[tor-bugs] #33533 [Applications/Tor Browser]: Rebase Tor Browser esr68 patches on top of mozilla-central
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 10 21:23:13 UTC 2020
#33533: Rebase Tor Browser esr68 patches on top of mozilla-central
--------------------------------------+--------------------------------
Reporter: acat | Owner: acat
Type: task | Status: needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam202006R | Actual Points: 14
Parent ID: #33661 | Points:
Reviewer: sysrqb, gk | Sponsor: Sponsor58-must
--------------------------------------+--------------------------------
Comment (by acat):
Rebased branch to latest beta 78 in https://github.com/acatarineu/tor-
browser/commits/33533+6
First, I picked previously rebased commits
`989179387d731fcadb4c589c02b87146caed36a2..4ac6652a6a29ca819123d88d69f1cb037d828506`.
Then, I picked newer commits, mentioned in comment:27
{{{
aed69dc95387429e18b18ad578fb78d4a83d91f2
03101bba2cf4a694deec0b7b040d8141f8c7cf20
69dfbacfa8b3d6abd6eb5e248fcd24a03c30a962
7306a08365be9212f621b396513352d19549c487
e3b4a8bf4a19cee4838a5216a3ef5af58bea6e62
da5513527e50e7f13e3b1c3206ed75ff8fbd76db
e09b2deb216910b26f1ade5882d3c3c07af30652
dcae22191c42bdb1948a6e55c7c50e0ab97dbf70
5a8128b566fab32fa2d97fe7a1a99e761afe77b0
7d0d47db46531a32c88db85323cd771761b8bb5d
e577d655d2044e3b6636b0bccfbb5bd776148582
0052c74b743756dafa4f3614f559dd8f8d1645c2
00f5a4c995a911423e10af5a2bbeceef1ae76be6
052d8a452a92a97b77130e60e28c1c02076d9db3
}}}
The result of that is, commit by commit,
`5f4f375bd8bdc8b065c3233e0174b3c479fda4ba...051eee13a013cb609998b3c8429d075d1cc3dc53`
in the new branch, except `e09b2deb216910b26f1ade5882d3c3c07af30652` which
I fixed directly in the onion alias patch, and
`7d0d47db46531a32c88db85323cd771761b8bb5d`, which I dropped together with
the reverted one, Bug 30575: Don't allow enterprise policies in Tor
Browser.
Some comments regarding conflicts and other changes:
{{{
0c30acdef6e4d... libvpx provides already cpu_features
Picked, had missed it in previous rebases.
}}}
{{{
ba68c290d05d5... TB4: Tor Browser's Firefox preference overrides.
Removed `app.update.badge` as suggested in comment:33 (thanks!)
and added `network.dns.disabled = true`.
}}}
{{{
29415b682999a... Bug 19273: Avoid JavaScript patching of the external app
helper...
both modified: uriloader/exthandler/nsExternalHelperAppService.cpp
Main changes are due to nsIInterfaceRequestor* aWindowContext ->
BrowsingContext* aBrowsingContext.
For that, I turned GetDialogParent into a more generic
GetDialogParentAux
and used that in nsExternalLoadURIHandler to get aWindowContext from
mBrowsingContext to call `mWarningDialog->MaybeShow`.
Besides, I noticed that the code removed in
nsExternalHelperAppService::LoadURI
and added in nsExternalLoadURIHandler::ContinueRequest did not exactly
match.
I think the mismatch was introduced in the ESR60 rebase, and I do not
see any
reason for it mentioned in #25543. Might that be the cause of #28375?
I changed
the code to include the part that was omitted, which corresponds to
https://bugzilla.mozilla.org/show_bug.cgi?id=1408010.
}}}
{{{
bc35813b6cb9a... Bug 4234: Use the Firefox Update Process for Tor Browser.
both modified: browser/branding/official/pref/firefox-branding.js
both modified:
browser/components/customizableui/content/panelUI.inc.xhtml
Some modified elements were put inside a <html:template
id="appMenuNotificationTemplate">, which changed the indentation and
resulted
in a conflict.
both modified: toolkit/mozapps/update/UpdateService.jsm
throw Cr.* -> throw Components.Exception("", Cr.*
both modified: tools/update-packaging/common.sh
Uplifted https://bugzilla.mozilla.org/show_bug.cgi?id=1641329 caused
conflicts (now our patch is smaller, but I assume we still need it).
Also: moved here the firefox-branding.js changes, from
the branding patch, for official, nightly and alpha. Given that these
are
not branding related and are common for the three builds, perhaps we
could
move them to a single place?
}}}
{{{
bfdaa4c3a96ed... Bug 13379: Sign our MAR files.
Changed the checks for DEFINES['MAR_NSS'] to
CONFIG['TOR_BROWSER_UPDATE'],
that was breaking windows builds without TOR_BROWSER_UPDATE when I
tested in
#33791.
