[tor-commits] [tor-browser] 44/70: Bug 40562: Added Tor-related preferences to 000-tor-browser.js

gitolite role git at cupani.torproject.org
Mon Jun 13 19:54:19 UTC 2022


This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-91.10.0esr-11.5-1
in repository tor-browser.

commit f9eeb0ed4e61d70ca10fae2d86aa8225625b9950
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Tue Jan 18 19:18:48 2022 +0100

    Bug 40562: Added Tor-related preferences to 000-tor-browser.js
    
    Before reordering patches, we used to keep the Tor-related patches
    (torbutton and tor-launcher) at the beginning.
    After that issue, we decided to move them towards the end, however we
    kept TB4: Tor Browser's Firefox preference overrides at the beginning
    because it influcences many other features.
    As a result, to keep bisect working, we split that commit, and moved
    all the preferences related to Tor (such as network.proxy.*) here.
---
 browser/app/profile/000-tor-browser.js        | 93 +++++++++++++++++++++++++++
 browser/installer/package-manifest.in         |  2 +-
 browser/moz.build                             |  2 +-
 mobile/android/app/000-tor-browser-android.js | 47 ++++++++++++++
 taskcluster/ci/source-test/mozlint.yml        |  2 +-
 5 files changed, 143 insertions(+), 3 deletions(-)

diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js
new file mode 100644
index 0000000000000..effd852c546e0
--- /dev/null
+++ b/browser/app/profile/000-tor-browser.js
@@ -0,0 +1,93 @@
+#include 001-base-profile.js
+
+pref("app.update.notifyDuringDownload", true);
+pref("app.update.url.manual", "https://www.torproject.org/download/languages/");
+pref("app.update.url.details", "https://www.torproject.org/download/");
+pref("app.update.badgeWaitTime", 0);
+pref("app.releaseNotesURL", "about:blank");
+// disables the 'What's New?' link in the about dialog, otherwise we need to
+// duplicate logic for generating the url to the blog post that is already more
+// easily found in about:tor
+pref("app.releaseNotesURL.aboutDialog", "about:blank");
+// point to our feedback url rather than Mozilla's
+pref("app.feedback.baseURL", "https://support.torproject.org/%LOCALE%/get-in-touch/");
+
+pref("browser.shell.checkDefaultBrowser", false);
+
+// Proxy and proxy security
+pref("network.proxy.socks", "127.0.0.1");
+pref("network.proxy.socks_port", 9150);
+pref("network.proxy.socks_remote_dns", true);
+pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
+pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
+pref("network.proxy.type", 1);
+// Bug 40548: Disable proxy-bypass
+pref("network.proxy.failover_direct", false);
+pref("network.security.ports.banned", "9050,9051,9150,9151");
+pref("network.dns.disabled", true); // This should cover the #5741 patch for DNS leaks
+pref("network.http.max-persistent-connections-per-proxy", 256);
+
+pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"torbutton-button\",\"security-level-button\",\"downloads-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"PanelUI-contents\":[\"home-button\",\"edit-controls\",\"zoom-controls\",\"new- [...]
+
+// Treat .onions as secure
+pref("dom.securecontext.whitelist_onions", true);
+pref("dom.securecontext.allowlist_onions", true); // FF97+ 1744006 renamed from whitelist
+
+#expand pref("torbrowser.version", __TOR_BROWSER_VERSION_QUOTED__);
+
+// Old torbutton prefs
+
+// debug prefs
+pref("extensions.torbutton.loglevel",4);
+pref("extensions.torbutton.logmethod",1); // 0=stdout, 1=errorconsole, 2=debuglog
+
+// Display prefs
+pref("extensions.torbutton.display_circuit", true);
+pref("extensions.torbutton at torproject.org.description", "chrome://torbutton/locale/torbutton.properties");
+pref("extensions.torbutton.updateNeeded", false);
+
+// Tor check and proxy prefs
+pref("extensions.torbutton.test_enabled",true);
+pref("extensions.torbutton.test_url","https://check.torproject.org/?TorButton=true");
+pref("extensions.torbutton.local_tor_check",true);
+pref("extensions.torbutton.versioncheck_enabled",true);
+pref("extensions.torbutton.use_nontor_proxy",false);
+
+// State prefs:
+pref("extensions.torbutton.startup",false);
+pref("extensions.torbutton.inserted_button",false);
+pref("extensions.torbutton.inserted_security_level",false);
+
+// This is only used when letterboxing is disabled.
+// See #7255 for details. We display the warning three times to make sure the
+// user did not click on it by accident.
+pref("extensions.torbutton.maximize_warnings_remaining", 3);
+
+// Security prefs:
+pref("extensions.torbutton.clear_http_auth",true);
+pref("extensions.torbutton.close_newnym",true);
+pref("extensions.torbutton.resize_new_windows",false);
+pref("extensions.torbutton.startup_state", 2); // 0=non-tor, 1=tor, 2=last
+pref("extensions.torbutton.tor_memory_jar",false);
+pref("extensions.torbutton.nontor_memory_jar",false);
+pref("extensions.torbutton.launch_warning",true);
+
+// Opt out of Firefox addon pings:
+// https://developer.mozilla.org/en/Addons/Working_with_AMO
+pref("extensions.torbutton at torproject.org.getAddons.cache.enabled", false);
+
+// Security Slider
+pref("extensions.torbutton.security_slider", 4);
+pref("extensions.torbutton.security_custom", false);
+
+pref("extensions.torbutton.confirm_plugins", true);
+pref("extensions.torbutton.confirm_newnym", true);
+
+pref("extensions.torbutton.noscript_inited", false);
+pref("extensions.torbutton.noscript_persist", false);
+
+// Browser home page:
+pref("browser.startup.homepage", "about:tor");
+
+// This pref specifies an ad-hoc "version" for various pref update hacks we need to do
+pref("extensions.torbutton.pref_fixup_version", 0);
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
index 539cd6419e673..8f52da54f7b96 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -283,7 +283,7 @@
 @RESPATH@/browser/defaults/settings/blocklists
 @RESPATH@/browser/defaults/settings/main
 @RESPATH@/browser/defaults/settings/security-state
- at RESPATH@/browser/@PREF_DIR@/001-base-profile.js
+ at RESPATH@/browser/@PREF_DIR@/000-tor-browser.js
 
