[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 8ad236d9b08483c42de8b134319c7f0a0985a8bd Author: Translation commit bot Date: Thu Jul 15 05:45:13 2021 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+tr.po | 27 ++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/contents+tr.po b/contents+tr.po index 86162fd0ed..8b9284f966 100644 --- a/contents+tr.po +++ b/contents+tr.po @@ -13000,6 +13000,8 @@ msgstr "" #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) msgid "* First, learn about your university's AUP -- acceptable use policy." msgstr "" +"* Ä°lk olarak, üniversitenizin uygulanabilir kullanım ilkesi (AUP) hakkında " +"bilgi edinin." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13007,6 +13009,8 @@ msgid "" "Most likely it is ambiguously worded, to let them allow or deny things based" " on the situation." msgstr "" +"Büyük olasılıkla, duruma göre konulara izin vermek ya da reddetmek üzere " +"belirsiz bir Åekilde ifade edilmiÅtir." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13014,6 +13018,8 @@ msgid "" "But it might be extremely restrictive (\"no services of any kind\"), in " "which case you're going to have a tough road ahead of you." msgstr "" +"Ancak son derece kısıtlayıcı olabilir (\"hiç bir hizmet sunulmaz\"). Bu " +"durumda önünüzde zorlu bir yol olacak." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13021,6 +13027,8 @@ msgid "" "* Second, learn about your local laws with respect to liability of traffic " "that exits from your Tor relay." msgstr "" +"* Ä°kinci olarak, Tor aktarıcınızdan çıkan trafiÄin sorumluluÄuyla ilgili " +"tabi olduÄunuz yasalar hakkında bilgi edinin." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13030,6 +13038,10 @@ msgid "" "faq/), and the good news is that many lawyers believe that Tor exit node " "operators are in the same boat as the ISPs themselves." msgstr "" +"BirleÅik Devletler'de bunlar [DMCA](/relay/community-resources/eff-tor-" +"legal-faq/) ve [CDA](/relay/community-resources/eff-tor-legal-faq/) gibi " +"görünüyor. Ä°yi haber Åu ki, birçok avukat Tor çıkıŠaktarıcısı iÅletmecileri" +" ile Ä°nternet hizmeti saÄlayıcılarının aynı gemide olduÄuna inanıyor." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13038,6 +13050,9 @@ msgid "" "Tor](/relay/community-resources/eff-tor-legal-faq/tor-dmca-response/), which" " is quite clear about not putting liability on service providers." msgstr "" +"Hizmet saÄlayıcılara sorumluluk yüklememek konusunda oldukça açık olan [EFF " +"Tor için DMCA bildirimleriyle ilgili mektup kalıbı](/relay/community-" +"resources/eff-tor-legal-faq/tor-dmca-response/) üzerine çalıÅın." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13045,6 +13060,8 @@ msgid "" "The CDA is less clear, because it was written before the modern Internet " "emerged, but EFF and ACLU are optimistic." msgstr "" +"CDA daha az açıktır, çünkü modern Ä°nternet ortaya çıkmadan önce yazılmıÅtır." +" Ancak EFF ve ACLU iyimserdir." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13053,6 +13070,8 @@ msgid "" "even then), it's still possible that a given judge will not interpret things" " the way the lawyers expect." msgstr "" +"Tabii ki, gerçek açık emsal olmadan (ve o zaman bile), bir yargıcın olayları" +" avukatların beklediÄi Åekilde yorumlamayabileceÄini anlamalısınız." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #: (content/relay/community-resources/tor-relay-universities/contents+en.lrpage.body) @@ -13060,11 +13079,13 @@ msgid "" "In any case, the key here is to become familiar with the laws and their " "implications and uncertainties." msgstr "" +"Her durumda asıl konu, yasalar, bunların etkileri ve belirsizlikleri " +"hakkında bilgi sahibi olmaktır." #: https//community.torproject.org/relay/community-resources/tor-relay-universities/ #:
[tor-commits] [tor-browser-build/master] fixup! Bug 40232: Move Alpha to Go 1.16
commit 56f538d0ea6f4b5136bb77d7f4cc9cb4cb363f03 Author: Matthew Finkel Date: Thu Jul 15 04:30:48 2021 + fixup! Bug 40232: Move Alpha to Go 1.16 --- projects/go/0001-Use-fixed-go-build-tmp-directory.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/go/0001-Use-fixed-go-build-tmp-directory.patch b/projects/go/0001-Use-fixed-go-build-tmp-directory.patch index 211376d..f8c8559 100644 --- a/projects/go/0001-Use-fixed-go-build-tmp-directory.patch +++ b/projects/go/0001-Use-fixed-go-build-tmp-directory.patch @@ -15,7 +15,7 @@ index 33b7818fb2..5e369d0f53 100644 if cfg.BuildN { b.WorkDir = "$WORK" } else { -- tmp, err := ioutil.TempDir(cfg.Getenv("GOTMPDIR"), "go-build") +- tmp, err := os.MkdirTemp(cfg.Getenv("GOTMPDIR"), "go-build") - if err != nil { - base.Fatalf("go: creating work dir: %v", err) + tmp := filepath.Join(cfg.Getenv("GOTMPDIR"), "go-build-workdir") ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Bug 40340: Use the https-everywhere Github repo
