commit 06557b2845665a44c11b954d24081bed0e2011ba Author: Erinn Clark erinn@torproject.org Date: Wed Oct 24 16:34:44 2012 +0100

remove alpha directory from firefox patches --- ...nents.interfaces-lookupMethod-from-conten.patch | 50 -- ...0002-Make-Permissions-Manager-memory-only.patch | 94 ---- ...-Make-Intermediate-Cert-Store-memory-only.patch | 43 -- .../alpha/0004-Add-a-string-based-cacheKey.patch | 85 --- .../0005-Block-all-plugins-except-flash.patch | 85 --- ...ontent-pref-service-memory-only-clearable.patch | 37 -- .../0007-Disable-SSL-Session-ID-tracking.patch | 28 - ...ice-and-system-specific-CSS-Media-Queries.patch | 116 ----- .../0009-Make-Download-manager-memory-only.patch | 57 -- .../0010-Add-DDG-and-StartPage-to-Omnibox.patch | 84 --- ...-nsICacheService.EvictEntries-synchronous.patch | 44 -- ...owser-exit-when-not-launched-from-Vidalia.patch | 45 -- ...13-Limit-the-number-of-fonts-per-document.patch | 225 -------- ...observer-event-to-close-persistent-connec.patch | 40 -- .../alpha/0015-Rebrand-Firefox-to-TorBrowser.patch | 59 --- .../alpha/0016-Prevent-WebSocket-DNS-leak.patch | 133 ----- ...ize-HTTP-request-order-and-pipeline-depth.patch | 151 ------ ...Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch | 545 -------------------- ...9-Add-a-redirect-API-for-HTTPS-Everywhere.patch | 345 ------------- ...d-mozIThirdPartyUtil.getFirstPartyURI-API.patch | 148 ------ 20 files changed, 0 insertions(+), 2414 deletions(-)

diff --git a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch b/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch deleted file mode 100644 index 921a716..0000000 --- a/src/current-patches/firefox/alpha/0001-Block-Components.interfaces-lookupMethod-from-conten.patch +++ /dev/null @@ -1,50 +0,0 @@ -From caab8c136e806dcd913d637210ff187abb1b6b29 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 1 Feb 2012 15:40:40 -0800 -Subject: [PATCH 01/19] Block Components.interfaces,lookupMethod from content - -This patch removes the ability of content script to access -Components.interfaces.* as well as call or access Components.lookupMethod. - -These two interfaces seem to be exposed to content script only to make our -lives difficult. Components.lookupMethod can undo our JS hooks, and -Components.interfaces is useful for fingerprinting the platform, OS, and -Firebox version. - -They appear to have no other legitimate use. See also: -https://bugzilla.mozilla.org/show_bug.cgi?id=429070 -https://trac.torproject.org/projects/tor/ticket/2873 -https://trac.torproject.org/projects/tor/ticket/2874 ---- - js/xpconnect/src/XPCComponents.cpp | 8 ++++++-- - 1 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/js/xpconnect/src/XPCComponents.cpp b/js/xpconnect/src/XPCComponents.cpp -index ed7ab0a..609b73f 100644 ---- a/js/xpconnect/src/XPCComponents.cpp -+++ b/js/xpconnect/src/XPCComponents.cpp -@@ -4621,7 +4621,9 @@ nsXPCComponents::CanCreateWrapper(const nsIID * iid, char **_retval) - NS_IMETHODIMP - nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, char **_retval) - { -- static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; -+ // XXX: Pref observer? Also, is this what we want? Seems like a plan -+ //static const char* allowed[] = { "isSuccessCode", "lookupMethod", nsnull }; -+ static const char* allowed[] = { "isSuccessCode", nsnull }; - *_retval = xpc_CheckAccessList(methodName, allowed); - return NS_OK; - } -@@ -4630,7 +4632,9 @@ nsXPCComponents::CanCallMethod(const nsIID * iid, const PRUnichar *methodName, c - NS_IMETHODIMP - nsXPCComponents::CanGetProperty(const nsIID * iid, const PRUnichar *propertyName, char **_retval) - { -- static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; -+ // XXX: Pref observer? Also, is this what we want? Seems like a plan -+ // static const char* allowed[] = { "interfaces", "interfacesByID", "results", nsnull}; -+ static const char* allowed[] = { "results", nsnull}; - *_retval = xpc_CheckAccessList(propertyName, allowed); - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch b/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch deleted file mode 100644 index d73f1ab..0000000 --- a/src/current-patches/firefox/alpha/0002-Make-Permissions-Manager-memory-only.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 12acd440d185f5536eed99084c4800a46d617197 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 1 Feb 2012 15:45:16 -0800 -Subject: [PATCH 02/19] Make Permissions Manager memory-only - -This patch exposes a pref 'permissions.memory_only' that properly isolates the -permissions manager to memory, which is responsible for all user specified -site permissions, as well as stored STS policy. - -The pref does successfully clear the permissions manager memory if toggled. It -does not need to be set in prefs.js, and can be handled by Torbutton. - -https://trac.torproject.org/projects/tor/ticket/2950 ---- - extensions/cookie/nsPermissionManager.cpp | 34 ++++++++++++++++++++++++++-- - 1 files changed, 31 insertions(+), 3 deletions(-) - -diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp -index 94791ca..1f7bcbd 100644 ---- a/extensions/cookie/nsPermissionManager.cpp -+++ b/extensions/cookie/nsPermissionManager.cpp -@@ -24,6 +24,10 @@ - #include "mozStorageHelper.h" - #include "mozStorageCID.h" - #include "nsXULAppAPI.h" -+#include "nsCOMPtr.h" -+#include "nsIPrefService.h" -+#include "nsIPrefBranch.h" -+#include "nsIPrefBranch2.h" - - static nsPermissionManager *gPermissionManager = nsnull; - -@@ -167,6 +171,11 @@ nsPermissionManager::Init() - mObserverService->AddObserver(this, "profile-do-change", true); - } - -+ nsCOMPtr<nsIPrefBranch2> pbi = do_GetService(NS_PREFSERVICE_CONTRACTID); -+ if (pbi) { -+ pbi->AddObserver("permissions.", this, PR_FALSE); -+ } -+ - if (IsChildProcess()) { - // Get the permissions from the parent process - InfallibleTArrayIPC::Permission perms; -@@ -215,8 +224,18 @@ nsPermissionManager::InitDB(bool aRemoveFile) - if (!storage) - return NS_ERROR_UNEXPECTED; - -+ bool memory_db = false; -+ nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID); -+ if (prefs) { -+ prefs->GetBoolPref("permissions.memory_only", &memory_db); -+ } -+ - // cache a connection to the hosts database -- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ if (memory_db) { -+ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); -+ } else { -+ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ } - NS_ENSURE_SUCCESS(rv, rv); - - bool ready; -@@ -226,7 +245,11 @@ nsPermissionManager::InitDB(bool aRemoveFile) - rv = permissionsFile->Remove(false); - NS_ENSURE_SUCCESS(rv, rv); - -- rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ if (memory_db) { -+ rv = storage->OpenSpecialDatabase("memory", getter_AddRefs(mDBConn)); -+ } else { -+ rv = storage->OpenDatabase(permissionsFile, getter_AddRefs(mDBConn)); -+ } - NS_ENSURE_SUCCESS(rv, rv); - - mDBConn->GetConnectionReady(&ready); -@@ -758,7 +781,12 @@ NS_IMETHODIMP nsPermissionManager::Observe(nsISupports *aSubject, const char *aT - { - ENSURE_NOT_CHILD_PROCESS; - -- if (!nsCRT::strcmp(aTopic, "profile-before-change")) { -+ if (nsCRT::strcmp(aTopic, NS_PREFBRANCH_PREFCHANGE_TOPIC_ID) == 0) { -+ if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("permissions.memory_only").get())) { -+ // XXX: Should we remove the file? Probably not.. -+ InitDB(PR_FALSE); -+ } -+ } else if (!nsCRT::strcmp(aTopic, "profile-before-change")) { - // The profile is about to change, - // or is going away because the application is shutting down. - if (!nsCRT::strcmp(someData, NS_LITERAL_STRING("shutdown-cleanse").get())) { --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch b/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch deleted file mode 100644 index 33cf5e9..0000000 --- a/src/current-patches/firefox/alpha/0003-Make-Intermediate-Cert-Store-memory-only.patch +++ /dev/null @@ -1,43 +0,0 @@ -From a95872e8de8230e8e0128314acd335a7cb3510fb Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@fscked.org -Date: Fri, 19 Aug 2011 17:58:23 -0700 -Subject: [PATCH 03/19] Make Intermediate Cert Store memory-only. - -This patch makes the intermediate SSL cert store exist in memory only. - -The pref must be set before startup in prefs.js. -https://trac.torproject.org/projects/tor/ticket/2949 ---- - security/manager/ssl/src/nsNSSComponent.cpp | 15 ++++++++++++++- - 1 files changed, 14 insertions(+), 1 deletions(-) - -diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp -index bc49de9..0f66320 100644 ---- a/security/manager/ssl/src/nsNSSComponent.cpp -+++ b/security/manager/ssl/src/nsNSSComponent.cpp -@@ -1743,8 +1743,21 @@ nsNSSComponent::InitializeNSS(bool showWarningBox) - // Ubuntu 8.04, which loads any nonexistent "<configdir>/libnssckbi.so" as - // "/usr/lib/nss/libnssckbi.so". - PRUint32 init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; -- SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", -+ bool nocertdb = false; -+ mPrefBranch->GetBoolPref("security.nocertdb", &nocertdb); -+ -+ // XXX: We can also do the the following to only disable the certdb. -+ // Leaving this codepath in as a fallback in case InitNODB fails -+ if (nocertdb) -+ init_flags |= NSS_INIT_NOCERTDB; -+ -+ SECStatus init_rv; -+ if (nocertdb) { -+ init_rv = ::NSS_NoDB_Init(NULL); -+ } else { -+ init_rv = ::NSS_Initialize(profileStr.get(), "", "", - SECMOD_DB, init_flags); -+ } - - if (init_rv != SECSuccess) { - PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch b/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch deleted file mode 100644 index bbc6220..0000000 --- a/src/current-patches/firefox/alpha/0004-Add-a-string-based-cacheKey.patch +++ /dev/null @@ -1,85 +0,0 @@ -From df164279499b23794a112de4305f3ed99a25da68 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 17:03:57 -0700 -Subject: [PATCH 04/19] Add a string-based cacheKey. - -Used for isolating cache according to same-origin policy. ---- - netwerk/base/public/nsICachingChannel.idl | 7 +++++++ - netwerk/protocol/http/nsHttpChannel.cpp | 22 ++++++++++++++++++++++ - netwerk/protocol/http/nsHttpChannel.h | 1 + - 3 files changed, 30 insertions(+), 0 deletions(-) - -diff --git a/netwerk/base/public/nsICachingChannel.idl b/netwerk/base/public/nsICachingChannel.idl -index 96a8aef..b1c6f05 100644 ---- a/netwerk/base/public/nsICachingChannel.idl -+++ b/netwerk/base/public/nsICachingChannel.idl -@@ -66,6 +66,13 @@ interface nsICachingChannel : nsICacheInfoChannel - attribute nsISupports cacheKey; - - /** -+ * Set/get the cache domain... uniquely identifies the data in the cache -+ * for this channel. Holding a reference to this key does NOT prevent -+ * the cached data from being removed. -+ */ -+ attribute AUTF8String cacheDomain; -+ -+ /** - * Specifies whether or not the data should be cached to a file. This - * may fail if the disk cache is not present. The value of this attribute - * is usually only settable during the processing of a channel's -diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 290d04c..9c10e3a 100644 ---- a/netwerk/protocol/http/nsHttpChannel.cpp -+++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -2538,6 +2538,12 @@ nsHttpChannel::AssembleCacheKey(const char *spec, PRUint32 postID, - cacheKey.Append(buf); - } - -+ if (strlen(mCacheDomain.get()) > 0) { -+ cacheKey.AppendLiteral("domain="); -+ cacheKey.Append(mCacheDomain.get()); -+ cacheKey.AppendLiteral("&"); -+ } -+ - if (!cacheKey.IsEmpty()) { - cacheKey.AppendLiteral("uri="); - } -@@ -4876,6 +4882,22 @@ nsHttpChannel::SetCacheForOfflineUse(bool value) - } - - NS_IMETHODIMP -+nsHttpChannel::GetCacheDomain(nsACString &value) -+{ -+ value = mCacheDomain; -+ -+ return NS_OK; -+} -+ -+NS_IMETHODIMP -+nsHttpChannel::SetCacheDomain(const nsACString &value) -+{ -+ mCacheDomain = value; -+ -+ return NS_OK; -+} -+ -+NS_IMETHODIMP - nsHttpChannel::GetOfflineCacheClientID(nsACString &value) - { - value = mOfflineCacheClientID; -diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index eaad05e..0382b1c 100644 ---- a/netwerk/protocol/http/nsHttpChannel.h -+++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -292,6 +292,7 @@ private: - nsCOMPtr<nsICacheEntryDescriptor> mOfflineCacheEntry; - nsCacheAccessMode mOfflineCacheAccess; - nsCString mOfflineCacheClientID; -+ nsCString mCacheDomain; - - nsCOMPtr<nsILocalFile> mProfileDirectory; - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch b/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch deleted file mode 100644 index 79d92de..0000000 --- a/src/current-patches/firefox/alpha/0005-Block-all-plugins-except-flash.