 ; Warning: changing the path to channel-prefs.js can cause bugs (Bug 756325)
 ; Technically this is an app pref file, but we are keeping it in the original
diff --git a/browser/moz.build b/browser/moz.build
index 0df0a824f9ad4..d72932988fac6 100644
--- a/browser/moz.build
+++ b/browser/moz.build
@@ -56,7 +56,7 @@ if CONFIG["MOZ_UPDATE_AGENT"]:
 # These files are specified in this moz.build to pick up DIST_SUBDIR as set in
 # this directory, which is un-set in browser/app.
 JS_PREFERENCE_PP_FILES += [
-    "app/profile/001-base-profile.js",
+    "app/profile/000-tor-browser.js",
     "app/profile/firefox.js",
 ]
 FINAL_TARGET_FILES.defaults += ["app/permissions"]
diff --git a/mobile/android/app/000-tor-browser-android.js b/mobile/android/app/000-tor-browser-android.js
new file mode 100644
index 0000000000000..61c8a0cd7fa18
--- /dev/null
+++ b/mobile/android/app/000-tor-browser-android.js
@@ -0,0 +1,47 @@
+// Import all prefs from the canonical file
+// We override mobile-specific prefs below
+// Tor Browser for Android
+// Do not edit this file.
+
+#include ../../../browser/app/profile/000-tor-browser.js
+
+// Space separated list of URLs that are allowed to send objects (instead of
+// only strings) through webchannels. This list is duplicated in browser/app/profile/firefox.js
+pref("webchannel.allowObject.urlWhitelist", "");
+
+// Disable browser auto updaters
+pref("app.update.auto", false);
+pref("browser.startup.homepage_override.mstone", "ignore");
+
+// Clear data on quit
+pref("privacy.clearOnShutdown.cache", true);
+pref("privacy.clearOnShutdown.cookies",true);
+pref("privacy.clearOnShutdown.downloads",true);
+pref("privacy.clearOnShutdown.formdata",true);
+pref("privacy.clearOnShutdown.history",true);
+pref("privacy.clearOnShutdown.offlineApps",true);
+pref("privacy.clearOnShutdown.passwords",true);
+pref("privacy.clearOnShutdown.sessions",true);
+pref("privacy.clearOnShutdown.siteSettings",true);
+
+// controls if we want camera support
+pref("media.realtime_decoder.enabled", false);
+
+// Enable touch events on Android (highlighting text, etc)
+pref("dom.w3c_touch_events.enabled", 2);
+
+// Ensure that pointer events are disabled
+pref("dom.w3c_pointer_events.multiprocess.android.enabled", false);
+
+// No HLS support for now due to browser freezing, see: #29859.
+pref("media.hls.enabled", false);
+
+// Inherit locale from the OS, used for multi-locale builds
+pref("intl.locale.requested", "");
+
+// Disable WebAuthn. It requires Google Play Services, so it isn't
+// available, but avoid any potential problems.
+pref("security.webauth.webauthn_enable_android_fido2", false);
+
+// Disable the External App Blocker on Android
+pref("extensions.torbutton.launch_warning", false);
diff --git a/taskcluster/ci/source-test/mozlint.yml b/taskcluster/ci/source-test/mozlint.yml
index 589ad7a0af1e4..f4e3d18a710fe 100644
--- a/taskcluster/ci/source-test/mozlint.yml
+++ b/taskcluster/ci/source-test/mozlint.yml
@@ -163,7 +163,7 @@ lintpref:
         files-changed:
             - 'modules/libpref/init/all.js'
             - 'modules/libpref/init/StaticPrefList.yaml'
-            - 'browser/app/profile/001-base-profile.js'
+            - 'browser/app/profile/000-tor-browser.js'
             - 'browser/app/profile/firefox.js'
             - 'mobile/android/app/mobile.js'
             - 'devtools/client/preferences/debugger.js'

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tor-commits mailing list