commit 96546bae9d89e8a1cfb72ad3fd56db1b47a4256a Author: Matthew Finkel Date: Thu Jul 15 04:34:48 2021 + Bug 40340: Use the https-everywhere Github repo --- projects/https-everywhere/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/https-everywhere/config b/projects/https-everywhere/config index 50cd1b1..f51b13c 100644 --- a/projects/https-everywhere/config +++ b/projects/https-everywhere/config @@ -1,6 +1,6 @@ # vim: filetype=yaml sw=2 version: 2021.7.13 -git_url: https://git.torproject.org/https-everywhere.git +git_url: https://github.com/EFForg/https-everywhere.git git_hash: '[% c("version") %]' git_submodule: 1 gpg_keyring: https-everywhere.gpg ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 549e9a77092d386f6f21afa7e16001caff106a33 Author: Translation commit bot Date: Thu Jul 15 02:16:35 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- zh_CN.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zh_CN.po b/zh_CN.po index 1b1de449ff..1deabf6cee 100644 --- a/zh_CN.po +++ b/zh_CN.po @@ -26,7 +26,7 @@ # Sanya chang <408070...@qq.com>, 2013 # Scott Rhodes , 2020-2021 # Simon Koch , 2020 -# Siyuan Xu , 2021 +# Siyuan Xu, 2021 # W4ter , 2021 # khi, 2014 # Xiaolan , 2014 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/master] Release preparations for 11.0a2
commit 7a821145d21a77914978529ce9aa6b64caebe9b4 Author: Matthew Finkel Date: Wed Jul 14 03:47:55 2021 + Release preparations for 11.0a2 Version and Changelog updates --- projects/android-components/config | 4 +- .../gradle-dependencies-list.txt | 4 +- projects/fenix/config | 4 +- projects/fenix/gradle-dependencies-list.txt| 352 ++--- projects/firefox/config| 4 +- projects/geckoview/config | 2 +- .../go/0001-Use-fixed-go-build-tmp-directory.patch | 2 +- projects/https-everywhere/config | 2 +- .../tor-browser/Bundle-Data/Docs/ChangeLog.txt | 17 + projects/tor-browser/allowed_addons.json | 198 ++-- rbm.conf | 2 +- 11 files changed, 304 insertions(+), 287 deletions(-) diff --git a/projects/android-components/config b/projects/android-components/config index e2f240d..03e22b7 100644 --- a/projects/android-components/config +++ b/projects/android-components/config @@ -8,12 +8,12 @@ gpg_keyring: torbutton.gpg variant: '[% IF c("var/release") %]Release[% ELSE %]Beta[% END %]' var: - android_components_version: 90.0.11 + android_components_version: 90.0.12 torbrowser_branch: 11.0 container: use_container: 1 # This should be updated when the list of gradle dependencies is changed. - gradle_dependencies_version: 26 + gradle_dependencies_version: 27 gradle_version: 6.6.1 glean_parser: 3.2.0 git_branch: '[% project %]-[% c("var/android_components_version") %]-[% c("var/torbrowser_branch") %]-1' diff --git a/projects/android-components/gradle-dependencies-list.txt b/projects/android-components/gradle-dependencies-list.txt index 1118f17..a26b641 100644 --- a/projects/android-components/gradle-dependencies-list.txt +++ b/projects/android-components/gradle-dependencies-list.txt @@ -387,8 +387,8 @@ e99477265ee7b3fd8c8c5d5a8a3e0b5372dfffb8b55aa037e03b5520a590c63c | https://maven d5bc8b9ee51c1c99fb9d9f0a1ad5971f20d8ebca5f65ab0a511d2e68a7058ce3 | https://maven.mozilla.org/maven2/org/mozilla/components/support-ktx/75.0.0/support-ktx-75.0.0.pom 3a8be5803d69f1c27f1c6be686b4693ed2ad815992240540e78713043b2442d0 | https://maven.mozilla.org/maven2/org/mozilla/components/support-utils/75.0.0/support-utils-75.0.0.aar 7f2a2ee5be870a21ac6ef982ac76869d15c707b9771a54aac9ab602f74d99b86 | https://maven.mozilla.org/maven2/org/mozilla/components/support-utils/75.0.0/support-utils-75.0.0.pom -4bac410c8dbd792933a1e03e980a67fb41a5f0ec164836eb2c5e47e9a8157f8f | https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/90.0.20210624190035/geckoview-beta-90.0.20210624190035.aar -192631dbca16d4cb03f4f8b4913f79e4ec2fe01877c03a4e0c7b485346f0a26f | https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview-beta/90.0.20210624190035/geckoview-beta-90.0.20210624190035.pom +6918bb8864d4e066412edaf0f4771fdd4309a4197436d59735e6956efed4c766 | https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/90.0.20210705185941/geckoview-90.0.20210705185941.aar +c5de862f7feca6dc70dad5120ba780e85ff53203939338845d53dffac157f2f0 | https://maven.mozilla.org/maven2/org/mozilla/geckoview/geckoview/90.0.20210705185941/geckoview-90.0.20210705185941.pom 8f8856f00b005a719e75759a2cdcf6cd8ef30b9a65ade3086f713644e7acabbf | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-forUnitTests/38.0.0/glean-forUnitTests-38.0.0.jar 7016d5e5b17bf8c778d15e77dc0e543e2fff2d97675053b03e01219ebf6c70b7 | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-forUnitTests/38.0.0/glean-forUnitTests-38.0.0.pom c1316aeabddcde013f52f0a49fc147becfe10621fefb6afe09fd814886c7ecf5 | https://maven.mozilla.org/maven2/org/mozilla/telemetry/glean-gradle-plugin/38.0.0/glean-gradle-plugin-38.0.0.jar diff --git a/projects/fenix/config b/projects/fenix/config index 11d83d4..3545901 100644 --- a/projects/fenix/config +++ b/projects/fenix/config @@ -8,14 +8,14 @@ gpg_keyring: torbutton.gpg variant: Beta var: - fenix_version: 90.0.0b6 + fenix_version: 90.1.1 torbrowser_branch: 11.0 git_branch: 'tor-browser-[% c("var/fenix_version") %]-[% c("var/torbrowser_branch") %]-1' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' container: use_container: 1 # This should be updated when the list of gradle dependencies is changed. - gradle_dependencies_version: 28 + gradle_dependencies_version: 29 gradle_version: 6.5.1 glean_parser: 3.2.0 diff --git a/projects/fenix/gradle-dependencies-list.txt b/projects/fenix/gradle-dependencies-list.txt index ad2f948..cae263d 100644 --- a/projects/fenix/gradle-dependencies-list.txt +++ b/projects/fenix/gradle-dependencies-list.txt @@ -377,182 +377,182 @@ cb1aa6bbb2193af67f2c4c5953b88ec42f253df6423c61f3ef050bdcd1894191 | https://maven
[tor-commits] [tor-browser-build/master] Bug 40232: Move Alpha to Go 1.16