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 5c43ec0bcc08d82d7ea1895e2586028ff0c43db2 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 1 Feb 2012 15:50:15 -0800 -Subject: [PATCH 05/19] Block all plugins except flash. - -We cannot use the @mozilla.org/extensions/blocklist;1 service, because we -actually want to stop plugins from ever entering the browser's process space -and/or executing code (for example, AV plugins that collect statistics/analyse -urls, magical toolbars that phone home or "help" the user, skype buttons that -ruin our day, and censorship filters). Hence we rolled our own. - -See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings -on a better way. Until then, it is delta-darwinism for us. ---- - dom/plugins/base/nsPluginHost.cpp | 33 +++++++++++++++++++++++++++++++++ - dom/plugins/base/nsPluginHost.h | 2 ++ - 2 files changed, 35 insertions(+), 0 deletions(-) - -diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp -index 2877669..901fbb9 100644 ---- a/dom/plugins/base/nsPluginHost.cpp -+++ b/dom/plugins/base/nsPluginHost.cpp -@@ -1876,6 +1876,35 @@ bool nsPluginHost::IsDuplicatePlugin(nsPluginTag * aPluginTag) - return false; - } - -+PRBool nsPluginHost::GhettoBlacklist(nsIFile *pluginFile) -+{ -+ nsCString leaf; -+ const char *leafStr; -+ nsresult rv; -+ -+ rv = pluginFile->GetNativeLeafName(leaf); -+ if (NS_FAILED(rv)) { -+ return PR_TRUE; // fuck 'em. blacklist. -+ } -+ -+ leafStr = leaf.get(); -+ -+ if (!leafStr) { -+ return PR_TRUE; // fuck 'em. blacklist. -+ } -+ -+ // libgnashplugin.so, libflashplayer.so, Flash Player-10.4-10.5.plugin, -+ // NPSWF32.dll, NPSWF64.dll -+ if (strstr(leafStr, "libgnashplugin") == leafStr || -+ strstr(leafStr, "libflashplayer") == leafStr || -+ strstr(leafStr, "Flash Player") == leafStr || -+ strstr(leafStr, "NPSWF") == leafStr) { -+ return PR_FALSE; -+ } -+ -+ return PR_TRUE; // fuck 'em. blacklist. -+} -+ - typedef NS_NPAPIPLUGIN_CALLBACK(char *, NP_GETMIMEDESCRIPTION)(void); - - nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, -@@ -2009,6 +2038,10 @@ nsresult nsPluginHost::ScanPluginsDirectory(nsIFile *pluginsDir, - continue; - } - -+ if (GhettoBlacklist(localfile)) { -+ continue; -+ } -+ - // if it is not found in cache info list or has been changed, create a new one - if (!pluginTag) { - nsPluginFile pluginFile(localfile); -diff --git a/dom/plugins/base/nsPluginHost.h b/dom/plugins/base/nsPluginHost.h -index 036a102..1f7bd14 100644 ---- a/dom/plugins/base/nsPluginHost.h -+++ b/dom/plugins/base/nsPluginHost.h -@@ -247,6 +247,8 @@ private: - // Loads all cached plugins info into mCachedPlugins - nsresult ReadPluginInfo(); - -+ PRBool GhettoBlacklist(nsIFile *pluginFile); -+ - // Given a file path, returns the plugins info from our cache - // and removes it from the cache. - void RemoveCachedPluginsInfo(const char *filePath, --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch b/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch deleted file mode 100644 index cc75ee1..0000000 --- a/src/current-patches/firefox/alpha/0006-Make-content-pref-service-memory-only-clearable.patch +++ /dev/null @@ -1,37 +0,0 @@ -From c1f6abc0766763e65c5e8b22f72171c5f8e4639b Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@fscked.org -Date: Thu, 8 Sep 2011 08:40:17 -0700 -Subject: [PATCH 06/19] Make content pref service memory-only + clearable - -This prevents random urls from being inserted into content-prefs.sqllite in -the profile directory as content prefs change (includes site-zoom and perhaps -other site prefs?). ---- - .../contentprefs/nsContentPrefService.js | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/toolkit/components/contentprefs/nsContentPrefService.js b/toolkit/components/contentprefs/nsContentPrefService.js -index 81f974d..31597ac 100644 ---- a/toolkit/components/contentprefs/nsContentPrefService.js -+++ b/toolkit/components/contentprefs/nsContentPrefService.js -@@ -1208,7 +1208,7 @@ ContentPrefService.prototype = { - - var dbConnection; - -- if (!dbFile.exists()) -+ if (true || !dbFile.exists()) - dbConnection = this._dbCreate(dbService, dbFile); - else { - try { -@@ -1256,7 +1256,7 @@ ContentPrefService.prototype = { - }, - - _dbCreate: function ContentPrefService__dbCreate(aDBService, aDBFile) { -- var dbConnection = aDBService.openDatabase(aDBFile); -+ var dbConnection = aDBService.openSpecialDatabase("memory"); - - try { - this._dbCreateSchema(dbConnection); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch b/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch deleted file mode 100644 index 5b8270a..0000000 --- a/src/current-patches/firefox/alpha/0007-Disable-SSL-Session-ID-tracking.patch +++ /dev/null @@ -1,28 +0,0 @@ -From e3703799acddc621be9c64299070180721b489dc Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@fscked.org -Date: Wed, 7 Dec 2011 19:36:38 -0800 -Subject: [PATCH 07/19] Disable SSL Session ID tracking. - -We can't easily bind SSL Session ID tracking to url bar domain, -so we have to disable them to satisfy -https://www.torproject.org/projects/torbrowser/design/#identifier-linkabilit.... ---- - security/nss/lib/ssl/sslsock.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c -index 0c4d0c7..8d23fc0 100644 ---- a/security/nss/lib/ssl/sslsock.c -+++ b/security/nss/lib/ssl/sslsock.c -@@ -173,7 +173,7 @@ static sslOptions ssl_defaults = { - PR_FALSE, /* enableSSL2 */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* enableSSL3 */ - PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */ -- PR_FALSE, /* noCache */ -+ PR_TRUE, /* noCache */ - PR_FALSE, /* fdx */ - PR_FALSE, /* v2CompatibleHello */ /* now defaults to off in NSS 3.13 */ - PR_TRUE, /* detectRollBack */ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch b/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch deleted file mode 100644 index 1b7d396..0000000 --- a/src/current-patches/firefox/alpha/0008-Limit-device-and-system-specific-CSS-Media-Queries.patch +++ /dev/null @@ -1,116 +0,0 @@ -From fdecb1911dd0bbd9bc611931c16026de17f6cbe9 Mon Sep 17 00:00:00 2001 -From: Shondoit Walker shondoit@gmail.com -Date: Mon, 4 Jun 2012 19:15:31 +0200 -Subject: [PATCH 08/19] Limit device- and system-specific CSS Media Queries - -This is done to address -https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkab... - -This also fixes bug #4795 by making queries still available for chrome windows, -whilst returning nothing or non-device-specific values for web pages or extensions. ---- - layout/style/nsMediaFeatures.cpp | 42 ++++++++++++++++++++++++------------- - 1 files changed, 27 insertions(+), 15 deletions(-) - -diff --git a/layout/style/nsMediaFeatures.cpp b/layout/style/nsMediaFeatures.cpp -index a814f30..c9785b9 100644 ---- a/layout/style/nsMediaFeatures.cpp -+++ b/layout/style/nsMediaFeatures.cpp -@@ -98,6 +98,9 @@ GetDeviceContextFor(nsPresContext* aPresContext) - static nsSize - GetDeviceSize(nsPresContext* aPresContext) - { -+ if (!aPresContext->IsChrome()) { -+ return GetSize(aPresContext); -+ } else { - nsSize size; - if (aPresContext->IsRootPaginatedDocument()) - // We want the page size, including unprintable areas and margins. -@@ -108,6 +111,7 @@ GetDeviceSize(nsPresContext* aPresContext) - GetDeviceContextFor(aPresContext)-> - GetDeviceSurfaceDimensions(size.width, size.height); - return size; -+ } - } - - static nsresult -@@ -151,17 +155,17 @@ static nsresult - GetDeviceOrientation(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- nsSize size = GetDeviceSize(aPresContext); -- PRInt32 orientation; -- if (size.width > size.height) { -- orientation = NS_STYLE_ORIENTATION_LANDSCAPE; -- } else { -- // Per spec, square viewports should be 'portrait' -- orientation = NS_STYLE_ORIENTATION_PORTRAIT; -- } -- -- aResult.SetIntValue(orientation, eCSSUnit_Enumerated); -- return NS_OK; -+ nsSize size = GetDeviceSize(aPresContext); -+ PRInt32 orientation; -+ if (size.width > size.height) { -+ orientation = NS_STYLE_ORIENTATION_LANDSCAPE; -+ } else { -+ // Per spec, square viewports should be 'portrait' -+ orientation = NS_STYLE_ORIENTATION_PORTRAIT; -+ } -+ -+ aResult.SetIntValue(orientation, eCSSUnit_Enumerated); -+ return NS_OK; - } - - static nsresult -@@ -279,8 +283,12 @@ static nsresult - GetDevicePixelRatio(nsPresContext* aPresContext, const nsMediaFeature*, - nsCSSValue& aResult) - { -- float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -- aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ if (aPresContext->IsChrome()) { -+ float ratio = aPresContext->CSSPixelsToDevPixels(1.0f); -+ aResult.SetFloatValue(ratio, eCSSUnit_Number); -+ } else { -+ aResult.SetFloatValue(1.0, eCSSUnit_Number); -+ } - return NS_OK; - } - -@@ -288,18 +296,21 @@ static nsresult - GetSystemMetric(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -+ if (aPresContext->IsChrome()) { - NS_ABORT_IF_FALSE(aFeature->mValueType == nsMediaFeature::eBoolInteger, - "unexpected type"); - nsIAtom *metricAtom = *aFeature->mData.mMetric; - bool hasMetric = nsCSSRuleProcessor::HasSystemMetric(metricAtom); - aResult.SetIntValue(hasMetric ? 