[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit de64bfcfca9ac282258a27bc73f5be50d2aafb9c
Author: Translation commit bot 
Date:   Sat Nov 14 07:45:16 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+he.po | 28 ++--
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/contents+he.po b/contents+he.po
index 70cbdafa79..35c1de71c2 100644
--- a/contents+he.po
+++ b/contents+he.po
@@ -7544,11 +7544,13 @@ msgid ""
 "solely based on IP, especially if you contract out fraud detection to a "
 "third party."
 msgstr ""
+"כך שיתכן שזו הזתנה לגיטימית, אך סומנה כהונ
אה שמבוססת רק על  IP, בפרט כאשר "
+"מגייסים ביצוע בדיקות הנואה על ידי צד 
שלישי."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "## Threats of Violence (Advice for Real-Time Discussion)"
-msgstr ""
+msgstr "## איומים על אלימות (הצעה לשיחה בזמן 
אמת)"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7556,16 +7558,18 @@ msgid ""
 "If a serious abuse complaint not covered by this template set arrives, the "
 "best answer is to follow a pattern with the complaining party."
 msgstr ""
+"אם מגיעה תלונה של ניצול לרעה רציני שאינה 
מכוסה על יד מערך התבניות הזה. "
+"התשובה הטובה ביותר היא להמשיך את הקו של 
הצד המתלונן"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "This is not legal advice."
-msgstr ""
+msgstr "זו אינה עצה משפטית."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "This was not written or reviewed by a lawyer."
-msgstr ""
+msgstr "היא לא נכתבה או נבדקה על ידי עורך דין."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7573,12 +7577,15 @@ msgid ""
 "It was written by someone with experience working with various ISPs who had "
 "issues with a Tor exit node on their network."
 msgstr ""
+"היא נכתבה על ידי מישהו עם נסוין בעבודה עם 
מספר ספקי שרות אינטרנט אשר היו להם"
+" בעיות עם צמתי יציאה של Tor ברשת שלהם."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid ""
 "It has also been reviewed by someone who works in Abuse at a major ISP."
 msgstr ""
+"היא גם נבדקה על ידי מישהו שעובד עם ניצול 
לרעה אצל ספק שרות אינטרנט מוביל."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7589,6 +7596,10 @@ msgid ""
 "whom you're going to converse knows nothing about Tor. Assume this same "
 "person isn't going to trust anything you say."
 msgstr ""
+"* קרא את [Tor "
+"Overview](https://2019.www.torproject.org/about/overview.html.en). היה 
מוכן"
+"  לסכם ולענות על מספר שאלות. הניו שהאדם עמו 
אתה הולך לשוחח לא יודע כלום על "
+"Tor. הנח שאדם זה אינו הולך לבטוח בשום דבר 
שתגיד.."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7598,6 +7609,9 @@ msgid ""
 "action is perpetrated by an anonymous individual (such as delivering the "
 "notice via postal mail)."
 msgstr ""
+"* במקרים חמורים, כגון הודעות דוא\"ל טורגנ
יות או איומים במוות, הדבר עוזר לבצע"
+" אנלוגיה למצב של העולם הפיזי בו פעוילה 
מבוצעת על ידי פרט אלמונ   (כגון מסירת"
+" ההודעה בשרות הדואר)."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7605,21 +7619,23 @@ msgid ""
 "* Remind them that traditional policework can still be used to determine who"
 " had the means, motive, and opportunity to commit the

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 879aa987b662c8f3fadcb388ec68c99ce47acb7c
Author: Translation commit bot 
Date:   Sat Nov 14 07:15:13 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+he.po | 19 ---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/contents+he.po b/contents+he.po
index 54f0532d6e..70cbdafa79 100644
--- a/contents+he.po
+++ b/contents+he.po
@@ -7479,11 +7479,15 @@ msgid ""
 "maintained to free of vulnerabilities that can lead to situations such as "
 "this (PHP webshell/XSS compromise/SQL Injection compromise)."
 msgstr ""
+"אבל, במקום למנוע ממשתמשים לגיטימיים של Tor 
מלהשתמש בשרותים שלכם באופן כללי, "
+"אנו ממצליצים לוואד ששרותים כאלה מקבלים 
עדכונים שוטפים ומתוחזקים כדי להתנקות "
+"מנקודות תורפה שיכולות להוביל למצבים כמו 
זה ( פריצות ל PHP webshell/XSS /SQL "
+"Injection )."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "## E-Commerce Fraud"
-msgstr ""
+msgstr "## הונאות E-Commerce"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7492,6 +7496,9 @@ msgid ""
 "to flag orders coming from Tor nodes as requiring special review: "
 "https://www.torproject.org/projects/tordnsel.html.en;
 msgstr ""
+"בנוסף, פרויקט Tor מספק DNSRBL ממוכן עבורכם לבצע 
שאילתות כדי לסמן הזמונות "
+"המגיעות מצמתי Tor שמחייבים טיפול מיוחד: "
+"https://www.torproject.org/projects/tordnsel.html.en;
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7499,6 +7506,8 @@ msgid ""
 "It also provides a Bulk Exit List service for retrieving the entire list: "
 "https://check.torproject.org/cgi-bin/TorBulkExitList.py;
 msgstr ""
+"זה גם מספק שרות Bulk Exit List לקבלת כל הרשימה: 
https://check.torproject.org;
+"/cgi-bin/TorBulkExitList.py"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7506,11 +7515,13 @@ msgid ""
 "You can use this list to help you take a closer look at Tor orders, or to "
 "hold them temporarily for additional verification, without losing"
 msgstr ""
+"תוכלו להשתמש ברשימה שתעזור לכם להתבונן 
מקרוב על הזמנות דרך Tor, או להחזיק "
+"אותן זמנית לאימות נוסף, מבלי לאבד"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "legitimate customers."
-msgstr ""
+msgstr "לקוחות לגיטימיים."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
@@ -7518,11 +7529,13 @@ msgid ""
 "In fact, in my experience, the fraud processing teams contracted by many "
 "ISPs simply mark all requests from Tor nodes as fraud using that"
 msgstr ""
+"למעשה, לפי נסיוננו, צוות בדיקות ההונאה 
שפועל עברו ספקי אינטרנט רבים פשוט "
+"מסמן את כל הבקשות שמגיעות מצמתי Tor כהונאה 
בעת השתמשו"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)
 msgid "very list."
-msgstr ""
+msgstr "באותה הרשימה עצמה."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-abuse-templates/
 #: 
(content/relay-operations/community-resources/tor-abuse-templates/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/snowflakeaddon-messages.json] https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json

2020-11-13 Thread translation 
commit 7e6b69d25a2dd13935d716e0dd54167fa3f16955
Author: Translation commit bot 
Date:   Sat Nov 14 07:15:50 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json
---
 zh_CN/messages.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/zh_CN/messages.json b/zh_CN/messages.json
index 02516417bd..5de23584e8 100644
--- a/zh_CN/messages.json
+++ b/zh_CN/messages.json
@@ -63,7 +63,7 @@
 "message": "报告缺陷"
   },
   "fileBug": {
-"message": "If you encounter problems with Snowflake as a client or a 
proxy, please consider filing a bug report.  There are two ways to file a bug 
report:"
+"message": 
"如果您在用Snowflake作为客户端或代理时遇到问题或任何漏洞,请考虑提交错误报告。
 提交错误报告文件的方式有两种:"
   },
   "sharedAccount": {
 "message": "Edit the https://pad.riseup.net/p/tor-anti-censorship-bugs-keep\;>public 
bug-reporting pad of the anti-censorship team."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/abouttor-homepage] https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage

2020-11-13 Thread translation 
commit 997d06855a6259ada288fa602ecb2a9088068e36
Author: Translation commit bot 
Date:   Sat Nov 14 07:15:02 2020 +

https://gitweb.torproject.org/translation.git/commit/?h=abouttor-homepage
---
 ml/aboutTor.dtd | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ml/aboutTor.dtd b/ml/aboutTor.dtd
index 77f1e6ca9e..58f377946b 100644
--- a/ml/aboutTor.dtd
+++ b/ml/aboutTor.dtd
@@ -27,7 +27,7 @@
 
 
 
-
+
 
 
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/fenix-torbrowserstringsxml] https://gitweb.torproject.org/translation.git/commit/?h=fenix-torbrowserstringsxml

2020-11-13 Thread translation 
commit b579113a0b8ccee7c4386c4b43b771e7a7d8
Author: Translation commit bot 
Date:   Sat Nov 14 07:15:24 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=fenix-torbrowserstringsxml
---
 ml/torbrowser_strings.xml | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/ml/torbrowser_strings.xml b/ml/torbrowser_strings.xml
index 304f93de7c..693891842a 100644
--- a/ml/torbrowser_strings.xml
+++ b/ml/torbrowser_strings.xml
@@ -8,6 +8,10 @@
 ബന്ധിപ്പിക്കുന്നു
 ഉടനെ 
ആരംഭിക്കുക
 ഇടതേക് 
തെന്നിച്ചാൽ ടോർ ന്റെ 
നാൾവിവരപ്പട്ടിക 
കാണാവുന്നതാണ് 
+നിങ്ങളുടെ 
സുരക്ഷാ നില സജ്ജമാക്കുക
+നിലവിലെ 
സുരക്ഷാ നില: %s
+സുരക്ഷാ 
ക്രമീകരണങ്ങൾ തുറക്കുക
+നിങ്ങളെപ്പോലുള്ള
 ആളുകളിൽ നിന്നുള്ള സംഭാവനകൾ 
ഉള്ളതിനാല്‍ ടോര്‍ 
സൌജന്യമായി ഉപയോഗിക്കാം.
 ഇപ്പോൾ 
തന്നെ ധന സഹായം ചെയ്യൂ 
 
 സ്വകാര്യമായി 
കാണുക 
@@ -19,7 +23,10 @@
 എനിക്ക്
 അറിയാവുന്ന ഒരു ബ്രിഡ്ജിനെ 
തരിക 
 അതെ
 വേണ്ട
+വിച്ഛേദിക്കപ്പെട്ടു
 ബന്ധിപ്പിക്കുന്നു
+ബന്ധിപ്പിച്ചു
+പുനരാരംഭിക്കുുന്നു
 
 സുരക്ഷാ 
ക്രമീകരണങ്ങൾ ...
 സുരക്ഷാ 
ലെവൽ

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 60444a88aa036d170ec2e5bd44d412cc72d88033
Author: Translation commit bot 
Date:   Fri Nov 13 20:15:13 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 28 ++--
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index a5ad364e46..20f8bdfd17 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -12394,6 +12394,9 @@ msgid ""
 "private key directly in the [Tor Browser](https://tb-manual.torproject.org;
 "/onion-services/) interface."
 msgstr ""
+"إذا كنت تقوم بإنشاء مفتاح خاص لموقع onion ، 
فلن يحتاج المستخدم بالضرورة إلى "
+"تحرير ملف Tor في متصفح Tor. من الممكن إدخال الم
فتاح الخاص مباشرة في واجهة "
+"[متصفح Tor] (https://tb-manual.torproject.org/onion-services/)."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12402,11 +12405,14 @@ msgid ""
 "manual](https://2019.www.torproject.org/docs/tor-onion-;
 "service.html.en#ClientAuthorization)."
 msgstr ""
+"لمزيد من المعلومات حول مصادقة العميل ، 
يرجى مراجعة [دليل Tor] "
+"(https://2019.www.torproject.org/docs/tor-onion-;
+"service.html.en#ClientAuthorization)."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "## Configuring v2 Onion Services"
-msgstr ""
+msgstr "## تكوين خدمات Onion v2"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12417,6 +12423,11 @@ msgid ""
 "[HiddenServiceAuthorizeClient](https://2019.www.torproject.org/docs/tor-;
 "manual.html.en#HiddenServiceAuthorizeClient) options in the tor manual."
 msgstr ""
+"لإعداد مصادقة ملفات تعريف الارتباط لخدمات 
** v2 ** ، راجع إدخالات "
+"[HidServAuth] (https://2019.www.torproject.org/docs/tor-;
+"manual.html.en#HidServAuth) و [HiddenServiceAuthorizeClient] "
+"(https://2019.www.torproject.org/docs/tor-;
+"manual.html.en#HiddenServiceAuthorizeClient) خيارات في دليل Tor."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12425,11 +12436,14 @@ msgid ""
 "[torrc](https://2019.www.torproject.org/docs/faq.html.en#torrc) file of your"
 " onion service:"
 msgstr ""
+"قم أولاً بإضافة السطر التالي إلى ملف [torrc] "
+"(https://2019.www.torproject.org/docs/faq.html.en#torrc) الخاص بخدم
Ø© onion "
+"الخاصة بك:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "HiddenServiceAuthorizeClient [auth-type] [service-name]"
-msgstr ""
+msgstr "HiddenServiceAuthorizeClient [نوع المصادقة] [اسم 
الخدمة]"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12437,27 +12451,29 @@ msgid ""
 "Restart tor and read the cookie from the hostname file of your onion "
 "service, for example in"
 msgstr ""
+"أعد تشغيل tor واقرأ ملف تعريف الارتباط من م
لف اسم المضيف الخاص بخدمة onion ،"
+" على سبيل المثال في"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "`/var/lib/tor/hidden_service_path/hostname`."
-msgstr ""
+msgstr "`/var/lib/tor/hidden_service_path/hostname`."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid ""
 "To access it with a tor client, add following line to torrc and restart tor:"
-msgstr ""
+msgstr "للوصول إليه مع عميل Tor ، أضف السطر 
التالي إلى torrc وأعد تشغيل Tor:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "HidServAuth [onion-address] [auth-cookie] [service-name]"
-msgstr ""
+msgstr "HidServAuth [onion-address] [auth-cookie] [service-name]"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "You can now connect to the onion service address."
-msgstr ""
+msgstr "يمكنك الآن الاتصال بعنوان خدمة onion."
 
 #: https//community.torproject.org/onion-services/advanced/opsec/
 #:

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 9e5eac5bcce2c4eff4f7a283947a656b20ac0dac
Author: Translation commit bot 
Date:   Fri Nov 13 19:45:13 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 23 ++-
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index e0eb4d4113..a5ad364e46 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -12301,11 +12301,13 @@ msgid ""
 "file, however the revocation will be in effect only after the tor process "
 "gets restarted."
 msgstr ""
+"** هام: ** يمكن إبطال العميل عن طريق إزالة م
لف \".auth\" الخاص به ، إلا أن "
+"الإلغاء لن يكون ساريًا إلا بعد إعادة تشغيل 
عملية Tor."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "### Client side"
-msgstr ""
+msgstr "### جانب العميل"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12313,16 +12315,18 @@ msgid ""
 "To access a version 3 onion service with client authorization as a client, "
 "make sure you have `ClientOnionAuthDir` set in your torrc."
 msgstr ""
+"للوصول إلى خدمة onion من الإصدار 3 مع تفويض من 
العميل كعميل ، تأكد من تعيين "
+"\"ClientOnionAuthDir\" في ملف torrc."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "For example, add this line to `/etc/tor/torrc`:"
-msgstr ""
+msgstr "على سبيل المثال ، أضف هذا السطر إلى `/ etc 
/ tor / torrc`:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "ClientOnionAuthDir /var/lib/tor/onion_auth"
-msgstr ""
+msgstr "ClientOnionAuthDir /var/lib/tor/onion_auth"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12331,6 +12335,8 @@ msgid ""
 "file for the onion service corresponding to this key (i.e. "
 "'bob_onion.auth_private')."
 msgstr ""
+"بعد ذلك ، في `` الدليل ، أنشئ م
لف`.auth_private` لخدمة "
+"onion المقابلة لهذا المفتاح (على سبيل المثال 
،'bob_onion.auth_private')."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12338,6 +12344,8 @@ msgid ""
 "The content of the `/.auth_private` file should "
 "look like this:"
 msgstr ""
+"يجب أن يبدو محتوى الملف 
`/.auth_private` على النحو"
+" التالي:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12345,19 +12353,22 @@ msgid ""
 "<56-char-onion-addr-without-.onion-part>:descriptor:x25519:"
 msgstr ""
+"<56-char-onion-addr-without-.onion-part>:descriptor:x25519:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 #: https//community.torproject.org/onion-services/advanced/onion-location/
 #: (content/onion-services/advanced/onion-location/contents+en.lrpage.body)
 msgid "For example:"
-msgstr ""
+msgstr "فمثلا:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid ""
 
"rh5d6reakhpvuxe2t3next6um6iiq4jf43m7gmdrphfhopfpnoglzcyd:descriptor:x25519:ZDUVQQ7IKBXSGR2WWOBNM3VP5ELNOYSSINDK7CAUN2WD7A3EKZWQ"
 msgstr ""
+"rh5d6reakhpvuxe2t3next6um6iiq4jf43m7gmdrphfhopfpnoglzcyd:descriptor:x25519:ZDUVQQ7IKBXSGR2WWOBNM3VP5ELNOYSSINDK7CAUN2WD7A3EKZWQ"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12365,13 +12376,15 @@ msgid ""
 "If you manually generated the key pair following the instructions in this "
 "page, you can copy and use the private key created in **Step 2**."
 msgstr ""
+"إذا قمت بإنشاء زوج المفاتيح يدويًا باتباع 
الإرشادات الواردة في هذه الصفحة ، "
+"فيمكنك نسخ واستخدام المفتاح الخاص الذي تم 
إنشاؤه في ** الخطوة 2 **."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid ""
 "Then restart `tor` and you should be able to connect to the onion service "
 "address."
-msgstr ""
+msgstr "ثم أعد تشغيل`tor` وستتمكن من

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 4644e05a270ff81845dc8ac4b456d933d4c15559
Author: Translation commit bot 
Date:   Fri Nov 13 19:15:28 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 30 --
 1 file changed, 20 insertions(+), 10 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index cc586b0dcd..e0eb4d4113 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -12192,7 +12192,7 @@ msgstr ""
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Public key**"
-msgstr ""
+msgstr "**المفتاح العمومي**"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12206,17 +12206,17 @@ msgstr ""
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Step 3.** Copy the public key:"
-msgstr ""
+msgstr "** الخطوة 3. ** انسخ المفتاح العام:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "$ cat /tmp/k1.pub.key"
-msgstr ""
+msgstr "$ cat /tmp/k1.pub.key"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Step 4.** Create an authorized client file:"
-msgstr ""
+msgstr "** الخطوة 4. ** أنشئ ملف عميل معتمد:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12224,6 +12224,8 @@ msgid ""
 "Format the client authentication and create a new file in "
 "`/authorized_clients/` directory."
 msgstr ""
+"قم بتهيئة مصادقة العميل وأنشئ ملفًا 
جديدًا في دليل `/ author_clients "
+"/`."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12231,21 +12233,23 @@ msgid ""
 "Each file in that directory should be suffixed with \".auth\" (i.e. "
 "\"alice.auth\"; the file name is irrelevant) and its content format must be:"
 msgstr ""
+"يجب أن يُلحق كل ملف في هذا الدليل بـ \".auth\" 
(أي \"alice.auth\" ؛ اسم "
+"الملف غير ذي صلة) ويجب أن يكون تنسيق الم
حتوى الخاص به:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "::"
-msgstr ""
+msgstr "::"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "The supported values for `` are: \"descriptor\"."
-msgstr ""
+msgstr "القيم المدعومة لـ` `هي:\" واصف \"."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "The supported values for `` are: \"x25519\"."
-msgstr ""
+msgstr "القيم المدعومة لـ` `هي:\" x25519 \"."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12253,6 +12257,8 @@ msgid ""
 "The `` is the base32 representation of the raw "
 "key bytes only (32 bytes for x25519)."
 msgstr ""
+"`` هو تمثيل base32 لبايتات الم
فاتيح الأولية فقط "
+"(32 بايت لـ x25519)."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12261,11 +12267,13 @@ msgid ""
 "`/var/lib/tor/hidden_service/authorized_clients/alice.auth` should look "
 "like:"
 msgstr ""
+"على سبيل المثال ، يجب أن يظهر الملف `/ var / lib 
/ tor / hidden_service / "
+"author_clients / alice.auth` بالشكل التالي:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "descriptor:x25519:N2NU7BSRL6YODZCYPN4CREB54TYLKGIE2KYOQWLFYC23ZJVCE5DQ"
-msgstr ""
+msgstr "واصف: x25519: N2NU7BSRL6YODZCYPN4CREB54TYLKGIE2KYOQWLFYC23ZJVCE5DQ"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12273,16 +12281,18 @@ msgid ""
 "If you are planning to have more authenticated clients, each file must "
 "contain one line only. Any malformed file will be ignored."
 msgstr ""
+"إذا كنت تخطط للحصول على المزيد من العملاء 
المصادق عليهم ، فيجب أن

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 8f5e7ee32a1647c8f3f97ac7320958b21758ddf5
Author: Translation commit bot 
Date:   Fri Nov 13 18:45:12 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 23 +++
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index f991e99286..cc586b0dcd 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -12121,6 +12121,8 @@ msgid ""
 "Client authorization will only be enabled for the service if tor "
 "successfully loads at least one authorization file."
 msgstr ""
+"لن يتم تمكين ترخيص العميل للخدمة إلا إذا 
قام Tor بتحميل ملف ترخيص واحد على "
+"الأقل بنجاح."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12132,6 +12134,12 @@ msgid ""
 "[Python](https://github.com/pastly/python-;
 "snippits/blob/master/src/tor/x25519-gen.py)) or manually."
 msgstr ""
+"في الوقت الحالي ، تحتاج إلى إنشاء المفاتيح 
بنفسك باستخدام نص برمجي (مثل تلك "
+"المكتوبة بلغة [Bash] "
+"(https://gist.github.com/mtigas/9c2386adf65345be34045dace134140b) ، [Rust] "
+"(https://github.com/haxxpop / torkeygen) أو [Python] "
+"(https://github.com/pastly/python-;
+"snippits/blob/master/src/tor/x25519-gen.py)) أو يدويًا."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12139,16 +12147,17 @@ msgid ""
 "To manually generate the keys, you need to install `openssl` version 1.1+ "
 "and `basez`."
 msgstr ""
+"لإنشاء المفاتيح يدويًا ، تحتاج إلى تثبيت 
الإصدار 1.1+ و \"basez\" ʻopenssl`."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Step 1.** Generate a key using the algorithm x25519:"
-msgstr ""
+msgstr "** الخطوة 1. ** أنشئ مفتاحًا باستخدام 
الخوارزمية x25519:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "$ openssl genpkey -algorithm x25519 -out /tmp/k1.prv.pem"
-msgstr ""
+msgstr "opensl genpkey $ - خوارزمية x25519 -out /tmp/k1.prv.pem"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12158,16 +12167,18 @@ msgid ""
 "If you get an error message, something has gone wrong and you cannot "
 "continue until you've figured out why this didn't work."
 msgstr ""
+"إذا تلقيت رسالة خطأ ، فقد حدث خطأ ما ولا يم
كنك المتابعة حتى تكتشف سبب عدم "
+"نجاح ذلك."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Step 2.** Format the keys into base32:"
-msgstr ""
+msgstr "** الخطوة الثانية. ** نسّق المفاتيح في 
base32:"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "**Private key**"
-msgstr ""
+msgstr "**مفتاح سري**"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12175,6 +12186,8 @@ msgid ""
 "$ cat /tmp/k1.prv.pem | grep -v \" PRIVATE KEY\" | base64pem -d | tail "
 "--bytes=32 | base32 | sed 's/=//g' > /tmp/k1.prv.key"
 msgstr ""
+"$ cat /tmp/k1.prv.pem | grep -v \" PRIVATE KEY\" | base64pem -d | tail "
+"--bytes=32 | base32 | sed 's/=//g' > /tmp/k1.prv.key"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12187,6 +12200,8 @@ msgid ""
 "$ openssl pkey -in /tmp/k1.prv.pem -pubout | grep -v \" PUBLIC KEY\" | "
 "base64pem -d | tail --bytes=32 | base32 | sed 's/=//g' > /tmp/k1.pub.key"
 msgstr ""
+"$ openssl pkey -in /tmp/k1.prv.pem -pubout | grep -v \" PUBLIC KEY\" | "
+"base64pem -d | tail --bytes=32 | base32 | sed 's/=//g' > /tmp/k1.pub.key"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit a3f2b0bb6c69f133ec86b511fd7edb120480b13d
Author: Translation commit bot 
Date:   Fri Nov 13 17:45:10 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index bf3f5635df..f991e99286 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -12081,23 +12081,25 @@ msgid ""
 "**Note:** Once you have configured client authorization, anyone with the "
 "address will not be able to access it from this point on."
 msgstr ""
+"** ملاحظة: ** بمجرد تكوين ترخيص العميل ، لن 
يتمكن أي شخص لديه العنوان من "
+"الوصول إليه من هذه النقطة فصاعدًا."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid ""
 "If no authorization is configured, the service will be accessible to anyone "
 "with the onion address."
-msgstr ""
+msgstr "إذا لم يتم تكوين إذن ، فستكون الخدمة م
تاحة لأي شخص لديه عنوان onion."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "## Configuring v3 Onion Services"
-msgstr ""
+msgstr "## تكوين خدمات onion v3"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
 msgid "### Service side"
-msgstr ""
+msgstr "### جانب الخدمة"
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12108,6 +12110,10 @@ msgid ""
 "[Setup](https://community.torproject.org/onion-services/setup/) will "
 "automatically create this directory."
 msgstr ""
+"لتكوين ترخيص العميل من جانب الخدمة ، يجب 
أن يوجد دليل ` / "
+"author_clients /`. باتباع الإرشادات الموضحة في قسم 
[الإعداد] "
+"(https://community.torproject.org/onion-services/setup/) سيؤدي 
تلقائيًا إلى "
+"إنشاء هذا الدليل."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Fold in stable 10.0.4 changelog

2020-11-13 Thread sysrqb 
commit 6558e37c86c89c109979d232f31e270cbf9192cf
Author: Matthew Finkel 
Date:   Fri Nov 13 17:33:42 2020 +

Fold in stable 10.0.4 changelog
---
 .../tor-browser/Bundle-Data/Docs/ChangeLog.txt | 24 ++
 1 file changed, 24 insertions(+)

diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt 
b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
index 095dad9..7fb02a0 100644
--- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
+++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
@@ -18,6 +18,30 @@ Tor Browser 10.5a3 -- November 10 2020
* Windows + OS X + Linux
  * Bug 40133: Bump Rust version for ESR 78 to 1.43.0 [tor-browser-build]
 
+Tor Browser 10.0.4 -- November 9 2020
+ * Android
+   * Update NoScript to 11.1.5
+   * Bug 40022: EOY November Update - Matching [torbutton]
+   * Bug 40106: EOY November Update - Matching [fenix]
+   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
+   * Translations update
+ * Build System
+   * Android
+ * Update Go to 1.14.11
+ * Bug 40141: Include "android" in signed tag [tor-browser-build]
+
+Tor Browser 10.0.4 -- November 9 2020
+ * Windows + OS X + Linux
+   * Update NoScript to 11.1.5
+   * Bug 40021: Keep page shown after Tor Browser update purple [torbutton]
+   * Bug 40022: EOY November Update - Matching [torbutton]
+   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
+   * Translations update
+ * Build System
+   * Windows + OS X + Linux
+ * Update Go to 1.14.11
+ * Bug 40141: Include "desktop" in signed tag [tor-browser-build]
+
 Tor Browser 10.0.3 -- November 2 2020
  * Android
* Update Fenix to 82.1.1

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Revert "Fold in stable 10.0.4 changelog"

2020-11-13 Thread sysrqb 
commit 333e407b61f711955b5a797f1582f6dd9b3fedfe
Author: Matthew Finkel 
Date:   Fri Nov 13 17:31:53 2020 +

Revert "Fold in stable 10.0.4 changelog"

This reverts commit f81fca9a79f99c648821ae1829c6333f4ff25d65.
---
 projects/android-components/config |  2 +-
 projects/fenix/config  |  2 +-
 projects/firefox-langpacks/config  |  2 +-
 projects/firefox/config|  2 +-
 projects/geckoview/config  |  2 +-
 .../tor-browser/Bundle-Data/Docs/ChangeLog.txt | 24 --
 rbm|  2 +-
 7 files changed, 6 insertions(+), 30 deletions(-)

diff --git a/projects/android-components/config 
b/projects/android-components/config
index b59dcdb..e8dc2ab 100644
--- a/projects/android-components/config
+++ b/projects/android-components/config
@@ -8,7 +8,7 @@ gpg_keyring: torbutton.gpg
 variant: '[% IF c("var/release") %]Release[% ELSE %]Beta[% END %]'
 
 var:
-  android_components_version: 63.0.8
+  android_components_version: 63.0.1
   torbrowser_branch: 10.5
   container:
 use_container: 1
diff --git a/projects/fenix/config b/projects/fenix/config
index c026147..c3bb039 100644
--- a/projects/fenix/config
+++ b/projects/fenix/config
@@ -8,7 +8,7 @@ gpg_keyring: torbutton.gpg
 variant: Beta
 
 var:
-  fenix_version: 83.0.0
+  fenix_version: 83.0.0b2
   torbrowser_branch: 10.5
   copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
   container:
diff --git a/projects/firefox-langpacks/config 
b/projects/firefox-langpacks/config
index 34d6fad..17a707a 100644
--- a/projects/firefox-langpacks/config
+++ b/projects/firefox-langpacks/config
@@ -4,7 +4,7 @@ filename: '[% project %]-[% c("version") %]-[% c("var/osname") 
%]-[% c("var/buil
 
 var:
   ff_version: '[% pc("firefox", "var/firefox_version") %]'
-  ff_build: build1
+  ff_build: build2
   input_filename: 'dl-langpack-[% c("var/ff_arch") %]-[% c("version") %]'
 
 targets:
diff --git a/projects/firefox/config b/projects/firefox/config
index b8bc4bd..2daf0c3 100644
--- a/projects/firefox/config
+++ b/projects/firefox/config
@@ -8,7 +8,7 @@ git_submodule: 1
 gpg_keyring: torbutton.gpg
 
 var:
-  firefox_platform_version: 78.5.0
+  firefox_platform_version: 78.4.0
   firefox_version: '[% c("var/firefox_platform_version") %]esr'
   torbrowser_branch: 10.5
   branding_directory: 'browser/branding/alpha'
diff --git a/projects/geckoview/config b/projects/geckoview/config
index ebb84a9..e1608ed 100644
--- a/projects/geckoview/config
+++ b/projects/geckoview/config
@@ -8,7 +8,7 @@ git_submodule: 1
 gpg_keyring: torbutton.gpg
 
 var:
-  geckoview_version: 83.0
+  geckoview_version: 83.0b1
   torbrowser_branch: 10.5
   copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
   deps:
diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt 
b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
index 7fb02a0..095dad9 100644
--- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
+++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
@@ -18,30 +18,6 @@ Tor Browser 10.5a3 -- November 10 2020
* Windows + OS X + Linux
  * Bug 40133: Bump Rust version for ESR 78 to 1.43.0 [tor-browser-build]
 
-Tor Browser 10.0.4 -- November 9 2020
- * Android
-   * Update NoScript to 11.1.5
-   * Bug 40022: EOY November Update - Matching [torbutton]
-   * Bug 40106: EOY November Update - Matching [fenix]
-   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
-   * Translations update
- * Build System
-   * Android
- * Update Go to 1.14.11
- * Bug 40141: Include "android" in signed tag [tor-browser-build]
-
-Tor Browser 10.0.4 -- November 9 2020
- * Windows + OS X + Linux
-   * Update NoScript to 11.1.5
-   * Bug 40021: Keep page shown after Tor Browser update purple [torbutton]
-   * Bug 40022: EOY November Update - Matching [torbutton]
-   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
-   * Translations update
- * Build System
-   * Windows + OS X + Linux
- * Update Go to 1.14.11
- * Bug 40141: Include "desktop" in signed tag [tor-browser-build]
-
 Tor Browser 10.0.3 -- November 2 2020
  * Android
* Update Fenix to 82.1.1
diff --git a/rbm b/rbm
index a32239d..15c8476 16
--- a/rbm
+++ b/rbm
@@ -1 +1 @@
-Subproject commit a32239ddb1f465115cb4a8bb9f4b853c149506f3
+Subproject commit 15c84760ebe3f2677d1212aa00ef6f7485446a69

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-build/master] Fold in stable 10.0.4 changelog

2020-11-13 Thread sysrqb 
commit f81fca9a79f99c648821ae1829c6333f4ff25d65
Author: Matthew Finkel 
Date:   Fri Nov 13 17:29:54 2020 +

Fold in stable 10.0.4 changelog
---
 projects/android-components/config |  2 +-
 projects/fenix/config  |  2 +-
 projects/firefox-langpacks/config  |  2 +-
 projects/firefox/config|  2 +-
 projects/geckoview/config  |  2 +-
 .../tor-browser/Bundle-Data/Docs/ChangeLog.txt | 24 ++
 rbm|  2 +-
 7 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/projects/android-components/config 
b/projects/android-components/config
index e8dc2ab..b59dcdb 100644
--- a/projects/android-components/config
+++ b/projects/android-components/config
@@ -8,7 +8,7 @@ gpg_keyring: torbutton.gpg
 variant: '[% IF c("var/release") %]Release[% ELSE %]Beta[% END %]'
 
 var:
-  android_components_version: 63.0.1
+  android_components_version: 63.0.8
   torbrowser_branch: 10.5
   container:
 use_container: 1
diff --git a/projects/fenix/config b/projects/fenix/config
index c3bb039..c026147 100644
--- a/projects/fenix/config
+++ b/projects/fenix/config
@@ -8,7 +8,7 @@ gpg_keyring: torbutton.gpg
 variant: Beta
 
 var:
-  fenix_version: 83.0.0b2
+  fenix_version: 83.0.0
   torbrowser_branch: 10.5
   copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
   container:
diff --git a/projects/firefox-langpacks/config 
b/projects/firefox-langpacks/config
index 17a707a..34d6fad 100644
--- a/projects/firefox-langpacks/config
+++ b/projects/firefox-langpacks/config
@@ -4,7 +4,7 @@ filename: '[% project %]-[% c("version") %]-[% c("var/osname") 
%]-[% c("var/buil
 
 var:
   ff_version: '[% pc("firefox", "var/firefox_version") %]'
-  ff_build: build2
+  ff_build: build1
   input_filename: 'dl-langpack-[% c("var/ff_arch") %]-[% c("version") %]'
 
 targets:
diff --git a/projects/firefox/config b/projects/firefox/config
index 2daf0c3..b8bc4bd 100644
--- a/projects/firefox/config
+++ b/projects/firefox/config
@@ -8,7 +8,7 @@ git_submodule: 1
 gpg_keyring: torbutton.gpg
 
 var:
-  firefox_platform_version: 78.4.0
+  firefox_platform_version: 78.5.0
   firefox_version: '[% c("var/firefox_platform_version") %]esr'
   torbrowser_branch: 10.5
   branding_directory: 'browser/branding/alpha'
diff --git a/projects/geckoview/config b/projects/geckoview/config
index e1608ed..ebb84a9 100644
--- a/projects/geckoview/config
+++ b/projects/geckoview/config
@@ -8,7 +8,7 @@ git_submodule: 1
 gpg_keyring: torbutton.gpg
 
 var:
-  geckoview_version: 83.0b1
+  geckoview_version: 83.0
   torbrowser_branch: 10.5
   copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]'
   deps:
diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt 
b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
index 095dad9..7fb02a0 100644
--- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
+++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt
@@ -18,6 +18,30 @@ Tor Browser 10.5a3 -- November 10 2020
* Windows + OS X + Linux
  * Bug 40133: Bump Rust version for ESR 78 to 1.43.0 [tor-browser-build]
 
+Tor Browser 10.0.4 -- November 9 2020
+ * Android
+   * Update NoScript to 11.1.5
+   * Bug 40022: EOY November Update - Matching [torbutton]
+   * Bug 40106: EOY November Update - Matching [fenix]
+   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
+   * Translations update
+ * Build System
+   * Android
+ * Update Go to 1.14.11
+ * Bug 40141: Include "android" in signed tag [tor-browser-build]
+
+Tor Browser 10.0.4 -- November 9 2020
+ * Windows + OS X + Linux
+   * Update NoScript to 11.1.5
+   * Bug 40021: Keep page shown after Tor Browser update purple [torbutton]
+   * Bug 40022: EOY November Update - Matching [torbutton]
+   * Bug 40219: Backport Mozilla Bug 1675905 [tor-browser]
+   * Translations update
+ * Build System
+   * Windows + OS X + Linux
+ * Update Go to 1.14.11
+ * Bug 40141: Include "desktop" in signed tag [tor-browser-build]
+
 Tor Browser 10.0.3 -- November 2 2020
  * Android
* Update Fenix to 82.1.1
diff --git a/rbm b/rbm
index 15c8476..a32239d 16
--- a/rbm
+++ b/rbm
@@ -1 +1 @@
-Subproject commit 15c84760ebe3f2677d1212aa00ef6f7485446a69
+Subproject commit a32239ddb1f465115cb4a8bb9f4b853c149506f3

