[tor-commits] [torbutton/master] Bug 9387: Version 0.8 of the Security Slider
gk at torproject.org
gk at torproject.org
Fri Mar 20 08:24:04 UTC 2015
commit 35970c68d6af10fdec19189aae64d76e048acc4e
Author: Georg Koppen <gk at torproject.org>
Date: Fri Mar 20 08:13:41 2015 +0000
Bug 9387: Version 0.8 of the Security Slider
This is the first version of the slider that contains explanatory
strings to make it more clear to the user what is changed and why.
Special thanks to Mike Perry for helping out getting this part of the
UI in good shape.
---
src/chrome/content/preferences.js | 48 ++++++++
src/chrome/content/preferences.xul | 172 ++++++++++++++++++++++++++--
src/chrome/content/torbutton.js | 185 ++++++++-----------------------
src/chrome/locale/en/torbutton.dtd | 27 +++++
src/chrome/skin/preferences.css | 7 ++
src/defaults/preferences/preferences.js | 2 +-
6 files changed, 292 insertions(+), 149 deletions(-)
diff --git a/src/chrome/content/preferences.js b/src/chrome/content/preferences.js
index eaaa059..be77793 100644
--- a/src/chrome/content/preferences.js
+++ b/src/chrome/content/preferences.js
@@ -192,13 +192,18 @@ function torbutton_prefs_init(doc) {
sec_slider.value = o_torprefs.getIntPref('security_slider');
sec_custom.checked = custom_values;
sec_custom.disabled = !custom_values;
+ torbutton_set_slider_text(doc, sec_custom.checked);
// If the custom checkbox is checked and the user is done with dragging
// uncheck the checkbox to allow setting the (newly) chosen security level.
sec_slider.dragStateChanged = function(isDragging) {
if (!isDragging && sec_custom.checked) {
sec_custom.checked = false;
+ sec_custom.disabled = true;
}
}
+ sec_slider.valueChanged = function(which, newValue, userChanged) {
+ torbutton_set_slider_text(doc, false);
+ }
torbutton_prefs_set_field_attributes(doc);
}
@@ -473,6 +478,49 @@ function torbutton_toggle_slider(doc, pos) {
if (sec_custom.checked) {
sec_custom.checked = false;
}
+ torbutton_set_slider_text(doc, false);
+}
+
+function torbutton_set_slider_text(doc, custom) {
+ let level = doc.getElementById("torbutton_sec_slider").value;
+ if (custom) {
+ level = 5;
+ }
+ switch (level) {
+ case (1):
+ doc.getElementById("desc_low").collapsed = true;
+ doc.getElementById("desc_medium_low").collapsed = true;
+ doc.getElementById("desc_medium_high").collapsed = true;
+ doc.getElementById("desc_high").collapsed = false;
+ break;
+ case (2):
+ doc.getElementById("desc_low").collapsed = true;
+ doc.getElementById("desc_medium_low").collapsed = true;
+ doc.getElementById("desc_medium_high").collapsed = false;
+ doc.getElementById("desc_high").collapsed = true;
+ break;
+ case (3):
+ doc.getElementById("desc_low").collapsed = true;
+ doc.getElementById("desc_medium_low").collapsed = false;
+ doc.getElementById("desc_medium_high").collapsed = true;
+ doc.getElementById("desc_high").collapsed = true;
+ break;
+ case (4):
+ doc.getElementById("desc_low").collapsed = false;
+ doc.getElementById("desc_medium_low").collapsed = true;
+ doc.getElementById("desc_medium_high").collapsed = true;
+ doc.getElementById("desc_high").collapsed = true;
+ break;
+ case (5):
+ doc.getElementById("desc_low").collapsed = true;
+ doc.getElementById("desc_medium_low").collapsed = true;
+ doc.getElementById("desc_medium_high").collapsed = true;
+ doc.getElementById("desc_high").collapsed = true;
+ break;
+ }
+ // It can happen that the descriptions of the slider settings consume more
+ // space than originally allocated. Adapt the dialog size accordingly.
