ma1 pushed to branch base-browser-128.8.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
-
21515074
by Tara at 2025-03-11T15:57:27+01:00
-
d5800762
by John Schanck at 2025-03-11T15:57:32+01:00
-
9faca754
by Jeff Boek at 2025-03-11T15:57:33+01:00
-
7759f889
by Tom Schuster at 2025-03-11T15:57:35+01:00
-
0beebec4
by Tom Schuster at 2025-03-11T15:57:36+01:00
11 changed files:
- browser/components/privatebrowsing/content/aboutPrivateBrowsing.html
- browser/components/protections/content/protections.html
- mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt
- mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt
- mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt
- mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt
- mobile/android/android-components/components/feature/prompts/src/main/java/mozilla/components/feature/prompts/PromptFeature.kt
- mobile/android/fenix/app/src/main/java/org/mozilla/fenix/HomeActivity.kt
- mobile/android/fenix/app/src/main/java/org/mozilla/fenix/customtabs/ExternalAppBrowserActivity.kt
- mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java
- mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java
Changes:
| ... | ... | @@ -10,7 +10,7 @@ |
| 10 | 10 | <meta charset="utf-8" />
|
| 11 | 11 | <meta
|
| 12 | 12 | http-equiv="Content-Security-Policy"
|
| 13 | - content="default-src chrome: blob:; object-src 'none'"
|
|
| 13 | + content="default-src chrome:; img-src chrome: blob:; object-src 'none';"
|
|
| 14 | 14 | />
|
| 15 | 15 | <meta name="color-scheme" content="light dark" />
|
| 16 | 16 | <link rel="icon" href="chrome://browser/skin/privatebrowsing/favicon.svg" />
|
| ... | ... | @@ -8,7 +8,7 @@ |
| 8 | 8 | <meta charset="utf-8" />
|
| 9 | 9 | <meta
|
| 10 | 10 | http-equiv="Content-Security-Policy"
|
| 11 | - content="default-src chrome: blob:; object-src 'none'"
|
|
| 11 | + content="default-src chrome:; object-src 'none'"
|
|
| 12 | 12 | />
|
| 13 | 13 | <meta name="color-scheme" content="light dark" />
|
| 14 | 14 | <link rel="localization" href="branding/brand.ftl" />
|
| ... | ... | @@ -1818,7 +1818,7 @@ class GeckoEngineSession( |
| 1818 | 1818 | internal const val ABOUT_BLANK = "about:blank"
|
| 1819 | 1819 | internal const val JS_SCHEME = "javascript"
|
| 1820 | 1820 | internal val BLOCKED_SCHEMES =
|
| 1821 | - listOf("file", "resource", JS_SCHEME) // See 1684761 and 1684947
|
|
| 1821 | + listOf("file", "resource", "fido", JS_SCHEME) // See 1684761 and 1684947
|
|
| 1822 | 1822 | |
| 1823 | 1823 | /**
|
| 1824 | 1824 | * Provides an ErrorType corresponding to the error code provided.