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit abf0824dcaeba0383ba1fbb0f7a92feb322b7aed
Author: Translation commit bot 
Date:   Fri Nov 13 17:15:22 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 66 --
 1 file changed, 60 insertions(+), 6 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index 1da962ee88..bf3f5635df 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -11412,6 +11412,8 @@ msgid ""
 "It is best to say \"I want my attorney and I choose to remain silent\" and "
 "then refuse questioning until you have a chance to talk to a lawyer."
 msgstr ""
+"من الأفضل أن أقول \"أريد محامي وأنا أختار 
التزام الصمت\" ثم رفض الاستجواب "
+"حتى تتاح لك فرصة التحدث إلى محام."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11419,6 +11421,8 @@ msgid ""
 "However, if you do decide to waive your right to the assistance of counsel "
 "and answer questions without an attorney present, be sure to tell the truth."
 msgstr ""
+"ومع ذلك ، إذا قررت التنازل عن حقك في الحصول 
على مساعدة محام والإجابة على "
+"الأسئلة دون حضور محام ، فتأكد من قول 
الحقيقة."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11426,6 +11430,8 @@ msgid ""
 "Lying to law enforcement may lead to more trouble than for whatever it was "
 "they wanted to talk to you about in the first place."
 msgstr ""
+"قد يؤدي الكذب على سلطات إنفاذ القانون إلى م
شاكل أكثر من أي شيء أرادوا التحدث"
+" معك عنه في المقام الأول."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11433,6 +11439,7 @@ msgid ""
 "### Does U.S. law provide any protections for the Tor network against civil "
 "lawsuits?"
 msgstr ""
+"### هل ينص قانون الولايات المتحدة على أي حم
اية لشبكة Tor ضد الدعاوى المدنية؟"
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11440,6 +11447,8 @@ msgid ""
 "**Yes.** A federal law, 47 U.S.C. § 230 (often called Section 230), provides"
 " legal immunity for online intermediaries that host or republish speech."
 msgstr ""
+"** نعم. ** قانون اتحادي ، 47 U. § 230 (تسمى غالبًا 
القسم 230) ، توفر حصانة "
+"قانونية للوسطاء عبر الإنترنت الذين 
يستضيفون الكلام أو يعيدون نشره."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11449,6 +11458,10 @@ msgid ""
 " as the Tor network, against a range of laws that might otherwise be used to"
 " hold them legally responsible for what others say and do."
 msgstr ""
+"على الرغم من وجود استثناءات مهمة لبعض 
الدعاوى الجنائية والقائمة على الملكية "
+"الفكرية ، فإن حصانة المادة 230 تحمي الخدمات 
عبر الإنترنت ، مثل شبكة Tor ، ضد"
+" مجموعة من القوانين التي يمكن استخدامها 
بخلاف ذلك لتحميلهم المسؤولية "
+"القانونية عما يقوله الآخرون ويفعلونه."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11458,6 +11471,10 @@ msgid ""
 "claims based on material that is simply transmitted without modification, as"
 " a Tor relay does."
 msgstr ""
+"قانون اتحادي آخر ، 17 U.S.C. توفر الفقرة 512 (أ) ، 
وهي جزء من قانون الألفية "
+"الجديدة لحقوق طبع ونشر المواد الرقمية ، م
لاذًا آمنًا قانونيًا ضد دعاوى "
+"انتهاك حقوق النشر استنادًا إلى المواد 
التي يتم إرسالها ببساطة دون تعديل ، "
+"كما يفعل مرحل Tor."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11552,12 +11569,14 @@ msgid ""
 "While we believe that running an exit relay is legal, it is practically "
 "impossible to

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots

2020-11-13 Thread sysrqb 
commit 7fad274539a6826f3bfc673eaf08db3479400ccc
Author: Alex Catarineu 
Date:   Fri Oct 9 12:55:35 2020 +0200

Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
---
 browser/app/profile/000-tor-browser.js |  3 +++
 browser/components/BrowserGlue.jsm | 14 ++
 2 files changed, 17 insertions(+)

diff --git a/browser/app/profile/000-tor-browser.js 
b/browser/app/profile/000-tor-browser.js
index d7c7d366b24d..19991a801fcd 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -313,6 +313,9 @@ pref("security.enterprise_roots.enabled", false);
 // Don't ping Mozilla for MitM detection, see bug 32321
 pref("security.certerrors.mitm.priming.enabled", false);
 
+// Don't automatically enable enterprise roots, see bug 40166
+pref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
+
 // Disable the language pack signing check for now on macOS, see #31942
 #ifdef XP_MACOSX
 pref("extensions.langpacks.signatures.required", false);
diff --git a/browser/components/BrowserGlue.jsm 
b/browser/components/BrowserGlue.jsm
index 0c9f92b8690d..8ae6c72105f5 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -1374,6 +1374,20 @@ BrowserGlue.prototype = {
 // handle any UI migration
 this._migrateUI();
 
+// Clear possibly auto enabled enterprise_roots prefs (see bug 40166)
+if (
+  !Services.prefs.getBoolPref(
+"security.certerrors.mitm.auto_enable_enterprise_roots"
+  ) &&
+  Services.prefs.getBoolPref(
+"security.enterprise_roots.auto-enabled",
+false
+  )
+) {
+  Services.prefs.clearUserPref("security.enterprise_roots.enabled");
+  Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled");
+}
+
 if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) {
   PdfJs.checkIsDefault(this._isNewProfile);
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware

2020-11-13 Thread sysrqb 
commit c330bb321d1f7bffcafc38cd26e6961a63d3a328
Author: Alex Catarineu 
Date:   Wed Nov 4 15:58:22 2020 +0100

Bug 40171: Make WebRequest and GeckoWebExecutor First-Party aware
---
 .../main/java/org/mozilla/geckoview/WebRequest.java| 18 ++
 widget/android/WebExecutorSupport.cpp  | 10 ++
 2 files changed, 28 insertions(+)

diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
index 7e3aa285c5be..18f56abeec43 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/WebRequest.java
@@ -49,6 +49,11 @@ public class WebRequest extends WebMessage {
  */
 public final @Nullable String referrer;
 
+/**
+ * The value of the origin of this request.
+ */
+public final @Nullable String origin;
+
 @Retention(RetentionPolicy.SOURCE)
 @IntDef({CACHE_MODE_DEFAULT, CACHE_MODE_NO_STORE,
 CACHE_MODE_RELOAD, CACHE_MODE_NO_CACHE,
@@ -110,6 +115,7 @@ public class WebRequest extends WebMessage {
 method = builder.mMethod;
 cacheMode = builder.mCacheMode;
 referrer = builder.mReferrer;
+origin = builder.mOrigin;
 
 if (builder.mBody != null) {
 body = builder.mBody.asReadOnlyBuffer();
@@ -126,6 +132,7 @@ public class WebRequest extends WebMessage {
 /* package */ String mMethod = "GET";
 /* package */ int mCacheMode = CACHE_MODE_DEFAULT;
 /* package */ String mReferrer;
+/* package */ String mOrigin;
 
 /**
  * Construct a Builder instance with the specified URI.
@@ -205,6 +212,17 @@ public class WebRequest extends WebMessage {
 return this;
 }
 
+/**
+ * Set the origin URI.
+ *
+ * @param origin A URI String
+ * @return This Builder instance.
+ */
+public @NonNull Builder origin(final @Nullable String origin) {
+mOrigin = origin;
+return this;
+}
+
 /**
  * @return A {@link WebRequest} constructed with the values from this 
Builder instance.
  */
diff --git a/widget/android/WebExecutorSupport.cpp 
b/widget/android/WebExecutorSupport.cpp
index f9f4262fb50c..bb639740f013 100644
--- a/widget/android/WebExecutorSupport.cpp
+++ b/widget/android/WebExecutorSupport.cpp
@@ -390,6 +390,16 @@ nsresult WebExecutorSupport::CreateStreamLoader(
   MOZ_ASSERT(cookieJarSettings);
 
   nsCOMPtr loadInfo = channel->LoadInfo();
+
+  RefPtr originUri;
+  const auto origin = req->Origin();
+  if (origin) {
+rv = NS_NewURI(getter_AddRefs(originUri), origin->ToString());
+NS_ENSURE_SUCCESS(rv, NS_ERROR_MALFORMED_URI);
+OriginAttributes attrs = loadInfo->GetOriginAttributes();
+attrs.SetFirstPartyDomain(true, originUri);
+loadInfo->SetOriginAttributes(attrs);
+  }
   loadInfo->SetCookieJarSettings(cookieJarSettings);
 
   // setup http/https specific things



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop

2020-11-13 Thread sysrqb 
commit 0ddb09d8c570fe8ce9fabe7f5bec717626ab6dba
Author: Alex Catarineu 
Date:   Fri Sep 4 12:34:35 2020 +0200

Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop

This loads HTTPS Everywhere as a builtin addon from a hardcoded
resource:// URI in desktop. It also ensures that the non-builtin
HTTPS Everywhere addon is always uninstalled on browser startup.

The reason of making this desktop-only is that there are some issues
when installing a builtin extension from geckoview side, making
the extension not available on first startup. So, at least for
now we handle the Fenix case separately. See #40118 for a followup
for investigating these.
---
 browser/components/BrowserGlue.jsm | 37 ++
 toolkit/components/extensions/Extension.jsm| 10 --
 .../mozapps/extensions/internal/XPIProvider.jsm| 13 
 3 files changed, 57 insertions(+), 3 deletions(-)

diff --git a/browser/components/BrowserGlue.jsm 
b/browser/components/BrowserGlue.jsm
index 88140a17484e..0c9f92b8690d 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -62,6 +62,13 @@ XPCOMUtils.defineLazyServiceGetter(
   "nsIPushService"
 );
 
+XPCOMUtils.defineLazyServiceGetters(this, {
+  resProto: [
+"@mozilla.org/network/protocol;1?name=resource",
+"nsISubstitutingProtocolHandler",
+  ],
+});
+
 const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state";
 
 /**
@@ -791,6 +798,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   DoHController: "resource:///modules/DoHController.jsm",
   DownloadsViewableInternally:
 "resource:///modules/DownloadsViewableInternally.jsm",
+  ExtensionData: "resource://gre/modules/Extension.jsm",
   ExtensionsUI: "resource:///modules/ExtensionsUI.jsm",
   FirefoxMonitor: "resource:///modules/FirefoxMonitor.jsm",
   FxAccounts: "resource://gre/modules/FxAccounts.jsm",
@@ -1390,6 +1398,35 @@ BrowserGlue.prototype = {
   "resource://builtin-themes/alpenglow/"
 );
 
+// Install https-everywhere builtin addon if needed.
+(async () => {
+  const HTTPS_EVERYWHERE_ID = "https-everywhere-...@eff.org";
+  const HTTPS_EVERYWHERE_BUILTIN_URL =
+"resource://torbutton/content/extensions/https-everywhere/";
+  // This does something similar as GeckoViewWebExtension.jsm: it tries
+  // to load the manifest to retrieve the version of the builtin and
+  // compares it to the currently installed one to see whether we need
+  // to install or not. Here we delegate that to
+  // AddonManager.maybeInstallBuiltinAddon.
+  try {
+const resolvedURI = Services.io.newURI(
+  resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL))
+);
+const extensionData = new ExtensionData(resolvedURI);
+const manifest = await extensionData.loadManifest();
+
+await AddonManager.maybeInstallBuiltinAddon(
+  HTTPS_EVERYWHERE_ID,
+  manifest.version,
+  HTTPS_EVERYWHERE_BUILTIN_URL
+);
+  } catch (e) {
+const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader");
+log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter()));
+log.error("Could not install https-everywhere extension", e);
+  }
+})();
+
 if (AppConstants.MOZ_NORMANDY) {
   Normandy.init();
 }
diff --git a/toolkit/components/extensions/Extension.jsm 
b/toolkit/components/extensions/Extension.jsm
index 54c8478a686b..8c5b79055186 100644
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@@ -212,6 +212,7 @@ const LOGGER_ID_BASE = "addons.webextension.";
 const UUID_MAP_PREF = "extensions.webextensions.uuids";
 const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall";
 const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall";
+const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-...@eff.org"]);
 
 const COMMENT_REGEXP = new RegExp(
   String.raw`
@@ -358,7 +359,8 @@ var ExtensionAddonObserver = {
   );
 }
 
-if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) &&
+  !PERSISTENT_EXTENSIONS.has(addon.id)) {
   // Clear browser.storage.local backends.
   AsyncShutdown.profileChangeTeardown.addBlocker(
 `Clear Extension Storage ${addon.id} (File Backend)`,
@@ -406,7 +408,8 @@ var ExtensionAddonObserver = {
 
 ExtensionPermissions.removeAll(addon.id);
 
-if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) {
+if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) &&
+  !PERSISTENT_EXTENSIONS.has(addon.id)) {
   // Clear the entry in the UUID map
   UUIDMap.remove(addon.id);
 }
@@ -2516,7 +2519,8 @@ class Extension extends ExtensionData {
   );
 } else if (
   this.startupReason === "ADDON_INSTALL"

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40198: Expose privacy.spoof_english pref in GeckoView

2020-11-13 Thread sysrqb 
commit 548e31db54e4bf7ad0b8ba8745e166fb5d2ec0f8
Author: Alex Catarineu 
Date:   Sun Oct 18 17:06:04 2020 +0200

Bug 40198: Expose privacy.spoof_english pref in GeckoView
---
 mobile/android/geckoview/api.txt   |  3 ++
 .../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
 2 files changed, 36 insertions(+)

diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index dc1349a96c26..0bfb65a2fb91 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -630,6 +630,7 @@ package org.mozilla.geckoview {
 method public boolean getRemoteDebuggingEnabled();
 method @Nullable public GeckoRuntime getRuntime();
 method @Nullable public Rect getScreenSizeOverride();
+method public boolean getSpoofEnglish();
 method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
 method public int getTorSecurityLevel();
 method public boolean getUseMaxScreenDepth();
@@ -650,6 +651,7 @@ package org.mozilla.geckoview {
 method @NonNull public GeckoRuntimeSettings 
setLoginAutofillEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
 method @NonNull public GeckoRuntimeSettings 
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setSpoofEnglish(boolean);
 method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
 method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
@@ -685,6 +687,7 @@ package org.mozilla.geckoview {
 method @NonNull public GeckoRuntimeSettings.Builder 
preferredColorScheme(int);
 method @NonNull public GeckoRuntimeSettings.Builder 
remoteDebuggingEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings.Builder 
screenSizeOverride(int, int);
+method @NonNull public GeckoRuntimeSettings.Builder spoofEnglish(boolean);
 method @NonNull public GeckoRuntimeSettings.Builder 
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
 method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
 method @NonNull public GeckoRuntimeSettings.Builder 
useMaxScreenDepth(boolean);
diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index b7c080557470..5bad77d4f880 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -468,6 +468,17 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 getSettings().mTorSecurityLevel.set(level);
 return this;
 }
+
+/**
+ * Sets whether we should spoof locale to English for webpages.
+ *
+ * @param flag True if we should spoof locale to English for webpages, 
false otherwise.
+ * @return This Builder instance.
+ */
+public @NonNull Builder spoofEnglish(final boolean flag) {
+getSettings().mSpoofEnglish.set(flag ? 2 : 1);
+return this;
+}
 }
 
 private GeckoRuntime mRuntime;
@@ -520,6 +531,8 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 "signon.autofillForms", true);
 /* package */ final Pref mTorSecurityLevel = new Pref<>(
 "extensions.torbutton.security_slider", 4);
+/* package */ final Pref mSpoofEnglish = new Pref<>(
+"privacy.spoof_english", 0);
 
 /* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
 
@@ -1196,6 +1209,26 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 return this;
 }
 
+/**
+ * Get whether we should spoof locale to English for webpages.
+ *
+ * @return Whether we should spoof locale to English for webpages.
+ */
+public boolean getSpoofEnglish() {
+return mSpoofEnglish.get() == 2;
+}
+
+/**
+ * Set whether we should spoof locale to English for webpages.
+ *
+ * @param flag A flag determining whether we should locale to English for 
webpages.
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setSpoofEnglish(final boolean flag) {
+mSpoofEnglish.commit(flag ? 2 : 1);
+return this;
+}
+
 @Override // Parcelable
 public void writeToParcel(final Parcel out, final int flags) {
 super.writeToParcel(out, flags);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40125: Expose Security Level pref in GeckoView

2020-11-13 Thread sysrqb 
commit 240078e8e0e1f308899f05bea7878773f68804b5
Author: Matthew Finkel 
Date:   Mon Sep 14 02:52:28 2020 +

Bug 40125: Expose Security Level pref in GeckoView
---
 mobile/android/geckoview/api.txt   |  3 ++
 .../mozilla/geckoview/GeckoRuntimeSettings.java| 33 ++
 2 files changed, 36 insertions(+)

diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt
index 50a49a8fec42..dc1349a96c26 100644
--- a/mobile/android/geckoview/api.txt
+++ b/mobile/android/geckoview/api.txt
@@ -631,6 +631,7 @@ package org.mozilla.geckoview {
 method @Nullable public GeckoRuntime getRuntime();
 method @Nullable public Rect getScreenSizeOverride();
 method @Nullable public RuntimeTelemetry.Delegate getTelemetryDelegate();
+method public int getTorSecurityLevel();
 method public boolean getUseMaxScreenDepth();
 method @Deprecated public boolean getUseMultiprocess();
 method public boolean getWebFontsEnabled();
@@ -649,6 +650,7 @@ package org.mozilla.geckoview {
 method @NonNull public GeckoRuntimeSettings 
setLoginAutofillEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings setPreferredColorScheme(int);
 method @NonNull public GeckoRuntimeSettings 
setRemoteDebuggingEnabled(boolean);
+method @NonNull public GeckoRuntimeSettings setTorSecurityLevel(int);
 method @NonNull public GeckoRuntimeSettings setWebFontsEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings setWebManifestEnabled(boolean);
 field public static final int COLOR_SCHEME_DARK = 1;
@@ -684,6 +686,7 @@ package org.mozilla.geckoview {
 method @NonNull public GeckoRuntimeSettings.Builder 
remoteDebuggingEnabled(boolean);
 method @NonNull public GeckoRuntimeSettings.Builder 
screenSizeOverride(int, int);
 method @NonNull public GeckoRuntimeSettings.Builder 
telemetryDelegate(@NonNull RuntimeTelemetry.Delegate);
+method @NonNull public GeckoRuntimeSettings.Builder torSecurityLevel(int);
 method @NonNull public GeckoRuntimeSettings.Builder 
useMaxScreenDepth(boolean);
 method @Deprecated @NonNull public GeckoRuntimeSettings.Builder 
useMultiprocess(boolean);
 method @NonNull public GeckoRuntimeSettings.Builder 
webFontsEnabled(boolean);
diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index a77d36764f53..85517821b59a 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -457,6 +457,17 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 getSettings().mForceUserScalable.set(flag);
 return this;
 }
+
+/**
+ * Set security level.
+ *
+ * @param level A value determining the security level. Default is 0.
+ * @return This Builder instance.
+ */
+public @NonNull Builder torSecurityLevel(final int level) {
+getSettings().mTorSecurityLevel.set(level);
+return this;
+}
 }
 
 private GeckoRuntime mRuntime;
@@ -507,6 +518,8 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 "browser.tabs.remote.autostart", true);
 /* package */ final Pref mAutofillLogins = new Pref(
 "signon.autofillForms", true);
+/* package */ final Pref mTorSecurityLevel = new Pref<>(
+"extensions.torbutton.security_slider", 4);
 
 /* package */ int mPreferredColorScheme = COLOR_SCHEME_SYSTEM;
 
@@ -1157,6 +1170,26 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 return this;
 }
 
+/**
+ * Gets the current security level.
+ *
+ * @return current security protection level
+ */
+public int getTorSecurityLevel() {
+return mTorSecurityLevel.get();
+}
+
+/**
+ * Sets the Tor Security Level.
+ *
+ * @param level security protection level
+ * @return This GeckoRuntimeSettings instance.
+ */
+public @NonNull GeckoRuntimeSettings setTorSecurityLevel(final int level) {
+mTorSecurityLevel.commit(level);
+return this;
+}
+
 @Override // Parcelable
 public void writeToParcel(final Parcel out, final int flags) {
 super.writeToParcel(out, flags);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40073: Disable remote Public Suffix List fetching

2020-11-13 Thread sysrqb 
commit cbeef0bb3c21ccbf7c47138e09314b146939b88c
Author: Alex Catarineu 
Date:   Thu Aug 13 11:05:03 2020 +0200

Bug 40073: Disable remote Public Suffix List fetching

In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented
fetching the Public Suffix List via RemoteSettings and replacing the default
one at runtime, which we do not want.
---
 browser/components/BrowserGlue.jsm | 5 -
 1 file changed, 5 deletions(-)

diff --git a/browser/components/BrowserGlue.jsm 
b/browser/components/BrowserGlue.jsm
index 6b7939575c19..88140a17484e 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -812,7 +812,6 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   PluralForm: "resource://gre/modules/PluralForm.jsm",
   PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm",
   ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm",
-  PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm",
   RemoteSettings: "resource://services-settings/remote-settings.js",
   RemoteSecuritySettings:
 "resource://gre/modules/psm/RemoteSecuritySettings.jsm",
@@ -2740,10 +2739,6 @@ BrowserGlue.prototype = {
 this._addBreachesSyncHandler();
   },
 
-  () => {
-PublicSuffixList.init();
-  },
-
   () => {
 RemoteSecuritySettings.init();
   },



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 1673237 - Always allow SVGs on about: pages r=acat, tjr, emilio

2020-11-13 Thread sysrqb 
commit 00da5c13c4353f44ab2280ee1fd3a3ec888074f3
Author: sanketh 
Date:   Tue Nov 3 17:34:20 2020 +

Bug 1673237 - Always allow SVGs on about: pages r=acat,tjr,emilio

- Updated layout/svg/tests/test_disabled.html to ensure that this doesn't 
allow
  rendering SVGs on about:blank and about:srcdoc.

Differential Revision: https://phabricator.services.mozilla.com/D95139
---
 dom/base/nsNodeInfoManager.cpp | 18 ++---
 layout/svg/tests/file_disabled_iframe.html | 31 +-
 2 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/dom/base/nsNodeInfoManager.cpp b/dom/base/nsNodeInfoManager.cpp
index b0534b661a23..8bc6b0ba2bd6 100644
--- a/dom/base/nsNodeInfoManager.cpp
+++ b/dom/base/nsNodeInfoManager.cpp
@@ -352,9 +352,12 @@ void nsNodeInfoManager::RemoveNodeInfo(NodeInfo* 
aNodeInfo) {
   MOZ_ASSERT(ret, "Can't find mozilla::dom::NodeInfo to remove!!!");
 }
 
-static bool IsSystemOrAddonPrincipal(nsIPrincipal* aPrincipal) {
+static bool IsSystemOrAddonOrAboutPrincipal(nsIPrincipal* aPrincipal) {
   return aPrincipal->IsSystemPrincipal() ||
- BasePrincipal::Cast(aPrincipal)->AddonPolicy();
+ BasePrincipal::Cast(aPrincipal)->AddonPolicy() ||
+ // NOTE: about:blank and about:srcdoc inherit the principal of their
+ // parent, so aPrincipal->SchemeIs("about") returns false for them.
+ aPrincipal->SchemeIs("about");
 }
 
 bool nsNodeInfoManager::InternalSVGEnabled() {
@@ -375,17 +378,18 @@ bool nsNodeInfoManager::InternalSVGEnabled() {
   }
 
   // We allow SVG (regardless of the pref) if this is a system or add-on
-  // principal, or if this load was requested for a system or add-on principal
-  // (e.g. a remote image being served as part of system or add-on UI)
+  // principal or about: page, or if this load was requested for a system or
+  // add-on principal or about: page (e.g. a remote image being served as part
+  // of system or add-on UI or about: page)
   bool conclusion =
-  (SVGEnabled || IsSystemOrAddonPrincipal(mPrincipal) ||
+  (SVGEnabled || IsSystemOrAddonOrAboutPrincipal(mPrincipal) ||
(loadInfo &&
 (loadInfo->GetExternalContentPolicyType() ==
  nsIContentPolicy::TYPE_IMAGE ||
  loadInfo->GetExternalContentPolicyType() ==
  nsIContentPolicy::TYPE_OTHER) &&
-(IsSystemOrAddonPrincipal(loadInfo->GetLoadingPrincipal()) ||
- IsSystemOrAddonPrincipal(loadInfo->TriggeringPrincipal();
+(IsSystemOrAddonOrAboutPrincipal(loadInfo->GetLoadingPrincipal()) ||
+ IsSystemOrAddonOrAboutPrincipal(loadInfo->TriggeringPrincipal();
   mSVGEnabled = Some(conclusion);
   return conclusion;
 }
diff --git a/layout/svg/tests/file_disabled_iframe.html 
b/layout/svg/tests/file_disabled_iframe.html
index 6feae3024730..55eda75fdefb 100644
--- a/layout/svg/tests/file_disabled_iframe.html
+++ b/layout/svg/tests/file_disabled_iframe.html
@@ -48,5 +48,34 @@
   t.firstChild.firstChild.textContent = "1&2<3>4\xA0";
   is(t.innerHTML,

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView

2020-11-13 Thread sysrqb 
commit 31ffd7ae148e201a2faa5659f5569cce58fe8d12
Author: Alex Catarineu 
Date:   Tue Oct 20 17:44:36 2020 +0200

Bug 40199: Avoid using system locale for intl.accept_languages in GeckoView
---
 .../mozilla/geckoview/GeckoRuntimeSettings.java| 26 +-
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
index 85517821b59a..b7c080557470 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntimeSettings.java
@@ -783,19 +783,25 @@ public final class GeckoRuntimeSettings extends 
RuntimeSettings {
 private String computeAcceptLanguages() {
 ArrayList locales = new ArrayList();
 
-// Explicitly-set app prefs come first:
-if (mRequestedLocales != null) {
-for (String locale : mRequestedLocales) {
-locales.add(locale.toLowerCase());
-}
-}
-// OS prefs come second:
-for (String locale : getDefaultLocales()) {
-locale = locale.toLowerCase();
-if (!locales.contains(locale)) {
+// In Desktop, these are defined in the `intl.accept_languages` 
localized property.
+// At some point we should probably use the same values here, but for 
now we use a simple
+// strategy which will hopefully result in reasonable acceptLanguage 
values.
+if (mRequestedLocales != null && mRequestedLocales.length > 0) {
+String locale = mRequestedLocales[0].toLowerCase();
+// No need to include `en-us` twice.
+if (!locale.equals("en-us")) {
 locales.add(locale);
+if (locale.contains("-")) {
+String lang = locale.split("-")[0];
+// No need to include `en` twice.
+if (!lang.equals("en")) {
+locales.add(lang);
+}
+}
 }
 }
+locales.add("en-us");
+locales.add("en");
 
 return TextUtils.join(",", locales);
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40002: Remove about:ion

2020-11-13 Thread sysrqb 
commit 90ebca435e2baad9e8170c1a89f0a762424ed273
Author: Kathy Brade 
Date:   Fri Aug 14 09:06:33 2020 -0400

Bug 40002: Remove about:ion

Firefox Ion (previously Firefox Pioneer) is an opt-in program in which 
people
volunteer to participate in studies that collect detailed, sensitive data 
about
how they use their browser.
---
 browser/components/about/AboutRedirector.cpp | 2 --
 browser/components/about/components.conf | 1 -
 2 files changed, 3 deletions(-)

diff --git a/browser/components/about/AboutRedirector.cpp 
b/browser/components/about/AboutRedirector.cpp
index fb0f42cd4e7f..0f81fab8d7f0 100644
--- a/browser/components/about/AboutRedirector.cpp
+++ b/browser/components/about/AboutRedirector.cpp
@@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = {
  nsIAboutModule::URI_MUST_LOAD_IN_CHILD |
  nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
  nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
-{"ion", "chrome://browser/content/ion.html",
- nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
 #ifdef TOR_BROWSER_UPDATE
 {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml",
  nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
diff --git a/browser/components/about/components.conf 
b/browser/components/about/components.conf
index 290fce3feed9..8e04467c05da 100644
--- a/browser/components/about/components.conf
+++ b/browser/components/about/components.conf
@@ -14,7 +14,6 @@ pages = [
 'logins',
 'newinstall',
 'newtab',
-'ion',
 'pocket-saved',
 'pocket-signup',
 'policies',



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 30605: Honor privacy.spoof_english in Android

2020-11-13 Thread sysrqb 
commit 74eb80dcdb9df1b4471097f75c02939502954e2d
Author: Alex Catarineu 
Date:   Fri Oct 16 10:45:17 2020 +0200

Bug 30605: Honor privacy.spoof_english in Android

This checks `privacy.spoof_english` whenever `setLocales` is
called from Fenix side and sets `intl.accept_languages`
accordingly.
---
 mobile/android/components/geckoview/GeckoViewStartup.jsm | 5 +
 1 file changed, 5 insertions(+)

diff --git a/mobile/android/components/geckoview/GeckoViewStartup.jsm 
b/mobile/android/components/geckoview/GeckoViewStartup.jsm
index 6eaf47ad4440..4a53dcde55c7 100644
--- a/mobile/android/components/geckoview/GeckoViewStartup.jsm
+++ b/mobile/android/components/geckoview/GeckoViewStartup.jsm
@@ -18,6 +18,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   Preferences: "resource://gre/modules/Preferences.jsm",
   SafeBrowsing: "resource://gre/modules/SafeBrowsing.jsm",
   Services: "resource://gre/modules/Services.jsm",
+  RFPHelper: "resource://gre/modules/RFPHelper.jsm",
 });
 
 const { debug, warn } = GeckoViewUtils.initLogging("Startup");
@@ -257,6 +258,10 @@ class GeckoViewStartup {
 if (aData.requestedLocales) {
   Services.locale.requestedLocales = aData.requestedLocales;
 }
+RFPHelper._handleSpoofEnglishChanged();
+if (Services.prefs.getIntPref("privacy.spoof_english", 0) === 2) {
+  break;
+}
 const pls = Cc["@mozilla.org/pref-localizedstring;1"].createInstance(
   Ci.nsIPrefLocalizedString
 );



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 24796 - Comment out excess permissions from GeckoView

2020-11-13 Thread sysrqb 
commit 4d73804869eeb6c0326d45958b30738315c096c4
Author: Matthew Finkel 
Date:   Wed Apr 11 17:52:59 2018 +

Bug 24796 - Comment out excess permissions from GeckoView

The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's
manifest, so we can't use the ifdef preprocessor guards around the
permissions we do not want. Commenting the permissions is the
next-best-thing.
---
 .../android/geckoview/src/main/AndroidManifest.xml   | 20 +---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml 
b/mobile/android/geckoview/src/main/AndroidManifest.xml
index 87ad6dc28047..4c8ab2a9d996 100644
--- a/mobile/android/geckoview/src/main/AndroidManifest.xml
+++ b/mobile/android/geckoview/src/main/AndroidManifest.xml
@@ -6,20 +6,32 @@
 http://schemas.android.com/apk/res/android;
   package="org.mozilla.geckoview">
 
+
+
+
 
 
 
 
+
+
+
 
+
+
+
+
 
 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 21952: Implement Onion-Location

2020-11-13 Thread sysrqb 
commit f61fe38b7145deebccb62922814209fc73b01796
Author: Alex Catarineu 
Date:   Thu Mar 5 22:16:39 2020 +0100

Bug 21952: Implement Onion-Location

Whenever a valid Onion-Location HTTP header (or corresponding HTML
 http-equiv attribute) is found in a document load, we either
redirect to it (if the user opted-in via preference) or notify the
presence of an onionsite alternative with a badge in the urlbar.
---
 browser/base/content/browser.js|  12 ++
 browser/base/content/browser.xhtml |   3 +
 browser/components/BrowserGlue.jsm |  13 ++
 .../onionservices/OnionLocationChild.jsm   |  39 +
 .../onionservices/OnionLocationParent.jsm  | 168 +
 .../content/onionlocation-notification-icons.css   |   5 +
 .../onionservices/content/onionlocation-urlbar.css |  27 
 .../content/onionlocation-urlbar.inc.xhtml |  10 ++
 .../onionservices/content/onionlocation.svg|   3 +
 .../content/onionlocationPreferences.inc.xhtml |  11 ++
 .../content/onionlocationPreferences.js|  31 
 browser/components/onionservices/jar.mn|   2 +
 browser/components/onionservices/moz.build |   2 +
 browser/components/preferences/privacy.inc.xhtml   |   2 +
 browser/components/preferences/privacy.js  |  17 +++
 browser/themes/shared/notification-icons.inc.css   |   2 +
 browser/themes/shared/urlbar-searchbar.inc.css |   2 +
 dom/base/Document.cpp  |  34 -
 dom/base/Document.h|   2 +
 dom/webidl/Document.webidl |   9 ++
 modules/libpref/init/StaticPrefList.yaml   |   5 +
 xpcom/ds/StaticAtoms.py|   1 +
 22 files changed, 399 insertions(+), 1 deletion(-)

diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index 3fd7f4b11adc..f090b2ff2ff5 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -45,6 +45,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
   NetUtil: "resource://gre/modules/NetUtil.jsm",
   NewTabUtils: "resource://gre/modules/NewTabUtils.jsm",
   OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm",
+  OnionLocationParent: "resource:///modules/OnionLocationParent.jsm",
   PageActions: "resource:///modules/PageActions.jsm",
   PageThumbs: "resource://gre/modules/PageThumbs.jsm",
   PanelMultiView: "resource:///modules/PanelMultiView.jsm",
@@ -5455,6 +5456,7 @@ var XULBrowserWindow = {
 Services.obs.notifyObservers(null, "touchbar-location-change", location);
 UpdateBackForwardCommands(gBrowser.webNavigation);
 AboutReaderParent.updateReaderButton(gBrowser.selectedBrowser);
+OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser);
 
 if (!gMultiProcessBrowser) {
   // Bug 1108553 - Cannot rotate images with e10s
@@ -5947,6 +5949,16 @@ var CombinedStopReload = {
 
 var TabsProgressListener = {
   onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) {
+// Clear OnionLocation UI
+if (
+  aStateFlags & Ci.nsIWebProgressListener.STATE_START &&
+  aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK &&
+  aRequest &&
+  aWebProgress.isTopLevel
+) {
+  OnionLocationParent.onStateChange(aBrowser);
+}
+
 // Collect telemetry data about tab load times.
 if (
   aWebProgress.isTopLevel &&
diff --git a/browser/base/content/browser.xhtml 
b/browser/base/content/browser.xhtml
index 3b533b9fb3d9..4ddf4053174e 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -1922,6 +1922,9 @@
onclick="FullZoom.reset(); FullZoom.resetScalingZoom();"
tooltip="dynamic-shortcut-tooltip"
hidden="true"/>
+
+#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml
+
 
  {},
+};
+
+const options = {
+  autofocus: true,
+  persistent: true,
+  removeOnDismissal: false,
+  eventCallback(aTopic) {
+if (aTopic === "removed") {
+  delete browser._onionLocationPrompt;
+  delete browser.onionpopupnotificationanchor;
+}
+  },
+  learnMoreURL: NOTIFICATION_LEARN_MORE_URL,
+  displayURI: {
+hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have 
a title without extra markup/css.
+  },
+  hideClose: true,
+  popupIconClass: "onionlocation-notification-icon",
+};
+
+// A hacky way of setting the popup anchor outside the usual url bar icon 
box
+// onionlocationpopupnotificationanchor comes from 
`${ANCHOR_ID}popupnotificationanchor`
+// From 
https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c44301a/browser/components/newtab/lib/CFRPageActions.jsm#488
+browser.onionlocationpopupnotificationanchor =

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40025: Remove Mozilla add-on install permissions

2020-11-13 Thread sysrqb 
commit ec0bf00d0280f96e29203d87cdc6ad8ed3e97bec
Author: Alex Catarineu 
Date:   Mon Jul 27 18:12:55 2020 +0200

Bug 40025: Remove Mozilla add-on install permissions
---
 browser/app/permissions | 5 -
 1 file changed, 5 deletions(-)

diff --git a/browser/app/permissions b/browser/app/permissions
index 4938bd1e22e5..5c4c302f5ba5 100644
--- a/browser/app/permissions
+++ b/browser/app/permissions
@@ -11,11 +11,6 @@
 origin uitour  1   https://3g2upl4pq6kufc4m.onion
 origin uitour  1   about:tor
 
-# XPInstall
-origin install 1   https://addons.mozilla.org
-
 # Remote troubleshooting
 origin remote-troubleshooting  1   https://support.mozilla.org
 
-# addon install
-origin install 1   https://fpn.firefox.com



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 25741 - TBA: Disable GeckoNetworkManager

2020-11-13 Thread sysrqb 
commit ad1d6b0cba831c01e3f087a2c0f05f1fa0ae61ea
Author: Matthew Finkel 
Date:   Thu Apr 26 22:22:51 2018 +

Bug 25741 - TBA: Disable GeckoNetworkManager

The browser should not need information related to the network
interface or network state, tor should take care of that.
---
 .../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
index 678a8cbfe868..6274917fc895 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java
@@ -123,7 +123,9 @@ public final class GeckoRuntime implements Parcelable {
 mPaused = false;
 // Monitor network status and send change notifications to Gecko
 // while active.
-
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+
GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext());
+}
 }
 
 @OnLifecycleEvent(Lifecycle.Event.ON_PAUSE)
@@ -131,7 +133,9 @@ public final class GeckoRuntime implements Parcelable {
 Log.d(LOGTAG, "Lifecycle: onPause");
 mPaused = true;
 // Stop monitoring network status while inactive.
-GeckoNetworkManager.getInstance().stop();
+if (BuildConfig.TOR_BROWSER_VERSION == "") {
+GeckoNetworkManager.getInstance().stop();
+}
 GeckoThread.onPause();
 }
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 32220: Improve the letterboxing experience

2020-11-13 Thread sysrqb 
commit 767a66cf844955d375017b7de1ab06b439457029
Author: Richard Pospesel 
Date:   Mon Oct 28 17:42:17 2019 -0700

Bug 32220: Improve the letterboxing experience

CSS and JS changes to alter the UX surrounding letterboxing. The
browser element containing page content is now anchored to the bottom
of the toolbar, and the remaining letterbox margin is the same color
as the firefox chrome. The letterbox margin and border are tied to
the currently selected theme.

Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race
condition present when using the 'isEmpty' property. Using 'isEmpty'
as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary
letterboxing of about:blank tabs.
---
 browser/base/content/browser.css   |  8 ++
 browser/base/content/tabbrowser-tab.js |  9 +++
 browser/themes/shared/tabs.inc.css |  6 ++
 .../components/resistfingerprinting/RFPHelper.jsm  | 94 +++---
 4 files changed, 105 insertions(+), 12 deletions(-)

diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css
index 0cce45d4a291..ffd741cde7b7 100644
--- a/browser/base/content/browser.css
+++ b/browser/base/content/browser.css
@@ -85,6 +85,14 @@ body {
   display: none;
 }
 
+
+.browserStack > browser.letterboxing {
+  border-color: var(--chrome-content-separator-color);
+  border-style: solid;
+  border-width : 1px;
+  border-top: none;
+}
+
 %ifdef MENUBAR_CAN_AUTOHIDE
 #toolbar-menubar[autohide="true"] {
   overflow: hidden;
diff --git a/browser/base/content/tabbrowser-tab.js 
b/browser/base/content/tabbrowser-tab.js
index 2bc18e4d7320..10e678bb1950 100644
--- a/browser/base/content/tabbrowser-tab.js
+++ b/browser/base/content/tabbrowser-tab.js
@@ -225,6 +225,15 @@
   return true;
 }
 
+get needsLetterbox() {
+  let browser = this.linkedBrowser;
+  if (isBlankPageURL(browser.currentURI.spec)) {
+return false;
+  }
+
+  return true;
+}
+
 get lastAccessed() {
   return this._lastAccessed == Infinity ? Date.now() : this._lastAccessed;
 }
diff --git a/browser/themes/shared/tabs.inc.css 
b/browser/themes/shared/tabs.inc.css
index 47697d24cfb3..8025dd34a43a 100644
--- a/browser/themes/shared/tabs.inc.css
+++ b/browser/themes/shared/tabs.inc.css
@@ -33,6 +33,12 @@
   background-color: #f9f9fa;
 }
 
+/* extend down the toolbar's colors when letterboxing is enabled*/
+#tabbrowser-tabpanels.letterboxing {
+  background-color: var(--toolbar-bgcolor);
+  background-image: var(--toolbar-bgimage);
+}
+
 :root[privatebrowsingmode=temporary] #tabbrowser-tabpanels {
   /* Value for --in-content-page-background in aboutPrivateBrowsing.css */
   background-color: #25003e;
diff --git a/toolkit/components/resistfingerprinting/RFPHelper.jsm 
b/toolkit/components/resistfingerprinting/RFPHelper.jsm
index 166ad21e9013..9520d8720631 100644
--- a/toolkit/components/resistfingerprinting/RFPHelper.jsm
+++ b/toolkit/components/resistfingerprinting/RFPHelper.jsm
@@ -40,6 +40,7 @@ class _RFPHelper {
   // 

   constructor() {
 this._initialized = false;
+this._borderDimensions = null;
   }
 
   init() {
@@ -361,6 +362,24 @@ class _RFPHelper {
 });
   }
 
+  getBorderDimensions(aBrowser) {
+if (this._borderDimensions) {
+  return this._borderDimensions;
+}
+
+const win = aBrowser.ownerGlobal;
+const browserStyle = win.getComputedStyle(aBrowser);
+
+this._borderDimensions = {
+  top : parseInt(browserStyle.borderTopWidth),
+  right: parseInt(browserStyle.borderRightWidth),
+  bottom : parseInt(browserStyle.borderBottomWidth),
+  left : parseInt(browserStyle.borderLeftWidth),
+};
+
+return this._borderDimensions;
+  }
+
   _addOrClearContentMargin(aBrowser) {
 let tab = aBrowser.getTabBrowser().getTabForBrowser(aBrowser);
 
@@ -369,9 +388,13 @@ class _RFPHelper {
   return;
 }
 
+// we add the letterboxing class even if the content does not need 
letterboxing
+// in which case margins are set such that the borders are hidden
+aBrowser.classList.add("letterboxing");
+
 // We should apply no margin around an empty tab or a tab with system
 // principal.
-if (tab.isEmpty || aBrowser.contentPrincipal.isSystemPrincipal) {
+if (!tab.needsLetterbox || aBrowser.contentPrincipal.isSystemPrincipal) {
   this._clearContentViewMargin(aBrowser);
 } else {
   this._roundContentView(aBrowser);
@@ -539,10 +562,29 @@ class _RFPHelper {
 // Calculating the margins around the browser element in order to round the
 // content viewport. We will use a 200x100 stepping if the dimension set
 // is not given.
-let margins = calcMargins(containerWidth, containerHeight);
+
+const borderDimensions = this.getBorderDimensions(aBrowser);
+const marginDims =

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 31740: Remove some unnecessary RemoteSettings instances

2020-11-13 Thread sysrqb 
commit a35c40c489936f317e296e4fabbc71b72fe34266
Author: Alex Catarineu 
Date:   Wed Oct 16 23:01:12 2019 +0200

Bug 31740: Remove some unnecessary RemoteSettings instances

More concretely, SearchService.jsm 'hijack-blocklists' and
url-classifier-skip-urls.

Avoid creating instance for 'anti-tracking-url-decoration'.

If prefs are disabling their usage, avoid creating instances for
'cert-revocations' and 'intermediates'.

Do not ship JSON dumps for collections we do not expect to need. For
the ones in the 'main' bucket, this prevents them from being synced
unnecessarily (the code in remote-settings does so for collections
in the main bucket for which a dump or local data exists). For the
collections in the other buckets, we just save some size by not
shipping their dumps.

We also clear the collections database on the v2 -> v3 migration.
---
 browser/app/profile/000-tor-browser.js |  3 +++
 browser/components/search/SearchTelemetry.jsm  |  6 --
 .../url-classifier/UrlClassifierFeatureBase.cpp|  2 +-
 netwerk/url-classifier/components.conf |  6 --
 security/manager/ssl/RemoteSecuritySettings.jsm| 22 ++
 services/settings/IDBHelpers.jsm   |  4 
 services/settings/dumps/blocklists/moz.build   |  1 -
 services/settings/dumps/main/moz.build |  7 ---
 services/settings/dumps/security-state/moz.build   |  1 -
 .../components/antitracking/antitracking.manifest  |  2 +-
 toolkit/components/antitracking/components.conf|  7 ---
 toolkit/components/search/SearchService.jsm|  2 --
 12 files changed, 31 insertions(+), 32 deletions(-)

diff --git a/browser/app/profile/000-tor-browser.js 
b/browser/app/profile/000-tor-browser.js
index 241fb152b013..d7c7d366b24d 100644
--- a/browser/app/profile/000-tor-browser.js
+++ b/browser/app/profile/000-tor-browser.js
@@ -149,6 +149,9 @@ pref("extensions.fxmonitor.enabled", false);
 pref("signon.management.page.mobileAndroidURL", "");
 pref("signon.management.page.mobileAppleURL", "");
 
+// Disable remote "password recipes"
+pref("signon.recipes.remoteRecipesEnabled", false);
+
 // Disable ServiceWorkers and push notifications by default
 pref("dom.serviceWorkers.enabled", false);
 pref("dom.push.enabled", false);
diff --git a/browser/components/search/SearchTelemetry.jsm 
b/browser/components/search/SearchTelemetry.jsm
index deb76de6fc41..f07b5f974bd0 100644
--- a/browser/components/search/SearchTelemetry.jsm
+++ b/browser/components/search/SearchTelemetry.jsm
@@ -88,13 +88,7 @@ class TelemetryHandler {
   return;
 }
 
-this._telemetrySettings = RemoteSettings(TELEMETRY_SETTINGS_KEY);
 let rawProviderInfo = [];
-try {
-  rawProviderInfo = await this._telemetrySettings.get();
-} catch (ex) {
-  logConsole.error("Could not get settings:", ex);
-}
 
 // Send the provider info to the child handler.
 this._contentHandler.init(rawProviderInfo);
diff --git a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp 
b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
index 07da1fd07374..48bcc7d10af9 100644
--- a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
+++ b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp
@@ -78,7 +78,7 @@ void UrlClassifierFeatureBase::InitializePreferences() {
 
   nsCOMPtr exceptionListService =
   do_GetService("@mozilla.org/url-classifier/exception-list-service;1");
-  if (NS_WARN_IF(!exceptionListService)) {
+  if (!exceptionListService) {
 return;
   }
 
diff --git a/netwerk/url-classifier/components.conf 
b/netwerk/url-classifier/components.conf
index 03a02f0ebeab..b2e667247317 100644
--- a/netwerk/url-classifier/components.conf
+++ b/netwerk/url-classifier/components.conf
@@ -13,10 +13,4 @@ Classes = [
 'constructor': 'mozilla::net::ChannelClassifierService::GetSingleton',
 'headers': ['mozilla/net/ChannelClassifierService.h'],
 },
-{
-'cid': '{b9f4fd03-9d87-4bfd-9958-85a821750ddc}',
-'contract_ids': 
['@mozilla.org/url-classifier/exception-list-service;1'],
-'jsm': 'resource://gre/modules/UrlClassifierExceptionListService.jsm',
-'constructor': 'UrlClassifierExceptionListService',
-},
 ]
diff --git a/security/manager/ssl/RemoteSecuritySettings.jsm 
b/security/manager/ssl/RemoteSecuritySettings.jsm
index 3fedd43ed9be..fd2b69bc6a4f 100644
--- a/security/manager/ssl/RemoteSecuritySettings.jsm
+++ b/security/manager/ssl/RemoteSecuritySettings.jsm
@@ -350,6 +350,16 @@ var RemoteSecuritySettings = {
 
 class IntermediatePreloads {
   constructor() {
+this.maybeInit();
+  }
+
+  maybeInit() {
+if (
+  this.client ||
+  !Services.prefs.getBoolPref(INTERMEDIATES_ENABLED_PREF, true)
+) {
+  return;
+}
 this.client = RemoteSettings(
   Services.prefs.getCharPref(INTERMEDIATES_COLLECTION_PREF),
   {
@@ -379,6 +389,7 @@ class

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.

2020-11-13 Thread sysrqb 
commit f88c00eb9e689a7af8175e50cd1396496ca955ae
Author: Kathy Brade 
Date:   Tue Jul 14 11:15:07 2020 -0400

Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.

Hide elements on about:logins that mention sync, "Firefox LockWise", and
Mozilla's LockWise mobile apps.

Disable the "Create New Login" button when security.nocertdb is true.
---
 browser/components/aboutlogins/AboutLoginsParent.jsm   |  2 ++
 browser/components/aboutlogins/content/aboutLogins.css |  8 +++-
 browser/components/aboutlogins/content/aboutLogins.js  |  6 ++
 .../aboutlogins/content/components/fxaccounts-button.css   |  5 +
 .../components/aboutlogins/content/components/menu-button.css  | 10 ++
 5 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm 
b/browser/components/aboutlogins/AboutLoginsParent.jsm
index f411c4465f8f..bd0d97c90c6d 100644
--- a/browser/components/aboutlogins/AboutLoginsParent.jsm
+++ b/browser/components/aboutlogins/AboutLoginsParent.jsm
@@ -63,6 +63,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync";
 const HIDE_MOBILE_FOOTER_PREF = "signon.management.page.hideMobileFooter";
 const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF =
   "signon.management.page.showPasswordSyncNotification";
+const NOCERTDB_PREF = "security.nocertdb";
 
 // about:logins will always use the privileged content process,
 // even if it is disabled for other consumers such as about:newtab.
@@ -432,6 +433,7 @@ class AboutLoginsParent extends JSWindowActorParent {
 importVisible:
   Services.policies.isAllowed("profileImport") &&
   AppConstants.platform != "linux",
+canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false),
   });
 
   await AboutLogins._sendAllLoginRelatedObjects(
diff --git a/browser/components/aboutlogins/content/aboutLogins.css 
b/browser/components/aboutlogins/content/aboutLogins.css
index 7ed29bda8297..dca63da2e649 100644
--- a/browser/components/aboutlogins/content/aboutLogins.css
+++ b/browser/components/aboutlogins/content/aboutLogins.css
@@ -69,6 +69,11 @@ login-item {
   grid-area: login;
 }
 
+/* Do not promote Mozilla Sync in Tor Browser. */
+login-intro {
+  display: none !important;
+}
+
 #branding-logo {
   flex-basis: var(--sidebar-width);
   flex-shrink: 0;
@@ -83,7 +88,8 @@ login-item {
   }
 }
 
-:root:not(.official-branding) #branding-logo {
+/* Hide "Firefox LockWise" branding in Tor Browser. */
+#branding-logo {
   visibility: hidden;
 }
 
diff --git a/browser/components/aboutlogins/content/aboutLogins.js 
b/browser/components/aboutlogins/content/aboutLogins.js
index a08427b0ae09..1669fba678bd 100644
--- a/browser/components/aboutlogins/content/aboutLogins.js
+++ b/browser/components/aboutlogins/content/aboutLogins.js
@@ -19,6 +19,9 @@ const gElements = {
   get loginFooter() {
 return this.loginItem.shadowRoot.querySelector("login-footer");
   },
+  get createNewLoginButton() {
+return this.loginList.shadowRoot.querySelector(".create-login-button");
+  },
 };
 
 let numberOfLogins = 0;
@@ -100,6 +103,9 @@ window.addEventListener("AboutLoginsChromeToContent", event 
=> {
   gElements.loginList.setSortDirection(event.detail.value.selectedSort);
   document.documentElement.classList.add("initialized");
   gElements.loginList.classList.add("initialized");
+  if (!event.detail.value.canCreateLogins) {
+gElements.createNewLoginButton.disabled = true;
+  }
   break;
 }
 case "ShowLoginItemError": {
diff --git 
a/browser/components/aboutlogins/content/components/fxaccounts-button.css 
b/browser/components/aboutlogins/content/components/fxaccounts-button.css
index e63192a98e3a..c59eda2dec56 100644
--- a/browser/components/aboutlogins/content/components/fxaccounts-button.css
+++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css
@@ -8,6 +8,11 @@
   align-items: center;
 }
 
+/* Do not promote Mozilla Sync in Tor Browser. */
+.logged-out-view {
+  display: none !important;
+}
+
 .fxaccounts-extra-text {
   /* Only show at most 3 lines of text to limit the
  text from overflowing the header. */
diff --git a/browser/components/aboutlogins/content/components/menu-button.css 
b/browser/components/aboutlogins/content/components/menu-button.css
index f500edd5ae70..9cb663dc424c 100644
--- a/browser/components/aboutlogins/content/components/menu-button.css
+++ b/browser/components/aboutlogins/content/components/menu-button.css
@@ -89,3 +89,13 @@
 .menuitem-mobile-android {
   background-image: url("chrome://browser/skin/logo-android.svg");
 }
+
+/*
+ * Do not promote LockWise mobile apps in Tor Browser: hide the menu items
+ * and the separator line that precedes them.
+ */
+.menuitem-mobile-android,
+.menuitem-mobile-ios,
+button[data-event-name="AboutLoginsGetHelp"] + hr {
+  display: none !important;
+}

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 28125 - Prevent non-Necko network connections

2020-11-13 Thread sysrqb 
commit 9c653f4f01560fc14a3529042960298c905cec68
Author: Matthew Finkel 
Date:   Thu Oct 25 19:17:09 2018 +

Bug 28125 - Prevent non-Necko network connections
---
 .../gecko/media/GeckoMediaDrmBridgeV21.java| 49 +-
 .../exoplayer2/upstream/DefaultHttpDataSource.java | 47 ++---
 2 files changed, 4 insertions(+), 92 deletions(-)

diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
index 3ba59bfd6776..eb57b1013642 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
@@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements 
GeckoMediaDrm {
 
 @Override
 protected Void doInBackground(final Void... params) {
-HttpURLConnection urlConnection = null;
-BufferedReader in = null;
-try {
-URI finalURI = new URI(mURL + "=" + 
URLEncoder.encode(new String(mDrmRequest), "UTF-8"));
-urlConnection = (HttpURLConnection) 
ProxySelector.openConnectionWithProxy(finalURI);
-urlConnection.setRequestMethod("POST");
-if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + 
finalURI.toString());
-
-// Add data
-urlConnection.setRequestProperty("Accept", "*/*");
-urlConnection.setRequestProperty("User-Agent", 
getCDMUserAgent());
-urlConnection.setRequestProperty("Content-Type", 
"application/json");
-
-// Execute HTTP Post Request
-urlConnection.connect();
-
-int responseCode = urlConnection.getResponseCode();
-if (responseCode == HttpURLConnection.HTTP_OK) {
-in = new BufferedReader(new 
InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8));
-String inputLine;
-StringBuffer response = new StringBuffer();
-
-while ((inputLine = in.readLine()) != null) {
-response.append(inputLine);
-}
-in.close();
-mResponseBody = 
String.valueOf(response).getBytes(StringUtils.UTF_8);
-if (DEBUG) Log.d(LOGTAG, "Provisioning, response 
received.");
-if (mResponseBody != null) Log.d(LOGTAG, "response 
length=" + mResponseBody.length);
-} else {
-Log.d(LOGTAG, "Provisioning, server returned HTTP error 
code :" + responseCode);
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Got exception during posting provisioning 
request ...", e);
-} catch (URISyntaxException e) {
-Log.e(LOGTAG, "Got exception during creating uri ...", e);
-} finally {
-if (urlConnection != null) {
-urlConnection.disconnect();
-}
-try {
-if (in != null) {
-in.close();
-}
-} catch (IOException e) {
-Log.e(LOGTAG, "Exception during closing in ...", e);
-}
-}
+Log.i(LOGTAG, "This is Tor Browser. Skipping.");
 return null;
 }
 
diff --git 
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
 
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
index 6e5095b0a4c9..a585e283ed4e 100644
--- 
a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
+++ 
b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
@@ -46,6 +46,7 @@ import java.util.regex.Pattern;
 import java.util.zip.GZIPInputStream;
 
 import org.mozilla.gecko.util.ProxySelector;
+
 /**
  * An {@link HttpDataSource} that uses Android's {@link HttpURLConnection}.
  *
@@ -516,50 +517,8 @@ public class DefaultHttpDataSource extends BaseDataSource 
implements HttpDataSou
   boolean followRedirects,
   Map requestParameters)
   throws IOException, URISyntaxException {
-/**
- * Tor Project modified the way the connection object was created. For the 
sake of
- * simplicity, instead of duplicating the whole file we changed the 
connection object
- * to use the ProxySelector.
- */
-HttpURLConnection connection = (HttpURLConnection) 
ProxySelector.openConnectionWithProxy(url.toURI());
-
-

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 32418: Allow updates to be disabled via an enterprise policy.

2020-11-13 Thread sysrqb 
commit 598cd0778e9db21e6270e619cd377f2121255bc9
Author: Kathy Brade 
Date:   Thu Apr 16 17:07:09 2020 -0400

Bug 32418: Allow updates to be disabled via an enterprise policy.

Restrict the Enterprise Policies mechanism to only consult a
policies.json file (avoiding the Windows Registry and macOS's
file system attributes).

Add a few disabledByPolicy() checks to the update service to
avoid extraneous (and potentially confusing) log messages when
updates are disabled by policy.

Sample content for distribution/policies.json:
{
  "policies": {
"DisableAppUpdate": true
  }
}

On Linux, avoid reading policies from /etc/firefox/policies/policies.json
---
 .../enterprisepolicies/EnterprisePoliciesParent.jsm  | 14 --
 toolkit/components/enterprisepolicies/moz.build  |  3 +++
 toolkit/mozapps/update/UpdateService.jsm | 20 
 3 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm 
b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
index 8b0a5170cbdd..38e2c2b36a24 100644
--- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
+++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
@@ -4,6 +4,10 @@
 
 var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"];
 
+// To ensure that policies intended for Firefox or another browser will not
+// be used, Tor Browser only looks for policies in ${InstallDir}/distribution
+#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION
+
 const { XPCOMUtils } = ChromeUtils.import(
   "resource://gre/modules/XPCOMUtils.jsm"
 );
@@ -13,9 +17,11 @@ const { AppConstants } = ChromeUtils.import(
 );
 
 XPCOMUtils.defineLazyModuleGetters(this, {
+#ifndef AVOID_SYSTEM_POLICIES
   WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm",
   macOSPoliciesParser:
 "resource://gre/modules/policies/macOSPoliciesParser.jsm",
+#endif
   Policies: "resource:///modules/policies/Policies.jsm",
   JsonSchemaValidator:
 "resource://gre/modules/components-utils/JsonSchemaValidator.jsm",
@@ -137,6 +143,7 @@ EnterprisePoliciesManager.prototype = {
 
   _chooseProvider() {
 let provider = null;
+#ifndef AVOID_SYSTEM_POLICIES
 if (AppConstants.platform == "win") {
   provider = new WindowsGPOPoliciesProvider();
 } else if (AppConstants.platform == "macosx") {
@@ -145,6 +152,7 @@ EnterprisePoliciesManager.prototype = {
 if (provider && provider.hasPolicies) {
   return provider;
 }
+#endif
 
 provider = new JSONPoliciesProvider();
 if (provider.hasPolicies) {
@@ -495,7 +503,7 @@ class JSONPoliciesProvider {
 
   _getConfigurationFile() {
 let configFile = null;
-
+#ifndef AVOID_SYSTEM_POLICIES
 if (AppConstants.platform == "linux") {
   let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance(
 Ci.nsIFile
@@ -508,7 +516,7 @@ class JSONPoliciesProvider {
 return systemConfigFile;
   }
 }
-
+#endif
 try {
   let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false);
   if (perUserPath) {
@@ -589,6 +597,7 @@ class JSONPoliciesProvider {
   }
 }
 
+#ifndef AVOID_SYSTEM_POLICIES
 class WindowsGPOPoliciesProvider {
   constructor() {
 this._policies = null;
@@ -654,3 +663,4 @@ class macOSPoliciesProvider {
 return this._failed;
   }
 }
+#endif
diff --git a/toolkit/components/enterprisepolicies/moz.build 
b/toolkit/components/enterprisepolicies/moz.build
index 284089594b2f..b0485aade0e8 100644
--- a/toolkit/components/enterprisepolicies/moz.build
+++ b/toolkit/components/enterprisepolicies/moz.build
@@ -21,6 +21,9 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] != "android":
 EXTRA_JS_MODULES += [
 'EnterprisePolicies.jsm',
 'EnterprisePoliciesContent.jsm',
+]
+
+EXTRA_PP_JS_MODULES += [
 'EnterprisePoliciesParent.jsm',
 ]
 
diff --git a/toolkit/mozapps/update/UpdateService.jsm 
b/toolkit/mozapps/update/UpdateService.jsm
index 2eb0038c9a1a..7fc19777182f 100644
--- a/toolkit/mozapps/update/UpdateService.jsm
+++ b/toolkit/mozapps/update/UpdateService.jsm
@@ -2841,6 +2841,10 @@ UpdateService.prototype = {
   _checkForBackgroundUpdates: function AUS__checkForBackgroundUpdates(
 isNotify
   ) {
+if (this.disabledByPolicy) {
+  return;
+}
+
 this._isNotify = isNotify;
 
 // Histogram IDs:
@@ -3343,6 +3347,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
   get canApplyUpdates() {
+if (this.disabledByPolicy) {
+  LOG(
+"UpdateService.canApplyUpdates - unable to apply updates, " +
+  "the option has been disabled by the administrator."
+  );
+  return false;
+}
+
 return getCanApplyUpdates() && hasUpdateMutex();
   },
 
@@ -3350,6 +3362,14 @@ UpdateService.prototype = {
* See nsIUpdateService.idl
*/
   get

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 28005: Implement .onion alias urlbar rewrites

2020-11-13 Thread sysrqb 
commit 112d3dcea13d763f41270f9a95a4065b5d1ea002
Author: Alex Catarineu 
Date:   Thu Feb 13 13:24:33 2020 +0100

Bug 28005: Implement .onion alias urlbar rewrites

A custom HTTPS Everywhere update channel is installed,
which provides rules for locally redirecting some memorable
.tor.onion URLs to non-memorable .onion URLs.

When these redirects occur, we also rewrite the URL in the urlbar
to display the human-memorable hostname instead of the actual
.onion.

Bug 34196: Update site info URL with the onion name
---
 browser/actors/ClickHandlerChild.jsm   |  20 ++
 browser/actors/ClickHandlerParent.jsm  |   1 +
 browser/actors/ContextMenuChild.jsm|   4 +
 browser/base/content/browser-places.js |  12 +-
 browser/base/content/browser-siteIdentity.js   |  12 +-
 browser/base/content/browser.js|  43 -
 browser/base/content/nsContextMenu.js  |  18 ++
 browser/base/content/pageinfo/pageInfo.js  |   2 +-
 browser/base/content/pageinfo/pageInfo.xhtml   |  10 +
 browser/base/content/pageinfo/security.js  |  17 +-
 browser/base/content/tabbrowser.js |   7 +
 browser/base/content/utilityOverlay.js |  12 ++
 browser/components/BrowserGlue.jsm |   8 +
 .../onionservices/ExtensionMessaging.jsm   |  77 
 .../onionservices/HttpsEverywhereControl.jsm   | 119 
 .../components/onionservices/OnionAliasStore.jsm   | 201 +
 browser/components/onionservices/moz.build |   6 +
 browser/components/urlbar/UrlbarInput.jsm  |  13 +-
 docshell/base/nsDocShell.cpp   |  52 ++
 docshell/base/nsDocShell.h |   6 +
 docshell/base/nsDocShellLoadState.cpp  |   4 +
 docshell/base/nsIDocShell.idl  |   5 +
 docshell/base/nsIWebNavigation.idl |   5 +
 docshell/shistory/SessionHistoryEntry.cpp  |  14 ++
 docshell/shistory/SessionHistoryEntry.h|   1 +
 docshell/shistory/nsISHEntry.idl   |   5 +
 docshell/shistory/nsSHEntry.cpp|  22 ++-
 docshell/shistory/nsSHEntry.h  |   1 +
 dom/interfaces/base/nsIBrowser.idl |   3 +-
 dom/ipc/BrowserChild.cpp   |   2 +
 dom/ipc/BrowserParent.cpp  |   3 +-
 dom/ipc/PBrowser.ipdl  |   1 +
 modules/libpref/init/StaticPrefList.yaml   |   6 +
 netwerk/dns/effective_tld_names.dat|   2 +
 netwerk/ipc/DocumentLoadListener.cpp   |  10 +
 toolkit/content/widgets/browser-custom-element.js  |  13 +-
 toolkit/modules/sessionstore/SessionHistory.jsm|   5 +
 xpcom/reflect/xptinfo/xptinfo.h|   3 +-
 38 files changed, 722 insertions(+), 23 deletions(-)

diff --git a/browser/actors/ClickHandlerChild.jsm 
b/browser/actors/ClickHandlerChild.jsm
index d5f7f31f3280..1d147bb274f2 100644
--- a/browser/actors/ClickHandlerChild.jsm
+++ b/browser/actors/ClickHandlerChild.jsm
@@ -136,6 +136,26 @@ class ClickHandlerChild extends JSWindowActorChild {
   json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal;
   json.triggeringPrincipal = ownerDoc.nodePrincipal;
 
+  // Check if the link needs to be opened with .tor.onion urlbar rewrites
+  // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true
+  // and the same origin we should allow this.
+  json.onionUrlbarRewritesAllowed = false;
+  if (this.docShell.onionUrlbarRewritesAllowed) {
+const sm = Services.scriptSecurityManager;
+try {
+  let targetURI = Services.io.newURI(href);
+  let isPrivateWin =
+ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0;
+  sm.checkSameOriginURI(
+docshell.currentDocumentChannel.URI,
+targetURI,
+false,
+isPrivateWin
+  );
+  json.onionUrlbarRewritesAllowed = true;
+} catch (e) {}
+  }
+
   // If a link element is clicked with middle button, user wants to open
   // the link somewhere rather than pasting clipboard content.  Therefore,
   // when it's clicked with middle button, we should prevent multiple
diff --git a/browser/actors/ClickHandlerParent.jsm 
b/browser/actors/ClickHandlerParent.jsm
index 75509b95ce7f..06d56624e316 100644
--- a/browser/actors/ClickHandlerParent.jsm
+++ b/browser/actors/ClickHandlerParent.jsm
@@ -99,6 +99,7 @@ class ClickHandlerParent extends JSWindowActorParent {
   charset: browser.characterSet,
   referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo),
   allowMixedContent: data.allowMixedContent,
+  onionUrlbarRewritesAllowed: data.onionUrlbarRewritesAllowed,
   isContentWindowPrivate: data.isContentWindowPrivate,

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 33342: Avoid disconnect search addon error after removal.

2020-11-13 Thread sysrqb 
commit cc79a000fdbe59406a77c02b5f84ff1f23930bf5
Author: Alex Catarineu 
Date:   Fri Mar 13 18:19:30 2020 +0100

Bug 33342: Avoid disconnect search addon error after removal.

We removed the addon in #32767, but it was still being loaded
from addonStartup.json.lz4 and throwing an error on startup
because its resource: location is not available anymore.
---
 toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm 
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 210b548cd0e2..516985d3f5cb 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -970,6 +970,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends 
XPIStateLocation {
   get enumerable() {
 return false;
   }
+
+  restore(saved) {
+super.restore(saved);
+// Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4.
+this.removeAddon("disconn...@search.mozilla.org");
+  }
 })();
 
 /**



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.

2020-11-13 Thread sysrqb 
commit 6b5442a80c6540cf7567b1129cf77d2900af17fe
Author: Amogh Pradeep 
Date:   Fri Jun 12 02:07:45 2015 -0400

Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.

See Bug 1357997 for partial uplift.

Also:
Bug 28051 - Use our Orbot for proxying our connections

Bug 31144 - ESR68 Network Code Review
---
 .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++---
 .../java/org/mozilla/gecko/util/BitmapUtils.java   |  7 ---
 .../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++-
 3 files changed, 59 insertions(+), 41 deletions(-)

diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
index 38a055de4a3d..aa263caf869d 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
@@ -1764,39 +1764,41 @@ public class GeckoAppShell {
 
 @WrapForJNI
 private static URLConnection getConnection(final String url) {
-try {
-String spec;
-if (url.startsWith("android://")) {
-spec = url.substring(10);
-} else {
-spec = url.substring(8);
-}
-
-// Check if we are loading a package icon.
-try {
-if (spec.startsWith("icon/")) {
-String[] splits = spec.split("/");
-if (splits.length != 2) {
-return null;
-}
-final String pkg = splits[1];
-final PackageManager pm = 
getApplicationContext().getPackageManager();
-final Drawable d = pm.getApplicationIcon(pkg);
-final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d);
-return new BitmapConnection(bitmap);
-}
-} catch (Exception ex) {
-Log.e(LOGTAG, "error", ex);
-}
-
-// if the colon got stripped, put it back
-int colon = spec.indexOf(':');
-if (colon == -1 || colon > spec.indexOf('/')) {
-spec = spec.replaceFirst("/", ":/");
-}
-} catch (Exception ex) {
-return null;
-}
+// Bug 31144 - Prevent potential proxy-bypass
+
+//try {
+//String spec;
+//if (url.startsWith("android://")) {
+//spec = url.substring(10);
+//} else {
+//spec = url.substring(8);
+//}
+
+//// Check if we are loading a package icon.
+//try {
+//if (spec.startsWith("icon/")) {
+//String[] splits = spec.split("/");
+//if (splits.length != 2) {
+//return null;
+//}
+//final String pkg = splits[1];
+//final PackageManager pm = 
getApplicationContext().getPackageManager();
+//final Drawable d = pm.getApplicationIcon(pkg);
+//final Bitmap bitmap = 
BitmapUtils.getBitmapFromDrawable(d);
+//return new BitmapConnection(bitmap);
+//}
+//} catch (Exception ex) {
+//Log.e(LOGTAG, "error", ex);
+//}
+
+//// if the colon got stripped, put it back
+//int colon = spec.indexOf(':');
+//if (colon == -1 || colon > spec.indexOf('/')) {
+//spec = spec.replaceFirst("/", ":/");
+//}
+//} catch (Exception ex) {
+//return null;
+//}
 return null;
 }
 
diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
index f8af8561ff1d..2f5501f0965a 100644
--- 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
+++ 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java
@@ -101,13 +101,6 @@ public final class BitmapUtils {
 public static Bitmap decodeUrl(final URL url) {
 InputStream stream = null;
 
-try {
-stream = url.openStream();
-} catch (IOException e) {
-Log.w(LOGTAG, "decodeUrl: IOException downloading " + url);
-return null;
-}
-
 if (stream == null) {
 Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url);
 return null;
diff --git 
a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
 
b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
index 636586b23102..552bf951b51b 100644
---

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 32092: Fix Tor Browser Support link in preferences

2020-11-13 Thread sysrqb 
commit ce395f922b9c0865aaf7891229d58e4f44e9dc89
Author: Alex Catarineu 
Date:   Tue Oct 15 22:54:10 2019 +0200

Bug 32092: Fix Tor Browser Support link in preferences
---
 browser/components/preferences/preferences.js | 5 +
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/browser/components/preferences/preferences.js 
b/browser/components/preferences/preferences.js
index fcb722eea0b2..9e97ca2a2180 100644
--- a/browser/components/preferences/preferences.js
+++ b/browser/components/preferences/preferences.js
@@ -166,10 +166,7 @@ function init_all() {
 
   gotoPref().then(() => {
 let helpButton = document.getElementById("helpButton");
-let helpUrl =
-  Services.urlFormatter.formatURLPref("app.support.baseURL") +
-  "preferences";
-helpButton.setAttribute("href", helpUrl);
+helpButton.setAttribute("href", "https://support.torproject.org/tbb;);
 
 document.getElementById("addonsButton").addEventListener("click", e => {
   if (e.button >= 2) {



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 30237: Add v3 onion services client authentication prompt

2020-11-13 Thread sysrqb 
commit a3f95804082d48781dcac9ca347e497962b8ab12
Author: Kathy Brade 
Date:   Tue Nov 12 16:11:05 2019 -0500

Bug 30237: Add v3 onion services client authentication prompt

When Tor informs the browser that client authentication is needed,
temporarily load about:blank instead of about:neterror and prompt
for the user's key.

If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD
control port command to add the key (via Torbutton's control port
module) and reload the page.

If the user cancels the prompt, display the standard about:neterror
"Unable to connect" page. This requires a small change to
browser/actors/NetErrorChild.jsm to account for the fact that the
docShell no longer has the failedChannel information. The failedChannel
is used to extract TLS-related error info, which is not applicable
in the case of a canceled .onion authentication prompt.

Add a leaveOpen option to PopupNotifications.show so we can display
error messages within the popup notification doorhanger without
closing the prompt.

Add support for onion services strings to the TorStrings module.

Add support for Tor extended SOCKS errors (Tor proposal 304) to the
socket transport and SOCKS layers. Improved display of all of these
errors will be implemented as part of bug 30025.

Also fixes bug 19757:
 Add a "Remember this key" checkbox to the client auth prompt.

 Add an "Onion Services Authentication" section within the
 about:preferences "Privacy & Security section" to allow
 viewing and removal of v3 onion client auth keys that have
 been stored on disk.

