This is an automated email from the git hooks/post-receive script.
richard pushed a change to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
from b2ffba38205d1 Bug 11698: Incorporate Tor Browser Manual pages into Tor Browser new d5e39bf2f23cc Bug 40925: Implemented the SecurityLevel backend new 6b7f4e9220c93 fixup! Add TorStrings module for localization new cd9ac3ca05934 fixup! Bug 25658: Replace security slider with security level UI new 6147e833ec544 fixup! Bug 25658: Replace security slider with security level UI new c6ba0bf0133d2 fixup! Bug 10760: Integrate TorButton to TorBrowser core
The 5 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
Summary of changes: browser/base/content/browser.xhtml | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/securitylevel/SecurityLevel.jsm | 457 +++++++++++++++++++++ .../securitylevel/SecurityLevel.manifest | 1 + browser/components/securitylevel/components.conf | 10 + .../securitylevel/content/securityLevel.js | 390 ++++++++---------- .../content/securityLevelButton.inc.xhtml | 4 +- .../securitylevel/content/securityLevelPanel.css | 7 +- .../content/securityLevelPanel.inc.xhtml | 18 +- .../content/securityLevelPreferences.css | 11 +- .../content/securityLevelPreferences.inc.xhtml | 59 +-- browser/components/securitylevel/moz.build | 12 + browser/installer/package-manifest.in | 2 + .../en-US/browser/base-browser/securityLevel.ftl | 66 +++ browser/modules/TorStrings.jsm | 89 ---- toolkit/torproject/torbutton | 2 +- 16 files changed, 780 insertions(+), 350 deletions(-) create mode 100644 browser/components/securitylevel/SecurityLevel.jsm create mode 100644 browser/components/securitylevel/SecurityLevel.manifest create mode 100644 browser/components/securitylevel/components.conf create mode 100644 browser/locales/en-US/browser/base-browser/securityLevel.ftl
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
commit d5e39bf2f23cc179fe8359bbf9d0a07f88b0bf01 Author: Pier Angelo Vendrame pierov@torproject.org AuthorDate: Fri Jul 8 16:19:41 2022 +0200
Bug 40925: Implemented the SecurityLevel backend --- browser/components/securitylevel/SecurityLevel.jsm | 458 +++++++++++++++++++++ .../securitylevel/SecurityLevel.manifest | 1 + browser/components/securitylevel/components.conf | 10 + browser/components/securitylevel/moz.build | 12 + browser/installer/package-manifest.in | 2 + 5 files changed, 483 insertions(+)
diff --git a/browser/components/securitylevel/SecurityLevel.jsm b/browser/components/securitylevel/SecurityLevel.jsm new file mode 100644 index 0000000000000..bd7c803511fff --- /dev/null +++ b/browser/components/securitylevel/SecurityLevel.jsm @@ -0,0 +1,458 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["SecurityLevel"]; + +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); + +const BrowserTopics = Object.freeze({ + ProfileAfterChange: "profile-after-change", +}); + +const { ExtensionUtils } = ChromeUtils.import( + "resource://gre/modules/ExtensionUtils.jsm" +); +const { MessageChannel } = ChromeUtils.import( + "resource://gre/modules/MessageChannel.jsm" +); + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +XPCOMUtils.defineLazyModuleGetters(this, { + ExtensionParent: "resource://gre/modules/ExtensionParent.jsm", +}); + +// Logger adapted from CustomizableUI.jsm +XPCOMUtils.defineLazyGetter(this, "logger", () => { + let scope = {}; + ChromeUtils.import("resource://gre/modules/Console.jsm", scope); + let consoleOptions = { + maxLogLevel: "info", + prefix: "SecurityLevel", + }; + return new scope.ConsoleAPI(consoleOptions); +}); + +// The Security Settings prefs in question. +const kSliderPref = "extensions.torbutton.security_slider"; +const kCustomPref = "extensions.torbutton.security_custom"; +const kSliderMigration = "extensions.torbutton.security_slider_migration"; + +// __getPrefValue(prefName)__ +// Returns the current value of a preference, regardless of its type. +var getPrefValue = function(prefName) { + switch (Services.prefs.getPrefType(prefName)) { + case Services.prefs.PREF_BOOL: + return Services.prefs.getBoolPref(prefName); + case Services.prefs.PREF_INT: + return Services.prefs.getIntPref(prefName); + case Services.prefs.PREF_STRING: + return Services.prefs.getCharPref(prefName); + default: + return null; + } +}; + +// __bindPref(prefName, prefHandler, init)__ +// Applies prefHandler whenever the value of the pref changes. +// If init is true, applies prefHandler to the current value. +// Returns a zero-arg function that unbinds the pref. +var bindPref = function(prefName, prefHandler, init = false) { + let update = () => { + prefHandler(getPrefValue(prefName)); + }, + observer = { + observe(subject, topic, data) { + if (data === prefName) { + update(); + } + }, + }; + Services.prefs.addObserver(prefName, observer); + if (init) { + update(); + } + return () => { + Services.prefs.removeObserver(prefName, observer); + }; +}; + +// __bindPrefAndInit(prefName, prefHandler)__ +// Applies prefHandler to the current value of pref specified by prefName. +// Re-applies prefHandler whenever the value of the pref changes. +// Returns a zero-arg function that unbinds the pref. +var bindPrefAndInit = (prefName, prefHandler) => + bindPref(prefName, prefHandler, true); + +async function waitForExtensionMessage(extensionId, checker = () => {}) { + const { torWaitForExtensionMessage } = ExtensionParent; + if (torWaitForExtensionMessage) { + return torWaitForExtensionMessage(extensionId, checker); + } + + // Old messaging <= 78 + return new Promise(resolve => { + const listener = ({ data }) => { + for (const msg of data) { + if (msg.recipient.extensionId === extensionId) { + const deserialized = msg.data.deserialize({}); + if (checker(deserialized)) { + Services.mm.removeMessageListener( + "MessageChannel:Messages", + listener + ); + resolve(deserialized); + } + } + } + }; + Services.mm.addMessageListener("MessageChannel:Messages", listener); + }); +} + +async function sendExtensionMessage(extensionId, message) { + const { torSendExtensionMessage } = ExtensionParent; + if (torSendExtensionMessage) { + return torSendExtensionMessage(extensionId, message); + } + + // Old messaging <= 78 + Services.cpmm.sendAsyncMessage("MessageChannel:Messages", [ + { + messageName: "Extension:Message", + sender: { id: extensionId, extensionId }, + recipient: { extensionId }, + data: new StructuredCloneHolder(message), + channelId: ExtensionUtils.getUniqueId(), + responseType: MessageChannel.RESPONSE_NONE, + }, + ]); + return undefined; +} + +// ## NoScript settings + +// Minimum and maximum capability states as controlled by NoScript. +const max_caps = [ + "fetch", + "font", + "frame", + "media", + "object", + "other", + "script", + "webgl", + "noscript", +]; +const min_caps = ["frame", "other", "noscript"]; + +// Untrusted capabilities for [Standard, Safer, Safest] safety levels. +const untrusted_caps = [ + max_caps, // standard safety: neither http nor https + ["frame", "font", "object", "other", "noscript"], // safer: http + min_caps, // safest: neither http nor https +]; + +// Default capabilities for [Standard, Safer, Safest] safety levels. +const default_caps = [ + max_caps, // standard: both http and https + ["fetch", "font", "frame", "object", "other", "script", "noscript"], // safer: https only + min_caps, // safest: both http and https +]; + +// __noscriptSettings(safetyLevel)__. +// Produces NoScript settings with policy according to +// the safetyLevel which can