[tbb-commits] [tor-browser/tor-browser-91.5.0esr-11.5-2] Bug 40562: Added Tor-related preferences to 000-tor-browser.js

richard at torproject.org richard at torproject.org
Tue Feb 1 13:45:17 UTC 2022 

commit ee499f37fd2921e70cf227a72c411ba125de872d
Author: Pier Angelo Vendrame <pierov at torproject.org>
Date:   Tue Jan 18 19:18:48 2022 +0100

    Bug 40562: Added Tor-related preferences to 000-tor-browser.js
    
    Before reordering patches, we used to keep the Tor-related patches
    (torbutton and tor-launcher) at the beginning.
    After that issue, we decided to move them towards the end, however we
    kept TB4: Tor Browser's Firefox preference overrides at the beginning
    because it influcences many other features.
    As a result, to keep bisect working, we split that commit, and moved
    all the preferences related to Tor (such as network.proxy.*) here.
---
 browser/app/profile/000-tor-browser.js | 69 ++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
index 10e1d0730bbb..aac1da85e24e 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -211,6 +211,17 @@ pref("network.predictor.enabled", false); // Temporarily disabled. See https://b
 // Bug 40177: Make sure tracker cookie purging is disabled
 pref("privacy.purge_trackers.enabled", false);
 
+// Proxy and proxy security
+pref("network.proxy.socks", "127.0.0.1");
+pref("network.proxy.socks_port", 9150);
+pref("network.proxy.socks_remote_dns", true);
+pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
+pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
+pref("network.proxy.type", 1);
+// Bug 40548: Disable proxy-bypass
+pref("network.proxy.failover_direct", false);
+pref("network.security.ports.banned", "9050,9051,9150,9151");
+pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks
 pref("network.dns.disablePrefetch", true);
 pref("network.protocol-handler.external-default", false);
 pref("network.protocol-handler.external.mailto", false);
@@ -373,6 +384,64 @@ pref("dom.audiochannel.mediaControl", false);
 
 #expand pref("torbrowser.version", __TOR_BROWSER_VERSION_QUOTED__);
 
+// Old torbutton prefs
+
+// debug prefs
+pref("extensions.torbutton.loglevel",4);
+pref("extensions.torbutton.logmethod",1); // 0=stdout, 1=errorconsole, 2=debuglog
+
+// Display prefs
+pref("extensions.torbutton.display_circuit", true);
+pref("extensions.torbutton at torproject.org.description", "chrome://torbutton/locale/torbutton.properties");
+pref("extensions.torbutton.updateNeeded", false);
+
+// Tor check and proxy prefs
+pref("extensions.torbutton.test_enabled",true);
+pref("extensions.torbutton.test_url","https://check.torproject.org/?TorButton=true");
+pref("extensions.torbutton.local_tor_check",true);
+pref("extensions.torbutton.versioncheck_url","https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions");
+pref("extensions.torbutton.versioncheck_enabled",true);
+pref("extensions.torbutton.use_nontor_proxy",false);
+
+// State prefs:
+pref("extensions.torbutton.startup",false);
+pref("extensions.torbutton.inserted_button",false);
+pref("extensions.torbutton.inserted_security_level",false);
+
+// This is only used when letterboxing is disabled.
+// See #7255 for details. We display the warning three times to make sure the
+// user did not click on it by accident.
+pref("extensions.torbutton.maximize_warnings_remaining", 3);
+
+// Security prefs:
+pref("extensions.torbutton.clear_http_auth",true);
+pref("extensions.torbutton.close_newnym",true);
+pref("extensions.torbutton.resize_new_windows",false);
+pref("extensions.torbutton.startup_state", 2); // 0=non-tor, 1=tor, 2=last
+pref("extensions.torbutton.tor_memory_jar",false);
+pref("extensions.torbutton.nontor_memory_jar",false);
+pref("extensions.torbutton.launch_warning",true);
+
+// Opt out of Firefox addon pings:
+// https://developer.mozilla.org/en/Addons/Working_with_AMO
+pref("extensions.torbutton at torproject.org.getAddons.cache.enabled", false);
+
+// Security Slider
+pref("extensions.torbutton.security_slider", 4);
+pref("extensions.torbutton.security_custom", false);
+
+pref("extensions.torbutton.confirm_plugins", true);
+pref("extensions.torbutton.confirm_newnym", true);
+
+pref("extensions.torbutton.noscript_inited", false);
+pref("extensions.torbutton.noscript_persist", false);
+
+// Browser home page:
+pref("browser.startup.homepage", "about:tor");
+
+// This pref specifies an ad-hoc "version" for various pref update hacks we need to do
+pref("extensions.torbutton.pref_fixup_version", 0);
+
 // If we are bundling fonts, whitelist those bundled fonts, and restrict system fonts to a selection.
 
 #ifdef MOZ_BUNDLED_FONTS

More information about the tbb-commits mailing list