Also fixes bug 19251: use enhanced error pages for onion service errors.
---
 browser/actors/NetErrorChild.jsm   |   7 +
 browser/base/content/aboutNetError.js  |  10 +-
 browser/base/content/aboutNetError.xhtml   |   1 +
 browser/base/content/browser.js|  10 +
 browser/base/content/browser.xhtml |   3 +
 browser/base/content/tab-content.js|   5 +
 browser/components/moz.build   |   1 +
 .../content/authNotificationIcon.inc.xhtml |   6 +
 .../onionservices/content/authPopup.inc.xhtml  |  16 ++
 .../onionservices/content/authPreferences.css  |  20 ++
 .../content/authPreferences.inc.xhtml  |  19 ++
 .../onionservices/content/authPreferences.js   |  66 +
 .../components/onionservices/content/authPrompt.js | 316 +
 .../components/onionservices/content/authUtil.jsm  |  47 +++
 .../onionservices/content/netError/browser.svg |   3 +
 .../onionservices/content/netError/network.svg |   3 +
 .../content/netError/onionNetError.css |  65 +
 .../content/netError/onionNetError.js  | 244 
 .../onionservices/content/netError/onionsite.svg   |   7 +
 .../onionservices/content/onionservices.css|  69 +
 .../onionservices/content/savedKeysDialog.js   | 259 +
 .../onionservices/content/savedKeysDialog.xhtml|  42 +++
 browser/components/onionservices/jar.mn|   9 +
 browser/components/onionservices/moz.build |   1 +
 browser/components/preferences/preferences.xhtml   |   1 +
 browser/components/preferences/privacy.inc.xhtml   |   2 +
 browser/components/preferences/privacy.js  |   7 +
 browser/themes/shared/notification-icons.inc.css   |   3 +
 docshell/base/nsDocShell.cpp   |  81 +-
 dom/ipc/BrowserParent.cpp  |  21 ++
 dom/ipc/BrowserParent.h|   3 +
 dom/ipc/PBrowser.ipdl  |   9 +
 js/xpconnect/src/xpc.msg   |  10 +
 netwerk/base/nsSocketTransport2.cpp|   6 +
 netwerk/socket/nsSOCKSIOLayer.cpp  |  49 
 toolkit/modules/PopupNotifications.jsm |   6 +
 toolkit/modules/RemotePageAccessManager.jsm|   1 +
 .../lib/environments/frame-script.js   |   1 +
 xpcom/base/ErrorList.py|  22 ++
 39 files changed, 1449 insertions(+), 2 deletions(-)

diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm
index eea7ddd0cf97..58bab60c36f7 100644
--- a/browser/actors/NetErrorChild.jsm
+++ b/browser/actors/NetErrorChild.jsm
@@ -13,6 +13,8 @@ const { RemotePageChild } = ChromeUtils.import(
   "resource://gre/actors/RemotePageChild.jsm"
 );
 
+const { TorStrings } = 
ChromeUtils.import("resource:///modules/TorStrings.jsm");
+
 XPCOMUtils.defineLazyServiceGetter(
   this,
   "gSerializationHelper",
@@ -30,6 +32,7 @@ class NetErrorChild extends RemotePageChild {
   "RPMAddToHistogram",
   "RPMRecordTelemetryEvent",
   "RPMGetHttpResponseHeader",
+  "RPMGetTorStrings",
 ];
 this.exportFunctions(exportableFunctions);
   }
@@

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 31575: Replace Firefox Home (newtab) with about:tor

2020-11-13 Thread sysrqb 
commit 9df83c26cf34570fb654f0a6767cb9ef64d11e8f
Author: Alex Catarineu 
Date:   Mon Sep 9 13:04:34 2019 +0200

Bug 31575: Replace Firefox Home (newtab) with about:tor

Avoid loading AboutNewTab in BrowserGlue.jsm in order
to avoid several network requests that we do not need. Besides,
about:newtab will now point to about:blank or about:tor (depending
on browser.newtabpage.enabled) and about:home will point to
about:tor.
---
 browser/components/BrowserGlue.jsm   | 34 ++--
 browser/components/newtab/AboutNewTabService.jsm | 15 +--
 browser/components/preferences/home.inc.xhtml|  4 +--
 browser/components/preferences/preferences.xhtml |  5 +++-
 browser/modules/HomePage.jsm |  2 +-
 5 files changed, 10 insertions(+), 50 deletions(-)

diff --git a/browser/components/BrowserGlue.jsm 
b/browser/components/BrowserGlue.jsm
index ae5c9f15d600..4eb4c6183608 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -23,12 +23,6 @@ ChromeUtils.defineModuleGetter(
   "resource://gre/modules/ActorManagerParent.jsm"
 );
 
-ChromeUtils.defineModuleGetter(
-  this,
-  "AboutNewTab",
-  "resource:///modules/AboutNewTab.jsm"
-);
-
 ChromeUtils.defineModuleGetter(
   this,
   "E10SUtils",
@@ -174,24 +168,6 @@ let JSWINDOWACTORS = {
 matches: ["about:newinstall"],
   },
 
-  AboutNewTab: {
-parent: {
-  moduleURI: "resource:///actors/AboutNewTabParent.jsm",
-},
-child: {
-  moduleURI: "resource:///actors/AboutNewTabChild.jsm",
-  events: {
-DOMContentLoaded: {},
-pageshow: {},
-visibilitychange: {},
-  },
-},
-// The wildcard on about:newtab is for the ?endpoint query parameter
-// that is used for snippets debugging.
-matches: ["about:home", "about:welcome", "about:newtab*"],
-remoteTypes: ["privilegedabout"],
-  },
-
   AboutPlugins: {
 parent: {
   moduleURI: "resource:///actors/AboutPluginsParent.jsm",
@@ -1803,8 +1779,6 @@ BrowserGlue.prototype = {
 
   // the first browser window has finished initializing
   _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) {
-AboutNewTab.init();
-
 TabCrashHandler.init();
 
 ProcessHangMonitor.init();
@@ -5313,12 +5287,8 @@ var AboutHomeStartupCache = {
   return { pageInputStream: null, scriptInputStream: null };
 }
 
-let state = AboutNewTab.activityStream.store.getState();
-return new Promise(resolve => {
-  this._cacheDeferred = resolve;
-  this.log.trace("Parent received cache streams.");
-  this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state 
});
-});
+this.log.error("Activity Stream is disabled in Tor Browser.");
+return { pageInputStream: null, scriptInputStream: null };
   },
 
   /**
diff --git a/browser/components/newtab/AboutNewTabService.jsm 
b/browser/components/newtab/AboutNewTabService.jsm
index c65e25ea582c..114999f18c27 100644
--- a/browser/components/newtab/AboutNewTabService.jsm
+++ b/browser/components/newtab/AboutNewTabService.jsm
@@ -327,20 +327,7 @@ class BaseAboutNewTabService {
* the newtab page has no effect on the result of this function.
*/
   get defaultURL() {
-// Generate the desired activity stream resource depending on state, e.g.,
-// "resource://activity-stream/prerendered/activity-stream.html"
-// "resource://activity-stream/prerendered/activity-stream-debug.html"
-// "resource://activity-stream/prerendered/activity-stream-noscripts.html"
-return [
-  "resource://activity-stream/prerendered/",
-  "activity-stream",
-  // Debug version loads dev scripts but noscripts separately loads scripts
-  this.activityStreamDebug && !this.privilegedAboutProcessEnabled
-? "-debug"
-: "",
-  this.privilegedAboutProcessEnabled ? "-noscripts" : "",
-  ".html",
-].join("");
+return "about:tor";
   }
 
   get welcomeURL() {
diff --git a/browser/components/preferences/home.inc.xhtml 
b/browser/components/preferences/home.inc.xhtml
index 2e900ccd296c..2a7412944d73 100644
--- a/browser/components/preferences/home.inc.xhtml
+++ b/browser/components/preferences/home.inc.xhtml
@@ -37,7 +37,7 @@
 class="check-home-page-controlled"
 data-preference-related="browser.startup.homepage">
 
-  
+  
   
   
 
@@ -97,7 +97,7 @@
 flex="1"
 preference="browser.newtabpage.enabled">
   
-
+
 
   
 
diff --git a/browser/components/preferences/preferences.xhtml 
b/browser/components/preferences/preferences.xhtml
index b1e08364e1cc..3996cc964ae8 100644
--- a/browser/components/preferences/preferences.xhtml
+++ b/browser/components/preferences/preferences.xhtml
@@ -14,7 +14,10 @@
 
 
 
-
+
+  %aboutTorDTD;
+]>
 
 http://www.w3.org/1999/xhtml;

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 27604: Fix addon issues when moving TB directory

2020-11-13 Thread sysrqb 
commit 525195b11888ede78edf297b1c92b208c4dce3f8
Author: Alex Catarineu 
Date:   Wed Oct 30 10:44:48 2019 +0100

Bug 27604: Fix addon issues when moving TB directory
---
 toolkit/mozapps/extensions/internal/XPIProvider.jsm | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm 
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 00b33160232b..210b548cd0e2 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -485,7 +485,7 @@ class XPIState {
 
 // Builds prior to be 1512436 did not include the rootURI property.
 // If we're updating from such a build, add that property now.
-if (!("rootURI" in this) && this.file) {
+if (this.file) {
   this.rootURI = getURIForResourceInFile(this.file, "").spec;
 }
 
@@ -498,7 +498,10 @@ class XPIState {
   saved.currentModifiedTime != this.lastModifiedTime
 ) {
   this.lastModifiedTime = saved.currentModifiedTime;
-} else if (saved.currentModifiedTime === null) {
+} else if (
+  saved.currentModifiedTime === null &&
+  (!this.file || !this.file.exists())
+) {
   this.missing = true;
 }
   }
@@ -1439,6 +1442,7 @@ var XPIStates = {
 
   if (oldState[loc.name]) {
 loc.restore(oldState[loc.name]);
+changed = changed || loc.path != oldState[loc.name].path;
   }
   changed = changed || loc.changed;
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 23104: Add a default line height compensation

2020-11-13 Thread sysrqb 
commit bd25ccbfbbf94bdfd5d4b8049911c69a5c2e295f
Author: Igor Oliveira 
Date:   Sun Dec 10 18:16:59 2017 -0200

Bug 23104: Add a default line height compensation

Many fonts have issues with their vertical metrics. they
are used to influence the height of ascenders and depth
of descenders. Gecko uses it to calculate the line height
(font height + ascender + descender), however because of
that idiosyncratic behavior across multiple operating
systems, it can be used to identify the user's OS.

The solution proposed in the patch uses a default factor
to be multiplied with the font size, simulating the concept
of ascender and descender. This way all operating
systems will have the same line height only and only if the
frame is outside the chrome.
---
 layout/generic/ReflowInput.cpp | 19 ---
 layout/generic/test/mochitest.ini  |  1 +
 layout/generic/test/test_tor_bug23104.html | 51 ++
 3 files changed, 66 insertions(+), 5 deletions(-)

diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp
index ff67e89fdadf..4bb7a301d335 100644
--- a/layout/generic/ReflowInput.cpp
+++ b/layout/generic/ReflowInput.cpp
@@ -31,6 +31,7 @@
 #include "mozilla/SVGUtils.h"
 #include "mozilla/dom/HTMLInputElement.h"
 #include "nsGridContainerFrame.h"
+#include "nsContentUtils.h"
 
 using namespace mozilla;
 using namespace mozilla::css;
@@ -2640,7 +2641,8 @@ void 
ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) {
 
 // For risk management, we use preference to control the behavior, and
 // eNoExternalLeading is the old behavior.
-static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) {
+static nscoord GetNormalLineHeight(nsIContent* aContent,
+   nsFontMetrics* aFontMetrics) {
   MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics");
 
   nscoord normalLineHeight;
@@ -2648,6 +2650,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics* 
aFontMetrics) {
   nscoord externalLeading = aFontMetrics->ExternalLeading();
   nscoord internalLeading = aFontMetrics->InternalLeading();
   nscoord emHeight = aFontMetrics->EmHeight();
+
+  if (nsContentUtils::ShouldResistFingerprinting() &&
+  !aContent->IsInChromeDocument()) {
+return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR);
+  }
+
   switch (GetNormalLineHeightCalcControl()) {
 case eIncludeExternalLeading:
   normalLineHeight = emHeight + internalLeading + externalLeading;
@@ -2665,7 +2673,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics* 
aFontMetrics) {
   return normalLineHeight;
 }
 
-static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle,
+static inline nscoord ComputeLineHeight(nsIContent* aContent,
+ComputedStyle* aComputedStyle,
 nsPresContext* aPresContext,
 nscoord aBlockBSize,
 float aFontSizeInflation) {
@@ -2694,7 +2703,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle* 
aComputedStyle,
 
   RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle(
   aComputedStyle, aPresContext, aFontSizeInflation);
-  return GetNormalLineHeight(fm);
+  return GetNormalLineHeight(aContent, fm);
 }
 
 nscoord ReflowInput::CalcLineHeight() const {
@@ -2716,7 +2725,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent,
 float aFontSizeInflation) {
   MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle");
 
-  nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext,
+  nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle, 
aPresContext,
  aBlockBSize, aFontSizeInflation);
 
   NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up");
@@ -2729,7 +2738,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent,
 if (!lh.IsNormal()) {
   RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle(
   aComputedStyle, aPresContext, aFontSizeInflation);
-  nscoord normal = GetNormalLineHeight(fm);
+  nscoord normal = GetNormalLineHeight(aContent, fm);
   if (lineHeight < normal) {
 lineHeight = normal;
   }
diff --git a/layout/generic/test/mochitest.ini 
b/layout/generic/test/mochitest.ini
index a30a8130615c..9c0e7a4982a6 100644
--- a/layout/generic/test/mochitest.ini
+++ b/layout/generic/test/mochitest.ini
@@ -168,3 +168,4 @@ skip-if = debug == true || tsan # the test is slow. tsan: 
bug 1612707
 support-files =
 file_reframe_for_lazy_load_image.html
 [test_bug1655135.html]
+[test_tor_bug23104.html]
diff --git a/layout/generic/test/test_tor_bug23104.html 
b/layout/generic/test/test_tor_bug23104.html
new file mode 100644
index ..ae73a3446037
--- /dev/null
+++ b/layout/generic/test/test_tor_bug23104.html
@@ -0,0 +1,51 @@
+
+
+
+
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 32658: Create a new MAR signing key

2020-11-13 Thread sysrqb 
commit 575cfea33fb1580cc16e779d10c4bdb4406c3f5b
Author: Georg Koppen 
Date:   Fri Jan 17 12:54:31 2020 +

Bug 32658: Create a new MAR signing key

It's time for our rotation again: Move the backup key in the front
position and add a new backup key.
---
 toolkit/mozapps/update/updater/release_primary.der   | Bin 1225 -> 1229 bytes
 toolkit/mozapps/update/updater/release_secondary.der | Bin 1225 -> 1229 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/toolkit/mozapps/update/updater/release_primary.der 
b/toolkit/mozapps/update/updater/release_primary.der
index 1d94f88ad73b..0103a171de88 100644
Binary files a/toolkit/mozapps/update/updater/release_primary.der and 
b/toolkit/mozapps/update/updater/release_primary.der differ
diff --git a/toolkit/mozapps/update/updater/release_secondary.der 
b/toolkit/mozapps/update/updater/release_secondary.der
index 474706c4b73c..fcee3944e9b7 100644
Binary files a/toolkit/mozapps/update/updater/release_secondary.der and 
b/toolkit/mozapps/update/updater/release_secondary.der differ



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor

2020-11-13 Thread sysrqb 
commit 926b8ca167b3011b0026fc93212c4273e9eb07d7
Author: Richard Pospesel 
Date:   Mon Sep 16 15:25:39 2019 -0700

Bug 31286: Implementation of bridge, proxy, and firewall settings in 
about:preferences#tor

This patch adds a new about:preferences#tor page which allows modifying
bridge, proxy, and firewall settings from within Tor Browser. All of the
functionality present in tor-launcher's Network Configuration panel is
present:

 - Setting built-in bridges
 - Requesting bridges from BridgeDB via moat
 - Using user-provided bridges
 - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies
 - Setting firewall ports
 - Viewing and Copying Tor's logs
 - The Networking Settings in General preferences has been removed
---
 browser/components/moz.build   |   1 +
 browser/components/preferences/main.inc.xhtml  |  55 --
 browser/components/preferences/main.js |  14 -
 browser/components/preferences/preferences.js  |   9 +
 browser/components/preferences/preferences.xhtml   |   5 +
 browser/components/preferences/privacy.js  |   1 +
 .../torpreferences/content/parseFunctions.jsm  |  89 +++
 .../torpreferences/content/requestBridgeDialog.jsm | 204 +
 .../content/requestBridgeDialog.xhtml  |  35 +
 .../torpreferences/content/torBridgeSettings.jsm   | 325 
 .../torpreferences/content/torCategory.inc.xhtml   |   9 +
 .../torpreferences/content/torFirewallSettings.jsm |  72 ++
 .../torpreferences/content/torLogDialog.jsm|  66 ++
 .../torpreferences/content/torLogDialog.xhtml  |  23 +
 .../components/torpreferences/content/torPane.js   | 857 +
 .../torpreferences/content/torPane.xhtml   | 123 +++
 .../torpreferences/content/torPreferences.css  |  77 ++
 .../torpreferences/content/torPreferencesIcon.svg  |   5 +
 .../torpreferences/content/torProxySettings.jsm| 245 ++
 browser/components/torpreferences/jar.mn   |  14 +
 browser/components/torpreferences/moz.build|   1 +
 browser/modules/BridgeDB.jsm   | 110 +++
 browser/modules/TorProtocolService.jsm | 212 +
 browser/modules/moz.build  |   2 +
 24 files changed, 2485 insertions(+), 69 deletions(-)

diff --git a/browser/components/moz.build b/browser/components/moz.build
index 68a76ba3566e..8f4ba1aba34b 100644
--- a/browser/components/moz.build
+++ b/browser/components/moz.build
@@ -57,6 +57,7 @@ DIRS += [
 'syncedtabs',
 'uitour',
 'urlbar',
+'torpreferences',
 'translation',
 ]
 
diff --git a/browser/components/preferences/main.inc.xhtml 
b/browser/components/preferences/main.inc.xhtml
index ec30d31cde49..16c1880e1320 100644
--- a/browser/components/preferences/main.inc.xhtml
+++ b/browser/components/preferences/main.inc.xhtml
@@ -665,59 +665,4 @@
 
   
 
-
-
-  
-
-
-
-
-  
-
-  
-
-  
-  
-  
-  
-  
-
-
-
-
-  
-
-  
-
 
diff --git a/browser/components/preferences/main.js 
b/browser/components/preferences/main.js
index 3e101f93295a..3f562a2cd5f0 100644
--- a/browser/components/preferences/main.js
+++ b/browser/components/preferences/main.js
@@ -373,15 +373,6 @@ var gMainPane = {
 });
 this.updatePerformanceSettingsBox({ duringChangeEvent: false });
 this.displayUseSystemLocale();
-let connectionSettingsLink = document.getElementById(
-  "connectionSettingsLearnMore"
-);
-let connectionSettingsUrl =
-  Services.urlFormatter.formatURLPref("app.support.baseURL") +
-  "prefs-connection-settings";
-connectionSettingsLink.setAttribute("href", connectionSettingsUrl);
-this.updateProxySettingsUI();
-initializeProxyUI(gMainPane);
 
 if (Services.prefs.getBoolPref("intl.multilingual.enabled")) {
   gMainPane.initBrowserLocale();
@@ -515,11 +506,6 @@ var gMainPane = {
   "change",
   gMainPane.updateHardwareAcceleration.bind(gMainPane)
 );
-setEventListener(
-  "connectionSettings",
-  "command",
-  gMainPane.showConnections
-);
 setEventListener(
   "browserContainersCheckbox",
   "command",
diff --git a/browser/components/preferences/preferences.js 
b/browser/components/preferences/preferences.js
index 7179fe7ec8b7..fcb722eea0b2 100644
--- a/browser/components/preferences/preferences.js
+++ b/browser/components/preferences/preferences.js
@@ -13,6 +13,7 @@
 /* import-globals-from findInPage.js */
 /* import-globals-from ../../base/content/utilityOverlay.js */
 /* import-globals-from ../../../toolkit/content/preferencesBindings.js */
+/* import-globals-from ../torpreferences/content/torPane.js */
 
 "use strict";
 
@@ -136,6 +137,14 @@ function init_all() {
 register_module("paneSync", gSyncPane);
   }
   register_module("paneSearchResults", gSearchResultsPane);
+  if (gTorPane.enabled) {
+document.getElementById("category-tor").hidden = false;
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 27511: Add new identity button to toolbar

2020-11-13 Thread sysrqb 
commit 58b0fb9ce0b3751ff4c5cf231d8d62fc729ad52f
Author: Alex Catarineu 
Date:   Fri Oct 4 19:08:33 2019 +0200

Bug 27511: Add new identity button to toolbar

Also added 'New circuit for this site' button to CustomizableUI, but
not visible by default.
---
 browser/base/content/browser.xhtml  | 10 ++
 .../components/customizableui/CustomizableUI.jsm| 21 +
 browser/themes/shared/icons/new_circuit.svg |  8 
 browser/themes/shared/icons/new_identity.svg|  9 +
 browser/themes/shared/jar.inc.mn|  3 +++
 browser/themes/shared/menupanel.inc.css |  8 
 browser/themes/shared/toolbarbutton-icons.inc.css   |  8 
 7 files changed, 67 insertions(+)

diff --git a/browser/base/content/browser.xhtml 
b/browser/base/content/browser.xhtml
index afa8e8cfa29d..95cbd4e96ddc 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -2142,6 +2142,16 @@
  ondragenter="newWindowButtonObserver.onDragOver(event)"
  ondragexit="newWindowButtonObserver.onDragExit(event)"/>
 
+  
+
+  
+
   
+http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;>
+Icon / New Circuit@1.5x
+
+
+
+
+
diff --git a/browser/themes/shared/icons/new_identity.svg 
b/browser/themes/shared/icons/new_identity.svg
new file mode 100644
index ..91d5b35f7e80
--- /dev/null
+++ b/browser/themes/shared/icons/new_identity.svg
@@ -0,0 +1,9 @@
+
+http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;>
+New Identity Icon
+
+
+
+
+
+
\ No newline at end of file
diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn
index 008052742d4a..05324c9e9310 100644
--- a/browser/themes/shared/jar.inc.mn
+++ b/browser/themes/shared/jar.inc.mn
@@ -308,3 +308,6 @@
   skin/classic/browser/privatebrowsing/private-browsing.svg
(../shared/privatebrowsing/private-browsing.svg)
   skin/classic/browser/install-ssb.svg 
(../shared/install-ssb.svg)
   skin/classic/browser/critical.svg
(../shared/icons/critical.svg)
+
+  skin/classic/browser/new_circuit.svg 
(../shared/icons/new_circuit.svg)
+  skin/classic/browser/new_identity.svg
(../shared/icons/new_identity.svg)
diff --git a/browser/themes/shared/menupanel.inc.css 
b/browser/themes/shared/menupanel.inc.css
index c919f32a1454..eae453ec5004 100644
--- a/browser/themes/shared/menupanel.inc.css
+++ b/browser/themes/shared/menupanel.inc.css
@@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] > 
#bookmarks-menu-button,
   -moz-context-properties: fill, fill-opacity;
   fill-opacity: 0;
 }
+
+#appMenuNewIdentity {
+  list-style-image: url("chrome://browser/skin/new_identity.svg");
+}
+
+#appMenuNewCircuit {
+  list-style-image: url("chrome://browser/skin/new_circuit.svg");
+}
diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css 
b/browser/themes/shared/toolbarbutton-icons.inc.css
index f189c7b10d7f..c34c628ced5b 100644
--- a/browser/themes/shared/toolbarbutton-icons.inc.css
+++ b/browser/themes/shared/toolbarbutton-icons.inc.css
@@ -233,6 +233,14 @@ toolbar[brighttext] {
   list-style-image: url("chrome://browser/skin/new-tab.svg");
 }
 
+#new-identity-button {
+  list-style-image: url("chrome://browser/skin/new_identity.svg");
+}
+
+#new-circuit-button {
+  list-style-image: url("chrome://browser/skin/new_circuit.svg");
+}
+
 #privatebrowsing-button {
   list-style-image: url("chrome://browser/skin/privateBrowsing.svg");
 }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 31607: App menu items stop working on macOS

2020-11-13 Thread sysrqb 
commit cb386f9ae2d45856c8b65d8b137e43caf600f5d0
Author: Kathy Brade 
Date:   Thu Oct 3 10:53:43 2019 -0400

Bug 31607: App menu items stop working on macOS

Avoid re-creating the hidden window, since this causes the nsMenuBarX
object that is associated with the app menu to be freed (which in
turn causes all of the app menu items to stop working).

More detail: There should only be one hidden window.
XREMain::XRE_mainRun() contains an explicit call to create the
hidden window and that is the normal path by which it is created.
However, when Tor Launcher's wizard/progress window is opened during
startup, a hidden window is created earlier as a side effect of
calls to nsAppShellService::GetHiddenWindow(). Then, when
XREMain::XRE_mainRun() creates its hidden window, the original one
is freed which also causes the app menu's nsMenuBarX object which
is associated with that window to be destroyed. When that happens,
the menuGroupOwner property within each Cocoa menu items's MenuItemInfo
object is cleared. This breaks the link that is necessary for
NativeMenuItemTarget's menuItemHit method to dispatch a menu item
event.
---
 xpfe/appshell/nsAppShellService.cpp | 4 
 1 file changed, 4 insertions(+)

diff --git a/xpfe/appshell/nsAppShellService.cpp 
b/xpfe/appshell/nsAppShellService.cpp
index 2f834508afa8..1983f27d4c8c 100644
--- a/xpfe/appshell/nsAppShellService.cpp
+++ b/xpfe/appshell/nsAppShellService.cpp
@@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() {
 
 NS_IMETHODIMP
 nsAppShellService::CreateHiddenWindow() {
+  if (mHiddenWindow) {
+return NS_OK;
+  }
+
   if (!XRE_IsParentProcess()) {
 return NS_ERROR_NOT_IMPLEMENTED;
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 13379: Sign our MAR files.

2020-11-13 Thread sysrqb 
commit 319fe512d871ac5e1f31d6c3c11cc20ee6361b3e
Author: Kathy Brade 
Date:   Wed Dec 17 16:37:11 2014 -0500

Bug 13379: Sign our MAR files.

Configure with --enable-verify-mar (when updating, require a valid
  signature on the MAR file before it is applied).
Use the Tor Browser version instead of the Firefox version inside the
  MAR file info block (necessary to prevent downgrade attacks).
Use NSS on all platforms for checking MAR signatures (instead of using
  OS-native APIs, which Mozilla does on Mac OS and Windows). So that the
  NSS and NSPR libraries the updater depends on can be found at runtime,
  we add the firefox directory to the shared library search path on macOS.
  On Linux, rpath is used by Mozilla to solve that problem, but that
  approach won't work on macOS because the updater executable is copied
  during the update process to a location that is under TorBrowser-Data,
  and the location of TorBrowser-Data varies.

Also includes the fix for bug 18900.
---
 .mozconfig |  1 +
 .mozconfig-asan|  1 +
 .mozconfig-mac |  1 +
 .mozconfig-mingw   |  1 +
 modules/libmar/tool/mar.c  |  6 +--
 modules/libmar/tool/moz.build  | 12 --
 modules/libmar/verify/moz.build| 14 +++---
 .../mozapps/update/updater/updater-common.build| 24 +--
 toolkit/mozapps/update/updater/updater.cpp | 25 +++
 toolkit/xre/moz.build  |  3 ++
 toolkit/xre/nsUpdateDriver.cpp | 50 ++
 11 files changed, 113 insertions(+), 25 deletions(-)

diff --git a/.mozconfig b/.mozconfig
index 24efaea57b0b..d71c858844e3 100755
--- a/.mozconfig
+++ b/.mozconfig
@@ -36,3 +36,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING=
 ac_add_options --disable-tor-launcher
 ac_add_options --with-tor-browser-version=dev-build
 ac_add_options --disable-tor-browser-update
+ac_add_options --enable-verify-mar
diff --git a/.mozconfig-asan b/.mozconfig-asan
index 13232e054d45..ca05fb12eedb 100644
--- a/.mozconfig-asan
+++ b/.mozconfig-asan
@@ -28,6 +28,7 @@ ac_add_options --enable-official-branding
 ac_add_options --enable-default-toolkit=cairo-gtk3
 
 ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
 
 ac_add_options --disable-strip
 ac_add_options --disable-install-strip
diff --git a/.mozconfig-mac b/.mozconfig-mac
index 1f89cab30bbc..9be7751f8241 100644
--- a/.mozconfig-mac
+++ b/.mozconfig-mac
@@ -42,6 +42,7 @@ ac_add_options --disable-debug
 
 ac_add_options --enable-tor-browser-data-outside-app-dir
 ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
 
 ac_add_options --disable-crashreporter
 ac_add_options --disable-webrtc
diff --git a/.mozconfig-mingw b/.mozconfig-mingw
index 4fb050308060..29c58d8fdab2 100644
--- a/.mozconfig-mingw
+++ b/.mozconfig-mingw
@@ -14,6 +14,7 @@ ac_add_options --enable-strip
 ac_add_options --enable-official-branding
 
 ac_add_options --enable-tor-browser-update
+ac_add_options --enable-verify-mar
 ac_add_options --disable-bits-download
 
 # Let's make sure no preference is enabling either Adobe's or Google's CDM.
diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c
index 0bf2cb4bd1d4..ea2b79924914 100644
--- a/modules/libmar/tool/mar.c
+++ b/modules/libmar/tool/mar.c
@@ -65,7 +65,7 @@ static void print_usage() {
   "signed_input_archive.mar base_64_encoded_signature_file "
   "changed_signed_output.mar\n");
   printf("(i) is the index of the certificate to extract\n");
-#  if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS))
+#  if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS)
   printf("Verify a MAR file:\n");
   printf("  mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n");
   printf(
@@ -149,7 +149,7 @@ int main(int argc, char** argv) {
   memset((void*)certBuffers, 0, sizeof(certBuffers));
 #endif
 #if !defined(NO_SIGN_VERIFY) && \
-((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX))
+(!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
   memset(DERFilePaths, 0, sizeof(DERFilePaths));
   memset(fileSizes, 0, sizeof(fileSizes));
 #endif
@@ -181,7 +181,7 @@ int main(int argc, char** argv) {
   argc -= 2;
 }
 #if !defined(NO_SIGN_VERIFY)
-#  if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)
+#  if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX)))
 /* -D DERFilePath, also matches -D[index] DERFilePath
We allow an index for verifying to be symmetric
with the import and export command line arguments. */
diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build
index 7c303422fb3b..f80e0c932f13 100644
--- a/modules/libmar/tool/moz.build
+++

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 26345: Hide tracking protection UI

2020-11-13 Thread sysrqb 
commit 17d133a462ff10ab1aa20bf2fcbdfc8a63874e52
Author: Alex Catarineu 
Date:   Tue Sep 10 16:29:31 2019 +0200

Bug 26345: Hide tracking protection UI
---
 browser/base/content/browser-siteIdentity.js  | 4 ++--
 browser/base/content/browser.xhtml| 4 ++--
 browser/components/about/AboutRedirector.cpp  | 4 
 browser/components/about/components.conf  | 1 -
 browser/components/moz.build  | 1 -
 browser/themes/shared/preferences/privacy.css | 4 
 6 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/browser/base/content/browser-siteIdentity.js 
b/browser/base/content/browser-siteIdentity.js
index 0825e8c0afc2..ed15a8044099 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -1057,10 +1057,10 @@ var gIdentityHandler = {
 
 this._refreshPermissionIcons();
 
-// Hide the shield icon if it is a chrome page.
+// Bug 26345: Hide tracking protection UI.
 gProtectionsHandler._trackingProtectionIconContainer.classList.toggle(
   "chromeUI",
-  this._isSecureInternalUI
+  true
 );
   },
 
diff --git a/browser/base/content/browser.xhtml 
b/browser/base/content/browser.xhtml
index 96c93bac9b43..afa8e8cfa29d 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -774,7 +774,7 @@
 oncommand="gSync.toggleAccountPanel('PanelUI-fxa', 
this, event)"/>
 
 
-
+
   
@@ -785,7 +785,7 @@
 
   
 
-
+
  description {



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 21431: Clean-up system extensions shipped in Firefox

2020-11-13 Thread sysrqb 
commit f027b014cee131c28473f3bd3ba43a5bbe44044d
Author: Kathy Brade 
Date:   Tue May 23 17:05:29 2017 -0400

Bug 21431: Clean-up system extensions shipped in Firefox

Only ship the pdfjs extension.
---
 browser/components/BrowserGlue.jsm| 6 ++
 browser/extensions/moz.build  | 5 -
 browser/installer/package-manifest.in | 1 -
 browser/locales/Makefile.in   | 8 
 browser/locales/jar.mn| 7 ---
 5 files changed, 6 insertions(+), 21 deletions(-)

diff --git a/browser/components/BrowserGlue.jsm 
b/browser/components/BrowserGlue.jsm
index bca89f2297c3..ae5c9f15d600 100644
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -2166,6 +2166,9 @@ BrowserGlue.prototype = {
 const ID = "screensh...@mozilla.org";
 const _checkScreenshotsPref = async () => {
   let addon = await AddonManager.getAddonByID(ID);
+  if (!addon) {
+return;
+  }
   let disabled = Services.prefs.getBoolPref(PREF, false);
   if (disabled) {
 await addon.disable({ allowSystemAddons: true });
@@ -2182,6 +2185,9 @@ BrowserGlue.prototype = {
 const ID = "webcompat-repor...@mozilla.org";
 Services.prefs.addObserver(PREF, async () => {
   let addon = await AddonManager.getAddonByID(ID);
+  if (!addon) {
+return;
+  }
   let enabled = Services.prefs.getBoolPref(PREF, false);
   if (enabled && !addon.isActive) {
 await addon.enable({ allowSystemAddons: true });
diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build
index 9787ecf81592..bdfc06cb6148 100644
--- a/browser/extensions/moz.build
+++ b/browser/extensions/moz.build
@@ -5,11 +5,6 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 DIRS += [
-'doh-rollout',
-'formautofill',
-'screenshots',
-'webcompat',
-'report-site-issue'
 ]
 
 if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']:
diff --git a/browser/installer/package-manifest.in 
b/browser/installer/package-manifest.in
index 74589084d4fa..937afa28fd71 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -272,7 +272,6 @@
 @RESPATH@/browser/chrome/icons/default/default64.png
 @RESPATH@/browser/chrome/icons/default/default128.png
 #endif
-@RESPATH@/browser/features/*
 
 ; [DevTools Startup Files]
 @RESPATH@/browser/chrome/devtools-startup@JAREXT@
diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in
index 496379c4306f..0946188813da 100644
--- a/browser/locales/Makefile.in
+++ b/browser/locales/Makefile.in
@@ -58,10 +58,6 @@ l10n-%:
@$(MAKE) -C ../../toolkit/locales l10n-$* 
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$*
@$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* 
XPI_NAME=locale-$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
-   @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* 
XPI_NAME=locale-$*
-endif
-   @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* 
XPI_NAME=locale-$*
@$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* 
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* 
XPI_ROOT_APPID='$(XPI_ROOT_APPID)'
@$(MAKE) l10n AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR)
@@ -75,14 +71,10 @@ chrome-%:
@$(MAKE) -C ../../toolkit/locales chrome-$*
@$(MAKE) -C ../../services/sync/locales chrome AB_CD=$*
@$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$*
-ifneq (,$(wildcard ../extensions/formautofill/locales))
-   @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$*
-endif
@$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$*
@$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$*
@$(MAKE) chrome AB_CD=$*
@$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$*
-   @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$*
 
 package-win32-installer: $(SUBMAKEFILES)
$(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' 
installer
diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn
index 2221bb960381..e1de05c443e7 100644
--- a/browser/locales/jar.mn
+++ b/browser/locales/jar.mn
@@ -55,10 +55,3 @@
 locale/browser/newInstall.dtd  
(%chrome/browser/newInstall.dtd)
 locale/browser/brandings.dtd   
(%chrome/browser/brandings.dtd)
 locale/browser/fxmonitor.properties
(%chrome/browser/fxmonitor.properties)
-
-#ifdef XPI_NAME
-# Bug 1240628, restructure how l10n repacks work with feature addons
-# This is hacky, but ensures the chrome.manifest chain is complete
-[.] chrome.jar:
-% manifest features/chrome.manifest
-#endif



___
tor-commits mailing list
tor-commits@lists.torproject.org

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 26353: Prevent speculative connect that violated FPI.

2020-11-13 Thread sysrqb 
commit c147ba010082c2886374eb35ffd036c20cf60496
Author: Arthur Edelstein 
Date:   Sat Jul 14 08:50:55 2018 -0700

Bug 26353: Prevent speculative connect that violated FPI.

Connections were observed in the catch-all circuit when
the user entered an https or http URL in the URL bar, or
typed a search term.
---
 toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4 
 1 file changed, 4 insertions(+)

diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm 
b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
index ae551496509a..81b5ceaa78fe 100644
--- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
+++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm
@@ -93,6 +93,9 @@ class RemoteWebNavigation {
   }
 
   uri = Services.uriFixup.getFixupURIInfo(aURI, fixupFlags).preferredURI;
+/***
+   TOR BROWSER: Disable the following speculative connect until
+   we can make it properly obey first-party isolation.
 
   // We know the url is going to be loaded, let's start requesting network
   // connection before the content process asks.
@@ -116,6 +119,7 @@ class RemoteWebNavigation {
 }
 Services.io.speculativeConnect(uri, principal, null);
   }
+***/
 } catch (ex) {
   // Can't setup speculative connection for this uri string for some
   // reason (such as failing to parse the URI), just ignore it.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 30541: Disable WebGL readPixel() for web content

2020-11-13 Thread sysrqb 
commit e981e2d279befcba2635933deb375145c9a8303c
Author: Georg Koppen 
Date:   Wed May 29 12:29:19 2019 +

Bug 30541: Disable WebGL readPixel() for web content
---
 dom/canvas/ClientWebGLContext.cpp | 8 
 1 file changed, 8 insertions(+)

diff --git a/dom/canvas/ClientWebGLContext.cpp 
b/dom/canvas/ClientWebGLContext.cpp
index b406e1032bc5..e9ff2366f88f 100644
--- a/dom/canvas/ClientWebGLContext.cpp
+++ b/dom/canvas/ClientWebGLContext.cpp
@@ -4579,6 +4579,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck(
 return false;
   }
 
+  // Security check passed, but don't let content readPixel calls through for
+  // now, if Resist Fingerprinting Mode is enabled.
+  if (nsContentUtils::ResistFingerprinting(aCallerType)) {
+JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode");
+out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR);
+return false;
+  }
+
   return true;
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 23247: Communicating security expectations for .onion

2020-11-13 Thread sysrqb 
commit fd485069fdabdf09a781fd56e4038c2cfb7e1d9d
Author: Richard Pospesel 
Date:   Fri Jun 8 13:38:40 2018 -0700

Bug 23247: Communicating security expectations for .onion

Encrypting pages hosted on Onion Services with SSL/TLS is redundant
(in terms of hiding content) as all traffic within the Tor network is
already fully encrypted.  Therefore, serving HTTP pages from an Onion
Service is more or less fine.