}}}
{{{
8e5eb26737bd6... Bug 16940: After update, load local change notes.
both modified: browser/components/about/AboutRedirector.cpp
}}}
{{{
c0bccfc4abbeb... Omnibox: Add DDG, Startpage, Disconnect, Youtube,
Twitter...
both modified: browser/components/search/extensions/list.json
deleted by us:
browser/components/search/extensions/twitter/manifest.json
Apparently, twitter search extension was removed in
https://bugzilla.mozilla.org/show_bug.cgi?id=1635523 [access denied :)
].
I re-added the twitter search addon.
}}}
{{{
b543b4845843b... Bug #5741: Prevent WebSocket DNS leak.
Dropping for now, uplifted in #33962. Added `network.dns.disabled =
true`
to the pref overrides.
}}}
{{{
fcd5a66b53e68... Bug 21907: Fix runtime error on CentOS 6
both modified: gfx/harfbuzz/src/hb-glib.cc
}}}
{{{
9e02b93065be8... Bug 16285: Exclude ClearKey system for now
Another commit I missed from 31918+2 -> 33533+5. I think
I must have mis-used git cherry-pick, perhaps thinking
that the range was inclusive, but it needs to start with
firstcommit~1. In any case, picked from 31918+2.
}}}
{{{
529c2680065e3... Bug 21321: Add test for .onion whitelisting
both modified:
dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
Uplifted, dropped patch.
}}}
{{{
85c9db6a4c74c... Bug 26353: Prevent speculative connect that violated FPI.
I missed this one when while switching from branch 31918+2 to 33533+5.
Picked from 31918+2.
}}}
{{{
efd51dca597c4... Bug 28369: Stop shipping pingsender executable
both modified: toolkit/components/telemetry/app/TelemetrySend.jsm
throw Cr.NS_ERROR_NOT_IMPLEMENTED ->
throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED)
}}}
{{{
5defe271e8919... Bug 23247: Communicating security expectations for .onion
both modified: browser/themes/shared/jar.inc.mn
both modified: dom/base/Document.cpp
Changed in https://bugzilla.mozilla.org/show_bug.cgi?id=1635365).
Moved to `dom/ipc/WindowGlobalChild.cpp`
deleted by us: security/manager/ssl/nsSecureBrowserUIImpl.cpp
Fission... Moved to security/manager/ssl/nsSecureBrowserUI.cpp in
https://bugzilla.mozilla.org/show_bug.cgi?id=1631405.
This is the file that probably changed most. I slightly changed the
logic with respect to the previous patch, before we were replacing
mState with STATE_IS_SECURE, now I'm unsetting STATE_IS_INSECURE and
setting the STATE_IS_SECURE flags (therefore preserving all other
possibly existing flags).
I needed to change setting `IsSecure` in WindowGlobalChild.cpp and
WindowGlobalActor.cpp.
Also: fixed missing `const hostName = this.windowInfo.hostName;` as mcs
noted.
Also: changed nsMixedContentBlocker.cpp to use parentIsOnion =
IsPotentiallyTrustworthyOnion(innerRequestingLocation); to address
GeKo's
comment in IRC (accept if host can't be retrieved).
}}}
{{{
49a05838bf2d9... Revert "Bug 1574980 - Fix issues with maintenance...
Dropped this commit, was uplifted in
https://bugzilla.mozilla.org/show_bug.cgi?id=1588549, and updated
windows
mozconf with `--disable-maintenance-service`.
}}}
{{{
7afc3f0f7a290... Bug 31575: Replace Firefox Home (newtab) with about:tor
both modified: browser/components/BrowserGlue.jsm
}}}
{{{
a7711addef65e... Bug 27511: Add new identity button to toolbar
both modified: browser/themes/shared/jar.inc.mn
}}}
{{{
578fa25e92924... Bug 31740: Remove some unnecessary RemoteSettings
instances
both modified: netwerk/url-classifier/components.conf
Note: There's a new usage of skip-list-service, but it checks whether it
exists or
not, so it should be fine to still remove the component.
}}}
{{{
ef28e10dbeba3... Bug 30237: Add v3 onion services client authentication
prompt
I had to change
`this._browser.messageManager.sendAsyncMessage("Browser:Reload", {});`
to
`this._browser.sendMessageToActor("Browser:Reload", {}, "BrowserTab");`.
}}}
{{{
aed69dc953874... squash! Bug 30237: Add v3 onion services client auth...
deleted by us: browser/components/preferences/in-
content/preferences.xul
deleted by us: browser/components/preferences/in-content/privacy.js
deleted by us: browser/components/preferences/in-content/privacy.xul
The xul -> xhtml renames and privacy.js location change.
Also changed `oncommand` from
browser/components/onionservices/content/authPreferences.inc.xul
to addEventListener (about:preferences CSP).
