[tor-messenger-build/master] Trac 17471: Review Tor Browser preferences - tor-commits

5 Nov 2016

commit dbf84f58f53d363937c0ec5bbc0c77ccc6c38d3d
Author: Arlo Breault arlolra@gmail.com
Date:   Sat Nov 5 09:26:40 2016 -0700
Trac 17471: Review Tor Browser preferences
---
 ChangeLog                                          |  16 +-
 .../0001-Set-Tor-Messenger-preferences.patch       | 443 +++++++++++++++++----
 ...0002-Trac-16489-Prevent-account-autologin.patch |   2 +-
 ...Support-Special-Characters-input-prompt-o.patch |   2 +-
 ...Better-error-reporting-for-failed-outgoin.patch |   2 +-
 .../0005-Trac-13312-OTR-over-Twitter-DMs.patch     |   2 +-
 ...-Fix-tab-strip-background-colour-on-OS-X..patch |   2 +-
 ...-XMPP-createConversation-should-handle-in.patch |   2 +-
 ...-Set-_userVCard-own-property-when-downloa.patch |   2 +-
 .../0009-XMPP-in-band-registration.patch           |   2 +-
 .../instantbird/0010-Remove-search-from-UI.patch   |   2 +-
 .../0011-Add-Tor-Messenger-branding.patch          |   2 +-
 projects/instantbird/0012-Account-picture.patch    |   2 +-
 .../0013-Modify-protocol-defaults.patch            |   2 +-
 .../instantbird/0014-Modify-IRC-defaults.patch     |   2 +-
 projects/instantbird/0015-Modify-themes.patch      |   2 +-
 .../instantbird/0016-Modify-XMPP-defaults.patch    |   2 +-
 projects/instantbird/0017-Remove-logging-UI.patch  |   2 +-
 projects/instantbird/0018-Cert-override.patch      |   2 +-
 .../0019-Display-all-traffic-over-Tor.patch        |   2 +-
 .../instantbird/0020-Trac-17480-Content-sink.patch |   2 +-
 .../0021-SASL-ECDSA-NIST256P-CHALLENGE.patch       |   2 +-
 ...-msg-is-not-defined-error-in-irc.js-chang.patch |   2 +-
 23 files changed, 399 insertions(+), 102 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b6dc6b4..c8fb3ae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,18 +1,20 @@
 Tor Messenger 0.3.0b1 --
  * All Platforms
-   * Use the tor-browser-45.4.0esr-6.0-1 branch on tor-browser
+   * Use the tor-browser-45.4.0esr-6.0-1 branch (41f1c54a) on tor-browser
    * Use the THUNDERBIRD_45_4_0_RELEASE tag on comm-esr45
+   * Update ctypes-otr to 00e4e80a
    * Trac 16536: Investigate Tor Browser patches relevant to Tor Messenger
-   * Trac 20208: Put conversations on hold by default
-   * Properly handle incoming xmpp server messages (bugzilla 1246431)
-   * Trac 20276: Fix toggling sounds
+   * Trac 17471: Investigate Tor Browser preferences relevant to Tor Messenger
    * Trac 17480: Make url linkification toggleable
-   * Update ctypes-otr to 00e4e80a
+   * Trac 19816: Build process should generate mar files
+   * Trac 20208: Put conversations on hold by default
    * Trac 20231: Remove incomplete translations
-   * Fix irc "msg is not defined" error (bugzilla 1313137)
+   * Trac 20276: Fix toggling sounds
+   * Bugzilla 1246431: Properly handle incoming xmpp server messages
+   * Bugzilla 1313137: Fix irc "msg is not defined" error
  * Mac
-   * Trac 20206: Avoid prompting to download font "Osaka" on macOS Sierra
    * Trac 20204: Windows don't drag on macOS Sierra
+   * Trac 20206: Avoid prompting to download font "Osaka" on macOS Sierra
  * Windows
    * Trac 20062: Make stripping signatures reproducible on TM .exe files
diff --git a/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch b/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
index a99fa26..edd6951 100644
--- a/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
+++ b/projects/instantbird/0001-Set-Tor-Messenger-preferences.patch
@@ -1,17 +1,64 @@
-From bfa4576ff8e6291a0cd293e05ac48b2a91c6a3c1 Mon Sep 17 00:00:00 2001
+From b229ec3ed7af7f4e78b1d75a26c1ed76046ad3fe Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:48:41 -0700
 Subject: [PATCH 01/22] Set Tor Messenger preferences
---
- im/app/profile/all-instantbird.js | 110 +++++++++++++++++++++++++++++++-------
- 1 file changed, 90 insertions(+), 20 deletions(-)
+ im/app/profile/all-instantbird.js | 399 ++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 378 insertions(+), 21 deletions(-)
diff --git a/im/app/profile/all-instantbird.js b/im/app/profile/all-instantbird.js
-index b7a3970..eb1423f 100644
+index b7a3970..a4e0654 100644
 --- a/im/app/profile/all-instantbird.js
 +++ b/im/app/profile/all-instantbird.js
-@@ -28,7 +28,7 @@ pref("general.autoScroll", true);
+@@ -1,3 +1,46 @@
++/**
++ * This file is divded into three section,
++ *
++ * 1) Tor Messenger prefs, not found in the next two sections;
++ * 2) The original Instantbird prefs found here, modified by TM;
++ * 3) Tor Browser's 000-tor-browser.js, modified by TM or commented out when
++ *    duplicating a previously declared pref.
++ *
++ * The idea being that to update this file when rebasing, we'd just paste the
++ * full contents of those files over the corresponding sections and then look
++ * at the diffs.