commit f58e644a341025060ddec6d173a37ef2cb9f55c6 Author: Matthew Finkel Date: Wed Jul 14 03:29:29 2021 + Bug 40232: Move Alpha to Go 1.16 --- projects/go/config | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/go/config b/projects/go/config index 8a67ae8..79f24a2 100644 --- a/projects/go/config +++ b/projects/go/config @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 1.15.13 +version: 1.16.6 filename: '[% project %]-[% c("version") %]-[% c("var/build_id") %].tar.gz' var: @@ -118,7 +118,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://golang.org/dl/go[% c("version") %].src.tar.gz' name: go -sha256sum: 99069e7223479cce4553f84f874b9345f6f4045f27cf5089489b546da619a244 +sha256sum: a3a5d4bc401b51db065e4f93b523347a4d343ae0c0b08a65c3423b05a138037d - URL: 'https://golang.org/dl/go[% c("var/go14_version") %].src.tar.gz' name: go14 sha256sum: 9947fc705b0b841b5938c48b22dc33e9647ec0752bae66e50278df4f23f64959 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [manual/master] Remove Moat caps
commit ab901311ae824f8045da07c8b2ae1408dbbe19e9 Author: gus Date: Wed Jul 14 16:23:45 2021 -0300 Remove Moat caps --- content/bridges/contents.lr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/bridges/contents.lr b/content/bridges/contents.lr index b24a225..d9290e6 100644 --- a/content/bridges/contents.lr +++ b/content/bridges/contents.lr @@ -23,7 +23,7 @@ Because bridge addresses are not public, you will need to request them yourself. * Visit [https://bridges.torproject.org/](https://bridges.torproject.org) and follow the instructions, or * Email [brid...@torproject.org](mailto:brid...@torproject.org) from a Gmail, or Riseup email address - * Use MOAT to fetch bridges from within Tor Browser. + * Use Moat to fetch bridges from within Tor Browser. ### USING MOAT ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck_completed] https://gitweb.torproject.org/translation.git/commit/?h=torcheck_completed
commit 3cd73a3f3669fa246c5d1dbe5be47fe6612536f3 Author: Translation commit bot Date: Wed Jul 14 19:17:28 2021 + https://gitweb.torproject.org/translation.git/commit/?h=torcheck_completed --- fr/torcheck.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fr/torcheck.po b/fr/torcheck.po index 73cb048ba9..e32305c8d9 100644 --- a/fr/torcheck.po +++ b/fr/torcheck.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2021-05-31 17:47+\n" +"PO-Revision-Date: 2021-07-14 18:58+\n" "Last-Translator: AO \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -100,7 +100,7 @@ msgid "However, it does not appear to be Tor Browser." msgstr "Cependant, ça ne semble pas être le Navigateur Tor." msgid "Run a Relay" -msgstr "Faites fonctionner un relais" +msgstr "Exécuter un relais" msgid "Stay Anonymous" msgstr "Restez anonyme" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torcheck] https://gitweb.torproject.org/translation.git/commit/?h=torcheck
commit 03c81acdee6c7f68dc9aff6813eba8931d2052f2 Author: Translation commit bot Date: Wed Jul 14 19:17:23 2021 + https://gitweb.torproject.org/translation.git/commit/?h=torcheck --- fr/torcheck.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fr/torcheck.po b/fr/torcheck.po index 73cb048ba9..e32305c8d9 100644 --- a/fr/torcheck.po +++ b/fr/torcheck.po @@ -21,7 +21,7 @@ msgid "" msgstr "" "Project-Id-Version: Tor Project\n" "POT-Creation-Date: 2012-02-16 20:28+PDT\n" -"PO-Revision-Date: 2021-05-31 17:47+\n" +"PO-Revision-Date: 2021-07-14 18:58+\n" "Last-Translator: AO \n" "Language-Team: French (http://www.transifex.com/otf/torproject/language/fr/)\n" "MIME-Version: 1.0\n" @@ -100,7 +100,7 @@ msgid "However, it does not appear to be Tor Browser." msgstr "Cependant, ça ne semble pas être le Navigateur Tor." msgid "Run a Relay" -msgstr "Faites fonctionner un relais" +msgstr "Exécuter un relais" msgid "Stay Anonymous" msgstr "Restez anonyme" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/snowflakeaddon-messages.json_completed] https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json_completed
commit 0e98bc0781d2200ccfb88f91beb12dcc5d3cc852 Author: Translation commit bot Date: Wed Jul 14 19:15:46 2021 + https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json_completed --- fr/messages.json | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/fr/messages.json b/fr/messages.json index 298bf50eaf..0e1de00f89 100644 --- a/fr/messages.json +++ b/fr/messages.json @@ -39,13 +39,13 @@ "message": "Snowflake est un système pour contrecarrer la censure sur Internet. Les personnes victimes de censure peuvent utiliser Snowflake pour accéder à Internet. Leur connexion passe par des mandataires Snowflake qui sont exploités par des bénévoles. Pour de plus amples renseignements sur le fonctionnement de Snowflake, consultez notre https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home\;>wiki de documentation (page en anglais)." }, "browser": { -"message": "Navigateur" +"message": "Utiliser Snowflake" }, "censoredUsers": { "message": "Si votre accès à Internet est censuré, vous devriez télécharger le https://www.torproject.org/fr/download/\;>Navigateur Tor." }, "extension": { -"message": "Extension" +"message": "Exécuter un serveur mandataire" }, "installExtension": { "message": "Si votre accès à Internet nâest pas censuré, vous devriez envisager dâinstaller lâextension Snowflake pour aider les utilisateurs sur les réseaux censurés. Vous nâavez pas à vous soucier des sites Web auxquels les utilisateurs accèdent par votre mandataire. Leur adresse IP visible de navigation correspondra à leur nÅud de sortie de Tor, pas à la vôtre." @@ -56,6 +56,9 @@ "installChrome": { "message": "Installer dans Chrome" }, + "installStandalone": { +"message": "Si vous voulez exécuter une version en ligne de commande du mandataire Snowflake sur votre ordinateur ou sur votre serveur, consultez notre https://community.torproject.org/relay/setup/snowflake/standalone/\;>documentation sur lâexécution dâun mandataire Snowflake autonome (en anglais)." + }, "reportingBugs": { "message": "Signaler des bogues" }, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/snowflakeaddon-messages.json] https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json