|
| ... | ... | @@ -631,6 +631,11 @@ class GeckoEngineSessionTest { |
| 631 | 631 | engineSession.loadUrl("RESOURCE://package/test.text")
|
| 632 | 632 | verify(geckoSession, never()).load(GeckoSession.Loader().uri("resource://package/test.text"))
|
| 633 | 633 | verify(geckoSession, never()).load(GeckoSession.Loader().uri("RESOURCE://package/test.text"))
|
| 634 | + |
|
| 635 | + engineSession.loadUrl("fido:/12345678")
|
|
| 636 | + engineSession.loadUrl("FIDO:/12345678")
|
|
| 637 | + verify(geckoSession, never()).load(GeckoSession.Loader().uri("fido:/12345678"))
|
|
| 638 | + verify(geckoSession, never()).load(GeckoSession.Loader().uri("FIDO:/12345678"))
|
|
| 634 | 639 | }
|
| 635 | 640 | |
| 636 | 641 | @Test
|
| ... | ... | @@ -313,6 +313,7 @@ class AppLinksUseCases( |
| 313 | 313 | "https", "moz-extension", "moz-safe-about", "resource", "view-source", "ws", "wss", "blob",
|
| 314 | 314 | )
|
| 315 | 315 | |
| 316 | - internal val ALWAYS_DENY_SCHEMES: Set<String> = setOf("jar", "file", "javascript", "data", "about", "content")
|
|
| 316 | + internal val ALWAYS_DENY_SCHEMES: Set<String> =
|
|
| 317 | + setOf("jar", "file", "javascript", "data", "about", "content", "fido")
|
|
| 317 | 318 | }
|
| 318 | 319 | } |
| ... | ... | @@ -47,6 +47,7 @@ class AppLinksUseCasesTest { |
| 47 | 47 | private val javascriptUrl = "javascript:'hello, world'"
|
| 48 | 48 | private val jarUrl = "jar:file://some/path/test.html"
|
| 49 | 49 | private val contentUrl = "content://media/external_primary/downloads/12345"
|
| 50 | + private val fidoPath = "fido:12345678"
|
|
| 50 | 51 | private val fileType = "audio/mpeg"
|
| 51 | 52 | private val layerUrl = "https://example.com"
|
| 52 | 53 | private val layerPackage = "com.example.app"
|
| ... | ... | @@ -215,6 +216,15 @@ class AppLinksUseCasesTest { |
| 215 | 216 | assertFalse(redirect.isRedirect())
|
| 216 | 217 | }
|
| 217 | 218 | |
| 219 | + @Test
|
|
| 220 | + fun `A fido url is not an app link`() {
|
|
| 221 | + val context = createContext(Triple(fidoPath, appPackage, ""))
|
|
| 222 | + val subject = AppLinksUseCases(context, { true })
|
|
| 223 | + |
|
| 224 | + val redirect = subject.interceptedAppLinkRedirect(fidoPath)
|
|
| 225 | + assertFalse(redirect.isRedirect())
|
|
| 226 | + }
|
|
| 227 | + |
|
| 218 | 228 | @Test
|
| 219 | 229 | fun `Will not redirect app link if browser option set to false and scheme is supported`() {
|
| 220 | 230 | val context = createContext(Triple(appUrl, appPackage, ""))
|
| ... | ... | @@ -9,6 +9,7 @@ import android.content.Intent |
| 9 | 9 | import androidx.annotation.VisibleForTesting
|
| 10 | 10 | import androidx.annotation.VisibleForTesting.Companion.PRIVATE
|
| 11 | 11 | import androidx.core.view.isVisible
|
| 12 | +import androidx.fragment.app.DialogFragment
|
|
| 12 | 13 | import androidx.fragment.app.Fragment
|
| 13 | 14 | import androidx.fragment.app.FragmentManager
|
| 14 | 15 | import kotlinx.coroutines.CoroutineScope
|
| ... | ... | @@ -1094,7 +1095,15 @@ class PromptFeature private constructor( |
| 1094 | 1095 | emitPromptDismissedFact(promptName = promptRequest::class.simpleName.ifNullOrEmpty { "" })
|
| 1095 | 1096 | }
|
| 1096 | 1097 | |
| 1098 | + @VisibleForTesting
|
|