++ */
++
++
++
++// Disable all logging
++pref("purple.logging.log_chats", false);
++pref("purple.logging.log_ims", false);
++pref("purple.logging.log_system", false);
++
++// Disable typing notifications
++pref("purple.conversations.im.send_typing", false);
++
++// Do not report idle status or the away message
++pref("messenger.status.awayWhenIdle", false);
++pref("messenger.status.defaultIdleAwayMessage", "");
++pref("messenger.status.reportIdle", false);
++
++// Do not send the message format (fonts, colors)
++pref("messenger.conversations.sendFormat", false);
++
++// Disable text formatting (remove the tags)
++pref("messenger.options.filterMode", 0);
++
++// Put conversations on hold so that OTR disconnect is not sent. See #20208.
++pref("messenger.conversations.holdByDefault", true);
++
++// No AUS check for system add-on updates for Tor Browser users.
++// This pref is taken from the TB diff of browser/app/profile/firefox.js
++pref("extensions.systemAddon.update.url", "");
++
++
++
+ /* This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+@@ -28,7 +71,7 @@ pref("general.autoScroll", true);
  // 0 = spellcheck nothing
  // 1 = check multi-line controls [default]
  // 2 = check multi/single line controls
@@ -20,7 +67,7 @@ index b7a3970..eb1423f 100644
pref("messenger.accounts.convertOldPasswords", true);
  pref("messenger.accounts.promptOnDelete", true);
-@@ -66,7 +66,7 @@ pref("extensions.mintrayr.singleClickRestore", false);
+@@ -66,7 +109,7 @@ pref("extensions.mintrayr.singleClickRestore", false);
// Whether message related sounds should be played at all. If this is enabled
  // then the more specific prefs are checked as well.
@@ -29,17 +76,12 @@ index b7a3970..eb1423f 100644
  // Specifies whether each message event should trigger a sound for incoming
  // and outgoing messages, or when your nickname is mentioned in a chat.
  pref("messenger.options.playSounds.outgoing", true);
-@@ -142,26 +142,28 @@ pref("app.update.staging.enabled", true);
+@@ -142,26 +185,23 @@ pref("app.update.staging.enabled", true);
// Update service URL:
  // You do not need to use all the %VAR% parameters. Use what you need, %PRODUCT%,%VERSION%,%BUILD_ID%,%CHANNEL% for example
 -pref("app.update.url", "https://update.instantbird.org/1/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGE...");
 +pref("app.update.url", "https://aus2.torproject.org/tormessenger/update_2/%CHANNEL%/%BUILD_TARGET%/%...");
-+
-+#ifdef XP_WIN
-+// For now, disable staged updates on Windows (see #18292).
-+pref("app.update.staging.enabled", false);
-+#endif
// URL user can browse to manually if for some reason all update installation
  // attempts fail.
@@ -66,7 +108,7 @@ index b7a3970..eb1423f 100644
// Interval: Time before prompting the user to restart to install the latest
  //           download (in seconds) default=30 minutes
-@@ -202,7 +204,7 @@ pref("browser.search.order.1",                "chrome://instantbird/locale/regio
+@@ -202,7 +242,7 @@ pref("browser.search.order.1",                "chrome://instantbird/locale/regio
  pref("browser.search.order.2",                "chrome://instantbird/locale/region.properties");
// send ping to the server to update
@@ -75,7 +117,7 @@ index b7a3970..eb1423f 100644
// disable logging for the search service update system by default
  pref("browser.search.update.log", false);
-@@ -222,7 +224,7 @@ pref("extensions.ignoreMTimeChanges", false);
+@@ -222,10 +262,10 @@ pref("extensions.ignoreMTimeChanges", false);
  pref("extensions.logging.enabled", false);
  pref("general.skins.selectedSkin", "classic/1.0");
@@ -83,8 +125,12 @@ index b7a3970..eb1423f 100644
 +pref("extensions.update.enabled", false);
  pref("extensions.update.interval", 86400);
  pref("extensions.update.url", "https://addons.instantbird.org/services/update.php?reqVersion=%REQ_VERSION%&...");
- pref("extensions.update.autoUpdateDefault", true);
-@@ -245,9 +247,9 @@ pref("extensions.getMoreEmoticonsURL", "https://add-ons.instantbird.org/%LOCALE%
+-pref("extensions.update.autoUpdateDefault", true);
++pref("extensions.update.autoUpdateDefault", false);
+ 
+ // Preferences for the Get Add-ons pane
+ pref("extensions.getAddons.cache.enabled", false);
+@@ -245,9 +285,9 @@ pref("extensions.getMoreEmoticonsURL", "https://add-ons.instantbird.org/%LOCALE%
  pref("extensions.getMoreProtocolsURL", "https://add-ons.instantbird.org/%LOCALE%/%APP%/%VERSION%/protocols/");
// suppress external-load warning for standard browser schemes
@@ -97,7 +143,7 @@ index b7a3970..eb1423f 100644
// don't load links inside Instantbird
  pref("network.protocol-handler.expose-all", false);
-@@ -262,10 +264,10 @@ pref("network.protocol-handler.expose.https", true);
+@@ -262,10 +302,10 @@ pref("network.protocol-handler.expose.https", true);
  pref("network.protocol-handler.expose.javascript", true);
// 0-Accept, 1-dontAcceptForeign, 2-dontUse
@@ -110,7 +156,7 @@ index b7a3970..eb1423f 100644
// We have an Error Console menu item by default so let's display chrome errors
  pref("javascript.options.showInConsole", true);
-@@ -300,14 +302,82 @@ pref("browser.tabs.tabClipWidth", 140);
+@@ -300,14 +340,331 @@ pref("browser.tabs.tabClipWidth", 140);
  // 3  at the end of the tabstrip
  pref("browser.tabs.closeButtons", 1);
@@ -129,73 +175,322 @@ index b7a3970..eb1423f 100644
 -pref("statsService.parseLogsForStats", true);
 +pref("statsService.parseLogsForStats", false);
 +
-+/* Tor Messenger */
-+// Logging
-+// Disable all logging
-+pref("purple.logging.log_chats", false);
-+pref("purple.logging.log_ims", false);
-+pref("purple.logging.log_system", false);
 +
-+// Network
-+// Use a manual proxy configuration
-+pref("network.proxy.type", 1);
-+// Empty the "no proxy" setting
-+pref("network.proxy.no_proxies_on", "");
-+// Configure Instantbird to use the SOCKS5 proxy
++
++# Default Preferences
++# Tor Browser Bundle
++# Do not edit this file.
