropriate. -+ // If no permission, return all-white, opaque image data. -+ bool usePlaceholder = !CanvasUtils::IsImageExtractionAllowed(OwnerDoc()); -+ return MozGetAsFileImpl(aName, aType, usePlaceholder, aResult); - } - - nsresult - nsHTMLCanvasElement::MozGetAsFileImpl(const nsAString& aName, - const nsAString& aType, -+ bool aUsePlaceholder, - nsIDOMFile** aResult) - { - bool fallbackToPNG = false; - - nsCOMPtr<nsIInputStream> stream; -- nsresult rv = ExtractData(aType, EmptyString(), getter_AddRefs(stream), -- fallbackToPNG); -+ nsresult rv = ExtractData(aType, EmptyString(), aUsePlaceholder, -+ getter_AddRefs(stream), fallbackToPNG); - NS_ENSURE_SUCCESS(rv, rv); - - nsAutoString type(aType); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0021-Return-client-window-coordinates-for-mouse-event-scr.patch b/src/current-patches/firefox/0021-Return-client-window-coordinates-for-mouse-event-scr.patch deleted file mode 100644 index 0cee032..0000000 --- a/src/current-patches/firefox/0021-Return-client-window-coordinates-for-mouse-event-scr.patch +++ /dev/null @@ -1,77 +0,0 @@ -From b0696055ca1d34426ae1c8ce2761404d3261525e Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Wed, 28 Nov 2012 10:49:09 -0500 -Subject: [PATCH 21/27] Return client window coordinates for mouse event - screenX/Y (for dragend, 0,0 is returned). - ---- - content/events/src/nsDOMMouseEvent.cpp | 22 ++++++++++++++++++++++ - content/events/src/nsDOMTouchEvent.cpp | 6 ++++-- - 2 files changed, 26 insertions(+), 2 deletions(-) - -diff --git a/content/events/src/nsDOMMouseEvent.cpp b/content/events/src/nsDOMMouseEvent.cpp -index 0817397..3d8b26a 100644 ---- a/content/events/src/nsDOMMouseEvent.cpp -+++ b/content/events/src/nsDOMMouseEvent.cpp -@@ -301,6 +301,20 @@ nsDOMMouseEvent::GetMozMovementY(int32_t* aMovementY) - NS_METHOD nsDOMMouseEvent::GetScreenX(int32_t* aScreenX) - { - NS_ENSURE_ARG_POINTER(aScreenX); -+ bool isChrome = nsContentUtils::IsCallerChrome(); -+ if (!isChrome) -+ { -+ // For non-chrome callers, return client coordinates instead. -+ // For some events, the result will be zero; specifically, for dragend -+ // events (there is no widget associated with dragend events, which -+ // causes GetClientX() to return zero). Since dragend is for the drag -+ // originator and not for the receiver, it is probably not widely used -+ // (receivers get a drop event). Therefore, returning 0 should not break -+ // many web pages. Also, a few years ago Firefox returned 0. -+ // See: https://bugzilla.mozilla.org/show_bug.cgi?id=466379 -+ return GetClientX(aScreenX); -+ } -+ - *aScreenX = nsDOMEvent::GetScreenCoords(mPresContext, - mEvent, - mEvent->refPoint).x; -@@ -311,6 +325,14 @@ NS_IMETHODIMP - nsDOMMouseEvent::GetScreenY(int32_t* aScreenY) - { - NS_ENSURE_ARG_POINTER(aScreenY); -+ bool isChrome = nsContentUtils::IsCallerChrome(); -+ if (!isChrome) -+ { -+ // For non-chrome callers, return client coordinates instead. -+ // See also the comment in nsDOMMouseEvent::GetScreenX(). -+ return GetClientY(aScreenY); -+ } -+ - *aScreenY = nsDOMEvent::GetScreenCoords(mPresContext, - mEvent, - mEvent->refPoint).y; -diff --git a/content/events/src/nsDOMTouchEvent.cpp b/content/events/src/nsDOMTouchEvent.cpp -index ccf4864..64ab0e8 100644 ---- a/content/events/src/nsDOMTouchEvent.cpp -+++ b/content/events/src/nsDOMTouchEvent.cpp -@@ -44,14 +44,16 @@ nsDOMTouch::GetTarget(nsIDOMEventTarget** aTarget) - NS_IMETHODIMP - nsDOMTouch::GetScreenX(int32_t* aScreenX) - { -- *aScreenX = mScreenPoint.x; -+ bool isChrome = nsContentUtils::IsCallerChrome(); -+ *aScreenX = isChrome ? mScreenPoint.x : mClientPoint.x; - return NS_OK; - } - - NS_IMETHODIMP - nsDOMTouch::GetScreenY(int32_t* aScreenY) - { -- *aScreenY = mScreenPoint.y; -+ bool isChrome = nsContentUtils::IsCallerChrome(); -+ *aScreenY = isChrome ? mScreenPoint.y : mClientPoint.y; - return NS_OK; - } - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0022-Do-not-expose-physical-screen-info.-via-window-and-w.patch b/src/current-patches/firefox/0022-Do-not-expose-physical-screen-info.-via-window-and-w.patch deleted file mode 100644 index 621d2a8..0000000 --- a/src/current-patches/firefox/0022-Do-not-expose-physical-screen-info.-via-window-and-w.patch +++ /dev/null @@ -1,310 +0,0 @@ -From 73dd7935b3e9a226e868844bf9a92b257416c5ec Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Wed, 28 Nov 2012 11:25:14 -0500 -Subject: [PATCH 22/27] Do not expose physical screen info. via window and - window.screen. - ---- - dom/base/nsGlobalWindow.cpp | 46 ++++++++++++++++++++++ - dom/base/nsGlobalWindow.h | 2 + - dom/base/nsScreen.cpp | 90 +++++++++++++++++++++++++++++++++++++++++++ - dom/base/nsScreen.h | 3 + - 4 files changed, 141 insertions(+), 0 deletions(-) - -diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp -index f675f87..48bd71d 100644 ---- a/dom/base/nsGlobalWindow.cpp -+++ b/dom/base/nsGlobalWindow.cpp -@@ -3745,6 +3745,10 @@ nsGlobalWindow::GetOuterWidth(int32_t* aOuterWidth) - { - FORWARD_TO_OUTER(GetOuterWidth, (aOuterWidth), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, return inner width to prevent fingerprinting. -+ if (!IsChrome()) -+ return GetInnerWidth(aOuterWidth); -+ - nsIntSize sizeCSSPixels; - nsresult rv = GetOuterSize(&sizeCSSPixels); - NS_ENSURE_SUCCESS(rv, rv); -@@ -3758,6 +3762,10 @@ nsGlobalWindow::GetOuterHeight(int32_t* aOuterHeight) - { - FORWARD_TO_OUTER(GetOuterHeight, (aOuterHeight), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, return inner height to prevent fingerprinting. -+ if (!IsChrome()) -+ return GetInnerHeight(aOuterHeight); -+ - nsIntSize sizeCSSPixels; - nsresult rv = GetOuterSize(&sizeCSSPixels); - NS_ENSURE_SUCCESS(rv, rv); -@@ -3820,6 +3828,12 @@ nsGlobalWindow::GetScreenX(int32_t* aScreenX) - { - FORWARD_TO_OUTER(GetScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aScreenX = 0; -+ return NS_OK; -+ } -+ - nsCOMPtr<nsIBaseWindow> treeOwnerAsWin; - GetTreeOwner(getter_AddRefs(treeOwnerAsWin)); - NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE); -@@ -3861,6 +3875,12 @@ nsGlobalWindow::GetMozInnerScreenX(float* aScreenX) - { - FORWARD_TO_OUTER(GetMozInnerScreenX, (aScreenX), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aScreenX = 0; -+ return NS_OK; -+ } -+ - nsRect r = GetInnerScreenRect(); - *aScreenX = nsPresContext::AppUnitsToFloatCSSPixels(r.x); - return NS_OK; -@@ -3871,6 +3891,12 @@ nsGlobalWindow::GetMozInnerScreenY(float* aScreenY) - { - FORWARD_TO_OUTER(GetMozInnerScreenY, (aScreenY), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aScreenY = 0; -+ return NS_OK; -+ } -+ - nsRect r = GetInnerScreenRect(); - *aScreenY = nsPresContext::AppUnitsToFloatCSSPixels(r.y); - return NS_OK; -@@ -4028,6 +4054,12 @@ nsGlobalWindow::GetScreenY(int32_t* aScreenY) - { - FORWARD_TO_OUTER(GetScreenY, (aScreenY), NS_ERROR_NOT_INITIALIZED); - -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aScreenY = 0; -+ return NS_OK; -+ } -+ - nsCOMPtr<nsIBaseWindow> treeOwnerAsWin; - GetTreeOwner(getter_AddRefs(treeOwnerAsWin)); - NS_ENSURE_TRUE(treeOwnerAsWin, NS_ERROR_FAILURE); -@@ -4074,6 +4106,20 @@ nsGlobalWindow::SetScreenY(int32_t aScreenY) - return NS_OK; - } - -+bool -+nsGlobalWindow::IsChrome() -+{ -+ bool isChrome = false; -+ -+ if (mDocShell) { -+ nsRefPtr<nsPresContext> presContext; -+ mDocShell->GetPresContext(getter_AddRefs(presContext)); -+ isChrome = (presContext && presContext->IsChrome()); -+ } -+ -+ return isChrome; -+} -+ - // NOTE: Arguments to this function should have values scaled to - // CSS pixels, not device pixels. - nsresult -diff --git a/dom/base/nsGlobalWindow.h b/dom/base/nsGlobalWindow.h -index 9acc1ea..4cb6938 100644 ---- a/dom/base/nsGlobalWindow.h -+++ b/dom/base/nsGlobalWindow.h -@@ -827,6 +827,8 @@ protected: - nsresult SetOuterSize(int32_t aLengthCSSPixels, bool aIsWidth); - nsRect GetInnerScreenRect(); - -+ bool IsChrome(); -+ - bool IsFrame() - { - return GetParentInternal() != nullptr; -diff --git a/dom/base/nsScreen.cpp b/dom/base/nsScreen.cpp -index 41c32ad..4f3904d 100644 ---- a/dom/base/nsScreen.cpp -+++ b/dom/base/nsScreen.cpp -@@ -115,6 +115,12 @@ NS_IMPL_EVENT_HANDLER(nsScreen, mozorientationchange) - NS_IMETHODIMP - nsScreen::GetTop(int32_t* aTop) - { -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aTop = 0; -+ return NS_OK; -+ } -+ - nsRect rect; - nsresult rv = GetRect(rect); - -@@ -127,6 +133,12 @@ nsScreen::GetTop(int32_t* aTop) - NS_IMETHODIMP - nsScreen::GetLeft(int32_t* aLeft) - { -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aLeft = 0; -+ return NS_OK; -+ } -+ - nsRect rect; - nsresult rv = GetRect(rect); - -@@ -139,6 +151,14 @@ nsScreen::GetLeft(int32_t* aLeft) - NS_IMETHODIMP - nsScreen::GetWidth(int32_t* aWidth) - { -+ // For non-chrome callers, return content width to prevent fingerprinting. -+ if (!IsChrome()) { -+ nsCOMPtr<nsIDOMWindow> win; -+ nsresult rv = GetDOMWindow(getter_AddRefs(win)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ return win->GetInnerWidth(aWidth); -+ } -+ - nsRect rect; - nsresult rv = GetRect(rect); - -@@ -150,6 +170,14 @@ nsScreen::GetWidth(int32_t* aWidth) - NS_IMETHODIMP - nsScreen::GetHeight(int32_t* aHeight) - { -+ // For non-chrome callers, return content height to prevent fingerprinting. -+ if (!IsChrome()) { -+ nsCOMPtr<nsIDOMWindow> win; -+ nsresult rv = GetDOMWindow(getter_AddRefs(win)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ return win->GetInnerHeight(aHeight); -+ } -+ - nsRect rect; - nsresult rv = GetRect(rect); - -@@ -161,6 +189,12 @@ nsScreen::GetHeight(int32_t* aHeight) - NS_IMETHODIMP - nsScreen::GetPixelDepth(int32_t* aPixelDepth) - { -+ // For non-chrome callers, always return 24 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aPixelDepth = 24; -+ return NS_OK; -+ } -+ - nsDeviceContext* context = GetDeviceContext(); - - if (!context) { -@@ -186,6 +220,14 @@ nsScreen::GetColorDepth(int32_t* aColorDepth) - NS_IMETHODIMP - nsScreen::GetAvailWidth(int32_t* aAvailWidth) - { -+ // For non-chrome callers, return content width to prevent fingerprinting. -+ if (!IsChrome()) { -+ nsCOMPtr<nsIDOMWindow> win; -+ nsresult rv = GetDOMWindow(getter_AddRefs(win)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ return win->GetInnerWidth(aAvailWidth); -+ } -+ - nsRect rect; - nsresult rv = GetAvailRect(rect); - -@@ -197,6 +239,14 @@ nsScreen::GetAvailWidth(int32_t* aAvailWidth) - NS_IMETHODIMP - nsScreen::GetAvailHeight(int32_t* aAvailHeight) - { -+ // For non-chrome callers, return content height to prevent fingerprinting. -+ if (!IsChrome()) { -+ nsCOMPtr<nsIDOMWindow> win; -+ nsresult rv = GetDOMWindow(getter_AddRefs(win)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ return win->GetInnerHeight(aAvailHeight); -+ } -+ - nsRect rect; - nsresult rv = GetAvailRect(rect); - -@@ -208,6 +258,12 @@ nsScreen::GetAvailHeight(int32_t* aAvailHeight) - NS_IMETHODIMP - nsScreen::GetAvailLeft(int32_t* aAvailLeft) - { -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aAvailLeft = 0; -+ return NS_OK; -+ } -+ - nsRect rect; - nsresult rv = GetAvailRect(rect); - -@@ -219,6 +275,12 @@ nsScreen::GetAvailLeft(int32_t* aAvailLeft) - NS_IMETHODIMP - nsScreen::GetAvailTop(int32_t* aAvailTop) - { -+ // For non-chrome callers, always return 0 to prevent fingerprinting. -+ if (!IsChrome()) { -+ *aAvailTop = 0; -+ return NS_OK; -+ } -+ - nsRect rect; - nsresult rv = GetAvailRect(rect); - -@@ -458,3 +520,31 @@ nsScreen::FullScreenEventListener::HandleEvent(nsIDOMEvent* aEvent) - - return NS_OK; - } -+ -+bool -+nsScreen::IsChrome() -+{ -+ bool isChrome = false; -+ nsCOMPtr<nsPIDOMWindow> owner = GetOwner(); -+ if (owner) -+ isChrome = IsChromeType(owner->GetDocShell()); -+ -+ return isChrome; -+} -+ -+nsresult -+nsScreen::GetDOMWindow(nsIDOMWindow **aResult) -+{ -+ NS_ENSURE_ARG_POINTER(aResult); -+ *aResult = NULL; -+ -+ nsCOMPtr<nsPIDOMWindow> owner = GetOwner(); -+ if (!owner) -+ return NS_ERROR_FAILURE; -+ -+ nsCOMPtr<nsIDOMWindow> win = do_QueryInterface(owner); -+ NS_ENSURE_STATE(win); -+ win.swap(*aResult); -+ -+ return NS_OK; -+} -diff --git a/dom/base/nsScreen.h b/dom/base/nsScreen.h -index 869d4fd..de18504 100644 ---- a/dom/base/nsScreen.h -+++ b/dom/base/nsScreen.h -@@ -16,6 +16,7 @@ - - class nsIDocShell; - class nsDeviceContext; -+class nsIDOMWindow; - struct nsRect; - - // Script "screen" object -@@ -41,6 +42,8 @@ protected: - nsDeviceContext* GetDeviceContext(); - nsresult GetRect(nsRect& aRect); - nsresult GetAvailRect(nsRect& aRect); -+ bool IsChrome(); -+ nsresult GetDOMWindow(nsIDOMWindow **aResult); - - mozilla::dom::ScreenOrientation mOrientation; - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0023-Do-not-expose-system-colors-to-CSS-or-canvas.patch b/src/current-patches/firefox/0023-Do-not-expose-system-colors-to-CSS-or-canvas.patch deleted file mode 100644 index 2bd9ffc..0000000 --- a/src/current-patches/firefox/0023-Do-not-expose-system-colors-to-CSS-or-canvas.patch +++ /dev/null @@ -1,631 +0,0 @@ -From 6f70c68258eb81dc898622f1f2629d71441fb1d3 Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Wed, 28 Nov 2012 15:08:40 -0500 -Subject: [PATCH 23/28] Do not expose system colors to CSS or canvas. - -This patch also contains a hack to use properly contrasting colors if the -desktop theme specifies white on black for text colors (see -https://trac.torproject.org/projects/tor/ticket/7920). These color choices are -also not exposed to content. ---- - content/canvas/src/nsCanvasRenderingContext2D.cpp | 28 ++- - .../canvas/src/nsCanvasRenderingContext2DAzure.cpp | 34 +++- - .../canvas/src/nsCanvasRenderingContext2DAzure.h | 5 +- - layout/base/nsLayoutUtils.cpp | 50 +++++ - layout/base/nsLayoutUtils.h | 4 + - layout/generic/nsFrame.cpp | 6 +- - layout/style/nsRuleNode.cpp | 5 +- - widget/LookAndFeel.h | 12 ++ - widget/xpwidgets/nsXPLookAndFeel.cpp | 214 +++++++++++++++++++- - widget/xpwidgets/nsXPLookAndFeel.h | 5 +- - 10 files changed, 342 insertions(+), 21 deletions(-) - -diff --git a/content/canvas/src/nsCanvasRenderingContext2D.cpp b/content/canvas/src/nsCanvasRenderingContext2D.cpp -index 0dec654..7132e4f 100644 ---- a/content/canvas/src/nsCanvasRenderingContext2D.cpp -+++ b/content/canvas/src/nsCanvasRenderingContext2D.cpp -@@ -32,6 +32,7 @@ - #include "nsCSSParser.h" - #include "mozilla/css/StyleRule.h" - #include "mozilla/css/Declaration.h" -+#include "mozilla/css/Loader.h" - #include "nsComputedDOMStyle.h" - #include "nsStyleSet.h" - -@@ -159,8 +160,9 @@ class nsCanvasGradient MOZ_FINAL : public nsIDOMCanvasGradient - public: - NS_DECLARE_STATIC_IID_ACCESSOR(NS_CANVASGRADIENT_PRIVATE_IID) - -- nsCanvasGradient(gfxPattern* pat) -- : mPattern(pat) -+ nsCanvasGradient(mozilla::css::Loader* aLoader, gfxPattern* pat) -+ : mCSSLoader(aLoader) -+ , mPattern(pat) - { - } - -@@ -181,8 +183,17 @@ public: - return NS_ERROR_DOM_SYNTAX_ERR; - } - -+ nsIPresShell* presShell = nullptr; -+ if (mCSSLoader) { -+ nsIDocument *doc = mCSSLoader->GetDocument(); -+ if (doc) -+ presShell = doc->GetShell(); -+ } -+ - nscolor color; -- if (!nsRuleNode::ComputeColor(value, nullptr, nullptr, color)) { -+ if (!nsRuleNode::ComputeColor(value, -+ presShell ? presShell->GetPresContext() : nullptr, -+ nullptr, color)) { - return NS_ERROR_DOM_SYNTAX_ERR; - } - -@@ -194,6 +205,7 @@ public: - NS_DECL_ISUPPORTS - - protected: -+ mozilla::css::Loader* mCSSLoader; // not ref counted, it