1 : 0, eCSSUnit_Integer); -- return NS_OK; -+ } -+ return NS_OK; - } - - static nsresult - GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - nsCSSValue& aResult) - { -+ if (aPresContext->IsChrome()) { - aResult.Reset(); - #ifdef XP_WIN - PRUint8 windowsThemeId = -@@ -318,7 +329,8 @@ GetWindowsTheme(nsPresContext* aPresContext, const nsMediaFeature* aFeature, - } - } - #endif -- return NS_OK; -+ } -+ return NS_OK; - } - - /* --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch b/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch deleted file mode 100644 index 6ee2744..0000000 --- a/src/current-patches/firefox/alpha/0009-Make-Download-manager-memory-only.patch +++ /dev/null @@ -1,57 +0,0 @@ -From ec182e8a83826db0c2bae711d594a26cd0b08a22 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 25 Apr 2012 13:39:35 -0700 -Subject: [PATCH 09/19] Make Download manager memory only. - -Solves https://trac.torproject.org/projects/tor/ticket/4017. - -Yes, this is an ugly hack. We *could* send the observer notification from -Torbutton to tell the download manager to switch to memory, but then we have -to dance around and tell it again if the user switches in and out of private -browsing mode.. - -The right way to do this is with a pref. Maybe I'll get to that someday, if -this breaks enough times in conflict. ---- - toolkit/components/downloads/nsDownloadManager.cpp | 4 ++-- - toolkit/components/downloads/nsDownloadManager.h | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/toolkit/components/downloads/nsDownloadManager.cpp b/toolkit/components/downloads/nsDownloadManager.cpp -index 0e846a0..42ca743 100644 ---- a/toolkit/components/downloads/nsDownloadManager.cpp -+++ b/toolkit/components/downloads/nsDownloadManager.cpp -@@ -2005,7 +2005,7 @@ nsDownloadManager::Observe(nsISupports *aSubject, - if (NS_LITERAL_STRING("memory").Equals(aData)) - return SwitchDatabaseTypeTo(DATABASE_MEMORY); - else if (NS_LITERAL_STRING("disk").Equals(aData)) -- return SwitchDatabaseTypeTo(DATABASE_DISK); -+ return SwitchDatabaseTypeTo(DATABASE_MEMORY); - } - else if (strcmp(aTopic, "alertclickcallback") == 0) { - nsCOMPtr<nsIDownloadManagerUI> dmui = -@@ -2082,7 +2082,7 @@ nsDownloadManager::OnLeavePrivateBrowsingMode() - (void)ResumeAllDownloads(false); - - // Switch back to the on-disk DB again -- (void)SwitchDatabaseTypeTo(DATABASE_DISK); -+ //(void)SwitchDatabaseTypeTo(DATABASE_DISK); - - mInPrivateBrowsing = false; - } -diff --git a/toolkit/components/downloads/nsDownloadManager.h b/toolkit/components/downloads/nsDownloadManager.h -index 5649eeb..1e7912b 100644 ---- a/toolkit/components/downloads/nsDownloadManager.h -+++ b/toolkit/components/downloads/nsDownloadManager.h -@@ -54,7 +54,7 @@ public: - - virtual ~nsDownloadManager(); - nsDownloadManager() : -- mDBType(DATABASE_DISK) -+ mDBType(DATABASE_MEMORY) - , mInPrivateBrowsing(false) - #ifdef DOWNLOAD_SCANNER - , mScanner(nsnull) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch b/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch deleted file mode 100644 index e9c6c2c..0000000 --- a/src/current-patches/firefox/alpha/0010-Add-DDG-and-StartPage-to-Omnibox.patch +++ /dev/null @@ -1,84 +0,0 @@ -From e58200766a98fc8e239c95eb19a0afcf9fcd6381 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Wed, 25 Apr 2012 15:03:46 -0700 -Subject: [PATCH 10/19] Add DDG and StartPage to Omnibox. - -You mean there are search engines that don't require captchas if you don't -have a cookie? Holy crap. Get those in there now. ---- - browser/locales/en-US/searchplugins/duckduckgo.xml | 29 ++++++++++++++++++++ - browser/locales/en-US/searchplugins/list.txt | 2 + - browser/locales/en-US/searchplugins/startpage.xml | 11 +++++++ - 3 files changed, 42 insertions(+), 0 deletions(-) - create mode 100644 browser/locales/en-US/searchplugins/duckduckgo.xml - create mode 100644 browser/locales/en-US/searchplugins/startpage.xml - -diff --git a/browser/locales/en-US/searchplugins/duckduckgo.xml b/browser/locales/en-US/searchplugins/duckduckgo.xml -new file mode 100644 -index 0000000..4f00b4d ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/duckduckgo.xml -@@ -0,0 +1,29 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>DuckDuckGo</ShortName> -+<Description>Duck Duck Go</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAANcNAADXDQAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAJyDsJmlk8pf6+v3s/v7+++zr/fcnIOyzJyDsgCcg7CYAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAnIOwBJyDscCcg7PZttJ7/7Pfs//////++xO7/S5GA/ycg7P8n -+IOz2JyDscCcg7AEAAAAAAAAAAAAAAAAnIOwBJyDstScg7P8nIOz/Y8p5/2fHZf9Yv0z/YcF2/1rB -+Uv8nIOz/JyDs/ycg7P8nIOy1JyDsAQAAAAAAAAAAJyDscCcg7P8nIOz/JyDs/4jQoP/p9+n///// -+/05X3v9LkYD/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAJyDsJicg7PYnIOz/JyDs/zUu7f/+/v// -+//////////89N+7/JyDs/yUo7f8nIOz/JyDs/ycg7P8nIOz2JyDsJicg7IAnIOz/JyDs/ycg7P9h -+XPH////////////t/P//GIr2/wfD+/8Gyfz/DKv5/yM57/8nIOz/JyDs/ycg7H8nIOyzJyDs/ycg -+7P8nIOz/jov1////////////Otz9/w3G/P8cWfH/JSvt/ycg7P8nIOz/JyDs/ycg7P8nIOyzJyDs -+5icg7P8nIOz/JyDs/7u5+f///////////27l/v8E0v3/BNL9/wTQ/f8Oofn/IT7v/ycg7P8nIOz/ -+JyDs5icg7OYnIOz/JyDs/ycg7P/p6P3/uWsC////////////5fr//6Po/f8Thfb/DKv5/w6f+f8n IOz/JyDs/ycg7OYnIOyzJyDs/ycg7P8nIOz/9/b+/////////////////7lrAv/V1Pv/JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOyzJyDsgCcg7P8nIOz/JyDs/8/N+///////////////////////iIX1 -+/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDsfycg7CYnIOz2JyDs/ycg7P9FP+7/q6n4/+7u/f/n5v3/ -+fXn0/yoj7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7CYAAAAAJyDscCcg7P8nIOz/wsD6/+no/f/Y -+1/z/eHTz/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7HAAAAAAAAAAACcg7AEnIOy1JyDs/ycg -+7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs/ycg7LUnIOwBAAAAAAAAAAAAAAAAJyDs -+AScg7HAnIOz2JyDs/ycg7P8nIOz/JyDs/ycg7P8nIOz/JyDs9icg7HAnIOwBAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAJyDsJicg7IAnIOyzJyDs5icg7OYnIOyzJyDsgCcg7CYAAAAAAAAAAAAAAAAA -+AAAA+B8AAPAPAADAAwAAwAMAAIABAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABAACAAQAAwAMAAMAD -+AADwDwAA+B8AAA==</Image> -+<Url type="text/html" method="POST" template="https://duckduckgo.com/html/"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://duckduckgo.com/html/</SearchForm> -+</SearchPlugin> -diff --git a/browser/locales/en-US/searchplugins/list.txt b/browser/locales/en-US/searchplugins/list.txt -index 2a1141a..0466f4e 100644 ---- a/browser/locales/en-US/searchplugins/list.txt -+++ b/browser/locales/en-US/searchplugins/list.txt -@@ -1,7 +1,9 @@ - amazondotcom - bing -+duckduckgo - eBay - google -+startpage - twitter - wikipedia - yahoo -diff --git a/browser/locales/en-US/searchplugins/startpage.xml b/browser/locales/en-US/searchplugins/startpage.xml -new file mode 100644 -index 0000000..1a310b1 ---- /dev/null -+++ b/browser/locales/en-US/searchplugins/startpage.xml -@@ -0,0 +1,11 @@ -+<SearchPlugin xmlns="http://www.mozilla.org/2006/browser/search/"> -+<ShortName>Startpage</ShortName> -+<Description>Start Page</Description> -+<InputEncoding>UTF-8</InputEncoding> -+<Image width="16" height="16">data:image/png;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2jkj+9YtD/vWLQ/71i0P+9otD/vaLRP72i0T+9YtE/vWLRP72i0T+9otD/vaNRP72jUT+9otF/vaLRf73kkv+9Yc///WJP//1iT//9Yk///rAmf/94Mz/+sCa//aRTv/1iUH/9ok///aJP//2i0H/9otB//aJQv/2iUL/9otC//aNRP/2jUT/9o1E//aNRP/6wpv////////////96dr/95dQ//aNRP/2kET/9pBG//aQRv/2kEb/9pBG//aRR//3lEz/95BH//mueP/7xJ3/959g//efYf/4p23//vDm//3p2//3kEr/95FJ//aRSf/niFH/95FK//aRSv/2mE//95hS/vq4iP/////////////////81bj/95xZ//q4iP//////+bF+//eZT//njFT/PSqi/2xGjv/2mVD/951V/vedVv783cX///////vQrf/++PP///////748//+8uj///////m3gf/olFr/PSuj/w8Pt/9sSJD/951V//eeWf73oVv++8ul///////5sXf/+KRi//vRsf////////////3r3v/olF//Piyk/w8Pt/9sSJH/+J5Z//ieWv/3oV/++KZf/vihXP/97N7//vn0//zTs//6wJP/+bBy//q6iP/onW//Piyl/w8Pt/8fGbH/m2iB/+icY//4pGD/96hl/viqZf74pmD/+Kxr//3iy/////////n1//ivbP/onGj/Pi2m/w8Pt/8uJKz/fFeQ/x8Zsf8+Lqb/6J9r//ivbP74rm3++Klm//mpZv/5q2f/+bR9//m0e//poW7/Pi6n/w8Pt/9sTZj/+Ktp//ira/+rd4P/Dw+3/4xijv/5snH+ +LN1/vmvbf/5r23/+a5t//mvb//4r2//TTuk/w8Pt/8fGrL/6ah1//ivcP/4r3P/q3yI/w8Pt/+MZpP/+bN5/vm4ev75t3X/+bV1//m1df/5t3X/+Ld3/8qUhP98XZn/Hxqz/+mse//5t3f/2p+B/x8as/8PD7f/u4qK//m7fv76u4D++bl7//m3fP/5uXz/+bl8//m5fP/5t3z/+bl//x8as/9NPKf/fWCb/x8as/8PD7f/bVOh//q5f//6v4X++sGI/vm9g//5voX/+b6F//m9hf/6vYX/+r6F//nCh/+bepr/Hxu0/w8Pt/8PD7f/fWOh//q+hf/6wof/+saN/vrGjf75xIv/+ceL//nEi//5xIv/+sSL//rHi//6x43/+ceN/+m7kP+7lpj/6ruQ//rHkP/6x43/+seQ//rLlf76ypT++seR//rJkf/6yZH/+seR//rJkf/6yZH/+8mR//vJlP/7yZT/+smU//rJlP/6yZT/+8yV//rJlf/6zpn+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==</Image> -+ -+<Url type="text/html" method="POST" template="https://startpage.com/do/search"> -+ <Param name="q" value="{searchTerms}"/> -+</Url> -+<SearchForm>https://startpage.com/do/search/</SearchForm> -+</SearchPlugin> --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch b/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch deleted file mode 100644 index 879cfa6..0000000 --- a/src/current-patches/firefox/alpha/0011-Make-nsICacheService.EvictEntries-synchronous.patch +++ /dev/null @@ -1,44 +0,0 @@ -From b0f594e6130bf618a25d33d80f7b66d110449dc9 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 1 May 2012 15:02:03 -0700 -Subject: [PATCH 11/19] Make nsICacheService.EvictEntries synchronous - -This fixes a race condition that allows cache-based EverCookies to persist for -a brief time (on the order of minutes?) after cache clearing/"New Identity". - -https://trac.torproject.org/projects/tor/ticket/5715 ---- - netwerk/cache/nsCacheService.cpp | 15 +++++++++++++-- - 1 files changed, 13 insertions(+), 2 deletions(-) - -diff --git a/netwerk/cache/nsCacheService.cpp b/netwerk/cache/nsCacheService.cpp -index 991cc34..ef2ad25 100644 ---- a/netwerk/cache/nsCacheService.cpp -+++ b/netwerk/cache/nsCacheService.cpp -@@ -1506,10 +1506,21 @@ NS_IMETHODIMP nsCacheService::VisitEntries(nsICacheVisitor *visitor) - return NS_OK; - } - -- - NS_IMETHODIMP nsCacheService::EvictEntries(nsCacheStoragePolicy storagePolicy) - { -- return EvictEntriesForClient(nsnull, storagePolicy); -+ NS_IMETHODIMP r; -+ r = EvictEntriesForClient(nsnull, storagePolicy); -+ -+ // XXX: Bloody hack until we get this notifier in FF14.0: -+ // https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsICacheListener#... -+ if (storagePolicy == nsICache::STORE_ANYWHERE && -+ NS_IsMainThread() && gService && gService->mInitialized) { -+ nsCacheServiceAutoLock lock; -+ gService->DoomActiveEntries(); -+ gService->ClearDoomList(); -+ (void) SyncWithCacheIOThread(); -+ } -+ return r; - } - - NS_IMETHODIMP nsCacheService::GetCacheIOTarget(nsIEventTarget * *aCacheIOTarget) --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch b/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch deleted file mode 100644 index 91a5347..0000000 --- a/src/current-patches/firefox/alpha/0012-Make-Tor-Browser-exit-when-not-launched-from-Vidalia.