Prior to this patch, Tor Browser would mostly treat pages delivered
via Onion Services as well as pages delivered in the ordinary fashion
over the internet in the same way.  This created some inconsistencies
in behaviour and misinformation presented to the user relating to the
security of pages delivered via Onion Services:

 - HTTP Onion Service pages did not have any 'lock' icon indicating
   the site was secure
 - HTTP Onion Service pages would be marked as unencrypted in the Page
   Info screen
 - Mixed-mode content restrictions did not apply to HTTP Onion Service
   pages embedding Non-Onion HTTP content

This patch fixes the above issues, and also adds several new 'Onion'
icons to the mix to indicate all of the various permutations of Onion
Services hosted HTTP or HTTPS pages with HTTP or HTTPS content.

Strings for Onion Service Page Info page are pulled from Torbutton's
localization strings.
---
 browser/base/content/browser-siteIdentity.js   | 39 -
 browser/base/content/pageinfo/security.js  | 64 ++
 .../shared/identity-block/identity-block.inc.css   | 19 +++
 .../themes/shared/identity-block/onion-slash.svg   |  5 ++
 .../themes/shared/identity-block/onion-warning.svg |  6 ++
 browser/themes/shared/identity-block/onion.svg |  3 +
 browser/themes/shared/jar.inc.mn   |  3 +
 dom/base/nsContentUtils.cpp| 19 +++
 dom/base/nsContentUtils.h  |  5 ++
 dom/base/nsGlobalWindowOuter.cpp   |  3 +-
 dom/ipc/WindowGlobalActor.cpp  |  5 +-
 dom/ipc/WindowGlobalChild.cpp  |  6 +-
 dom/presentation/PresentationRequest.cpp   |  3 +-
 dom/security/nsMixedContentBlocker.cpp | 16 +-
 .../modules/geckoview/GeckoViewProgress.jsm|  4 ++
 security/manager/ssl/nsSecureBrowserUI.cpp | 12 
 16 files changed, 180 insertions(+), 32 deletions(-)

diff --git a/browser/base/content/browser-siteIdentity.js 
b/browser/base/content/browser-siteIdentity.js
index 94f959c99e5d..0825e8c0afc2 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -144,6 +144,10 @@ var gIdentityHandler = {
 );
   },
 
+  get _uriIsOnionHost() {
+return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") 
: false;
+  },
+
   get _isAboutNetErrorPage() {
 return (
   gBrowser.selectedBrowser.documentURI &&
@@ -833,9 +837,9 @@ var gIdentityHandler = {
   get pointerlockFsWarningClassName() {
 // Note that the fullscreen warning does not handle _isSecureInternalUI.
 if (this._uriHasHost && this._isSecureConnection) {
-  return "verifiedDomain";
+  return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain";
 }
-return "unknownIdentity";
+return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity";
   },
 
   /**
@@ -843,6 +847,10 @@ var gIdentityHandler = {
* built-in (returns false) or imported (returns true).
*/
   _hasCustomRoot() {
+if (!this._secInfo) {
+  return false;
+}
+
 let issuerCert = null;
 issuerCert = this._secInfo.succeededCertChain[
   this._secInfo.succeededCertChain.length - 1
@@ -885,11 +893,13 @@ var gIdentityHandler = {
 "identity.extension.label",
 [extensionName]
   );
-} else if (this._uriHasHost && this._isSecureConnection) {
+} else if (this._uriHasHost && this._isSecureConnection && this._secInfo) {
   // This is a secure connection.
-  this._identityBox.className = "verifiedDomain";
+  // _isSecureConnection implicitly includes onion services, which may not 
have an SSL certificate
+  const uriIsOnionHost = this._uriIsOnionHost;
+  this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" : 
"verifiedDomain";
   if (this._isMixedActiveContentBlocked) {
-this._identityBox.classList.add("mixedActiveBlocked");
+this._identityBox.classList.add(uriIsOnionHost ? 
"onionMixedActiveBlocked" : "mixedActiveBlocked");
   }
   if (!this._isCertUserOverridden) {
 // It's a normal cert, verifier is the CA Org.
@@ -900,17 +910,17 @@ var gIdentityHandler = {
   }
 } else if (this._isBrokenConnection) {
   // This is a secure connection, but something is wrong.
-  this._identityBox.className = "unknownIdentity";
+  const uriIsOnionHost =

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.

2020-11-13 Thread sysrqb 
commit e1f3764763b4e05dc94813fcf9d5e7589b54ea1e
Author: Kathy Brade 
Date:   Tue Jun 28 15:13:05 2016 -0400

Bug 19273: Avoid JavaScript patching of the external app helper dialog.

When handling an external URI or downloading a file, invoke Torbutton's
external app blocker component (which will present a download warning
dialog unless the user has checked the "Automatically download files
from now on" box).

For e10s compatibility, avoid using a modal dialog and instead use
a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton
to indicate the user's desire to cancel or continue each request.

Other bugs fixed:
 Bug 21766: Crash with e10s enabled while trying to download a file
 Bug 21886: Download is stalled in non-e10s mode
 Bug 22471: Downloading files via the PDF viewer download button is broken
 Bug 22472: Fix FTP downloads when external helper app dialog is shown
 Bug 22610: Avoid crashes when canceling external helper app downloads
 Bug 22618: Downloading pdf file via file:/// is stalling
---
 .../exthandler/nsExternalHelperAppService.cpp  | 207 +
 uriloader/exthandler/nsExternalHelperAppService.h  |   3 +
 .../exthandler/nsIExternalHelperAppService.idl |  47 +
 3 files changed, 222 insertions(+), 35 deletions(-)

diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp 
b/uriloader/exthandler/nsExternalHelperAppService.cpp
index 8e38cbf6e3fa..93e01ed472c3 100644
--- a/uriloader/exthandler/nsExternalHelperAppService.cpp
+++ b/uriloader/exthandler/nsExternalHelperAppService.cpp
@@ -133,6 +133,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] =
 static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] =
 "browser.helperApps.neverAsk.openFile";
 
+static const char WARNING_DIALOG_CONTRACT_ID[] =
+"@torproject.org/torbutton-extAppBlocker;1";
+
 // Helper functions for Content-Disposition headers
 
 /**
@@ -389,6 +392,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory,
   return NS_OK;
 }
 
+static already_AddRefed GetDialogParentAux(
+BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) {
+  nsCOMPtr dialogParent = aWindowContext;
+
+  if (!dialogParent && aBrowsingContext) {
+dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow());
+  }
+  if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) {
+RefPtr element = aBrowsingContext->Top()->GetEmbedderElement();
+if (element) {
+  dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow());
+}
+  }
+  return dialogParent.forget();
+}
+
 /**
  * Structure for storing extension->type mappings.
  * @see defaultMimeEntries
@@ -576,6 +595,111 @@ static const char* descriptionOverwriteExtensions[] = {
 "avif", "pdf", "svg", "webp", "xml",
 };
 
+//
+// begin nsExternalLoadURIHandler class definition and implementation
+//
+class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher {
+ public:
+  NS_DECL_THREADSAFE_ISUPPORTS
+  NS_DECL_NSIHELPERAPPWARNINGLAUNCHER
+
+  nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+   nsIPrincipal* aTriggeringPrincipal,
+   BrowsingContext* aBrowsingContext);
+
+ protected:
+  ~nsExternalLoadURIHandler();
+
+  nsCOMPtr mHandlerInfo;
+  nsCOMPtr mURI;
+  nsCOMPtr mTriggeringPrincipal;
+  RefPtr mBrowsingContext;
+  nsCOMPtr mWarningDialog;
+};
+
+NS_IMPL_ADDREF(nsExternalLoadURIHandler)
+NS_IMPL_RELEASE(nsExternalLoadURIHandler)
+
+NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler)
+  NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher)
+  NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher)
+NS_INTERFACE_MAP_END
+
+nsExternalLoadURIHandler::nsExternalLoadURIHandler(
+nsIHandlerInfo* aHandlerInfo, nsIURI* aURI,
+nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext)
+: mHandlerInfo(aHandlerInfo),
+  mURI(aURI),
+  mTriggeringPrincipal(aTriggeringPrincipal),
+  mBrowsingContext(aBrowsingContext)
+
+{
+  nsresult rv = NS_OK;
+  mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, );
+  if (NS_SUCCEEDED(rv) && mWarningDialog) {
+// This will create a reference cycle (the dialog holds a reference to us
+// as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest
+// or CancelRequest.
+nsCOMPtr dialogParent =
+GetDialogParentAux(aBrowsingContext, nullptr);
+rv = mWarningDialog->MaybeShow(this, dialogParent);
+  }
+
+  if (NS_FAILED(rv)) {
+// If for some reason we could not open the download warning prompt,
+// continue with the request.
+ContinueRequest();
+  }
+}
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 25658: Replace security slider with security level UI

2020-11-13 Thread sysrqb 
commit f33f44c1b7df1110eba5443b05c3f7f7c03fc988
Author: Richard Pospesel 
Date:   Mon Mar 4 16:09:51 2019 -0800

Bug 25658: Replace security slider with security level UI

This patch adds a new 'securitylevel' component to Tor Browser intended
to replace the torbutton 'Security Slider'.

This component adds a new Security Level toolbar button which visually
indicates the current global security level via icon (as defined by the
extensions.torbutton.security_slider pref), a drop-down hanger with a
short description of the current security level, and a new section in
the about:preferences#privacy page where users can change their current
security level. In addition, the hanger and the preferences page will
show a visual warning when the user has modified prefs associated with
the security level and provide a one-click 'Restore Defaults' button to
get the user back on recommended settings.

Strings used by this patch are pulled from the torbutton extension, but
en-US defaults are provided if there is an error loading from the
extension. With this patch applied, the usual work-flow of "./mach build
&& ./mach run" work as expected, even if the torbutton extension is
disabled.
---
 browser/base/content/browser.js|  10 +
 browser/base/content/browser.xhtml |   5 +
 browser/components/moz.build   |   1 +
 browser/components/preferences/preferences.xhtml   |   1 +
 browser/components/preferences/privacy.inc.xhtml   |   2 +
 browser/components/preferences/privacy.js  |  19 +
 .../securitylevel/content/securityLevel.js | 501 +
 .../securitylevel/content/securityLevelButton.css  |   9 +
 .../content/securityLevelButton.inc.xhtml  |   7 +
 .../securitylevel/content/securityLevelButton.svg  |  21 +
 .../securitylevel/content/securityLevelPanel.css   |  82 
 .../content/securityLevelPanel.inc.xhtml   |  38 ++
 .../content/securityLevelPreferences.css   |  26 ++
 .../content/securityLevelPreferences.inc.xhtml |  62 +++
 browser/components/securitylevel/jar.mn|   6 +
 browser/components/securitylevel/moz.build |   1 +
 16 files changed, 791 insertions(+)

diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
index da1d1d869209..5203a6179f55 100644
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -215,6 +215,11 @@ XPCOMUtils.defineLazyScriptGetter(
   ["DownloadsButton", "DownloadsIndicatorView"],
   "chrome://browser/content/downloads/indicator.js"
 );
+XPCOMUtils.defineLazyScriptGetter(
+  this,
+  ["SecurityLevelButton"],
+  "chrome://browser/content/securitylevel/securityLevel.js"
+);
 XPCOMUtils.defineLazyScriptGetter(
   this,
   "gEditItemOverlay",
@@ -1851,6 +1856,9 @@ var gBrowserInit = {
 // doesn't flicker as the window is being shown.
 DownloadsButton.init();
 
+// Init the SecuritySettingsButton
+SecurityLevelButton.init();
+
 // Certain kinds of automigration rely on this notification to complete
 // their tasks BEFORE the browser window is shown. SessionStore uses it to
 // restore tabs into windows AFTER important parts like 
gMultiProcessBrowser
@@ -2533,6 +2541,8 @@ var gBrowserInit = {
 
 DownloadsButton.uninit();
 
+SecurityLevelButton.uninit();
+
 gAccessibilityServiceIndicator.uninit();
 
 if (gToolbarKeyNavEnabled) {
diff --git a/browser/base/content/browser.xhtml 
b/browser/base/content/browser.xhtml
index 4986e6d97841..96c93bac9b43 100644
--- a/browser/base/content/browser.xhtml
+++ b/browser/base/content/browser.xhtml
@@ -20,6 +20,8 @@
 
 
 
+
+
 
 
 
@@ -644,6 +646,7 @@
 #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml
 #include ../../components/downloads/content/downloadsPanel.inc.xhtml
 #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml
+#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml
 #include browser-allTabsMenu.inc.xhtml
 
 
@@ -1981,6 +1984,8 @@
 
   
 
+#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml
+
 
 
 
+
 
 
 
diff --git a/browser/components/preferences/privacy.inc.xhtml 
b/browser/components/preferences/privacy.inc.xhtml
index ef3369d4250e..cac332fc69a9 100644
--- a/browser/components/preferences/privacy.inc.xhtml
+++ b/browser/components/preferences/privacy.inc.xhtml
@@ -906,6 +906,8 @@
   
 
 
+#include ../securitylevel/content/securityLevelPreferences.inc.xhtml
+
 
 
   
diff --git a/browser/components/preferences/privacy.js 
b/browser/components/preferences/privacy.js
index b6d9d7ee5ded..30539da603ce 100644
--- a/browser/components/preferences/privacy.js
+++ b/browser/components/preferences/privacy.js
@@ -80,6 +80,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", 
function() {
   }
 });
 
+XPCOMUtils.defineLazyScriptGetter(

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 16940: After update, load local change notes.

2020-11-13 Thread sysrqb 
commit c5fef0b9a5baee020c27ba409db3e58997896651
Author: Kathy Brade 
Date:   Wed Nov 25 11:36:20 2015 -0500

Bug 16940: After update, load local change notes.

Add an about:tbupdate page that displays the first section from
TorBrowser/Docs/ChangeLog.txt and includes a link to the remote
post-update page (typically our blog entry for the release).

Always load about:tbupdate in a content process, but implement the
code that reads the file system (changelog) in the chrome process
for compatibility with future sandboxing efforts.

Also fix bug 29440. Now about:tbupdate is styled as a fairly simple
changelog page that is designed to be displayed via a link that is on
about:tor.
---
 browser/actors/AboutTBUpdateChild.jsm  |  12 +++
 browser/actors/AboutTBUpdateParent.jsm | 120 +
 browser/actors/moz.build   |   6 ++
 .../base/content/abouttbupdate/aboutTBUpdate.css   |  74 +
 .../base/content/abouttbupdate/aboutTBUpdate.js|  27 +
 .../base/content/abouttbupdate/aboutTBUpdate.xhtml |  39 +++
 browser/base/content/browser-siteIdentity.js   |   2 +-
 browser/base/content/browser.js|   4 +
 browser/base/jar.mn|   5 +
 browser/components/BrowserContentHandler.jsm   |  55 +++---
 browser/components/BrowserGlue.jsm |  15 +++
 browser/components/about/AboutRedirector.cpp   |   6 ++
 browser/components/about/components.conf   |   3 +
 browser/components/moz.build   |   5 +-
 .../locales/en-US/chrome/browser/aboutTBUpdate.dtd |   8 ++
 browser/locales/jar.mn |   3 +
 toolkit/modules/RemotePageAccessManager.jsm|   5 +
 17 files changed, 373 insertions(+), 16 deletions(-)

diff --git a/browser/actors/AboutTBUpdateChild.jsm 
b/browser/actors/AboutTBUpdateChild.jsm
new file mode 100644
index ..4670da19b3db
--- /dev/null
+++ b/browser/actors/AboutTBUpdateChild.jsm
@@ -0,0 +1,12 @@
+// Copyright (c) 2020, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"];
+
+const { RemotePageChild } = ChromeUtils.import(
+  "resource://gre/actors/RemotePageChild.jsm"
+);
+
+class AboutTBUpdateChild extends RemotePageChild {}
diff --git a/browser/actors/AboutTBUpdateParent.jsm 
b/browser/actors/AboutTBUpdateParent.jsm
new file mode 100644
index ..56a10394565a
--- /dev/null
+++ b/browser/actors/AboutTBUpdateParent.jsm
@@ -0,0 +1,120 @@
+// Copyright (c) 2020, The Tor Project, Inc.
+// See LICENSE for licensing information.
+//
+// vim: set sw=2 sts=2 ts=8 et syntax=javascript:
+
+"use strict";
+
+this.EXPORTED_SYMBOLS = ["AboutTBUpdateParent"];
+
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
+const { AppConstants } = ChromeUtils.import(
+  "resource://gre/modules/AppConstants.jsm"
+);
+
+const kRequestUpdateMessageName = "FetchUpdateData";
+
+/**
+ * This code provides services to the about:tbupdate page. Whenever
+ * about:tbupdate needs to do something chrome-privileged, it sends a
+ * message that's handled here. It is modeled after Mozilla's about:home
+ * implementation.
+ */
+class AboutTBUpdateParent extends JSWindowActorParent {
+  receiveMessage(aMessage) {
+if (aMessage.name == kRequestUpdateMessageName) {
+  return this.releaseNoteInfo;
+}
+return undefined;
+  }
+
+  get moreInfoURL() {
+try {
+  return Services.prefs.getCharPref("torbrowser.post_update.url");
+} catch (e) {}
+
+// Use the default URL as a fallback.
+return 
Services.urlFormatter.formatURLPref("startup.homepage_override_url");
+  }
+
+  // Read the text from the beginning of the changelog file that is located
+  // at TorBrowser/Docs/ChangeLog.txt and return an object that contains
+  // the following properties:
+  //   versione.g., Tor Browser 8.5
+  //   releaseDatee.g., March 31 2019
+  //   releaseNotes   details of changes (lines 2 - end of ChangeLog.txt)
+  // We attempt to parse the first line of ChangeLog.txt to extract the
+  // version and releaseDate. If parsing fails, we return the entire first
+  // line in version and omit releaseDate.
+  //
+  // On Mac OS, when building with --enable-tor-browser-data-outside-app-dir
+  // to support Gatekeeper signing, the ChangeLog.txt file is located in
+  // TorBrowser.app/Contents/Resources/TorBrowser/Docs/.
+  get releaseNoteInfo() {
+let info = { moreInfoURL: this.moreInfoURL };
+
+try {
+  let f;
+  if (AppConstants.TOR_BROWSER_DATA_OUTSIDE_APP_DIR) {
+// "XREExeF".parent is the directory that contains firefox, i.e.,
+// Browser/ or, on Mac OS, TorBrowser.app/Contents/MacOS/.
+f =

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 21830: Copying large text from web console leaks to /tmp

2020-11-13 Thread sysrqb 
commit 29814772e9c959ccd14757a3ecc7a68febd2fcba
Author: Georg Koppen 
Date:   Fri Aug 4 05:55:49 2017 +

Bug 21830: Copying large text from web console leaks to /tmp

Patch written by Neill Miller
---
 widget/nsTransferable.cpp | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp
index 9ccfc8639350..135135ab23a8 100644
--- a/widget/nsTransferable.cpp
+++ b/widget/nsTransferable.cpp
@@ -33,6 +33,7 @@ Notes to self:
 #include "nsILoadContext.h"
 #include "nsXULAppAPI.h"
 #include "mozilla/UniquePtr.h"
+#include "mozilla/Preferences.h"
 
 using namespace mozilla;
 
@@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) {
 
   if (aContext) {
 mPrivateData = aContext->UsePrivateBrowsing();
+  } else {
+// without aContext here to provide PrivateBrowsing information,
+// we defer to the active configured setting
+mPrivateData =
+mozilla::Preferences::GetBool("browser.privatebrowsing.autostart");
   }
 #ifdef DEBUG
   mInitialized = true;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing

2020-11-13 Thread sysrqb 
commit f4835de7ca30d9d1c5a91bd6b9dcc3e83e334f4b
Author: Mike Perry 
Date:   Fri May 5 03:41:57 2017 -0700

Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, 
eBay, bing

eBay and Amazon don't treat Tor users very well. Accounts often get locked 
and
payments reversed.

Also:
Bug 16322: Update DuckDuckGo search engine

We are replacing the clearnet URL with an onion service one (thanks to a
patch by a cypherpunk) and are removing the duplicated DDG search
engine. Duplicating DDG happend due to bug 1061736 where Mozilla
included DDG itself into Firefox. Interestingly, this caused breaking
the DDG search if JavaScript is disabled as the Mozilla engine, which
gets loaded earlier, does not use the html version of the search page.
Moreover, the Mozilla engine tracked where the users were searching from
by adding a respective parameter to the search query. We got rid of that
feature as well.

Also:
This fixes bug 20809: the DuckDuckGo team has changed its server-side
code in a way that lets users with JavaScript enabled use the default
landing page while those without JavaScript available get redirected
directly to the non-JS page. We adapt the search engine URLs
accordingly.

Also fixes bug 29798 by making sure we only specify the Google search
engine we actually ship an .xml file for.

Also regression tests.
---
 .../search/extensions/ddg-onion/favicon.ico| Bin 0 -> 973 bytes
 .../search/extensions/ddg-onion/manifest.json  |  26 +
 .../components/search/extensions/ddg/favicon.ico   | Bin 5430 -> 0 bytes
 .../components/search/extensions/ddg/favicon.png   | Bin 0 -> 1150 bytes
 .../components/search/extensions/ddg/manifest.json |  42 +++--
 .../extensions/google/_locales/b-1-d/messages.json |  23 ---
 .../extensions/google/_locales/b-1-e/messages.json |  23 ---
 .../extensions/google/_locales/b-d/messages.json   |  23 ---
 .../extensions/google/_locales/b-e/messages.json   |  23 ---
 .../extensions/google/_locales/en/messages.json|  24 
 .../search/extensions/google/manifest.json |  17 -
 .../search/extensions/startpage/favicon.png| Bin 0 -> 1150 bytes
 .../search/extensions/startpage/manifest.json  |  26 +
 .../search/extensions/twitter/favicon.ico  | Bin 0 -> 1650 bytes
 .../search/extensions/twitter/manifest.json|  26 +
 .../extensions/wikipedia/_locales/NN/messages.json |  20 --
 .../extensions/wikipedia/_locales/NO/messages.json |  20 --
 .../extensions/wikipedia/_locales/af/messages.json |  20 --
 .../extensions/wikipedia/_locales/an/messages.json |  20 --
 .../extensions/wikipedia/_locales/ar/messages.json |  20 --
 .../wikipedia/_locales/ast/messages.json   |  20 --
 .../extensions/wikipedia/_locales/az/messages.json |  20 --
 .../wikipedia/_locales/be-tarask/messages.json |  20 --
 .../extensions/wikipedia/_locales/be/messages.json |  20 --
 .../extensions/wikipedia/_locales/bg/messages.json |  20 --
 .../extensions/wikipedia/_locales/bn/messages.json |  20 --
 .../extensions/wikipedia/_locales/br/messages.json |  20 --
 .../extensions/wikipedia/_locales/bs/messages.json |  20 --
 .../extensions/wikipedia/_locales/ca/messages.json |  20 --
 .../extensions/wikipedia/_locales/cy/messages.json |  20 --
 .../extensions/wikipedia/_locales/cz/messages.json |  20 --
 .../extensions/wikipedia/_locales/da/messages.json |  20 --
 .../extensions/wikipedia/_locales/de/messages.json |  20 --
 .../wikipedia/_locales/dsb/messages.json   |  20 --
 .../extensions/wikipedia/_locales/el/messages.json |  20 --
 .../extensions/wikipedia/_locales/en/messages.json |  20 --
 .../extensions/wikipedia/_locales/eo/messages.json |  20 --
 .../extensions/wikipedia/_locales/es/messages.json |  20 --
 .../extensions/wikipedia/_locales/et/messages.json |  20 --
 .../extensions/wikipedia/_locales/eu/messages.json |  20 --
 .../extensions/wikipedia/_locales/fa/messages.json |  20 --
 .../extensions/wikipedia/_locales/fi/messages.json |  20 --
 .../extensions/wikipedia/_locales/fr/messages.json |  20 --
 .../wikipedia/_locales/fy-NL/messages.json |  20 --
 .../wikipedia/_locales/ga-IE/messages.json |  20 --
 .../extensions/wikipedia/_locales/gd/messages.json |  20 --
 .../extensions/wikipedia/_locales/gl/messages.json |  20 --
 .../extensions/wikipedia/_locales/gn/messages.json |  20 --
 .../extensions/wikipedia/_locales/gu/messages.json |  20 --
 .../extensions/wikipedia/_locales/he/messages.json |  20 --

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 16285: Exclude ClearKey system for now

2020-11-13 Thread sysrqb 
commit 0edc92661bcf8e691b9550b39713008e340daaa2
Author: Georg Koppen 
Date:   Mon May 22 12:44:40 2017 +

Bug 16285: Exclude ClearKey system for now

In the past the ClearKey system had not been compiled when specifying
--disable-eme. But that changed and it is even bundled nowadays (see:
Mozilla's bug 1300654). We don't want to ship it right now as the use
case for it is not really visible while the code had security
vulnerabilities in the past.
---
 browser/installer/package-manifest.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/browser/installer/package-manifest.in 
b/browser/installer/package-manifest.in
index 6a2f19cb040a..74589084d4fa 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -469,8 +469,8 @@ bin/libfreebl_64int_3.so
 #endif
 
 ; media
-@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
-@RESPATH@/gmp-clearkey/0.1/manifest.json
+;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@
+;@RESPATH@/gmp-clearkey/0.1/manifest.json
 
 #ifdef MOZ_DMD
 ; DMD



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps

2020-11-13 Thread sysrqb 
commit e8e2d18674a349af5be74d9435af2a45c424a8d7
Author: teor 
Date:   Mon Mar 13 23:06:23 2017 +1100

Bug 21724: Make Firefox and Tor Browser distinct macOS apps

When macOS opens a document or selects a default browser, it sometimes
uses the CFBundleSignature. Changing from the Firefox MOZB signature to
a different signature TORB allows macOS to distinguish between Firefox
and Tor Browser.
---
 browser/app/Makefile.in | 2 +-
 browser/app/macbuild/Contents/Info.plist.in | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in
index d365e63dd745..e55a5cebd5b4 100644
--- a/browser/app/Makefile.in
+++ b/browser/app/Makefile.in
@@ -102,5 +102,5 @@ ifdef MOZ_UPDATER
mv -f 
'$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' 
'$(dist_dest)/Contents/Library/LaunchServices'
ln -s ../../../../Library/LaunchServices/org.mozilla.updater 
'$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater'
 endif
-   printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo'
+   printf APPLTORB > '$(dist_dest)/Contents/PkgInfo'
 endif
diff --git a/browser/app/macbuild/Contents/Info.plist.in 
b/browser/app/macbuild/Contents/Info.plist.in
index 18a88470296a..f9d01d8277aa 100644
--- a/browser/app/macbuild/Contents/Info.plist.in
+++ b/browser/app/macbuild/Contents/Info.plist.in
@@ -179,7 +179,7 @@
CFBundleShortVersionString
%APP_VERSION%
CFBundleSignature
-   MOZB
+   TORB
CFBundleURLTypes





___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 4234: Use the Firefox Update Process for Tor Browser.

2020-11-13 Thread sysrqb 
commit ea22fbe36297226d3588996ef6c3d3305c1f6c00
Author: Kathy Brade 
Date:   Fri Jan 13 11:40:24 2017 -0500

Bug 4234: Use the Firefox Update Process for Tor Browser.

The following files are never updated:
  TorBrowser/Data/Browser/profiles.ini
  TorBrowser/Data/Browser/profile.default/bookmarks.html
  TorBrowser/Data/Tor/torrc
Mac OS: Store update metadata under TorBrowser/UpdateInfo.
Removed the %OS_VERSION% component from the update URL (13047) and
  added support for minSupportedOSVersion, an attribute of the
   element that may be used to trigger Firefox's
  "unsupported platform" behavior.
Hide the "What's new" links (set app.releaseNotesURL value to about:blank).
Windows: disable "runas" code path in updater (15201).
Windows: avoid writing to the registry (16236).
Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406,
  16014, 16909, 24476, and 25909.

Also fix Bug 26049: reduce the delay before the update prompt is displayed.
Instead of Firefox's 2 days, we use 1 hour (after which time the update
doorhanger will be displayed).

Also fix bug 27221: purge the startup cache if the Tor Browser
version changed (even if the Firefox version and build ID did
not change), e.g., after a minor Tor Browser update.

Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality.

Bug 26048: potentially confusing "restart to update" message

Within the update doorhanger, remove the misleading message that mentions
that windows will be restored after an update is applied, and replace the
"Restart and Restore" button label with an existing
"Restart to update Tor Browser" string.

Bug 28885: notify users that update is downloading

Add a "Downloading Tor Browser update" item which appears in the
hamburger (app) menu while the update service is downloading a MAR
file. Before this change, the browser did not indicate to the user
that an update was in progress, which is especially confusing in
Tor Browser because downloads often take some time. If the user
clicks on the new menu item, the about dialog is opened to allow
the user to see download progress.

As part of this fix, the update service was changed to always show
update-related messages in the hamburger menu, even if the update
was started in the foreground via the about dialog or via the
"Check for Tor Browser Update" toolbar menu item. This change is
consistent with the Tor Browser goal of making sure users are
informed about the update process.

Removed #28885 parts of this patch which have been uplifted to Firefox.
---
 browser/app/Makefile.in|   2 +
 browser/app/profile/000-tor-browser.js |  16 +-
 browser/app/profile/firefox.js |  10 +-
 browser/base/content/aboutDialog-appUpdater.js |   2 +-
 browser/base/content/aboutDialog.js|  12 +-
 browser/components/BrowserContentHandler.jsm   |  39 ++-
 .../customizableui/content/panelUI.inc.xhtml   |   5 +-
 browser/confvars.sh|  35 +--
 browser/installer/package-manifest.in  |   2 +
 build/application.ini.in   |   2 +-
 build/moz.configure/init.configure |   3 +-
 config/createprecomplete.py|  17 +-
 .../client/aboutdebugging/src/actions/runtimes.js  |   5 +
 toolkit/modules/UpdateUtils.jsm|  34 +--
 toolkit/mozapps/extensions/AddonManager.jsm|  24 ++
 toolkit/mozapps/extensions/test/browser/head.js|   1 +
 .../extensions/test/xpcshell/head_addons.js|   1 +
 toolkit/mozapps/update/UpdateService.jsm   | 127 +++-
 toolkit/mozapps/update/UpdateServiceStub.jsm   |   4 +
 toolkit/mozapps/update/common/updatehelper.cpp |   8 +
 toolkit/mozapps/update/moz.build   |   5 +-
 toolkit/mozapps/update/updater/launchchild_osx.mm  |   2 +
 toolkit/mozapps/update/updater/moz.build   |   2 +-
 toolkit/mozapps/update/updater/updater.cpp | 339 ++---
 toolkit/xre/MacLaunchHelper.h  |   2 +
 toolkit/xre/MacLaunchHelper.mm |   2 +
 toolkit/xre/nsAppRunner.cpp|  22 +-
 toolkit/xre/nsUpdateDriver.cpp | 109 ++-
 toolkit/xre/nsXREDirProvider.cpp   |  42 ++-
 tools/update-packaging/common.sh   |  64 ++--
 tools/update-packaging/make_full_update.sh |  25 ++
 tools/update-packaging/make_incremental_update.sh  |  71 -
 32 files changed, 879 insertions(+), 155 deletions(-)

diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in
index e55a5cebd5b4..4fc1e47ed2fa 100644
--- a/browser/app/Makefile.in
+++ b/browser/app/Makefile.in
@@ -97,10 +97,12 @@ tools repackage::

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 19121: reinstate the update.xml hash check

2020-11-13 Thread sysrqb 
commit 1a49bc724e1ce8f6976f52a981d18b7fef3b01b7
Author: Kathy Brade 
Date:   Mon Apr 23 15:22:57 2018 -0400

Bug 19121: reinstate the update.xml hash check

Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and
hashValue attributes from nsIUpdatePatch and code related to these
attributes." Changes to the tests were not reverted; the tests have
been changed significantly and we do not run automated updater tests
for Tor Browser at this time.

Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122.

Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't
verify mar file hash when using mar signing to verify the mar file
(lessens main thread I/O)."

Changes to the tests were not reverted; the tests have been changed
significantly and we do not run automated updater tests for
Tor Browser at this time.

We kept the addition to the AppConstants API in case other JS code
references it in the future.
---
 toolkit/modules/AppConstants.jsm|  7 
 toolkit/mozapps/update/UpdateService.jsm| 63 -
 toolkit/mozapps/update/UpdateTelemetry.jsm  |  1 +
 toolkit/mozapps/update/nsIUpdateService.idl | 11 +
 4 files changed, 81 insertions(+), 1 deletion(-)

diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 36e8fb37d400..2d59df17ab27 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({
   false,
 #endif
 
+  MOZ_VERIFY_MAR_SIGNATURE:
+#ifdef MOZ_VERIFY_MAR_SIGNATURE
+  true,
+#else
+  false,
+#endif
+
   MOZ_MAINTENANCE_SERVICE:
 #ifdef MOZ_MAINTENANCE_SERVICE
   true,
diff --git a/toolkit/mozapps/update/UpdateService.jsm 
b/toolkit/mozapps/update/UpdateService.jsm
index e6dc8e8c0081..aa8ae5746f97 100644
--- a/toolkit/mozapps/update/UpdateService.jsm
+++ b/toolkit/mozapps/update/UpdateService.jsm
@@ -799,6 +799,20 @@ function LOG(string) {
   }
 }
 
+/**
+ * Convert a string containing binary values to hex.
+ */
+function binaryToHex(input) {
+  var result = "";
+  for (var i = 0; i < input.length; ++i) {
+var hex = input.charCodeAt(i).toString(16);
+if (hex.length == 1)
+  hex = "0" + hex;
+result += hex;
+  }
+  return result;
+}
+
 /**
  * Gets the specified directory at the specified hierarchy under the
  * update root directory and creates it if it doesn't exist.
@@ -1612,6 +1626,8 @@ function UpdatePatch(patch) {
 }
 break;
   case "finalURL":
+  case "hashFunction":
+  case "hashValue":
   case "state":
   case "type":
   case "URL":
@@ -1631,6 +1647,8 @@ UpdatePatch.prototype = {
   // over writing nsIUpdatePatch attributes.
   _attrNames: [
 "errorCode",
+"hashFunction",
+"hashValue",
 "finalURL",
 "selected",
 "size",
@@ -1644,6 +1662,8 @@ UpdatePatch.prototype = {
*/
   serialize: function UpdatePatch_serialize(updates) {
 var patch = updates.createElementNS(URI_UPDATE_NS, "patch");
+patch.setAttribute("hashFunction", this.hashFunction);
+patch.setAttribute("hashValue", this.hashValue);
 patch.setAttribute("size", this.size);
 patch.setAttribute("type", this.type);
 patch.setAttribute("URL", this.URL);
@@ -4478,7 +4498,42 @@ Downloader.prototype = {
 }
 
 LOG("Downloader:_verifyDownload downloaded size == expected size.");
-return true;
+let fileStream = Cc["@mozilla.org/network/file-input-stream;1"].
+ createInstance(Ci.nsIFileInputStream);
+fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE, 
0);
+
+let digest;
+try {
+  let hash = Cc["@mozilla.org/security/hash;1"].
+ createInstance(Ci.nsICryptoHash);
+  var hashFunction = 
Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()];
+  if (hashFunction == undefined) {
+throw Cr.NS_ERROR_UNEXPECTED;
+  }
+  hash.init(hashFunction);
+  hash.updateFromStream(fileStream, -1);
+  // NOTE: For now, we assume that the format of _patch.hashValue is hex
+  // encoded binary (such as what is typically output by programs like
+  // sha1sum).  In the future, this may change to base64 depending on how
+  // we choose to compute these hashes.
+  digest = binaryToHex(hash.finish(false));
+} catch (e) {
+  LOG("Downloader:_verifyDownload - failed to compute hash of the " +
+  "downloaded update archive");
+  digest = "";
+}
+
+fileStream.close();
+
+if (digest == this._patch.hashValue.toLowerCase()) {
+  LOG("Downloader:_verifyDownload hashes match.");
+  return true;
+}
+
+LOG("Downloader:_verifyDownload hashes do not match. ");
+AUSTLMY.pingDownloadCode(this.isCompleteUpdate,
+ AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH);
+return false;
   },
 
   /**
@@ -5070,6

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 28369: Stop shipping pingsender executable

2020-11-13 Thread sysrqb 
commit 1f268a7488af613b900aa784ba5b6d1a35ad8c43
Author: Alex Catarineu 
Date:   Wed Apr 10 17:52:51 2019 +0200

Bug 28369: Stop shipping pingsender executable
---
 browser/app/macbuild/Contents/MacOS-files.in   |  1 -
 browser/installer/package-manifest.in  |  4 
 browser/installer/windows/nsis/shared.nsh  |  1 -
 python/mozbuild/mozbuild/artifacts.py  |  2 --
 toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +--
 toolkit/components/telemetry/moz.build |  4 
 6 files changed, 1 insertion(+), 30 deletions(-)

diff --git a/browser/app/macbuild/Contents/MacOS-files.in 
b/browser/app/macbuild/Contents/MacOS-files.in
index 3c6a1db5d6ea..bebc656a0a05 100644
--- a/browser/app/macbuild/Contents/MacOS-files.in
+++ b/browser/app/macbuild/Contents/MacOS-files.in
@@ -16,7 +16,6 @@
 #if defined(MOZ_CRASHREPORTER)
 /minidump-analyzer
 #endif
-/pingsender
 /pk12util
 /ssltunnel
 /xpcshell
diff --git a/browser/installer/package-manifest.in 
b/browser/installer/package-manifest.in
index 937afa28fd71..6c314a352c3b 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -448,10 +448,6 @@ bin/libfreebl_64int_3.so
 @BINPATH@/minidump-analyzer@BIN_SUFFIX@
 #endif
 
-; [ Ping Sender ]
-;
-@BINPATH@/pingsender@BIN_SUFFIX@
-
 ; Shutdown Terminator
 @RESPATH@/components/terminator.manifest
 
diff --git a/browser/installer/windows/nsis/shared.nsh 
b/browser/installer/windows/nsis/shared.nsh
index 0529ac4529db..c556fe016af0 100755
--- a/browser/installer/windows/nsis/shared.nsh
+++ b/browser/installer/windows/nsis/shared.nsh
@@ -1472,7 +1472,6 @@ ${EndIf}
   Push "crashreporter.exe"
   Push "default-browser-agent.exe"
   Push "minidump-analyzer.exe"
-  Push "pingsender.exe"
   Push "updater.exe"
   Push "updateagent.exe"
   Push "${FileMainEXE}"
diff --git a/python/mozbuild/mozbuild/artifacts.py 
b/python/mozbuild/mozbuild/artifacts.py
index 8c0f90033638..18f41039a6bb 100644
--- a/python/mozbuild/mozbuild/artifacts.py
+++ b/python/mozbuild/mozbuild/artifacts.py
@@ -423,7 +423,6 @@ class LinuxArtifactJob(ArtifactJob):
 '{product}/{product}',
 '{product}/{product}-bin',
 '{product}/minidump-analyzer',
-'{product}/pingsender',
 '{product}/plugin-container',
 '{product}/updater',
 '{product}/**/*.so',
@@ -485,7 +484,6 @@ class MacArtifactJob(ArtifactJob):
 'libosclientcerts.dylib',
 'libsoftokn3.dylib',
 'minidump-analyzer',
-'pingsender',
 'plugin-container.app/Contents/MacOS/plugin-container',
 'updater.app/Contents/MacOS/org.mozilla.updater',
 # 'xpcshell',
diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm 
b/toolkit/components/telemetry/app/TelemetrySend.jsm
index caf11f440681..ce27382be7e0 100644
--- a/toolkit/components/telemetry/app/TelemetrySend.jsm
+++ b/toolkit/components/telemetry/app/TelemetrySend.jsm
@@ -1578,23 +1578,6 @@ var TelemetrySendImpl = {
   },
 
   runPingSender(pings, observer) {
-if (AppConstants.platform === "android") {
-  throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED);
-}
-
-const exeName =
-  AppConstants.platform === "win" ? "pingsender.exe" : "pingsender";
-
-let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile);
-exe.append(exeName);
-
-let params = pings.flatMap(ping => [ping.url, ping.path]);
-let process = Cc["@mozilla.org/process/util;1"].createInstance(
-  Ci.nsIProcess
-);
-process.init(exe);
-process.startHidden = true;
-process.noShell = true;
-process.runAsync(params, params.length, observer);
+throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED);
   },
 };
diff --git a/toolkit/components/telemetry/moz.build 
b/toolkit/components/telemetry/moz.build
index 2a23b344dde1..0766635b2017 100644
--- a/toolkit/components/telemetry/moz.build
+++ b/toolkit/components/telemetry/moz.build
@@ -8,10 +8,6 @@ include('/ipc/chromium/chromium-config.mozbuild')
 
 FINAL_LIBRARY = 'xul'
 
-DIRS = [
-'pingsender',
-]
-
 DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION']
 
 LOCAL_INCLUDES += [



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 13252: Do not store data in the app bundle

2020-11-13 Thread sysrqb 
commit e5ea2caab22c00e76fc7178b7e19c1bf1641a1ab
Author: Kathy Brade 
Date:   Fri Mar 18 14:20:02 2016 -0400

Bug 13252: Do not store data in the app bundle

When --enable-tor-browser-data-outside-app-dir is enabled,
all user data is stored in a directory named
TorBrowser-Data which is located next to the application directory.