+ sizeToContent();
}
function torbutton_prefs_check_disk() {
diff --git a/src/chrome/content/preferences.xul b/src/chrome/content/preferences.xul
index 0a90f0f..d25fba4 100644
--- a/src/chrome/content/preferences.xul
+++ b/src/chrome/content/preferences.xul
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet href="chrome://global/skin/" type="text/css"?>
+<?xml-stylesheet href="chrome://torbutton/skin/preferences.css" type="text/css"?>
<!DOCTYPE overlay SYSTEM "chrome://torbutton/locale/torbutton.dtd">
@@ -156,36 +157,144 @@
<groupbox>
<caption label="&torbutton.prefs.sec_caption;"/>
<hbox>
- <vbox>
- <scale id="torbutton_sec_slider" height="200" min="1" max="4"
+ <vbox height="200">
+ <scale id="torbutton_sec_slider" flex="1" min="1" max="4"
movetoclick="true" orient="vertical"/>
</vbox>
<vbox height="200">
- <hbox flex="1" align="center">
- <description id="torbutton_sec_low"
+ <hbox flex="1" align="start">
+ <description id="torbutton_sec_high"
+ tooltip="high_preview"
onclick="torbutton_toggle_slider(document, 1);">
- &torbutton.prefs.sec_low;
+ &torbutton.prefs.sec_high;
</description>
</hbox>
<hbox flex="1" align="center">
- <description id="torbutton_sec_med_low"
+ <description id="torbutton_sec_med_high"
+ tooltip="mh_preview"
onclick="torbutton_toggle_slider(document, 2);">
- &torbutton.prefs.sec_med_low;
+ &torbutton.prefs.sec_med_high;
</description>
</hbox>
<hbox flex="1" align="center">
- <description id="torbutton_sec_med_high"
+ <description id="torbutton_sec_med_low"
+ tooltip="ml_preview"
onclick="torbutton_toggle_slider(document, 3);">
- &torbutton.prefs.sec_med_high;
+ &torbutton.prefs.sec_med_low;
</description>
</hbox>
- <hbox flex="1" align="center">
- <description id="torbutton_sec_high"
+ <hbox flex="1" align="end">
+ <description id="torbutton_sec_low"
+ tooltip="low_preview"
onclick="torbutton_toggle_slider(document, 4);">
- &torbutton.prefs.sec_high;
+ &torbutton.prefs.sec_low;
</description>
</hbox>
</vbox>
+ <spacer flex="1"/>
+ <!-- A width of 400 is already too much for OS X it seems. The above
+ spacer tag would basically be useless and the layout ugly. -->
+ <vbox flex="1" width="300">
+ <vbox id="desc_high" collapsed="true">
+ <description
+ class="slider-text-size, slider-text-weight">
+ &torbutton.prefs.sec_gen_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_html5_tooltip;">
+ &torbutton.prefs.sec_html5_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip; &torbutton.prefs.sec_baseline_jit_desc_tooltip;">
+ &torbutton.prefs.sec_all_jit_desc; &torbutton.prefs.sec_jit_slower_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jar_tooltip;">
+ &torbutton.prefs.sec_jar_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;">
+ &torbutton.prefs.sec_mathml_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_font_rend_svg_tooltip; &torbutton.prefs.sec_font_rend_graphite_tooltip;">
+ &torbutton.prefs.sec_font_rend_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_js_desc_tooltip;">
+ &torbutton.prefs.sec_all_js_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_svg_desc_tooltip;">
+ &torbutton.prefs.sec_svg_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_webfonts_desc_tooltip;">
+ &torbutton.prefs.sec_webfonts_desc;
+ </description>
+ </vbox>
+ <vbox id="desc_medium_high" collapsed="true">
+ <description
+ class="slider-text-size, slider-text-weight">
+ &torbutton.prefs.sec_gen_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_html5_tooltip;">
+ &torbutton.prefs.sec_html5_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip; &torbutton.prefs.sec_baseline_jit_desc_tooltip;">
+ &torbutton.prefs.sec_all_jit_desc; &torbutton.prefs.sec_jit_slower_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jar_tooltip;">
+ &torbutton.prefs.sec_jar_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;">
+ &torbutton.prefs.sec_mathml_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_font_rend_svg_tooltip; &torbutton.prefs.sec_font_rend_graphite_tooltip;">
+ &torbutton.prefs.sec_font_rend_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_js_desc_tooltip;">
+ &torbutton.prefs.sec_js_https_desc;
+ </description>
+ </vbox>
+ <vbox id="desc_medium_low" collapsed="true">
+ <description
+ class="slider-text-size, slider-text-weight">
+ &torbutton.prefs.sec_gen_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_html5_tooltip;">
+ &torbutton.prefs.sec_html5_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jit_desc_tooltip;">
+ &torbutton.prefs.sec_some_jit_desc; &torbutton.prefs.sec_jit_slower_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_jar_tooltip;">
+ &torbutton.prefs.sec_jar_desc;
+ </description>
+ <description class="slider-text-size"
+ tooltiptext="&torbutton.prefs.sec_mathml_desc_tooltip;">
+ &torbutton.prefs.sec_mathml_desc;