++
++// Please maintain unit tests at ./tbb-tests/browser_tor_TB4.js
++
++// Disable initial homepage notifications
++//pref("browser.search.update", false);  // TM
++pref("browser.rights.3.shown", true);
++pref("startup.homepage_welcome_url", "");
++pref("startup.homepage_welcome_url.additional", "");
++// Not set Windows 10 users would get a special introduction on first start.
++pref("browser.usedOnWindows10", true);
++
++// Set a generic, default URL that will be opened in a tab after an update.
++// Typically, this will not be used; instead, the <update> element within
++// each update manifest should contain attributes similar to:
++//   actions="showURL"
++//   openURL="https://blog.torproject.org/tor-browser-55a2-released"
++pref("startup.homepage_override_url", "https://blog.torproject.org/category/tags/tor-browser");
++
++// Try to nag a bit more about updates: Pop up a restart dialog an hour after the initial dialog
++pref("app.update.promptWaitTime", 3600);
++pref("app.update.badge", true);
++pref("extensions.hotfix.id", ""); // Bug 16837: Disable hotfix updates as they may cause compat issues
++
++#ifdef XP_WIN
++// For now, disable staged updates on Windows (see #18292).
++pref("app.update.staging.enabled", false);
++#endif
++
++// Disable "Slow startup" warnings and associated disk history
++// (bug #13346)
++pref("browser.slowStartup.notificationDisabled", true);
++pref("browser.slowStartup.maxSamples", 0);
++pref("browser.slowStartup.samples", 0);
++
++// Disable the "Refresh" prompt that is displayed for stale profiles.
++pref("browser.disableResetPrompt", true);
++
++// Disk activity: Disable Browsing History Storage
++pref("browser.privatebrowsing.autostart", true);
++pref("browser.cache.disk.enable", false);
++pref("browser.cache.offline.enable", false);
++pref("dom.indexedDB.enabled", false);
++pref("permissions.memory_only", true);
++pref("network.cookie.lifetimePolicy", 2);
++pref("browser.download.manager.retention", 1);
++pref("security.nocertdb", false);  // TM
++
++// Disk activity: TBB Directory Isolation
++pref("browser.download.useDownloadDir", false);
++pref("browser.shell.checkDefaultBrowser", false);
++pref("browser.download.manager.addToRecentDocs", false);
++
++// Misc privacy: Disk
++pref("signon.rememberSignons", false);
++pref("browser.formfill.enable", false);
++pref("signon.autofillForms", false);
++pref("browser.sessionstore.privacy_level", 2);
++pref("media.cache_size", 0);
++
++// Misc privacy: Remote
++pref("browser.send_pings", false);
++pref("geo.enabled", false);
++pref("geo.wifi.uri", "");
++pref("browser.search.suggest.enabled", false);
++pref("browser.safebrowsing.enabled", false);
++pref("browser.safebrowsing.malware.enabled", false);
++pref("browser.download.manager.scanWhenDone", false); // prevents AV remote reporting of downloads
++pref("extensions.ui.lastCategory", "addons://list/extension");
++pref("datareporting.healthreport.service.enabled", false); // Yes, all three of these must be set
++pref("datareporting.healthreport.uploadEnabled", false);
++pref("datareporting.policy.dataSubmissionEnabled", false);
++// Don't fetch a localized remote page that Tor Browser interacts with, see
++// #16727. And, yes, it is "reportUrl" and not "reportURL".
++pref("datareporting.healthreport.about.reportUrl", "data:text/plain,");
++// Make sure Selfsupport and Unified Telemetry are really disabled, see: #18738.
++pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,");
++pref("browser.selfsupport.enabled", false);
++pref("browser.selfsupport.url", "");
++pref("toolkit.telemetry.unified", false);
++// Disable the UITour backend so there is no chance that a remote page
++// can use it to confuse Tor Browser users.
++pref("browser.uitour.enabled", false);
++pref("security.mixed_content.block_active_content", false); // Disable until https://bugzilla.mozilla.org/show_bug.cgi?id=878890 is patched
++pref("browser.syncPromoViewsLeftMap", "{"addons":0, "passwords":0, "bookmarks":0}"); // Don't promote sync
++pref("services.sync.engine.prefs", false); // Never sync prefs, addons, or tabs with other browsers
++pref("services.sync.engine.addons", false);
++pref("services.sync.engine.tabs", false);
++pref("services.sync.ui.hidden", true);
++//pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/  // TM
++pref("browser.newtabpage.directory.ping", "data:text/plain,"); // Bug 16316 - Avoid potential confusion over tiles for now.
++pref("browser.newtabpage.directory.source", "data:text/plain,"); // Bug 16316 - Avoid potential confusion over tiles for now.
++pref("browser.newtabpage.enhanced", false); // Bug 16316 - Avoid potential confusion over tiles for now.
++pref("browser.newtabpage.introShown", true); // Bug 16316 - Avoid potential confusion over tiles for now.
++pref("browser.newtabpage.preload", false); // Bug 16316 - Avoid potential confusion over tiles for now.
++pref("browser.search.countryCode", "US"); // The next three prefs disable GeoIP search lookups (#16254)
++pref("browser.search.region", "US");
++pref("browser.search.geoip.url", "");
++pref("browser.fixup.alternate.enabled", false); // Bug #16783: Prevent .onion fixups
++// Make sure there is no Tracking Protection active in Tor Browser, see: #17898.