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 07ed1fba9d99b3aa860ab75f34c7650341c59b77 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 7 Jun 2012 14:45:26 -0700 -Subject: [PATCH 12/19] Make Tor Browser exit when not launched from Vidalia - -Turns out the Windows 7 UI encourages users to "dock" their Tor Browser app -for easy relaunch. If they manage to do this, we should fail closed rather -than opened. Hopefully they will get the hint and dock Vidalia instead. - -This is an emergency fix for -https://trac.torproject.org/projects/tor/ticket/4192. We can do a better -localized fix w/ a translated alert menu later, if it seems like this might -actually be common. ---- - browser/base/content/browser.js | 14 ++++++++++++++ - 1 files changed, 14 insertions(+), 0 deletions(-) - -diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js -index 79ab155..84f747c 100644 ---- a/browser/base/content/browser.js -+++ b/browser/base/content/browser.js -@@ -995,6 +995,20 @@ function BrowserStartup() { - - prepareForStartup(); - -+ // If this is not a TBB profile, exit. -+ // Solves https://trac.torproject.org/projects/tor/ticket/4192 -+ var foundPref = false; -+ try { -+ foundPref = gPrefService.prefHasUserValue("torbrowser.version"); -+ } catch(e) { -+ //dump("No pref: "+e); -+ } -+ if(!foundPref) { -+ var appStartup = Components.classes["@mozilla.org/toolkit/app-startup;1"] -+ .getService(Components.interfaces.nsIAppStartup); -+ appStartup.quit(3); // Force all windows to close, and then quit. -+ } -+ - if (uriToLoad && uriToLoad != "about:blank") { - if (uriToLoad instanceof Ci.nsISupportsArray) { - let count = uriToLoad.Count(); --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch b/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch deleted file mode 100644 index 95e3f48..0000000 --- a/src/current-patches/firefox/alpha/0013-Limit-the-number-of-fonts-per-document.patch +++ /dev/null @@ -1,225 +0,0 @@ -From a94c453f1b68acddb84d1a97e10de3994dfdf2cd Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Thu, 7 Jun 2012 15:09:59 -0700 -Subject: [PATCH 13/19] Limit the number of fonts per document. - -We create two prefs: -browser.display.max_font_count and browser.display.max_font_attempts. -max_font_count sets a limit on the number of fonts actually used in the -document, and max_font_attempts sets a limit on the total number of CSS -queries that a document is allowed to perform. - -Once either limit is reached, the browser behaves as if -browser.display.use_document_fonts was set to 0 for subsequent font queries. - -If a pref is not set or is negative, that limit does not apply. - -This is done to address: -https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkab... ---- - layout/base/nsPresContext.cpp | 100 +++++++++++++++++++++++++++++++++++++++++ - layout/base/nsPresContext.h | 9 ++++ - layout/style/nsRuleNode.cpp | 13 ++++- - 3 files changed, 119 insertions(+), 3 deletions(-) - -diff --git a/layout/base/nsPresContext.cpp b/layout/base/nsPresContext.cpp -index f49d9f3..53f0b12 100644 ---- a/layout/base/nsPresContext.cpp -+++ b/layout/base/nsPresContext.cpp -@@ -63,6 +63,8 @@ - #include "FrameLayerBuilder.h" - #include "nsDOMMediaQueryList.h" - #include "nsSMILAnimationController.h" -+#include "nsString.h" -+#include "nsUnicharUtils.h" - - #ifdef IBMBIDI - #include "nsBidiPresUtils.h" -@@ -740,6 +742,10 @@ nsPresContext::GetUserPreferences() - // * use fonts? - mUseDocumentFonts = - Preferences::GetInt("browser.display.use_document_fonts") != 0; -+ mMaxFonts = -+ Preferences::GetInt("browser.display.max_font_count", -1); -+ mMaxFontAttempts = -+ Preferences::GetInt("browser.display.max_font_attempts", -1); - - // * replace backslashes with Yen signs? (bug 245770) - mEnableJapaneseTransform = -@@ -1363,6 +1369,100 @@ nsPresContext::GetDefaultFont(PRUint8 aFontID, nsIAtom *aLanguage) const - return font; - } - -+PRBool -+nsPresContext::FontUseCountReached(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+PRBool -+nsPresContext::FontAttemptCountReached(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return PR_FALSE; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return PR_FALSE; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return PR_TRUE; -+ } -+ -+ return PR_FALSE; -+} -+ -+void -+nsPresContext::AddFontUse(const nsFont &font) { -+ if (mMaxFonts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsUsed.Length(); i++) { -+ if (mFontsUsed[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsUsed[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsUsed.Length() >= mMaxFonts) { -+ return; -+ } -+ -+ mFontsUsed.AppendElement(font); -+ return; -+} -+ -+void -+nsPresContext::AddFontAttempt(const nsFont &font) { -+ if (mMaxFontAttempts < 0) { -+ return; -+ } -+ -+ for (PRUint32 i = 0; i < mFontsTried.Length(); i++) { -+ if (mFontsTried[i].name.Equals(font.name, -+ nsCaseInsensitiveStringComparator()) -+ // XXX: Style is sometimes filled with garbage?? -+ /*&& mFontsTried[i].style == font.style*/) { -+ // seen it before: OK -+ return; -+ } -+ } -+ -+ if (mFontsTried.Length() >= mMaxFontAttempts) { -+ return; -+ } -+ -+ mFontsTried.AppendElement(font); -+ return; -+} -+ - void - nsPresContext::SetFullZoom(float aZoom) - { -diff --git a/layout/base/nsPresContext.h b/layout/base/nsPresContext.h -index 0c42c6b..f37c7a2 100644 ---- a/layout/base/nsPresContext.h -+++ b/layout/base/nsPresContext.h -@@ -514,6 +514,13 @@ public: - } - } - -+ nsTArray<nsFont> mFontsUsed; // currently for font-count limiting only -+ nsTArray<nsFont> mFontsTried; // currently for font-count limiting only -+ void AddFontUse(const nsFont &font); -+ void AddFontAttempt(const nsFont &font); -+ PRBool FontUseCountReached(const nsFont &font); -+ PRBool FontAttemptCountReached(const nsFont &font); -+ - /** - * Get the minimum font size for the specified language. If aLanguage - * is nsnull, then the document's language is used. -@@ -1174,6 +1181,8 @@ protected: - PRUint32 mInterruptChecksToSkip; - - mozilla::TimeStamp mReflowStartTime; -+ PRInt32 mMaxFontAttempts; -+ PRInt32 mMaxFonts; - - unsigned mHasPendingInterrupt : 1; - unsigned mInterruptsEnabled : 1; -diff --git a/layout/style/nsRuleNode.cpp b/layout/style/nsRuleNode.cpp -index 01613b8..fb19eba 100644 ---- a/layout/style/nsRuleNode.cpp -+++ b/layout/style/nsRuleNode.cpp -@@ -3387,14 +3387,15 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - - bool useDocumentFonts = - mPresContext->GetCachedBoolPref(kPresContext_UseDocumentFonts); -+ bool isXUL = PR_FALSE; - - // See if we are in the chrome - // We only need to know this to determine if we have to use the - // document fonts (overriding the useDocumentFonts flag). -- if (!useDocumentFonts && mPresContext->IsChrome()) { -+ if (mPresContext->IsChrome()) { - // if we are not using document fonts, but this is a XUL document, - // then we use the document fonts anyway -- useDocumentFonts = true; -+ isXUL = true; - } - - // Figure out if we are a generic font -@@ -3408,9 +3409,13 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - // generic? - nsFont::GetGenericID(font->mFont.name, &generic); - -+ mPresContext->AddFontAttempt(font->mFont); -+ - // If we aren't allowed to use document fonts, then we are only entitled - // to use the user's default variable-width font and fixed-width font -- if (!useDocumentFonts) { -+ if (!isXUL && (!useDocumentFonts || -+ mPresContext->FontAttemptCountReached(font->mFont) || -+ mPresContext->FontUseCountReached(font->mFont))) { - // Extract the generic from the specified font family... - nsAutoString genericName; - if (!font->mFont.EnumerateFamilies(ExtractGeneric, &genericName)) { -@@ -3446,6 +3451,8 @@ nsRuleNode::ComputeFontData(void* aStartStruct, - font); - } - -+ if (font->mGenericID == kGenericFont_NONE) -+ mPresContext->AddFontUse(font->mFont); - COMPUTE_END_INHERITED(Font, font) - } - --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch b/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch deleted file mode 100644 index 6f63876..0000000 --- a/src/current-patches/firefox/alpha/0014-Provide-an-observer-event-to-close-persistent-connec.patch +++ /dev/null @@ -1,40 +0,0 @@ -From af43ed872bd64b623ea1d5b83926c4d06e8fcd7d Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Fri, 7 Sep 2012 16:18:26 -0700 -Subject: [PATCH 14/19] Provide an observer event to close persistent - connections - -We need to prevent linkability across "New Identity", which includes closing -keep-alive connections. ---- - netwerk/protocol/http/nsHttpHandler.cpp | 7 +++++++ - 1 files changed, 7 insertions(+), 0 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp -index 2f71837..b066140 100644 ---- a/netwerk/protocol/http/nsHttpHandler.cpp -+++ b/netwerk/protocol/http/nsHttpHandler.cpp -@@ -309,6 +309,7 @@ nsHttpHandler::Init() - mObserverService->AddObserver(this, "net:clear-active-logins", true); - mObserverService->AddObserver(this, NS_PRIVATE_BROWSING_SWITCH_TOPIC, true); - mObserverService->AddObserver(this, "net:prune-dead-connections", true); -+ mObserverService->AddObserver(this, "net:prune-all-connections", true); - mObserverService->AddObserver(this, "net:failed-to-process-uri-content", true); - } - -@@ -1651,6 +1652,12 @@ nsHttpHandler::Observe(nsISupports *subject, - if (uri && mConnMgr) - mConnMgr->ReportFailedToProcess(uri); - } -+ else if (strcmp(topic, "net:prune-all-connections") == 0) { -+ if (mConnMgr) { -+ mConnMgr->ClosePersistentConnections(); -+ mConnMgr->PruneDeadConnections(); -+ } -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch b/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch deleted file mode 100644 index 2a6a9c5..0000000 --- a/src/current-patches/firefox/alpha/0015-Rebrand-Firefox-to-TorBrowser.patch +++ /dev/null @@ -1,59 +0,0 @@ -From d14732e7069aa8c33733f067e1e706bd852e3aba Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:05:11 -0700 -Subject: [PATCH 15/19] Rebrand Firefox to TorBrowser - -This patch does some basic renaming of Firefox to TorBrowser. The rest of the -branding is done by images and icons. ---- - browser/branding/official/configure.sh | 2 +- - browser/branding/official/locales/en-US/brand.dtd | 6 +++--- - .../official/locales/en-US/brand.properties | 6 +++--- - 3 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/browser/branding/official/configure.sh b/browser/branding/official/configure.sh -index 55f3f18..33102b0 100644 ---- a/browser/branding/official/configure.sh -+++ b/browser/branding/official/configure.sh -@@ -2,5 +2,5 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --MOZ_APP_DISPLAYNAME=Firefox -+MOZ_APP_DISPLAYNAME=TorBrowser - MOZ_UA_BUILDID=20100101 -diff --git a/browser/branding/official/locales/en-US/brand.dtd b/browser/branding/official/locales/en-US/brand.dtd -index 8e7f6c9..76e405d 100644 ---- a/browser/branding/official/locales/en-US/brand.dtd -+++ b/browser/branding/official/locales/en-US/brand.dtd -@@ -2,7 +2,7 @@ - - License, v. 2.0. If a copy of the MPL was not distributed with this - - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> - --<!ENTITY brandShortName "Firefox"> --<!ENTITY brandFullName "Mozilla Firefox"> --<!ENTITY vendorShortName "Mozilla"> -+<!ENTITY brandShortName "TorBrowser"> -+<!ENTITY brandFullName "Tor Browser"> -+<!ENTITY vendorShortName "Tor Project"> - <!ENTITY trademarkInfo.part1 "Firefox and the Firefox logos are trademarks of the Mozilla Foundation."