[or-cvs] r13613: Set network.security.ports.banned to block access to Tor por (torbutton/trunk/src/chrome/content)
mikeperry at seul.org
mikeperry at seul.org
Wed Feb 20 08:30:37 UTC 2008
Author: mikeperry
Date: 2008-02-20 03:30:37 -0500 (Wed, 20 Feb 2008)
New Revision: 13613
Modified:
torbutton/trunk/src/chrome/content/jshooks.js
torbutton/trunk/src/chrome/content/torbutton.js
Log:
Set network.security.ports.banned to block access to Tor
ports. Probably should have done this a long time ago ;)
Also, unset some prefs that weren't getting unset during
uninstall.
Modified: torbutton/trunk/src/chrome/content/jshooks.js
===================================================================
--- torbutton/trunk/src/chrome/content/jshooks.js 2008-02-20 08:25:07 UTC (rev 13612)
+++ torbutton/trunk/src/chrome/content/jshooks.js 2008-02-20 08:30:37 UTC (rev 13613)
@@ -51,6 +51,9 @@
scr.__defineGetter__("availLeft", function() { return 0;});
window.__defineGetter__("screen", function() { return scr; });
+ with(window) {
+ screen = scr;
+ }
}
/* Timezone fix for http://gemal.dk/browserspy/css.html */
@@ -97,7 +100,7 @@
var hmine = new Object();
var ran = 0;
window.__defineGetter__("history", function() { return hmine; });
- window.history.__defineGetter__("length", function() { return htmp.length; });
+ window.history.__defineGetter__("length", function() { return 0; });
var f = function() {
if(!ran) {
ran = 1;
@@ -107,6 +110,10 @@
window.history.back = f;
window.history.forward = f;
window.history.go = f;
+ // Needed for Firefox bug XXX:
+ with(window) {
+ history = htmp;
+ }
}
var tmp = window.Date;
Modified: torbutton/trunk/src/chrome/content/torbutton.js
===================================================================
--- torbutton/trunk/src/chrome/content/torbutton.js 2008-02-20 08:25:07 UTC (rev 13612)
+++ torbutton/trunk/src/chrome/content/torbutton.js 2008-02-20 08:30:37 UTC (rev 13613)
@@ -616,11 +616,16 @@
m_tb_prefs.clearUserPref(children[i]);
}
}
+
// Always block disk cache during Tor. We clear it on toggle,
// so no need to keep it around for someone to rifle through.
m_tb_prefs.setBoolPref("browser.cache.disk.enable", !mode);
+ // Disable safebrowsing in Tor. It fetches some info in cleartext
+ m_tb_prefs.setBoolPref("browser.safebrowsing.enabled", !mode);
+
+
// I think this pref is evil (and also hidden from user configuration,
// which makes it extra evil) and so therefore am disabling it
// by fiat for both tor and non-tor. Basically, I'm not willing
@@ -630,10 +635,11 @@
// Always, always disable remote "safe browsing" lookups.
m_tb_prefs.setBoolPref("browser.safebrowsing.remoteLookups", false);
+
+ // Prevent pages from pinging the Tor ports regardless tor mode
+ m_tb_prefs.setCharPref("network.security.ports.banned",
+ m_tb_prefs.getCharPref("extensions.torbutton.banned_ports"));
- // Disable safebrowsing in Tor. It fetches some info in cleartext
- m_tb_prefs.setBoolPref("browser.safebrowsing.enabled", !mode);
-
if (torprefs.getBoolPref("no_search")) {
m_tb_prefs.setBoolPref("browser.search.suggest.enabled", !mode);
}
@@ -1063,6 +1069,16 @@
torbutton_disable_tor();
// Still called by pref observer:
// torbutton_update_status(false, false);
+
+ // Clear out prefs set regardless of Tor state
+ if(m_tb_prefs.prefHasUserValue("browser.send_pings"))
+ m_tb_prefs.clearUserPref("browser.send_pings");
+
+ if(m_tb_prefs.prefHasUserValue("browser.safebrowsing.remoteLookups"))
+ m_tb_prefs.clearUserPref("browser.safebrowsing.remoteLookups");
+
+ if(m_tb_prefs.prefHasUserValue("network.security.ports.banned"))
+ m_tb_prefs.clearUserPref("extensions.torbutton.banned_ports");
}
if((m_tb_prefs.getIntPref("extensions.torbutton.shutdown_method") == 1 &&
@@ -1456,6 +1472,10 @@
return;
}
+// XXX: Tons of exceptions get thrown from this function on account
+// of its being called so early. Need to find a quick way to check if
+// aProgress and aRequest are actually fully initialized
+// (without throwing exceptions)
function torbutton_check_progress(aProgress, aRequest) {
if (!m_tb_wasinited) {
torbutton_init();
More information about the tor-commits
mailing list