be: +// 0 = Standard, 1 = Safer, 2 = Safest +// +// At the "Standard" safety level, we leave all sites at +// default with maximal capabilities. Essentially no content +// is blocked. +// +// At "Safer", we set all http sites to untrusted, +// and all https sites to default. Scripts are only permitted +// on https sites. Neither type of site is supposed to allow +// media, but both allow fonts (as we used in legacy NoScript). +// +// At "Safest", all sites are at default with minimal +// capabilities. Most things are blocked. +let noscriptSettings = safetyLevel => ({ + __meta: { + name: "updateSettings", + recipientInfo: null, + }, + policy: { + DEFAULT: { + capabilities: default_caps[safetyLevel], + temp: false, + }, + TRUSTED: { + capabilities: max_caps, + temp: false, + }, + UNTRUSTED: { + capabilities: untrusted_caps[safetyLevel], + temp: false, + }, + sites: { + trusted: [], + untrusted: [[], ["http:"], []][safetyLevel], + custom: {}, + temp: [], + }, + enforced: true, + autoAllowTop: false, + }, + isTorBrowser: true, + tabId: -1, +}); + +// ## Communications + +// The extension ID for NoScript (WebExtension) +const noscriptID = "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + +// Ensure binding only occurs once. +let initialized = false; + +// __initialize()__. +// The main function that binds the NoScript settings to the security +// slider pref state. +var initializeNoScriptControl = () => { + if (initialized) { + return; + } + initialized = true; + + try { + // LegacyExtensionContext is not there anymore. Using raw + // Services.cpmm.sendAsyncMessage mechanism to communicate with + // NoScript. + + // The component that handles WebExtensions' sendMessage. + + // __setNoScriptSettings(settings)__. + // NoScript listens for internal settings with onMessage. We can send + // a new settings JSON object according to NoScript's + // protocol and these are accepted! See the use of + // `browser.runtime.onMessage.addListener(...)` in NoScript's bg/main.js. + + // TODO: Is there a better way? + let sendNoScriptSettings = settings => + sendExtensionMessage(noscriptID, settings); + + // __setNoScriptSafetyLevel(safetyLevel)__. + // Set NoScript settings according to a particular safety level + // (security slider level): 0 = Standard, 1 = Safer, 2 = Safest + let setNoScriptSafetyLevel = safetyLevel => + sendNoScriptSettings(noscriptSettings(safetyLevel)); + + // __securitySliderToSafetyLevel(sliderState)__. + // Converts the "extensions.torbutton.security_slider" pref value + // to a "safety level" value: 0 = Standard, 1 = Safer, 2 = Safest + let securitySliderToSafetyLevel = sliderState => + [undefined, 2, 1, 1, 0][sliderState]; + + // Wait for the first message from NoScript to arrive, and then + // bind the security_slider pref to the NoScript settings. + let messageListener = a => { + try { + logger.debug("Message received from NoScript:", a); + let noscriptPersist = Services.prefs.getBoolPref( + "extensions.torbutton.noscript_persist", + false + ); + let noscriptInited = Services.prefs.getBoolPref( + "extensions.torbutton.noscript_inited", + false + ); + // Set the noscript safety level once if we have never run noscript + // before, or if we are not allowing noscript per-site settings to be + // persisted between browser sessions. Otherwise make sure that the + // security slider position, if changed, will rewrite the noscript + // settings. + bindPref( + kSliderPref, + sliderState => + setNoScriptSafetyLevel(securitySliderToSafetyLevel(sliderState)), + !noscriptPersist || !noscriptInited + ); + if (!noscriptInited) { + Services.prefs.setBoolPref( + "extensions.torbutton.noscript_inited", + true + ); + } + } catch (e) { + logger.exception(e); + } + }; + waitForExtensionMessage(noscriptID, a => a.__meta.name === "started").then( + messageListener + ); + logger.info("Listening for messages from NoScript."); + } catch (e) { + logger.exception(e); + } +}; + +// ### Constants + +// __kSecuritySettings__. +// A table of all prefs bound to the security slider, and the value +// for each security setting. Note that 2-m and 3-m are identical, +// corresponding to the old 2-medium-high setting. We also separately +// bind NoScript settings to the extensions.torbutton.security_slider +// (see noscript-control.js). +/* eslint-disable */ +const kSecuritySettings = { + // Preference name : [0, 1-high 2-m 3-m 4-low] + "javascript.options.ion" : [, false, false, false, true ], + "javascript.options.baselinejit" : [, false, false, false, true ], + "javascript.options.native_regexp" : [, false, false, false, true ], + "mathml.disabled" : [, true, true, true, false], + "gfx.font_rendering.graphite.enabled" : [, false, false, false, true ], + "gfx.font_rendering.opentype_svg.enabled" : [, false, false, false, true ], + "svg.disabled" : [, true, false, false, false], + "javascript.options.asmjs" : [, false, false, false, true ], + "javascript.options.wasm" : [, false, false, false, true ], + "dom.security.https_only_mode_send_http_background_request" : [, false, false, false, true ], +}; +/* eslint-enable */ + +// ### Prefs + +// __write_setting_to_prefs(settingIndex)__. +// Take a given setting index and write the appropriate pref values +// to the pref database. +var write_setting_to_prefs = function(settingIndex) { + Object.keys(kSecuritySettings).forEach(prefName => + Services.prefs.setBoolPref( + prefName, + kSecuritySettings[prefName][settingIndex] + ) + ); +}; + +// __read_setting_from_prefs()__. +// Read the current pref values, and decide if any of our +// security settings matches. Otherwise return null. +var read_setting_from_prefs = function(prefNames) { + prefNames = prefNames || Object.keys(kSecuritySettings); + for (let settingIndex of [1, 2, 3, 4]) { + let possibleSetting = true; + // For the given settingIndex, check if all current pref values + // match the setting. + for (let prefName of prefNames) { + if ( + kSecuritySettings[prefName][settingIndex] !== + Services.prefs.getBoolPref(prefName) + ) { + possibleSetting = false; + } + } + if (possibleSetting) { + // We have a match! + return settingIndex; + } + } + // No matching setting; return null. + return null; +}; + +// __watch_security_prefs(onSettingChanged)__. +// Whenever a pref bound to the security slider changes, onSettingChanged +// is called with the new security setting value (1,2,3,4 or null). +// Returns a zero-arg function that ends this binding. +var watch_security_prefs = function(onSettingChanged) { + let prefNames = Object.keys(kSecuritySettings); + let unbindFuncs = []; + for (let prefName of prefNames) { + unbindFuncs.push( + bindPrefAndInit(prefName, () => + onSettingChanged(read_setting_from_prefs()) + ) + ); + } + // Call all the unbind functions. + return () => unbindFuncs.forEach(unbind => unbind()); +}; + +// __initialized__. +// Have we called initialize() yet? +var initializedSecPrefs = false; + +// __initialize()__. +// Defines the behavior of "extensions.torbutton.security_custom", +// "extensions.torbutton.security_slider", and the security-sensitive +// prefs declared in kSecuritySettings. +var initializeSecurityPrefs = function() { + // Only run once. + if (initializedSecPrefs) { + return; + } + logger.info("Initializing security-prefs.js"); + initializedSecPrefs = true; + // When security_custom is set to false, apply security_slider setting + // to the security-sensitive prefs. + bindPrefAndInit(kCustomPref, function(custom) { + if (custom === false) { + write_setting_to_prefs(Services.prefs.getIntPref(kSliderPref)); + } + }); + // If security_slider is given a new value, then security_custom should + // be set to false. + bindPref(kSliderPref, function(prefIndex) { + Services.prefs.setBoolPref(kCustomPref, false); + write_setting_to_prefs(prefIndex); + }); + // If a security-sensitive pref changes, then decide if the set of pref values + // constitutes a security_slider setting or a custom value. + watch_security_prefs(settingIndex => { + if (settingIndex === null) { + Services.prefs.setBoolPref(kCustomPref, true); + } else { + Services.prefs.setIntPref(kSliderPref, settingIndex); + Services.prefs.setBoolPref(kCustomPref, false); + } + }); + // Migrate from old medium-low (3) to new medium (2). + if ( + Services.prefs.getBoolPref(kCustomPref) === false && + Services.prefs.getIntPref(kSliderPref) === 3 + ) { + Services.prefs.setIntPref(kSliderPref, 2); + write_setting_to_prefs(2); + } + + // Revert #33613 fix + if (Services.prefs.getIntPref(kSliderMigration, 0) < 2) { + // We can't differentiate between users having flipped `javascript.enabled` + // to `false` before it got governed by the security settings vs. those who + // had it flipped due to #33613. Reset the preference for everyone. + if (Services.prefs.getIntPref(kSliderPref) === 1) { + Services.prefs.setBoolPref("javascript.enabled", true); + } + Services.prefs.clearUserPref("media.webaudio.enabled"); + Services.prefs.setIntPref(kSliderMigration, 2); + } + logger.info("security-prefs.js initialization complete"); +}; + +// This class is used to initialize the security level stuff at the startup +class SecurityLevel { + QueryInterface = ChromeUtils.generateQI(["nsIObserver"]); + + init() { + initializeNoScriptControl(); + initializeSecurityPrefs(); + } + + observe(aSubject, aTopic, aData) { + if (aTopic == BrowserTopics.ProfileAfterChange) { + this.init(); + Services.obs.removeObserver(this, aTopic); + } + } +} diff --git a/browser/components/securitylevel/SecurityLevel.manifest b/browser/components/securitylevel/SecurityLevel.manifest new file mode 100644 index 0000000000000..0bfbd2ba1ac7b --- /dev/null +++ b/browser/components/securitylevel/SecurityLevel.manifest @@ -0,0 +1 @@ +category profile-after-change SecurityLevel @torproject.org/security-level;1 diff --git a/browser/components/securitylevel/components.conf b/browser/components/securitylevel/components.conf new file mode 100644 index 0000000000000..4b9263ce7f0f2 --- /dev/null +++ b/browser/components/securitylevel/components.conf @@ -0,0 +1,10 @@ +Classes = [ + { + "cid": "{c602ffe5-abf4-40d0-a944-26738b81efdb}", + "contract_ids": [ + "@torproject.org/security-level;1", + ], + "jsm": "resource:///modules/SecurityLevel.jsm", + "constructor": "SecurityLevel", + } +] diff --git a/browser/components/securitylevel/moz.build b/browser/components/securitylevel/moz.build index 2661ad7cb9f3d..33573a3706f97 100644 --- a/browser/components/securitylevel/moz.build +++ b/browser/components/securitylevel/moz.build @@ -1 +1,13 @@ JAR_MANIFESTS += ["jar.mn"] + +EXTRA_JS_MODULES += [ + "SecurityLevel.jsm", +] + +XPCOM_MANIFESTS += [ + "components.conf", +] + +EXTRA_COMPONENTS += [ + "SecurityLevel.manifest", +] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 8009a4d83ec5f..f32d574813a74 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -486,3 +486,5 @@ i686/gmp-clearkey/0.1/clearkey.dll ; build, which, practically speaking, is the case. @BINPATH@/gmp-clearkey/0.1/manifest.json #endif + +@RESPATH@/browser/components/SecurityLevel.manifest
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
commit 6b7f4e9220c93d8546072ea14b912ccf1c38678b Author: Pier Angelo Vendrame pierov@torproject.org AuthorDate: Mon Jul 11 15:49:12 2022 +0200
fixup! Add TorStrings module for localization
Bug 40925: Removed security level strings --- browser/modules/TorStrings.jsm | 89 ------------------------------------------ 1 file changed, 89 deletions(-)
diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm index 84e959a1dcb1f..4110e5af74f58 100644 --- a/browser/modules/TorStrings.jsm +++ b/browser/modules/TorStrings.jsm @@ -149,95 +149,6 @@ var TorStrings = { return retval; })() /* CryptoSafetyPrompt Strings */,
- /* - Tor Browser Security Level Strings - */ - securityLevel: (function() { - let tsb = new TorDTDStringBundle( - ["chrome://torbutton/locale/torbutton.dtd"], - "torbutton.prefs.sec_" - ); - let getString = function(key, fallback) { - return tsb.getString(key, fallback); - }; - - // read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error - let retval = { - securityLevel: getString("caption", "Security Level"), - customWarning: getString("custom_warning", "Custom"), - overview: getString( - "overview", - "Disable certain web features that can be used to attack your security and anonymity." - ), - standard: { - level: getString("standard_label", "Standard"), - tooltip: getString("standard_tooltip", "Security Level : Standard"), - summary: getString( - "standard_description", - "All Tor Browser and website features are enabled." - ), - }, - safer: { - level: getString("safer_label", "Safer"), - tooltip: getString("safer_tooltip", "Security Level : Safer"), - summary: getString( - "safer_description", - "Disables website features that are often dangerous, causing some sites to lose functionality." - ), - description1: getString( - "js_on_https_sites_only", - "JavaScript is disabled on non-HTTPS sites." - ), - description2: getString( - "limit_typography", - "Some fonts and math symbols are disabled." - ), - description3: getString( - "click_to_play_media", - "Audio and video (HTML5 media), and WebGL are click-to-play." - ), - }, - safest: { - level: getString("safest_label", "Safest"), - tooltip: getString("safest_tooltip", "Security Level : Safest"), - summary: getString( - "safest_description", - "Only allows website features required for static sites and basic services. These changes affect images, media, and scripts." - ), - description1: getString( - "js_disabled", - "JavaScript is disabled by default on all sites." - ), - description2: getString( - "limit_graphics_and_typography", - "Some fonts, icons, math symbols, and images are disabled." - ), - description3: getString( - "click_to_play_media", - "Audio and video (HTML5 media), and WebGL are click-to-play." - ), - }, - custom: { - summary: getString( - "custom_summary", - "Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels." - ), - }, - learnMore: getString("learn_more_label", "Learn more"), - learnMoreURL: 'about:manual#security-settings', - restoreDefaults: getString("restore_defaults", "Restore Defaults"), - advancedSecuritySettings: getString( - "advanced_security_settings", - "Advanced Security Settings\u2026" - ), - change: getString( - "change", - "Change\u2026" - ), - }; - return retval; - })() /* Security Level Strings */, - /* Tor about:preferences#connection Strings */
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
commit cd9ac3ca05934d61cda55952faf1e70e7a07a6ec Author: Pier Angelo Vendrame pierov@torproject.org AuthorDate: Mon Jul 11 15:50:25 2022 +0200
fixup! Bug 25658: Replace security slider with security level UI --- browser/base/content/browser.xhtml | 1 + browser/components/preferences/preferences.xhtml | 1 + .../securitylevel/content/securityLevel.js | 383 +++++++++------------ .../content/securityLevelButton.inc.xhtml | 4 +- .../content/securityLevelPanel.inc.xhtml | 18 +- .../content/securityLevelPreferences.inc.xhtml | 59 ++-- .../en-US/browser/base-browser/securityLevel.ftl | 66 ++++ 7 files changed, 284 insertions(+), 248 deletions(-)
diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 394a464140186..21af5188c18d2 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -85,6 +85,7 @@ <link rel="localization" href="browser/places.ftl"/> <link rel="localization" href="toolkit/printing/printUI.ftl"/> <link rel="localization" href="browser/tabbrowser.ftl"/> + <link rel="localization" href="browser/base-browser/securityLevel.ftl"/>
<title data-l10n-id="browser-main-window-title"></title>
diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index 30ce70079adb7..64a266a5756f5 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -57,6 +57,7 @@ <link rel="localization" href="browser/preferences/siteDataSettings.ftl"/> <link rel="localization" href="browser/aboutDialog.ftl"/> <link rel="localization" href="browser/sanitize.ftl"/> + <link rel="localization" href="browser/base-browser/securityLevel.ftl"/> <link rel="localization" href="toolkit/updates/history.ftl"/> <link rel="localization" href="security/certificates/deviceManager.ftl"/> <link rel="localization" href="security/certificates/certManager.ftl"/> diff --git a/browser/components/securitylevel/content/securityLevel.js b/browser/components/securitylevel/content/securityLevel.js index 95770dbc6bed9..0e8f3c00be9bb 100644 --- a/browser/components/securitylevel/content/securityLevel.js +++ b/browser/components/securitylevel/content/securityLevel.js @@ -1,5 +1,7 @@ "use strict";
+/* global AppConstants, Services, openPreferences, XPCOMUtils */ + ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); ChromeUtils.import("resource://gre/modules/Services.jsm");
@@ -8,11 +10,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { PanelMultiView: "resource:///modules/PanelMultiView.jsm", });
-ChromeUtils.defineModuleGetter( - this, - "TorStrings", - "resource:///modules/TorStrings.jsm" -); +const SecurityLevels = Object.freeze(["", "safest", "safer", "", "standard"]);
/* Security Level Prefs @@ -20,13 +18,13 @@ ChromeUtils.defineModuleGetter( Getters and Setters for relevant torbutton prefs */ const SecurityLevelPrefs = { - security_slider_pref : "extensions.torbutton.security_slider", - security_custom_pref : "extensions.torbutton.security_custom", + security_slider_pref: "extensions.torbutton.security_slider", + security_custom_pref: "extensions.torbutton.security_custom",
get securitySlider() { try { return Services.prefs.getIntPref(this.security_slider_pref); - } catch(e) { + } catch (e) { // init pref to 4 (standard) const val = 4; Services.prefs.setIntPref(this.security_slider_pref, val); @@ -38,10 +36,18 @@ const SecurityLevelPrefs = { Services.prefs.setIntPref(this.security_slider_pref, val); },
+ get securitySliderLevel() { + const slider = this.securitySlider; + if (slider >= 1 && slider <= 4 && SecurityLevels[slider]) { + return SecurityLevels[slider]; + } + return null; + }, + get securityCustom() { try { return Services.prefs.getBoolPref(this.security_custom_pref); - } catch(e) { + } catch (e) { // init custom to false const val = false; Services.prefs.setBoolPref(this.security_custom_pref, val); @@ -61,34 +67,20 @@ const SecurityLevelPrefs = { */
const SecurityLevelButton = { - _securityPrefsBranch : null, - - _populateXUL : function(securityLevelButton) { - if (securityLevelButton != null) { - securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.securityLevel); - securityLevelButton.setAttribute("label", TorStrings.securityLevel.securityLevel); - } - }, + _securityPrefsBranch: null,
- _configUIFromPrefs : function(securityLevelButton) { + _configUIFromPrefs(securityLevelButton) { if (securityLevelButton != null) { - let securitySlider = SecurityLevelPrefs.securitySlider; - securityLevelButton.removeAttribute("level"); - const securityCustom = SecurityLevelPrefs.securityCustom; - switch(securitySlider) { - case 4: - securityLevelButton.setAttribute("level", `standard${securityCustom ? "_custom" : ""}`); - securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.standard.tooltip); - break; - case 2: - securityLevelButton.setAttribute("level", `safer${securityCustom ? "_custom" : ""}`); - securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safer.tooltip); - break; - case 1: - securityLevelButton.setAttribute("level", `safest${securityCustom ? "_custom" : ""}`); - securityLevelButton.setAttribute("tooltiptext", TorStrings.securityLevel.safest.tooltip); - break; + const level = SecurityLevelPrefs.securitySliderLevel; + if (!level) { + return; } + const customStr = SecurityLevelPrefs.securityCustom ? "_custom" : ""; + securityLevelButton.setAttribute("level", `${level}${customStr}`); + document.l10n.setAttributes( + securityLevelButton, + `security-level-button-${level}` + ); } },
@@ -110,21 +102,22 @@ const SecurityLevelButton = { return anchor; },
- init : function() { + init() { // set the initial class based off of the current pref let button = this.button; - this._populateXUL(button); this._configUIFromPrefs(button);
- this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); - this._securityPrefsBranch.addObserver("", this, false); + this._securityPrefsBranch = Services.prefs.getBranch( + "extensions.torbutton." + ); + this._securityPrefsBranch.addObserver("", this);
CustomizableUI.addListener(this);
SecurityLevelPanel.init(); },
- uninit : function() { + uninit() { CustomizableUI.removeListener(this);
this._securityPrefsBranch.removeObserver("", this); @@ -133,8 +126,8 @@ const SecurityLevelButton = { SecurityLevelPanel.uninit(); },
- observe : function(subject, topic, data) { - switch(topic) { + observe(subject, topic, data) { + switch (topic) { case "nsPref:changed": if (data === "security_slider" || data === "security_custom") { this._configUIFromPrefs(this.button); @@ -144,17 +137,17 @@ const SecurityLevelButton = { },
// callback for entering the 'Customize Firefox' screen to set icon - onCustomizeStart : function(window) { + onCustomizeStart(window) { let navigatorToolbox = document.getElementById("navigator-toolbox"); - let button = navigatorToolbox.palette.querySelector("#security-level-button"); - this._populateXUL(button); + let button = navigatorToolbox.palette.querySelector( + "#security-level-button" + ); this._configUIFromPrefs(button); },
// callback when CustomizableUI modifies DOM - onWidgetAfterDOMChange : function(aNode, aNextNode, aContainer, aWasRemoval) { + onWidgetAfterDOMChange(aNode, aNextNode, aContainer, aWasRemoval) { if (aNode.id == "security-level-button" && !aWasRemoval) { - this._populateXUL(aNode); this._configUIFromPrefs(aNode); } }, @@ -165,7 +158,7 @@ const SecurityLevelButton = { // onmousedown. We do this to match the behavior of other panel spawning buttons such as Downloads, // Library, and the Hamburger menus. Using oncommand alone would result in only getting fired // after onclick, which is mousedown followed by mouseup. - onCommand : function(aEvent) { + onCommand(aEvent) { // snippet borrowed from /browser/components/downloads/content/indicator.js DownloadsIndicatorView.onCommand(evt) if ( // On Mac, ctrl-click will send a context menu event from the widget, so @@ -193,142 +186,128 @@ const SecurityLevelButton = { */
const SecurityLevelPanel = { - _securityPrefsBranch : null, - _panel : null, - _anchor : null, - _populated : false, + _securityPrefsBranch: null, + _panel: null, + _anchor: null, + _populated: false,