commit 604dc89b761f3c1b28a6b1101be168558e3d718d Author: Translation commit bot Date: Wed Jul 14 19:15:44 2021 + https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json --- fr/messages.json | 6 +++--- pl/messages.json | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/fr/messages.json b/fr/messages.json index c438d4725a..0e1de00f89 100644 --- a/fr/messages.json +++ b/fr/messages.json @@ -39,13 +39,13 @@ "message": "Snowflake est un système pour contrecarrer la censure sur Internet. Les personnes victimes de censure peuvent utiliser Snowflake pour accéder à Internet. Leur connexion passe par des mandataires Snowflake qui sont exploités par des bénévoles. Pour de plus amples renseignements sur le fonctionnement de Snowflake, consultez notre https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home\;>wiki de documentation (page en anglais)." }, "browser": { -"message": "Use Snowflake" +"message": "Utiliser Snowflake" }, "censoredUsers": { "message": "Si votre accès à Internet est censuré, vous devriez télécharger le https://www.torproject.org/fr/download/\;>Navigateur Tor." }, "extension": { -"message": "Run a Proxy" +"message": "Exécuter un serveur mandataire" }, "installExtension": { "message": "Si votre accès à Internet nâest pas censuré, vous devriez envisager dâinstaller lâextension Snowflake pour aider les utilisateurs sur les réseaux censurés. Vous nâavez pas à vous soucier des sites Web auxquels les utilisateurs accèdent par votre mandataire. Leur adresse IP visible de navigation correspondra à leur nÅud de sortie de Tor, pas à la vôtre." @@ -57,7 +57,7 @@ "message": "Installer dans Chrome" }, "installStandalone": { -"message": "If you would like to run a command-line version of the Snowflake proxy on your desktop or server, see our https://community.torproject.org/relay/setup/snowflake/standalone/\;>community documentation for running a standalone Snowflake proxy." +"message": "Si vous voulez exécuter une version en ligne de commande du mandataire Snowflake sur votre ordinateur ou sur votre serveur, consultez notre https://community.torproject.org/relay/setup/snowflake/standalone/\;>documentation sur lâexécution dâun mandataire Snowflake autonome (en anglais)." }, "reportingBugs": { "message": "Signaler des bogues" diff --git a/pl/messages.json b/pl/messages.json index c3a2258d3d..405159cac1 100644 --- a/pl/messages.json +++ b/pl/messages.json @@ -39,13 +39,13 @@ "message": "Snowflake jest systemem, którego zadaniem jest zwalczanie internetowej cenzury. Ludzie, których ona dotyka mogÄ użyÄ Snowflake, aby uzyskaÄ dostÄp do internetu. Ich poÅÄ czenie odbywa siÄ za poÅrednictwem proxy Snowflake, które sÄ zarzÄ dzane przez wolontariuszy. WiÄcej informacji na temat Snowflake znajdziesz na stronie https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home\;>dokumentacji wiki." }, "browser": { -"message": "Use Snowflake" +"message": "Użyj Snowflake" }, "censoredUsers": { "message": "Jeżeli masz cenzurowany dostÄp do Internetu, powinieneÅ pobraÄ https://www.torproject.org/download/\;>PrzeglÄ darkÄ Tor." }, "extension": { -"message": "Run a Proxy" +"message": "Uruchom serwer proxy" }, "installExtension": { "message": "Jeżeli Twój dostÄp do internetu nie jestcenzurowany, powinieneÅ rozpatrzeÄ instalacjÄ dodatku Snowflake aby pomóc użytkownikom cenzurowanych sieci. Nie ma powodów aby martwiÄ siÄ z jakich stron internetowych bÄdÄ korzystaÄ ludzie przez twoje proxy. Ich widoczny adres IP bÄdzie odpowiadaÅ ich wÄzÅom wyjÅciowym Tor, nie twojemu." @@ -57,7 +57,7 @@ "message": "Zainstaluj w przeglÄ darce Chrome" }, "installStandalone": { -"message": "If you would like to run a command-line version of the Snowflake proxy on your desktop or server, see our https://community.torproject.org/relay/setup/snowflake/standalone/\;>community documentation for running a standalone Snowflake proxy." +"message": "JeÅli chcesz uruchomiÄ serwer proxy Snowflake w formie wiersza poleceÅ na komputerze stacjonarnym lub serwerze, zapoznaj siÄ z naszÄ https://community.torproject.org/relay/setup/snowflake/standalone/\;>dokumentacjÄ spoÅecznoÅci dotyczÄ cÄ uruchamiania samodzielnego serwera proxy Snowflake." }, "reportingBugs": { "message": "ZgÅaszanie bÅÄdów" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [manual/master] Merge branch 'remove-xmpp-support'
commit 8b668e34d38ee81a5bde22746f380e75f06201bb Merge: fb92f5b bc52580 Author: gus Date: Wed Jul 14 15:50:49 2021 -0300 Merge branch 'remove-xmpp-support' content/downloading/contents.lr | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [manual/master] Remove XMPP support. Closes #98