++pref("privacy.trackingprotection.pbmode.enabled", false);
++// Disable the Pocket extension (Bug #18886)
++pref("browser.pocket.enabled", false);
++pref("browser.pocket.api", "");
++pref("browser.pocket.site", "");
++
++// Fingerprinting
++pref("webgl.min_capability_mode", true);
++pref("webgl.disable-extensions", true);
++pref("webgl.disable-fail-if-major-performance-caveat", true);
++pref("dom.battery.enabled", false); // fingerprinting due to differing OS implementations
++pref("dom.network.enabled",false); // fingerprinting due to differing OS implementations
++pref("browser.display.max_font_attempts",10);
++pref("browser.display.max_font_count",10);
++pref("gfx.downloadable_fonts.fallback_delay", -1);
++pref("general.appname.override", "Netscape");
++pref("general.appversion.override", "5.0 (Windows)");
++pref("general.oscpu.override", "Windows NT 6.1");
++pref("general.platform.override", "Win32");
++pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:25.0) Gecko/20100101 Instantbird/1.5");  // TM
++pref("general.productSub.override", "20100101");
++pref("general.buildID.override", "20100101");
++pref("browser.startup.homepage_override.buildID", "20100101");
++pref("general.useragent.vendor", "");
++pref("general.useragent.vendorSub", "");
++pref("dom.enable_performance", false);
++pref("plugin.expose_full_path", false);
++pref("browser.zoom.siteSpecific", false);
++pref("intl.charset.default", "windows-1252");
++pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups)
++pref("dom.gamepad.enabled", false); // bugs.torproject.org/13023
++pref("javascript.use_us_english_locale", true);
++// pref("intl.accept_languages", "en-us, en"); // Set by Torbutton
++// pref("intl.accept_charsets", "iso-8859-1,*,utf-8"); // Set by Torbutton
++// pref("intl.charsetmenu.browser.cache", "UTF-8"); // Set by Torbutton
++// Disable video statistics fingerprinting vector (bug 15757)
++pref("media.video_stats.enabled", false);
++// Disable device sensors as possible fingerprinting vector (bug 15758)
++pref("device.sensors.enabled", false);
++pref("dom.enable_resource_timing", false); // Bug 13024: To hell with this API
++pref("dom.enable_user_timing", false); // Bug 16336: To hell with this API
++pref("privacy.resistFingerprinting", true);
++pref("dom.event.highrestimestamp.enabled", true); // Bug #17046: "Highres" (but truncated) timestamps prevent uptime leaks
++pref("privacy.suppressModifierKeyEvents", true); // Bug #17009: Suppress ALT and SHIFT events"
++pref("ui.use_standins_for_native_colors", true); // https://bugzilla.mozilla.org/232227
++// Make Reader View users uniform if they really want to use that feature. See
++// bug 18950 for more details.
++pref("browser.reader.detectedFirstArticle", true);
++pref("reader.parse-on-load.enabled", false);
++
++// Third party stuff
++//pref("network.cookie.cookieBehavior", 1);  // TM
++pref("security.enable_tls_session_tickets", false);
++pref("network.http.spdy.enabled", false); // Stores state and may have keepalive issues (both fixable)
++pref("network.http.spdy.enabled.v2", false); // Seems redundant, but just in case
++pref("network.http.spdy.enabled.v3", false); // Seems redundant, but just in case
++pref("network.http.spdy.enabled.v3-1", false); // Seems redundant, but just in case
++pref("privacy.thirdparty.isolate", 0); // Always enforce third party isolation  // TM
++pref("network.http.spdy.enabled.http2", false); // Temporarily disabled pending implementation review
++pref("network.http.spdy.enabled.http2draft", false); // Temporarily disabled pending implementation review
++pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633
++pref("network.http.altsvc.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16673
++pref("network.http.altsvc.oe", false); // Temporarily disabled. See https://bugs.torproject.org/16673
++
++// Proxy and proxy security
 +pref("network.proxy.socks", "127.0.0.1");
-+pref("network.proxy.socks_port", 9152);
-+pref("network.proxy.socks_version", 5);
-+// Set DNS proxying through SOCKS5
++pref("network.proxy.socks_port", 9152);  // TM
++pref("network.proxy.socks_version", 5);  // TM
 +pref("network.proxy.socks_remote_dns", true);
-+// Disable DNS prefetching
++pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
++pref("network.proxy.type", 1);
++pref("network.security.ports.banned", "9050,9051,9150,9151");
 +pref("network.dns.disablePrefetch", true);
-+// Disable SPDY
-+pref("network.http.spdy.enabled", false);
-+// Set the user-agent to Instantbird stable
-+pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:25.0) Gecko/20100101 Instantbird/1.5");
-+
-+// Security
-+// Disable SSLv3 by setting the minimum supported protocol to TLS 1.0.
-+pref("security.tls.version.min", 1);
-+// We use the certdb.  Necessary for the TB patch,
-+// "Bug 14716: HTTP Basic Authentication prompt only displayed once"
-+pref("security.nocertdb", false);
-+// Disable geolocation
-+pref("geo.enabled", false);
++pref("network.protocol-handler.external-default", false);
++pref("network.protocol-handler.external.mailto", false);
++pref("network.protocol-handler.external.news", false);
++pref("network.protocol-handler.external.nntp", false);
++pref("network.protocol-handler.external.snews", false);
++pref("network.protocol-handler.warn-external.mailto", true);
++pref("network.protocol-handler.warn-external.news", true);
++pref("network.protocol-handler.warn-external.nntp", true);
++pref("network.protocol-handler.warn-external.snews", true);
++pref("plugin.disable", true); // Disable to search plugins on first start
++pref("plugins.click_to_play", true);
++pref("plugin.state.flash", 1);
++pref("plugins.hide_infobar_for_missing_plugin", true);
++pref("plugins.hideMissingPluginsNotification", true);
++pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
++// Disables media devices but only if `media.peerconnection.enabled` is set to
++// `false` as well. (see bug 16328 for this defense-in-depth measure)
++pref("media.navigator.enabled", false);
++// GMPs: We make sure they don't show up on the Add-on panel and confuse users.
++// And the external update/donwload server must not get pinged. We apply a
++// clever solution for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769716.