owns us - nsRefPtr<gfxPattern> mPattern; - }; - -@@ -1814,7 +1826,10 @@ nsCanvasRenderingContext2D::CreateLinearGradient(float x0, float y0, float x1, f - if (!gradpat) - return NS_ERROR_OUT_OF_MEMORY; - -- nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(gradpat); -+ nsIDocument* doc = mCanvasElement ? mCanvasElement->OwnerDoc() : nullptr; -+ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nullptr; -+ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(cssLoader, -+ gradpat); - if (!grad) - return NS_ERROR_OUT_OF_MEMORY; - -@@ -1836,7 +1851,10 @@ nsCanvasRenderingContext2D::CreateRadialGradient(float x0, float y0, float r0, f - if (!gradpat) - return NS_ERROR_OUT_OF_MEMORY; - -- nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(gradpat); -+ nsIDocument* doc = mCanvasElement ? mCanvasElement->OwnerDoc() : nullptr; -+ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nullptr; -+ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasGradient(cssLoader, -+ gradpat); - if (!grad) - return NS_ERROR_OUT_OF_MEMORY; - -diff --git a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -index d86ba32..84c1927 100644 ---- a/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -+++ b/content/canvas/src/nsCanvasRenderingContext2DAzure.cpp -@@ -31,6 +31,7 @@ - #include "nsCSSParser.h" - #include "mozilla/css/StyleRule.h" - #include "mozilla/css/Declaration.h" -+#include "mozilla/css/Loader.h" - #include "nsComputedDOMStyle.h" - #include "nsStyleSet.h" - -@@ -140,9 +141,10 @@ NS_MEMORY_REPORTER_IMPLEMENT(CanvasAzureMemory, - class nsCanvasRadialGradientAzure : public nsCanvasGradientAzure - { - public: -- nsCanvasRadialGradientAzure(const Point &aBeginOrigin, Float aBeginRadius, -+ nsCanvasRadialGradientAzure(mozilla::css::Loader* aLoader, -+ const Point &aBeginOrigin, Float aBeginRadius, - const Point &aEndOrigin, Float aEndRadius) -- : nsCanvasGradientAzure(RADIAL) -+ : nsCanvasGradientAzure(aLoader, RADIAL) - , mCenter1(aBeginOrigin) - , mCenter2(aEndOrigin) - , mRadius1(aBeginRadius) -@@ -159,8 +161,9 @@ public: - class nsCanvasLinearGradientAzure : public nsCanvasGradientAzure - { - public: -- nsCanvasLinearGradientAzure(const Point &aBegin, const Point &aEnd) -- : nsCanvasGradientAzure(LINEAR) -+ nsCanvasLinearGradientAzure(mozilla::css::Loader* aLoader, -+ const Point &aBegin, const Point &aEnd) -+ : nsCanvasGradientAzure(aLoader, LINEAR) - , mBegin(aBegin) - , mEnd(aEnd) - { -@@ -363,8 +366,17 @@ nsCanvasGradientAzure::AddColorStop(float offset, const nsAString& colorstr) - return NS_ERROR_DOM_SYNTAX_ERR; - } - -+ nsIPresShell* presShell = nullptr; -+ if (mCSSLoader) { -+ nsIDocument *doc = mCSSLoader->GetDocument(); -+ if (doc) -+ presShell = doc->GetShell(); -+ } -+ - nscolor color; -- if (!nsRuleNode::ComputeColor(value, nullptr, nullptr, color)) { -+ if (!nsRuleNode::ComputeColor(value, -+ presShell ? presShell->GetPresContext() : nullptr, -+ nullptr, color)) { - return NS_ERROR_DOM_SYNTAX_ERR; - } - -@@ -1788,8 +1800,10 @@ nsCanvasRenderingContext2DAzure::CreateLinearGradient(double x0, double y0, doub - return nullptr; - } - -- nsRefPtr<nsIDOMCanvasGradient> grad = -- new nsCanvasLinearGradientAzure(Point(x0, y0), Point(x1, y1)); -+ nsIDocument* doc = mCanvasElement ? mCanvasElement->OwnerDoc() : nullptr; -+ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nullptr; -+ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasLinearGradientAzure( -+ cssLoader, Point(x0, y0), Point(x1, y1)); - - return grad.forget(); - } -@@ -1818,8 +1832,10 @@ nsCanvasRenderingContext2DAzure::CreateRadialGradient(double x0, double y0, doub - return nullptr; - } - -- nsRefPtr<nsIDOMCanvasGradient> grad = -- new nsCanvasRadialGradientAzure(Point(x0, y0), r0, Point(x1, y1), r1); -+ nsIDocument* doc = mCanvasElement ? mCanvasElement->OwnerDoc() : nullptr; -+ mozilla::css::Loader* cssLoader = doc ? doc->CSSLoader() : nullptr; -+ nsRefPtr<nsIDOMCanvasGradient> grad = new nsCanvasRadialGradientAzure( -+ cssLoader, Point(x0, y0), r0, Point(x1, y1), r1); - - return grad.forget(); - } -diff --git a/content/canvas/src/nsCanvasRenderingContext2DAzure.h b/content/canvas/src/nsCanvasRenderingContext2DAzure.h -index 05ccf61..629d78a 100644 ---- a/content/canvas/src/nsCanvasRenderingContext2DAzure.h -+++ b/content/canvas/src/nsCanvasRenderingContext2DAzure.h -@@ -71,11 +71,14 @@ public: - NS_IMETHOD AddColorStop(float offset, const nsAString& colorstr); - - protected: -- nsCanvasGradientAzure(Type aType) : mType(aType) -+ nsCanvasGradientAzure(mozilla::css::Loader* aLoader, Type aType) -+ : mCSSLoader(aLoader) -+ , mType(aType) - {} - - nsTArraymozilla::gfx::GradientStop mRawStops; - mozilla::RefPtrmozilla::gfx::GradientStops mStops; -+ mozilla::css::Loader* mCSSLoader; // not ref counted, it owns us - Type mType; - virtual ~nsCanvasGradientAzure() {} - }; -diff --git a/layout/base/nsLayoutUtils.cpp b/layout/base/nsLayoutUtils.cpp -index 87b0d34..65515d9 100644 ---- a/layout/base/nsLayoutUtils.cpp -+++ b/layout/base/nsLayoutUtils.cpp -@@ -76,6 +76,7 @@ - #include "nsSVGForeignObjectFrame.h" - #include "nsSVGOuterSVGFrame.h" - #include "nsStyleStructInlines.h" -+#include "mozilla/LookAndFeel.h" - - #include "mozilla/Preferences.h" - -@@ -3134,13 +3135,62 @@ ShouldDarkenColors(nsPresContext* aPresContext) - nscolor - nsLayoutUtils::GetColor(nsIFrame* aFrame, nsCSSProperty aProperty) - { -+ if (aProperty == eCSSProperty_color) -+ { -+ nscolor nativeColor = NS_RGB(0, 0, 0); -+ if (GetNativeTextColor(aFrame, nativeColor)) -+ return nativeColor; -+ } -+ - nscolor color = aFrame->GetVisitedDependentColor(aProperty); - if (ShouldDarkenColors(aFrame->PresContext())) { - color = DarkenColor(color); - } -+ - return color; - } - -+bool -+nsLayoutUtils::GetNativeTextColor(nsIFrame* aFrame, nscolor& aColor) -+{ -+ nsPresContext *presContext = aFrame->PresContext(); -+ if (!presContext->IsChrome()) { -+ // If native appearance was used to draw the background of the containing -+ // frame, return a contrasting native foreground color instead of the -+ // color from the element's style. This avoids a problem where black -+ // text was displayed on a black background when a Windows theme such as -+ // "High Contrast Black" was used. The background is drawn inside -+ // nsNativeThemeWin::ClassicDrawWidgetBackground(). -+ // -+ // Because both the background color and this foreground color are used -+ // directly without exposing the colors via CSS computed styles, the -+ // native colors are not leaked to content. -+ nsIFrame* bgFrame = -+ nsCSSRendering::FindNonTransparentBackgroundFrame(aFrame); -+ if (bgFrame) { -+ const nsStyleDisplay* displayData = bgFrame->GetStyleDisplay(); -+ uint8_t widgetType = displayData->mAppearance; -+ nsITheme *theme = presContext->GetTheme(); -+ if (widgetType && theme->ThemeSupportsWidget(presContext, bgFrame, -+ widgetType)) { -+ bool isDisabled = false; -+ nsIContent* frameContent = bgFrame->GetContent(); -+ if (frameContent && frameContent->IsElement()) { -+ nsEventStates es = frameContent->AsElement()->State(); -+ isDisabled = es.HasState(NS_EVENT_STATE_DISABLED); -+ } -+ -+ if (NS_SUCCEEDED(LookAndFeel::GetColorForNativeAppearance(widgetType, -+ isDisabled, &aColor))) { -+ return true; -+ } -+ } -+ } -+ } -+ -+ return false; -+} -+ - gfxFloat - nsLayoutUtils::GetSnappedBaselineY(nsIFrame* aFrame, gfxContext* aContext, - nscoord aY, nscoord aAscent) -diff --git a/layout/base/nsLayoutUtils.h b/layout/base/nsLayoutUtils.h -index 4fb1f93..6552f04 100644 ---- a/layout/base/nsLayoutUtils.h -+++ b/layout/base/nsLayoutUtils.h -@@ -989,6 +989,10 @@ public: - // Get a suitable foreground color for painting aProperty for aFrame. - static nscolor GetColor(nsIFrame* aFrame, nsCSSProperty aProperty); - -+ // Get the native text color if appropriate. If false is returned, callers -+ // should fallback to the CSS color. -+ static bool GetNativeTextColor(nsIFrame* aFrame, nscolor& aColor); -+ - // Get a baseline y position in app units that is snapped to device pixels. - static gfxFloat GetSnappedBaselineY(nsIFrame* aFrame, gfxContext* aContext, - nscoord aY, nscoord aAscent); -diff --git a/layout/generic/nsFrame.cpp b/layout/generic/nsFrame.cpp -index 75a2bb9..d684a62 100644 ---- a/layout/generic/nsFrame.cpp -+++ b/layout/generic/nsFrame.cpp -@@ -1446,7 +1446,11 @@ nsIFrame::DisplayCaret(nsDisplayListBuilder* aBuilder, - nscolor - nsIFrame::GetCaretColorAt(int32_t aOffset) - { -- // Use text color. -+ nscolor color = NS_RGB(0, 0, 0); -+ if (nsLayoutUtils::GetNativeTextColor(this, color)) -+ return color; -+ -+ // Use CSS text color. - return GetStyleColor()->mColor; - } - -diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index 86eff1f..732b1fe 100644 ---- a/layout/style/nsRuleNode.cpp -+++ b/layout/style/nsRuleNode.cpp -@@ -747,7 +747,10 @@ static bool SetColor(const nsCSSValue& aValue, const nscolor aParentColor, - int32_t intValue = aValue.GetIntValue(); - if (0 <= intValue) { - LookAndFeel::ColorID colorID = (LookAndFeel::ColorID) intValue; -- if (NS_SUCCEEDED(LookAndFeel::GetColor(colorID, &aResult))) { -+ bool useStandinsForNativeColors = aPresContext && -+ !aPresContext->IsChrome(); -+ if (NS_SUCCEEDED(LookAndFeel::GetColor(colorID, -+ useStandinsForNativeColors, &aResult))) { - result = true; - } - } -diff --git a/widget/LookAndFeel.h b/widget/LookAndFeel.h -index e46bb13..f947084 100644 ---- a/widget/LookAndFeel.h -+++ b/widget/LookAndFeel.h -@@ -446,6 +446,18 @@ public: - static nsresult GetColor(ColorID aID, nscolor* aResult); - - /** -+ * This variant of GetColor() take an extra Boolean parameter that allows -+ * the caller to ask that hard-coded color values be substituted for -+ * native colors (used when it is desireable to hide system colors to -+ * avoid system fingerprinting). -+ */ -+ static nsresult GetColor(ColorID aID, bool aUseStandinsForNativeColors, -+ nscolor* aResult); -+ -+ static nsresult GetColorForNativeAppearance(uint8_t aWidgetType, -+ bool aIsDisabled, nscolor* aResult); -+ -+ /** - * GetInt() and GetFloat() return a int or float value for aID. The result - * might be distance, time, some flags or a int value which has particular - * meaning. See each document at definition of each ID for the detail. -diff --git a/widget/xpwidgets/nsXPLookAndFeel.cpp b/widget/xpwidgets/nsXPLookAndFeel.cpp -index 50c2c86..704963a 100644 ---- a/widget/xpwidgets/nsXPLookAndFeel.cpp -+++ b/widget/xpwidgets/nsXPLookAndFeel.cpp -@@ -11,6 +11,7 @@ - #include "nsLookAndFeel.h" - #include "nsCRT.h" - #include "nsFont.h" -+#include "nsThemeConstants.h" - #include "mozilla/Preferences.h" - - #include "gfxPlatform.h" -@@ -476,6 +477,155 @@ nsXPLookAndFeel::IsSpecialColor(ColorID aID, nscolor &aColor) - return false; - } - -+bool -+nsXPLookAndFeel::ColorIsNotCSSAccessible(ColorID aID) -+{ -+ bool result = false; -+ -+ switch (aID) { -+ case eColorID_WindowBackground: -+ case eColorID_WindowForeground: -+ case eColorID_WidgetBackground: -+ case eColorID_WidgetForeground: -+ case eColorID_WidgetSelectBackground: -+ case eColorID_WidgetSelectForeground: -+ case eColorID_Widget3DHighlight: -+ case eColorID_Widget3DShadow: -+ case eColorID_TextBackground: -+ case eColorID_TextForeground: -+ case eColorID_TextSelectBackground: -+ case eColorID_TextSelectForeground: -+ case eColorID_TextSelectBackgroundDisabled: -+ case eColorID_TextSelectBackgroundAttention: -+ case eColorID_TextHighlightBackground: -+ case eColorID_TextHighlightForeground: -+ case eColorID_IMERawInputBackground: -+ case eColorID_IMERawInputForeground: -+ case eColorID_IMERawInputUnderline: -+ case eColorID_IMESelectedRawTextBackground: -+ case eColorID_IMESelectedRawTextForeground: -+ case eColorID_IMESelectedRawTextUnderline: -+ case eColorID_IMEConvertedTextBackground: -+ case eColorID_IMEConvertedTextForeground: -+ case eColorID_IMEConvertedTextUnderline: -+ case eColorID_IMESelectedConvertedTextBackground: -+ case eColorID_IMESelectedConvertedTextForeground: -+ case eColorID_IMESelectedConvertedTextUnderline: -+ case eColorID_SpellCheckerUnderline: -+ result = true; -+ break; -+ default: -+ break; -+ } -+ -+ return result; -+} -+ -+nscolor -+nsXPLookAndFeel::GetStandinForNativeColor(ColorID aID) -+{ -+ nscolor result = NS_RGB(0xFF, 0xFF, 0xFF); -+ -+ // The stand-in colors are taken from the Windows 7 Aero theme -+ // except Mac-specific colors which are taken from Mac OS 10.7. -+ switch (aID) { -+ // CSS 2 colors: -+ case eColorID_activeborder: result = NS_RGB(0xB4, 0xB4, 0xB4); break; -+ case eColorID_activecaption: result = NS_RGB(0x99, 0xB4, 0xD1); break; -+ case eColorID_appworkspace: result = NS_RGB(0xAB, 0xAB, 0xAB); break; -+ case eColorID_background: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID_buttonface: result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID_buttonhighlight: result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID_buttonshadow: result = NS_RGB(0xA0, 0xA0, 0xA0); break; -+ case eColorID_buttontext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID_captiontext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID_graytext: result = NS_RGB(0x6D, 0x6D, 0x6D); break; -+ case eColorID_highlight: result = NS_RGB(0x33, 0x99, 0xFF); break; -+ case eColorID_highlighttext: result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID_inactiveborder: result = NS_RGB(0xF4, 0xF7, 0xFC); break; -+ case eColorID_inactivecaption: result = NS_RGB(0xBF, 0xCD, 0xDB); break; -+ case eColorID_inactivecaptiontext: -+ result = NS_RGB(0x43, 0x4E, 0x54); break; -+ case eColorID_infobackground: result = NS_RGB(0xFF, 0xFF, 0xE1); break; -+ case eColorID_infotext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID_menu: result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID_menutext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID_scrollbar: result = NS_RGB(0xC8, 0xC8, 0xC8); break; -+ case eColorID_threeddarkshadow: result = NS_RGB(0x69, 0x69, 0x69); break; -+ case eColorID_threedface: result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID_threedhighlight: result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID_threedlightshadow: result = NS_RGB(0xE3, 0xE3, 0xE3); break; -+ case eColorID_threedshadow: result = NS_RGB(0xA0, 0xA0, 0xA0); break; -+ case eColorID_window: result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID_windowframe: result = NS_RGB(0x64, 0x64, 0x64); break; -+ case eColorID_windowtext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_buttondefault: -+ result = NS_RGB(0x69, 0x69, 0x69); break; -+ case eColorID__moz_field: result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_fieldtext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_dialog: result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID__moz_dialogtext: result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_dragtargetzone: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_cellhighlight: -+ result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID__moz_cellhighlighttext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_html_cellhighlight: -+ result = NS_RGB(0x33, 0x99, 0xFF); break; -+ case eColorID__moz_html_cellhighlighttext: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_buttonhoverface: -+ result = NS_RGB(0xF0, 0xF0, 0xF0); break; -+ case eColorID__moz_buttonhovertext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_menuhover: -+ result = NS_RGB(0x33, 0x99, 0xFF); break; -+ case eColorID__moz_menuhovertext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_menubartext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_menubarhovertext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_oddtreerow: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_mac_chrome_active: -+ result = NS_RGB(0xB2, 0xB2, 0xB2); break; -+ case eColorID__moz_mac_chrome_inactive: -+ result = NS_RGB(0xE1, 0xE1, 0xE1); break; -+ case eColorID__moz_mac_focusring: -+ result = NS_RGB(0x60, 0x9D, 0xD7); break; -+ case eColorID__moz_mac_menuselect: -+ result = NS_RGB(0x38, 0x75, 0xD7); break; -+ case eColorID__moz_mac_menushadow: -+ result = NS_RGB(0xA3, 0xA3, 0xA3); break; -+ case eColorID__moz_mac_menutextdisable: -+ result = NS_RGB(0x88, 0x88, 0x88); break; -+ case eColorID__moz_mac_menutextselect: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_mac_disabledtoolbartext: -+ result = NS_RGB(0x3F, 0x3F, 0x3F); break; -+ case eColorID__moz_mac_alternateprimaryhighlight: -+ result = NS_RGB(0x38, 0x75, 0xD7); break; -+ case eColorID__moz_mac_secondaryhighlight: -+ result = NS_RGB(0xD4, 0xD4, 0xD4); break; -+ case eColorID__moz_win_mediatext: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_win_communicationstext: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ case eColorID__moz_nativehyperlinktext: -+ result = NS_RGB(0x00, 0x66, 0xCC); break; -+ case eColorID__moz_comboboxtext: -+ result = NS_RGB(0x00, 0x00, 0x00); break; -+ case eColorID__moz_combobox: -+ result = NS_RGB(0xFF, 0xFF, 0xFF); break; -+ default: -+ break; -+ } -+ -+ return result; -+} -+ - // - // All these routines will return NS_OK if they have a value, - // in which case the nsLookAndFeel should use that value; -@@ -483,7 +633,8 @@ nsXPLookAndFeel::IsSpecialColor(ColorID aID, nscolor &aColor) - // platform-specific nsLookAndFeel should use its own values instead. - // - nsresult --nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) -+nsXPLookAndFeel::GetColorImpl(ColorID aID, bool aUseStandinsForNativeColors, -+ nscolor &aResult) - { - if (!sInitialized) - Init(); -@@ -569,7 +720,10 @@ nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) - } - #endif // DEBUG_SYSTEM_COLOR_USE - -- if (IS_COLOR_CACHED(aID)) { -+ if (aUseStandinsForNativeColors && ColorIsNotCSSAccessible(aID)) -+ aUseStandinsForNativeColors = false; -+ -+ if (!aUseStandinsForNativeColors && IS_COLOR_CACHED(aID)) { - aResult = sCachedColors[aID]; - return NS_OK; - } -@@ -603,6 +757,12 @@ nsXPLookAndFeel::GetColorImpl(ColorID aID, nscolor &aResult) - return NS_OK; - } - -+ if (sUseNativeColors && aUseStandinsForNativeColors) -+ { -+ aResult = GetStandinForNativeColor(aID); -+ return NS_OK; -+ } -+ - if (sUseNativeColors && NS_SUCCEEDED(NativeGetColor(aID, aResult))) { - if ((gfxPlatform::GetCMSMode() == eCMSMode_All) && - !IsSpecialColor(aID, aResult)) { -@@ -693,7 +853,55 @@ namespace mozilla { - nsresult - LookAndFeel::GetColor(ColorID aID, nscolor* aResult) - { -- return nsLookAndFeel::GetInstance()->GetColorImpl(aID, *aResult); -+ return nsLookAndFeel::GetInstance()->GetColorImpl(aID, false, *aResult); -+} -+ -+nsresult -+LookAndFeel::GetColor(ColorID aID, bool aUseStandinsForNativeColors, -+ nscolor* aResult) -+{ -+ return nsLookAndFeel::GetInstance()->GetColorImpl(aID, -+ aUseStandinsForNativeColors, *aResult); -+} -+ -+// static -+nsresult -+LookAndFeel::GetColorForNativeAppearance(uint8_t aWidgetType, bool aIsDisabled, -+ nscolor* aResult) -+{ -+ NS_ENSURE_ARG_POINTER(aResult); -+ -+ ColorID colorID = eColorID_LAST_COLOR; -+ switch (aWidgetType) { -+ case NS_THEME_TEXTFIELD: -+ case NS_THEME_TEXTFIELD_MULTILINE: -+ case NS_THEME_LISTBOX: -+ case NS_THEME_DROPDOWN: -+ case NS_THEME_DROPDOWN_TEXTFIELD: -+ case NS_THEME_TREEVIEW: -+ colorID = (aIsDisabled) ? eColorID_graytext : eColorID__moz_fieldtext; -+ break; -+ -+ case NS_THEME_TOOLTIP: -+ colorID = eColorID_infotext; -+ break; -+ -+ case NS_THEME_BUTTON: -+ case NS_THEME_GROUPBOX: -+ case NS_THEME_PROGRESSBAR: -+ case NS_THEME_PROGRESSBAR_VERTICAL: -+ case NS_THEME_TAB_PANEL: -+ case NS_THEME_STATUSBAR: -+ case NS_THEME_STATUSBAR_RESIZER_PANEL: -+ colorID = (aIsDisabled) ? eColorID_graytext : eColorID_buttontext; -+ break; -+ } -+ -+ if (LookAndFeel::eColorID_LAST_COLOR == colorID) -+ return NS_ERROR_FAILURE; -+ -+ *aResult = NS_RGB(0, 0, 0); -+ return nsLookAndFeel::GetInstance()->NativeGetColor(colorID, *aResult); - } - - // static -diff --git a/widget/xpwidgets/nsXPLookAndFeel.h b/widget/xpwidgets/nsXPLookAndFeel.h -index 69627d2..2729803 100644 ---- a/widget/xpwidgets/nsXPLookAndFeel.h -+++ b/widget/xpwidgets/nsXPLookAndFeel.h -@@ -52,7 +52,8 @@ public: - // otherwise we'll return NS_ERROR_NOT_AVAILABLE, in which case, the - // platform-specific nsLookAndFeel should use its own values instead. - // -- nsresult GetColorImpl(ColorID aID, nscolor &aResult); -+ nsresult GetColorImpl(ColorID aID, bool aUseStandinsForNativeColors, -+ nscolor &aResult); - virtual nsresult GetIntImpl(IntID aID, int32_t &aResult); - virtual nsresult GetFloatImpl(FloatID aID, float &aResult); - -@@ -89,6 +90,8 @@ protected: - void InitColorFromPref(int32_t aIndex); - virtual nsresult NativeGetColor(ColorID aID, nscolor &aResult) = 0; - bool IsSpecialColor(ColorID aID, nscolor &aColor); -+ bool ColorIsNotCSSAccessible(ColorID aID); -+ nscolor GetStandinForNativeColor(ColorID aID); - - static int OnPrefChanged(const char* aPref, void* aClosure); - --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0024-Isolate-the-Image-Cache-per-url-bar-domain.patch b/src/current-patches/firefox/0024-Isolate-the-Image-Cache-per-url-bar-domain.patch deleted file mode 100644 index a6e9c61..0000000 --- a/src/current-patches/firefox/0024-Isolate-the-Image-Cache-per-url-bar-domain.patch +++ /dev/null @@ -1,922 +0,0 @@ -From f097490e5043195bb0dfc27b288ff8b485b148e6 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 6 Dec 2012 14:19:34 -0800 -Subject: [PATCH 24/27] Isolate the Image Cache per url bar domain. - -The image cache maintains its own table outside of the main cache, and does -not obey cacheKeys by default. ---- - content/base/src/nsContentUtils.cpp | 13 +- - embedding/browser/webBrowser/nsContextMenuInfo.cpp | 27 +- - extensions/cookie/nsCookiePermission.cpp | 3 + - image/public/imgILoader.idl | 4 +- - image/src/imgLoader.cpp | 262 +++++++++++++------- - image/src/imgLoader.h | 20 +- - image/src/imgRequest.cpp | 11 +- - image/src/imgRequest.h | 3 + - layout/generic/nsImageFrame.cpp | 14 +- - netwerk/cookie/nsICookiePermission.idl | 1 + - toolkit/system/gnome/nsAlertsIconListener.cpp | 3 +- - widget/cocoa/nsMenuItemIconX.mm | 9 +- - 12 files changed, 250 insertions(+), 120 deletions(-) - -diff --git a/content/base/src/nsContentUtils.cpp b/content/base/src/nsContentUtils.cpp -index 8d58d8b..6a9c87c 100644 ---- a/content/base/src/nsContentUtils.cpp -+++ b/content/base/src/nsContentUtils.cpp -@@ -121,6 +121,7 @@ static NS_DEFINE_CID(kXTFServiceCID, NS_XTFSERVICE_CID); - #include "nsIWebNavigation.h" - #include "nsTextFragment.h" - #include "mozilla/Selection.h" -+#include "mozIThirdPartyUtil.h" - - #ifdef IBMBIDI - #include "nsIBidiKeyboard.h" -@@ -2743,8 +2744,6 @@ nsContentUtils::LoadImage(nsIURI* aURI, nsIDocument* aLoadingDocument, - nsCOMPtr<nsILoadGroup> loadGroup = aLoadingDocument->GetDocumentLoadGroup(); - NS_ASSERTION(loadGroup, "Could not get loadgroup; onload may fire too early"); - -- nsIURI *documentURI = aLoadingDocument->GetDocumentURI(); -- - // check for a Content Security Policy to pass down to the channel that - // will get created to load the image - nsCOMPtr<nsIChannelPolicy> channelPolicy; -@@ -2761,11 +2760,15 @@ nsContentUtils::LoadImage(nsIURI* aURI, nsIDocument* aLoadingDocument, - - // Make the URI immutable so people won't change it under us - NS_TryToSetImmutable(aURI); -+ -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc -+ = do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ thirdPartySvc->GetFirstPartyURI(nullptr, aLoadingDocument, -+ getter_AddRefs(firstPartyURI)); - -- // XXXbz using "documentURI" for the initialDocumentURI is not quite -- // right, but the best we can do here... - return imgLoader->LoadImage(aURI, /* uri to load */ -- documentURI, /* initialDocumentURI */ -+ firstPartyURI, /* firstPartyURI */ - aReferrer, /* referrer */ - aLoadingPrincipal, /* loading principal */ - loadGroup, /* loadgroup */ -diff --git a/embedding/browser/webBrowser/nsContextMenuInfo.cpp b/embedding/browser/webBrowser/nsContextMenuInfo.cpp -index 0a99427..02cd634 100644 ---- a/embedding/browser/webBrowser/nsContextMenuInfo.cpp -+++ b/embedding/browser/webBrowser/nsContextMenuInfo.cpp -@@ -26,6 +26,7 @@ - #include "nsIChannelPolicy.h" - #include "nsIContentSecurityPolicy.h" - #include "nsIContentPolicy.h" -+#include "mozIThirdPartyUtil.h" - - //***************************************************************************** - // class nsContextMenuInfo -@@ -269,15 +270,15 @@ nsContextMenuInfo::GetBackgroundImageRequestInternal(nsIDOMNode *aDOMNode, imgIR - nsCOMPtr<nsIPrincipal> principal; - nsCOMPtr<nsIChannelPolicy> channelPolicy; - nsCOMPtr<nsIContentSecurityPolicy> csp; -- if (doc) { -- principal = doc->NodePrincipal(); -- nsresult rv = principal->GetCsp(getter_AddRefs(csp)); -- NS_ENSURE_SUCCESS(rv, rv); -- if (csp) { -- channelPolicy = do_CreateInstance("@mozilla.org/nschannelpolicy;1"); -- channelPolicy->SetContentSecurityPolicy(csp); -- channelPolicy->SetLoadType(nsIContentPolicy::TYPE_IMAGE); -- } -+ NS_ENSURE_TRUE(doc, NS_ERROR_FAILURE); -+ -+ principal = doc->NodePrincipal(); -+ nsresult rv = principal->GetCsp(getter_AddRefs(csp)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ if (csp) { -+ channelPolicy = do_CreateInstance("@mozilla.org/nschannelpolicy;1"); -+ channelPolicy->SetContentSecurityPolicy(csp); -+ channelPolicy->SetLoadType(nsIContentPolicy::TYPE_IMAGE); - } - - while (true) { -@@ -305,7 +306,13 @@ nsContextMenuInfo::GetBackgroundImageRequestInternal(nsIDOMNode *aDOMNode, imgIR - "@mozilla.org/image/loader;1")); - NS_ENSURE_TRUE(il, NS_ERROR_FAILURE); - -- return il->LoadImage(bgUri, nullptr, nullptr, principal, nullptr, -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc -+ = do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ thirdPartySvc->GetFirstPartyURI(nullptr, doc, -+ getter_AddRefs(firstPartyURI)); -+ -+ return il->LoadImage(bgUri, firstPartyURI, nullptr, principal, nullptr, - nullptr, nullptr, nsIRequest::LOAD_NORMAL, nullptr, - nullptr, channelPolicy, aRequest); - } -diff --git a/extensions/cookie/nsCookiePermission.cpp b/extensions/cookie/nsCookiePermission.cpp -index befa81a..e0b6e12 100644 ---- a/extensions/cookie/nsCookiePermission.cpp -+++ b/extensions/cookie/nsCookiePermission.cpp -@@ -407,6 +407,9 @@ nsCookiePermission::GetOriginatingURI(nsIChannel *aChannel, - - return NS_OK; - } -+ -+ // TODO: Why don't we just use this here: -+ // httpChannelInternal->GetDocumentURI(aURI); - } - - // find the associated window and its top window -diff --git a/image/public/imgILoader.idl b/image/public/imgILoader.idl -index da26463..ecff309 100644 ---- a/image/public/imgILoader.idl -+++ b/image/public/imgILoader.idl -@@ -38,7 +38,7 @@ interface imgILoader : nsISupports - /** - * Start the load and decode of an image. - * @param aURI the URI to load -- * @param aInitialDocumentURI the URI that 'initiated' the load -- used for 3rd party cookie blocking -+ * @param aFirstPartyURI the urlbar URI that 'initiated' the load -- used for 3rd party blocking - * @param aReferrerURI the 'referring' URI - * @param aLoadingPrincipal the principal of the loading document - * @param aLoadGroup Loadgroup to put the image load into -@@ -57,7 +57,7 @@ interface imgILoader : nsISupports - * goes away. - */ - imgIRequest loadImage(in nsIURI aURI, -- in nsIURI aInitialDocumentURL, -+ in nsIURI aFirstPartyURI, - in nsIURI aReferrerURI, - in nsIPrincipal aLoadingPrincipal, - in nsILoadGroup aLoadGroup, -diff --git a/image/src/imgLoader.cpp b/image/src/imgLoader.cpp -index ea51e8d..8e52af8 100644 ---- a/image/src/imgLoader.cpp -+++ b/image/src/imgLoader.cpp -@@ -39,6 +39,7 @@ - #include "nsCRT.h" - #include "nsIDocument.h" - #include "nsPIDOMWindow.h" -+#include "nsIConsoleService.h" - - #include "netCore.h" - -@@ -58,6 +59,7 @@ - #include "nsIHttpChannelInternal.h" - #include "nsIContentSecurityPolicy.h" - #include "nsIChannelPolicy.h" -+#include "mozIThirdPartyUtil.h" - - #include "nsContentUtils.h" - -@@ -432,7 +434,7 @@ static nsresult NewImageChannel(nsIChannel **aResult, - // aLoadingPrincipal and false otherwise. - bool *aForcePrincipalCheckForCacheEntry, - nsIURI *aURI, -- nsIURI *aInitialDocumentURI, -+ nsIURI *aFirstPartyURI, - nsIURI *aReferringURI, - nsILoadGroup *aLoadGroup, - const nsCString& aAcceptHeader, -@@ -484,7 +486,7 @@ static nsresult NewImageChannel(nsIChannel **aResult, - - nsCOMPtr<nsIHttpChannelInternal> httpChannelInternal = do_QueryInterface(newHttpChannel); - NS_ENSURE_TRUE(httpChannelInternal, NS_ERROR_UNEXPECTED); -- httpChannelInternal->SetDocumentURI(aInitialDocumentURI); -+ httpChannelInternal->SetDocumentURI(aFirstPartyURI); - newHttpChannel->SetReferrer(aReferringURI); - } - -@@ -925,34 +927,62 @@ NS_IMETHODIMP imgLoader::ClearCache(bool chrome) - /* void removeEntry(in nsIURI uri); */ - NS_IMETHODIMP imgLoader::RemoveEntry(nsIURI *uri) - { -- if (RemoveFromCache(uri)) -+ if (RemoveMatchingUrlsFromCache(uri)) - return NS_OK; - - return NS_ERROR_NOT_AVAILABLE; - } - -+static PLDHashOperator EnumAllEntries(const nsACString&, -+ nsRefPtr<imgCacheEntry> &aData, -+ void *data) -+{ -+ nsTArray<nsRefPtr<imgCacheEntry> > *entries = -+ reinterpret_cast<nsTArray<nsRefPtr<imgCacheEntry> > *>(data); -+ -+ entries->AppendElement(aData); -+ -+ return PL_DHASH_NEXT; -+} -+ - /* imgIRequest findEntry(in nsIURI uri); */ - NS_IMETHODIMP imgLoader::FindEntryProperties(nsIURI *uri, nsIProperties **_retval) - { - nsRefPtr<imgCacheEntry> entry; -- nsCAutoString spec; - imgCacheTable &cache = GetCache(uri); -- -- uri->GetSpec(spec); - *_retval = nullptr; - -- if (cache.Get(spec, getter_AddRefs(entry)) && entry) { -- if (gCacheTracker && entry->HasNoProxies()) -- gCacheTracker->MarkUsed(entry); -+ // We must traverse the whole cache in O(N) looking for the first -+ // matching URI. -+ // -+ // TODO: For now, it's ok to pick at random here. The images should be -+ // identical unless there is a cache-tracking attack. And even if they -+ // are not identical due to attack, this code is only used for save -+ // dialogs at this point, so no differentiating info is leaked to -+ // content. -+ nsTArray<nsRefPtr<imgCacheEntry> > entries; -+ cache.Enumerate(EnumAllEntries, &entries); -+ -+ for (uint32_t i = 0; i < entries.Length(); ++i) { -+ bool isEqual = false; - -- nsRefPtr<imgRequest> request = getter_AddRefs(entry->GetRequest()); -+ nsRefPtr<imgRequest> request = getter_AddRefs(entries[i]->GetRequest()); - if (request) { -- *_retval = request->Properties(); -- NS_ADDREF(*_retval); -+ request->mURI->Equals(uri, &isEqual); -+ if (isEqual) { -+ if (gCacheTracker && entries[i]->HasNoProxies()) -+ gCacheTracker->MarkUsed(entries[i]); -+ -+ *_retval = request->Properties(); -+ NS_ADDREF(*_retval); -+ } - } - } - -- return NS_OK; -+ if (*_retval) -+ return NS_OK; -+ -+ return NS_ERROR_NOT_AVAILABLE; - } - - void imgLoader::Shutdown() -@@ -980,20 +1010,18 @@ void imgLoader::MinimizeCaches() - EvictEntries(sChromeCacheQueue); - } - --bool imgLoader::PutIntoCache(nsIURI *key, imgCacheEntry *entry) -+bool imgLoader::PutIntoCache(nsCAutoString key, -+ imgCacheEntry *entry) - { -- imgCacheTable &cache = GetCache(key); -- -- nsCAutoString spec; -- key->GetSpec(spec); -- -- LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::PutIntoCache", "uri", spec.get()); -+ LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::PutIntoCache", "uri", key.get()); -+ imgCacheTable &cache = GetCache(entry->mRequest->mURI); -+ imgCacheQueue &queue = GetCacheQueue(entry->mRequest->mURI); - - // Check to see if this request already exists in the cache and is being - // loaded on a different thread. If so, don't allow this entry to be added to - // the cache. - nsRefPtr<imgCacheEntry> tmpCacheEntry; -- if (cache.Get(spec, getter_AddRefs(tmpCacheEntry)) && tmpCacheEntry) { -+ if (cache.Get(key, getter_AddRefs(tmpCacheEntry)) && tmpCacheEntry) { - PR_LOG(gImgLog, PR_LOG_DEBUG, - ("[this=%p] imgLoader::PutIntoCache -- Element already in the cache", nullptr)); - nsRefPtr<imgRequest> tmpRequest = getter_AddRefs(tmpCacheEntry->GetRequest()); -@@ -1003,13 +1031,13 @@ bool imgLoader::PutIntoCache(nsIURI *key, imgCacheEntry *entry) - PR_LOG(gImgLog, PR_LOG_DEBUG, - ("[this=%p] imgLoader::PutIntoCache -- Replacing cached element", nullptr)); - -- RemoveFromCache(key); -+ RemoveKeyFromCache(cache, queue, key); - } else { - PR_LOG(gImgLog, PR_LOG_DEBUG, - ("[this=%p] imgLoader::PutIntoCache -- Element NOT already in the cache", nullptr)); - } - -- cache.Put(spec, entry); -+ cache.Put(key, entry); - - // We can be called to resurrect an evicted entry. - if (entry->Evicted()) -@@ -1024,7 +1052,6 @@ bool imgLoader::PutIntoCache(nsIURI *key, imgCacheEntry *entry) - addrv = gCacheTracker->AddObject(entry); - - if (NS_SUCCEEDED(addrv)) { -- imgCacheQueue &queue = GetCacheQueue(key); - queue.Push(entry); - } - } -@@ -1035,11 +1062,11 @@ bool imgLoader::PutIntoCache(nsIURI *key, imgCacheEntry *entry) - return true; - } - --bool imgLoader::SetHasNoProxies(nsIURI *key, imgCacheEntry *entry) -+bool imgLoader::SetHasNoProxies(nsIURI *imgURI, imgCacheEntry *entry) - { - #if defined(PR_LOGGING) - nsCAutoString spec; -- key->GetSpec(spec); -+ imgURI->GetSpec(spec); - - LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::SetHasNoProxies", "uri", spec.get()); - #endif -@@ -1047,7 +1074,7 @@ bool imgLoader::SetHasNoProxies(nsIURI *key, imgCacheEntry *entry) - if (entry->Evicted()) - return false; - -- imgCacheQueue &queue = GetCacheQueue(key); -+ imgCacheQueue &queue = GetCacheQueue(imgURI); - - nsresult addrv = NS_OK; - -@@ -1059,26 +1086,27 @@ bool imgLoader::SetHasNoProxies(nsIURI *key, imgCacheEntry *entry) - entry->SetHasNoProxies(true); - } - -- imgCacheTable &cache = GetCache(key); -+ imgCacheTable &cache = GetCache(imgURI); - CheckCacheLimits(cache, queue); - - return true; - } - --bool imgLoader::SetHasProxies(nsIURI *key) -+bool imgLoader::SetHasProxies(nsIURI *firstPartyURI, nsIURI *imgURI) - { - VerifyCacheSizes(); - -- imgCacheTable &cache = GetCache(key); -+ imgCacheTable &cache = GetCache(imgURI); - - nsCAutoString spec; -- key->GetSpec(spec); -+ imgURI->GetSpec(spec); - - LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::SetHasProxies", "uri", spec.get()); - -+ nsCAutoString key = GetCacheKey(firstPartyURI, imgURI); - nsRefPtr<imgCacheEntry> entry; -- if (cache.Get(spec, getter_AddRefs(entry)) && entry && entry->HasNoProxies()) { -- imgCacheQueue &queue = GetCacheQueue(key); -+ if (cache.Get(key, getter_AddRefs(entry)) && entry && entry->HasNoProxies()) { -+ imgCacheQueue &queue = GetCacheQueue(imgURI); - queue.Remove(entry); - - if (gCacheTracker) -@@ -1130,7 +1158,7 @@ void imgLoader::CheckCacheLimits(imgCacheTable &cache, imgCacheQueue &queue) - - bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, - nsIURI *aURI, -- nsIURI *aInitialDocumentURI, -+ nsIURI *aFirstPartyURI, - nsIURI *aReferrerURI, - nsILoadGroup *aLoadGroup, - imgIDecoderObserver *aObserver, -@@ -1182,7 +1210,7 @@ bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, - rv = NewImageChannel(getter_AddRefs(newChannel), - &forcePrincipalCheck, - aURI, -- aInitialDocumentURI, -+ aFirstPartyURI, - aReferrerURI, - aLoadGroup, - mAcceptHeader, -@@ -1251,7 +1279,7 @@ bool imgLoader::ValidateRequestWithNewChannel(imgRequest *request, - - bool imgLoader::ValidateEntry(imgCacheEntry *aEntry, - nsIURI *aURI, -- nsIURI *aInitialDocumentURI, -+ nsIURI *aFirstPartyURI, - nsIURI *aReferrerURI, - nsILoadGroup *aLoadGroup, - imgIDecoderObserver *aObserver, -@@ -1357,7 +1385,7 @@ bool imgLoader::ValidateEntry(imgCacheEntry *aEntry, - if (validateRequest && aCanMakeNewChannel) { - LOG_SCOPE(gImgLog, "imgLoader::ValidateRequest |cache hit| must validate"); - -- return ValidateRequestWithNewChannel(request, aURI, aInitialDocumentURI, -+ return ValidateRequestWithNewChannel(request, aURI, aFirstPartyURI, - aReferrerURI, aLoadGroup, aObserver, - aCX, aLoadFlags, aExistingRequest, - aProxyRequest, aPolicy, -@@ -1367,22 +1395,40 @@ bool imgLoader::ValidateEntry(imgCacheEntry *aEntry, - return !validateRequest; - } - -- --bool imgLoader::RemoveFromCache(nsIURI *aKey) -+bool imgLoader::RemoveMatchingUrlsFromCache(nsIURI *aImgURI) - { -- if (!aKey) return false; -+ if (!aImgURI) return false; - -- imgCacheTable &cache = GetCache(aKey); -- imgCacheQueue &queue = GetCacheQueue(aKey); -+ bool rv = true; -+ imgCacheTable &cache = GetCache(aImgURI); - -- nsCAutoString spec; -- aKey->GetSpec(spec); -+ // We have to make a temporary, since RemoveFromCache removes the element -+ // from the queue, invalidating iterators. -+ nsTArray<nsRefPtr<imgCacheEntry> > entries; -+ cache.Enumerate(EnumAllEntries, &entries); -+ -+ for (uint32_t i = 0; i < entries.Length(); ++i) { -+ bool isEqual = false; -+ -+ entries[i]->mRequest->mURI->Equals(aImgURI, &isEqual); -+ if (isEqual && !RemoveFromCache(entries[i])) -+ rv = false; -+ } -+ -+ return rv; -+} -+ -+bool imgLoader::RemoveKeyFromCache(imgCacheTable &cache, -+ imgCacheQueue &queue, -+ nsCAutoString key) -+{ -+ if (key.IsEmpty()) return false; - -- LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::RemoveFromCache", "uri", spec.get()); -+ LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::RemoveKeyFromCache", "uri", key.get()); - - nsRefPtr<imgCacheEntry> entry; -- if (cache.Get(spec, getter_AddRefs(entry)) && entry) { -- cache.Remove(spec); -+ if (cache.Get(key, getter_AddRefs(entry)) && entry) { -+ cache.Remove(key); - - NS_ABORT_IF_FALSE(!entry->Evicted(), "Evicting an already-evicted cache entry!"); - -@@ -1410,12 +1456,13 @@ bool imgLoader::RemoveFromCache(imgCacheEntry *entry) - - nsRefPtr<imgRequest> request(getter_AddRefs(entry->GetRequest())); - if (request) { -- nsCOMPtr<nsIURI> key; -- if (NS_SUCCEEDED(request->GetURI(getter_AddRefs(key))) && key) { -- imgCacheTable &cache = GetCache(key); -- imgCacheQueue &queue = GetCacheQueue(key); -- nsCAutoString spec; -- key->GetSpec(spec); -+ nsCOMPtr<nsIURI> imgURI = request->mURI; -+ nsCOMPtr<nsIURI> firstPartyURI = request->mFirstPartyURI; -+ -+ if (imgURI) { -+ imgCacheTable &cache = GetCache(imgURI); -+ imgCacheQueue &queue = GetCacheQueue(imgURI); -+ nsCAutoString spec = GetCacheKey(firstPartyURI, imgURI); - - LOG_STATIC_FUNC_WITH_PARAM(gImgLog, "imgLoader::RemoveFromCache", "entry's uri", spec.get()); - -@@ -1438,32 +1485,21 @@ bool imgLoader::RemoveFromCache(imgCacheEntry *entry) - return false; - } - --static PLDHashOperator EnumEvictEntries(const nsACString&, -- nsRefPtr<imgCacheEntry> &aData, -- void *data) --{ -- nsTArray<nsRefPtr<imgCacheEntry> > *entries = -- reinterpret_cast<nsTArray<nsRefPtr<imgCacheEntry> > *>(data); -- -- entries->AppendElement(aData); -- -- return PL_DHASH_NEXT; --} -- - nsresult imgLoader::EvictEntries(imgCacheTable &aCacheToClear) - { -+ nsresult rv = NS_OK; - LOG_STATIC_FUNC(gImgLog, "imgLoader::EvictEntries table"); - - // We have to make a temporary, since RemoveFromCache removes the element - // from the queue, invalidating iterators. - nsTArray<nsRefPtr<imgCacheEntry> > entries; -- aCacheToClear.Enumerate(EnumEvictEntries, &entries); -+ aCacheToClear.Enumerate(EnumAllEntries, &entries); - - for (uint32_t i = 0; i < entries.Length(); ++i) - if (!RemoveFromCache(entries[i])) -- return NS_ERROR_FAILURE; -+ rv = NS_ERROR_FAILURE; - -- return NS_OK; -+ return rv; - } - - nsresult imgLoader::EvictEntries(imgCacheQueue &aQueueToClear) -@@ -1490,11 +1526,10 @@ nsresult imgLoader::EvictEntries(imgCacheQueue &aQueueToClear) - nsIRequest::VALIDATE_NEVER | \ - nsIRequest::VALIDATE_ONCE_PER_SESSION) - -- --/* imgIRequest loadImage (in nsIURI aURI, in nsIURI initialDocumentURI, in nsIPrincipal loadingPrincipal, in nsILoadGroup aLoadGroup, in imgIDecoderObserver aObserver, in nsISupports aCX, in nsLoadFlags aLoadFlags, in nsISupports cacheKey, in imgIRequest aRequest); */ -+/* imgIRequest loadImage (in nsIURI aURI, in nsIURI aUrlBarURI, in nsIPrincipal loadingPrincipal, in nsILoadGroup aLoadGroup, in imgIDecoderObserver aObserver, in nsISupports aCX, in nsLoadFlags aLoadFlags, in nsISupports cacheKey, in imgIRequest aRequest); */ - - NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, -- nsIURI *aInitialDocumentURI, -+ nsIURI *aFirstPartyURI, - nsIURI *aReferrerURI, - nsIPrincipal* aLoadingPrincipal, - nsILoadGroup *aLoadGroup, -@@ -1513,8 +1548,8 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - if (!aURI) - return NS_ERROR_NULL_POINTER; - -- nsCAutoString spec; -- aURI->GetSpec(spec); -+ nsCAutoString spec = GetCacheKey(aFirstPartyURI, aURI); -+ - LOG_SCOPE_WITH_PARAM(gImgLog, "imgLoader::LoadImage", "aURI", spec.get()); - - *_retval = nullptr; -@@ -1566,7 +1601,7 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - imgCacheTable &cache = GetCache(aURI); - - if (cache.Get(spec, getter_AddRefs(entry)) && entry) { -- if (ValidateEntry(entry, aURI, aInitialDocumentURI, aReferrerURI, -+ if (ValidateEntry(entry, aURI, aFirstPartyURI, aReferrerURI, - aLoadGroup, aObserver, aCX, requestFlags, true, - aRequest, _retval, aPolicy, aLoadingPrincipal, corsmode)) { - request = getter_AddRefs(entry->GetRequest()); -@@ -1605,7 +1640,7 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - rv = NewImageChannel(getter_AddRefs(newChannel), - &forcePrincipalCheck, - aURI, -- aInitialDocumentURI, -+ aFirstPartyURI, - aReferrerURI, - aLoadGroup, - mAcceptHeader, -@@ -1627,8 +1662,8 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - do_CreateInstance(NS_LOADGROUP_CONTRACTID); - newChannel->SetLoadGroup(loadGroup); - -- request->Init(aURI, aURI, loadGroup, newChannel, entry, aCX, -- aLoadingPrincipal, corsmode); -+ request->Init(aURI, aURI, aFirstPartyURI, loadGroup, newChannel, entry, -+ aCX, aLoadingPrincipal, corsmode); - - // Pass the inner window ID of the loading document, if possible. - nsCOMPtr<nsIDocument> doc = do_QueryInterface(aCX); -@@ -1676,7 +1711,7 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - } - - // Try to add the new request into the cache. -- PutIntoCache(aURI, entry); -+ PutIntoCache(spec, entry); - } else { - LOG_MSG_WITH_PARAM(gImgLog, - "imgLoader::LoadImage |cache hit|", "request", request); -@@ -1736,6 +1771,49 @@ NS_IMETHODIMP imgLoader::LoadImage(nsIURI *aURI, - return NS_OK; - } - -+nsCAutoString imgLoader::GetCacheKey(nsIURI *firstPartyURI, nsIURI *imgURI) -+{ -+ NS_ASSERTION(imgURI, "imgLoader::GetCacheKey -- NULL imgURI"); -+ -+ nsCAutoString spec, hostKey; -+ if (imgURI) -+ imgURI->GetSpec(spec); -+ -+#if 0 -+ bool isChrome = false; -+ if (imgURI) -+ imgURI->SchemeIs("chrome", &isChrome); -+ if (isChrome) -+ return spec; // No partitioning needed for chrome; just use a simple key. -+#endif -+ -+ // FIXME: Should we use mozIThirdPartyUtil to get a domain from this? -+ if (firstPartyURI) -+ firstPartyURI->GetHost(hostKey); -+ else { -+ hostKey = "--NoFirstParty--"; -+ nsCOMPtr<nsIConsoleService> consoleSvc = -+ do_GetService(NS_CONSOLESERVICE_CONTRACTID); -+ if (consoleSvc) { -+ nsAutoString msg(NS_LITERAL_STRING( -+ "imgLoader::GetCacheKey: NULL firstPartyURI for ") -+ .get()); -+ msg.AppendASCII(spec.get()); -+ consoleSvc->LogStringMessage(msg.get()); -+ } -+ -+#ifdef DEBUG -+ printf("imgLoader::GetCacheKey: NULL firstPartyURI for %s\n", spec.get()); -+#endif -+ } -+ -+ // Make a new key using host -+ // FIXME: This might involve a couple more copies than necessary.. -+ // But man, 18 string types? Who knows which one I need to use to do -+ // this cheaply.. -+ return hostKey + nsCAutoString("&") + spec; -+} -+ - /* imgIRequest loadImageWithChannel(in nsIChannel channel, in imgIDecoderObserver aObserver, in nsISupports cx, out nsIStreamListener); */ - NS_IMETHODIMP imgLoader::LoadImageWithChannel(nsIChannel *channel, imgIDecoderObserver *aObserver, nsISupports *aCX, nsIStreamListener **listener, imgIRequest **_retval) - { -@@ -1746,22 +1824,27 @@ NS_IMETHODIMP imgLoader::LoadImageWithChannel(nsIChannel *channel, imgIDecoderOb - nsCOMPtr<nsIURI> uri; - channel->GetURI(getter_AddRefs(uri)); - -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc -+ = do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ thirdPartySvc->GetFirstPartyURI(channel, nullptr, -+ getter_AddRefs(firstPartyURI)); -+ - nsLoadFlags requestFlags = nsIRequest::LOAD_NORMAL; - channel->GetLoadFlags(&requestFlags); - - nsRefPtr<imgCacheEntry> entry; -+ imgCacheTable &cache = GetCache(uri); -+ nsCAutoString spec = GetCacheKey(firstPartyURI, uri); - - if (requestFlags & nsIRequest::LOAD_BYPASS_CACHE) { -- RemoveFromCache(uri); -+ imgCacheQueue &queue = GetCacheQueue(uri); -+ RemoveKeyFromCache(cache, queue, spec); - } else { - // Look in the cache for our URI, and then validate it. - // XXX For now ignore aCacheKey. We will need it in the future - // for correctly dealing with image load requests that are a result - // of post data. -- imgCacheTable &cache = GetCache(uri); -- nsCAutoString spec; -- -- uri->GetSpec(spec); - - if (cache.Get(spec, getter_AddRefs(entry)) && entry) { - // We don't want to kick off another network load. So we ask -@@ -1833,7 +1916,7 @@ NS_IMETHODIMP imgLoader::LoadImageWithChannel(nsIChannel *channel, imgIDecoderOb - channel->GetOriginalURI(getter_AddRefs(originalURI)); - - // No principal specified here, because we're not passed one. -- request->Init(originalURI, uri, channel, channel, entry, -+ request->Init(originalURI, uri, firstPartyURI, channel, channel, entry, - aCX, nullptr, imgIRequest::CORS_NONE); - - ProxyListener *pl = new ProxyListener(static_cast<nsIStreamListener *>(request.get())); -@@ -1845,7 +1928,7 @@ NS_IMETHODIMP imgLoader::LoadImageWithChannel(nsIChannel *channel, imgIDecoderOb - NS_RELEASE(pl); - - // Try to add the new request into the cache. -- PutIntoCache(originalURI, entry); -+ PutIntoCache(GetCacheKey(firstPartyURI, originalURI), entry); - - rv = CreateNewProxyForRequest(request, loadGroup, aObserver, - requestFlags, nullptr, _retval); -@@ -2132,6 +2215,7 @@ NS_IMETHODIMP imgCacheValidator::OnStartRequest(nsIRequest *aRequest, nsISupport - - int32_t corsmode = mRequest->GetCORSMode(); - nsCOMPtr<nsIPrincipal> loadingPrincipal = mRequest->GetLoadingPrincipal(); -+ nsCOMPtr<nsIURI> firstPartyURI = mRequest->mFirstPartyURI; - - // Doom