_selectors: Object.freeze({ panel: "panel#securityLevel-panel", icon: "vbox#securityLevel-vbox>vbox", - header: "h1#securityLevel-header", - level: "label#securityLevel-level", - custom: "label#securityLevel-custom", + labelLevel: "label#securityLevel-level", + labelCustom: "label#securityLevel-custom", summary: "description#securityLevel-summary", - learnMore: "label#securityLevel-learnMore", restoreDefaults: "button#securityLevel-restoreDefaults", advancedSecuritySettings: "button#securityLevel-advancedSecuritySettings", }),
- _populateXUL : function() { + _populateXUL() { let selectors = this._selectors;
this._elements = { panel: document.querySelector(selectors.panel), icon: document.querySelector(selectors.icon), - header: document.querySelector(selectors.header), - levelLabel: document.querySelector(selectors.level), - customLabel: document.querySelector(selectors.custom), + labelLevel: document.querySelector(selectors.labelLevel), + labelCustom: document.querySelector(selectors.labelCustom), summaryDescription: document.querySelector(selectors.summary), - learnMoreLabel: document.querySelector(selectors.learnMore), restoreDefaultsButton: document.querySelector(selectors.restoreDefaults), - changeButton: document.querySelector(selectors.advancedSecuritySettings), + advancedSecuritySettings: document.querySelector( + selectors.advancedSecuritySettings + ), }; - let elements = this._elements; - - elements.header.textContent = TorStrings.securityLevel.securityLevel; - elements.customLabel.setAttribute("value", TorStrings.securityLevel.customWarning); - elements.learnMoreLabel.setAttribute("value", TorStrings.securityLevel.learnMore); - elements.learnMoreLabel.setAttribute("href", TorStrings.securityLevel.learnMoreURL); - if (TorStrings.securityLevel.learnMoreURL.startsWith("about:")) { - elements.learnMoreLabel.setAttribute("useoriginprincipal", "true"); - } - elements.restoreDefaultsButton.setAttribute("label", TorStrings.securityLevel.restoreDefaults); - elements.changeButton.setAttribute("label", TorStrings.securityLevel.change); - + this._elements.panel.addEventListener("onpopupshown", e => { + this.onPopupShown(e); + }); + this._elements.panel.addEventListener("onpopuphidden", e => { + this.onPopupHidden(e); + }); + this._elements.restoreDefaultsButton.addEventListener("command", () => { + this.restoreDefaults(); + }); + this._elements.advancedSecuritySettings.addEventListener("command", () => { + this.openAdvancedSecuritySettings(); + }); this._configUIFromPrefs(); this._populated = true; },
- _configUIFromPrefs : function() { + _configUIFromPrefs() { // get security prefs - let securitySlider = SecurityLevelPrefs.securitySlider; - let securityCustom = SecurityLevelPrefs.securityCustom; - - // get the panel elements we need to populate - let elements = this._elements; - let icon = elements.icon; - let labelLevel = elements.levelLabel; - let labelCustomWarning = elements.customLabel; - let summary = elements.summaryDescription; - let buttonRestoreDefaults = elements.restoreDefaultsButton; - let buttonAdvancedSecuritySettings = elements.changeButton; + const level = SecurityLevelPrefs.securitySliderLevel; + const custom = SecurityLevelPrefs.securityCustom;
// only visible when user is using custom settings - labelCustomWarning.hidden = !securityCustom; - buttonRestoreDefaults.hidden = !securityCustom; + let labelCustomWarning = this._elements.labelCustom; + labelCustomWarning.hidden = !custom; + let buttonRestoreDefaults = this._elements.restoreDefaultsButton; + buttonRestoreDefaults.hidden = !custom;
+ const summary = this._elements.summaryDescription; // Descriptions change based on security level - switch(securitySlider) { - // standard - case 4: - icon.setAttribute("level", "standard"); - labelLevel.setAttribute("value", TorStrings.securityLevel.standard.level); - summary.textContent = TorStrings.securityLevel.standard.summary; - break; - // safer - case 2: - icon.setAttribute("level", "safer"); - labelLevel.setAttribute("value", TorStrings.securityLevel.safer.level); - summary.textContent = TorStrings.securityLevel.safer.summary; - break; - // safest - case 1: - icon.setAttribute("level", "safest"); - labelLevel.setAttribute("value", TorStrings.securityLevel.safest.level); - summary.textContent = TorStrings.securityLevel.safest.summary; - break; + if (level) { + this._elements.icon.setAttribute("level", level); + document.l10n.setAttributes( + this._elements.labelLevel, + `security-level-${level}-label` + ); + document.l10n.setAttributes(summary, `security-level-${level}-summary`); } - // override the summary text with custom warning - if (securityCustom) { - summary.textContent = TorStrings.securityLevel.custom.summary; + if (custom) { + document.l10n.setAttributes(summary, "security-level-custom-summary"); } },
- init : function() { - this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); - this._securityPrefsBranch.addObserver("", this, false); + init() { + this._securityPrefsBranch = Services.prefs.getBranch( + "extensions.torbutton." + ); + this._securityPrefsBranch.addObserver("", this); },
- uninit : function() { + uninit() { this._securityPrefsBranch.removeObserver("", this); this._securityPrefsBranch = null; },
- show : function() { - // we have to defer this until after the browser has finished init'ing before - // we can populate the panel + show() { + // we have to defer this until after the browser has finished init'ing + // before we can populate the panel if (!this._populated) { this._populateXUL(); }
- let panel = document.getElementById("securityLevel-panel"); - panel.hidden = false; - PanelMultiView.openPopup(panel, SecurityLevelButton.anchor, "bottomcenter topright", - 0, 0, false, null).catch(Cu.reportError); + this._elements.panel.hidden = false; + PanelMultiView.openPopup( + this._elements.panel, + SecurityLevelButton.anchor, + "bottomcenter topright", + 0, + 0, + false, + null + ).catch(Cu.reportError); },
- hide : function() { - let panel = document.getElementById("securityLevel-panel"); - PanelMultiView.hidePopup(panel); + hide() { + PanelMultiView.hidePopup(this._elements.panel); },
- restoreDefaults : function() { + restoreDefaults() { SecurityLevelPrefs.securityCustom = false; // hide and reshow so that layout re-renders properly this.hide(); this.show(this._anchor); },
- openAdvancedSecuritySettings : function() { + openAdvancedSecuritySettings() { openPreferences("privacy-securitylevel"); this.hide(); },
// callback when prefs change - observe : function(subject, topic, data) { - switch(topic) { + observe(subject, topic, data) { + switch (topic) { case "nsPref:changed": if (data == "security_slider" || data == "security_custom") { this._configUIFromPrefs(); @@ -338,14 +317,14 @@ const SecurityLevelPanel = { },
// callback when the panel is displayed - onPopupShown : function(event) { + onPopupShown(event) { SecurityLevelButton.button.setAttribute("open", "true"); },
// callback when the panel is hidden - onPopupHidden : function(event) { + onPopupHidden(event) { SecurityLevelButton.button.removeAttribute("open"); - } + }, }; /* Security Level Panel */
/* @@ -354,79 +333,58 @@ const SecurityLevelPanel = { Code to handle init and update of security level section in about:preferences#privacy */