++pref("media.gmp-provider.enabled", false);
++pref("media.gmp-manager.url.override", "data:text/plain,");
++// EME prefs: Strictly speaking these prefs don't need to be set as we are
++// using the --disable-eme compile flag. However, in order to not confuse users,
++// who might stumble upon them while looking into about:config, we set them to
++// 'false' communicating that EME is really disabled.
++pref("browser.eme.ui.enabled", false);
++pref("media.gmp-eme-adobe.enabled", false);
++pref("media.eme.enabled", false);
++pref("media.eme.apiVisible", false);
++// WebIDE can bypass proxy settings for remote debugging. It also downloads
++// some additional addons that we have not reviewed. Turn all that off.
++pref("devtools.webide.autoinstallADBHelper", false);
++pref("devtools.webide.autoinstallFxdtAdapters", false);
++pref("devtools.webide.enabled", false);
++pref("devtools.appmanager.enabled", false);
++// The in-browser debugger for debugging chrome code is not coping with our
++// restrictive DNS look-up policy. We use "127.0.0.1" instead of "localhost" as
++// a workaround. See bug 16523 for more details.
++pref("devtools.debugger.chrome-debugging-host", "127.0.0.1");
++// Don't show the "Open with" option on the download dialog if the preference
++// is |true|. This helps to avoid confusion e.g. in case the browser is
++// sandboxed. See bug 17502 for details.
++pref("browser.download.forbid_open_with", false);
++// Disable mozTCPSocket for sure (bug 18863)
++pref("dom.mozTCPSocket.enabled", false);
 +
-+// Do not report idle status or the away message
-+pref("messenger.status.awayWhenIdle", false);
-+pref("messenger.status.defaultIdleAwayMessage", "");
-+pref("messenger.status.reportIdle", false);
-+// Do not send the message format (fonts, colors)
-+pref("messenger.conversations.sendFormat", false);
-+// Disable text formatting (remove the tags)
-+pref("messenger.options.filterMode", 0);
-+// Disable typing notifications
-+pref("purple.conversations.im.send_typing", false);
++// Security slider
++pref("svg.in-content.enabled", true);
++pref("mathml.disabled", false);
++// Until we address at least the linkability concerns in #19417 let's disable
++// asmjs.
++pref("javascript.options.asmjs", false);
 +
-+// Browser
-+// Disable caching
-+pref("browser.cache.disk.enable", false);
-+pref("browser.cache.offline.enable", false);
++// Network and performance
++pref("network.http.pipelining", true);
++pref("network.http.pipelining.aggressive", true);
++pref("network.http.pipelining.maxrequests", 12);
++pref("network.http.pipelining.ssl", true);
++pref("network.http.proxy.pipelining", true);
++pref("security.ssl.enable_false_start", true);
++pref("network.http.connection-retry-timeout", 0);
++pref("network.http.max-persistent-connections-per-proxy", 256);
++pref("network.http.pipelining.reschedule-timeout", 15000);
++pref("network.http.pipelining.read-timeout", 60000);
++// Hacked pref: Now means "Attempt to pipeline at least this many requests together"
++pref("network.http.pipelining.max-optimistic-requests", 3);
++pref("security.ssl.disable_session_identifiers", true);
++pref("network.manage-offline-status", false);
++
++// Disable Xrender as it causes serious performance regressions on some machines
++// and is disabled in Firefox >= 47 anyway.
++pref("gfx.xrender.enabled",false);
++
++// As a "defense in depth" measure, configure an empty push server URL (the
++// DOM Push features are disabled by default via other prefs).
++pref("dom.push.serverURL", "");
++
++// Extension support
++pref("extensions.autoDisableScopes", 0);
++pref("extensions.bootstrappedAddons", "{}");
++pref("extensions.checkCompatibility.4.*", false);
++pref("extensions.databaseSchema", 3);
++pref("extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,tor-launcher%40torproject.org:0.1.1pre-alpha,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5");
++pref("extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8");
++pref("extensions.enabledScopes", 1);
++pref("extensions.pendingOperations", false);
++pref("xpinstall.whitelist.add", "");
++pref("xpinstall.whitelist.add.36", "");
 +
-+// Media
-+// Disable WebRTC
-+pref("media.peerconnection.enabled", false);
-+// Disable "Take Picture" functionality that accesses the webcam
-+pref("media.navigator.video.enabled", false);
-+// Disable hardware acceleration
++// Toolbar layout
++pref("browser.uiCustomization.state", "{"placements":{"PanelUI-contents":["edit-controls","zoom-controls","new-window-button","save-page-button","print-button","bookmarks-menu-button","history-panelmenu","find-button","preferences-button","add-ons-button","developer-button","https-everywhere-button","downloads-button"],"addon-bar":["addonbar-closebutton","status-bar"],"PersonalToolbar":["personal-bookmarks"],"nav-bar":["noscript-tbb","torbutton-button","urlbar-container","search-container","webrtc-status-button","loop-button"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"toolbar-menubar":["menubar-items"]},"seen":[],"dirtyAreaCache":["PersonalToolbar","nav-bar","TabsToolbar","toolbar-menubar","PanelUI-contents","addon-bar"],"currentVersion":4,"newElementCount":0}");
++
++// Putting the search engine prefs into this file to fix #11236.
++// Default search engine
++//pref("browser.search.defaultenginename", "Disconnect");  // TM
++// Make sure we use the same search engine regardless of locale
++pref("browser.search.geoSpecificDefaults", false);
++
++// Search engine order (order displayed in the search bar dropdown)
++// Somewhat surprisingly we get some random behavior if we specify more than
++// two search engines as below. See
++// https://bugzilla.mozilla.org/show_bug.cgi?id=1126722 for details.
++//pref("browser.search.order.extra.1", "Disconnect");  // TM
++//pref("browser.search.order.extra.2", "YouTube");  // TM
++
++// Hacks/workarounds: Direct2D seems to crash w/ lots of video cards w/ MinGW?