+ </description>
+ </vbox>
+ <vbox id="desc_low" collapsed="false">
+ <description
+ class="slider-text-size, slider-text-weight">
+ &torbutton.prefs.sec_low_desc;
+ </description>
+ <description class="slider-text-size">
+ &torbutton.prefs.sec_low_usable_desc;
+ </description>
+ </vbox>
+ </vbox>
</hbox>
<hbox>
<checkbox id="torbutton_sec_custom" flex="1"
@@ -198,4 +307,43 @@
</tabpanels>
</tabbox>
+ <tooltip id="high_preview">
+ <html:b>&torbutton.prefs.sec_gen_desc;</html:b>
+ <html:br></html:br>
+ <html:br></html:br>
+ <html:div>&torbutton.prefs.sec_html5_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_jar_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_mathml_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_font_rend_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_all_js_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_svg_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_webfonts_desc;</html:div>
+ </tooltip>
+ <tooltip id="mh_preview">
+ <html:b>&torbutton.prefs.sec_gen_desc;</html:b>
+ <html:br></html:br>
+ <html:br></html:br>
+ <html:div>&torbutton.prefs.sec_html5_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_jar_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_mathml_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_font_rend_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_js_https_desc;</html:div>
+ </tooltip>
+ <tooltip id="ml_preview">
+ <html:b>&torbutton.prefs.sec_gen_desc;</html:b>
+ <html:br></html:br>
+ <html:br></html:br>
+ <html:div>&torbutton.prefs.sec_html5_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_some_jit_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_jar_desc;</html:div>
+ <html:div>&torbutton.prefs.sec_mathml_desc;</html:div>
+ </tooltip>
+ <tooltip id="low_preview">
+ <html:b>&torbutton.prefs.sec_low_desc;</html:b>
+ <html:br></html:br>
+ <html:br></html:br>
+ <html:div>&torbutton.prefs.sec_low_usable_desc;</html:div>
+ </tooltip>
</dialog>
diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js
index f7e99a0..d3afef8 100644
--- a/src/chrome/content/torbutton.js
+++ b/src/chrome/content/torbutton.js
@@ -235,15 +235,12 @@ var torbutton_unique_pref_observer =
case "noscript.forbidMedia":
case "media.webaudio.enabled":
case "network.jar.block-remote-files":
+ case "mathml.disabled":
case "javascript.options.baselinejit.content":
case "noscript.forbidFonts":
case "gfx.font_rendering.graphite.enabled":
case "noscript.globalHttpsWhitelist":
case "noscript.global":
- case "media.ogg.enabled":
- case "media.opus.enabled":
- case "media.wave.enabled":
- case "media.apple.mp3.enabled":
// |m_tb_slider_update| is only set if the user updated a
// preference under control of the security slider via the
// slider on the Torbutton dialog. This in turn means we can
@@ -2197,10 +2194,6 @@ function torbutton_update_thirdparty_prefs() {
prefService.savePrefFile(null);
}
-var torbutton_sec_l_bool_prefs = {
- "gfx.font_rendering.opentype_svg.enabled" : false,
-};
-
var torbutton_sec_ml_bool_prefs = {
"javascript.options.ion.content" : false,
"javascript.options.typeinference" : false,
@@ -2208,23 +2201,21 @@ var torbutton_sec_ml_bool_prefs = {
"noscript.forbidMedia" : true,
"media.webaudio.enabled" : false,
"network.jar.block-remote-files" : true,
- // XXX: pref for disabling MathML is missing
+ "mathml.disabled" : true
};
var torbutton_sec_mh_bool_prefs = {
"javascript.options.baselinejit.content" : false,
+ "gfx.font_rendering.graphite.enabled" : false,
+ "gfx.font_rendering.opentype_svg.enabled" : false,
"noscript.global" : false,
- "noscript.globalHttpsWhitelist" : true,
- // XXX: pref for disableing SVG is missing
+ "noscript.globalHttpsWhitelist" : true
};
var torbutton_sec_h_bool_prefs = {
"noscript.forbidFonts" : true,
"noscript.global" : false,
- "media.ogg.enabled" : false,
- "media.opus.enabled" : false,
- "media.wave.enabled" : false,
- "media.apple.mp3.enabled" : false
+ // XXX: pref for disabling SVG is missing
};
function torbutton_update_security_slider() {
@@ -2233,18 +2224,20 @@ function torbutton_update_security_slider() {
let mode = m_tb_prefs.getIntPref("extensions.torbutton.security_slider");
let capValue = m_tb_prefs.getCharPref("capability.policy.maonoscript.sites");
switch (mode) {
- case 1:
- for (p in torbutton_sec_l_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]);
- }
+ case 1:
for (p in torbutton_sec_ml_bool_prefs) {
- m_tb_prefs.setBoolPref(p, !torbutton_sec_ml_bool_prefs[p])
+ m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p])
}
for (p in torbutton_sec_mh_bool_prefs) {
- m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p])
+ m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p])
+ // noscript.globalHttpsWhitelist is special: We don't want it in this
+ // mode.