-const SecurityLevelPreferences = -{ - _securityPrefsBranch : null, - - _populateXUL : function() { - let groupbox = document.getElementById("securityLevel-groupbox"); - - let labelHeader = groupbox.querySelector("#securityLevel-header"); - labelHeader.textContent = TorStrings.securityLevel.securityLevel; - - let spanOverview = groupbox.querySelector("#securityLevel-overview"); - spanOverview.textContent = TorStrings.securityLevel.overview; - - let labelLearnMore = groupbox.querySelector("#securityLevel-learnMore"); - labelLearnMore.setAttribute("value", TorStrings.securityLevel.learnMore); - labelLearnMore.setAttribute("href", TorStrings.securityLevel.learnMoreURL); - if (TorStrings.securityLevel.learnMoreURL.startsWith("about:")) { - labelLearnMore.setAttribute("useoriginprincipal", "true"); - } - - let radiogroup = document.getElementById("securityLevel-radiogroup"); - radiogroup.addEventListener("command", SecurityLevelPreferences.selectSecurityLevel); - - let populateRadioElements = function(vboxQuery, stringStruct) { - let vbox = groupbox.querySelector(vboxQuery); - - let radio = vbox.querySelector("radio"); - radio.setAttribute("label", stringStruct.level); - - let customWarning = vbox.querySelector("#securityLevel-customWarning"); - customWarning.setAttribute("value", TorStrings.securityLevel.customWarning); - - let labelSummary = vbox.querySelector("#securityLevel-summary"); - labelSummary.textContent = stringStruct.summary; - - let labelRestoreDefaults = vbox.querySelector("#securityLevel-restoreDefaults"); - labelRestoreDefaults.setAttribute("value", TorStrings.securityLevel.restoreDefaults); - labelRestoreDefaults.addEventListener("click", SecurityLevelPreferences.restoreDefaults); - - let description1 = vbox.querySelector("#securityLevel-description1"); - if (description1) { - description1.textContent = stringStruct.description1; - } - let description2 = vbox.querySelector("#securityLevel-description2"); - if (description2) { - description2.textContent = stringStruct.description2; - } - let description3 = vbox.querySelector("#securityLevel-description3"); - if (description3) { - description3.textContent = stringStruct.description3; - } +const SecurityLevelPreferences = { + _securityPrefsBranch: null, + + _populateXUL() { + const groupbox = document.querySelector("#securityLevel-groupbox"); + const radiogroup = groupbox.querySelector("#securityLevel-radiogroup"); + radiogroup.addEventListener( + "command", + SecurityLevelPreferences.selectSecurityLevel + ); + + const populateRadioElements = vboxQuery => { + const vbox = groupbox.querySelector(vboxQuery); + const labelRestoreDefaults = vbox.querySelector( + ".securityLevel-restoreDefaults" + ); + labelRestoreDefaults.addEventListener( + "click", + SecurityLevelPreferences.restoreDefaults + ); }; - - populateRadioElements("#securityLevel-vbox-standard", TorStrings.securityLevel.standard); - populateRadioElements("#securityLevel-vbox-safer", TorStrings.securityLevel.safer); - populateRadioElements("#securityLevel-vbox-safest", TorStrings.securityLevel.safest); + populateRadioElements("#securityLevel-vbox-standard"); + populateRadioElements("#securityLevel-vbox-safer"); + populateRadioElements("#securityLevel-vbox-safest"); },
- _configUIFromPrefs : function() { + _configUIFromPrefs() { // read our prefs - let securitySlider = SecurityLevelPrefs.securitySlider; - let securityCustom = SecurityLevelPrefs.securityCustom; + const securitySlider = SecurityLevelPrefs.securitySlider; + const securityCustom = SecurityLevelPrefs.securityCustom;
// get our elements - let groupbox = document.getElementById("securityLevel-groupbox"); - - let radiogroup = groupbox.querySelector("#securityLevel-radiogroup"); - let labelStandardCustom = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-customWarning"); - let labelSaferCustom = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-customWarning"); - let labelSafestCustom = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-customWarning"); - let labelStandardRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-standard label#securityLevel-restoreDefaults"); - let labelSaferRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safer label#securityLevel-restoreDefaults"); - let labelSafestRestoreDefaults = groupbox.querySelector("#securityLevel-vbox-safest label#securityLevel-restoreDefaults"); + const groupbox = document.querySelector("#securityLevel-groupbox"); + let radiogroup = groupbox.querySelector("#securityLevel-radiogroup"); + let labelStandardCustom = groupbox.querySelector( + "#securityLevel-vbox-standard label.securityLevel-customWarning" + ); + let labelSaferCustom = groupbox.querySelector( + "#securityLevel-vbox-safer label.securityLevel-customWarning" + ); + let labelSafestCustom = groupbox.querySelector( + "#securityLevel-vbox-safest label.securityLevel-customWarning" + ); + let labelStandardRestoreDefaults = groupbox.querySelector( + "#securityLevel-vbox-standard label.securityLevel-restoreDefaults" + ); + let labelSaferRestoreDefaults = groupbox.querySelector( + "#securityLevel-vbox-safer label.securityLevel-restoreDefaults" + ); + let labelSafestRestoreDefaults = groupbox.querySelector( + "#securityLevel-vbox-safest label.securityLevel-restoreDefaults" + );
// hide custom label by default until we know which level we're at labelStandardCustom.hidden = true; @@ -437,7 +395,7 @@ const SecurityLevelPreferences = labelSaferRestoreDefaults.hidden = true; labelSafestRestoreDefaults.hidden = true;
- switch(securitySlider) { + switch (securitySlider) { // standard case 4: radiogroup.value = "standard"; @@ -459,7 +417,7 @@ const SecurityLevelPreferences = } },
- init : function() { + init() { // populate XUL with localized strings this._populateXUL();
@@ -467,31 +425,32 @@ const SecurityLevelPreferences = this._configUIFromPrefs();
// register for pref chagnes - this._securityPrefsBranch = Services.prefs.getBranch("extensions.torbutton."); - this._securityPrefsBranch.addObserver("", this, false); + this._securityPrefsBranch = Services.prefs.getBranch( + "extensions.torbutton." + ); + this._securityPrefsBranch.addObserver("", this); },
- uninit : function() { + uninit() { // unregister for pref change events this._securityPrefsBranch.removeObserver("", this); this._securityPrefsBranch = null; },
// callback for when prefs change - observe : function(subject, topic, data) { - switch(topic) { + observe(subject, topic, data) { + switch (topic) { case "nsPref:changed": - if (data == "security_slider" || - data == "security_custom") { + if (data == "security_slider" || data == "security_custom") { this._configUIFromPrefs(); } break; } },
- selectSecurityLevel : function() { + selectSecurityLevel() { // radio group elements - let radiogroup = document.getElementById("securityLevel-radiogroup"); + let radiogroup = document.getElementById("securityLevel-radiogroup");
// update pref based on selected radio option switch (radiogroup.value) { @@ -509,7 +468,7 @@ const SecurityLevelPreferences = SecurityLevelPreferences.restoreDefaults(); },
- restoreDefaults : function() { + restoreDefaults() { SecurityLevelPrefs.securityCustom = false; }, }; /* Security Level Prefereces */ @@ -517,17 +476,17 @@ const SecurityLevelPreferences = Object.defineProperty(this, "SecurityLevelButton", { value: SecurityLevelButton, enumerable: true, - writable: false + writable: false, });
Object.defineProperty(this, "SecurityLevelPanel", { value: SecurityLevelPanel, enumerable: true, - writable: false + writable: false, });