the old request's cache entry - mRequest->RemoveFromCache(); -@@ -2142,16 +2226,16 @@ NS_IMETHODIMP imgCacheValidator::OnStartRequest(nsIRequest *aRequest, nsISupport - // We use originalURI here to fulfil the imgIRequest contract on GetURI. - nsCOMPtr<nsIURI> originalURI; - channel->GetOriginalURI(getter_AddRefs(originalURI)); -- mNewRequest->Init(originalURI, uri, aRequest, channel, mNewEntry, -- mContext, loadingPrincipal, -- corsmode); -+ mNewRequest->Init(originalURI, uri, firstPartyURI, aRequest, channel, -+ mNewEntry, mContext, loadingPrincipal, corsmode); - - mDestListener = new ProxyListener(mNewRequest); - - // Try to add the new request into the cache. Note that the entry must be in - // the cache before the proxies' ownership changes, because adding a proxy - // changes the caching behaviour for imgRequests. -- sImgLoader.PutIntoCache(originalURI, mNewEntry); -+ sImgLoader.PutIntoCache(imgLoader::GetCacheKey(firstPartyURI, originalURI), -+ mNewEntry); - - uint32_t count = mProxies.Count(); - for (int32_t i = count-1; i>=0; i--) { -diff --git a/image/src/imgLoader.h b/image/src/imgLoader.h -index 64d3563..c275d83 100644 ---- a/image/src/imgLoader.h -+++ b/image/src/imgLoader.h -@@ -227,10 +227,11 @@ public: - - static nsresult InitCache(); - -- static bool RemoveFromCache(nsIURI *aKey); -+ static nsCAutoString GetCacheKey(nsIURI *firstPartyURI, -+ nsIURI *imgURI); - static bool RemoveFromCache(imgCacheEntry *entry); -- -- static bool PutIntoCache(nsIURI *key, imgCacheEntry *entry); -+ static bool PutIntoCache(nsCAutoString key, imgCacheEntry *entry); -+ static bool RemoveMatchingUrlsFromCache(nsIURI *aKey); - - // Returns true if we should prefer evicting cache entry |two| over cache - // entry |one|. -@@ -269,14 +270,14 @@ public: - // HasObservers(). The request's cache entry will be re-set before this - // happens, by calling imgRequest::SetCacheEntry() when an entry with no - // observers is re-requested. -- static bool SetHasNoProxies(nsIURI *key, imgCacheEntry *entry); -- static bool SetHasProxies(nsIURI *key); -+ static bool SetHasProxies(nsIURI *firstPartyURI, nsIURI *imgURI); -+ static bool SetHasNoProxies(nsIURI *imgURI, imgCacheEntry *entry); - - private: // methods - - -- bool ValidateEntry(imgCacheEntry *aEntry, nsIURI *aKey, -- nsIURI *aInitialDocumentURI, nsIURI *aReferrerURI, -+ bool ValidateEntry(imgCacheEntry *aEntry, nsIURI *aURI, -+ nsIURI *aFirstPartyURI, nsIURI *aReferrerURI, - nsILoadGroup *aLoadGroup, - imgIDecoderObserver *aObserver, nsISupports *aCX, - nsLoadFlags aLoadFlags, bool aCanMakeNewChannel, -@@ -315,9 +316,14 @@ private: // methods - static void CacheEntriesChanged(nsIURI *aURI, int32_t sizediff = 0); - static void CheckCacheLimits(imgCacheTable &cache, imgCacheQueue &queue); - -+ static bool RemoveKeyFromCache(imgCacheTable &cache, -+ imgCacheQueue &queue, -+ nsCAutoString key); -+ - private: // data - friend class imgCacheEntry; - friend class imgMemoryReporter; -+ friend class imgRequest; - - static imgCacheTable sCache; - static imgCacheQueue sCacheQueue; -diff --git a/image/src/imgRequest.cpp b/image/src/imgRequest.cpp -index e89e05a..71afe2c 100644 ---- a/image/src/imgRequest.cpp -+++ b/image/src/imgRequest.cpp -@@ -103,6 +103,7 @@ imgRequest::~imgRequest() - - nsresult imgRequest::Init(nsIURI *aURI, - nsIURI *aCurrentURI, -+ nsIURI *aFirstPartyURI, - nsIRequest *aRequest, - nsIChannel *aChannel, - imgCacheEntry *aCacheEntry, -@@ -124,6 +125,7 @@ nsresult imgRequest::Init(nsIURI *aURI, - - mURI = aURI; - mCurrentURI = aCurrentURI; -+ mFirstPartyURI = aFirstPartyURI; - mRequest = aRequest; - mChannel = aChannel; - mTimedChannel = do_QueryInterface(mChannel); -@@ -178,7 +180,7 @@ nsresult imgRequest::AddProxy(imgRequestProxy *proxy) - // proxies. - if (mObservers.IsEmpty()) { - NS_ABORT_IF_FALSE(mURI, "Trying to SetHasProxies without key uri."); -- imgLoader::SetHasProxies(mURI); -+ imgLoader::SetHasProxies(mFirstPartyURI, mURI); - } - - // If we don't have any current observers, we should restart any animation. -@@ -329,8 +331,11 @@ void imgRequest::RemoveFromCache() - // mCacheEntry is nulled out when we have no more observers. - if (mCacheEntry) - imgLoader::RemoveFromCache(mCacheEntry); -- else -- imgLoader::RemoveFromCache(mURI); -+ else { -+ imgLoader::RemoveKeyFromCache(imgLoader::GetCache(mURI), -+ imgLoader::GetCacheQueue(mURI), -+ imgLoader::GetCacheKey(mFirstPartyURI, mURI)); -+ } - } - - mCacheEntry = nullptr; -diff --git a/image/src/imgRequest.h b/image/src/imgRequest.h -index 424631b..7e1180f 100644 ---- a/image/src/imgRequest.h -+++ b/image/src/imgRequest.h -@@ -57,6 +57,7 @@ public: - - nsresult Init(nsIURI *aURI, - nsIURI *aCurrentURI, -+ nsIURI *aFirstPartyURI, - nsIRequest *aRequest, - nsIChannel *aChannel, - imgCacheEntry *aCacheEntry, -@@ -189,6 +190,8 @@ private: - nsCOMPtr<nsIURI> mURI; - // The URI of the resource we ended up loading after all redirects, etc. - nsCOMPtr<nsIURI> mCurrentURI; -+ // The first party that triggered the load -- for cookie + cache isolation -+ nsCOMPtr<nsIURI> mFirstPartyURI; - // The principal of the document which loaded this image. Used when validating for CORS. - nsCOMPtr<nsIPrincipal> mLoadingPrincipal; - // The principal of this image. -diff --git a/layout/generic/nsImageFrame.cpp b/layout/generic/nsImageFrame.cpp -index 748107d..3ecb1e9 100644 ---- a/layout/generic/nsImageFrame.cpp -+++ b/layout/generic/nsImageFrame.cpp -@@ -63,6 +63,7 @@ - #include "nsError.h" - #include "nsBidiUtils.h" - #include "nsBidiPresUtils.h" -+#include "mozIThirdPartyUtil.h" - - #include "gfxRect.h" - #include "ImageLayers.h" -@@ -1777,6 +1778,7 @@ nsImageFrame::LoadIcon(const nsAString& aSpec, - { - nsresult rv = NS_OK; - NS_PRECONDITION(!aSpec.IsEmpty(), "What happened??"); -+ NS_PRECONDITION(aPresContext, "NULL PresContext"); - - if (!sIOService) { - rv = CallGetService(NS_IOSERVICE_CONTRACTID, &sIOService); -@@ -1794,9 +1796,17 @@ nsImageFrame::LoadIcon(const nsAString& aSpec, - - // For icon loads, we don't need to merge with the loadgroup flags - nsLoadFlags loadFlags = nsIRequest::LOAD_NORMAL; -- -+ -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc -+ = do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ // XXX: Should we pass the loadgroup, too? Is document ever likely -+ // to be unset? -+ thirdPartySvc->GetFirstPartyURI(nullptr, aPresContext->Document(), -+ getter_AddRefs(firstPartyURI)); -+ - return il->LoadImage(realURI, /* icon URI */ -- nullptr, /* initial document URI; this is only -+ firstPartyURI, /* initial document URI; this is only - relevant for cookies, so does not - apply to icons. */ - nullptr, /* referrer (not relevant for icons) */ -diff --git a/netwerk/cookie/nsICookiePermission.idl b/netwerk/cookie/nsICookiePermission.idl -index 379695c..7ad3f3b 100644 ---- a/netwerk/cookie/nsICookiePermission.idl -+++ b/netwerk/cookie/nsICookiePermission.idl -@@ -7,6 +7,7 @@ - interface nsICookie2; - interface nsIURI; - interface nsIChannel; -+interface nsIDocument; - - typedef long nsCookieAccess; - -diff --git a/toolkit/system/gnome/nsAlertsIconListener.cpp b/toolkit/system/gnome/nsAlertsIconListener.cpp -index bfc43d1..37e93c3 100644 ---- a/toolkit/system/gnome/nsAlertsIconListener.cpp -+++ b/toolkit/system/gnome/nsAlertsIconListener.cpp -@@ -261,7 +261,8 @@ nsAlertsIconListener::StartRequest(const nsAString & aImageUrl) - if (!il) - return ShowAlert(NULL); - -- return il->LoadImage(imageUri, nullptr, nullptr, nullptr, nullptr, this, -+ // XXX: Hrmm.... Bypass cache, or isolate to imageUrl? -+ return il->LoadImage(imageUri, imageUri, nullptr, nullptr, nullptr, this, - nullptr, nsIRequest::LOAD_NORMAL, nullptr, nullptr, - nullptr, getter_AddRefs(mIconRequest)); - } -diff --git a/widget/cocoa/nsMenuItemIconX.mm b/widget/cocoa/nsMenuItemIconX.mm -index e0c07c4..368df5f 100644 ---- a/widget/cocoa/nsMenuItemIconX.mm -+++ b/widget/cocoa/nsMenuItemIconX.mm -@@ -29,6 +29,7 @@ - #include "gfxImageSurface.h" - #include "imgIContainer.h" - #include "nsCocoaUtils.h" -+#include "mozIThirdPartyUtil.h" - - static const uint32_t kIconWidth = 16; - static const uint32_t kIconHeight = 16; -@@ -304,9 +305,15 @@ nsMenuItemIconX::LoadIcon(nsIURI* aIconURI) - [mNativeMenuItem setImage:sPlaceholderIconImage]; - } - -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartySvc -+ = do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ thirdPartySvc->GetFirstPartyURI(nullptr, document, -+ getter_AddRefs(firstPartyURI)); -+ - // Passing in null for channelPolicy here since nsMenuItemIconX::LoadIcon is - // not exposed to web content -- rv = loader->LoadImage(aIconURI, nullptr, nullptr, nullptr, loadGroup, this, -+ rv = loader->LoadImage(aIconURI, firstPartyURI, nullptr, nullptr, loadGroup, this, - nullptr, nsIRequest::LOAD_NORMAL, nullptr, nullptr, - nullptr, getter_AddRefs(mIconRequest)); - if (NS_FAILED(rv)) return rv; --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0025-nsIHTTPChannel.redirectTo-API.patch b/src/current-patches/firefox/0025-nsIHTTPChannel.redirectTo-API.patch deleted file mode 100644 index dfcf8ba..0000000 --- a/src/current-patches/firefox/0025-nsIHTTPChannel.redirectTo-API.patch +++ /dev/null @@ -1,474 +0,0 @@ -From 27633d970ddfa360c553aaf3e8697354309f0839 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Mon, 14 Jan 2013 19:36:14 -0800 -Subject: [PATCH 25/27] nsIHTTPChannel.redirectTo API. - -Provides an API for HTTPS-Everywhere to perform redirects to https -in a more secure and reliable way. ---- - netwerk/protocol/http/HttpBaseChannel.cpp | 13 +++++ - netwerk/protocol/http/HttpBaseChannel.h | 10 ++++ - netwerk/protocol/http/HttpChannelChild.cpp | 34 ++++++++---- - netwerk/protocol/http/HttpChannelParent.cpp | 12 ++++- - netwerk/protocol/http/HttpChannelParent.h | 4 +- - netwerk/protocol/http/PHttpChannel.ipdl | 4 +- - netwerk/protocol/http/nsHttpChannel.cpp | 57 ++++++++++++++++--- - netwerk/protocol/http/nsHttpChannel.h | 8 ++- - netwerk/protocol/http/nsIHttpChannel.idl | 14 +++++- - .../protocol/viewsource/nsViewSourceChannel.cpp | 10 +++- - 10 files changed, 139 insertions(+), 27 deletions(-) - -diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp -index ec58de6..2926428 100644 ---- a/netwerk/protocol/http/HttpBaseChannel.cpp -+++ b/netwerk/protocol/http/HttpBaseChannel.cpp -@@ -37,6 +37,7 @@ HttpBaseChannel::HttpBaseChannel() - , mIsPending(false) - , mWasOpened(false) - , mResponseHeadersModified(false) -+ , mRequestObserversCalled(false) - , mAllowPipelining(true) - , mForceAllowThirdPartyCookie(false) - , mUploadStreamHasHeaders(false) -@@ -1119,6 +1120,18 @@ HttpBaseChannel::GetRequestSucceeded(bool *aValue) - return NS_OK; - } - -+NS_IMETHODIMP -+HttpBaseChannel::RedirectTo(nsIURI *newURI) -+{ -+ // We can only redirect unopened channels -+ ENSURE_CALLED_BEFORE_ASYNC_OPEN(); -+ -+ // The redirect is stored internally for use in AsyncOpen -+ mAPIRedirectToURI = newURI; -+ -+ return NS_OK; -+} -+ - //----------------------------------------------------------------------------- - // HttpBaseChannel::nsIHttpChannelInternal - //----------------------------------------------------------------------------- -diff --git a/netwerk/protocol/http/HttpBaseChannel.h b/netwerk/protocol/http/HttpBaseChannel.h -index 971958c..125734d 100644 ---- a/netwerk/protocol/http/HttpBaseChannel.h -+++ b/netwerk/protocol/http/HttpBaseChannel.h -@@ -17,6 +17,7 @@ - #include "nsHttpConnectionInfo.h" - #include "nsIEncodedChannel.h" - #include "nsIHttpChannel.h" -+#include "nsHttpHandler.h" - #include "nsIHttpChannelInternal.h" - #include "nsIUploadChannel.h" - #include "nsIUploadChannel2.h" -@@ -117,6 +118,7 @@ public: - NS_IMETHOD GetResponseStatus(uint32_t *aValue); - NS_IMETHOD GetResponseStatusText(nsACString& aValue); - NS_IMETHOD GetRequestSucceeded(bool *aValue); -+ NS_IMETHOD RedirectTo(nsIURI *newURI); - - // nsIHttpChannelInternal - NS_IMETHOD GetDocumentURI(nsIURI **aDocumentURI); -@@ -199,6 +201,12 @@ protected: - nsIChannel *, - bool preserveMethod); - -+ // bundle calling OMR observers and marking flag into one function -+ inline void CallOnModifyRequestObservers() { -+ gHttpHandler->OnModifyRequest(this); -+ mRequestObserversCalled = true; -+ } -+ - // Helper function to simplify getting notification callbacks. - template <class T> - void GetCallback(nsCOMPtr<T> &aResult) -@@ -252,6 +260,7 @@ protected: - uint32_t mIsPending : 1; - uint32_t mWasOpened : 1; - uint32_t mResponseHeadersModified : 1; -+ uint32_t mRequestObserversCalled : 1; - uint32_t mAllowPipelining : 1; - uint32_t mForceAllowThirdPartyCookie : 1; - uint32_t mUploadStreamHasHeaders : 1; -@@ -268,6 +277,7 @@ protected: - // Current suspension depth for this channel object - uint32_t mSuspendCount; - -+ nsCOMPtr<nsIURI> mAPIRedirectToURI; - nsAutoPtr<nsTArray<nsCString> > mRedirectedCachekeys; - }; - -diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp -index 5d82f7e..35697be 100644 ---- a/netwerk/protocol/http/HttpChannelChild.cpp -+++ b/netwerk/protocol/http/HttpChannelChild.cpp -@@ -854,6 +854,7 @@ HttpChannelChild::CompleteRedirectSetup(nsIStreamListener *listener, - NS_IMETHODIMP - HttpChannelChild::OnRedirectVerifyCallback(nsresult result) - { -+ OptionalURIParams redirectURI; - nsCOMPtr<nsIHttpChannel> newHttpChannel = - do_QueryInterface(mRedirectChannelChild); - -@@ -872,13 +873,25 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result) - newHttpChannelChild->GetClientSetRequestHeaders(&headerTuples); - } - -- // After we verify redirect, nsHttpChannel may hit the network: must give -- // "http-on-modify-request" observers the chance to cancel before that. -- if (NS_SUCCEEDED(result)) -- gHttpHandler->OnModifyRequest(newHttpChannel); -- -- if (mIPCOpen) -- SendRedirect2Verify(result, *headerTuples); -+ if (NS_SUCCEEDED(result)) { -+ // we know this is an HttpChannelChild -+ HttpChannelChild* base = -+ static_cast<HttpChannelChild*>(mRedirectChannelChild.get()); -+ // After we verify redirect, nsHttpChannel may hit the network: must give -+ // "http-on-modify-request" observers the chance to cancel before that. -+ base->CallOnModifyRequestObservers(); -+ -+ /* If there was an API redirect of this redirect, we need to send it -+ * down here, since it can't get sent via SendAsyncOpen. */ -+ SerializeURI(base->mAPIRedirectToURI, redirectURI); -+ } else { -+ /* If the redirect was canceled, bypass OMR and send an empty API -+ * redirect URI */ -+ SerializeURI(nullptr, redirectURI); -+ } -+ -+ if (mIPCOpen) -+ SendRedirect2Verify(result, *headerTuples, redirectURI); - - return NS_OK; - } -@@ -985,7 +998,7 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) - // - - // notify "http-on-modify-request" observers -- gHttpHandler->OnModifyRequest(this); -+ CallOnModifyRequestObservers(); - - mIsPending = true; - mWasOpened = true; -@@ -1042,15 +1055,16 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) - URIParams uri; - SerializeURI(mURI, uri); - -- OptionalURIParams originalURI, documentURI, referrer; -+ OptionalURIParams originalURI, documentURI, referrer, redirectURI; - SerializeURI(mOriginalURI, originalURI); - SerializeURI(mDocumentURI, documentURI); - SerializeURI(mReferrer, referrer); -+ SerializeURI(mAPIRedirectToURI, redirectURI); - - OptionalInputStreamParams uploadStream; - SerializeInputStream(mUploadStream, uploadStream); - -- SendAsyncOpen(uri, originalURI, documentURI, referrer, mLoadFlags, -+ SendAsyncOpen(uri, originalURI, documentURI, referrer, redirectURI, mLoadFlags, - mClientSetRequestHeaders, mRequestHead.Method(), uploadStream, - mUploadStreamHasHeaders, mPriority, mRedirectionLimit, - mAllowPipelining, mForceAllowThirdPartyCookie, mSendResumeAt, -diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp -index 0a9ccc4..d01f162 100644 ---- a/netwerk/protocol/http/HttpChannelParent.cpp -+++ b/netwerk/protocol/http/HttpChannelParent.cpp -@@ -110,6 +110,7 @@ HttpChannelParent::RecvAsyncOpen(const URIParams& aURI, - const OptionalURIParams& aOriginalURI, - const OptionalURIParams& aDocURI, - const OptionalURIParams& aReferrerURI, -+ const OptionalURIParams& aAPIRedirectToURI, - const uint32_t& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -@@ -131,6 +132,7 @@ HttpChannelParent::RecvAsyncOpen(const URIParams& aURI, - nsCOMPtr<nsIURI> originalUri = DeserializeURI(aOriginalURI); - nsCOMPtr<nsIURI> docUri = DeserializeURI(aDocURI); - nsCOMPtr<nsIURI> referrerUri = DeserializeURI(aReferrerURI); -+ nsCOMPtr<nsIURI> apiRedirectToUri = DeserializeURI(aAPIRedirectToURI); - - nsCString uriSpec; - uri->GetSpec(uriSpec); -@@ -161,6 +163,8 @@ HttpChannelParent::RecvAsyncOpen(const URIParams& aURI, - httpChan->SetDocumentURI(docUri); - if (referrerUri) - httpChan->SetReferrerInternal(referrerUri); -+ if (apiRedirectToUri) -+ httpChan->RedirectTo(apiRedirectToUri); - if (loadFlags != nsIRequest::LOAD_NORMAL) - httpChan->SetLoadFlags(loadFlags); - -@@ -315,13 +319,19 @@ HttpChannelParent::RecvUpdateAssociatedContentSecurity(const int32_t& high, - - bool - HttpChannelParent::RecvRedirect2Verify(const nsresult& result, -- const RequestHeaderTuples& changedHeaders) -+ const RequestHeaderTuples& changedHeaders, -+ const OptionalURIParams& aAPIRedirectURI) - { - if (NS_SUCCEEDED(result)) { - nsCOMPtr<nsIHttpChannel> newHttpChannel = - do_QueryInterface(mRedirectChannel); - - if (newHttpChannel) { -+ nsCOMPtr<nsIURI> apiRedirectUri = DeserializeURI(aAPIRedirectURI); -+ -+ if (apiRedirectUri) -+ newHttpChannel->RedirectTo(apiRedirectUri); -+ - for (uint32_t i = 0; i < changedHeaders.Length(); i++) { - newHttpChannel->SetRequestHeader(changedHeaders[i].mHeader, - changedHeaders[i].mValue, -diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h -index e869d63..96f3f3c 100644 ---- a/netwerk/protocol/http/HttpChannelParent.h -+++ b/netwerk/protocol/http/HttpChannelParent.h -@@ -47,6 +47,7 @@ protected: - const OptionalURIParams& originalUri, - const OptionalURIParams& docUri, - const OptionalURIParams& referrerUri, -+ const OptionalURIParams& internalRedirectUri, - const uint32_t& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -@@ -71,7 +72,8 @@ protected: - virtual bool RecvResume(); - virtual bool RecvCancel(const nsresult& status); - virtual bool RecvRedirect2Verify(const nsresult& result, -- const RequestHeaderTuples& changedHeaders); -+ const RequestHeaderTuples& changedHeaders, -+ const OptionalURIParams& apiRedirectUri); - virtual bool RecvUpdateAssociatedContentSecurity(const int32_t& high, - const int32_t& low, - const int32_t& broken, -diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl -index c13c969..e16afd6 100644 ---- a/netwerk/protocol/http/PHttpChannel.ipdl -+++ b/netwerk/protocol/http/PHttpChannel.ipdl -@@ -37,6 +37,7 @@ parent: - OptionalURIParams original, - OptionalURIParams doc, - OptionalURIParams referrer, -+ OptionalURIParams apiRedirectTo, - uint32_t loadFlags, - RequestHeaderTuples requestHeaders, - nsHttpAtom requestMethod, -@@ -72,7 +73,8 @@ parent: - Cancel(nsresult status); - - // Reports approval/veto of redirect by child process redirect observers -- Redirect2Verify(nsresult result, RequestHeaderTuples changedHeaders); -+ Redirect2Verify(nsresult result, RequestHeaderTuples changedHeaders, -+ OptionalURIParams apiRedirectTo); - - // For document loads we keep this protocol open after child's - // OnStopRequest, and send this msg (instead of __delete__) to allow -diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 6242ddc..bcfa0c9 100644 ---- a/netwerk/protocol/http/nsHttpChannel.cpp -+++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -1584,18 +1584,17 @@ nsHttpChannel::HandleAsyncRedirectChannelToHttps() - return; - } - -- nsresult rv = AsyncRedirectChannelToHttps(); -+ nsresult rv = StartRedirectChannelToHttps(); - if (NS_FAILED(rv)) -- ContinueAsyncRedirectChannelToHttps(rv); -+ ContinueAsyncRedirectChannelToURI(rv); - } - - nsresult --nsHttpChannel::AsyncRedirectChannelToHttps() -+nsHttpChannel::StartRedirectChannelToHttps() - { - nsresult rv = NS_OK; - LOG(("nsHttpChannel::HandleAsyncRedirectChannelToHttps() [STS]\n")); - -- nsCOMPtr<nsIChannel> newChannel; - nsCOMPtr<nsIURI> upgradedURI; - - rv = mURI->Clone(getter_AddRefs(upgradedURI)); -@@ -1617,6 +1616,36 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - else - upgradedURI->SetPort(oldPort); - -+ return StartRedirectChannelToURI(upgradedURI); -+} -+ -+void -+nsHttpChannel::HandleAsyncAPIRedirect() -+{ -+ NS_PRECONDITION(!mCallOnResume, "How did that happen?"); -+ NS_PRECONDITION(mAPIRedirectToURI, "How did that happen?"); -+ -+ if (mSuspendCount) { -+ LOG(("Waiting until resume to do async API redirect [this=%p]\n", this)); -+ mCallOnResume = &nsHttpChannel::HandleAsyncAPIRedirect; -+ return; -+ } -+ -+ nsresult rv = StartRedirectChannelToURI(mAPIRedirectToURI); -+ if (NS_FAILED(rv)) -+ ContinueAsyncRedirectChannelToURI(rv); -+ -+ return; -+} -+ -+nsresult -+nsHttpChannel::StartRedirectChannelToURI(nsIURI *upgradedURI) -+{ -+ nsresult rv = NS_OK; -+ LOG(("nsHttpChannel::StartRedirectChannelToURI()\n")); -+ -+ nsCOMPtr<nsIChannel> newChannel; -+ - nsCOMPtr<nsIIOService> ioService; - rv = gHttpHandler->GetIOService(getter_AddRefs(ioService)); - NS_ENSURE_SUCCESS(rv, rv); -@@ -1632,7 +1661,7 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - uint32_t flags = nsIChannelEventSink::REDIRECT_PERMANENT; - - PushRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueAsyncRedirectChannelToURI); - rv = gHttpHandler->AsyncOnChannelRedirect(this, newChannel, flags); - - if (NS_SUCCEEDED(rv)) -@@ -1640,15 +1669,19 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - - if (NS_FAILED(rv)) { - AutoRedirectVetoNotifier notifier(this); -+ -+ /* Remove the async call to ContinueAsyncRedirectChannelToURI(). -+ * It is called directly by our callers upon return (to clean up -+ * the failed redirect). */ - PopRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueAsyncRedirectChannelToURI); - } - - return rv; - } - - nsresult --nsHttpChannel::ContinueAsyncRedirectChannelToHttps(nsresult rv) -+nsHttpChannel::ContinueAsyncRedirectChannelToURI(nsresult rv) - { - AutoRedirectVetoNotifier notifier(this); - -@@ -4399,7 +4432,7 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) - mAuthProvider->AddAuthorizationHeaders(); - - // notify "http-on-modify-request" observers -- gHttpHandler->OnModifyRequest(this); -+ CallOnModifyRequestObservers(); - - // Adjust mCaps according to our request headers: - // - If "Connection: close" is set as a request header, then do not bother -@@ -4431,6 +4464,12 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) - if (mLoadGroup) - mLoadGroup->AddRequest(this, nullptr); - -+ // Check to see if we should redirect this channel elsewhere by -+ // nsIHttpChannel.redirectTo API request -+ if (mAPIRedirectToURI) { -+ return AsyncCall(&nsHttpChannel::HandleAsyncAPIRedirect); -+ } -+ - // Collect mAsyncOpenTime after we have called all obsrevers like - // "http-on-modify-request" and load group observers that may set - // mTimingEnabled flag. -@@ -5561,7 +5600,7 @@ nsHttpChannel::DoAuthRetry(nsAHttpConnection *conn) - AddCookiesToRequest(); - - // notify "http-on-modify-request" observers -- gHttpHandler->OnModifyRequest(this); -+ CallOnModifyRequestObservers(); - - mIsPending = true; - -diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index b1f0848..a05e70d 100644 ---- a/netwerk/protocol/http/nsHttpChannel.h -+++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -174,12 +174,14 @@ private: - - // redirection specific methods - void HandleAsyncRedirect(); -+ void HandleAsyncAPIRedirect(); - nsresult ContinueHandleAsyncRedirect(nsresult); - void HandleAsyncNotModified(); - void HandleAsyncFallback(); - nsresult ContinueHandleAsyncFallback(nsresult); - nsresult PromptTempRedirect(); -- virtual nsresult SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod); -+ nsresult StartRedirectChannelToURI(nsIURI *); -+ virtual nsresult SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod); - - // proxy specific methods - nsresult ProxyFailover(); -@@ -236,8 +238,8 @@ private: - nsresult DoAuthRetry(nsAHttpConnection *); - - void HandleAsyncRedirectChannelToHttps(); -- nsresult AsyncRedirectChannelToHttps(); -- nsresult ContinueAsyncRedirectChannelToHttps(nsresult rv); -+ nsresult StartRedirectChannelToHttps(); -+ nsresult ContinueAsyncRedirectChannelToURI(nsresult rv); - - /** - * A function that takes care of reading STS headers and enforcing STS -diff --git a/netwerk/protocol/http/nsIHttpChannel.idl b/netwerk/protocol/http/nsIHttpChannel.idl -index c541df1..7037f95 100644 ---- a/netwerk/protocol/http/nsIHttpChannel.idl -+++ b/netwerk/protocol/http/nsIHttpChannel.idl -@@ -14,7 +14,7 @@ interface nsIHttpHeaderVisitor; - * the inspection of the resulting HTTP response status and headers when they - * become available. - */ --[scriptable, uuid(9277fe09-f0cc-4cd9-bbce-581dd94b0260)] -+[scriptable, uuid(a01362a0-5c45-11e2-bcfd-0800200c9a66)] - interface nsIHttpChannel : nsIChannel - { - /************************************************************************** -@@ -257,4 +257,16 @@ interface nsIHttpChannel : nsIChannel - * has been received (before onStartRequest). - */ - boolean isNoCacheResponse(); -+ -+ /** -+ * Instructs the channel to immediately redirect to a new destination. -+ * Can only be called on channels not yet opened. -+ * -+ * This method provides no explicit conflict resolution. The last -+ * caller to call it wins. -+ * -+ * @throws NS_ERROR_ALREADY_OPENED if called after the channel -+ * has been opened. -+ */ -+ void redirectTo(in nsIURI aNewURI); - }; -diff --git a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -index 643ed0e..c63c2a5 100644 ---- a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -@@ -671,4 +671,12 @@ nsViewSourceChannel::IsNoCacheResponse(bool *_retval) - { - return !mHttpChannel ? NS_ERROR_NULL_POINTER : - mHttpChannel->IsNoCacheResponse(_retval); --} -+} -+ -+NS_IMETHODIMP -+nsViewSourceChannel::RedirectTo(nsIURI *uri) -+{ -+ return !mHttpChannel ? NS_ERROR_NULL_POINTER : -+ mHttpChannel->RedirectTo(uri); -+} -+ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0026-Isolate-DOM-storage-to-first-party-URI.patch b/src/current-patches/firefox/0026-Isolate-DOM-storage-to-first-party-URI.patch deleted file mode 100644 index 6a08d8b..0000000 --- a/src/current-patches/firefox/0026-Isolate-DOM-storage-to-first-party-URI.patch +++ /dev/null @@ -1,776 +0,0 @@ -From caf469aa331ab9d92cc83b378cf554f087625dc8 Mon Sep 17 00:00:00 2001 -From: Kathleen Brade brade@pearlcrescent.com -Date: Thu, 28 Feb 2013 18:02:34 -0800 -Subject: [PATCH 26/27] Isolate DOM storage to first party URI - -Also prevents DOM storage from writing to disk (hardcoded). ---- - docshell/base/nsDocShell.cpp | 78 ++++++++++++++++++- - docshell/base/nsDocShell.h | 6 +- - docshell/base/nsIDocShell.idl | 33 ++++++++- - dom/base/nsGlobalWindow.cpp | 13 +++- - dom/interfaces/storage/nsIDOMStorageManager.idl | 11 +++- - dom/interfaces/storage/nsPIDOMStorage.h | 8 +- - dom/src/storage/StorageChild.cpp | 6 +- - dom/src/storage/StorageChild.h | 3 +- - dom/src/storage/nsDOMStorage.cpp | 44 ++++++++--- - dom/src/storage/nsDOMStorage.h | 14 +++- - dom/src/storage/nsDOMStorageDBWrapper.cpp | 41 ++++++++--- - dom/src/storage/nsDOMStorageDBWrapper.h | 14 ++- - dom/src/storage/nsDOMStorageMemoryDB.cpp | 21 +++++- - dom/src/storage/nsDOMStoragePersistentDB.cpp | 8 ++- - .../windowwatcher/src/nsWindowWatcher.cpp | 5 +- - 15 files changed, 255 insertions(+), 50 deletions(-) - -diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp -index 0d56d9e..0726c07 100644 ---- a/docshell/base/nsDocShell.cpp -+++ b/docshell/base/nsDocShell.cpp -@@ -184,6 +184,7 @@ - #include "nsIChannelPolicy.h" - #include "nsIContentSecurityPolicy.h" - #include "nsSandboxFlags.h" -+#include "mozIThirdPartyUtil.h" - - #include "nsXULAppAPI.h" - -@@ -2395,6 +2396,17 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal, - bool aCreate, - nsIDOMStorage** aStorage) - { -+ return GetSessionStorageForFirstParty(nullptr, aPrincipal, aDocumentURI, -+ aCreate, aStorage); -+} -+ -+NS_IMETHODIMP -+nsDocShell::GetSessionStorageForFirstParty(nsIURI *aFirstPartyURI, -+ nsIPrincipal* aPrincipal, -+ const nsAString& aDocumentURI, -+ bool aCreate, -+ nsIDOMStorage** aStorage) -+{ - NS_ENSURE_ARG_POINTER(aStorage); - *aStorage = nullptr; - -@@ -2426,7 +2438,11 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal, - if (origin.IsEmpty()) - return NS_OK; - -- if (!mStorages.Get(origin, aStorage) && aCreate) { -+ nsXPIDLCString key; -+ rv = GetSessionStorageKey(aFirstPartyURI, origin, key); -+ NS_ENSURE_SUCCESS(rv, rv); -+ -+ if (!mStorages.Get(key, aStorage) && aCreate) { - nsCOMPtr<nsIDOMStorage> newstorage = - do_CreateInstance("@mozilla.org/dom/storage;2"); - if (!newstorage) -@@ -2440,7 +2456,7 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal, - if (NS_FAILED(rv)) - return rv; - -- mStorages.Put(origin, newstorage); -+ mStorages.Put(key, newstorage); - - newstorage.swap(*aStorage); - #if defined(PR_LOGGING) && defined(DEBUG) -@@ -2454,7 +2470,7 @@ nsDocShell::GetSessionStorageForPrincipal(nsIPrincipal* aPrincipal, - if (piStorage) { - nsCOMPtr<nsIPrincipal> storagePrincipal = piStorage->Principal(); - -- // The origin string used to map items in the hash table is -+ // The key string used to map items in the hash table is - // an implicit security check. That check is double-confirmed - // by checking the principal a storage was demanded for - // really is the principal for which that storage was originally -@@ -2513,6 +2529,14 @@ nsresult - nsDocShell::AddSessionStorage(nsIPrincipal* aPrincipal, - nsIDOMStorage* aStorage) - { -+ return AddSessionStorageForFirstParty(nullptr, aPrincipal, aStorage); -+} -+ -+nsresult -+nsDocShell::AddSessionStorageForFirstParty(nsIURI* aFirstPartyURI, -+ nsIPrincipal* aPrincipal, -+ nsIDOMStorage* aStorage) -+{ - NS_ENSURE_ARG_POINTER(aStorage); - - if (!aPrincipal) -@@ -2534,8 +2558,12 @@ nsDocShell::AddSessionStorage(nsIPrincipal* aPrincipal, - if (origin.IsEmpty()) - return NS_ERROR_FAILURE; - -+ nsXPIDLCString key; -+ rv = GetSessionStorageKey(aFirstPartyURI, origin, key); -+ NS_ENSURE_SUCCESS(rv, rv); -+ - // Do not replace an existing session storage. -- if (mStorages.GetWeak(origin)) -+ if (mStorages.GetWeak(key)) - return NS_ERROR_NOT_AVAILABLE; - - #if defined(PR_LOGGING) && defined(DEBUG) -@@ -2543,7 +2571,7 @@ nsDocShell::AddSessionStorage(nsIPrincipal* aPrincipal, - ("nsDocShell[%p]: was added a sessionStorage %p", - this, aStorage)); - #endif -- mStorages.Put(origin, aStorage); -+ mStorages.Put(key, aStorage); - } - else { - return topDocShell->AddSessionStorage(aPrincipal, aStorage); -@@ -2568,6 +2596,10 @@ CloneSessionStorages(nsCStringHashKey::KeyType aKey, nsIDOMStorage* aStorage, - return PL_DHASH_NEXT; - } - -+// CloneSessionStoragesTo() copies all session storage data from aDocShell to -+// this doc shell. It does not check if that is an appropriate thing to do, -+// e.g., by verifying that the first party URIs are the same. For now that is -+// okay because no Firefox code uses this method. - NS_IMETHODIMP - nsDocShell::CloneSessionStoragesTo(nsIDocShell* aDocShell) - { -@@ -12411,3 +12443,39 @@ nsDocShell::HasUnloadedParent() - } - return false; - } -+ -+nsresult -+nsDocShell::GetSessionStorageKey(nsIURI *aFirstPartyURI, -+ nsXPIDLCString& aOrigin, -+ nsXPIDLCString& aResult) -+{ -+ aResult.Truncate(); -+ -+ if (!aOrigin) -+ return NS_ERROR_FAILURE; -+ -+ aResult.Append(aOrigin); -+ -+ nsCOMPtr<nsIURI> firstPartyURI = aFirstPartyURI; -+ if (!firstPartyURI) { -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = -+ do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ if (!thirdPartyUtil) -+ return NS_ERROR_FAILURE; -+ -+ nsCOMPtr<nsIDocument> doc(do_GetInterface(GetAsSupports(this))); -+ nsresult rv = thirdPartyUtil->GetFirstPartyURI(nullptr, doc, -+ getter_AddRefs(firstPartyURI)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ } -+ -+ nsCAutoString host; -+ nsresult rv = firstPartyURI->GetHost(host); -+ if (NS_SUCCEEDED(rv) && (host.Length() > 0)) { -+ aResult.AppendLiteral("&"); -+ aResult.Append(host); -+ } -+ -+ return NS_OK; -+} -+ -diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h -index 427630a..4bcd341 100644 ---- a/docshell/base/nsDocShell.h -+++ b/docshell/base/nsDocShell.h -@@ -681,7 +681,7 @@ protected: - - bool HasUnloadedParent(); - -- // hash of session storages, keyed by domain -+ // hash of session storages, keyed by domain&firstPartyHost - nsInterfaceHashtable<nsCStringHashKey, nsIDOMStorage> mStorages; - - // Dimensions of the docshell -@@ -848,6 +848,10 @@ private: - static unsigned long gNumberOfDocShells; - #endif /* DEBUG */ - -+ nsresult GetSessionStorageKey(nsIURI *aFirstPartyURI, -+ nsXPIDLCString& aOrigin, -+ nsXPIDLCString& aResult); -+ - public: - class InterfaceRequestorProxy : public nsIInterfaceRequestor { - public: -diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl -index 986f4b4..4f26a04 100644 ---- a/docshell/base/nsIDocShell.idl -+++ b/docshell/base/nsIDocShell.idl -@@ -39,7 +39,7 @@ interface nsIWebBrowserPrint; - interface nsIVariant; - interface nsIPrivacyTransitionObserver; - --[scriptable, builtinclass, uuid(9b283337-097d-4fa8-a2da-916318eaf828)] -+[scriptable, builtinclass, uuid(5289f25a-1175-4b01-bc56-b1628ef097b9)] - interface nsIDocShell : nsISupports - { - /** -@@ -416,6 +416,24 @@ interface nsIDocShell : nsISupports - in boolean create); - - /* -+ * A variant of getSessionStorageForPrincipal that is used when cloning -+ * session storage during creation of new windows/tabs (the first party URI -+ * of the new window/tab must be used to generate the key that is used to -+ * access the session data). -+ * -+ * @param firstPartyURI the URL bar URI -+ * @param principal returns a storage for this principal -+ * @param documentURI new storage will be created with reference to this -+ * document.documentURI that will appear in storage event -+ * @param create If true and a session storage object doesn't -+ * already exist, a new one will be created. -+ */ -+ nsIDOMStorage getSessionStorageForFirstParty(in nsIURI firstPartyURI, -+ in nsIPrincipal principal, -+ in DOMString documentURI, -+ in boolean create); -+ -+ /* - * Add a WebApps session storage object to the docshell. - * - * @param principal the principal the storage object is associated with -@@ -423,6 +441,19 @@ interface nsIDocShell : nsISupports - */ - void addSessionStorage(in nsIPrincipal principal, in nsIDOMStorage storage); - -+ /* -+ * A variant of addSessionStorage that is used when cloning session storage -+ * during creation of new windows/tabs (the cloning must occur before the -+ * document load begins). -+ * -+ * @param firstPartyURI the URL bar URI -+ * @param principal the principal the storage object is associated with -+ * @param storage the storage object to add -+ */ -+ void addSessionStorageForFirstParty(in nsIURI firstPartyURI, -+ in nsIPrincipal principal, -+ in nsIDOMStorage storage); -+ - /** - * Clones all session storage objects and attaches them to the given docshell. - * Useful when duplicating tabs and their states. -diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp -index 48bd71d..1e16c03 100644 ---- a/dom/base/nsGlobalWindow.cpp -+++ b/dom/base/nsGlobalWindow.cpp -@@ -8385,7 +8385,18 @@ nsGlobalWindow::GetLocalStorage(nsIDOMStorage ** aLocalStorage) - nsIDocShell* docShell = GetDocShell(); - nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(docShell); - -- rv = storageManager->GetLocalStorageForPrincipal(principal, -+ nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = -+ do_GetService(THIRDPARTYUTIL_CONTRACTID); -+ if (!thirdPartyUtil) -+ return NS_ERROR_FAILURE; -+ -+ nsCOMPtr<nsIURI> firstPartyURI; -+ nsCOMPtr<nsIDocument> doc = do_QueryInterface(mDocument); -+ rv = thirdPartyUtil->GetFirstPartyURI(NULL, doc, -+ getter_AddRefs(firstPartyURI)); -+ NS_ENSURE_SUCCESS(rv, rv); -+ -+ rv = storageManager->GetLocalStorageForFirstParty(firstPartyURI, principal, - documentURI, - loadContext && loadContext->UsePrivateBrowsing(), - getter_AddRefs(mLocalStorage)); -diff --git a/dom/interfaces/storage/nsIDOMStorageManager.idl b/dom/interfaces/storage/nsIDOMStorageManager.idl -index 94b8789..21bedf0 100644 ---- a/dom/interfaces/storage/nsIDOMStorageManager.idl -+++ b/dom/interfaces/storage/nsIDOMStorageManager.idl -@@ -7,8 +7,9 @@ - - interface nsIDOMStorage; - interface nsIPrincipal; -+interface nsIURI; - --[scriptable, uuid(1541da6c-a9fb-4a8f-af9d-4493c981491d)] -+[scriptable, uuid(682edebf-7bbe-4b4b-b5f8-752cacfb2afa)] - interface nsIDOMStorageManager : nsISupports - { - /** -@@ -35,4 +36,12 @@ interface nsIDOMStorageManager : nsISupports - nsIDOMStorage getLocalStorageForPrincipal(in nsIPrincipal aPrincipal, - in DOMString aDocumentURI, - [optional] in bool aPrivate); -+ -+ /** -+ * Returns instance of localStorage object. -+ */ -+ nsIDOMStorage getLocalStorageForFirstParty(in nsIURI aFirstPartyURI, -+ in nsIPrincipal aPrincipal, -+ in DOMString aDocumentURI, -+ [optional] in bool aPrivate); - }; -diff --git a/dom/interfaces/storage/nsPIDOMStorage.h b/dom/interfaces/storage/nsPIDOMStorage.h -index fabb5cc..9f8de6b 100644 ---- a/dom/interfaces/storage/nsPIDOMStorage.h -+++ b/dom/interfaces/storage/nsPIDOMStorage.h -@@ -15,8 +15,8 @@ class nsIURI; - class nsIPrincipal; - - #define NS_PIDOMSTORAGE_IID \ --{ 0x86dfe3c4, 0x4286, 0x4648, \ -- { 0xb2, 0x09, 0x55, 0x27, 0x50, 0x59, 0x26, 0xac } } -+{ 0x0db5e488, 0x08f4, 0x4155, \ -+ { 0x81, 0x9b, 0x2b, 0x5a, 0x44, 0xaa, 0xa2, 0x45 } } - - class nsPIDOMStorage : public nsISupports - { -@@ -31,7 +31,9 @@ public: - - virtual nsresult InitAsSessionStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, - bool aPrivate) = 0; -- virtual nsresult InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, -+ virtual nsresult InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, - bool aPrivate) = 0; - - virtual already_AddRefed<nsIDOMStorage> Clone() = 0; -diff --git a/dom/src/storage/StorageChild.cpp b/dom/src/storage/StorageChild.cpp -index 6754fde..5d24973 100644 ---- a/dom/src/storage/StorageChild.cpp -+++ b/dom/src/storage/StorageChild.cpp -@@ -95,9 +95,11 @@ StorageChild::InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate) - } - - void --StorageChild::InitAsLocalStorage(nsIURI* aDomainURI, bool aCanUseChromePersist, bool aPrivate) -+StorageChild::InitAsLocalStorage(nsIURI* aFirstPartyURI, nsIURI* aDomainURI, -+ bool aCanUseChromePersist, bool aPrivate) - { -- DOMStorageBase::InitAsLocalStorage(aDomainURI, aCanUseChromePersist, aPrivate); -+ DOMStorageBase::InitAsLocalStorage(aFirstPartyURI, aDomainURI, -+ aCanUseChromePersist, aPrivate); - InitRemote(); - } - -diff --git a/dom/src/storage/StorageChild.h b/dom/src/storage/StorageChild.h -index 297f093..81ddabe 100644 ---- a/dom/src/storage/StorageChild.h -+++ b/dom/src/storage/StorageChild.h -@@ -27,7 +27,8 @@ public: - StorageChild(nsDOMStorage* aOwner, StorageChild& aOther); - - virtual void InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate); -- virtual void InitAsLocalStorage(nsIURI* aDomainURI, bool aCanUseChromePersist, bool aPrivate); -+ virtual void InitAsLocalStorage(nsIURI* aFirstPartyURI, nsIURI* aDomainURI, -+ bool aCanUseChromePersist, bool aPrivate); - - virtual bool CacheStoragePermissions(); - -diff --git a/dom/src/storage/nsDOMStorage.cpp b/dom/src/storage/nsDOMStorage.cpp -index 2dd0fbc..23e8739 100644 ---- a/dom/src/storage/nsDOMStorage.cpp -+++ b/dom/src/storage/nsDOMStorage.cpp -@@ -496,6 +496,17 @@ nsDOMStorageManager::GetLocalStorageForPrincipal(nsIPrincipal *aPrincipal, - bool aPrivate, - nsIDOMStorage **aResult) - { -+ return GetLocalStorageForFirstParty(nullptr, aPrincipal, aDocumentURI, -+ aPrivate, aResult); -+} -+ -+NS_IMETHODIMP -+nsDOMStorageManager::GetLocalStorageForFirstParty(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, -+ bool aPrivate, -+ nsIDOMStorage **aResult) -+{ - NS_ENSURE_ARG_POINTER(aPrincipal); - *aResult = nullptr; - -@@ -505,7 +516,8 @@ nsDOMStorageManager::GetLocalStorageForPrincipal(nsIPrincipal *aPrincipal, - if (!storage) - return NS_ERROR_OUT_OF_MEMORY; - -- rv = storage->InitAsLocalStorage(aPrincipal, aDocumentURI, aPrivate); -+ rv = storage->InitAsLocalStorage(aFirstPartyURI, aPrincipal, aDocumentURI, -+ aPrivate); - if (NS_FAILED(rv)) - return rv; - -@@ -622,7 +634,8 @@ DOMStorageBase::InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate) - } - - void --DOMStorageBase::InitAsLocalStorage(nsIURI* aDomainURI, -+DOMStorageBase::InitAsLocalStorage(nsIURI* aFirstPartyURI, -+ nsIURI* aDomainURI, - bool aCanUseChromePersist, - bool aPrivate) - { -@@ -634,7 +647,8 @@ DOMStorageBase::InitAsLocalStorage(nsIURI* aDomainURI, - // mPrincipal in bug 455070. It is not even used for localStorage. - aDomainURI->GetAsciiHost(mDomain); - -- nsDOMStorageDBWrapper::CreateOriginScopeDBKey(aDomainURI, mScopeDBKey); -+ nsDOMStorageDBWrapper::CreateOriginScopeDBKey(aFirstPartyURI, aDomainURI, -+ mScopeDBKey); - - // XXX Bug 357323, we have to solve the issue how to define - // origin for file URLs. In that case CreateOriginScopeDBKey -@@ -642,9 +656,9 @@ DOMStorageBase::InitAsLocalStorage(nsIURI* aDomainURI, - // in that case because it produces broken entries w/o owner. - mUseDB = !mScopeDBKey.IsEmpty(); - -- nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(mDomain, -+ nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(aFirstPartyURI, mDomain, - true, false, mQuotaDomainDBKey); -- nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(mDomain, -+ nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(aFirstPartyURI, mDomain, - true, true, mQuotaETLDplus1DomainDBKey); - mCanUseChromePersist = aCanUseChromePersist; - mStorageType = nsPIDOMStorage::LocalStorage; -@@ -763,11 +777,13 @@ DOMStorageImpl::InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate) - } - - void --DOMStorageImpl::InitAsLocalStorage(nsIURI* aDomainURI, -+DOMStorageImpl::InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIURI* aDomainURI, - bool aCanUseChromePersist, - bool aPrivate) - { -- DOMStorageBase::InitAsLocalStorage(aDomainURI, aCanUseChromePersist, aPrivate); -+ DOMStorageBase::InitAsLocalStorage(aFirstPartyURI, aDomainURI, -+ aCanUseChromePersist, aPrivate); - } - - bool -@@ -1352,7 +1368,9 @@ nsDOMStorage::InitAsSessionStorage(nsIPrincipal *aPrincipal, const nsSubstring & - } - - nsresult --nsDOMStorage::InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, -+nsDOMStorage::InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, - bool aPrivate) - { - nsCOMPtr<nsIURI> domainURI; -@@ -1370,7 +1388,8 @@ nsDOMStorage::InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aD - canUseChromePersist = URICanUseChromePersist(URI); - } - -- mStorageImpl->InitAsLocalStorage(domainURI, canUseChromePersist, aPrivate); -+ mStorageImpl->InitAsLocalStorage(aFirstPartyURI, domainURI, -+ canUseChromePersist, aPrivate); - return NS_OK; - } - -@@ -1782,7 +1801,9 @@ nsDOMStorage2::InitAsSessionStorage(nsIPrincipal *aPrincipal, const nsSubstring - } - - nsresult --nsDOMStorage2::InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, -+nsDOMStorage2::InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, - bool aPrivate) - { - mStorage = new nsDOMStorage(); -@@ -1792,7 +1813,8 @@ nsDOMStorage2::InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &a - mPrincipal = aPrincipal; - mDocumentURI = aDocumentURI; - -- return mStorage->InitAsLocalStorage(aPrincipal, aDocumentURI, aPrivate); -+ return mStorage->InitAsLocalStorage(aFirstPartyURI, aPrincipal, -+ aDocumentURI, aPrivate); - } - - already_AddRefed<nsIDOMStorage> -diff --git a/dom/src/storage/nsDOMStorage.h b/dom/src/storage/nsDOMStorage.h -index 7add846..b795397 100644 ---- a/dom/src/storage/nsDOMStorage.h -+++ b/dom/src/storage/nsDOMStorage.h -@@ -114,7 +114,8 @@ public: - DOMStorageBase(DOMStorageBase&); - - virtual void InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate); -- virtual void InitAsLocalStorage(nsIURI* aDomainURI, bool aCanUseChromePersist, bool aPrivate); -+ virtual void InitAsLocalStorage(nsIURI* aFirstPartyURI, nsIURI* aDomainURI, -+ bool aCanUseChromePersist, bool aPrivate); - - virtual nsTArray<nsString>* GetKeys(bool aCallerSecure) = 0; - virtual nsresult GetLength(bool aCallerSecure, uint32_t* aLength) = 0; -@@ -221,7 +222,8 @@ public: - ~DOMStorageImpl(); - - virtual void InitAsSessionStorage(nsIURI* aDomainURI, bool aPrivate); -- virtual void InitAsLocalStorage(nsIURI* aDomainURI, bool aCanUseChromePersist, bool aPrivate); -+ virtual void InitAsLocalStorage(nsIURI *aFirstPartyURI, nsIURI* aDomainURI, -+ bool aCanUseChromePersist, bool aPrivate); - - bool SessionOnly() { - return mSessionOnly; -@@ -336,7 +338,9 @@ public: - // nsPIDOMStorage - virtual nsresult InitAsSessionStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, - bool aPrivate); -- virtual nsresult InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, -+ virtual nsresult InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, - bool aPrivate); - virtual already_AddRefed<nsIDOMStorage> Clone(); - virtual already_AddRefed<nsIDOMStorage> Fork(const nsSubstring &aDocumentURI); -@@ -411,7 +415,9 @@ public: - // nsPIDOMStorage - virtual nsresult InitAsSessionStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, - bool aPrivate); -- virtual nsresult InitAsLocalStorage(nsIPrincipal *aPrincipal, const nsSubstring &aDocumentURI, -+ virtual nsresult InitAsLocalStorage(nsIURI *aFirstPartyURI, -+ nsIPrincipal *aPrincipal, -+ const nsSubstring &aDocumentURI, - bool aPrivate); - virtual already_AddRefed<nsIDOMStorage> Clone(); - virtual already_AddRefed<nsIDOMStorage> Fork(const nsSubstring &aDocumentURI); -diff --git a/dom/src/storage/nsDOMStorageDBWrapper.cpp b/dom/src/storage/nsDOMStorageDBWrapper.cpp -index bd2581b..048738a 100644 ---- a/dom/src/storage/nsDOMStorageDBWrapper.cpp -+++ b/dom/src/storage/nsDOMStorageDBWrapper.cpp -@@ -47,7 +47,6 @@ nsDOMStorageDBWrapper::~nsDOMStorageDBWrapper() - void - nsDOMStorageDBWrapper::Close() - { -- mPersistentDB.Close(); - mChromePersistentDB.Close(); - } - -@@ -56,13 +55,13 @@ nsDOMStorageDBWrapper::Init() - { - nsresult rv; - -- rv = mPersistentDB.Init(NS_LITERAL_STRING("webappsstore.sqlite")); -+ rv = mPersistentDB.Init(); - NS_ENSURE_SUCCESS(rv, rv); - - rv = mChromePersistentDB.Init(NS_LITERAL_STRING("chromeappsstore.sqlite")); - NS_ENSURE_SUCCESS(rv, rv); - -- rv = mSessionOnlyDB.Init(&mPersistentDB); -+ rv = mSessionOnlyDB.Init(); - NS_ENSURE_SUCCESS(rv, rv); - - rv = mPrivateBrowsingDB.Init(); -@@ -74,16 +73,14 @@ nsDOMStorageDBWrapper::Init() - nsresult - nsDOMStorageDBWrapper::FlushAndDeleteTemporaryTables(bool force) - { -- nsresult rv1, rv2; -+ nsresult rv1; - rv1 = mChromePersistentDB.FlushTemporaryTables(force); -- rv2 = mPersistentDB.FlushTemporaryTables(force); - - // Everything flushed? Then no need for a timer. -- if (!mChromePersistentDB.mTempTableLoads.Count() && -- !mPersistentDB.mTempTableLoads.Count()) -+ if (!mChromePersistentDB.mTempTableLoads.Count()) - StopTempTableFlushTimer(); - -- return NS_FAILED(rv1) ? rv1 : rv2; -+ return rv1; - } - - #define IMPL_FORWARDER_GUTS(_return, _code) \ -@@ -243,7 +240,8 @@ nsDOMStorageDBWrapper::GetUsage(const nsACString& aDomain, - } - - nsresult --nsDOMStorageDBWrapper::CreateOriginScopeDBKey(nsIURI* aUri, nsACString& aKey) -+nsDOMStorageDBWrapper::CreateOriginScopeDBKey(nsIURI *aFirstPartyURI, -+ nsIURI* aUri, nsACString& aKey) - { - nsresult rv; - -@@ -264,6 +262,17 @@ nsDOMStorageDBWrapper::CreateOriginScopeDBKey(nsIURI* aUri, nsACString& aKey) - aKey.Append(nsPrintfCString("%d", port)); - } - -+ // Isolate scope keys to the URL bar domain by appending &firstPartyHost -+ // if available. -+ if (aFirstPartyURI) { -+ nsCAutoString host; -+ rv = aFirstPartyURI->GetHost(host); -+ if (NS_SUCCEEDED(rv) && (host.Length() > 0)) { -+ aKey.AppendLiteral("&"); -+ aKey.Append(host); -+ } -+ } -+ - return NS_OK; - } - -@@ -317,7 +326,8 @@ nsDOMStorageDBWrapper::CreateDomainScopeDBKey(const nsACString& aAsciiDomain, - } - - nsresult --nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(const nsACString& aAsciiDomain, -+nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(nsIURI *aFirstPartyURI, -+ const nsACString& aAsciiDomain, - bool aIncludeSubDomains, - bool aEffectiveTLDplus1Only, - nsACString& aKey) -@@ -351,6 +361,17 @@ nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(const nsACString& aAsciiDomain, - if (!aIncludeSubDomains) - subdomainsDBKey.AppendLiteral(":"); - -+ // Isolate quota keys to the URL bar domain by appending &firstPartyHost -+ // if available. -+ if (aFirstPartyURI) { -+ nsCAutoString host; -+ rv = aFirstPartyURI->GetHost(host); -+ if (NS_SUCCEEDED(rv) && (host.Length() > 0)) { -+ subdomainsDBKey.AppendLiteral("&"); -+ subdomainsDBKey.Append(host); -+ } -+ } -+ - aKey.Assign(subdomainsDBKey); - return NS_OK; - } -diff --git a/dom/src/storage/nsDOMStorageDBWrapper.h b/dom/src/storage/nsDOMStorageDBWrapper.h -index 94d28af..60a4f91 100644 ---- a/dom/src/storage/nsDOMStorageDBWrapper.h -+++ b/dom/src/storage/nsDOMStorageDBWrapper.h -@@ -178,9 +178,11 @@ public: - /** - * Turns "http://foo.bar.com:80" to "moc.rab.oof.:http:80", - * i.e. reverses the host, appends a dot, appends the schema -- * and a port number. -+ * and a port number. If aFirstPartyURI is present, the first party -+ * host is appended, e.g., "moc.rab.oof.:http:80:example.com" - */ -- static nsresult CreateOriginScopeDBKey(nsIURI* aUri, nsACString& aKey); -+ static nsresult CreateOriginScopeDBKey(nsIURI *aFirstPartyURI, -+ nsIURI* aUri, nsACString& aKey); - - /** - * Turns "http://foo.bar.com" to "moc.rab.oof.", -@@ -192,9 +194,11 @@ public: - /** - * Turns "foo.bar.com" to "moc.rab.", - * i.e. extracts eTLD+1 from the host, reverses the result -- * and appends a dot. -+ * and appends a dot. If aFirstPartyURI is present, the first party -+ * host is appended, e.g., "moc.rab.:example.com" - */ -- static nsresult CreateQuotaDomainDBKey(const nsACString& aAsciiDomain, -+ static nsresult CreateQuotaDomainDBKey(nsIURI *aFirstPartyURI, -+ const nsACString& aAsciiDomain, - bool aIncludeSubDomains, bool aETLDplus1Only, - nsACString& aKey); - -@@ -222,7 +226,7 @@ public: - - protected: - nsDOMStoragePersistentDB mChromePersistentDB; -- nsDOMStoragePersistentDB mPersistentDB; -+ nsDOMStorageMemoryDB mPersistentDB; // No longer an nsDOMStoragePersistentDB - nsDOMStorageMemoryDB mSessionOnlyDB; - nsDOMStorageMemoryDB mPrivateBrowsingDB; - -diff --git a/dom/src/storage/nsDOMStorageMemoryDB.cpp b/dom/src/storage/nsDOMStorageMemoryDB.cpp -index 5cc2e5d..639f516 100644 ---- a/dom/src/storage/nsDOMStorageMemoryDB.cpp -+++ b/dom/src/storage/nsDOMStorageMemoryDB.cpp -@@ -382,7 +382,12 @@ nsDOMStorageMemoryDB::GetUsage(const nsACString& aDomain, - nsresult rv; - - nsCAutoString quotadomainDBKey; -- rv = nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(aDomain, -+ // This GetUsage() call is only used to report usage totals in the -+ // preferences and page info. UI, and only for sites that have been -+ // granted "offline application" permission. Since we pass nullptr -+ // for the firstPartURI, the usage total returned will not be -+ // partitioned by first party, which is OK for the UI. -+ rv = nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(nullptr, aDomain, - aIncludeSubDomains, - false, - quotadomainDBKey); -@@ -395,6 +400,7 @@ struct GetUsageEnumStruc - { - int32_t mUsage; - int32_t mExcludeOfflineFromUsage; -+ nsCString mFirstPartyHostSuffix; // e.g., &example.com - nsCString mSubdomain; - }; - -@@ -405,7 +411,9 @@ GetUsageEnum(const nsACString& key, - { - GetUsageEnumStruc* struc = (GetUsageEnumStruc*)closure; - -- if (StringBeginsWith(key, struc->mSubdomain)) { -+ if (StringBeginsWith(key, struc->mSubdomain) && -+ ((0 == struc->mFirstPartyHostSuffix.Length()) || -+ StringEndsWith(key, struc->mFirstPartyHostSuffix))) { - if (struc->mExcludeOfflineFromUsage) { - nsCAutoString domain; - nsresult rv = nsDOMStorageDBWrapper::GetDomainFromScopeKey(key, domain); -@@ -428,6 +436,15 @@ nsDOMStorageMemoryDB::GetUsageInternal(const nsACString& aQuotaDomainDBKey, - struc.mUsage = 0; - struc.mExcludeOfflineFromUsage = aExcludeOfflineFromUsage; - struc.mSubdomain = aQuotaDomainDBKey; -+ nsCAutoString tmpQuotaKey(aQuotaDomainDBKey); -+ int32_t idx = tmpQuotaKey.RFindChar('&'); -+ if (idx > 0) { -+ const nsDependentCSubstring& tmpStr = Substring(tmpQuotaKey, idx); -+ if (tmpStr.Length() > 1) { -+ struc.mFirstPartyHostSuffix = tmpStr; -+ struc.mSubdomain = Substring(tmpQuotaKey, 0, idx - 1); -+ } -+ } - - if (mPreloadDB) { - nsresult rv; -diff --git a/dom/src/storage/nsDOMStoragePersistentDB.cpp b/dom/src/storage/nsDOMStoragePersistentDB.cpp -index 93ad303..7814a60 100644 ---- a/dom/src/storage/nsDOMStoragePersistentDB.cpp -+++ b/dom/src/storage/nsDOMStoragePersistentDB.cpp -@@ -813,7 +813,13 @@ nsDOMStoragePersistentDB::GetUsage(const nsACString& aDomain, - nsresult rv; - - nsCAutoString quotadomainDBKey; -- rv = nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(aDomain, -+ // This GetUsage() call is only used to report usage totals in the -+ // preferences and page info. UI, and only for sites that have been -+ // granted "offline application" permission. Since we pass nullptr -+ // for the firstPartURI, the usage total returned will not be -+ // partitioned by first party, which is OK for the UI. -+ // Also, Tor does not use currently use nsDOMStoragePersistentDB. -+ rv = nsDOMStorageDBWrapper::CreateQuotaDomainDBKey(nullptr, aDomain, - aIncludeSubDomains, - false, - quotadomainDBKey); -diff --git a/embedding/components/windowwatcher/src/nsWindowWatcher.cpp b/embedding/components/windowwatcher/src/nsWindowWatcher.cpp -index 6abbed7..0bad9ed 100644 ---- a/embedding/components/windowwatcher/src/nsWindowWatcher.cpp -+++ b/embedding/components/windowwatcher/src/nsWindowWatcher.cpp -@@ -963,14 +963,15 @@ nsWindowWatcher::OpenWindowInternal(nsIDOMWindow *aParent, - - if (subjectPrincipal && parentDocShell) { - nsCOMPtr<nsIDOMStorage> storage; -- parentDocShell->GetSessionStorageForPrincipal(subjectPrincipal, -+ parentDocShell->GetSessionStorageForFirstParty(uriToLoad, subjectPrincipal, - EmptyString(), false, - getter_AddRefs(storage)); - nsCOMPtr<nsPIDOMStorage> piStorage = - do_QueryInterface(storage); - if (piStorage){ - storage = piStorage->Clone(); -- newDocShell->AddSessionStorage( -+ newDocShell->AddSessionStorageForFirstParty( -+ uriToLoad, - piStorage->Principal(), - storage); - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0027-Remove-This-plugin-is-disabled-barrier.patch b/src/current-patches/firefox/0027-Remove-This-plugin-is-disabled-barrier.patch deleted file mode 100644 index 53ecfba..0000000 --- a/src/current-patches/firefox/0027-Remove-This-plugin-is-disabled-barrier.patch +++ /dev/null @@ -1,46 +0,0 @@ -From cc9807d0dc7907cddfcd4053f26ca6ad01b5a070 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 28 Feb 2013 17:41:57 -0800 -Subject: [PATCH 27/27] Remove "This plugin is disabled" barrier. - -We do not want to encourage our users to enable plugins at this point. - -The barrier also causes bad UX for HTML5 video fallback on YouTube. ---- - browser/base/content/browser-plugins.js | 6 ++++-- - toolkit/mozapps/plugins/content/pluginProblem.xml | 2 +- - 2 files changed, 5 insertions(+), 3 deletions(-) - -diff --git a/browser/base/content/browser-plugins.js b/browser/base/content/browser-plugins.js -index c2abebf..655c2bf 100644 ---- a/browser/base/content/browser-plugins.js -+++ b/browser/base/content/browser-plugins.js -@@ -228,8 +228,10 @@ var gPluginHandler = { - break; - - case "PluginDisabled": -- let manageLink = doc.getAnonymousElementByAttribute(plugin, "class", "managePluginsLink"); -- self.addLinkClickCallback(manageLink, "managePlugins"); -+ // Screw the disabled message. It messes with HTML5 fallback on YouTube -+ let plugin_overlay = doc.getAnonymousElementByAttribute(plugin, "class", "mainBox"); -+ if (plugin_overlay != null) -+ plugin_overlay.style.visibility = "hidden"; - break; - - case "PluginScripted": -diff --git a/toolkit/mozapps/plugins/content/pluginProblem.xml b/toolkit/mozapps/plugins/content/pluginProblem.xml -index f61cb48..ed83569 100644 ---- a/toolkit/mozapps/plugins/content/pluginProblem.xml -+++ b/toolkit/mozapps/plugins/content/pluginProblem.xml -@@ -38,7 +38,7 @@ - <html:div class="installStatus"> - <html:div class="msg msgInstallPlugin"><html:a class="installPluginLink" href="">&installPlugin;</html:a></html:div> - </html:div> -- <html:div class="msg msgManagePlugins"><html:a class="managePluginsLink" href="">&managePlugins;</html:a></html:div> -+ <html:div class="msg msgManagePlugins"><html:a class="managePluginsLink" href=""></html:a></html:div> - <html:div class="submitStatus"> - <!-- links set at runtime --> - <html:div class="msg msgPleaseSubmit"><html:a class="pleaseSubmitLink" href="">&report.please;</html:a></html:div> --- -1.7.5.4 - diff --git a/src/current-patches/firefox/0028-Use-Optimistic-Data-SOCKS-variant.patch b/src/current-patches/firefox/0028-Use-Optimistic-Data-SOCKS-variant.patch deleted file mode 100644 index b6d43c1..0000000 --- a/src/current-patches/firefox/0028-Use-Optimistic-Data-SOCKS-variant.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 64548e75e1cb68a2449b001629c0ee0d10636d90 Mon Sep 17 00:00:00 2001 -From: Tao Wang t55wang@uwaterloo.ca -Date: Tue, 2 Apr 2013 15:56:49 -0700 -Subject: [PATCH 28/28] Use Optimistic Data SOCKS variant. - -This patch alters Firefox's SOCKS handshake to preemptively send data before -it is actually connected. This allows us to save a round trip during -connection setup. - -See: -https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/181-optimisti... ---- - netwerk/base/src/nsSocketTransport2.cpp | 20 ++++++++++++++++++-- - netwerk/base/src/nsSocketTransport2.h | 4 +++- - netwerk/socket/nsSOCKSIOLayer.cpp | 4 +++- - 3 files changed, 24 insertions(+), 4 deletions(-) - -diff --git a/netwerk/base/src/nsSocketTransport2.cpp b/netwerk/base/src/nsSocketTransport2.cpp -index 15870bb..668d18f 100644 ---- a/netwerk/base/src/nsSocketTransport2.cpp -+++ b/netwerk/base/src/nsSocketTransport2.cpp -@@ -1543,9 +1543,25 @@ nsSocketTransport::OnSocketReady(PRFileDesc *fd, int16_t outFlags) - // Update poll timeout in case it was changed - mPollTimeout = mTimeouts[TIMEOUT_READ_WRITE]; - } -- else if (mState == STATE_CONNECTING) { -+ -+//STATE_SENDINGGET: handshake proceeded to state "sent connect" -+//one more poll to OnSocketReady will trigger the get request, and state STATE_SENTGET -+//STATE_SENTGET: continue and finish handshake -+ else if (mState == STATE_SENDINGGET) { -+ if ((mPollFlags & PR_POLL_WRITE) && (outFlags & ~PR_POLL_READ)) { -+ mOutput.OnSocketReady(NS_OK); -+ } -+ mPollTimeout = mTimeouts[TIMEOUT_READ_WRITE]; -+ mState = STATE_SENTGET; -+ } -+ -+ else if (mState == STATE_CONNECTING || mState == STATE_SENTGET) { - PRStatus status = PR_ConnectContinue(fd, outFlags); -- if (status == PR_SUCCESS) { -+ if (status == PR_SUCCESS && mState == STATE_CONNECTING) { -+ OnSocketConnected(); -+ mState = STATE_SENDINGGET; -+ } -+ else if (status == PR_SUCCESS && mState == STATE_SENTGET) { - // - // we are connected! - // -diff --git a/netwerk/base/src/nsSocketTransport2.h b/netwerk/base/src/nsSocketTransport2.h -index d9ac3d3..0c92d0a 100644 ---- a/netwerk/base/src/nsSocketTransport2.h -+++ b/netwerk/base/src/nsSocketTransport2.h -@@ -154,7 +154,9 @@ private: - STATE_IDLE, - STATE_RESOLVING, - STATE_CONNECTING, -- STATE_TRANSFERRING -+ STATE_TRANSFERRING, -+ STATE_SENDINGGET, -+ STATE_SENTGET - }; - - //------------------------------------------------------------------------- -diff --git a/netwerk/socket/nsSOCKSIOLayer.cpp b/netwerk/socket/nsSOCKSIOLayer.cpp -index 24edc78..64f6001 100644 ---- a/netwerk/socket/nsSOCKSIOLayer.cpp -+++ b/netwerk/socket/nsSOCKSIOLayer.cpp -@@ -77,7 +77,9 @@ public: - void SetConnectTimeout(PRIntervalTime to); - PRStatus DoHandshake(PRFileDesc *fd, int16_t oflags = -1); - int16_t GetPollFlags() const; -- bool IsConnected() const { return mState == SOCKS_CONNECTED; } -+ bool IsConnected() const { return (mState == SOCKS_CONNECTED || -+ mState == SOCKS5_READ_CONNECT_RESPONSE_TOP); } -+ - void ForgetFD() { mFD = nullptr; } - - private: --- -1.7.9.5 - diff --git a/src/current-patches/firefox/0029-Disable-library-timestamping.patch b/src/current-patches/firefox/0029-Disable-library-timestamping.patch deleted file mode 100644 index 8a37556..0000000 --- a/src/current-patches/firefox/0029-Disable-library-timestamping.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 756c1673881ae104e20305fadad41cfea5f04608 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 1 Jan 1970 00:00:00 +0000 -Subject: [PATCH 29/29] Disable library timestamping. - -This timestamp prevents deterministic builds, and is set in a way that -libfaketime can't correct. ---- - nsprpub/config/now.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/nsprpub/config/now.c b/nsprpub/config/now.c -index 165b924..5e07a72 100644 ---- a/nsprpub/config/now.c -+++ b/nsprpub/config/now.c -@@ -14,7 +14,7 @@ - #error "Architecture not supported" - #endif - -- -+#define OMIT_LIB_BUILD_TIME - int main(int argc, char **argv) - { - #if defined(OMIT_LIB_BUILD_TIME) --- -1.7.9.5 -