++// Nvida cards also experience crashes without the second pref set to disabled
 +pref("gfx.direct2d.disabled", true);
 +pref("layers.acceleration.disabled", true);
-+// Enable SVG, for the TB patch,
-+// "Bug 12827: Create preference to disable SVG."
-+pref("svg.in-content.enabled", true);
 +
-+// Other Updates
-+pref("app.update.promptWaitTime", 3600);
++// Audio_data is deprecated in future releases, but still present
++// in FF24. This is a dangerous combination (spotted by iSec)
++pref("media.audio_data.enabled", false);
 +
-+// Put conversations on hold so that OTR disconnect is not sent. See #20208.
-+pref("messenger.conversations.holdByDefault", true);
++// If true, remote JAR files will not be opened, regardless of content type
++// Patch done by Jeff Gibat (iSEC). We bind it to the security slider but allow
++// jar: in default mode.
++pref("network.jar.block-remote-files", false);
++
++// Enable TLS 1.1 and 1.2:
++// https://trac.torproject.org/projects/tor/ticket/11253
++pref("security.tls.version.max", 3);
++pref("security.tls.version.min", 1);  // TM
++// Disable RC4 fallback. This will go live in Firefox 44, Chrome and IE/Edge:
++// https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/
++pref("security.tls.unrestricted_rc4_fallback", false);
++
++// Enforce certificate pinning, see: https://bugs.torproject.org/16206
++pref("security.cert_pinning.enforcement_level", 2);
++
++// Enforce SHA1 deprecation, see: bug 18042.
++pref("security.pki.sha1_enforcement_level", 2);
++
++// Workaround for https://bugs.torproject.org/13579. Progress on
++// `about:downloads` is only shown if the following preference is set to `true`
++// in case the download panel got removed from the toolbar.
++pref("browser.download.panel.shown", true);
 -- 
 2.10.2
diff --git a/projects/instantbird/0002-Trac-16489-Prevent-account-autologin.patch b/projects/instantbird/0002-Trac-16489-Prevent-account-autologin.patch
index 84b7c3c..33be92a 100644
--- a/projects/instantbird/0002-Trac-16489-Prevent-account-autologin.patch
+++ b/projects/instantbird/0002-Trac-16489-Prevent-account-autologin.patch
@@ -1,4 +1,4 @@
-From 2f9785b7fb8fba1dae99f914a7500bac41d4a17b Mon Sep 17 00:00:00 2001
+From facec2ac69b9068c63278572ffdfa432f259f373 Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Mon, 16 Nov 2015 20:37:53 -0800
 Subject: [PATCH 02/22] Trac 16489: Prevent account autologin
diff --git a/projects/instantbird/0003-Trac-17896-Support-Special-Characters-input-prompt-o.patch b/projects/instantbird/0003-Trac-17896-Support-Special-Characters-input-prompt-o.patch
index 2b32591..9b9417f 100644
--- a/projects/instantbird/0003-Trac-17896-Support-Special-Characters-input-prompt-o.patch
+++ b/projects/instantbird/0003-Trac-17896-Support-Special-Characters-input-prompt-o.patch
@@ -1,4 +1,4 @@
-From fa84f77e4b3c3091aec5a479f862aa8cdb12de6a Mon Sep 17 00:00:00 2001
+From e8cbcbe0aab97d75fec3abe65b575f3e814e7837 Mon Sep 17 00:00:00 2001
 From: aleth aleth@instantbird.org
 Date: Sat, 30 Jan 2016 20:56:38 +0100
 Subject: [PATCH 03/22] Trac 17896: Support "Special Characters" input prompt
diff --git a/projects/instantbird/0004-Trac-17494-Better-error-reporting-for-failed-outgoin.patch b/projects/instantbird/0004-Trac-17494-Better-error-reporting-for-failed-outgoin.patch
index cc8b392..93eb82f 100644
--- a/projects/instantbird/0004-Trac-17494-Better-error-reporting-for-failed-outgoin.patch
+++ b/projects/instantbird/0004-Trac-17494-Better-error-reporting-for-failed-outgoin.patch
@@ -1,4 +1,4 @@
-From 7fcda7da8eee17eccae8e25a7a24f0b7127fc3af Mon Sep 17 00:00:00 2001
+From 922480805c668eecb6edbbda2b2a4dfb61107144 Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Tue, 2 Feb 2016 16:04:51 -0800
 Subject: [PATCH 04/22] Trac 17494: Better error reporting for failed outgoing
diff --git a/projects/instantbird/0005-Trac-13312-OTR-over-Twitter-DMs.patch b/projects/instantbird/0005-Trac-13312-OTR-over-Twitter-DMs.patch
index 8cf35b0..83a4ddd 100644
--- a/projects/instantbird/0005-Trac-13312-OTR-over-Twitter-DMs.patch
+++ b/projects/instantbird/0005-Trac-13312-OTR-over-Twitter-DMs.patch
@@ -1,4 +1,4 @@
-From 2a8dc4c8043aeae007b4e727c54137f4ae90f3dd Mon Sep 17 00:00:00 2001
+From 6990be2c6ac257be6f8aa284814489be2c6f25ea Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Tue, 15 Mar 2016 17:40:42 -0700
 Subject: [PATCH 05/22] Trac 13312: OTR over Twitter DMs
diff --git a/projects/instantbird/0006-Bug-1218193-Fix-tab-strip-background-colour-on-OS-X..patch b/projects/instantbird/0006-Bug-1218193-Fix-tab-strip-background-colour-on-OS-X..patch
index a87b731..fd8e394 100644
--- a/projects/instantbird/0006-Bug-1218193-Fix-tab-strip-background-colour-on-OS-X..patch
+++ b/projects/instantbird/0006-Bug-1218193-Fix-tab-strip-background-colour-on-OS-X..patch
@@ -1,4 +1,4 @@
-From 10e196e6c4e26d74baacba3e2b0f367a062b0287 Mon Sep 17 00:00:00 2001
+From ef854ddec3ec3f62d612484d7099e461fe18d128 Mon Sep 17 00:00:00 2001
 From: Nihanth Subramanya nhnt11@gmail.com
 Date: Sun, 9 Oct 2016 21:53:04 -0700
 Subject: [PATCH 06/22] Bug 1218193 - Fix tab strip background colour on OS X.