> -diff --git a/browser/branding/official/locales/en-US/brand.properties b/browser/branding/official/locales/en-US/brand.properties -index 4a67c55..9ae168e 100644 ---- a/browser/branding/official/locales/en-US/brand.properties -+++ b/browser/branding/official/locales/en-US/brand.properties -@@ -2,9 +2,9 @@ - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - --brandShortName=Firefox --brandFullName=Mozilla Firefox --vendorShortName=Mozilla -+brandShortName=TorBrowser -+brandFullName=Tor Browser -+vendorShortName=Tor Project - - homePageSingleStartMain=Firefox Start, a fast home page with built-in search - homePageImport=Import your home page from %S --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch b/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch deleted file mode 100644 index 3c0367d..0000000 --- a/src/current-patches/firefox/alpha/0016-Prevent-WebSocket-DNS-leak.patch +++ /dev/null @@ -1,133 +0,0 @@ -From 727bc1103bc663e1bc2a25bb4fb8e9c9fb31763b Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:07:37 -0700 -Subject: [PATCH 16/19] Prevent WebSocket DNS leak. - -This is due to an improper implementation of the WebSocket spec by Mozilla. - -"There MUST be no more than one connection in a CONNECTING state. If multiple -connections to the same IP address are attempted simultaneously, the client -MUST serialize them so that there is no more than one connection at a time -running through the following steps. - -If the client cannot determine the IP address of the remote host (for -example, because all communication is being done through a proxy server that -performs DNS queries itself), then the client MUST assume for the purposes of -this step that each host name refers to a distinct remote host," - -https://tools.ietf.org/html/rfc6455#page-15 - -They implmented the first paragraph, but not the second... - -While we're at it, we also prevent the DNS service from being used to look up -anything other than IP addresses if socks_remote_dns is set to true, so this -bug can't turn up in other components or due to 3rd party addons. ---- - netwerk/dns/nsDNSService2.cpp | 24 ++++++++++++++++++++++- - netwerk/dns/nsDNSService2.h | 1 + - netwerk/protocol/websocket/WebSocketChannel.cpp | 8 +++++- - 3 files changed, 30 insertions(+), 3 deletions(-) - -diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp -index a59b6e3..d54ebf3 100644 ---- a/netwerk/dns/nsDNSService2.cpp -+++ b/netwerk/dns/nsDNSService2.cpp -@@ -373,6 +373,7 @@ nsDNSService::Init() - bool enableIDN = true; - bool disableIPv6 = false; - bool disablePrefetch = false; -+ bool disableDNS = false; - int proxyType = nsIProtocolProxyService::PROXYCONFIG_DIRECT; - - nsAdoptingCString ipv4OnlyDomains; -@@ -398,6 +399,10 @@ nsDNSService::Init() - - // If a manual proxy is in use, disable prefetch implicitly - prefs->GetIntPref("network.proxy.type", &proxyType); -+ -+ // If the user wants remote DNS, we should fail any lookups that still -+ // make it here. -+ prefs->GetBoolPref("network.proxy.socks_remote_dns", &disableDNS); - } - - if (mFirstTime) { -@@ -418,7 +423,7 @@ nsDNSService::Init() - - // Monitor these to see if there is a change in proxy configuration - // If a manual proxy is in use, disable prefetch implicitly -- prefs->AddObserver("network.proxy.type", this, false); -+ prefs->AddObserver("network.proxy.", this, false); - } - } - -@@ -447,6 +452,7 @@ nsDNSService::Init() - mIDN = idn; - mIPv4OnlyDomains = ipv4OnlyDomains; // exchanges buffer ownership - mDisableIPv6 = disableIPv6; -+ mDisableDNS = disableDNS; - - // Disable prefetching either by explicit preference or if a manual proxy is configured - mDisablePrefetch = disablePrefetch || (proxyType == nsIProtocolProxyService::PROXYCONFIG_MANUAL); -@@ -572,6 +578,14 @@ nsDNSService::AsyncResolve(const nsACString &hostname, - if (mDisablePrefetch && (flags & RESOLVE_SPECULATE)) - return NS_ERROR_DNS_LOOKUP_QUEUE_FULL; - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - res = mResolver; - idn = mIDN; - localDomain = mLocalDomains.GetEntry(hostname); -@@ -668,6 +682,14 @@ nsDNSService::Resolve(const nsACString &hostname, - } - NS_ENSURE_TRUE(res, NS_ERROR_OFFLINE); - -+ PRNetAddr tempAddr; -+ if (mDisableDNS) { -+ // Allow IP lookups through, but nothing else. -+ if (PR_StringToNetAddr(hostname.BeginReading(), &tempAddr) != PR_SUCCESS) { -+ return NS_ERROR_UNKNOWN_PROXY_HOST; // XXX: NS_ERROR_NOT_IMPLEMENTED? -+ } -+ } -+ - const nsACString *hostPtr = &hostname; - - if (localDomain) { -diff --git a/netwerk/dns/nsDNSService2.h b/netwerk/dns/nsDNSService2.h -index b60572c..3cf00e9 100644 ---- a/netwerk/dns/nsDNSService2.h -+++ b/netwerk/dns/nsDNSService2.h -@@ -40,5 +40,6 @@ private: - bool mDisableIPv6; - bool mDisablePrefetch; - bool mFirstTime; -+ bool mDisableDNS; - nsTHashtable<nsCStringHashKey> mLocalDomains; - }; -diff --git a/netwerk/protocol/websocket/WebSocketChannel.cpp b/netwerk/protocol/websocket/WebSocketChannel.cpp -index a87e1e0..4bee667 100644 ---- a/netwerk/protocol/websocket/WebSocketChannel.cpp -+++ b/netwerk/protocol/websocket/WebSocketChannel.cpp -@@ -1897,8 +1897,12 @@ WebSocketChannel::ApplyForAdmission() - LOG(("WebSocketChannel::ApplyForAdmission: checking for concurrent open\n")); - nsCOMPtr<nsIThread> mainThread; - NS_GetMainThread(getter_AddRefs(mainThread)); -- dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -- NS_ENSURE_SUCCESS(rv, rv); -+ rv = dns->AsyncResolve(hostName, 0, this, mainThread, getter_AddRefs(mDNSRequest)); -+ if (NS_FAILED(rv)) { -+ // Fall back to hostname on dispatch failure -+ mDNSRequest = nsnull; -+ OnLookupComplete(nsnull, nsnull, rv); -+ } - - return NS_OK; - } --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch b/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch deleted file mode 100644 index 76330a3..0000000 --- a/src/current-patches/firefox/alpha/0017-Randomize-HTTP-request-order-and-pipeline-depth.patch +++ /dev/null @@ -1,151 +0,0 @@ -From c5b94226e50a5502ef7902e2d05874f36d678769 Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:08:27 -0700 -Subject: [PATCH 17/19] Randomize HTTP request order and pipeline depth. - -This is an experimental defense against -http://lorre.uni.lu/~andriy/papers/acmccs-wpes11-fingerprinting.pdf - -See: -https://blog.torproject.org/blog/experimental-defense-website-traffic-finger... - -This defense has been improved since that blog post to additionally randomize -the order and concurrency of non-pipelined HTTP requests. - -This patch is also different from the 10.x ESR patch, as the pipelining -code has changed. We may want to set network.http.pipelining.aggressive to get -similar behavior... - -The good news is we now randomize SPDY request order as well as pipeline -request order (though SPDY is still disabled by default in TBB). ---- - netwerk/protocol/http/nsHttpConnectionMgr.cpp | 58 +++++++++++++++++++++++-- - netwerk/protocol/http/nsHttpConnectionMgr.h | 3 + - 2 files changed, 57 insertions(+), 4 deletions(-) - -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -index 0bfaf3b..d565532 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp -@@ -20,6 +20,8 @@ - #include "prnetdb.h" - #include "mozilla/Telemetry.h" - -+#include <stdlib.h> -+ - using namespace mozilla; - using namespace mozilla::net; - -@@ -39,15 +41,39 @@ InsertTransactionSorted(nsTArray<nsHttpTransaction*> &pendingQ, nsHttpTransactio - // insert into queue with smallest valued number first. search in reverse - // order under the assumption that many of the existing transactions will - // have the same priority (usually 0). -+ PRInt32 begin = 0, end = -1; -+ -+ if (pendingQ.IsEmpty()) { -+ pendingQ.InsertElementAt(0, trans); -+ return; -+ } - - for (PRInt32 i=pendingQ.Length()-1; i>=0; --i) { - nsHttpTransaction *t = pendingQ[i]; -- if (trans->Priority() >= t->Priority()) { -- pendingQ.InsertElementAt(i+1, trans); -- return; -+ if (end == -1 && trans->Priority() >= t->Priority()) { -+ end = i+1; -+ } else if (trans->Priority() < t->Priority()) { -+ begin = i+1; -+ break; - } - } -- pendingQ.InsertElementAt(0, trans); -+ -+ if (end == -1) { -+ pendingQ.AppendElement(trans); -+ return; -+ } -+ -+ // Choose random destination begin..end -+ PRInt32 count = 1+end - begin; -+ -+ if (count == 0) count = 1; // shouldn't happen... -+ -+ // FIXME: rand() is not crypto-secure.. but meh, this code will probably -+ // change like 2 dozen more times before merge, and rand() is probably -+ // good enough for our purposes anyways. -+ pendingQ.InsertElementAt(begin + (rand()%count), trans); -+ -+ // XXX Verify length, ordering inside a DEBUG ifdef?? - } - - //----------------------------------------------------------------------------- -@@ -70,6 +96,12 @@ nsHttpConnectionMgr::nsHttpConnectionMgr() - mCT.Init(); - mAlternateProtocolHash.Init(16); - mSpdyPreferredHash.Init(); -+ -+ nsresult rv; -+ mRandomGenerator = do_GetService("@mozilla.org/security/random-generator;1", &rv); -+ if (NS_FAILED(rv)) { -+ mRandomGenerator = nsnull; -+ } - } - - nsHttpConnectionMgr::~nsHttpConnectionMgr() -@@ -1141,6 +1173,19 @@ nsHttpConnectionMgr::AtActiveConnectionLimit(nsConnectionEntry *ent, PRUint8 cap - maxPersistConns = mMaxPersistConnsPerHost; - } - -+ // Fuzz maxConns for website fingerprinting attack -+ // We create a range of maxConns/5 up to 6*maxConns/5 -+ // because this function is called repeatedly, and we'll -+ // end up converging on the high side of concurrent connections -+ // after a short while. -+ PRUint8 *bytes = nsnull; -+ nsresult rv = mRandomGenerator->GenerateRandomBytes(1, &bytes); -+ NS_ENSURE_SUCCESS(rv, rv); -+ -+ bytes[0] = bytes[0] % (maxConns + 1); -+ maxConns = (maxConns/5) + bytes[0]; -+ NS_Free(bytes); -+ - // use >= just to be safe - bool result = (totalCount >= maxConns) || ( (caps & NS_HTTP_ALLOW_KEEPALIVE) && - (persistCount >= maxPersistConns) ); -@@ -1307,6 +1352,11 @@ nsHttpConnectionMgr::AddToShortestPipeline(nsConnectionEntry *ent, - - maxdepth = PR_MIN(maxdepth, depthLimit); - -+ if (maxdepth/2 > 1) { -+ // This is a crazy hack to randomize pipeline depth a bit more.. -+ maxdepth = 1 + maxdepth/2 + (rand() % (maxdepth/2)); -+ } -+ - if (maxdepth < 2) - return false; - -diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.h b/netwerk/protocol/http/nsHttpConnectionMgr.h -index 9e65da0..07c93b1 100644 ---- a/netwerk/protocol/http/nsHttpConnectionMgr.h -+++ b/netwerk/protocol/http/nsHttpConnectionMgr.h -@@ -22,6 +22,7 @@ - #include "nsIObserver.h" - #include "nsITimer.h" - #include "nsIX509Cert3.h" -+#include "nsIRandomGenerator.h" - - class nsHttpPipeline; - -@@ -579,6 +580,8 @@ private: - PRUint64 mTimeOfNextWakeUp; - // Timer for next pruning of dead connections. - nsCOMPtr<nsITimer> mTimer; -+ // Random number generator for reordering HTTP pipeline -+ nsCOMPtr<nsIRandomGenerator> mRandomGenerator; - - // A 1s tick to call nsHttpConnection::ReadTimeoutTick on - // active http/1 connections. Disabled when there are no --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch b/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch deleted file mode 100644 index 109574a..0000000 --- a/src/current-patches/firefox/alpha/0018-Adapt-Steven-Michaud-s-Mac-crashfix-patch.patch +++ /dev/null @@ -1,545 +0,0 @@ -From d705e4bb2b7efd4166d46d6fcb3183212902707c Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:22:32 -0700 -Subject: [PATCH 18/19] Adapt Steven Michaud's Mac crashfix patch - -Source is: https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35 - -Some minor tweaks were needed to get it to apply and to compile on -MacOS. ---- - widget/Makefile.in | 1 + - widget/cocoa/nsChildView.mm | 28 +++++++++++------ - widget/gtk2/nsDragService.cpp | 9 +++-- - widget/nsIDragService.idl | 4 +-- - widget/nsPIDragService.idl | 48 +++++++++++++++++++++++++++++ - widget/qt/nsDragService.h | 2 + - widget/windows/Makefile.in | 4 ++ - widget/windows/nsDragService.cpp | 13 +++++--- - widget/windows/nsDragService.h | 12 +++--- - widget/windows/nsNativeDragSource.cpp | 7 ++-- - widget/windows/nsNativeDragTarget.cpp | 28 ++++++++++------ - widget/windows/nsPIDragServiceWindows.idl | 46 +++++++++++++++++++++++++++ - widget/xpwidgets/nsBaseDragService.cpp | 16 +++++++++- - widget/xpwidgets/nsBaseDragService.h | 9 ++--- - 14 files changed, 