| 1099 | + internal fun redirectDialogFragmentIsActive() =
|
|
| 1100 | + (fragmentManager.findFragmentByTag("SHOULD_OPEN_APP_LINK_PROMPT_DIALOG") as? DialogFragment) != null
|
|
| 1101 | + |
|
| 1097 | 1102 | private fun canShowThisPrompt(promptRequest: PromptRequest): Boolean {
|
| 1103 | + if (redirectDialogFragmentIsActive()) {
|
|
| 1104 | + return false
|
|
| 1105 | + }
|
|
| 1106 | + |
|
| 1098 | 1107 | return when (promptRequest) {
|
| 1099 | 1108 | is SingleChoice,
|
| 1100 | 1109 | is MultipleChoice,
|
| ... | ... | @@ -798,7 +798,7 @@ open class HomeActivity : LocaleAwareAppCompatActivity(), NavHostActivity { |
| 798 | 798 | return false
|
| 799 | 799 | }
|
| 800 | 800 | |
| 801 | - final override fun dispatchTouchEvent(ev: MotionEvent?): Boolean {
|
|
| 801 | + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean {
|
|
| 802 | 802 | ProfilerMarkers.addForDispatchTouchEvent(components.core.engine.profiler, ev)
|
| 803 | 803 | return super.dispatchTouchEvent(ev)
|
| 804 | 804 | }
|
| ... | ... | @@ -7,6 +7,7 @@ package org.mozilla.fenix.customtabs |
| 7 | 7 | import android.app.assist.AssistContent
|
| 8 | 8 | import android.net.Uri
|
| 9 | 9 | import android.os.Build
|
| 10 | +import android.view.MotionEvent
|
|
| 10 | 11 | import androidx.annotation.RequiresApi
|
| 11 | 12 | import androidx.annotation.VisibleForTesting
|
| 12 | 13 | import mozilla.components.browser.state.selector.findCustomTab
|
| ... | ... | @@ -24,6 +25,8 @@ const val EXTRA_IS_SANDBOX_CUSTOM_TAB = "org.mozilla.fenix.customtabs.EXTRA_IS_S |
| 24 | 25 | */
|
| 25 | 26 | @Suppress("TooManyFunctions")
|
| 26 | 27 | open class ExternalAppBrowserActivity : HomeActivity() {
|
| 28 | + var isFinishedAnimating = false
|
|
| 29 | + |
|
| 27 | 30 | override fun onResume() {
|
| 28 | 31 | super.onResume()
|
| 29 | 32 | |
| ... | ... | @@ -74,4 +77,17 @@ open class ExternalAppBrowserActivity : HomeActivity() { |
| 74 | 77 | val currentTabUrl = getExternalTab()?.content?.url
|
| 75 | 78 | outContent?.webUri = currentTabUrl?.let { Uri.parse(it) }
|
| 76 | 79 | }
|
| 80 | + |
|
| 81 | + override fun dispatchTouchEvent(ev: MotionEvent?): Boolean {
|
|
| 82 | + if (!isFinishedAnimating) {
|
|
| 83 | + return true
|
|
| 84 | + }
|
|
| 85 | + |
|
| 86 | + return super.dispatchTouchEvent(ev)
|
|
| 87 | + }
|
|
| 88 | + |
|
| 89 | + override fun onEnterAnimationComplete() {
|
|
| 90 | + super.onEnterAnimationComplete()
|
|
| 91 | + isFinishedAnimating = true
|
|
| 92 | + }
|
|
| 77 | 93 | } |
| ... | ... | @@ -76,6 +76,10 @@ public class IntentUtils { |
| 76 | 76 | return getSafeIntent(aUri) != null;
|
| 77 | 77 | }
|
| 78 | 78 | |
| 79 | + if ("fido".equals(scheme)) {
|
|
| 80 | + return false;
|
|
| 81 | + }
|
|
| 82 | + |
|
| 79 | 83 | return true;
|
| 80 | 84 | }
|
| 81 | 85 |
| ... | ... | @@ -63,4 +63,10 @@ public class IntentUtilsTest { |
| 63 | 63 | final String uri = "intent:non_scheme_intent#Intent;end";
|
| 64 | 64 | assertTrue(IntentUtils.isUriSafeForScheme(uri));
|
| 65 | 65 | }
|
| 66 | + |
|
| 67 | + @Test
|
|
| 68 | + public void unsafeFidoUri() {
|
|
| 69 | + final String uri = "fido:/12345678";
|
|
| 70 | + assertFalse(IntentUtils.isUriSafeForScheme(uri));
|
|
| 71 | + }
|
|
| 66 | 72 | } |