commit bc5258076e392f0f9dd78c5484962e5e756722e1 Author: gus Date: Mon Jul 12 15:52:28 2021 -0300 Remove XMPP support. Closes #98 --- content/downloading/contents.lr | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/content/downloading/contents.lr b/content/downloading/contents.lr index d6e6aa9..5cb1b3c 100644 --- a/content/downloading/contents.lr +++ b/content/downloading/contents.lr @@ -29,7 +29,4 @@ If you're unable to download Tor Browser from the official Tor Project website, Send an email to [get...@torproject.org](mailto:get...@torproject.org), and in the body of the message simply write âwindowsâ, âosxâ, or âlinuxâ, (without quotation marks) depending on your operating system. GetTor will respond with an email containing links from which you can download the Tor Browser package, the cryptographic signature (needed for verifying the download), the fingerprint of the key used to make the signature, and the packageâs checksum. You may be offered a choice of â32-bitâ or â64-bitâ software: this depends on the model of the computer you are using. - -### TO USE GETTOR VIA JABBER/XMPP (JITSI, COYIM, ETC.): - -To get links for downloading Tor Browser in Chinese for Linux, send a message to [get...@torproject.org](mailto:get...@torproject.org) with the words "linux zh" in it. +For example, to get links for downloading Tor Browser in Chinese for Windows, send an email to [get...@torproject.org](mailto:get...@torproject.org) with the words "windows zh" in it. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/snowflakeaddon-messages.json] https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json
commit 209d5453b0df168c6b1f77a2d0249b560559d4c3 Author: Translation commit bot Date: Wed Jul 14 18:45:42 2021 + https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json --- ar/messages.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ar/messages.json b/ar/messages.json index f555875bd1..3748f4e397 100644 --- a/ar/messages.json +++ b/ar/messages.json @@ -57,7 +57,7 @@ "message": "تثبÙت عÙÙ ÙÙرÙÙ Chrome" }, "installStandalone": { -"message": "If you would like to run a command-line version of the Snowflake proxy on your desktop or server, see our https://community.torproject.org/relay/setup/snowflake/standalone/\;>community documentation for running a standalone Snowflake proxy." +"message": "إذا ÙÙت ترغب Ù٠تشغÙ٠إصدار سطر Ø£Ùا٠ر Ù Ù ÙÙÙÙ Snowflake عÙÙ Ø³Ø·Ø Ø§ÙÙ Ùتب أ٠اÙØ®Ø§Ø¯Ù Ø Ùراجع https://community.torproject.org/relay/setup/snowflake/standalone/\;>تÙØ«Ù٠اÙ٠جت٠ع اÙخاص بÙا ÙتشغÙÙ ÙÙÙÙ Snowflake ٠ستÙÙ.\n " }, "reportingBugs": { "message": "اÙإبÙاغ ع٠اÙأخطاء" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/snowflakeaddon-messages.json] https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json
commit e066a394405dca5532aa6422c87fbed5b0fa00fe Author: Translation commit bot Date: Wed Jul 14 18:15:46 2021 + https://gitweb.torproject.org/translation.git/commit/?h=snowflakeaddon-messages.json --- ar/messages.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ar/messages.json b/ar/messages.json index bdba8fa490..f555875bd1 100644 --- a/ar/messages.json +++ b/ar/messages.json @@ -39,13 +39,13 @@ "message": "Snowflake ÙÙ Ùظا٠ÙÙزÙÙ Ø© اÙرÙابة عÙ٠اÙØ¥ÙترÙت. ÙÙ ÙÙ ÙÙأشخاص اÙخاضعÙÙ ÙÙرÙابة استخدا٠Snowflake ÙÙÙصÙ٠إÙ٠اÙØ¥ÙترÙت. Ù٠ر اتصاÙÙ٠عبر ÙÙÙاء Snowflake Ø ÙاÙت٠ÙدÙرÙا ٠تطÙعÙÙ. Ù٠زÙد ٠٠اÙ٠عÙÙ٠ات اÙتÙصÙÙÙØ© ØÙÙ ÙÙÙÙØ© ع٠٠Snowflake Ø Ø±Ø§Ø¬Ø¹ Ù ÙÙعÙا https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home\;>Ùثائ٠ÙÙÙÙ." }, "browser": { -"message": "Use Snowflake" +"message": "استخد٠Snowflake" }, "censoredUsers": { "message": "اذا Ùا٠اتصاÙ٠باÙاÙترÙت ٠راÙØ¨Ø ÙÙجب عÙÙ٠تØÙ ÙÙ https://www.torproject.org/download/\;>٠تصÙØ ØªÙر Tor Browser." }, "extension": { -"message": "Run a Proxy" +"message": "Ù٠بتشغÙÙ Proxy" }, "installExtension": { "message": "اذا Ùا٠اتصاÙ٠باÙØ¥ÙترÙت غÙر ٠راÙØ¨Ø Ùجب عÙÙ٠أ٠تÙظر Ù٠تثبÙت اضاÙØ© Snowflake Ù٠ساعدة اÙ٠ستخد٠ÙÙ Ù٠اÙشبÙات اÙ٠راÙبة. ÙÙس عÙÙ٠أ٠تÙÙ٠٠٠اÙÙ ÙاÙع اÙت٠Ùدخ٠إÙÙÙا اÙÙاس Ù Ù Ø®Ùا٠اÙبرÙÙس٠اÙخاص بÙ. عÙÙا٠IP اÙظاÙر سÙÙÙ٠٠طابÙا ÙعÙدة ٠خرج تÙر Tor exit node Ù ÙÙس عÙÙاÙÙ." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 5dee87d35680385ebb1c1e36958c2bfc046110cb Author: Translation commit bot Date: Wed Jul 14 18:15:14 2021 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+ar.po | 10 ++ 1 file changed, 10 insertions(+) diff --git a/contents+ar.po b/contents+ar.po index c1d06b4544..8a1b888fb8 100644 --- a/contents+ar.po +++ b/contents+ar.po @@ -911,6 +911,8 @@ msgid "" "3. Create issues in the [Research " "repository](https://gitlab.torproject.org/tpo/ux/research/-/issues)." msgstr "" +"3. Ø¥Ùشاء ÙضاÙا ÙÙ [٠ستÙدع " +"اÙبØÙØ«](https://gitlab.torproject.org/tpo/ux/research/-/issues)." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -1198,6 +1200,7 @@ msgid "" "After conducting your research, it's normal to be excited to see your " "feedback implemented as soon as possible." msgstr "" +"بعد إجراء اÙبØØ«Ø Ù Ù Ø§ÙطبÙع٠أ٠تتØ٠س ÙرؤÙØ© Ù ÙاØظات٠٠طبÙØ© Ù٠أسرع ÙÙت Ù Ù ÙÙ." #: https//community.torproject.org/user-research/how-to-volunteer/ #: (content/user-research/how-to-volunteer/contents+en.lrpage.body) @@ -1205,6 +1208,8 @@ msgid "" "However all feedback must be discussed internally across the different teams" " at the Tor Project first." msgstr "" +"Ù٠ع Ø°ÙÙ Ø Ùجب Ù ÙاÙشة ج٠Ùع اÙتعÙÙÙات داخÙÙÙا عبر اÙÙر٠اÙ٠ختÙÙØ© Ù٠٠شرÙع Tor " +"Ø£ÙÙاÙ." #: https//community.torproject.org/user-research/how-to-volunteer/ #: (content/user-research/how-to-volunteer/contents+en.lrpage.body) @@ -1213,6 +1218,9 @@ msgid "" " to validate your findings, and meet the expectations of the engineers, " "developers, designers, researchers and others at Tor." msgstr "" +"Ùذا ÙعÙ٠أÙ٠غاÙبÙا ٠ا ÙÙÙ٠٠٠اÙضرÙر٠إجراء ÙÙس اÙبØØ« Ø£Ùثر ٠٠٠رة ÙÙتØÙÙ Ù Ù" +" صØØ© Ùتائج٠ÙتÙبÙØ© تÙÙعات اÙÙ ÙÙدسÙÙ ÙاÙÙ Ø·ÙرÙÙ ÙاÙ٠ص٠٠ÙÙ ÙاÙباØØ«ÙÙ ÙغÙرÙÙ ÙÙ " +"Tor." #: https//community.torproject.org/user-research/how-to-volunteer/ #: (content/user-research/how-to-volunteer/contents+en.lrpage.body) @@ -1220,6 +1228,8 @@ msgid "" "Please read our [Guidelines](https://community.torproject.org/user-; "research/guidelines/) to get to know this process more." msgstr "" +"Ùرج٠Ùراءة [اÙ٠بادئ اÙتÙجÙÙÙØ©] اÙخاصة بÙا(https://community.torproject.org; +"/user-research/guidelines/) ÙÙتعر٠عÙÙ Ùذ٠اÙع٠ÙÙØ© Ø£Ùثر." #: https//community.torproject.org/user-research/how-to-volunteer/ #: (content/user-research/how-to-volunteer/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 587a8a55e9d7aba8a91d3e4be5955e6c75d791eb Author: Translation commit bot Date: Wed Jul 14 17:46:28 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- da.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/da.po b/da.po index 74feeea98a..488a08a0c8 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 13:49+\n" +"PO-Revision-Date: 2021-07-14 17:44+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit e3b75337fe30eca154dc8a82dd4736d941c5c106 Author: Translation commit bot Date: Wed Jul 14 17:45:45 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- da.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/da.po b/da.po index 3dc71b9bc9..eb34791acf 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 13:49+\n" +"PO-Revision-Date: 2021-07-14 17:44+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" @@ -2710,7 +2710,7 @@ msgstr "Opret forbindelse til et lokalt netværk" msgid "" "You are not connected to a local network yet. To be able to connect to the " "Tor network, you first need to connect to a Wi-Fi, wire, or mobile network." -msgstr "" +msgstr "Du er ikke forbundet til et lokalt netværk endnu. For at være i stand til at oprette forbindelse til Tor-netværket, så skal du først oprette forbindelse til et Wi-Fi-, kablet- eller mobilt netværk." #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:1213 msgid "Open Wi-Fi settings" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [training/master] Update All About Tor training deck - Tor Browser 10.5 release
commit a921680e58d24e30e0f78fb854cc5fabe55566e3 Author: gus Date: Wed Jul 14 14:05:11 2021 -0300 Update All About Tor training deck - Tor Browser 10.5 release --- 2021/all-about-tor/all-about-tor-full-pack.odp | Bin 4023302 -> 5975881 bytes 2021/all-about-tor/all-about-tor-full-pack.pdf | Bin 1903912 -> 2761272 bytes 2 files changed, 0 insertions(+), 0 deletions(-) diff --git a/2021/all-about-tor/all-about-tor-full-pack.odp b/2021/all-about-tor/all-about-tor-full-pack.odp index 94b708c..2515736 100644 Binary files a/2021/all-about-tor/all-about-tor-full-pack.odp and b/2021/all-about-tor/all-about-tor-full-pack.odp differ diff --git a/2021/all-about-tor/all-about-tor-full-pack.pdf b/2021/all-about-tor/all-about-tor-full-pack.pdf index 277137e..5bded7a 100644 Binary files a/2021/all-about-tor/all-about-tor-full-pack.pdf and b/2021/all-about-tor/all-about-tor-full-pack.pdf differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [Git][tpo/applications/android-components] Pushed new branch android-components-91.0.1-11.0-1
boklm pushed new branch android-components-91.0.1-11.0-1 at The Tor Project / Applications / android-components -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/android-components/-/tree/android-components-91.0.1-11.0-1 You're receiving this email because of your account on gitlab.torproject.org. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40416: Add v2 Onion deprecation warnings
commit 1eaade2adee6e68de1952ed7a6bac4f84805b3aa Author: Richard Pospesel Date: Fri May 21 22:18:23 2021 +0200 Bug 40416: Add v2 Onion deprecation warnings - adds new v2 deprecated warning page (js and styling) that piggy-backs off of the existing added onion service errors - updates identity-icon to onionWarning.svg when visiting a v2 onion site adds warning tooltip; this warning supersedes all other identity states (including mixed-content error) - we determine whether to show the warning page in nsDocShell::DoURILoad() - a new synchonous IPC method is added to ContentChild/ContentParent to determine if the session has loaded the warning page already; worst case scenario, each child process will need to wait on this method to return only once when visiting a v2 onion; nothing is permanently cached with regards to this change - an exception for the new sync method is added to sync-messages.ini (generally, in practice adding new blocking methods is probably bad, but the minimial overhead and frequency this method is called is worth the simpler code) --- browser/base/content/aboutNetError.xhtml | 3 ++ browser/base/content/browser-siteIdentity.js | 12 + browser/base/jar.mn| 2 +- .../content/netError/onionNetError.js | 6 +++ .../content/netError/v2Deprecated.css | 25 + .../onionservices/content/netError/v2Deprecated.js | 50 ++ browser/components/onionservices/jar.mn| 8 ++- browser/modules/TorStrings.jsm | 8 +++ .../shared/identity-block/identity-block.inc.css | 