}}}
{{{
03101bba2cf4a... fixup! Bug 23247: Communicating security expectations for
.onion
both modified: browser/base/content/browser-siteIdentity.js
both modified: browser/themes/shared/identity-block/identity-
block.inc.css
both modified: browser/themes/shared/jar.inc.mn
}}}
{{{
7306a08365be9... Bug 28005: Implement .onion alias urlbar rewrites
In order to not block the rebase too much, I decided to drop the
"allowOnionUrlbarRewrites" changes (for now). That means that for
example,
if a user goes directly to a .onion for which we have a rule, the url
will now be rewritten. Given that this simplifies the patch quite a bit,
it might be worth considering whether this behaviour is acceptable UX-
wise
(sysrqb?, antonela?).
If we decide it is not, I will bring back the old behaviour, with all
the
`allowOnionUrlbarRewrites` logic.
both modified: browser/actors/ClickHandlerParent.jsm
both modified: browser/actors/ContextMenuChild.jsm
both modified: browser/base/content/browser.js
URLBarSetURI moved to URLBarInput.jsm:
https://bugzilla.mozilla.org/show_bug.cgi?id=1610475
So, URLBarSetURI -> gURLBar.setURI and move the changes in
URLBarSetURI to URLBarInput.jsm.
both modified: browser/base/content/tabbrowser.js
both modified: browser/components/BrowserGlue.jsm
both modified: docshell/base/nsDocShell.cpp
both modified: docshell/base/nsDocShell.h
both modified: docshell/base/nsIDocShell.idl
both modified: docshell/base/nsIWebNavigation.idl
both modified: docshell/shistory/nsSHEntry.cpp
deleted by us: modules/libpref/init/StaticPrefList.h
Removed browser.urlbar.onionRewrites.enabled from StaticPrefs and
changed it into browser.urlbar.onionRewrites.disabled. Now checking it
in
browser.js
both modified:
toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
both modified: toolkit/content/widgets/browser-custom-element.js
both modified: toolkit/modules/RemoteWebProgress.jsm
deleted by us: toolkit/modules/WebProgressChild.jsm
}}}
{{{
e3b4a8bf4a19c... squash! Bug 30237: Add v3 onion services client auth...
both modified: browser/actors/NetErrorChild.jsm
It seems the UI code moved to aboutNetError.js, without XPCOM APIs. I
added a RPMGetTorStrings to be able to port the code there. Since
it's an object being passed, we need to do
`Cu.cloneInto(result, this.contentWindow)`, see
https://searchfox.org/mozilla-
beta/rev/b6fff7b865952bf31cd86e59d4df550b9d1c4dc1/browser/actors/AboutNewInstallChild.jsm#34
I also renamed onionNetError.jsm -> onionNetError.js.
Another issue was that there are several async functions in
aboutNetError.js initPage(), such as `setErrorPageStrings`. This one
in
particular ends up replacing the title with the default "Oops" after
it's set in onionNetError.js. So now I check if it's an onion error
there, and avoid calling `setErrorPageStrings` if so.
both modified: docshell/base/nsDocShell.cpp
both modified: dom/ipc/BrowserParent.cpp
}}}
{{{
da5513527e50e... Bug 21952: Implement Onion-Location
both modified: browser/base/content/browser.js
deleted by us: browser/base/content/browser.xul
xul -> xhtml
both modified: browser/components/BrowserGlue.jsm
both modified: browser/components/onionservices/jar.mn
both modified: browser/components/onionservices/moz.build
both modified: dom/base/Document.cpp
deleted by us: modules/libpref/init/StaticPrefList.h
Due to Fission, it seems most Actors were converted to
JSWindowActors (see
https://bugzilla.mozilla.org/show_bug.cgi?id=1591469).
For now, we should still be able to use
LEGACY_ACTORS in BrowserGlue.jsm, and keep the current code.
https://hg.mozilla.org/mozilla-central/rev/217394da44ac
}}}
{{{
dcae22191c42b... fixup! Bug 23247: Communicating security expectations for
.onion
both modified: dom/security/nsMixedContentBlocker.cpp
}}}
{{{
052d8a452a92a... fixup! Bug 34196: Update site info URL with the onion
name
both modified: browser/base/content/pageinfo/pageInfo.js
deleted by us: browser/base/content/pageinfo/pageInfo.xul
xul -> xhtml, and adapted markup (tr + th + td being used now).
both modified: browser/base/content/pageinfo/security.js
}}}
{{{
e892c4b9649c2... squash! TB4: Tor Browser's Firefox preference overrides.
(Bug 29120: Use the in-memory media cache and increase its maximum
size.)
Picked this one from #33856.
}}}
{{{
3c07adade5bea... fixup! Bug 13252: Do not store data in the app bundle
Picked fixup from :comment29.
}}}
I also addressed the comments from
https://trac.torproject.org/projects/tor/ticket/31918#comment:28 and
https://trac.torproject.org/projects/tor/ticket/31918#comment:29
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33533#comment:37>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list