+ if (p === "noscript.globalHttpsWhitelist") {
+ m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p])
+ }
}
for (p in torbutton_sec_h_bool_prefs) {
- m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p])
+ m_tb_prefs.setBoolPref(p, torbutton_sec_h_bool_prefs[p])
}
// Removing "https:" is needed due to a bug in older Noscript versions.
// We leave that in for a while as there may be users that were affected
@@ -2254,18 +2247,22 @@ function torbutton_update_security_slider() {
m_tb_prefs.setCharPref("capability.policy.maonoscript.sites",
capValue.replace(" https:", ""));
}
- if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") {
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false);
- } else {
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true);
- }
break;
case 2:
- for (p in torbutton_sec_l_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]);
+ for (p in torbutton_sec_ml_bool_prefs) {
+ m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p])
+ }
+ // Order matters here as both the high mode and the medium-high mode
+ // share some preferences/values. So, let's revert the high mode
+ // preferences first and set the medium-high mode ones afterwards.
+ for (p in torbutton_sec_h_bool_prefs) {
+ m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p])
+ }
+ for (p in torbutton_sec_mh_bool_prefs) {
+ m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p])
}
+ break;
+ case 3:
for (p in torbutton_sec_ml_bool_prefs) {
m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p])
}
@@ -2283,49 +2280,16 @@ function torbutton_update_security_slider() {
m_tb_prefs.setCharPref("capability.policy.maonoscript.sites",
capValue.replace(" https:", ""));
}
- if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") {
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false);
- } else {
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true);
- }
- break;
- case 3:
- for (p in torbutton_sec_l_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]);
- }
- for (p in torbutton_sec_ml_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p])
- }
- // Order matters here as both the high mode and the medium-high mode
- // share some preferences/values. So, let's revert the high mode
- // preferences first and set the medium-high mode ones afterwards.
- for (p in torbutton_sec_h_bool_prefs) {
- m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p])
- }
- for (p in torbutton_sec_mh_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p])
- }
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", false);
break;
case 4:
- for (p in torbutton_sec_l_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_l_bool_prefs[p]);
- }
for (p in torbutton_sec_ml_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_ml_bool_prefs[p])
+ m_tb_prefs.setBoolPref(p, !torbutton_sec_ml_bool_prefs[p])
}
for (p in torbutton_sec_mh_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_mh_bool_prefs[p])
- // noscript.globalHttpsWhitelist is special: We don't want it in this
- // mode.
- if (p === "noscript.globalHttpsWhitelist") {
- m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p])
- }
+ m_tb_prefs.setBoolPref(p, !torbutton_sec_mh_bool_prefs[p])
}
for (p in torbutton_sec_h_bool_prefs) {
- m_tb_prefs.setBoolPref(p, torbutton_sec_h_bool_prefs[p])
+ m_tb_prefs.setBoolPref(p, !torbutton_sec_h_bool_prefs[p])
}
// Removing "https:" is needed due to a bug in older Noscript versions.