3 +- browser/themes/shared/onionPattern.inc.xhtml | 4 +- docshell/base/nsDocShell.cpp | 61 ++ dom/ipc/ContentParent.cpp | 11 dom/ipc/ContentParent.h| 2 + dom/ipc/PContent.ipdl | 3 ++ ipc/ipdl/sync-messages.ini | 3 ++ js/xpconnect/src/xpc.msg | 1 + xpcom/base/ErrorList.py| 2 + 17 files changed, 200 insertions(+), 4 deletions(-) diff --git a/browser/base/content/aboutNetError.xhtml b/browser/base/content/aboutNetError.xhtml index 957b6f15a0be..4572eb2024f1 100644 --- a/browser/base/content/aboutNetError.xhtml +++ b/browser/base/content/aboutNetError.xhtml @@ -207,7 +207,10 @@ + +#include ../../themes/shared/onionPattern.inc.xhtml + diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 2a3431172886..27fee74cba5b 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -135,6 +135,15 @@ var gIdentityHandler = { return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; }, + get _uriIsDeprecatedOnionHost() { +const hostIsV2Onion = function(host) { + // matches on v2 onion domains with any number of subdomains + const pattern = /^(.*\.)*[a-z2-7]{16}\.onion/i; + return pattern.test(host); +}; + +return this._uriHasHost ? hostIsV2Onion(this._uri.host) : false; + }, // smart getters get _identityPopup() { delete this._identityPopup; @@ -685,6 +694,9 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); +} else if (this._uriIsDeprecatedOnionHost) { + this._identityBox.className = "onionServiceDeprecated"; + tooltip = TorStrings.onionServices.v2Deprecated.tooltip; } else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate diff --git a/browser/base/jar.mn b/browser/base/jar.mn index df65349796b5..21b07ad9511b 100644 --- a/browser/base/jar.mn +++ b/browser/base/jar.mn @@ -22,7 +22,7 @@ browser.jar: content/browser/logos/send.svg(content/logos/send.svg) content/browser/logos/tracking-protection.svg (content/logos/tracking-protection.svg) content/browser/logos/tracking-protection-dark-theme.svg (content/logos/tracking-protection-dark-theme.svg) -content/browser/aboutNetError.xhtml (content/aboutNetError.xhtml) +* content/browser/aboutNetError.xhtml (content/aboutNetError.xhtml) content/browser/aboutNetError.js (content/aboutNetError.js) content/browser/aboutRobots-icon.png (content/aboutRobots-icon.png) content/browser/aboutFrameCrashed.html (content/aboutFrameCrashed.html) diff --git a/browser/components/onionservices/content/netError/onionNetError.js b/browser/components/onionservices/content/netError/onionNetError.js
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40432: Prevent probing installed applications
commit 6174b3a8229d5011b568362c70b1d50b40d3f0a8 Author: Matthew Finkel Date: Mon May 17 18:09:09 2021 + Bug 40432: Prevent probing installed applications --- .../exthandler/nsExternalHelperAppService.cpp | 30 ++ 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 0dcc1d3ed6ab..7ff9c5b626a3 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -1002,8 +1002,33 @@ nsresult nsExternalHelperAppService::GetFileTokenForPath( // // begin external protocol service default implementation... // + +static const char kExternalProtocolPrefPrefix[] = +"network.protocol-handler.external."; +static const char kExternalProtocolDefaultPref[] = +"network.protocol-handler.external-default"; + NS_IMETHODIMP nsExternalHelperAppService::ExternalProtocolHandlerExists( const char* aProtocolScheme, bool* aHandlerExists) { + + // Replicate the same check performed in LoadURI. + // Deny load if the prefs say to do so + nsAutoCString externalPref(kExternalProtocolPrefPrefix); + externalPref += aProtocolScheme; + bool allowLoad = false; + *aHandlerExists = false; + if (NS_FAILED(Preferences::GetBool(externalPref.get(), ))) { +// no scheme-specific value, check the default +if (NS_FAILED( +Preferences::GetBool(kExternalProtocolDefaultPref, ))) { + return NS_OK; // missing default pref +} + } + + if (!allowLoad) { +return NS_OK; // explicitly denied + } + nsCOMPtr handlerInfo; nsresult rv = GetProtocolHandlerInfo(nsDependentCString(aProtocolScheme), getter_AddRefs(handlerInfo)); @@ -1046,11 +1071,6 @@ NS_IMETHODIMP nsExternalHelperAppService::IsExposedProtocol( return NS_OK; } -static const char kExternalProtocolPrefPrefix[] = -"network.protocol-handler.external."; -static const char kExternalProtocolDefaultPref[] = -"network.protocol-handler.external-default"; - NS_IMETHODIMP nsExternalHelperAppService::LoadURI(nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1650281 - P2: Make sure `gCombinedSizes` won't be underflowed r=gerald
commit 97e511582abbe606603b737790ec700864c41468 Author: Chun-Min Chang Date: Tue Jul 21 23:39:14 2020 + Bug 1650281 - P2: Make sure `gCombinedSizes` won't be underflowed r=gerald In any case, `gCombinedSizes` should be larger than or equal to the buffer within `MemoryClockCache`. Differential Revision: https://phabricator.services.mozilla.com/D84274 --- dom/media/MemoryBlockCache.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/dom/media/MemoryBlockCache.cpp b/dom/media/MemoryBlockCache.cpp index bf073e6769d0..2848a3f3812c 100644 --- a/dom/media/MemoryBlockCache.cpp +++ b/dom/media/MemoryBlockCache.cpp @@ -52,6 +52,7 @@ MemoryBlockCache::MemoryBlockCache(int64_t aContentLength) } MemoryBlockCache::~MemoryBlockCache() { + MOZ_ASSERT(gCombinedSizes >= mBuffer.Length()); size_t sizes = static_cast(gCombinedSizes -= mBuffer.Length()); LOG("~MemoryBlockCache() - destroying buffer of size %zu; combined sizes now " "%zu", ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1650281 - P1: Widen `gCombinedSizes` once the buffers grow r=gerald