Display an informative error message if the TorBrowser-Data
directory cannot be created due to an "access denied" or a
"read only volume" error.

On Mac OS, add support for the --invisible command line option which
is used by the meek-http-helper to avoid showing an icon for the
helper browser on the dock.
---
 toolkit/xre/nsAppRunner.cpp|  76 +++
 toolkit/xre/nsXREDirProvider.cpp   |  43 +--
 toolkit/xre/nsXREDirProvider.h |   6 ++
 xpcom/io/TorFileUtils.cpp  | 133 +
 xpcom/io/TorFileUtils.h|  32 
 xpcom/io/moz.build |   5 ++
 xpcom/io/nsAppFileLocationProvider.cpp |  53 ++---
 7 files changed, 280 insertions(+), 68 deletions(-)

diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 62e08eecc4eb..984357fd8227 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -2354,6 +2354,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* 
aNative) {
   }
 }
 
+// If aUnlocker is NULL, it is also OK for the following arguments to be NULL:
+//   aProfileDir, aProfileLocalDir, aResult.
 static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir,
  nsIFile* aProfileLocalDir,
  ProfileStatus aStatus,
@@ -2362,17 +2364,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* 
aProfileDir,
  nsIProfileLock** aResult) {
   nsresult rv;
 
-  bool exists;
-  aProfileDir->Exists();
-  if (!exists) {
-return ProfileMissingDialog(aNative);
+  if (aProfileDir) {
+bool exists;
+aProfileDir->Exists();
+if (!exists) {
+  return ProfileMissingDialog(aNative);
+}
   }
 
   ScopedXPCOMStartup xpcom;
   rv = xpcom.Initialize();
   NS_ENSURE_SUCCESS(rv, rv);
 
-  mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
+  if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir);
 
   rv = xpcom.SetWindowCreator(aNative);
   NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE);
@@ -2462,7 +2466,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* 
aProfileDir,
   }
 } else {
 #ifdef MOZ_WIDGET_ANDROID
-  if (java::GeckoAppShell::UnlockProfile()) {
+  if (aProfileDir && aProfileLocalDir && aResult &&
+  java::GeckoAppShell::UnlockProfile()) {
 return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr,
   aResult);
   }
@@ -2571,6 +2576,23 @@ static ReturnAbortOnError ShowProfileManager(
   return LaunchChild(false);
 }
 
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) {
+  // Check whether we can write to the directory that will contain
+  // TorBrowser-Data.
+  nsCOMPtr tbDataDir;
+  RefPtr dirProvider = nsXREDirProvider::GetSingleton();
+  if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR;
+  nsresult rv =
+  dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir));
+  NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+  nsCOMPtr tbDataDirParent;
+  rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent));
+  NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR);
+  return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent);
+}
+#endif
+
 static bool gDoMigration = false;
 static bool gDoProfileReset = false;
 static nsCOMPtr gResetOldProfile;
@@ -3595,6 +3617,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
   if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK();
 #endif
 
+#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+  bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND);
+  if (hideDockIcon) {
+ProcessSerialNumber psn = {0, kCurrentProcess};
+TransformProcessType(, kProcessTransformToBackgroundApplication);
+  }
+#endif
+
   IncreaseDescriptorLimits();
 
 #ifdef USE_GLX_TEST
@@ -4443,7 +4473,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {
 return 0;
   }
 
+#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \
+defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR)
+  nsCOMPtr exeFile, exeDir;
+  bool persistent;
+  rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, ,
+getter_AddRefs(exeFile));
+  NS_ENSURE_SUCCESS(rv, 1);
+  rv = exeFile->GetParent(getter_AddRefs(exeDir));
+  NS_ENSURE_SUCCESS(rv, 1);
+#endif
+
   rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc));
+#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR
+  if (NS_FAILED(rv)) {
+//

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 11641: change TBB directory structure to be more like Firefox's

2020-11-13 Thread sysrqb 
commit bec90075c0a29abe836732c2f6b7e4cd45b8415a
Author: Kathy Brade 
Date:   Tue Apr 29 13:08:24 2014 -0400

Bug 11641: change TBB directory structure to be more like Firefox's

Unless the -osint command line flag is used, the browser now defaults
to the equivalent of -no-remote.  There is a new -allow-remote flag that
may be used to restore the original (Firefox-like) default behavior.
---
 toolkit/xre/nsAppRunner.cpp | 21 -
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index 984357fd8227..7981fc1d69d3 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -1799,8 +1799,10 @@ static void DumpHelp() {
   "  --migrationStart with migration wizard.\n"
   "  --ProfileManager   Start with ProfileManager.\n"
 #ifdef MOZ_HAS_REMOTE
-  "  --no-remoteDo not accept or send remote commands; implies\n"
+  "  --no-remote(default) Do not accept or send remote commands; "
+  "implies\n"
   " --new-instance.\n"
+  "  --allow-remote Accept and send remote commands.\n"
   "  --new-instance Open new instance, not a new window in running "
   "instance.\n"
 #endif
@@ -3960,16 +3962,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
  gSafeMode);
 
 #if defined(MOZ_HAS_REMOTE)
+  // In Tor Browser, remoting is disabled by default unless -osint is used.
+  bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND);
+  bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND);
+  if (!allowRemote && !isOsint) {
+SaveToEnv("MOZ_NO_REMOTE=1");
+  }
   // Handle --no-remote and --new-instance command line arguments. Setup
   // the environment to better accommodate other components and various
   // restart scenarios.
   ar = CheckArg("no-remote");
-  if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) {
+  if ((ar == ARG_FOUND) && allowRemote) {
+PR_fprintf(PR_STDERR,
+   "Error: argument --no-remote is invalid when argument "
+   "--allow-remote is specified\n");
+return 1;
+  }
+  if (EnvHasValue("MOZ_NO_REMOTE")) {
 mDisableRemoteClient = true;
 mDisableRemoteServer = true;
-if (!EnvHasValue("MOZ_NO_REMOTE")) {
-  SaveToEnv("MOZ_NO_REMOTE=1");
-}
   }
 
   ar = CheckArg("new-instance");



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.

2020-11-13 Thread sysrqb 
commit acd6430a2eb4b506a1c696e3fb1c03c2787d9d08
Author: Kathy Brade 
Date:   Fri Oct 18 15:20:06 2013 -0400

Bug 9173: Change the default Firefox profile directory to be TBB-relative.

This should eliminate our need to rely on a wrapper script that
sets /Users/arthur and launches Firefox with -profile.
---
 toolkit/profile/nsToolkitProfileService.cpp |   5 +-
 toolkit/xre/nsAppRunner.cpp |   2 +-
 toolkit/xre/nsConsoleWriter.cpp |   2 +-
 toolkit/xre/nsXREDirProvider.cpp| 149 ++--
 toolkit/xre/nsXREDirProvider.h  |  16 +--
 xpcom/io/nsAppFileLocationProvider.cpp  |  97 +++---
 6 files changed, 84 insertions(+), 187 deletions(-)

diff --git a/toolkit/profile/nsToolkitProfileService.cpp 
b/toolkit/profile/nsToolkitProfileService.cpp
index 4af61d54d19b..060248c42689 100644
--- a/toolkit/profile/nsToolkitProfileService.cpp
+++ b/toolkit/profile/nsToolkitProfileService.cpp
@@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() {
   NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!");
   nsresult rv;
 
-  rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData));
+  rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData));
   NS_ENSURE_SUCCESS(rv, rv);
 
-  rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData));
+  rv =
+  
gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData));
   NS_ENSURE_SUCCESS(rv, rv);
 
   rv = mAppData->Clone(getter_AddRefs(mProfileDBFile));
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index d944ce905cbe..041b4c33fc69 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -3599,7 +3599,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) {
   if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) &&
   NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) {
 nsCOMPtr file;
-rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file));
+rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file));
 if (NS_SUCCEEDED(rv)) {
   CrashReporter::SetUserAppDataDirectory(file);
 }
diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp
index d89ea3bde31d..4a9a6d28034a 100644
--- a/toolkit/xre/nsConsoleWriter.cpp
+++ b/toolkit/xre/nsConsoleWriter.cpp
@@ -29,7 +29,7 @@ void WriteConsoleLog() {
   } else {
 if (!gLogConsoleErrors) return;
 
-rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile));
+rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile));
 if (NS_FAILED(rv)) return;
 
 lfile->AppendNative("console.log"_ns);
diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp
index 2760be996403..b88fd3eb368c 100644
--- a/toolkit/xre/nsXREDirProvider.cpp
+++ b/toolkit/xre/nsXREDirProvider.cpp
@@ -32,6 +32,7 @@
 #include "nsArrayEnumerator.h"
 #include "nsEnumeratorUtils.h"
 #include "nsReadableUtils.h"
+#include "nsXPCOMPrivate.h"  // for XPCOM_FILE_PATH_SEPARATOR
 
 #include "SpecialSystemDirectory.h"
 
@@ -244,9 +245,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** 
aResult) {
   nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false);
 
   if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
-rv = file->AppendNative("Profiles"_ns);
-#endif
 // We must create the profile directory here if it does not exist.
 nsresult tmp = EnsureDirectoryExists(file);
 if (NS_FAILED(tmp)) {
@@ -262,9 +260,6 @@ nsresult 
nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) {
   nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true);
 
   if (NS_SUCCEEDED(rv)) {
-#if !defined(XP_UNIX) || defined(XP_MACOSX)
-rv = file->AppendNative("Profiles"_ns);
-#endif
 // We must create the profile directory here if it does not exist.
 nsresult tmp = EnsureDirectoryExists(file);
 if (NS_FAILED(tmp)) {
@@ -1394,7 +1389,7 @@ nsresult 
nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr& aFile,
 nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
 bool aLocal) {
   // Copied from nsAppFileLocationProvider (more or less)
-  nsresult rv;
+  NS_ENSURE_ARG_POINTER(aFile);
   nsCOMPtr localDir;
 
   if (aLocal && gDataDirHomeLocal) {
@@ -1404,80 +1399,39 @@ nsresult 
nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile,
 return gDataDirHome->Clone(aFile);
   }
 
-#if defined(XP_MACOSX)
-  FSRef fsRef;
-  OSType folderType;
-  if (aLocal) {
-folderType = kCachedDataFolderType;
-  } else {
-#  ifdef MOZ_THUNDERBIRD
-folderType = kDomainLibraryFolderType;
-#  else
-folderType = kApplicationSupportFolderType;
-#  endif
-  }
-  OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, );
-  NS_ENSURE_FALSE(err, NS_ERROR_FAILURE);
-
-  rv =

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp

2020-11-13 Thread sysrqb 
commit 03e1e3532ccec840aef0a5ae43586175e0b7c1a5
Author: Kathy Brade 
Date:   Thu Apr 21 10:40:26 2016 -0400

Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp

Instead of using the local computer's IP address within
symlink-based profile lock signatures, always use 127.0.0.1.
---
 toolkit/profile/nsProfileLock.cpp | 17 -
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/toolkit/profile/nsProfileLock.cpp 
b/toolkit/profile/nsProfileLock.cpp
index 01818d32e6f7..adccfa4dd6d4 100644
--- a/toolkit/profile/nsProfileLock.cpp
+++ b/toolkit/profile/nsProfileLock.cpp
@@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* 
aLockFile,
   if (!mReplacedLockTime)
 aLockFile->GetLastModifiedTimeOfLink();
 
+  // For Tor Browser, avoid a DNS lookup here so the Tor network is not
+  // bypassed. Instead, always use 127.0.0.1 for the IP address portion
+  // of the lock signature, which may cause the browser to refuse to
+  // start in the rare event that all of the following conditions are met:
+  //   1. The browser profile is on a network file system.
+  //   2. The file system does not support fcntl() locking.
+  //   3. Tor Browser is run from two different computers at the same time.
+
   struct in_addr inaddr;
   inaddr.s_addr = htonl(INADDR_LOOPBACK);
 
-  char hostname[256];
-  PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof 
hostname);
-  if (status == PR_SUCCESS) {
-char netdbbuf[PR_NETDB_BUF_SIZE];
-PRHostEnt hostent;
-status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, );
-if (status == PR_SUCCESS) memcpy(, hostent.h_addr, sizeof inaddr);
-  }
-
   mozilla::SmprintfPointer signature =
   mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr),
 aHaveFcntlLock ? "+" : "", (unsigned long)getpid());



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 14631: Improve profile access error messages.

2020-11-13 Thread sysrqb 
commit 680f020fbd3440a08ac1c8a9668370b9519af237
Author: Kathy Brade 
Date:   Tue Feb 24 13:50:23 2015 -0500

Bug 14631: Improve profile access error messages.

Instead of always reporting that the profile is locked, display specific
messages for "access denied" and "read-only file system".

To allow for localization, get profile-related error strings from Torbutton.
Use app display name ("Tor Browser") in profile-related error alerts.
---
 .../mozapps/profile/profileSelection.properties|   5 +
 toolkit/profile/nsToolkitProfileService.cpp|  57 +++-
 toolkit/profile/nsToolkitProfileService.h  |  13 +-
 toolkit/xre/nsAppRunner.cpp| 155 ++---
 4 files changed, 207 insertions(+), 23 deletions(-)

diff --git 
a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties 
b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
index d326083202b2..aa38bda24347 100644
--- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
+++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties
@@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not 
responding. The old %S
 restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S 
can be open at a time.
 restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S 
will quit in order to open this one.
 
+# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, 
profileAccessDenied):  Messages displayed when the browser profile cannot be 
accessed or written to. %S is the application name.
+profileProblemTitle=%S Profile Problem
+profileReadOnly=You cannot run %S from a read-only file system.  Please copy 
%S to another location before trying to use it.
+profileReadOnlyMac=You cannot run %S from a read-only file system.  Please 
copy %S to your Desktop or Applications folder before trying to use it.
+profileAccessDenied=%S does not have permission to access the profile. Please 
adjust your file system permissions and try again.
 # Profile manager
 # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S 
is the path to the profile folder.
 profileTooltip=Profile: ‘%S’ — Path: ‘%S’
diff --git a/toolkit/profile/nsToolkitProfileService.cpp 
b/toolkit/profile/nsToolkitProfileService.cpp
index 060248c42689..65066f3562de 100644
--- a/toolkit/profile/nsToolkitProfileService.cpp
+++ b/toolkit/profile/nsToolkitProfileService.cpp
@@ -1159,9 +1159,10 @@ nsToolkitProfileService::SelectStartupProfile(
   }
 
   bool wasDefault;
+  ProfileStatus profileStatus;
   nsresult rv =
   SelectStartupProfile(, argv.get(), aIsResetting, aRootDir, 
aLocalDir,
-   aProfile, aDidCreate, );
+   aProfile, aDidCreate, , profileStatus);
 
   // Since we were called outside of the normal startup path complete any
   // startup tasks.
@@ -1194,7 +1195,8 @@ nsToolkitProfileService::SelectStartupProfile(
 nsresult nsToolkitProfileService::SelectStartupProfile(
 int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir,
 nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate,
-bool* aWasDefaultSelection) {
+bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) {
+  aProfileStatus = PROFILE_STATUS_OK;
   if (mStartupProfileSelected) {
 return NS_ERROR_ALREADY_INITIALIZED;
   }
@@ -1288,6 +1290,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile(
 rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf));
 NS_ENSURE_SUCCESS(rv, rv);
 
+aProfileStatus = CheckProfileWriteAccess(lf);
+if (PROFILE_STATUS_OK != aProfileStatus) {
+  NS_ADDREF(*aRootDir = lf);
+  NS_ADDREF(*aLocalDir = lf);
+  return NS_ERROR_FAILURE;
+}
+
 // Make sure that the profile path exists and it's a directory.
 bool exists;
 rv = lf->Exists();
@@ -2077,3 +2086,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, 
nsIFile** aResult) {
 #  error Platform-specific logic needed here.
 #endif
 }
+
+// Check for write permission to the profile directory by trying to create a
+// new file (after ensuring that no file with the same name exists).
+ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess(
+nsIFile* aProfileDir) {
+#if defined(XP_UNIX)
+  constexpr auto writeTestFileName = u".parentwritetest"_ns;
+#else
+  constexpr auto writeTestFileName = u"parent.writetest"_ns;
+#endif
+
+  nsCOMPtr writeTestFile;
+  nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile));
+  if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName);
+
+  if (NS_SUCCEEDED(rv)) {
+bool doesExist = false;
+rv = writeTestFile->Exists();
+if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true);
+  }
+
+  if (NS_SUCCEEDED(rv)) {
+rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666);
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 18821: Disable libmdns for Android and Desktop

2020-11-13 Thread sysrqb 
commit 923f2be4475b4426a7611b32ed5667d4c32e7807
Author: Georg Koppen 
Date:   Wed Apr 20 14:34:50 2016 +

Bug 18821: Disable libmdns for Android and Desktop

There should be no need to remove the OS X support introduced in
https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this
is governed by a preference (which is actually set to `false`). However,
we remove it at build time as well (defense in depth).

This is basically a backout of the relevant passages of
https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d,
https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and
https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd.

Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses)
as well.
---
 dom/presentation/provider/components.conf | 10 --
 dom/presentation/provider/moz.build   |  1 -
 netwerk/dns/mdns/libmdns/components.conf  | 15 ---
 netwerk/dns/mdns/libmdns/moz.build| 28 
 4 files changed, 54 deletions(-)

diff --git a/dom/presentation/provider/components.conf 
b/dom/presentation/provider/components.conf
index 04cb28ec757e..56994ed7cd94 100644
--- a/dom/presentation/provider/components.conf
+++ b/dom/presentation/provider/components.conf
@@ -6,9 +6,6 @@
 
 categories = {}
 
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'):
-categories["presentation-device-provider"] = "MulticastDNSDeviceProvider"
-
 Classes = [
 {
 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}',
@@ -16,11 +13,4 @@ Classes = [
 'jsm': 'resource://gre/modules/PresentationControlService.jsm',
 'constructor': 'PresentationControlService',
 },
-{
-'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}',
-'contract_ids': 
['@mozilla.org/presentation-device/multicastdns-provider;1'],
-'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider',
-'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'],
-'categories': categories,
-},
 ]
diff --git a/dom/presentation/provider/moz.build 
b/dom/presentation/provider/moz.build
index eaea61af415a..d97b75ddbcf9 100644
--- a/dom/presentation/provider/moz.build
+++ b/dom/presentation/provider/moz.build
@@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [
 
 UNIFIED_SOURCES += [
 'DeviceProviderHelpers.cpp',
-'MulticastDNSDeviceProvider.cpp',
 ]
 
 XPCOM_MANIFESTS += [
diff --git a/netwerk/dns/mdns/libmdns/components.conf 
b/netwerk/dns/mdns/libmdns/components.conf
index 6e64140c820e..1b50dbf673a4 100644
--- a/netwerk/dns/mdns/libmdns/components.conf
+++ b/netwerk/dns/mdns/libmdns/components.conf
@@ -5,20 +5,5 @@
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 Classes = [
-{
-'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}',
-'contract_ids': 
['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'],
-'type': 'mozilla::net::nsDNSServiceInfo',
-'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'],
-},
 ]
 
-if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa':
-Classes += [
-{
-'cid': '{f9346d98-f27a-4e89-b744-493843416480}',
-'contract_ids': 
['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'],
-'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm',
-'constructor': 'nsDNSServiceDiscovery',
-},
-]
diff --git a/netwerk/dns/mdns/libmdns/moz.build 
b/netwerk/dns/mdns/libmdns/moz.build
index 05dc75eb9eda..a6fc1a8a559a 100644
--- a/netwerk/dns/mdns/libmdns/moz.build
+++ b/netwerk/dns/mdns/libmdns/moz.build
@@ -4,34 +4,6 @@
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
-if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
-UNIFIED_SOURCES += [
-'MDNSResponderOperator.cpp',
-'MDNSResponderReply.cpp',
-'nsDNSServiceDiscovery.cpp',
-]
-
-LOCAL_INCLUDES += [
-  '/netwerk/base',
-]
-
-else:
-EXTRA_JS_MODULES += [
-'DNSServiceDiscovery.jsm',
-'fallback/DataReader.jsm',
-'fallback/DataWriter.jsm',
-'fallback/DNSPacket.jsm',
-'fallback/DNSRecord.jsm',
-'fallback/DNSResourceRecord.jsm',
-'fallback/DNSTypes.jsm',
-'fallback/MulticastDNS.jsm',
-]
-
-if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android':
-EXTRA_JS_MODULES += [
-'MulticastDNSAndroid.jsm',
-]
-
 UNIFIED_SOURCES += [
 'nsDNSServiceInfo.cpp',
 ]



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 16620: Clear window.name when no referrer sent

2020-11-13 Thread sysrqb 
commit b4874c7827388953fd569a36507fd71eeadbebe9
Author: Kathy Brade 
Date:   Fri Oct 30 14:28:13 2015 -0400

Bug 16620: Clear window.name when no referrer sent

Convert JS implementation (within Torbutton) to a C++ browser patch.
---
 docshell/base/nsDocShell.cpp   |  60 +++
 docshell/test/mochitest/mochitest.ini  |   3 +
 docshell/test/mochitest/test_tor_bug16620.html | 212 +
 docshell/test/mochitest/tor_bug16620.html  |  51 ++
 docshell/test/mochitest/tor_bug16620_form.html |  51 ++
 5 files changed, 377 insertions(+)

diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index 665db419cb49..68a3d32bbeed 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -7784,11 +7784,71 @@ nsresult nsDocShell::CreateContentViewer(const 
nsACString& aContentType,
 aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI));
   }
   FirePageHideNotification(!mSavingOldViewer);
+
   if (mIsBeingDestroyed) {
 // Force to stop the newly created orphaned viewer.
 viewer->Stop();
 return NS_ERROR_DOCSHELL_DYING;
   }
+
+  // Tor bug 16620: Clear window.name of top-level documents if
+  // there is no referrer. We make an exception for new windows,
+  // e.g., window.open(url, "MyName").
+  bool isNewWindowTarget = false;
+  nsCOMPtr props(do_QueryInterface(aRequest, ));
+  if (props) {
+props->GetPropertyAsBool(u"docshell.newWindowTarget"_ns,
+ );
+  }
+
+  if (!isNewWindowTarget) {
+nsCOMPtr httpChannel(do_QueryInterface(aOpenedChannel));
+nsCOMPtr httpReferrer;
+if (httpChannel) {
+  nsCOMPtr referrerInfo;
+  rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo));
+  NS_ENSURE_SUCCESS(rv, rv);
+  if (referrerInfo) {
+// We want GetComputedReferrer() instead of GetOriginalReferrer(), 
since
+// the former takes into consideration referrer policy, protocol
+// whitelisting...
+httpReferrer = referrerInfo->GetComputedReferrer();
+  }
+}
+
+bool isTopFrame = mBrowsingContext->IsTop();
+
+#ifdef DEBUG_WINDOW_NAME
+printf("DOCSHELL %p CreateContentViewer - possibly clearing 
window.name:\n",
+   this);
+printf("  current window.name: \"%s\"\n",
+   NS_ConvertUTF16toUTF8(mName).get());
+
+nsAutoCString curSpec, loadingSpec;
+if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec);
+if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec);
+printf("  current URI: %s\n", curSpec.get());
+printf("  loading URI: %s\n", loadingSpec.get());
+printf("  is top document: %s\n", isTopFrame ? "Yes" : "No");
+
+if (!httpReferrer) {
+  printf("  referrer: None\n");
+} else {
+  nsAutoCString refSpec;
+  httpReferrer->GetSpec(refSpec);
+  printf("  referrer: %s\n", refSpec.get());
+}
+#endif
+
+bool clearName = isTopFrame && !httpReferrer;
+if (clearName) SetName(u""_ns);
+
+#ifdef DEBUG_WINDOW_NAME
+printf("  action taken: %s window.name\n",
+   clearName ? "Cleared" : "Preserved");
+#endif
+  }
+
   mLoadingURI = nullptr;
 
   // Set mFiredUnloadEvent = false so that the unload handler for the
diff --git a/docshell/test/mochitest/mochitest.ini 
b/docshell/test/mochitest/mochitest.ini
index 774799c888ad..d60ed83133df 100644
--- a/docshell/test/mochitest/mochitest.ini
+++ b/docshell/test/mochitest/mochitest.ini
@@ -53,6 +53,8 @@ support-files =
   start_historyframe.html
   url1_historyframe.html
   url2_historyframe.html
+  tor_bug16620.html
+  tor_bug16620_form.html
 
 [test_anchor_scroll_after_document_open.html]
 [test_bfcache_plus_hash.html]
@@ -126,6 +128,7 @@ support-files =
   file_history_length_during_pageload.html
   file_history_length_during_pageload_2.html
 [test_pushState_after_document_open.html]
+[test_tor_bug16620.html]
 [test_navigate_after_pagehide.html]
 [test_redirect_history.html]
 support-files =
diff --git a/docshell/test/mochitest/test_tor_bug16620.html 
b/docshell/test/mochitest/test_tor_bug16620.html
new file mode 100644
index ..f60a06711c17
--- /dev/null
+++ b/docshell/test/mochitest/test_tor_bug16620.html
@@ -0,0 +1,212 @@
+
+
+
+
+
+  Test for Tor Bug 16620 - Clear window.name when no referrer 
sent
+  
+  
+
+
+https://trac.torproject.org/projects/tor/ticket/16620;>Tor Bug 16620
+
+
+// ## Test constants
+const kTestPath = "/tests/docshell/test/mochitest/";
+const kLinkFile = "tor_bug16620.html";
+const kFormFile = "tor_bug16620_form.html";
+const kBaseURL1 = "http://example.com";;
+const kBaseURL1_https = "https://example.com";;
+const kBaseURL2 = "http://example.net";;
+const kSendReferrerPref = "network.http.sendRefererHeader";
+const kSendReferrerNever = 0;
+const kSendReferrerForUserAction = 1;

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 3547: Block all plugins.

2020-11-13 Thread sysrqb 
commit 1ee0c2c7abf67b21dcd2ba01808a2201eedd5263
Author: Mike Perry 
Date:   Tue Dec 4 16:03:13 2012 -0800

Bug 3547: Block all plugins.

We cannot use the @mozilla.org/extensions/blocklist;1 service, because we
actually want to stop plugins from ever entering the browser's process space
and/or executing code (for example, AV plugins that collect 
statistics/analyse
urls, magical toolbars that phone home or "help" the user, skype buttons 
that
ruin our day, and censorship filters). Hence we rolled our own.

See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for 
musings
on a better way. Until then, it is delta-darwinism for us.
---
 dom/plugins/base/PluginFinder.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/dom/plugins/base/PluginFinder.cpp 
b/dom/plugins/base/PluginFinder.cpp
index dfac7b052567..aa06842dd3f5 100644
--- a/dom/plugins/base/PluginFinder.cpp
+++ b/dom/plugins/base/PluginFinder.cpp
@@ -478,6 +478,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* 
pluginsDir,
 
   *aPluginsChanged = false;
 
+  // Block all plugins
+  return NS_OK;
+
 #ifdef PLUGIN_LOGGING
   nsAutoCString dirPath;
   pluginsDir->GetNativePath(dirPath);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 13028: Prevent potential proxy bypass cases.

2020-11-13 Thread sysrqb 
commit 1a291a0ddf15e67ce3fe0289daa71074f332f765
Author: Mike Perry 
Date:   Mon Sep 29 14:30:19 2014 -0700

Bug 13028: Prevent potential proxy bypass cases.

It looks like these cases should only be invoked in the NSS command line
tools, and not the browser, but I decided to patch them anyway because there
literally is a maze of network function pointers being passed around, and 
it's
very hard to tell if some random code might not pass in the proper proxied
versions of the networking code here by accident.
---
 security/nss/lib/certhigh/ocsp.c|  8 
 .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 +
 2 files changed, 29 insertions(+)

diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
index cea8456606bf..86fa971cfbef 100644
--- a/security/nss/lib/certhigh/ocsp.c
+++ b/security/nss/lib/certhigh/ocsp.c
@@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port)
 PRNetAddr addr;
 char *netdbbuf = NULL;
 
+// XXX: Do we need a unittest ifdef here? We don't want to break the 
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", 
host,
+port);
+goto loser;
+#endif
+
 sock = PR_NewTCPSocket();
 if (sock == NULL)
 goto loser;
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c 
b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
index e8698376b5be..85791d84a932 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create(
 plContext),
 PKIX_COULDNOTCREATESOCKETOBJECT);
 
+// XXX: Do we need a unittest ifdef here? We don't want to break the 
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct socket connect\n");
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
 socket->isServer = isServer;
 socket->timeout = timeout;
 socket->clientSock = NULL;
@@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName(
 
 localCopyName = PL_strdup(serverName);
 
+// XXX: Do we need a unittest ifdef here? We don't want to break the 
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", 
serverName);
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
+
 sepPtr = strchr(localCopyName, ':');
 /* First strip off the portnum, if present, from the end of the name */
 if (sepPtr) {
@@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort(
 PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort");
 PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket);
 
+// XXX: Do we need a unittest ifdef here? We don't want to break the 
tests, but
+// we want to ensure nothing can ever hit this code in production.
+#if 1
+printf("Tor Browser BUG: Attempted pkix direct connect to %s, port 
%u\n", hostname,
+portnum);
+PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
+#endif
 
 prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), );
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Add TorStrings module for localization

2020-11-13 Thread sysrqb 
commit 5ba483200818a4cfb1eee9ef8461f18480bc20fd
Author: Alex Catarineu 
Date:   Fri Jul 24 21:15:20 2020 +0200

Add TorStrings module for localization
---
 browser/modules/TorStrings.jsm | 490 +
 browser/modules/moz.build  |   1 +
 2 files changed, 491 insertions(+)

diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm
new file mode 100644
index ..e8a8d37ae373
--- /dev/null
+++ b/browser/modules/TorStrings.jsm
@@ -0,0 +1,490 @@
+"use strict";
+
+var EXPORTED_SYMBOLS = ["TorStrings"];
+
+const { XPCOMUtils } = ChromeUtils.import(
+  "resource://gre/modules/XPCOMUtils.jsm"
+);
+const { Services } = ChromeUtils.import(
+  "resource://gre/modules/Services.jsm"
+);
+const { getLocale } = ChromeUtils.import(
+  "resource://torbutton/modules/utils.js"
+);
+
+XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]);
+XPCOMUtils.defineLazyGetter(this, "domParser", () => {
+  const parser = new DOMParser();
+  parser.forceEnableDTD();
+  return parser;
+});
+
+/*
+  Tor DTD String Bundle
+
+  DTD strings loaded from torbutton/tor-launcher, but provide a fallback in 
case they aren't available
+*/
+class TorDTDStringBundle {
+  constructor(aBundleURLs, aPrefix) {
+let locations = [];
+for (const [index, url] of aBundleURLs.entries()) {
+  locations.push(`%dtd_${index};`);
+}
+this._locations = locations;
+this._prefix = aPrefix;
+  }
+
+  // copied from testing/marionette/l10n.js
+  localizeEntity(urls, id) {
+// Use the DOM parser to resolve the entity and extract its real value
+let header = ``;
+let elem = `&${id};`;
+let doc = domParser.parseFromString(header + elem, "text/xml");
+let element = doc.querySelector("elem[id='elementID']");
+
+if (element === null) {
+  throw new Error(`Entity with id='${id}' hasn't been found`);
+}
+
+return element.textContent;
+  }
+
+  getString(key, fallback) {
+if (key) {
+  try {
+return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`);
+  } catch (e) {}
+}
+
+// on failure, assign the fallback if it exists
+if (fallback) {
+  return fallback;
+}
+// otherwise return string key
+return `$(${key})`;
+  }
+}
+
+/*
+  Tor Property String Bundle
+
+  Property strings loaded from torbutton/tor-launcher, but provide a fallback 
in case they aren't available
+*/
+class TorPropertyStringBundle {
+  constructor(aBundleURL, aPrefix) {
+try {
+  this._bundle = Services.strings.createBundle(aBundleURL);
+} catch (e) {}
+
+this._prefix = aPrefix;
+  }
+
+  getString(key, fallback) {
+if (key) {
+  try {
+return this._bundle.GetStringFromName(`${this._prefix}${key}`);
+  } catch (e) {}
+}
+
+// on failure, assign the fallback if it exists
+if (fallback) {
+  return fallback;
+}
+// otherwise return string key
+return `$(${key})`;
+  }
+}
+
+/*
+  Security Level Strings
+*/
+var TorStrings = {
+  /*
+Tor Browser Security Level Strings
+  */
+  securityLevel: (function() {
+let tsb = new TorDTDStringBundle(
+  ["chrome://torbutton/locale/torbutton.dtd"],
+  "torbutton.prefs.sec_"
+);
+let getString = function(key, fallback) {
+  return tsb.getString(key, fallback);
+};
+
+// read localized strings from torbutton; but use hard-coded en-US strings 
as fallbacks in case of error
+let retval = {
+  securityLevel: getString("caption", "Security Level"),
+  customWarning: getString("custom_warning", "Custom"),
+  overview: getString(
+"overview",
+"Disable certain web features that can be used to attack your security 
and anonymity."
+  ),
+  standard: {
+level: getString("standard_label", "Standard"),
+tooltip: getString("standard_tooltip", "Security Level : Standard"),
+summary: getString(
+  "standard_description",
+  "All Tor Browser and website features are enabled."
+),
+  },
+  safer: {
+level: getString("safer_label", "Safer"),
+tooltip: getString("safer_tooltip", "Security Level : Safer"),
+summary: getString(
+  "safer_description",
+  "Disables website features that are often dangerous, causing some 
sites to lose functionality."
+),
+description1: getString(
+  "js_on_https_sites_only",
+  "JavaScript is disabled on non-HTTPS sites."
+),
+description2: getString(
+  "limit_typography",
+  "Some fonts and math symbols are disabled."
+),
+description3: getString(
+  "click_to_play_media",
+  "Audio and video (HTML5 media), and WebGL are click-to-play."
+),
+  },
+  safest: {
+level: getString("safest_label", "Safest"),
+tooltip: getString("safest_tooltip", "Security Level : Safest"),
+summary: getString(
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 10760: Integrate TorButton to TorBrowser core

2020-11-13 Thread sysrqb 
commit 723958367aaa99dda8dd342ed7e79e250ba8b72b
Author: Alex Catarineu 
Date:   Wed Feb 19 23:05:08 2020 +0100

Bug 10760: Integrate TorButton to TorBrowser core

Because of the non-restartless nature of Torbutton, it required
a two-stage installation process. On mobile, it was a problem,
because it was not loading when the user opened the browser for
the first time.