179 insertions(+), 48 deletions(-) - create mode 100644 widget/nsPIDragService.idl - create mode 100644 widget/windows/nsPIDragServiceWindows.idl - -diff --git a/widget/Makefile.in b/widget/Makefile.in -index f1df966..eb6eec2 100644 ---- a/widget/Makefile.in -+++ b/widget/Makefile.in -@@ -105,6 +105,7 @@ XPIDLSRCS = \ - nsIClipboardDragDropHooks.idl \ - nsIClipboardDragDropHookList.idl \ - nsIDragSession.idl \ -+ nsPIDragService.idl \ - nsIDragService.idl \ - nsIFormatConverter.idl \ - nsIClipboard.idl \ -diff --git a/widget/cocoa/nsChildView.mm b/widget/cocoa/nsChildView.mm -index 9cbc1e3..92b93cb 100644 ---- a/widget/cocoa/nsChildView.mm -+++ b/widget/cocoa/nsChildView.mm -@@ -4513,11 +4513,12 @@ NSEvent* gLastDragMouseDownEvent = nil; - if (!dragService) { - dragService = do_GetService(kDragServiceContractID); - } -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); - - if (dragService) { - NSPoint pnt = [NSEvent mouseLocation]; - FlipCocoaScreenCoordinate(pnt); -- dragService->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ dragServicePriv->DragMoved(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); - } - } - -@@ -4538,11 +4539,13 @@ NSEvent* gLastDragMouseDownEvent = nil; - } - - if (mDragService) { -- // set the dragend point from the current mouse location -- nsDragService* dragService = static_cast<nsDragService *>(mDragService); -- NSPoint pnt = [NSEvent mouseLocation]; -- FlipCocoaScreenCoordinate(pnt); -- dragService->SetDragEndPoint(nsIntPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y))); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ // set the dragend point from the current mouse location -+ NSPoint pnt = [NSEvent mouseLocation]; -+ FlipCocoaScreenCoordinate(pnt); -+ dragServicePriv->SetDragEndPoint(NSToIntRound(pnt.x), NSToIntRound(pnt.y)); -+ } - - // XXX: dropEffect should be updated per |operation|. - // As things stand though, |operation| isn't well handled within "our" -@@ -4553,10 +4556,15 @@ NSEvent* gLastDragMouseDownEvent = nil; - // value for NSDragOperationGeneric that is passed by other applications. - // All that said, NSDragOperationNone is still reliable. - if (operation == NSDragOperationNone) { -- nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -- dragService->GetDataTransfer(getter_AddRefs(dataTransfer)); -- if (dataTransfer) -- dataTransfer->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ nsCOMPtr<nsIDragSession> dragSession; -+ mDragService->GetCurrentSession(getter_AddRefs(dragSession)); -+ if (dragSession) { -+ nsCOMPtr<nsIDOMDataTransfer> dataTransfer; -+ dragSession->GetDataTransfer(getter_AddRefs(dataTransfer)); -+ if (dataTransfer) { -+ dataTransfer->SetDropEffectInt(nsIDragService::DRAGDROP_ACTION_NONE); -+ } -+ } - } - - mDragService->EndDragSession(true); -diff --git a/widget/gtk2/nsDragService.cpp b/widget/gtk2/nsDragService.cpp -index e0ff5d6..2c10c10 100644 ---- a/widget/gtk2/nsDragService.cpp -+++ b/widget/gtk2/nsDragService.cpp -@@ -239,8 +239,8 @@ OnSourceGrabEventAfter(GtkWidget *widget, GdkEvent *event, gpointer user_data) - // Update the cursor position. The last of these recorded gets used for - // the NS_DRAGDROP_END event. - nsDragService *dragService = static_cast<nsDragService*>(user_data); -- dragService->SetDragEndPoint(nsIntPoint(event->motion.x_root, -- event->motion.y_root)); -+ dragService->SetDragEndPoint(event->motion.x_root, -+ event->motion.y_root); - } else if (sMotionEvent && (event->type != GDK_KEY_PRESS || - event->type != GDK_KEY_RELEASE)) { - // Update modifier state from keypress events. -@@ -1348,7 +1348,7 @@ nsDragService::SourceEndDragSession(GdkDragContext *aContext, - GdkDisplay* display = gdk_display_get_default(); - if (display) { - gdk_display_get_pointer(display, NULL, &x, &y, NULL); -- SetDragEndPoint(nsIntPoint(x, y)); -+ SetDragEndPoint(x, y); - } - } - -@@ -1765,8 +1765,9 @@ nsDragService::ScheduleDropEvent(nsWindow *aWindow, - NS_WARNING("Additional drag drop ignored"); - return FALSE; - } -+ nsIntPoint pt = aWindowPoint + aWindow->WidgetToScreenOffset(); - -- SetDragEndPoint(aWindowPoint + aWindow->WidgetToScreenOffset()); -+ SetDragEndPoint(pt.x, pt.y); - - // We'll reply with gtk_drag_finish(). - return TRUE; -diff --git a/widget/nsIDragService.idl b/widget/nsIDragService.idl -index 196761e..c0565bb 100644 ---- a/widget/nsIDragService.idl -+++ b/widget/nsIDragService.idl -@@ -15,7 +15,7 @@ interface nsIDOMDragEvent; - interface nsIDOMDataTransfer; - interface nsISelection; - --[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052), builtinclass] -+[scriptable, uuid(82B58ADA-F490-4C3D-B737-1057C4F1D052)] - interface nsIDragService : nsISupports - { - const long DRAGDROP_ACTION_NONE = 0; -@@ -112,8 +112,6 @@ interface nsIDragService : nsISupports - */ - void suppress(); - void unsuppress(); -- -- [noscript] void dragMoved(in long aX, in long aY); - }; - - -diff --git a/widget/nsPIDragService.idl b/widget/nsPIDragService.idl -new file mode 100644 -index 0000000..93a144d ---- /dev/null -+++ b/widget/nsPIDragService.idl -@@ -0,0 +1,48 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud smichaud@pobox.com -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(FAD8C90B-8E1D-446A-9B6C-241486A85CBD)] -+interface nsPIDragService : nsISupports -+{ -+ void dragMoved(in long aX, in long aY); -+ -+ PRUint16 getInputSource(); -+ -+ void setDragEndPoint(in long aX, in long aY); -+}; -diff --git a/widget/qt/nsDragService.h b/widget/qt/nsDragService.h -index 393be99..56d0312 100644 ---- a/widget/qt/nsDragService.h -+++ b/widget/qt/nsDragService.h -@@ -17,6 +17,8 @@ public: - NS_DECL_ISUPPORTS - NS_DECL_NSIDRAGSERVICE - -+ NS_IMETHOD DragMoved(PRInt32 aX, PRInt32 aY); -+ - nsDragService(); - - private: -diff --git a/widget/windows/Makefile.in b/widget/windows/Makefile.in -index 160c941..12f6dc7 100644 ---- a/widget/windows/Makefile.in -+++ b/widget/windows/Makefile.in -@@ -88,6 +88,10 @@ ifdef MOZ_ENABLE_D3D10_LAYER - DEFINES += -DMOZ_ENABLE_D3D10_LAYER - endif - -+XPIDLSRCS += \ -+ nsPIDragServiceWindows.idl \ -+ $(NULL) -+ - SHARED_LIBRARY_LIBS = \ - ../xpwidgets/$(LIB_PREFIX)xpwidgets_s.$(LIB_SUFFIX) \ - $(NULL) -diff --git a/widget/windows/nsDragService.cpp b/widget/windows/nsDragService.cpp -index efe8ce1..62e7d97 100644 ---- a/widget/windows/nsDragService.cpp -+++ b/widget/windows/nsDragService.cpp -@@ -60,6 +60,8 @@ nsDragService::~nsDragService() - NS_IF_RELEASE(mDataObject); - } - -+NS_IMPL_ISUPPORTS_INHERITED1(nsDragService, nsBaseDragService, nsPIDragServiceWindows) -+ - bool - nsDragService::CreateDragImage(nsIDOMNode *aDOMNode, - nsIScriptableRegion *aRegion, -@@ -305,7 +307,7 @@ nsDragService::StartInvokingDragSession(IDataObject * aDataObj, - POINT cpos; - cpos.x = GET_X_LPARAM(pos); - cpos.y = GET_Y_LPARAM(pos); -- SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ SetDragEndPoint(cpos.x, cpos.y); - EndDragSession(true); - - mDoingDrag = false; -@@ -423,25 +425,26 @@ nsDragService::GetData(nsITransferable * aTransferable, PRUint32 anItem) - - //--------------------------------------------------------- - NS_IMETHODIMP --nsDragService::SetIDataObject(IDataObject * aDataObj) -+nsDragService::SetIDataObject(nsISupports * aDataObj) - { -+ IDataObject *dataObj = (IDataObject*) aDataObj; - // When the native drag starts the DragService gets - // the IDataObject that is being dragged - NS_IF_RELEASE(mDataObject); -- mDataObject = aDataObj; -+ mDataObject = dataObj; - NS_IF_ADDREF(mDataObject); - - return NS_OK; - } - - //--------------------------------------------------------- --void -+NS_IMETHODIMP - nsDragService::SetDroppedLocal() - { - // Sent from the native drag handler, letting us know - // a drop occurred within the application vs. outside of it. - mSentLocalDropEvent = true; -- return; -+ return NS_OK; - } - - //------------------------------------------------------------------------- -diff --git a/widget/windows/nsDragService.h b/widget/windows/nsDragService.h -index 93b5480..bd2125b 100644 ---- a/widget/windows/nsDragService.h -+++ b/widget/windows/nsDragService.h -@@ -7,6 +7,7 @@ - #define nsDragService_h__ - - #include "nsBaseDragService.h" -+#include "nsPIDragServiceWindows.h" - #include <windows.h> - #include <shlobj.h> - -@@ -20,12 +21,15 @@ class nsString; - * Native Win32 DragService wrapper - */ - --class nsDragService : public nsBaseDragService -+class nsDragService : public nsBaseDragService, public nsPIDragServiceWindows - { - public: - nsDragService(); - virtual ~nsDragService(); -- -+ -+ NS_DECL_ISUPPORTS_INHERITED -+ NS_DECL_NSPIDRAGSERVICEWINDOWS -+ - // nsIDragService - NS_IMETHOD InvokeDragSession(nsIDOMNode *aDOMNode, - nsISupportsArray *anArrayTransferables, -@@ -39,13 +43,9 @@ public: - NS_IMETHOD EndDragSession(bool aDoneDrag); - - // native impl. -- NS_IMETHOD SetIDataObject(IDataObject * aDataObj); - NS_IMETHOD StartInvokingDragSession(IDataObject * aDataObj, - PRUint32 aActionType); - -- // A drop occurred within the application vs. outside of it. -- void SetDroppedLocal(); -- - protected: - nsDataObjCollection* GetDataObjCollection(IDataObject * aDataObj); - -diff --git a/widget/windows/nsNativeDragSource.cpp b/widget/windows/nsNativeDragSource.cpp -index e981ff9..e34613f 100644 ---- a/widget/windows/nsNativeDragSource.cpp -+++ b/widget/windows/nsNativeDragSource.cpp -@@ -10,7 +10,7 @@ - #include "nsIServiceManager.h" - #include "nsToolkit.h" - #include "nsWidgetsCID.h" --#include "nsIDragService.h" -+#include "nsDragService.h" - - static NS_DEFINE_IID(kCDragServiceCID, NS_DRAGSERVICE_CID); - -@@ -69,9 +69,10 @@ STDMETHODIMP - nsNativeDragSource::QueryContinueDrag(BOOL fEsc, DWORD grfKeyState) - { - nsCOMPtr<nsIDragService> dragService = do_GetService(kCDragServiceCID); -- if (dragService) { -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(dragService); -+ if (dragServicePriv) { - DWORD pos = ::GetMessagePos(); -- dragService->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); -+ dragServicePriv->DragMoved(GET_X_LPARAM(pos), GET_Y_LPARAM(pos)); - } - - if (fEsc) { -diff --git a/widget/windows/nsNativeDragTarget.cpp b/widget/windows/nsNativeDragTarget.cpp -index da1cd1f..96303c3 100644 ---- a/widget/windows/nsNativeDragTarget.cpp -+++ b/widget/windows/nsNativeDragTarget.cpp -@@ -172,7 +172,11 @@ nsNativeDragTarget::DispatchDragDropEvent(PRUint32 aEventType, POINTL aPT) - nsModifierKeyState modifierKeyState; - modifierKeyState.InitInputEvent(event); - -- event.inputSource = static_cast<nsBaseDragService*>(mDragService)->GetInputSource(); -+ event.inputSource = 0; -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ dragServicePriv->GetInputSource(&event.inputSource); -+ } - - mWindow->DispatchEvent(&event, status); - } -@@ -259,9 +263,8 @@ nsNativeDragTarget::DragEnter(LPDATAOBJECT pIDataSource, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService. It should be a private interface, though. -- nsDragService * winDragService = -- static_cast<nsDragService *>(mDragService); -- winDragService->SetIDataObject(pIDataSource); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pIDataSource); - - // Now process the native drag state and then dispatch the event - ProcessDrag(NS_DRAGDROP_ENTER, grfKeyState, ptl, pdwEffect); -@@ -399,8 +402,8 