[tor-commits] [torbutton/master] Bug 40082: Let JavaScript on safest setting handled by NoScript again

gk at torproject.org gk at torproject.org
Fri Aug 21 10:50:11 UTC 2020 

commit 8ed0f04ce76f0ed311975082c739823ecbbbaf80
Author: Georg Koppen <gk at torproject.org>
Date:   Thu Aug 20 18:10:34 2020 +0000

    Bug 40082: Let JavaScript on safest setting handled by NoScript again
---
 modules/security-prefs.js | 28 ++++++++--------------------
 1 file changed, 8 insertions(+), 20 deletions(-)

diff --git a/modules/security-prefs.js b/modules/security-prefs.js
index c0128eea..d02e0d94 100644
--- a/modules/security-prefs.js
+++ b/modules/security-prefs.js
@@ -4,11 +4,6 @@
 
 let { getBoolPref, setBoolPref, getIntPref, setIntPref, clearUserPref } =
     ChromeUtils.import("resource://gre/modules/Services.jsm", {}).Services.prefs;
-
-// Used for detecting the current system architecture
-let { XPCOMABI } =
-    Cu.import("resource://gre/modules/Services.jsm", {}).Services.appinfo;
-
 let { bindPref, bindPrefAndInit } =
     ChromeUtils.import("resource://torbutton/modules/utils.js", {});
 let logger = Cc["@torproject.org/torbutton-logger;1"]
@@ -34,7 +29,6 @@ const kSecuritySettings = {
   "svg.disabled" :                            [,  true,  false, false, false],
   "javascript.options.asmjs" :                [,  false, false, false, true ],
   "javascript.options.wasm" :                 [,  false, false, false, true ],
-  "javascript.enabled" :                      [,  false, true,  true,  true ],
 };
 
 // The Security Settings prefs in question.
@@ -137,22 +131,16 @@ var initialize = function () {
     write_setting_to_prefs(2);
   }
 
-  // Revert #31616 and #31140 fixes
-  if (getIntPref(kSliderMigration, 0) < 1) {
-    // If the security settings level and the prefs that we did not change
-    // have the default value, reset to default security level.
-    const prefNames = [
-      "mathml.disabled",
-      "gfx.font_rendering.opentype_svg.enabled",
-      "svg.disabled"
-    ];
-    if (getBoolPref(kCustomPref) && XPCOMABI.split("-")[0] == "aarch64" &&
-        getIntPref(kSliderPref) === 4 &&
-        read_setting_from_prefs(prefNames) === 4) {
-      setBoolPref(kCustomPref, false);
+  // Revert #33613 fix
+  if (getIntPref(kSliderMigration, 0) < 2) {
+    // We can't differentiate between users having flipped `javascript.enabled`
+    // to `false` before it got governed by the security settings vs. those who
+    // had it flipped due to #33613. Reset the preference for everyone.
+    if (getIntPref(kSliderPref) === 1) {
+      setBoolPref("javascript.enabled", true);
     }
     clearUserPref("media.webaudio.enabled");
-    setIntPref(kSliderMigration, 1);
+    setIntPref(kSliderMigration, 2);
   }
   log(4, "security-prefs.js initialization complete");
 };

More information about the tor-commits mailing list