diff --git a/projects/instantbird/0007-Bug-1246431-XMPP-createConversation-should-handle-in.patch b/projects/instantbird/0007-Bug-1246431-XMPP-createConversation-should-handle-in.patch
index ac16309..01da37e 100644
--- a/projects/instantbird/0007-Bug-1246431-XMPP-createConversation-should-handle-in.patch
+++ b/projects/instantbird/0007-Bug-1246431-XMPP-createConversation-should-handle-in.patch
@@ -1,4 +1,4 @@
-From ecee8301b2187ea25e582d15e3d02bec5d29078e Mon Sep 17 00:00:00 2001
+From a60538df8166c6eb8e267ac92598706c25ff35f8 Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Sun, 9 Oct 2016 21:57:07 -0700
 Subject: [PATCH 07/22] Bug 1246431 - XMPP createConversation should handle
diff --git a/projects/instantbird/0008-Bug-1298574-Set-_userVCard-own-property-when-downloa.patch b/projects/instantbird/0008-Bug-1298574-Set-_userVCard-own-property-when-downloa.patch
index f336a84..bc5194a 100644
--- a/projects/instantbird/0008-Bug-1298574-Set-_userVCard-own-property-when-downloa.patch
+++ b/projects/instantbird/0008-Bug-1298574-Set-_userVCard-own-property-when-downloa.patch
@@ -1,4 +1,4 @@
-From 899378439d41d0ee36cba761edf43e4329cd9c07 Mon Sep 17 00:00:00 2001
+From 2ed57a22907efdee880b30d956391d52417b01a6 Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Sun, 28 Aug 2016 08:57:41 -0700
 Subject: [PATCH 08/22] Bug 1298574 - Set _userVCard own property when
diff --git a/projects/instantbird/0009-XMPP-in-band-registration.patch b/projects/instantbird/0009-XMPP-in-band-registration.patch
index 41e9f90..db258da 100644
--- a/projects/instantbird/0009-XMPP-in-band-registration.patch
+++ b/projects/instantbird/0009-XMPP-in-band-registration.patch
@@ -1,4 +1,4 @@
-From 1e0665d52f89f61af5dd07fc1d0c31dd90c0a483 Mon Sep 17 00:00:00 2001
+From d28b2c39b8f9249490dc6499d831e6e6adbe838a Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 18:42:25 -0700
 Subject: [PATCH 09/22] XMPP in-band registration
diff --git a/projects/instantbird/0010-Remove-search-from-UI.patch b/projects/instantbird/0010-Remove-search-from-UI.patch
index 55f22ab..fe91747 100644
--- a/projects/instantbird/0010-Remove-search-from-UI.patch
+++ b/projects/instantbird/0010-Remove-search-from-UI.patch
@@ -1,4 +1,4 @@
-From a9aa4108eceba8f5d4472b27ba7f0f3223d535bc Mon Sep 17 00:00:00 2001
+From 33ec527a5ba77bbe3af57666c9a25b54d2d97512 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 18:47:48 -0700
 Subject: [PATCH 10/22] Remove search from UI
diff --git a/projects/instantbird/0011-Add-Tor-Messenger-branding.patch b/projects/instantbird/0011-Add-Tor-Messenger-branding.patch
index 9b2d571..6b0847f 100644
--- a/projects/instantbird/0011-Add-Tor-Messenger-branding.patch
+++ b/projects/instantbird/0011-Add-Tor-Messenger-branding.patch
@@ -1,4 +1,4 @@
-From ce1cba5c29e974399693c6b3dbd02b372a8a6ab3 Mon Sep 17 00:00:00 2001
+From 41c60f97c6049e4e3bc130fa963616e9ddc77af6 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 18:56:27 -0700
 Subject: [PATCH 11/22] Add Tor Messenger branding
diff --git a/projects/instantbird/0012-Account-picture.patch b/projects/instantbird/0012-Account-picture.patch
index 6c48541..be7c944 100644
--- a/projects/instantbird/0012-Account-picture.patch
+++ b/projects/instantbird/0012-Account-picture.patch
@@ -1,4 +1,4 @@
-From a40ca36edcb6b2be8ed958e39479998a8fe4fbc3 Mon Sep 17 00:00:00 2001
+From 65de52be6fbf68084231270ec14c84f225ed0fed Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:24:09 -0700
 Subject: [PATCH 12/22] Account picture
diff --git a/projects/instantbird/0013-Modify-protocol-defaults.patch b/projects/instantbird/0013-Modify-protocol-defaults.patch
index cc51976..363c197 100644
--- a/projects/instantbird/0013-Modify-protocol-defaults.patch
+++ b/projects/instantbird/0013-Modify-protocol-defaults.patch
@@ -1,4 +1,4 @@
-From 82b8069f3b5eef5d6ed8a87e8b122e2b0eae3a76 Mon Sep 17 00:00:00 2001
+From 8dd9a15845160e182b8ca44e6f4d07fdd59ffed0 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:25:34 -0700
 Subject: [PATCH 13/22] Modify protocol defaults
diff --git a/projects/instantbird/0014-Modify-IRC-defaults.patch b/projects/instantbird/0014-Modify-IRC-defaults.patch
index 6d43240..3543d97 100644
--- a/projects/instantbird/0014-Modify-IRC-defaults.patch
+++ b/projects/instantbird/0014-Modify-IRC-defaults.patch
@@ -1,4 +1,4 @@
-From 14b1768d06adce5dd85dd56ea4c89984d420c36e Mon Sep 17 00:00:00 2001
+From ac449194473c8d254672c653b73f66350e665cc8 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:31:58 -0700