Moving it to tor-browser and making it a system extension allows it
to load when the user opens the browser for first time.

Additionally, this patch also fixes Bug 27611.

Bug 26321: New Circuit and New Identity menu items

Bug 14392: Make about:tor behave like other initial pages.

Bug 25013: Add torbutton as a tor-browser submodule
---
 .gitmodules|  3 ++
 browser/base/content/aboutDialog.xhtml | 38 +++--
 browser/base/content/browser-doctype.inc   |  6 +++
 browser/base/content/browser-menubar.inc   | 49 --
 browser/base/content/browser-sets.inc  |  2 +
 browser/base/content/browser.js|  1 +
 browser/base/content/browser.xhtml | 26 +++-
 .../controlcenter/content/identityPanel.inc.xhtml  | 17 
 browser/installer/package-manifest.in  |  2 +
 docshell/base/nsAboutRedirector.cpp|  6 ++-
 docshell/build/components.conf |  1 +
 mobile/android/installer/package-manifest.in   |  4 ++
 toolkit/moz.build  |  1 +
 .../mozapps/extensions/internal/XPIProvider.jsm|  9 
 toolkit/torproject/torbutton   |  1 +
 .../lib/environments/browser-window.js |  6 ++-
 16 files changed, 142 insertions(+), 30 deletions(-)

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index ..2f03bd8e22df
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "toolkit/torproject/torbutton"]
+   path = toolkit/torproject/torbutton
+   url = https://git.torproject.org/torbutton.git
diff --git a/browser/base/content/aboutDialog.xhtml 
b/browser/base/content/aboutDialog.xhtml
index 69cbf846bbef..5274cbc02831 100644
--- a/browser/base/content/aboutDialog.xhtml
+++ b/browser/base/content/aboutDialog.xhtml
@@ -7,11 +7,11 @@
 
 
 
+
 
+
 
 
 http://www.w3.org/1999/xhtml;
@@ -28,7 +28,7 @@
 data-l10n-id="aboutDialog-title"
 #endif
 role="dialog"
-aria-describedby="version distribution distributionId communityDesc 
contributeDesc trademark"
+aria-describedby="version distribution distributionId projectDesc 
helpDesc trademark trademarkTor"
 >
 #ifdef XP_MACOSX
 #include macWindow.inc.xhtml
@@ -132,24 +132,36 @@
   
 
   
-  
-http://www.mozilla.org/; 
data-l10n-name="community-mozillaLink">
-
+  
+  
+  
+  
+
+https://www.torproject.org/;>
+  
+
   
-  
-https://donate.mozilla.org/?utm_source=firefoxutm_medium=referralutm_campaign=firefox_aboututm_content=firefox_about;
 data-l10n-name="helpus-donateLink">
-http://www.mozilla.org/contribute/; 
data-l10n-name="helpus-getInvolvedLink">
+  
+
+https://donate.torproject.org/;>
+  
+
+
+https://community.torproject.org/;>
+  
+
   
 
   
 
 
-  
-
-
-https://www.mozilla.org/privacy/; 
data-l10n-id="bottomLinks-privacy">
+  
+https://support.torproject.org/;>
+https://community.torproject.org/relay/;>
+
   
   
+  
 
   
 
diff --git a/browser/base/content/browser-doctype.inc 
b/browser/base/content/browser-doctype.inc
index 9aa278773158..48cf6cd3eda0 100644
--- a/browser/base/content/browser-doctype.inc
+++ b/browser/base/content/browser-doctype.inc
@@ -14,3 +14,9 @@
 %syncBrandDTD;
 
 %brandingsDTD;
+
+%torbuttonDTD;
+
+%aboutTorDTD;
+
+%aboutDialogDTD;
diff --git a/browser/base/content/browser-menubar.inc 
b/browser/base/content/browser-menubar.inc
index b217216aab9a..368bf5052103 100644
--- a/browser/base/content/browser-menubar.inc
+++ b/browser/base/content/browser-menubar.inc
@@ -34,6 +34,18 @@
   command="Tools:NonFissionWindow"
   accesskey="s" label="New Non-Fission Window"/>
 #endif
+
+
+
+
 
   
-
+
+
+
+
+
+https://tb-manual.torproject.org/' + 
Services.locale.requestedLocale, {triggeringPrincipal: 
Services.scriptSecurityManager.getSystemPrincipal()});"
+

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 16439: Remove screencasting code

2020-11-13 Thread sysrqb 
commit 8e632890ec9eb246d2f81e115ec1e071cc6f6618
Author: Kathy Brade 
Date:   Wed Jun 24 11:01:11 2015 -0400

Bug 16439: Remove screencasting code

We avoid including the screencasting code on mobile (it got ripped out
for desktop in bug 1393582) by simply excluding the related JS modules
from Tor Browser.
---
 toolkit/modules/moz.build | 9 +
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index 62dae1624847..e1f9171b987f 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -260,10 +260,11 @@ if 'Android' != CONFIG['OS_TARGET']:
 ]
 else:
 DEFINES['ANDROID'] = True
-EXTRA_JS_MODULES += [
-'secondscreen/RokuApp.jsm',
-'secondscreen/SimpleServiceDiscovery.jsm',
-]
+if not CONFIG['TOR_BROWSER_VERSION']:
+EXTRA_JS_MODULES += [
+'secondscreen/RokuApp.jsm',
+'secondscreen/SimpleServiceDiscovery.jsm',
+]
 
 
 if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth

2020-11-13 Thread sysrqb 
commit ca63d33f363da4bdac7b0ad047160c0be0747520
Author: Mike Perry 
Date:   Wed Aug 27 15:19:10 2014 -0700

Bug 12974: Disable NTLM and Negotiate HTTP Auth

This is technically an embargoed Mozilla bug, so I probably shouldn't 
provide
too many details.

Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I 
doubt
very many (or any of them) actually need it.

The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421
---
 extensions/auth/nsHttpNegotiateAuth.cpp  | 4 
 netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp 
b/extensions/auth/nsHttpNegotiateAuth.cpp
index 99720475b9dd..1c08fcf3da7e 100644
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -152,6 +152,10 @@ 
nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel,
   nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState;
 
   *identityInvalid = false;
+
+  /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+  return NS_ERROR_ABORT;
+
   if (rawModule) {
 return NS_OK;
   }
diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp 
b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
index 0a30de051014..891aaadfd758 100644
--- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp
+++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp
@@ -168,6 +168,9 @@ 
nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel,
 
   *identityInvalid = false;
 
+  /* Always fail Negotiate auth for Tor Browser. We don't need it. */
+  return NS_ERROR_ABORT;
+
   // Start a new auth sequence if the challenge is exactly "NTLM".
   // If native NTLM auth apis are available and enabled through prefs,
   // try to use them.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 40069: Add helpers for message passing with extensions

2020-11-13 Thread sysrqb 
commit f25066418407451ab924fb9d007fcb9e211a189e
Author: Alex Catarineu 
Date:   Sun Aug 2 19:12:25 2020 +0200

Bug 40069: Add helpers for message passing with extensions
---
 toolkit/components/extensions/ExtensionParent.jsm | 47 +++
 1 file changed, 47 insertions(+)

diff --git a/toolkit/components/extensions/ExtensionParent.jsm 
b/toolkit/components/extensions/ExtensionParent.jsm
index e12ee5478403..a662b62c277f 100644
--- a/toolkit/components/extensions/ExtensionParent.jsm
+++ b/toolkit/components/extensions/ExtensionParent.jsm
@@ -264,6 +264,8 @@ const ProxyMessenger = {
   /** @type Map */
   ports: new Map(),
 
+  _torRuntimeMessageListeners: [],
+
   init() {
 this.conduit = new BroadcastConduit(ProxyMessenger, {
   id: "ProxyMessenger",
@@ -326,6 +328,10 @@ const ProxyMessenger = {
   },
 
   async recvRuntimeMessage(arg, { sender }) {
+// We need to listen to some extension messages in Tor Browser
+for (const listener of this._torRuntimeMessageListeners) {
+  listener(arg);
+}
 arg.firstResponse = true;
 let kind = await this.normalizeArgs(arg, sender);
 let result = await this.conduit.castRuntimeMessage(kind, arg);
@@ -1880,6 +1886,45 @@ for (let name of StartupCache.STORE_NAMES) {
   StartupCache[name] = new CacheStore(name);
 }
 
+async function torSendExtensionMessage(extensionId, message) {
+  // This should broadcast the message to all children "conduits"
+  // listening for a "RuntimeMessage". Those children conduits
+  // will either be extension background pages or other extension
+  // pages listening to browser.runtime.onMessage.
+  const result = await ProxyMessenger.conduit.castRuntimeMessage("messenger", {
+extensionId,
+holder: new StructuredCloneHolder(message),
+firstResponse: true,
+sender: {
+  id: extensionId,
+  envType: "addon_child",
+},
+  });
+  return result
+? result.value
+: Promise.reject({ message: ERROR_NO_RECEIVERS });
+}
+
+async function torWaitForExtensionMessage(extensionId, checker) {
+  return new Promise(resolve => {
+const msgListener = msg => {
+  try {
+if (msg && msg.extensionId === extensionId) {
+  const deserialized = msg.holder.deserialize({});
+  if (checker(deserialized)) {
+const idx = ProxyMessenger._torRuntimeMessageListeners.indexOf(
+  msgListener
+);
+ProxyMessenger._torRuntimeMessageListeners.splice(idx, 1);
+resolve(deserialized);
+  }
+}
+  } catch (e) {}
+};
+ProxyMessenger._torRuntimeMessageListeners.push(msgListener);
+  });
+}
+
 var ExtensionParent = {
   GlobalManager,
   HiddenExtensionPage,
@@ -1891,6 +1936,8 @@ var ExtensionParent = {
   promiseExtensionViewLoaded,
   watchExtensionProxyContextLoad,
   DebugUtils,
+  torSendExtensionMessage,
+  torWaitForExtensionMessage,
 };
 
 // browserPaintedPromise and browserStartupPromise are promises that



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] TB4: Tor Browser's Firefox preference overrides.

2020-11-13 Thread sysrqb 
commit 1450046deb3ddaece9736134030fbfc96398aa23
Author: Mike Perry 
Date:   Tue Sep 10 18:20:43 2013 -0700

TB4: Tor Browser's Firefox preference overrides.

This hack directly includes our preference changes in omni.ja.

Bug 18292: Staged updates fail on Windows

Temporarily disable staged updates on Windows.

Bug 18297: Use separate Noto JP,KR,SC,TC fonts

Bug 23404: Add Noto Sans Buginese to the macOS whitelist

Bug 23745: Set dom.indexedDB.enabled = true

Bug 13575: Disable randomised Firefox HTTP cache decay user tests.
(Fernando Fernandez Mancera )

Bug 17252: Enable session identifiers with FPI

Session tickets and session identifiers were isolated
by OriginAttributes, so we can re-enable them by
allowing the default value (true) of
"security.ssl.disable_session_identifiers".

The pref "security.enable_tls_session_tickets" is obsolete
(removed in https://bugzilla.mozilla.org/917049)

Bug 14952: Enable http/2 and AltSvc

In Firefox, SPDY/HTTP2 now uses Origin Attributes for
isolation of connections, push streams, origin frames, etc.
That means we get first-party isolation provided
"privacy.firstparty.isolate" is true. So in this patch, we
stop overriding "network.http.spdy.enabled" and
"network.http.spdy.enabled.http2".

Alternate Services also use Origin Attributes for isolation.
So we stop overriding
"network.http.altsvc.enabled" and "network.http.altsvc.oe"
as well.

(All 4 of the abovementioned "network.http.*" prefs adopt
Firefox 60ESR's default value of true.)

However, we want to disable HTTP/2 push for now, so we
set "network.http.spdy.allow-push" to false.

"network.http.spdy.enabled.http2draft" was removed in Bug 1132357.
"network.http.sped.enabled.v2" was removed in Bug 912550.
"network.http.sped.enabled.v3" was removed in Bug 1097944.
"network.http.sped.enabled.v3-1" was removed in Bug 1248197.

Bug 26114: addons.mozilla.org is not special
* Don't expose navigator.mozAddonManager on any site
* Don't block NoScript from modifying addons.mozilla.org or other sites

Enable ReaderView mode again (#27281).

Bug 29916: Make sure enterprise policies are disabled

Bug 2874: Block Components.interfaces from content

Bug 26146: Spoof HTTP User-Agent header for desktop platforms

In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent
header and to JavaScript code via navigator.userAgent. To avoid
leaking the OS inside each HTTP request (which many web servers
log), always use the Windows 7 OS value in the desktop User-Agent
header. We continue to allow access to the actual OS via JavaScript,
since doing so improves compatibility with web applications such
as GitHub and Google Docs.

Bug 12885: Windows Jump Lists fail for Tor Browser

Jumplist entries are stored in a binary file in:
  %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\
and has a name in the form
  [a-f0-9]+.customDestinations-ms

The hex at the front is unique per app, and is ultimately derived from
something called the 'App User Model ID' (AUMID) via some unknown
hashing method. The AUMID is provided as a key when programmatically
creating, updating, and deleting a jumplist. The default behaviour in
firefox is for the installer to define an AUMID for an app, and save it
in the registry so that the jumplist data can be removed by the
uninstaller.

However, the Tor Browser does not set this (or any other) regkey during
installation, so this codepath fails and the app's AUMID is left
undefined. As a result the app's AUMID ends up being defined by
windows, but unknowable by Tor Browser. This unknown AUMID is used to
create and modify the jumplist, but the delete API requires that we
provide the app's AUMID explicitly. Since we don't know what the AUMID
is (since the expected regkey where it is normally stored does not
exist) jumplist deletion will fail and we will leave behind a mostly
empty customDestinations-ms file. The name of the file is derived from
the binary path, so an enterprising person could reverse engineer how
that hex name is calculated, and generate the name for Tor Browser's
default Desktop installation path to determine whether a person had
used Tor Browser in the past.

The 'taskbar.grouping.useprofile' option that is enabled by this patch
works around this AUMID problem by having firefox.exe create it's own
AUMID based on the profile path (rather than looking for a regkey). This
way, if a user goes in and enables and disables jumplist entries, the
backing store is properly deleted.

Unfortunately, all windows users currently have this file lurking in
the above mentioned

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 28044: Integrate Tor Launcher into tor-browser

2020-11-13 Thread sysrqb 
commit f9b0db07f5aaf62ee254875aa4660ddacc22a8dc
Author: Kathy Brade 
Date:   Tue Feb 26 10:07:17 2019 -0500

Bug 28044: Integrate Tor Launcher into tor-browser

Build and package Tor Launcher as part of the browser (similar to
how pdfjs is handled).

If a Tor Launcher extension is present in the user's profile, it is
removed.
---
 browser/extensions/moz.build|  5 +
 browser/installer/package-manifest.in   |  5 +
 toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++
 3 files changed, 20 insertions(+)

diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build
index f71ece63c42d..9787ecf81592 100644
--- a/browser/extensions/moz.build
+++ b/browser/extensions/moz.build
@@ -11,3 +11,8 @@ DIRS += [
 'webcompat',
 'report-site-issue'
 ]
+
+if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']:
+DIRS += [
+'tor-launcher',
+]
diff --git a/browser/installer/package-manifest.in 
b/browser/installer/package-manifest.in
index 2865597f498e..9cb8a3c65d7b 100644
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -252,6 +252,11 @@
 @RESPATH@/browser/chrome/browser.manifest
 @RESPATH@/chrome/pdfjs.manifest
 @RESPATH@/chrome/pdfjs/*
+#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER
+@RESPATH@/browser/chrome/torlauncher.manifest
+@RESPATH@/browser/chrome/torlauncher/*
+@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js
+#endif
 @RESPATH@/chrome/toolkit@JAREXT@
 @RESPATH@/chrome/toolkit.manifest
 @RESPATH@/chrome/recording.manifest
diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm 
b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
index 2d79d9b68a0f..07b2d0cdb509 100644
--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm
+++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm
@@ -1462,6 +1462,16 @@ var XPIStates = {
   for (let [id, file] of loc.readAddons()) {
 knownIds.delete(id);
 
+// Since it is now part of the browser, uninstall the Tor Launcher
+// extension. This will remove the Tor Launcher .xpi from user
+// profiles on macOS.
+if (id === "tor-launc...@torproject.org") {
+  logger.debug("Uninstalling the Tor Launcher extension.");
+  loc.installer.uninstallAddon(id);
+  changed = true;
+  continue;
+}
+
 let xpiState = loc.get(id);
 if (!xpiState) {
   // If the location is not supported for sideloading, skip new



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] TB3: Tor Browser's official .mozconfigs.

2020-11-13 Thread sysrqb 
commit c2ea6b48a70689590448c297141019c2d1975ea1
Author: Mike Perry 
Date:   Mon May 6 15:51:06 2013 -0700

TB3: Tor Browser's official .mozconfigs.

Also:
Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24
Changes needed to build Mac in 64bit
Bug 10715: Enable Webgl for mingw-w64 again.
Disable ICU when cross-compiling; clean-up.
Bug 15773: Enable ICU on OS X
Bug 15990: Don't build the sandbox with mingw-w64
Bug 12761: Switch to ESR 38 for OS X
Updating .mozconfig-asan
Bug 12516: Compile hardenend Tor Browser with -fwrapv
Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X
Bug 17858: Cannot create incremental MARs for hardened builds.
Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff
(which is part of mar-tools and is not distributed to end-users) with
ASan.
Bug 13419: Add back ICU for Windows
Bug 21239: Use GTK2 for ESR52 Linux builds
Bug 23025: Add hardening flags for macOS
Bug 24478: Enable debug assertions and tests in our ASan builds
--enable-proxy-bypass-protection
Bug 27597: ASan build option in tor-browser-build is broken

Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds

This fixes a problem where some preferences had the wrong default value.
Also see bug 27472 where we made a similar fix for Android.

Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING

Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds

Add an --enable-tor-browser-data-outside-app-dir configure option

Add --with-tor-browser-version configure option

Bug 21849: Don't allow SSL key logging.

Bug 31457: disable per-installation profiles

The dedicated profiles (per-installation) feature does not interact
well with our bundled profiles on Linux and Windows, and it also causes
multiple profiles to be created on macOS under TorBrowser-Data.

Bug 31935: Disable profile downgrade protection.

Since Tor Browser does not support more than one profile, disable
the prompt and associated code that offers to create one when a
version downgrade situation is detected.

Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT

Bug 25741 - TBA: Disable features at compile-time

MOZ_NATIVE_DEVICES for casting and the media player
MOZ_TELEMETRY_REPORTING for telemetry
MOZ_DATA_REPORTING for all data reporting preferences (crashreport, 
telemetry, geo)

Bug 25741 - TBA: Add default configure options in dedicated file

Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION

Bug 29859: Disable HLS support for now

Add --disable-tor-launcher build option

Add --enable-tor-browser-update build option

Bug 33734: Set MOZ_NORMANDY to False

Bug 33851: Omit Parental Controls.

Bug 40061: Omit the Windows default browser agent from the build

Bug 40211: Lower required build-tools version to 29.0.2
---
 .mozconfig| 38 +
 .mozconfig-android| 35 
 .mozconfig-asan   | 43 
 .mozconfig-mac| 55 +++
 .mozconfig-mingw  | 30 +
 browser/base/moz.build|  3 ++
 browser/installer/Makefile.in |  8 +
 browser/moz.configure |  8 ++---
 build/moz.configure/android-sdk.configure |  2 +-
 build/moz.configure/old.configure |  6 
 mobile/android/confvars.sh|  9 +
 mobile/android/geckoview/build.gradle |  1 +
 mobile/android/moz.configure  | 17 --
 mobile/android/torbrowser.configure   | 30 +
 old-configure.in  | 49 +++
 security/moz.build|  2 +-
 security/nss/lib/ssl/Makefile |  2 +-
 toolkit/modules/AppConstants.jsm  | 15 +
 toolkit/modules/moz.build |  3 ++
 19 files changed, 347 insertions(+), 9 deletions(-)

diff --git a/.mozconfig b/.mozconfig
new file mode 100755
index ..24efaea57b0b
--- /dev/null
+++ b/.mozconfig
@@ -0,0 +1,38 @@
+. $topsrcdir/browser/config/mozconfig
+
+# This mozconfig file is not used in official Tor Browser builds.
+# It is only intended to be used when doing incremental Linux builds
+# during development. The platform-specific mozconfig configuration
+# files used in official Tor Browser releases can be found in the
+# tor-browser-build repo:
+#   https://gitweb.torproject.org/builders/tor-browser-build.git/
+# under:
+#   tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH
+
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@
+mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser"
+export

[tor-commits] [tor-browser/tor-browser-83.0-10.5-1] Bug 12620: TorBrowser regression tests

2020-11-13 Thread sysrqb 
commit 6aa335d4a49a71939ef877cfa03d066c37d511de
Author: Arthur Edelstein 
Date:   Wed Aug 27 16:25:00 2014 -0700

Bug 12620: TorBrowser regression tests

Regression tests for Bug #2950: Make Permissions Manager memory-only

Regression tests for TB4: Tor Browser's Firefox preference overrides.

Note: many more functional tests could be made here

Regression tests for #2874: Block Components.interfaces from content

Bug 18923: Add a script to run all Tor Browser specific tests

Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt.
---
 run-tbb-tests|  60 +++
 tbb-tests/browser.ini|   5 ++
 tbb-tests/browser_tor_TB4.js | 162 +++
 tbb-tests/browser_tor_bug2950.js |  74 ++
 tbb-tests/mochitest.ini  |   3 +
 tbb-tests/moz.build  |  10 +++
 tbb-tests/test_tor_bug2874.html  |  25 ++
 toolkit/toolkit.mozbuild |   3 +-
 8 files changed, 341 insertions(+), 1 deletion(-)

diff --git a/run-tbb-tests b/run-tbb-tests
new file mode 100755
index ..5e266f9ba4cd
--- /dev/null
+++ b/run-tbb-tests
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+# This script runs all the Mochitest tests that have been added or
+# modified since the last ffxbld commit.
+#
+# It does not currently run XPCShell tests. We should change this if we
+# start using this type or other types of tests.
+#
+# The logs of the tests are stored in the tbb-tests.log file.
+# Ignored tests are listed in the tbb-tests-ignore.txt file.
+#
+# https://trac.torproject.org/projects/tor/ticket/18923
+
+IFS=$'\n'
+
+if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ]
+then
+echo "Using tests list from file tbb-tests-list.txt"
+tests=($(cat tbb-tests-list.txt))
+else
+ffxbld_commit=$(git log -500 --format='%an %H' | grep '^ffxbld ' \
+| head -1 | cut -d ' ' -f 2)
+
+tests=($(git diff --name-status "$ffxbld_commit" HEAD | \
+grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \
+ -e '^[AM].*/browser_[^/]\+\.js$' \
+ | sed 's/^[AM]\s\+//'))
+fi
+
+echo 'The following tests will be run:'
+for i in "${!tests[@]}"
+do
+if [ -z "$USE_TESTS_LIST" ] \
+&& grep -q "^${tests[$i]}$" tbb-tests-ignore.txt
+then
+unset "tests[$i]"
+continue
+fi
+echo "- ${tests[$i]}"
+done
+
+if [ -n "$WRITE_TESTS_LIST" ]
+then
+rm -f tbb-tests-list.txt
+for i in "${!tests[@]}"
+do
+echo "${tests[$i]}" >> tbb-tests-list.txt
+done
+exit 0
+fi
+
+rm -f tbb-tests.log
+echo $'\n''Starting tests'
+./mach mochitest --log-tbpl tbb-tests.log --setpref security.nocertdb=false \
+ "${tests[@]}"
+
+echo "*"
+echo "*"
+echo "Summary of failed tests:"
+grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log
diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini
new file mode 100644
index ..f481660f1417
--- /dev/null
+++ b/tbb-tests/browser.ini
@@ -0,0 +1,5 @@
+[DEFAULT]
+
+[browser_tor_bug2950.js]
+[browser_tor_omnibox.js]
+[browser_tor_TB4.js]
diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js
new file mode 100644
index ..af688bee0226
--- /dev/null
+++ b/tbb-tests/browser_tor_TB4.js
@@ -0,0 +1,162 @@
+// # Test for TB4: Tor Browser's Firefox preference overrides
+// Simple regression tests to check the value of each pref and
+// decides if it is set as expected.
+
+// TODO: Write unit tests to check that each pref setting here
+// causes the browser to have the desired behavior (a big task). 
+
+function test() {
+
+let expectedPrefs = [
+   // Disable browser auto updaters and associated homepage notifications
+   ["app.update.auto", false],
+   ["app.update.enabled", false],
+   ["browser.search.update", false],
+   ["browser.rights.3.shown", true],
+   ["browser.startup.homepage_override.mstone", "ignore"],
+   ["startup.homepage_welcome_url", ""],
+   ["startup.homepage_override_url", ""],
+
+   // Disable the "Refresh" prompt that is displayed for stale profiles.
+   ["browser.disableResetPrompt", true],
+
+   // Disk activity: Disable Browsing History Storage
+   ["browser.privatebrowsing.autostart", true],
+   ["browser.cache.disk.enable", false],
+   ["browser.cache.offline.enable", false],
+   ["dom.indexedDB.enabled", false],
+   ["permissions.memory_only", true],
+   ["network.cookie.lifetimePolicy", 2],
+   ["security.nocertdb", true],
+
+   // Disk activity: TBB Directory Isolation
+   ["browser.download.useDownloadDir", false],
+   ["browser.shell.checkDefaultBrowser", false],
+   ["browser.download.manager.addToRecentDocs", false],
+
+   // Misc privacy: Disk
+   ["signon.rememberSignons", false],
+   ["browser.formfill.enable", false],
+   ["signon.autofillForms", false],
+   ["browser.sessionstore.privacy_level", 2],
+

[tor-commits] [Git][tpo/applications/android-components] Pushed new branch android-components-63.0.8-10.5-1

2020-11-13 Thread Matthew Finkel 


Matthew Finkel pushed new branch android-components-63.0.8-10.5-1 at The Tor 
Project / Applications / android-components

-- 
View it on GitLab: 
https://gitlab.torproject.org/tpo/applications/android-components/-/tree/android-components-63.0.8-10.5-1
You're receiving this email because of your account on gitlab.torproject.org.


___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [Git][tpo/applications/fenix] Pushed new branch tor-browser-83.1.0-10.5-1

2020-11-13 Thread Matthew Finkel 


Matthew Finkel pushed new branch tor-browser-83.1.0-10.5-1 at The Tor Project / 
Applications / fenix

-- 
View it on GitLab: 
https://gitlab.torproject.org/tpo/applications/fenix/-/tree/tor-browser-83.1.0-10.5-1
You're receiving this email because of your account on gitlab.torproject.org.


___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit b6ba28d5526c413a27d54d1a0dabcf1caeaa95f3
Author: Translation commit bot 
Date:   Fri Nov 13 16:45:15 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 49 +
 1 file changed, 49 insertions(+)

diff --git a/contents+ar.po b/contents+ar.po
index 937158ee5a..1da962ee88 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10538,6 +10538,9 @@ msgid ""
 "bridge/relay is allowed on the whole VPS range. Any VPS running Exit nodes "
 "will be suspended without prior notice. | 15/01/15 |"
 msgstr ""
+"| [فولتر] (http://vultr.com) | AS20473 | نعم | نعم | لا | 
عندما يُسألون "
+"مباشرة سوف يزعمون أنهم يدعمون مخارج Tor 
لكنهم سيسحبون البساط من تحتك لاحقًا."
+" حدث هذا لاثنين على الأقل من مشغلي الخروج. | 
- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10545,6 +10548,8 @@ msgid ""
 "| [Xmission](https://www.xmission.com/) | - | Yes | Yes | Yes | - | 01/28/15"
 " |"
 msgstr ""
+"| [Xmission] (https://www.xmission.com/) | - | نعم | نعم | نعم | - | 
"
+"01/28/15 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10552,6 +10557,8 @@ msgid ""
 "| [blackpulsehosting](https://www.blackpulsehosting.com) | - | Yes | Yes | "
 "No | - | 10/25/15 |"
 msgstr ""
+"| [blackpulsehosting] (https://www.blackpulsehosting.com) | - | نعم | 
نعم | "
+"لا | - | 10/25/15 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10559,6 +10566,8 @@ msgid ""
 "| [MonkeyBrains](https://monkeybrains.net) | AS32329 | Yes | Yes | Yes | "
 "Only offers colocation, no cheap VPS option. | 1/14/19 |"
 msgstr ""
+"| [MonkeyBrains] (https://monkeybrains.net) | AS32329 | نعم | نعم | 
نعم | "
+"يقدم فقط الموقع المشترك ، ولا يوجد خيار VPS 
رخيص. | 14/1/2019 |"
 
 #: 
https//community.torproject.org/relay/community-resources/tor-relay-universities/
 #: 
(content/relay-operations/community-resources/tor-relay-universities/contents+en.lrpage.title)
@@ -10722,6 +10731,10 @@ msgid ""
 "paper/tor-design.pdf), and the "
 "[FAQ](https://2019.www.torproject.org/docs/faq.html.en)."
 msgstr ""
+"اقرأ [نظرة عامة على التصميم] 
(https://2019.www.torproject.org/overview.html)"
+" ، [ورقة التصميم] 
(https://svn-archive.torproject.org/svn/projects/design-;
+"paper/ tor-design.pdf) و [FAQ] "
+"(https://2019.www.torproject.org/docs/faq.html.en)."
 
 #: 
https//community.torproject.org/relay/community-resources/tor-relay-universities/
 #: 
(content/relay-operations/community-resources/tor-relay-universities/contents+en.lrpage.body)
@@ -11161,6 +11174,8 @@ msgid ""
 "FAQ written by the Electronic Frontier Foundation (EFF). Last updated March "
 "27, 2020."
 msgstr ""
+"الأسئلة الشائعة التي كتبها مؤسسة الحدود 
الإلكترونية (EFF). آخر تحديث في 27 "
+"مارس 2020."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11195,6 +11210,9 @@ msgid ""
 "Got a DMCA notice? Check out our [sample response letter](/relay/community-"
 "resources/eff-tor-legal-faq/tor-dmca-response)!"
 msgstr ""
+"هل حصلت على إشعار قانون الألفية الجديدة 
لحقوق طبع ونشر المواد الرقمية؟ تحقق "
+"من [نموذج رسالة الاستجابة] (/ relay / 
community-resources / eff-tor-legal-"
+"faq / tor-dmca-response)!"
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11214,6 +11232,9 @@ msgid ""
 "and other countries has occasionally mistakenly investigated individuals "
 "running a Tor relay."
 msgstr ""
+"** على الرغم من أننا لسنا على علم بمقاضاة 
شخص ما أو مقاضاته أو إدانته بسبب "
+"تشغيله لترحيل Tor ** ، إلا أن تطبيق القانون 
في الولايات المتحدة ودول أخرى قد"
+" قام أحيانًا بالتحقيق عن طريق الخطأ مع 
الأفراد الذين يديرون مرحل Tor."
 