// We leave that in for a while as there may be users that were affected
@@ -2335,7 +2299,6 @@ function torbutton_update_security_slider() {
m_tb_prefs.setCharPref("capability.policy.maonoscript.sites",
capValue.replace(" https:", ""));
}
- m_tb_prefs.setBoolPref("gfx.font_rendering.graphite.enabled", true);
break;
}
m_tb_sliderUpdate = false;
@@ -2348,35 +2311,23 @@ function torbutton_security_slider_custom_check(mode) {
let capValue = m_tb_prefs.getCharPref("capability.policy.maonoscript.sites");
switch (mode) {
case 1:
- for (p in torbutton_sec_l_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) {
- return;
- }
- }
for (p in torbutton_sec_ml_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) === torbutton_sec_ml_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_mh_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) {
+ // We don't want to have the whitelist in high mode. JavaScript is
+ // disabled globally.
+ if (p === "noscript.globalHttpsWhitelist") {
+ continue;
+ }
return;
}
}
for (p in torbutton_sec_h_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) {
- return;
- }
- }
- if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") {
-
- if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
- return;
- }
- } else {
- if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
+ if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_h_bool_prefs[p]) {
return;
}
}
@@ -2385,35 +2336,23 @@ function torbutton_security_slider_custom_check(mode) {
m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false);
break;
case 2:
- for (p in torbutton_sec_l_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) {
- return;
- }
- }
for (p in torbutton_sec_ml_bool_prefs) {
if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_mh_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_h_bool_prefs) {
if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) {
- return;
- }
- }
- if (m_tb_prefs.getCharPref("general.useragent.locale") !== "ko" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "vi" ||
- m_tb_prefs.getCharPref("general.useragent.locale") !== "zh-CN") {
-
- if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
- return;
- }
- } else {
- if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
+ // We have the whitelist and JavaScript is disabled in medium-high
+ // mode as well.
+ if (p === "noscript.global") {
+ continue;
+ }
return;
}
}
@@ -2422,67 +2361,41 @@ function torbutton_security_slider_custom_check(mode) {
m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false);
break;
case 3:
- for (p in torbutton_sec_l_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) {
- return;
- }
- }
for (p in torbutton_sec_ml_bool_prefs) {
if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_mh_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_h_bool_prefs) {
if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) {
- // We have the whitelist and JavaScript is disabled in medium-high
- // mode as well.
- if (p === "noscript.global") {
- continue;
- }
return;
}
}
- if (m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
- return;
- }
// We are still here which means all preferences are properly reset. Leave
// custom mode.
m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false);
break;
case 4:
- for (p in torbutton_sec_l_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_l_bool_prefs[p]) {
- return;
- }
- }
for (p in torbutton_sec_ml_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_ml_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) === torbutton_sec_ml_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_mh_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_mh_bool_prefs[p]) {
- // We don't want to have the whitelist in high mode. JavaScript is
- // disabled globally.
- if (p === "noscript.globalHttpsWhitelist") {
- continue;
- }
+ if (m_tb_prefs.getBoolPref(p) === torbutton_sec_mh_bool_prefs[p]) {
return;
}
}
for (p in torbutton_sec_h_bool_prefs) {
- if (m_tb_prefs.getBoolPref(p) !== torbutton_sec_h_bool_prefs[p]) {
+ if (m_tb_prefs.getBoolPref(p) === torbutton_sec_h_bool_prefs[p]) {
return;
}
}
- if (!m_tb_prefs.getBoolPref("gfx.font_rendering.graphite.enabled")) {
- return;
- }
// We are still here which means all preferences are properly reset. Leave
// custom mode.