 Subject: [PATCH 14/22] Modify IRC defaults
diff --git a/projects/instantbird/0015-Modify-themes.patch b/projects/instantbird/0015-Modify-themes.patch
index ef7197c..e70f9aa 100644
--- a/projects/instantbird/0015-Modify-themes.patch
+++ b/projects/instantbird/0015-Modify-themes.patch
@@ -1,4 +1,4 @@
-From 8f6fad682f3fc785e324faf086e5248b54e50f2e Mon Sep 17 00:00:00 2001
+From 38fbe7232753738d91ce12c4df53fe83a3192e16 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:36:38 -0700
 Subject: [PATCH 15/22] Modify themes
diff --git a/projects/instantbird/0016-Modify-XMPP-defaults.patch b/projects/instantbird/0016-Modify-XMPP-defaults.patch
index 202cfb1..b91f9f4 100644
--- a/projects/instantbird/0016-Modify-XMPP-defaults.patch
+++ b/projects/instantbird/0016-Modify-XMPP-defaults.patch
@@ -1,4 +1,4 @@
-From 7002186f102f329431ad1f1afce87af75f7a4570 Mon Sep 17 00:00:00 2001
+From 64746206241b088e2a609662fcbe0edc3baad88b Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:38:49 -0700
 Subject: [PATCH 16/22] Modify XMPP defaults
diff --git a/projects/instantbird/0017-Remove-logging-UI.patch b/projects/instantbird/0017-Remove-logging-UI.patch
index 4ac4152..802dfe8 100644
--- a/projects/instantbird/0017-Remove-logging-UI.patch
+++ b/projects/instantbird/0017-Remove-logging-UI.patch
@@ -1,4 +1,4 @@
-From af2bff6a7f15123c567b4c911b5842423fee0514 Mon Sep 17 00:00:00 2001
+From 47bb9db3798b59d066399ec289295229a1aa4168 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:50:48 -0700
 Subject: [PATCH 17/22] Remove logging UI
diff --git a/projects/instantbird/0018-Cert-override.patch b/projects/instantbird/0018-Cert-override.patch
index bea2ec5..ffd1fd2 100644
--- a/projects/instantbird/0018-Cert-override.patch
+++ b/projects/instantbird/0018-Cert-override.patch
@@ -1,4 +1,4 @@
-From da09cc5555865e5f86a4627d9ad1fd9de4dd392b Mon Sep 17 00:00:00 2001
+From 9ded93b407e23a54bd335d273d31496bc426ffd1 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:56:46 -0700
 Subject: [PATCH 18/22] Cert override
diff --git a/projects/instantbird/0019-Display-all-traffic-over-Tor.patch b/projects/instantbird/0019-Display-all-traffic-over-Tor.patch
index d1ffe21..41a87c1 100644
--- a/projects/instantbird/0019-Display-all-traffic-over-Tor.patch
+++ b/projects/instantbird/0019-Display-all-traffic-over-Tor.patch
@@ -1,4 +1,4 @@
-From b4e33411b5743601307009ce6e31235fccb57ba3 Mon Sep 17 00:00:00 2001
+From 119c059b638fcb772c4e9aa952d9899d58d93264 Mon Sep 17 00:00:00 2001
 From: Sukhbir Singh sukhbir@torproject.org
 Date: Mon, 10 Oct 2016 19:58:31 -0700
 Subject: [PATCH 19/22] Display all traffic over Tor
diff --git a/projects/instantbird/0020-Trac-17480-Content-sink.patch b/projects/instantbird/0020-Trac-17480-Content-sink.patch
index 29aeaf4..723330d 100644
--- a/projects/instantbird/0020-Trac-17480-Content-sink.patch
+++ b/projects/instantbird/0020-Trac-17480-Content-sink.patch
@@ -1,4 +1,4 @@
-From 2194d4caace6d18b2a33a57df3618019b9bc77d8 Mon Sep 17 00:00:00 2001
+From 7512783d8cbcd15c9b0c2bfd07fbf4c2ff628f6e Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Wed, 5 Oct 2016 11:09:25 -0700
 Subject: [PATCH 20/22] Trac 17480: Content sink
diff --git a/projects/instantbird/0021-SASL-ECDSA-NIST256P-CHALLENGE.patch b/projects/instantbird/0021-SASL-ECDSA-NIST256P-CHALLENGE.patch
index 7d0df64..5a16f93 100644
--- a/projects/instantbird/0021-SASL-ECDSA-NIST256P-CHALLENGE.patch
+++ b/projects/instantbird/0021-SASL-ECDSA-NIST256P-CHALLENGE.patch
@@ -1,4 +1,4 @@
-From afec16433c83df4452b6b362032cd624f7f5541d Mon Sep 17 00:00:00 2001
+From d6b9d9b02c72f979a8a01eef2bd6c358dfc5394b Mon Sep 17 00:00:00 2001
 From: Arlo Breault arlolra@gmail.com
 Date: Sun, 2 Oct 2016 08:46:55 -0700
 Subject: [PATCH 21/22] SASL ECDSA-NIST256P-CHALLENGE
diff --git a/projects/instantbird/0022-Bug-1313137-msg-is-not-defined-error-in-irc.js-chang.patch b/projects/instantbird/0022-Bug-1313137-msg-is-not-defined-error-in-irc.js-chang.patch
index f80c5e2..56a638e 100644
--- a/projects/instantbird/0022-Bug-1313137-msg-is-not-defined-error-in-irc.js-chang.patch
+++ b/projects/instantbird/0022-Bug-1313137-msg-is-not-defined-error-in-irc.js-chang.patch
@@ -1,4 +1,4 @@
-From 6f07adf6e3db9f65cf4c45ecaba8f1f12423acff Mon Sep 17 00:00:00 2001
+From 6c0d0db66b8375dd63a1f7bfe1661c8956f6d6cb Mon Sep 17 00:00:00 2001
 From: aleth aleth@instantbird.org
 Date: Wed, 26 Oct 2016 20:16:58 +0200
 Subject: [PATCH 22/22] Bug 1313137 - "msg is not defined" error in

    