Object.defineProperty(this, "SecurityLevelPreferences", { value: SecurityLevelPreferences, enumerable: true, - writable: false + writable: false, }); diff --git a/browser/components/securitylevel/content/securityLevelButton.inc.xhtml b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml index 96ee1ec0ca499..2ca8fcde945c1 100644 --- a/browser/components/securitylevel/content/securityLevelButton.inc.xhtml +++ b/browser/components/securitylevel/content/securityLevelButton.inc.xhtml @@ -4,4 +4,6 @@ onmousedown="SecurityLevelButton.onCommand(event);" onkeypress="SecurityLevelButton.onCommand(event);" closemenu="none" - cui-areatype="toolbar"/> + cui-areatype="toolbar" + data-l10n-id="security-level-button" + /> diff --git a/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml index 02d93b738ff50..05a127dd98f24 100644 --- a/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml +++ b/browser/components/securitylevel/content/securityLevelPanel.inc.xhtml @@ -4,14 +4,12 @@ orient="vertical" level="top" hidden="true" - class="panel-no-padding" - onpopupshown="SecurityLevelPanel.onPopupShown(event);" - onpopuphidden="SecurityLevelPanel.onPopupHidden(event);"> + class="panel-no-padding"> <panelmultiview mainViewId="securityLevel-panelview"> <panelview id="securityLevel-panelview" descriptionheightworkaround="true"> <vbox id="securityLevel-vbox"> <box class="panel-header"> - <html:h1 id="securityLevel-header"/> + <html:h1 data-l10n-id="security-level-header" /> </box> <toolbarseparator></toolbarseparator> <vbox> @@ -19,7 +17,7 @@ <label id="securityLevel-level"/> <vbox> <spacer flex="1"/> - <label id="securityLevel-custom"/> + <label id="securityLevel-custom" data-l10n-id="security-level-custom"/> <spacer flex="1"/> </vbox> <spacer flex="1"/> @@ -27,19 +25,21 @@ <description id="securityLevel-summary"/> <hbox> <label - id="securityLevel-learnMore" class="learnMore text-link" + href="about:manual#security-settings" + useoriginprincipal="true" onclick="SecurityLevelPanel.hide();" - is="text-link"/> + is="text-link" + data-l10n-id="security-level-learn-more"/> <spacer/> </hbox> </vbox> <hbox class="panel-footer"> <button id="securityLevel-restoreDefaults" - oncommand="SecurityLevelPanel.restoreDefaults();"/> + data-l10n-id="security-level-restore-defaults"/> <button id="securityLevel-advancedSecuritySettings" default="true" - oncommand="SecurityLevelPanel.openAdvancedSecuritySettings();"/> + data-l10n-id="security-level-change"/> </hbox> </vbox> </panelview> diff --git a/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml index b050dad81621a..8439e581af133 100644 --- a/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml +++ b/browser/components/securitylevel/content/securityLevelPreferences.inc.xhtml @@ -1,65 +1,72 @@ <groupbox id="securityLevel-groupbox" data-category="panePrivacy" hidden="true"> - <label><html:h2 id="securityLevel-header"/></label> + <label><html:h2 data-l10n-id="security-level-header"/></label> <vbox data-subcategory="securitylevel" flex="1"> <description flex="1"> - <html:span id="securityLevel-overview" class="tail-with-learn-more"/> - <label id="securityLevel-learnMore" class="learnMore text-link" is="text-link"/> + <html:span data-l10n-id="security-level-overview" class="tail-with-learn-more"/> + <label data-l10n-id="security-level-learn-more" + class="learnMore text-link" + is="text-link" + href="about:manual#security-settings" + useoriginprincipal="true"/> </description> <radiogroup id="securityLevel-radiogroup"> <vbox id="securityLevel-vbox-standard"> <hbox> - <radio value="standard"/> + <radio value="standard" data-l10n-id="security-level-standard-radio"/> <vbox> <spacer flex="1"/> - <label id="securityLevel-customWarning"/> + <label class="securityLevel-customWarning" data-l10n-id="security-level-custom"/> <spacer flex="1"/> </vbox> <spacer flex="1"/> </hbox> <description flex="1" class="indent"> - <html:span id="securityLevel-summary" class="tail-with-learn-more"/> - <label id="securityLevel-restoreDefaults" - class="learnMore text-link"/> + <html:span data-l10n-id="security-level-standard-summary" + class="tail-with-learn-more"/> + <label class="securityLevel-restoreDefaults learnMore text-link" + data-l10n-id="security-level-restore-link"/> </description> </vbox> <vbox id="securityLevel-vbox-safer"> <hbox> - <radio value="safer"/> + <radio value="safer" data-l10n-id="security-level-safer-radio"/> <vbox> <spacer flex="1"/> - <label id="securityLevel-customWarning"/> + <label class="securityLevel-customWarning" data-l10n-id="security-level-custom"/> <spacer flex="1"/> </vbox> </hbox> <description flex="1" class="indent"> - <html:span id="securityLevel-summary" class="tail-with-learn-more"/> - <label id="securityLevel-restoreDefaults" - class="learnMore text-link"/> + <html:span data-l10n-id="security-level-safer-summary" + class="tail-with-learn-more"/> + <label class="securityLevel-restoreDefaults learnMore text-link" + data-l10n-id="security-level-restore-link"/> </description> - <vbox id="securityLevel-descriptionList" class="indent"> - <description id="securityLevel-description1" class="indent"/> - <description id="securityLevel-description2" class="indent"/> - <description id="securityLevel-description3" class="indent"/> + <vbox class="securityLevel-descriptionList indent"> + <description data-l10n-id="security-level-js-https-only" class="indent"/> + <description data-l10n-id="security-level-limit-typography" class="indent"/> + <description data-l10n-id="security-level-limit-media" class="indent"/> </vbox> </vbox> <vbox id="securityLevel-vbox-safest"> <hbox> - <radio value="safest"/> + <radio value="safest" data-l10n-id="security-level-safest-radio"/> <vbox> <spacer flex="1"/> - <label id="securityLevel-customWarning"/> + <label class="securityLevel-customWarning" data-l10n-id="security-level-custom"/> <spacer flex="1"/> </vbox> </hbox> <description flex="1" class="indent"> - <html:span id="securityLevel-summary" class="tail-with-learn-more"/> - <label id="securityLevel-restoreDefaults" - class="learnMore text-link"/> + <html:span data-l10n-id="security-level-safest-summary" + class="tail-with-learn-more"/> + <label class="securityLevel-restoreDefaults learnMore text-link" + data-l10n-id="security-level-restore-link"/> </description> - <vbox id="securityLevel-descriptionList" class="indent"> - <description id="securityLevel-description1" class="indent"/> - <description id="securityLevel-description2" class="indent"/> - <description id="securityLevel-description3" class="indent"/> + <vbox class="securityLevel-descriptionList indent"> + <description data-l10n-id="security-level-js-disabled" class="indent"/> + <description data-l10n-id="security-level-limit-typography-svg" class="indent"/> + <description data-l10n-id="security-level-limit-media" class="indent"/> </vbox> </vbox> </radiogroup> diff --git a/browser/locales/en-US/browser/base-browser/securityLevel.ftl b/browser/locales/en-US/browser/base-browser/securityLevel.ftl new file mode 100644 index 0000000000000..ef1ca39a3d492 --- /dev/null +++ b/browser/locales/en-US/browser/base-browser/securityLevel.ftl @@ -0,0 +1,66 @@ +-security-level = Security Level +-security-level-standard = Standard +-security-level-safer = Safer +-security-level-safest = Safest +-security-level-tooltip-standard = Security Level: Standard +-security-level-tooltip-safer = Security Level: Safer +-security-level-tooltip-safest = Security Level: Safest +# Shown only for custom level +-security-level-restore = Restore Defaults + +## Security level button: when changing level, the id will be updated accordingly +# Not yet loaded (generic placeholders) +security-level-button = + .tooltiptext = { -security-level } + .label = { -security-level } +security-level-button-standard = + .tooltiptext = { -security-level-tooltip-standard } + .label = { -security-level-tooltip-standard } +security-level-button-safer = + .tooltiptext = { -security-level-tooltip-safer } + .label = { -security-level-tooltip-safer } +security-level-button-safest = + .tooltiptext = { -security-level-tooltip-safest } + .label = { -security-level-tooltip-safest } + +## Security level panel +security-level-change = Changeā¦ +security-level-standard-label = + .value = { -security-level-standard } +security-level-standard-radio = + .label = { -security-level-standard } +security-level-standard-summary = All Tor Browser and website features are enabled. +security-level-safer-label = + .value = { -security-level-safer } +security-level-safer-radio = + .label = { -security-level-safer } +security-level-safer-summary = Disables website features that are often dangerous, causing some sites to lose functionality. +security-level-safest-label = + .value = { -security-level-safest } +security-level-safest-radio = + .label = { -security-level-safest } +security-level-safest-summary = Only allows website features required for static sites and basic services. These changes affect images, media, and scripts. +security-level-custom = + .value = Custom +security-level-custom-summary = Your custom browser preferences have resulted in unusual security settings. For security and privacy reasons, we recommend you choose one of the default security levels. +security-level-restore-defaults = { -security-level-restore } + +## Security level section in about:preferences#privacy +security-level-overview = Disable certain web features that can be used to attack your security and anonymity. +security-level-list-safer = + .value = At the safer setting: +security-level-list-safest = + .value = At the safest setting: +security-level-restore-link = + .value = { -security-level-restore } +# Strings for descriptions +security-level-js-https-only = JavaScript is disabled on non-HTTPS sites. +security-level-js-disabled = JavaScript is disabled by default on all sites. +security-level-limit-typography = Some fonts and math symbols are disabled. +security-level-limit-typography-svg = Some fonts, icons, math symbols, and images are disabled. +security-level-limit-media = Audio and video (HTML5 media), and WebGL are click-to-play. + +## Shared strings (both panel and preferences) +security-level-header = { -security-level } +security-level-learn-more = + .value = Learn more
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
commit 6147e833ec5447572666a0e3f09e344134815f2b Author: Pier Angelo Vendrame pierov@torproject.org AuthorDate: Wed Jul 13 10:35:42 2022 +0200
fixup! Bug 25658: Replace security slider with security level UI
Fixes on small problems. --- browser/components/securitylevel/SecurityLevel.jsm | 1 - browser/components/securitylevel/content/securityLevel.js | 7 ++++++- .../components/securitylevel/content/securityLevelPanel.css | 7 ++----- .../securitylevel/content/securityLevelPreferences.css | 11 +++++------ 4 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/browser/components/securitylevel/SecurityLevel.jsm b/browser/components/securitylevel/SecurityLevel.jsm index bd7c803511fff..485df6d5090e4 100644 --- a/browser/components/securitylevel/SecurityLevel.jsm +++ b/browser/components/securitylevel/SecurityLevel.jsm @@ -452,7 +452,6 @@ class SecurityLevel { observe(aSubject, aTopic, aData) { if (aTopic == BrowserTopics.ProfileAfterChange) { this.init(); - Services.obs.removeObserver(this, aTopic); } } } diff --git a/browser/components/securitylevel/content/securityLevel.js b/browser/components/securitylevel/content/securityLevel.js index 0e8f3c00be9bb..366814ac85666 100644 --- a/browser/components/securitylevel/content/securityLevel.js +++ b/browser/components/securitylevel/content/securityLevel.js @@ -227,11 +227,16 @@ const SecurityLevelPanel = { this._elements.advancedSecuritySettings.addEventListener("command", () => { this.openAdvancedSecuritySettings(); }); - this._configUIFromPrefs(); this._populated = true; + this._configUIFromPrefs(); },
_configUIFromPrefs() { + if (!this._populated) { + console.warn("_configUIFromPrefs before XUL was populated."); + return; + } + // get security prefs const level = SecurityLevelPrefs.securitySliderLevel; const custom = SecurityLevelPrefs.securityCustom; diff --git a/browser/components/securitylevel/content/securityLevelPanel.css b/browser/components/securitylevel/content/securityLevelPanel.css index 6462c02f15942..c50acf0ae76c8 100644 --- a/browser/components/securitylevel/content/securityLevelPanel.css +++ b/browser/components/securitylevel/content/securityLevelPanel.css @@ -39,9 +39,6 @@ vbox#securityLevel-vbox > vbox * { margin-inline: 0; }
-vbox#securityLevel-vbox > vbox > hbox { -} - label#securityLevel-level { font-size: 1.25em; font-weight: 600; @@ -56,12 +53,12 @@ label#securityLevel-custom { height: 1.6em; line-height: 1.0em; padding: 0.4em 0.5em; - margin-left: 1em!important; + margin-inline-start: 1em !important; }
description#securityLevel-summary { margin-top: 1em; - padding-right: 5em; + padding-inline-end: 5em; }
vbox#securityLevel-vbox > hbox.panel-footer { diff --git a/browser/components/securitylevel/content/securityLevelPreferences.css b/browser/components/securitylevel/content/securityLevelPreferences.css index 12a7cccffe099..152c6489f3658 100644 --- a/browser/components/securitylevel/content/securityLevelPreferences.css +++ b/browser/components/securitylevel/content/securityLevelPreferences.css @@ -1,4 +1,4 @@ -label#securityLevel-customWarning { +label.securityLevel-customWarning { border-radius: 4px; background-color: var(--yellow-50); color: black; @@ -31,17 +31,16 @@ radiogroup#securityLevel-radiogroup[value=safest] > vbox#securityLevel-vbox-safe
}
-vbox#securityLevel-descriptionList { +vbox.securityLevel-descriptionList { display: none; - margin-inline-start: }
-radiogroup#securityLevel-radiogroup[value=safer] > vbox#securityLevel-vbox-safer > vbox#securityLevel-descriptionList, -radiogroup#securityLevel-radiogroup[value=safest] > vbox#securityLevel-vbox-safest > vbox#securityLevel-descriptionList { +radiogroup#securityLevel-radiogroup[value=safer] vbox#securityLevel-vbox-safer vbox.securityLevel-descriptionList, +radiogroup#securityLevel-radiogroup[value=safest] vbox#securityLevel-vbox-safest vbox.securityLevel-descriptionList { display: inherit; }
-vbox#securityLevel-descriptionList > description { +vbox.securityLevel-descriptionList description { display: list-item; }
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.11.0esr-12.0-1 in repository tor-browser.
commit c6ba0bf0133d274720edbe121d7f43192d18a218 Author: Richard Pospesel richard@torproject.org AuthorDate: Fri Jul 15 18:59:33 2022 +0000
fixup! Bug 10760: Integrate TorButton to TorBrowser core --- toolkit/torproject/torbutton | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton index 27b24bcf73f44..6f84627dd470f 160000 --- a/toolkit/torproject/torbutton +++ b/toolkit/torproject/torbutton @@ -1 +1 @@ -Subproject commit 27b24bcf73f4465c5995c9da227740acfd5bdf8e +Subproject commit 6f84627dd470f0eade9e1ba51b81458687263c34
tor-commits@lists.torproject.org