 #: https//community.torproject.org/relay/community-resources/eff-tor-legal-faq/
 #: 
(content/relay-operations/community-resources/eff-tor-legal-faq/contents+en.lrpage.body)
@@ -11225,6 +11246,12 @@ msgid ""
 "works and has occasionally

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 14f9fbeafd26d0ebe866efd0182ee575bf0a62a6
Author: Translation commit bot 
Date:   Fri Nov 13 16:15:13 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 12 
 1 file changed, 12 insertions(+)

diff --git a/contents+ar.po b/contents+ar.po
index 8530fb7e26..937158ee5a 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10483,6 +10483,8 @@ msgid ""
 "| [VPSWebServer.com](http://www.vpswebserver.com) | - | Yes || No | ? | - | "
 "- |"
 msgstr ""
+"| [VPSWebServer.com] (http://www.vpswebserver.com) | - | نعم || لا | ؟ 
| - |"
+" - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10490,6 +10492,8 @@ msgid ""
 "| [Inerail](http://inerail.net/) | - | Yes | Yes | Yes | Tor only allowed on"
 " dedicated/colocation | - |"
 msgstr ""
+"| [Inerail] (http://inerail.net/) | - | نعم | نعم | نعم | يُسمح 
بTor فقط في "
+"الموقع المخصص / المشترك | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10497,12 +10501,15 @@ msgid ""
 "| [CondoInternet ISP](http://www.condointernet.net/) | - | Yes | Yes | Yes |"
 " - | - |"
 msgstr ""
+"| [مزود خدمة الإنترنت CondoInternet] 
(http://www.condointernet.net/) | - | "
+"نعم | نعم | نعم | - | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [DigitalOcean](http://digitalocean.com/) | - | Yes | Yes | No | - | - |"
 msgstr ""
+"| [DigitalOcean] (http://digitalocean.com/) | - | نعم | نعم | لا | - 
| - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10510,6 +10517,8 @@ msgid ""
 "| [PhoenixNap / Secured Servers](http://www.phoenixnap.com/) | - | Yes | Yes"
 " | No | - | 08/01/14 |"
 msgstr ""
+"| [PhoenixNap / الخوادم المؤمنة] (http://www.phoenixnap.com/) | 
- | نعم | "
+"نعم | لا | - | 08/01/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10518,6 +10527,9 @@ msgid ""
 " they will claim they do support Tor exits but will pull the rug out from "
 "under you later on. This has happened to at least two exit operators. | - |"
 msgstr ""
+"| [فولتر] (http://vultr.com) | AS20473 | نعم | نعم | لا | 
عندما يُسألون "
+"مباشرة سوف يزعمون أنهم يدعمون مخارج Tor 
لكنهم سيسحبون البساط من تحتك لاحقًا."
+" حدث هذا لاثنين على الأقل من مشغلي الخروج. | 
- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit e741e1d03e814d93527e981339e43eddbdb0372b
Author: Translation commit bot 
Date:   Fri Nov 13 15:45:12 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 16 
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index e27db7b3c4..8530fb7e26 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10427,11 +10427,13 @@ msgid ""
 "| [Server Complete](https://servercomplete.com/) | - | ? | ? | No | - | "
 "11/03/14 |"
 msgstr ""
+"| [اكتمل الخادم] (https://servercomplete.com/) | - | ؟ | ؟ | 
لا | - | "
+"11/03/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [Softlayer](http://www.softlayer.com) | - | Yes | Yes | ? | - | - |"
-msgstr ""
+msgstr "| [سوفتلاير] (http://www.softlayer.com) | - | نعم | نعم 
| ؟ | - | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10439,6 +10441,8 @@ msgid ""
 "| [Slicehost/Rackspace](http://www.slicehost.com/) | - | Yes | Yes | No | "
 "Host, not an ISP | - |"
 msgstr ""
+"| [Slicehost / Rackspace] (http://www.slicehost.com/) | - | نعم | نعم | 
لا |"
+" مضيف ، وليس مزود خدمة الإنترنت | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10446,16 +10450,18 @@ msgid ""
 "| [Sh3lls](http://www.sh3lls.net/dedicated.htm) | - | Yes | Yes | No | - | -"
 " |"
 msgstr ""
+"| [Sh3lls] (http://www.sh3lls.net/dedicated.htm) | - | نعم | نعم | لا 
| - | "
+"- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [SolarVPS](https://solarvps.com) | - | Yes | Yes | Yes | - | - |"
-msgstr ""
+msgstr "| [SolarVPS] (https://solarvps.com) | - | نعم | نعم | نعم | - 
| - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [SeedVPS](https://www.seedvps.com) | - | Yes | Yes | No | - | - |"
-msgstr ""
+msgstr "| [SeedVPS] (https://www.seedvps.com) | - | نعم | نعم | لا | - 
| - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10463,11 +10469,13 @@ msgid ""
 "| [Tailored VPS](http://tailoredvps.com/) | - | Yes | Yes | Yes(?) | -  | - "
 "|"
 msgstr ""
+"| [خادم VPS مخصص] (http://tailoredvps.com/) | - | نعم | نعم | 
نعم (؟) | - | "
+"- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [VPS6.NET](https://vps6.net/) | - | Yes | Yes | No | - | - |"
-msgstr ""
+msgstr "| [VPS6.NET] (https://vps6.net/) | - | نعم | نعم | لا | - | - 
|"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser/tor-browser-83.0b1-10.5-1] fixup! Bug 10760: Integrate TorButton to TorBrowser core

2020-11-13 Thread sysrqb 
commit eedb31b27afded29c441e34ccac246351f36b074
Author: Matthew Finkel 
Date:   Fri Nov 13 15:25:10 2020 +

fixup! Bug 10760: Integrate TorButton to TorBrowser core
---
 toolkit/torproject/torbutton | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/toolkit/torproject/torbutton b/toolkit/torproject/torbutton
index b0739b02caac..968c2565ceb8 16
--- a/toolkit/torproject/torbutton
+++ b/toolkit/torproject/torbutton
@@ -1 +1 @@
-Subproject commit b0739b02caacea311d54192d22005aaa88505b11
+Subproject commit 968c2565ceb8417ef026cf639cd5c2e80f6057a4

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 395322ae4846cd8b970b4126745366264b75fc56
Author: Translation commit bot 
Date:   Fri Nov 13 15:15:11 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 15 ++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/contents+ar.po b/contents+ar.po
index 5aaa0a4995..e27db7b3c4 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10362,11 +10362,12 @@ msgstr ""
 msgid ""
 "| [HostUS](http://hostus.us/) | AS25926 | Yes | Yes | No | - | 10/16/14 |"
 msgstr ""
+"| [HostUS] (http://hostus.us/) | AS25926 | نعم | نعم | لا | - | 
10/16/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [IPXcore](https://ipxcore.com/) | - | Yes | Yes | No | - | - |"
-msgstr ""
+msgstr "| [IPXcore] (https://ipxcore.com/) | - | نعم | نعم | لا | - | 
- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10374,6 +10375,8 @@ msgid ""
 "| [Luna Node](https://www.lunanode.com/index.php) | - | Yes | Yes | No | - |"
 " 05/01/14 |"
 msgstr ""
+"| [Luna Node] (https://www.lunanode.com/index.php) | - | نعم | نعم | 
لا | - "
+"| 05/01/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10381,12 +10384,16 @@ msgid ""
 "| [OVH](https://www.ovh.com/us/index.xml ) | AS16276 | Yes | Yes | ? | - | "
 "12/31/14 |"
 msgstr ""
+"| [OVH] (https://www.ovh.com/us/index.xml) | AS16276 | نعم | نعم | ؟ | 
- | "
+"12/31/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [Oplink.net](https://www.oplink.net) | - | Yes | Yes | No | - | 09/03/15 |"
 msgstr ""
+"| [Oplink.net] (https://www.oplink.net) | - | نعم | نعم | لا | - | 
09/03/15 "
+"|"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10394,6 +10401,9 @@ msgid ""
 "| [Psychz.net](https://www.psychz.net/) | - | Yes | Yes | Yes | Very Exit "
 "friendly. Standard Tor response will resolve abuse issues. | 10/07/15 |"
 msgstr ""
+"| [Psychz.net] (https://www.psychz.net/) | - | نعم | نعم | نعم | 
ودية للغاية"
+" للخروج. ستعمل استجابة Tor القياسية على حل م
شكلات إساءة الاستخدام. | "
+"10/07/15 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10401,12 +10411,15 @@ msgid ""
 "| [PulseServers](https://www.pulseservers.com) | AS16276 | Yes | Yes | Yes |"
 " Exit-friendly. | 05/01/16 |"
 msgstr ""
+"| [PulseServers] (https://www.pulseservers.com) | AS16276 | نعم | نعم | 
نعم "
+"| صديقة للخروج. | 05/01/16 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [RamNode](http://ramnode.com/) | AS3842 | Yes | Yes | No | - | 11/03/14 |"
 msgstr ""
+"| [RamNode] (http://ramnode.com/) | AS3842 | نعم | نعم | لا | - | 
11/03/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tpo/master] Add new Tor Browser version 10.5a3

2020-11-13 Thread sysrqb 
commit ebcc2435bcc8fbf8089200918c5566ba9599a466
Author: Matthew Finkel 
Date:   Fri Nov 13 14:50:24 2020 +

Add new Tor Browser version 10.5a3
---
 content/projects/torbrowser/RecommendedTBBVersions/contents.lr | 4 
 databags/versions.ini  | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/content/projects/torbrowser/RecommendedTBBVersions/contents.lr 
b/content/projects/torbrowser/RecommendedTBBVersions/contents.lr
index 24681119..9188c01a 100644
--- a/content/projects/torbrowser/RecommendedTBBVersions/contents.lr
+++ b/content/projects/torbrowser/RecommendedTBBVersions/contents.lr
@@ -17,4 +17,8 @@ body:
 "10.5a2-MacOS",
 "10.5a2-Linux",
 "10.5a2-Windows"
+"10.5a3",
+"10.5a3-MacOS",
+"10.5a3-Linux",
+"10.5a3-Windows"
 ]
diff --git a/databags/versions.ini b/databags/versions.ini
index b5734b35..31cc085f 100644
--- a/databags/versions.ini
+++ b/databags/versions.ini
@@ -6,10 +6,10 @@ win32 = 0.4.4.5
 version = 10.0.4
 
 [torbrowser-alpha]
-version = 10.5a2
+version = 10.5a3
 
 [torbrowser-android-alpha]
-version = 10.0a9
+version = 10.5a3
 
 [tor-stable]
 version = 0.4.4.6

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor-browser-spec/master] Remove superfluous whitespace

2020-11-13 Thread gk 
commit 05036de767648b6182bef604d4175bf2cbcc1b7d
Author: Georg Koppen 
Date:   Fri Nov 13 14:47:32 2020 +

Remove superfluous whitespace
---
 audits/FF31_NETWORK_AUDIT | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/audits/FF31_NETWORK_AUDIT b/audits/FF31_NETWORK_AUDIT
index c575dec..d4c39d5 100644
--- a/audits/FF31_NETWORK_AUDIT
+++ b/audits/FF31_NETWORK_AUDIT
@@ -15,7 +15,7 @@ Lowest level resolver calls:
  - pkix_HttpCertStore_FindSocketConnection
- pkix_pl_HttpDefaultClient_RequestCreate
  - pkix_pl_HttpDefaultClient_RequestCreateFcn
-   - SEC_HttpClientFcnV1 vtable.createFcn and 
+   - SEC_HttpClientFcnV1 vtable.createFcn and
  + ./security/manager/ssl/src/nsNSSCallbacks.cpp
+ Uses nsHTTPHttpInterface::createFcn()
  + ./security/manager/ssl/src/nsNSSCallbacks.h

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] port: Don't ignore ports of a different family

2020-11-13 Thread dgoulet 
commit d425dbf04a6bbac7eae832bf51c2bfe061e2c426
Author: David Goulet 
Date:   Thu Nov 12 11:22:02 2020 -0500

port: Don't ignore ports of a different family

Commit c3a0f757964de0e8a24911d72abff5df20bb323c added this feature for 
ORPort
that we ignore any port that is not the family of our default address when
parsing the port. So if port_parse_config() was called with an IPv4 default
address, all IPv6 address would be ignored.

That makes sense for ORPort since we call twice port_parse_config() for
0.0.0.0 and [::] but for the rest of the ports, it is not good since a
perfectly valid configuration can be:

  SocksPort 9050
  SocksPort [::1]:9050

Any non-ORPort only binds by default to an IPv4 except the ORPort that binds
to both IPv4 and IPv6 by default.

The fix here is to always parse all ports within port_parse_config() and 
then,
specifically for ORPort, remove the duplicates or superseding ones. The
warning is only emitted when a port supersedes another.

A unit tests is added to make sure SocksPort of different family always 
exists
together.

Fixes #40183

Signed-off-by: David Goulet 
---
 changes/ticket40183  |  4 
 src/app/config/config.c  | 16 
 src/feature/relay/relay_config.c | 13 +++--
 src/test/test_config.c   | 38 --
 4 files changed, 51 insertions(+), 20 deletions(-)

diff --git a/changes/ticket40183 b/changes/ticket40183
new file mode 100644
index 00..3c4bdf21e2
--- /dev/null
+++ b/changes/ticket40183
@@ -0,0 +1,4 @@
+  o Minor bugfixes (port configuration):
+- Second non ORPort of a different family (ex: SocksPort [::1]:9050) was
+  ignored due to a logical configuration parsing error. Fixes bug 40183;
+  bugfix on 0.4.5.1-alpha.
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 458067af4d..04a82a5c43 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -5934,13 +5934,12 @@ port_parse_config(smartlist_t *out,
   char *unix_socket_path = NULL;
   port_cfg_t *cfg = NULL;
   bool addr_is_explicit = false;
-  int family = -1;
-
-  /* Parse default address. This can fail for Unix socket for instance so
-   * family can be -1 and the default_addr will be made UNSPEC. */
   tor_addr_t default_addr = TOR_ADDR_NULL;
+
+  /* Parse default address. This can fail for Unix socket so the default_addr
+   * will simply be made UNSPEC. */
   if (defaultaddr) {
-family = tor_addr_parse(_addr, defaultaddr);
+tor_addr_parse(_addr, defaultaddr);
   }
 
   /* If there's no FooPort, then maybe make a default one. */
@@ -6018,7 +6017,6 @@ port_parse_config(smartlist_t *out,
 port = 1;
 } else if (!strcasecmp(addrport, "auto")) {
   port = CFG_AUTO_PORT;
-  tor_assert(family >= 0);
   tor_addr_copy(, _addr);
 } else if (!strcasecmpend(addrport, ":auto")) {
   char *addrtmp = tor_strndup(addrport, strlen(addrport)-5);
@@ -6035,18 +6033,12 @@ port_parse_config(smartlist_t *out,
  "9050" might be a valid address. */
   port = (int) tor_parse_long(addrport, 10, 0, 65535, , NULL);
   if (ok) {
-tor_assert(family >= 0);
 tor_addr_copy(, _addr);
   } else if (tor_addr_port_lookup(addrport, , ) == 0) {
 if (ptmp == 0) {
   log_warn(LD_CONFIG, "%sPort line has address but no port", portname);
   goto err;
 }
-if (family != -1 && tor_addr_family() != family) {
-  /* This means we are parsing another ORPort family but we are
-   * attempting to find the default address' family ORPort. */
-  goto ignore;
-}
 port = ptmp;
 addr_is_explicit = true;
   } else {
diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
index 6504c680eb..ea03f43e13 100644
--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -228,15 +228,16 @@ remove_duplicate_orports(smartlist_t *ports)
 continue;
   }
   /* Same address family and same port number, we have a match. */
-  if (!current->explicit_addr && next->explicit_addr &&
-  tor_addr_family(>addr) == tor_addr_family(>addr) &&
+  if (tor_addr_family(>addr) == tor_addr_family(>addr) &&
   current->port == next->port) {
 /* Remove current because next is explicitly set. */
 removing[i] = true;
-char *next_str = tor_strdup(describe_relay_port(next));
-log_warn(LD_CONFIG, "Configuration port %s superseded by %s",
- describe_relay_port(current), next_str);
-tor_free(next_str);
+if (!current->explicit_addr && next->explicit_addr) {
+  char *next_str = tor_strdup(describe_relay_port(next));
+  log_warn(LD_CONFIG, "Configuration port %s superseded by %s",
+   describe_relay_port(current), next_str);

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 1745184138c90808cd64676f4c2fb8c9d89b9abe
Author: Translation commit bot 
Date:   Fri Nov 13 12:45:17 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 41 +
 1 file changed, 37 insertions(+), 4 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index 99574b8147..5aaa0a4995 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10193,7 +10193,7 @@ msgstr ""
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "### US"
-msgstr ""
+msgstr "### الولايات المتحدة"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10201,6 +10201,8 @@ msgid ""
 "| [2HOST](https://2host.com/) | - | Yes | Yes | Yes(?) | Vague AUP/Abuse "
 "handling | 10/15/14 |"
 msgstr ""
+"| [2HOST] (https://2host.com/) | - | نعم | نعم | نعم (؟) | غام
ضة AUP / "
+"التعامل مع إساءة الاستخدام | 10/15/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10208,12 +10210,15 @@ msgid ""
 "| [Amazon Web Services (AWS)](https://aws.amazon.com) | - | Yes | Yes | No |"
 " - | - |"
 msgstr ""
+"| [خدمات أمازون ويب (AWS)] (https://aws.amazon.com) | - | نعم
 | نعم | لا | -"
+" | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [AmeriNOC](https://www.amerinoc.com/) | - | Yes | Yes | Yes | - | - |"
 msgstr ""
+"| [AmeriNOC] (https://www.amerinoc.com/) | - | نعم | نعم | نعم | - | 
- |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10221,18 +10226,20 @@ msgid ""
 "| [Arvixe](https://www.arvixe.com/vps_virtual_private_servers_hosting/) | - "
 "| Yes | Yes | Yes | - | 06/19/13 |"
 msgstr ""
+"| [Arvixe] (https://www.arvixe.com/vps_virtual_private_servers_hosting/) | -"
+" | نعم | نعم | نعم | - | 06/19/13 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [Axigy](http://www.axigy.com) | - | Yes | Yes | Yes | - |  - |"
-msgstr ""
+msgstr "| [أكسيغي] (http://www.axigy.com) | - | نعم | نعم | نعم 
| - | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [Blacklotus](http://www.blacklotus.net) | - | Yes | Yes | Yes | Liberal "
 "abuse handling policies | - |"
-msgstr ""
+msgstr "| [أكسيغي] (http://www.axigy.com) | - | نعم | نعم | نعم 
| - | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10241,6 +10248,9 @@ msgid ""
 " [here](https://buyvm.net/acceptable-use-policy/#3). All relays are fine if "
 "you follow the steps. | - |"
 msgstr ""
+"| [BuyVM.net] (https://buyvm.net) | AS53667 | نعم | نعم | نعم | 
قواعد Tor "
+"الجديدة [هنا] (https://buyvm.net/acceptable-use-policy/#3). جم
يع المرحلات "
+"بخير إذا اتبعت الخطوات. | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10249,6 +10259,8 @@ msgid ""
 "are interested in hosting either, you can ask us about a dedicated server.\""
 " | 10/01/14 |"
 msgstr ""
+"| [مضيف محفز] (https://catalysthost.com/) | - | ؟ | لا | لا | 
\"إذا كنت "
+"مهتمًا بالاستضافة أيضًا ، يمكنك أن تسألنا 
عن خادم مخصص.\" | 10/01/14 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10257,6 +10269,9 @@ msgid ""
 "for their US Operations arm. They will cancel your account and claim it is a"
 " ToS violation, which requires you to pay out a 60-day notice. | 10/2020 |"
 msgstr ""
+"| [Cloudvider] (https://www.clouvider.co.uk/) | - | لا | لا | لا | 
هذا لذراع"
+" العمليات الأمريكية. سيقومون بإلغاء حسابك 
والمطالبة بأنه انتهاك لشروط الخدمة"
+" ، مما يتطلب منك دفع إشعار لمدة 60 يومًا. | 
10/2020 |"
 
 #:

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 4b01843255df1853f549aac513c4cd073df8bf0b
Author: Translation commit bot 
Date:   Fri Nov 13 12:15:18 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/contents+ar.po b/contents+ar.po
index cc19a1541f..99574b8147 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10187,6 +10187,8 @@ msgstr ""
 msgid ""
 "| [RapidSwitch](http://rapidswitch.com/) | - | Yes | Yes | ? | - | 07/2014 |"
 msgstr ""
+"| [RapidSwitch] (http://rapidswitch.com/) | - | نعم | نعم | ؟ | - | 
07/2014 "
+"|"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 65b51fd4b08821927eca132de08cf0d394effa38
Author: Translation commit bot 
Date:   Fri Nov 13 11:45:14 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/contents+ar.po b/contents+ar.po
index 4e0ea5b48c..cc19a1541f 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10156,12 +10156,16 @@ msgid ""
 "run their own relay named Gigatux.  They also offer servers in the US, "
 "Germany, and Israel. | - |"
 msgstr ""
+"| [جيجاتوكس] (https://www.gigatux.com) | - | نعم | نعم | نعم 
| يديرون بالفعل"
+" التتابع الخاص بهم المسمى Gigatux. كما أنها 
توفر خوادم في الولايات المتحدة "
+"وألمانيا وإسرائيل. | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [Clustered.net](http://www.clustered.net) | - | Yes | Yes | Yes | - | - |"
 msgstr ""
+"| [Clustered.net] (http://www.clustered.net) | - | نعم | نعم | نعم | 
- | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10171,6 +10175,12 @@ msgid ""
 " so advise changing the default exit (good idea in the UK anyhow). Any DMCA "
 "notices received were simply forwarded on without agro | - |"
 msgstr ""
+"| [بيتفولك] (http://bitfolk.com/) | - | نعم | نعم | نعم | 
إنهم يتمتعون "
+"بمعرفة كبيرة ويفهمون تور واستخداماته. إنهم
 مثيرون للاهتمام بشأن الرسائل غير "
+"المرغوب فيها وإساءة الاستخدام ، لذا ننصح 
بتغيير الخروج الافتراضي (فكرة جيدة "
+"في المملكة المتحدة على أي حال). أي إشعارات 
تم استلامها وفقًا لقانون الألفية "
+"الجديدة لحقوق طبع ونشر المواد الرقمية تم 
إعادة توجيهها ببساطة بدون agro | - "
+"|"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [donate-static/master] Grants wants to have this link to the main portal and reported the current main / as a bug. Fixing it.

2020-11-13 Thread hiro 
commit 613e254ca7bd16d9ed2532e41defe462f73e4d6a
Author: Antonela 
Date:   Thu Nov 12 19:10:27 2020 +

Grants wants to have this link to the main portal and reported the current 
main / as a bug. Fixing it.
---
 templates/navbar-min.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/navbar-min.html b/templates/navbar-min.html
index 0c75eea6..63af2328 100644
--- a/templates/navbar-min.html
+++ b/templates/navbar-min.html
@@ -13,7 +13,7 @@
 {% endif %}
   
 
-  
+  https://torproject.org;>
 
 Tor Logo
   

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 23d7ef05a6958ff3d085885c878339d221af4771
Author: Translation commit bot 
Date:   Fri Nov 13 11:15:17 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+ar.po | 32 +++-
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/contents+ar.po b/contents+ar.po
index af2567dc07..4e0ea5b48c 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -10049,12 +10049,15 @@ msgid ""
 "| TeliaSonera | - | Yes | Yes | ? | TeliaSonera is also big in Sweden and "
 "deliver where other ISPs can't. | - |"
 msgstr ""
+"| TeliaSonera | - | نعم | نعم | ؟ | TeliaSonera هي أيضًا 
كبيرة في السويد "
+"وتقدم حيث لا يستطيع مزودو خدمات الإنترنت 
الآخرون ذلك. | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid ""
 "| [PRQ](http://prq.se/?p=dedicated=1) |  - | Yes | Yes | Yes | - | - |"
 msgstr ""
+"| [PRQ] (http://prq.se/؟p=dedicated=1) | - | نعم | نعم | نعم | 
- | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10063,11 +10066,14 @@ msgid ""
 "provided connectivity for ThePirateBay, OpenBitTorrent tracker et al.  "
 "Handles abuse according to \"Swedish praxis\". |  - |"
 msgstr ""
+"| [Portlane] (http://www.portlane.com/) | - | نعم | نعم | نعم | تم 
توفير "
+"اتصال سابق لـ ThePirateBay و OpenBitTorrent tracker et al. 
يتعامل مع الإساءة"
+" وفقًا لـ \"الممارسة السويدية\". | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "### Switzerland"
-msgstr ""
+msgstr "### سويسرا"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10080,11 +10086,18 @@ msgid ""
 "[Cloudcom](https://cloudc.me), [AtomDrive](https://atomdrive.net). "
 "Cryptocurrencies are accepted. | 12/04/2015 |"
 msgstr ""
+"| [شركة سولار كوميونيكيشنز] (https://solarcom.ch/) | 
AS197988 | نعم | نعم | "
+"لا | \"نسمح بوضع أجهزة توجيه Tor ، لكن لا نسمح 
بوضع عقد خروج Tor.\" ينطبق "
+"هذا على جميع شركائهم ، الذين يبيعون بالفعل 
خدمات Solar للجمهور ، وهي: "
+"[الخادم والسحابة] (https://server-cloud.com) ، [CoinsHost] "
+"(https://coinshost.com) ، [بشكل غير صريح ] 
(https://incloudably.net) ، "
+"[Cloudcom] (https://cloudc.me) ، [AtomDrive] (https://atomdrive.net). يتم 
"
+"قبول العملات المشفرة. | 12/04/2015 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "| [fsit](http://www.fsit.ch/) | - | Yes | Yes | Yes | - | 11/2015 |"
-msgstr ""
+msgstr "| [fsit] (http://www.fsit.ch/) | - | نعم | نعم | نعم | - | 
11/2015 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10092,11 +10105,13 @@ msgid ""
 "| [Swiss Made Host](https://swissmade.host/en/) | - | No | No | No | \"Tor "
 "is not welcome on our network.\" | 10/2020 |"
 msgstr ""
+"| [مضيف سويسري الصنع] (https://swissmade.host/en/) | - | لا 
| لا | لا | "
+"\"Tor غير مرحب به على شبكتنا.\" | 10/2020 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "### Slovenia"
-msgstr ""
+msgstr "### سلوفينيا"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -10104,11 +10119,14 @@ msgid ""
 "| [Tus Hosting](http://www.tushosting.si/) | - |  Yes | Yes | Yes |  They "
 "just simply forward DMCA notices to us to handle (or ignore) them | - |"
 msgstr ""
+"| [Tus Hosting] (http://www.tushosting.si/) | - | نعم | نعم | نعم | 
إنهم "
+"ببساطة يرسلون إشعارات قانون الألفية 
الجديدة لحقوق طبع ونشر المواد الرقمية "
+"إلينا للتعامل معها (أو تجاهلها) | - |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
 msgid "### Ukraine"
-msgstr ""
+msgstr "### أوكرانيا"

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 947bd5ec455e5b812d1d84810a396f7d6dbb1ff4
Author: Translation commit bot 
Date:   Fri Nov 13 10:45:13 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+es-AR.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 8ca7afe702..07a6b746a7 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -377,7 +377,7 @@ msgstr ""
 msgid ""
 "We practice human-centered design when we build tools for internet freedom."
 msgstr ""
-"Practicamos un diseño centrado en el ser humano cuando creamos herremientas "
+"Practicamos un diseño centrado en el ser humano cuando creamos herramientas "
 "para la libertad en Internet."
 
 #: https//community.torproject.org/user-research/

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot_completed] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed

2020-11-13 Thread translation 
commit 56abe4fe6c785fe690e1a49376420ff0cef54dd1
Author: Translation commit bot 
Date:   Fri Nov 13 10:45:22 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed
---
 contents+es-AR.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 8ca7afe702..07a6b746a7 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -377,7 +377,7 @@ msgstr ""
 msgid ""
 "We practice human-centered design when we build tools for internet freedom."
 msgstr ""
-"Practicamos un diseño centrado en el ser humano cuando creamos herremientas "
+"Practicamos un diseño centrado en el ser humano cuando creamos herramientas "
 "para la libertad en Internet."
 
 #: https//community.torproject.org/user-research/

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot_completed] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed

2020-11-13 Thread translation 
commit a5993078772d975beab962c7e744c63b9b74d56d
Author: Translation commit bot 
Date:   Fri Nov 13 10:15:33 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed
---
 contents+es-AR.po | 556 +++---
 1 file changed, 441 insertions(+), 115 deletions(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 6a4de48ab7..8ca7afe702 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -377,8 +377,8 @@ msgstr ""
 msgid ""
 "We practice human-centered design when we build tools for internet freedom."
 msgstr ""
-"Practicamos un diseño centrado en el ser humano cuando construimos "
-"herremientas para la libertad en Internet."
+"Practicamos un diseño centrado en el ser humano cuando creamos herremientas "
+"para la libertad en Internet."
 
 #: https//community.torproject.org/user-research/
 #: (content/user-research/contents+en.lrpage.body)
@@ -5471,6 +5471,10 @@ msgid ""
 "all of them with different motivations, but demanding a usable private and "
 "secure tool to access the Internet."
 msgstr ""
+"Como parte de nuestros viajes al sur global durante 2018 y 2019, tuvimos la "
+"suerte de encontrar un montón de diferentes usuarios de Tor: desde "
+"activistas a periodistas, todos ellos con diferentes motivaciones, pero "
+"demandando un herramienta usable, privada y segura, para acceder a Internet."
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5479,11 +5483,14 @@ msgid ""
 "user stories and finding patterns across them. It is how our Personas "
 "emerged from our in field research."
 msgstr ""
+"Con el Equipo Comunitario, hemos estado trabajando, recopilando y mapeando "
+"historias de usuarios reales, y encontrando patrones entre ellos. Así es "
+"como nuestras Personas emergieron de nuestra investigación de campo."
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
 msgid "### Tor Personas"
-msgstr ""
+msgstr "### Tor Personas"
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5491,6 +5498,8 @@ msgid ""
 "* [Jelani, the human rights "
 
"defender](https://dip.torproject.org/torproject/ux/research/tree/master/persona/jelani.pdf)"
 msgstr ""
+"* [Jelani, el defensor de los derechos "
+"humanos](https://dip.torproject.org/torproject/ux/research/tree/master/persona/jelani.pdf)"
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5498,6 +5507,8 @@ msgid ""
 "* [Aleisha, the privacy "
 
"looker](https://dip.torproject.org/torproject/ux/research/tree/master/persona/aleisha.pdf)"
 msgstr ""
+"* [Aleisha, la buscadora de "
+"privacidad](https://dip.torproject.org/torproject/ux/research/tree/master/persona/aleisha.pdf)"
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5505,6 +5516,8 @@ msgid ""
 "* [Fernanda, the feminist "
 
"activist](https://dip.torproject.org/torproject/ux/research/tree/master/persona/fernanda.pdf)"
 msgstr ""
+"* [Fernanda, la activista "
+"feminista](https://dip.torproject.org/torproject/ux/research/tree/master/persona/fernanda.pdf)"
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5512,6 +5525,8 @@ msgid ""
 "* [Fatima, the censored "
 
"user](https://dip.torproject.org/torproject/ux/research/tree/master/persona/fatima.pdf)"
 msgstr ""
+"* [Fátima, la usuaria "
+"censurada](https://dip.torproject.org/torproject/ux/research/tree/master/persona/fatima.pdf)"
 
 #: https//community.torproject.org/user-research/persona/
 #: (content/user-research/persona/contents+en.lrpage.body)
@@ -5519,11 +5534,13 @@ msgid ""
 "* [Alex, the fearless "
 
"journalist](https://dip.torproject.org/torproject/ux/research/tree/master/persona/alex.pdf)"
 msgstr ""
+"* [Alex, le periodista "
+"intrépidx](https://dip.torproject.org/torproject/ux/research/tree/master/persona/alex.pdf)"
 
 #: https//community.torproject.org/user-research/open/
 #: (content/user-research/open/contents+en.lrpage.title)
 msgid "Open User Research"
-msgstr ""
+msgstr "Investigación de Usuario Abierta"
 
 #: https//community.torproject.org/user-research/open/
 #: (content/user-research/open/contents+en.lrpage.subtitle)
@@ -5533,6 +5550,10 @@ msgid ""
 "what we are working on and start to run user research with your local "
 "community."
 msgstr ""
+"Ponemos a nuestros usuarios en el centro de nuestro proceso de desarrollo. "
+"Así es como llevamos tecnología de aumento de la privacidad a aquellos que "
+"más la necesitan. Explorá en lo que estamos trabajando y empezá a efectuar 
"
+"investigación de usuario con tu comunidad local."
 
 #: https//community.torproject.org/user-research/open/

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 4392df1d994966350e6f83b7840611543c264bcd
Author: Translation commit bot 
Date:   Fri Nov 13 10:15:17 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+es-AR.po | 28 +---
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 143c1bd59d..8ca7afe702 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -377,8 +377,8 @@ msgstr ""
 msgid ""
 "We practice human-centered design when we build tools for internet freedom."
 msgstr ""
-"Practicamos un diseño centrado en el ser humano cuando construimos "
-"herremientas para la libertad en Internet."
+"Practicamos un diseño centrado en el ser humano cuando creamos herremientas "
+"para la libertad en Internet."
 
 #: https//community.torproject.org/user-research/
 #: (content/user-research/contents+en.lrpage.body)
@@ -9822,8 +9822,8 @@ msgid ""
 "uses OVH AS. You can build ANY kind tor relays. | 05/01/2016 |"
 msgstr ""
 "| [Pulse Servers](http://www.pulseservers.com/) | - | Sí | Sí | Sí | Los 
VPS"
-" usan OVH AS. Podés construir CUALQUIER clase de repetidor tor. | 05/01/2016"
-" |"
+" usan OVH AS. Podés configurar CUALQUIER clase de repetidor tor. | "
+"05/01/2016 |"
 
 #: https//community.torproject.org/relay/community-resources/good-bad-isps/
 #: 
(content/relay-operations/community-resources/good-bad-isps/contents+en.lrpage.body)
@@ -12888,7 +12888,7 @@ msgid ""
 "make sure you have `ClientOnionAuthDir` set in your torrc."
 msgstr ""
 "Para acceder como cliente a un servicio onion versión 3 con autorización de 
"
-"cliente, asegurate que tenés `ClientOnionAuthDir` ajustado en tu torrc."
+"cliente, asegurate que tenés `ClientOnionAuthDir` establecido en tu torrc."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -12909,7 +12909,7 @@ msgid ""
 msgstr ""
 "Después, en el directorio ``, creá un archivo "
 "`.auth_private` para el servicio onion correspondiente a esta clave (ej.: "
-"'roberto_onion.auth_private')."
+"'bob_onion.auth_private')."
 
 #: https//community.torproject.org/onion-services/advanced/client-auth/
 #: (content/onion-services/advanced/client-auth/contents+en.lrpage.body)
@@ -13156,9 +13156,8 @@ msgid ""
 "The most prominent attacks are building a profile of the onion service's "
 "availability and matching induced traffic patterns."
 msgstr ""
-"Los ataques más prominentes son la construcción de un perfil de "
-"disponibilidad del servicio onion y el emparejamiento de patrones de tráfico"
-" inducido."
+"Los ataques más prominentes son la creación de un perfil de disponibilidad "
+"del servicio onion y el emparejamiento de patrones de tráfico inducido."
 
 #: https//community.torproject.org/onion-services/advanced/opsec/
 #: (content/onion-services/advanced/opsec/contents+en.lrpage.body)
@@ -13322,7 +13321,7 @@ msgid ""
 msgstr ""
 "Donde `tu-dirección-onion.onion` es la dirección del servicio onion que "
 "querés redirigir, y `{REQUEST_URI}` es el [componente de ruta del URI "
-"solicitado](https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html), ral "
+"solicitado](https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html), tal "
 "como \"/index.html\"."
 
 #: https//community.torproject.org/onion-services/advanced/onion-location/
@@ -17832,8 +17831,8 @@ msgid ""
 "eavesdroppers with and without Tor Browser and HTTPS encryption:"
 msgstr ""
 "La siguiente visualización muestra qué información es visible para alguien 
"
-"que está espiando, tanto si usás al Navegador Tor y encriptado HTTPS,  como 
"
-"si no lo usás:"
+"que está espiando, tanto si usás al Navegador Tor y encriptación HTTPS,  "
+"como si no los usás:"
 
 #: lego/templates/secure-connections.html:4
 msgid ""
@@ -18070,12 +18069,11 @@ msgid ""
 "organization."
 msgstr ""
 "El software Tor es desarrollado por el Tor Project, una organización sin "
-"fines de lucro según 501(c)3."
+"fines de lucro bajo ley 501(c)3."
 
 #: templates/outreach-talk.html:56
 msgid "We build free and open source software anyone can use."
-msgstr ""
-"Construimos software libre y de código abierto que cualquiera puede usar."
+msgstr "Creamos software libre y de código abierto que cualquiera puede usar."
 
 #: templates/outreach-talk.html:66
 msgid "Tor software is used by millions of people around the world."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/communitytpo-contentspot_completed] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed

2020-11-13 Thread translation 
commit bcae2f8d11b92769669220795de728b8fa60a827
Author: Translation commit bot 
Date:   Fri Nov 13 09:45:26 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot_completed
---
 contents+es-AR.po | 52 +++-
 1 file changed, 47 insertions(+), 5 deletions(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 3c1e71cf40..6a4de48ab7 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -4964,6 +4964,8 @@ msgid ""
 "If your keys leak, other people can impersonate your onion service, deeming "
 "it compromised, useless, and dangerous to visit."
 msgstr ""
+"Si tus claves se filtran, otra gente puede hacerse pasar por tu servicio "
+"onion, tornándolo comprometido, inútil y peligroso para visitarlo."
 
 #: https//community.torproject.org/onion-services/setup/
 #: (content/onion-services/setup/contents+en.lrpage.body)
@@ -5307,6 +5309,8 @@ msgid ""
 "It is easier to have this material printed and in hand, but if you prefer, "
 "you can also type it on your computer."
 msgstr ""
+"Es más fácil tener este material impreso y a mano, pero si lo preferís, "
+"también podés tipearlo en tu computadora."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
@@ -5315,11 +5319,14 @@ msgid ""
 "you're going to install a Tor feature with someone during the interview, you"
 " may need to have it downloaded before the training."
 msgstr ""
+"Tené en mente que puede que no tengas acceso a Internet en el lugar, por lo "
+"que si vas a instalar una característica de Tor con alguien durante la "
+"entrevista, podrías necesitar haberla descargado antes del entrenamiento."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
 msgid "## Report to Tor UX team"
-msgstr ""
+msgstr "## Informar al equipo de Experiencia de Usuario de Tor"
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
@@ -5331,6 +5338,13 @@ msgid ""
 "learned; 2. Tor project; and 3. Tor in general. It can also be questions - "
 "keep in mind that any feedback is a good feedback."
 msgstr ""
+"Antes de finalizar el entrenamiento, coordiná los comentarios con el "
+"entrenador. Ambos deberían trabajar juntos para entregar pósits para la "
+"audiencia, pueden darle a cada participante pósits de color diferente por "
+"cada pregunta, y solicitarles completarlo con qué es lo que piensan acerca "
+"de: 1. el servicio que acaban de aprender; 2. el Tor Project; y 3. Tor en "
+"general. También puede haber preguntas - tené en mente que cualquier "
+"comentario es un buen comentario."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
@@ -5341,11 +5355,17 @@ msgid ""
 " a form at the end of the research, so we can get your address to send to "
 "you a researcher kit (t-shirt and stickers)."
 msgstr ""
+"Es muy importante para nosotros volver a escucharte. Queremos saber cómo "
+"fueron el entrenamiento y la investigación para vos, cómo podemos mejorar "
+"nuestro soporte y también, si querés seguir haciendo Investigación de "
+"Usuario Tor. Te vamos a solicitar completar un formulario al finalizar la "
+"investigación, para que podamos conocer tu domicilio para enviarte un kit de"
+" investigador (remera y autoadhesivos)."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
 msgid "We hope to hear back from you very soon!"
-msgstr ""
+msgstr "¡Esperamos volver a escucharte muy pronto!"
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
@@ -5354,6 +5374,10 @@ msgid ""
 " [get in touch](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) "
 "with us to get it."
 msgstr ""
+"Vamos a enviarte nuestro documento sobre **cómo informar** al equipo de "
+"Experiencia de Usuario, por lo que, por favor, "
+"[contactanos](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) para"
+" obtenerlo."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
@@ -5362,11 +5386,14 @@ msgid ""
 "would love to have another way to get the material you collected. You can "
 "take pictures or send your ´raw´ notes for us."
 msgstr ""
+"Si pensás que no vas a tener tiempo para recopilar e informar en este "
+"formato, nos encantaría tener otra manera de obtener el material que "
+"recolectaste. Podés tomar fotos o enviarnos tus notas ´en bruto´."
 
 #: https//community.torproject.org/user-research/guidelines/
 #: (content/user-research/guidelines/contents+en.lrpage.body)
 msgid "## Additional links"
-msgstr ""
+msgstr "## Vínculos adicionales"
 
 #:

[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot

2020-11-13 Thread translation 
commit 38fab07fee2e22e9c36ec93ba093d77750ed053f
Author: Translation commit bot 
Date:   Fri Nov 13 09:45:18 2020 +


https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
---
 contents+es-AR.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contents+es-AR.po b/contents+es-AR.po
index 63765d6b71..143c1bd59d 100644
--- a/contents+es-AR.po
+++ b/contents+es-AR.po
@@ -5374,7 +5374,7 @@ msgid ""
 " [get in touch](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) "
 "with us to get it."
 msgstr ""
-"Vamos a enviarte nuestro documento sobre **cómo informar** al equiipo de "
+"Vamos a enviarte nuestro documento sobre **cómo informar** al equipo de "
 "Experiencia de Usuario, por lo que, por favor, "
 "[contactanos](https://lists.torproject.org/cgi-bin/mailman/listinfo/ux) para"
 " obtenerlo."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

  1   2   >