m_tb_prefs.setBoolPref("extensions.torbutton.security_custom", false);
diff --git a/src/chrome/locale/en/torbutton.dtd b/src/chrome/locale/en/torbutton.dtd
index 15ae1e6..4a7bf7e 100644
--- a/src/chrome/locale/en/torbutton.dtd
+++ b/src/chrome/locale/en/torbutton.dtd
@@ -153,8 +153,35 @@
<!ENTITY torbutton.prefs.resist_fingerprinting "Change details that distinguish you from other Tor Browser users">
<!ENTITY torbutton.prefs.sec_caption "Security Level">
<!ENTITY torbutton.prefs.sec_low "Low (default)">
+<!ENTITY torbutton.prefs.sec_low_usable_desc "This provides the most usable experience.">
+<!ENTITY torbutton.prefs.sec_low_desc "At this security level, all browser features are enabled.">
+<!ENTITY torbutton.prefs.sec_font_rend_svg_tooltip "The SVG OpenType font rendering mechanism is disabled.">
<!ENTITY torbutton.prefs.sec_med_low "Medium-Low">
+<!ENTITY torbutton.prefs.sec_gen_desc "At this security level, the following changes apply (mouseover for details):">
+<!ENTITY torbutton.prefs.sec_html5_desc "HTML5 video and audio media become click-to-play via NoScript.">
+<!ENTITY torbutton.prefs.sec_html5_tooltip "On some sites, you might need to use the NoScript toolbar button to enable these media objects.">
+<!ENTITY torbutton.prefs.sec_some_jit_desc "Some JavaScript performance optimizations are disabled.">
+<!ENTITY torbutton.prefs.sec_jit_desc_tooltip "ION JIT, Type Inference, ASM.JS.">
+<!ENTITY torbutton.prefs.sec_baseline_jit_desc_tooltip "Baseline JIT.">
+<!ENTITY torbutton.prefs.sec_jit_slower_desc "Scripts on some sites may run slower.">
+<!ENTITY torbutton.prefs.sec_jar_desc "Remote JAR files are blocked.">
+<!ENTITY torbutton.prefs.sec_jar_tooltip "JAR files are extremely rare on the web, but can be a source of XSS and other attacks.">
+<!ENTITY torbutton.prefs.sec_mathml_desc "Some mechanisms of displaying math equations are disabled.">
+<!ENTITY torbutton.prefs.sec_mathml_desc_tooltip "MathML is disabled.">
<!ENTITY torbutton.prefs.sec_med_high "Medium-High">
+<!ENTITY torbutton.prefs.sec_all_jit_desc "All JavaScript performance optimizations are disabled.">
+<!ENTITY torbutton.prefs.sec_font_rend_desc "Some font rendering features are disabled.">
+<!ENTITY torbutton.prefs.sec_font_rend_graphite_tooltip "The Graphite font rendering mechanism is disabled.">
+<!ENTITY torbutton.prefs.sec_svg_desc "Some types of images are disabled.">
+<!ENTITY torbutton.prefs.sec_svg_desc_tooltip "SVG images are disabled.">
+<!ENTITY torbutton.prefs.sec_js_https_desc "JavaScript is disabled by default on all non-HTTPS sites.">
+<!ENTITY torbutton.prefs.sec_js_desc_tooltip "JavaScript can be enabled on a per-site basis via the NoScript toolbar button.">
<!ENTITY torbutton.prefs.sec_high "High">
+<!ENTITY torbutton.prefs.sec_all_js_desc "JavaScript is disabled by default on all sites.">
+<!ENTITY torbutton.prefs.sec_audio_video_desc "Most audio and video formats are disabled.">
+<!ENTITY torbutton.prefs.sec_audio_video_desc_tooltip "WebM is the only codec that remains enabled.">
+<!ENTITY torbutton.prefs.sec_webfonts_desc "Some fonts and icons may display incorrectly.">
+<!ENTITY torbutton.prefs.sec_webfonts_desc_tooltip "Website-provided font files are blocked.">
<!ENTITY torbutton.prefs.sec_custom "Custom Values">
<!ENTITY torbutton.circuit_display.title "Tor circuit for this site">
+
diff --git a/src/chrome/skin/preferences.css b/src/chrome/skin/preferences.css
new file mode 100644
index 0000000..013b367
--- /dev/null
+++ b/src/chrome/skin/preferences.css
@@ -0,0 +1,7 @@
+.slider-text-weight {
+ font-weight: bold;
+}
+
+.slider-text-size {
+ font-size: 95%;
+}
diff --git a/src/defaults/preferences/preferences.js b/src/defaults/preferences/preferences.js
index fb1a702..677447b 100644
--- a/src/defaults/preferences/preferences.js
+++ b/src/defaults/preferences/preferences.js
@@ -176,7 +176,7 @@ pref("extensions.torbutton.block_disk", true);
pref("extensions.torbutton.resist_fingerprinting", true);
pref("extensions.torbutton.restrict_thirdparty", true);
// Security Slider
-pref("extensions.torbutton.security_slider", 1);
+pref("extensions.torbutton.security_slider", 4);
pref("extensions.torbutton.security_custom", false);
// Google Captcha prefs
More information about the tor-commits
mailing list