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // This cast is ok because in the constructor we created a - // the actual implementation we wanted, so we know this is - // a nsDragService (but it should still be a private interface) -- nsDragService* winDragService = static_cast<nsDragService*>(mDragService); -- winDragService->SetIDataObject(pData); -+ nsCOMPtr<nsPIDragServiceWindows> winDragService = do_QueryInterface(mDragService); -+ winDragService->SetIDataObject((nsISupports*)pData); - - // NOTE: ProcessDrag spins the event loop which may destroy arbitrary objects. - // We use strong refs to prevent it from destroying these: -@@ -424,11 +427,14 @@ nsNativeDragTarget::Drop(LPDATAOBJECT pData, - // tell the drag service we're done with the session - // Use GetMessagePos to get the position of the mouse at the last message - // seen by the event loop. (Bug 489729) -- DWORD pos = ::GetMessagePos(); -- POINT cpos; -- cpos.x = GET_X_LPARAM(pos); -- cpos.y = GET_Y_LPARAM(pos); -- winDragService->SetDragEndPoint(nsIntPoint(cpos.x, cpos.y)); -+ nsCOMPtr<nsPIDragService> dragServicePriv = do_QueryInterface(mDragService); -+ if (dragServicePriv) { -+ DWORD pos = ::GetMessagePos(); -+ POINT cpos; -+ cpos.x = GET_X_LPARAM(pos); -+ cpos.y = GET_Y_LPARAM(pos); -+ dragServicePriv->SetDragEndPoint(cpos.x, cpos.y); -+ } - serv->EndDragSession(true); - - // release the ref that was taken in DragEnter -diff --git a/widget/windows/nsPIDragServiceWindows.idl b/widget/windows/nsPIDragServiceWindows.idl -new file mode 100644 -index 0000000..c8a46dd ---- /dev/null -+++ b/widget/windows/nsPIDragServiceWindows.idl -@@ -0,0 +1,46 @@ -+/* ***** BEGIN LICENSE BLOCK ***** -+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1 -+ * -+ * The contents of this file are subject to the Mozilla Public License Version -+ * 1.1 (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * http://www.mozilla.org/MPL/ -+ * -+ * Software distributed under the License is distributed on an "AS IS" basis, -+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -+ * for the specific language governing rights and limitations under the -+ * License. -+ * -+ * The Original Code is mozilla.org code. -+ * -+ * The Initial Developer of the Original Code is -+ * The Mozilla Foundation. -+ * Portions created by the Initial Developer are Copyright (C) 2012 -+ * the Initial Developer. All Rights Reserved. -+ * -+ * Contributor(s): -+ * Steven Michaud smichaud@pobox.com -+ * -+ * Alternatively, the contents of this file may be used under the terms of -+ * either the GNU General Public License Version 2 or later (the "GPL"), or -+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -+ * in which case the provisions of the GPL or the LGPL are applicable instead -+ * of those above. If you wish to allow use of your version of this file only -+ * under the terms of either the GPL or the LGPL, and not to allow others to -+ * use your version of this file under the terms of the MPL, indicate your -+ * decision by deleting the provisions above and replace them with the notice -+ * and other provisions required by the GPL or the LGPL. If you do not delete -+ * the provisions above, a recipient may use your version of this file under -+ * the terms of any one of the MPL, the GPL or the LGPL. -+ * -+ * ***** END LICENSE BLOCK ***** */ -+ -+#include "nsISupports.idl" -+ -+[scriptable, uuid(6FC2117D-5EB4-441A-9C12-62A783BEBC0C)] -+interface nsPIDragServiceWindows : nsISupports -+{ -+ void setIDataObject(in nsISupports aDataObj); -+ -+ void setDroppedLocal(); -+}; -diff --git a/widget/xpwidgets/nsBaseDragService.cpp b/widget/xpwidgets/nsBaseDragService.cpp -index 1b2ef0d..627ebd2 100644 ---- a/widget/xpwidgets/nsBaseDragService.cpp -+++ b/widget/xpwidgets/nsBaseDragService.cpp -@@ -55,7 +55,7 @@ nsBaseDragService::~nsBaseDragService() - { - } - --NS_IMPL_ISUPPORTS2(nsBaseDragService, nsIDragService, nsIDragSession) -+NS_IMPL_ISUPPORTS3(nsBaseDragService, nsIDragService, nsPIDragService, nsIDragSession) - - //--------------------------------------------------------- - NS_IMETHODIMP -@@ -403,6 +403,20 @@ nsBaseDragService::DragMoved(PRInt32 aX, PRInt32 aY) - return NS_OK; - } - -+NS_IMETHODIMP -+nsBaseDragService::SetDragEndPoint(PRInt32 aX, PRInt32 aY) -+{ -+ mEndDragPoint = nsIntPoint(aX, aY); -+ return NS_OK; -+} -+ -+NS_IMETHODIMP -+nsBaseDragService::GetInputSource(PRUint16* aInputSource) -+{ -+ *aInputSource = mInputSource; -+ return NS_OK; -+} -+ - static nsIPresShell* - GetPresShellForContent(nsIDOMNode* aDOMNode) - { -diff --git a/widget/xpwidgets/nsBaseDragService.h b/widget/xpwidgets/nsBaseDragService.h -index 006747f..d825b53 100644 ---- a/widget/xpwidgets/nsBaseDragService.h -+++ b/widget/xpwidgets/nsBaseDragService.h -@@ -7,6 +7,7 @@ - #define nsBaseDragService_h__ - - #include "nsIDragService.h" -+#include "nsPIDragService.h" - #include "nsIDragSession.h" - #include "nsITransferable.h" - #include "nsISupportsArray.h" -@@ -32,6 +33,7 @@ class nsICanvasElementExternal; - */ - - class nsBaseDragService : public nsIDragService, -+ public nsPIDragService, - public nsIDragSession - { - -@@ -42,14 +44,11 @@ public: - //nsISupports - NS_DECL_ISUPPORTS - -- //nsIDragSession and nsIDragService -+ //nsIDragSession, nsIDragService and nsPIDragService - NS_DECL_NSIDRAGSERVICE -+ NS_DECL_NSPIDRAGSERVICE - NS_DECL_NSIDRAGSESSION - -- void SetDragEndPoint(nsIntPoint aEndDragPoint) { mEndDragPoint = aEndDragPoint; } -- -- PRUint16 GetInputSource() { return mInputSource; } -- - protected: - - /** --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch b/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch deleted file mode 100644 index 7f8ac2d..0000000 --- a/src/current-patches/firefox/alpha/0019-Add-a-redirect-API-for-HTTPS-Everywhere.patch +++ /dev/null @@ -1,345 +0,0 @@ -From b5d6491427d18bbae057a2974ea80421163fbc0a Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:30:22 -0700 -Subject: [PATCH 19/19] Add a redirect API for HTTPS-Everywhere. - ---- - netwerk/protocol/http/HttpChannelChild.cpp | 15 ++++- - netwerk/protocol/http/HttpChannelChild.h | 4 + - netwerk/protocol/http/HttpChannelParent.cpp | 4 + - netwerk/protocol/http/HttpChannelParent.h | 1 + - netwerk/protocol/http/PHttpChannel.ipdl | 1 + - netwerk/protocol/http/nsHttpChannel.cpp | 67 +++++++++++++++++--- - netwerk/protocol/http/nsHttpChannel.h | 12 +++- - netwerk/protocol/http/nsIHttpChannel.idl | 12 ++++ - .../protocol/viewsource/nsViewSourceChannel.cpp | 13 ++++- - 9 files changed, 117 insertions(+), 12 deletions(-) - -diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp -index cc88184..c26c8f4 100644 ---- a/netwerk/protocol/http/HttpChannelChild.cpp -+++ b/netwerk/protocol/http/HttpChannelChild.cpp -@@ -1035,7 +1035,8 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) - gNeckoChild->SendPHttpChannelConstructor(this, tabChild); - - SendAsyncOpen(IPC::URI(mURI), IPC::URI(mOriginalURI), -- IPC::URI(mDocumentURI), IPC::URI(mReferrer), mLoadFlags, -+ IPC::URI(mDocumentURI), IPC::URI(mReferrer), -+ IPC::URI(mInternalRedirectURI), mLoadFlags, - mClientSetRequestHeaders, mRequestHead.Method(), - IPC::InputStream(mUploadStream), mUploadStreamHasHeaders, - mPriority, mRedirectionLimit, mAllowPipelining, -@@ -1079,6 +1080,18 @@ HttpChannelChild::SetupFallbackChannel(const char *aFallbackKey) - DROP_DEAD(); - } - -+NS_IMETHODIMP -+HttpChannelChild::RedirectTo(nsIURI *uri) -+{ -+ // We can only redirect unopened channels -+ NS_ENSURE_TRUE(!mIPCOpen, NS_ERROR_ALREADY_OPENED); -+ -+ // The redirect is stored internally for use in AsyncOpen -+ mInternalRedirectURI = uri; -+ -+ return NS_OK; -+} -+ - // The next four _should_ be implemented, but we need to figure out how - // to transfer the data from the chrome process first. - -diff --git a/netwerk/protocol/http/HttpChannelChild.h b/netwerk/protocol/http/HttpChannelChild.h -index 6b699c7..b29a4a7 100644 ---- a/netwerk/protocol/http/HttpChannelChild.h -+++ b/netwerk/protocol/http/HttpChannelChild.h -@@ -75,6 +75,9 @@ public: - NS_IMETHOD GetLocalPort(PRInt32* port); - NS_IMETHOD GetRemoteAddress(nsACString& addr); - NS_IMETHOD GetRemotePort(PRInt32* port); -+ -+ NS_IMETHOD RedirectTo(nsIURI *uri); -+ - // nsISupportsPriority - NS_IMETHOD SetPriority(PRInt32 value); - // nsIResumableChannel -@@ -125,6 +128,7 @@ private: - RequestHeaderTuples mClientSetRequestHeaders; - nsCOMPtr<nsIChildChannel> mRedirectChannelChild; - nsCOMPtr<nsISupports> mSecurityInfo; -+ nsCOMPtr<nsIURI> mInternalRedirectURI; - - bool mIsFromCache; - bool mCacheEntryAvailable; -diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp -index 8f95076..22f3bba 100644 ---- a/netwerk/protocol/http/HttpChannelParent.cpp -+++ b/netwerk/protocol/http/HttpChannelParent.cpp -@@ -97,6 +97,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - const IPC::URI& aOriginalURI, - const IPC::URI& aDocURI, - const IPC::URI& aReferrerURI, -+ const IPC::URI& aInternalRedirectURI, - const PRUint32& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -@@ -117,6 +118,7 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - nsCOMPtr<nsIURI> originalUri(aOriginalURI); - nsCOMPtr<nsIURI> docUri(aDocURI); - nsCOMPtr<nsIURI> referrerUri(aReferrerURI); -+ nsCOMPtr<nsIURI> internalRedirectUri(aInternalRedirectURI); - - nsCString uriSpec; - uri->GetSpec(uriSpec); -@@ -144,6 +146,8 @@ HttpChannelParent::RecvAsyncOpen(const IPC::URI& aURI, - httpChan->SetDocumentURI(docUri); - if (referrerUri) - httpChan->SetReferrerInternal(referrerUri); -+ if (internalRedirectUri) -+ httpChan->SetInternalRedirectURI(internalRedirectUri); - if (loadFlags != nsIRequest::LOAD_NORMAL) - httpChan->SetLoadFlags(loadFlags); - -diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h -index 9650aa9..2ac7e81 100644 ---- a/netwerk/protocol/http/HttpChannelParent.h -+++ b/netwerk/protocol/http/HttpChannelParent.h -@@ -49,6 +49,7 @@ protected: - const IPC::URI& originalUri, - const IPC::URI& docUri, - const IPC::URI& referrerUri, -+ const IPC::URI& internalRedirectUri, - const PRUint32& loadFlags, - const RequestHeaderTuples& requestHeaders, - const nsHttpAtom& requestMethod, -diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl -index 10af59f..6053541 100644 ---- a/netwerk/protocol/http/PHttpChannel.ipdl -+++ b/netwerk/protocol/http/PHttpChannel.ipdl -@@ -35,6 +35,7 @@ parent: - URI original, - URI doc, - URI referrer, -+ URI internalRedirect, - PRUint32 loadFlags, - RequestHeaderTuples requestHeaders, - nsHttpAtom requestMethod, -diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp -index 9c10e3a..57afae4 100644 ---- a/netwerk/protocol/http/nsHttpChannel.cpp -+++ b/netwerk/protocol/http/nsHttpChannel.cpp -@@ -1396,18 +1396,17 @@ nsHttpChannel::HandleAsyncRedirectChannelToHttps() - return; - } - -- nsresult rv = AsyncRedirectChannelToHttps(); -+ nsresult rv = InternalRedirectChannelToHttps(); - if (NS_FAILED(rv)) -- ContinueAsyncRedirectChannelToHttps(rv); -+ ContinueInternalRedirectChannelToURI(rv); - } - - nsresult --nsHttpChannel::AsyncRedirectChannelToHttps() -+nsHttpChannel::InternalRedirectChannelToHttps() - { - nsresult rv = NS_OK; - LOG(("nsHttpChannel::HandleAsyncRedirectChannelToHttps() [STS]\n")); - -- nsCOMPtr<nsIChannel> newChannel; - nsCOMPtr<nsIURI> upgradedURI; - - rv = mURI->Clone(getter_AddRefs(upgradedURI)); -@@ -1429,6 +1428,48 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - else - upgradedURI->SetPort(oldPort); - -+ return InternalRedirectChannelToURI(upgradedURI); -+} -+ -+NS_IMETHODIMP -+nsHttpChannel::RedirectTo(nsIURI *newURI) -+{ -+ // We can only redirect unopened channels -+ NS_ENSURE_TRUE(!mWasOpened, NS_ERROR_ALREADY_OPENED); -+ -+ // The redirect is stored internally for use in AsyncOpen -+ mInternalRedirectURI = newURI; -+ -+ return NS_OK; -+} -+ -+void -+nsHttpChannel::HandleAsyncInternalRedirect() -+{ -+ NS_PRECONDITION(!mCallOnResume, "How did that happen?"); -+ NS_PRECONDITION(mInternalRedirectURI, "How did that happen?"); -+ -+ if (mSuspendCount) { -+ LOG(("Waiting until resume to do async API redirect [this=%p]\n", this)); -+ mCallOnResume = &nsHttpChannel::HandleAsyncInternalRedirect; -+ return; -+ } -+ -+ nsresult rv = InternalRedirectChannelToURI(mInternalRedirectURI); -+ if (NS_FAILED(rv)) -+ ContinueInternalRedirectChannelToURI(rv); -+ -+ return; -+} -+ -+nsresult -+nsHttpChannel::InternalRedirectChannelToURI(nsIURI *upgradedURI) -+{ -+ nsresult rv = NS_OK; -+ LOG(("nsHttpChannel::InternalRedirectChannelToURI()\n")); -+ -+ nsCOMPtr<nsIChannel> newChannel; -+ - nsCOMPtr<nsIIOService> ioService; - rv = gHttpHandler->GetIOService(getter_AddRefs(ioService)); - NS_ENSURE_SUCCESS(rv, rv); -@@ -1444,7 +1485,7 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - PRUint32 flags = nsIChannelEventSink::REDIRECT_PERMANENT; - - PushRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueInternalRedirectChannelToURI); - rv = gHttpHandler->AsyncOnChannelRedirect(this, newChannel, flags); - - if (NS_SUCCEEDED(rv)) -@@ -1453,14 +1494,18 @@ nsHttpChannel::AsyncRedirectChannelToHttps() - if (NS_FAILED(rv)) { - AutoRedirectVetoNotifier notifier(this); - PopRedirectAsyncFunc( -- &nsHttpChannel::ContinueAsyncRedirectChannelToHttps); -+ &nsHttpChannel::ContinueInternalRedirectChannelToURI); -+ -+ // If we've failed so far, cancel the current channel, too, -+ // as both HSTS and the redirectTo codepaths prefer -+ // request failure to insecurity. -+ Cancel(rv); - } - - return rv; - } -- - nsresult --nsHttpChannel::ContinueAsyncRedirectChannelToHttps(nsresult rv) -+nsHttpChannel::ContinueInternalRedirectChannelToURI(nsresult rv) - { - AutoRedirectVetoNotifier notifier(this); - -@@ -3905,6 +3950,12 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context) - if (mLoadGroup) - mLoadGroup->AddRequest(this, nsnull); - -+ // Check to see if we should redirect this channel elsewhere by -+ // nsIHttpChannel.redirectTo API request -+ if (mInternalRedirectURI) { -+ return AsyncCall(&nsHttpChannel::HandleAsyncInternalRedirect); -+ } -+ - // Collect mAsyncOpenTime after we have called all obsrevers like - // "http-on-modify-request" and load group observers that may set - // mTimingEnabled flag. -diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h -index 0382b1c..2c50507 100644 ---- a/netwerk/protocol/http/nsHttpChannel.h -+++ b/netwerk/protocol/http/nsHttpChannel.h -@@ -103,6 +103,8 @@ public: - // nsIChannel - NS_IMETHOD GetSecurityInfo(nsISupports **aSecurityInfo); - NS_IMETHOD AsyncOpen(nsIStreamListener *listener, nsISupports *aContext); -+ // nsIHttpChannel -+ NS_IMETHOD RedirectTo(nsIURI *newURI); - // nsIHttpChannelInternal - NS_IMETHOD SetupFallbackChannel(const char *aFallbackKey); - // nsISupportsPriority -@@ -117,6 +119,9 @@ public: /* internal necko use only */ - void SetUploadStreamHasHeaders(bool hasHeaders) - { mUploadStreamHasHeaders = hasHeaders; } - -+ void SetInternalRedirectURI(nsIURI *redirectTo) -+ { mInternalRedirectURI = redirectTo; } -+ - nsresult SetReferrerInternal(nsIURI *referrer) { - nsCAutoString spec; - nsresult rv = referrer->GetAsciiSpec(spec); -@@ -173,11 +178,13 @@ private: - - // redirection specific methods - void HandleAsyncRedirect(); -+ void HandleAsyncInternalRedirect(); - nsresult ContinueHandleAsyncRedirect(nsresult); - void HandleAsyncNotModified(); - void HandleAsyncFallback(); - nsresult ContinueHandleAsyncFallback(nsresult); - nsresult PromptTempRedirect(); -+ nsresult InternalRedirectChannelToURI(nsIURI *); - virtual nsresult SetupReplacementChannel(nsIURI *, nsIChannel *, bool preserveMethod); - - // proxy specific methods -@@ -237,8 +244,8 @@ private: - bool MustValidateBasedOnQueryUrl(); - - void HandleAsyncRedirectChannelToHttps(); -- nsresult AsyncRedirectChannelToHttps(); -- nsresult ContinueAsyncRedirectChannelToHttps(nsresult rv); -+ nsresult InternalRedirectChannelToHttps(); -+ nsresult ContinueInternalRedirectChannelToURI(nsresult rv); - - /** - * A function that takes care of reading STS headers and enforcing STS -@@ -310,6 +317,7 @@ private: - friend class AutoRedirectVetoNotifier; - friend class HttpAsyncAborter<nsHttpChannel>; - nsCOMPtr<nsIURI> mRedirectURI; -+ nsCOMPtr<nsIURI> mInternalRedirectURI; - nsCOMPtr<nsIChannel> mRedirectChannel; - PRUint32 mRedirectType; - -diff --git a/netwerk/protocol/http/nsIHttpChannel.idl b/netwerk/protocol/http/nsIHttpChannel.idl -index c541df1..2ee3cbc 100644 ---- a/netwerk/protocol/http/nsIHttpChannel.idl -+++ b/netwerk/protocol/http/nsIHttpChannel.idl -@@ -257,4 +257,16 @@ interface nsIHttpChannel : nsIChannel - * has been received (before onStartRequest). - */ - boolean isNoCacheResponse(); -+ -+ /** -+ * Instructs the channel to immediately redirect to a new destination. -+ * Can only be called on channels not yet opened. -+ * -+ * This method provides no explicit conflict resolution. The last -+ * caller to call it wins. -+ * -+ * @throws NS_ERROR_ALREADY_OPENED if called after the channel -+ * has been opened. -+ */ -+ void redirectTo(in nsIURI aNewURI); - }; -diff --git a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -index 8f6d159..d1ca639 100644 ---- a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp -@@ -671,4 +671,15 @@ nsViewSourceChannel::IsNoCacheResponse(bool *_retval) - { - return !mHttpChannel ? NS_ERROR_NULL_POINTER : - mHttpChannel->IsNoCacheResponse(_retval); --} -+} -+ -+// XXX: Is this the right thing to do here? Or should we have -+// made an nsIHTTPChannelRedirect that only nsHttpChannel implements? -+// Also, will this mean that some ViewSource requests may be non-https? -+// Or will the mHttpChannel take care of that for us? -+NS_IMETHODIMP -+nsViewSourceChannel::RedirectTo(nsIURI *uri) -+{ -+ return NS_ERROR_NOT_IMPLEMENTED; -+} -+ --- -1.7.5.4 - diff --git a/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch b/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch deleted file mode 100644 index d7a24d9..0000000 --- a/src/current-patches/firefox/alpha/0020-Add-mozIThirdPartyUtil.getFirstPartyURI-API.patch +++ /dev/null @@ -1,148 +0,0 @@ -From e91ad38f3db238eebf2f1cae9383a6f317717bef Mon Sep 17 00:00:00 2001 -From: Mike Perry mikeperry-git@torproject.org -Date: Tue, 28 Aug 2012 18:35:33 -0700 -Subject: [PATCH 20/21] Add mozIThirdPartyUtil.getFirstPartyURI API - -API allows you to get the url bar URI for a channel or nsIDocument. ---- - content/base/src/ThirdPartyUtil.cpp | 52 ++++++++++++++++++++++++++++ - content/base/src/ThirdPartyUtil.h | 2 + - netwerk/base/public/mozIThirdPartyUtil.idl | 21 +++++++++++ - 3 files changed, 75 insertions(+), 0 deletions(-) - -diff --git a/content/base/src/ThirdPartyUtil.cpp b/content/base/src/ThirdPartyUtil.cpp -index 97a000e..87ffc8a 100644 ---- a/content/base/src/ThirdPartyUtil.cpp -+++ b/content/base/src/ThirdPartyUtil.cpp -@@ -7,6 +7,9 @@ - #include "nsIServiceManager.h" - #include "nsIHttpChannelInternal.h" - #include "nsIDOMWindow.h" -+#include "nsICookiePermission.h" -+#include "nsIDOMDocument.h" -+#include "nsIDocument.h" - #include "nsILoadContext.h" - #include "nsIPrincipal.h" - #include "nsIScriptObjectPrincipal.h" -@@ -21,6 +24,7 @@ ThirdPartyUtil::Init() - - nsresult rv; - mTLDService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID, &rv); -+ mCookiePermissions = do_GetService(NS_COOKIEPERMISSION_CONTRACTID); - return rv; - } - -@@ -282,3 +286,51 @@ ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI, - - return NS_OK; - } -+ -+NS_IMETHODIMP -+ThirdPartyUtil::GetFirstPartyURI(nsIChannel *aChannel, -+ nsIDocument *aDoc, -+ nsIURI **aOutput) -+{ -+ nsresult rv = NS_ERROR_NULL_POINTER; -+ -+ if (!aChannel && aDoc) { -+ aChannel = aDoc->GetChannel(); -+ } -+ -+ // If aChannel is specified or available, use the official route -+ // for sure -+ if (aChannel) { -+ rv = mCookiePermissions->GetOriginatingURI(aChannel, aOutput); -+ } -+ -+ // If the channel was missing, closed or broken, try the -+ // window hierarchy directly. -+ // -+ // This might fail to work for first-party loads themselves, but -+ // we don't need this codepath for that case. -+ if (NS_FAILED(rv) && aDoc) { -+ nsCOMPtr<nsIDOMWindow> top; -+ nsCOMPtr<nsIDOMDocument> topDDoc; -+ -+ aDoc->GetWindow()->GetTop(getter_AddRefs(top)); -+ top->GetDocument(getter_AddRefs(topDDoc)); -+ -+ nsCOMPtr<nsIDocument> topDoc(do_QueryInterface(topDDoc)); -+ *aOutput = topDoc->GetOriginalURI(); -+ -+ if (*aOutput) -+ rv = NS_OK; -+ } -+ -+ // TODO: We could provide a route through the loadgroup + notification -+ // callbacks too, but either channel or document was always available -+ // in the cases where this function was originally needed (the image cache). -+ // The notification callbacks also appear to suffers from the same limitation -+ // as the document path. See nsICookiePermissions.GetOriginatingURI() for -+ // details. -+ -+ return rv; -+} -+ -+ -diff --git a/content/base/src/ThirdPartyUtil.h b/content/base/src/ThirdPartyUtil.h -index 269069b..37c30e8 100644 ---- a/content/base/src/ThirdPartyUtil.h -+++ b/content/base/src/ThirdPartyUtil.h -@@ -9,6 +9,7 @@ - #include "nsString.h" - #include "mozIThirdPartyUtil.h" - #include "nsIEffectiveTLDService.h" -+#include "nsICookiePermission.h" - - class nsIURI; - class nsIChannel; -@@ -28,6 +29,7 @@ private: - static already_AddRefed<nsIURI> GetURIFromWindow(nsIDOMWindow* aWin); - - nsCOMPtr<nsIEffectiveTLDService> mTLDService; -+ nsCOMPtr<nsICookiePermission> mCookiePermissions; - }; - - #endif -diff --git a/netwerk/base/public/mozIThirdPartyUtil.idl b/netwerk/base/public/mozIThirdPartyUtil.idl -index 578d8db..1869d14 100644 ---- a/netwerk/base/public/mozIThirdPartyUtil.idl -+++ b/netwerk/base/public/mozIThirdPartyUtil.idl -@@ -7,6 +7,7 @@ - interface nsIURI; - interface nsIDOMWindow; - interface nsIChannel; -+interface nsIDocument; - - /** - * Utility functions for determining whether a given URI, channel, or window -@@ -140,6 +141,26 @@ interface mozIThirdPartyUtil : nsISupports - * @return the base domain. - */ - AUTF8String getBaseDomain(in nsIURI aHostURI); -+ -+ -+ /** -+ * getFirstPartyURI -+ * -+ * Obtain the top-level url bar URI for either a channel or a document. -+ * Either parameter may be null (but not both). -+ * -+ * @param aChannel -+ * An arbitrary channel for some content element of a first party -+ * load. Can be null. -+ * -+ * @param aDoc -+ * An arbitrary third party document. Can be null. -+ * -+ * @return the first party url bar URI for the load. -+ */ -+ nsIURI getFirstPartyURI(in nsIChannel aChannel, -+ in nsIDocument aDoc); -+ - }; - - %{ C++ --- -1.7.5.4 -