commit da7434fa9e375035ef31e12ea0a3c0ffcc36a970 Author: Chun-Min Chang Date: Tue Jul 21 23:38:57 2020 + Bug 1650281 - P1: Widen `gCombinedSizes` once the buffers grow r=gerald The `gCombinedSizes` need to be enlarged once the inner buffer within `MemoryBlockCache` grows. Otherwise, when the `MemoryBlockCache` is released, subtracting the buffer-size of the `MemoryBlockCache` from `gCombinedSizes` lead to a underflow. Differential Revision: https://phabricator.services.mozilla.com/D84273 --- dom/media/MemoryBlockCache.cpp | 4 1 file changed, 4 insertions(+) diff --git a/dom/media/MemoryBlockCache.cpp b/dom/media/MemoryBlockCache.cpp index 2d31119dca0a..bf073e6769d0 100644 --- a/dom/media/MemoryBlockCache.cpp +++ b/dom/media/MemoryBlockCache.cpp @@ -114,6 +114,10 @@ bool MemoryBlockCache::EnsureBufferCanContain(size_t aContentLength) { // possibly bypass some future growths that would fit in this new capacity. mBuffer.SetLength(capacity); } + const size_t newSizes = gCombinedSizes += (extra + extraCapacity); + LOG("EnsureBufferCanContain(%zu) - buffer size %zu + requested %zu + bonus " + "%zu = %zu; combined sizes %zu", + aContentLength, initialLength, extra, extraCapacity, capacity, newSizes); mHasGrown = true; return true; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1658881 - When failing to create a channel and an image request, make sure to set the image blocking status appropriately. r=tnikkel
commit 36fa1d38f7e466e5843f882654844e5ced85ba00 Author: Emilio Cobos Ãlvarez Date: Wed Sep 9 22:58:29 2020 + Bug 1658881 - When failing to create a channel and an image request, make sure to set the image blocking status appropriately. r=tnikkel This is the same status as we do for known no-data protocols here: https://searchfox.org/mozilla-central/rev/ac142717cc067d875e83e4b1316f004f6e063a46/dom/base/nsNoDataProtocolContentPolicy.cpp#59 This ensures we treat these two cases the same. Differential Revision: https://phabricator.services.mozilla.com/D89382 --- dom/base/nsImageLoadingContent.cpp | 7 ++- layout/reftests/image/reftest.list | 1 + layout/reftests/image/unknown-protocol-ref.html | 1 + layout/reftests/image/unknown-protocol.html | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/dom/base/nsImageLoadingContent.cpp b/dom/base/nsImageLoadingContent.cpp index 23b1fd791c1f..85de63bef02d 100644 --- a/dom/base/nsImageLoadingContent.cpp +++ b/dom/base/nsImageLoadingContent.cpp @@ -1207,7 +1207,12 @@ nsresult nsImageLoadingContent::LoadImage(nsIURI* aNewURI, bool aForce, MOZ_ASSERT(!req, "Shouldn't have non-null request here"); // If we don't have a current URI, we might as well store this URI so people // know what we tried (and failed) to load. -if (!mCurrentRequest) mCurrentURI = aNewURI; +if (!mCurrentRequest) { + mCurrentURI = aNewURI; + if (mImageBlockingStatus == nsIContentPolicy::ACCEPT) { +mImageBlockingStatus = nsIContentPolicy::REJECT_REQUEST; + } +} FireEvent(NS_LITERAL_STRING("error")); FireEvent(NS_LITERAL_STRING("loadend")); diff --git a/layout/reftests/image/reftest.list b/layout/reftests/image/reftest.list index a8a91c13ed3a..3c561fe3a7c8 100644 --- a/layout/reftests/image/reftest.list +++ b/layout/reftests/image/reftest.list @@ -69,3 +69,4 @@ random-if(/^Windows\x20NT\x206\.1/.test(http.oscpu)) == image-srcset-basic-selec pref(dom.image-lazy-loading.enabled,true) == moz-broken-matching-lazy-load.html moz-broken-matching-1-ref.html == img-invalidation-local-transform-1.html img-invalidation-local-transform-1-ref.html +== unknown-protocol.html unknown-protocol-ref.html diff --git a/layout/reftests/image/unknown-protocol-ref.html b/layout/reftests/image/unknown-protocol-ref.html new file mode 100644 index ..b5bb326eef57 --- /dev/null +++ b/layout/reftests/image/unknown-protocol-ref.html @@ -0,0 +1 @@ +mailto://foo;> diff --git a/layout/reftests/image/unknown-protocol.html b/layout/reftests/image/unknown-protocol.html new file mode 100644 index ..ef06881b7bcb --- /dev/null +++ b/layout/reftests/image/unknown-protocol.html @@ -0,0 +1 @@ + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40002: Remove about:pioneer
commit 53c3d8aa1166ccea0f9e88f3d2658d2d28de2eb3 Author: Kathy Brade Date: Fri Aug 14 09:06:33 2020 -0400 Bug 40002: Remove about:pioneer Firefox Pioneer is an opt-in program in which people volunteer to participate in studies that collect detailed, sensitive data about how they use their browser. --- browser/components/about/AboutRedirector.cpp | 2 -- browser/components/about/components.conf | 1 - 2 files changed, 3 deletions(-) diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 544e21782729..e7c377d655e7 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,8 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, -{"pioneer", "chrome://browser/content/pioneer.html", - nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE {"tbupdate", "chrome://browser/content/abouttbupdate/aboutTBUpdate.xhtml", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index d78de142e2e4..8e04467c05da 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -14,7 +14,6 @@ pages = [ 'logins', 'newinstall', 'newtab', -'pioneer', 'pocket-saved', 'pocket-signup', 'policies', ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 27476: Implement about:torconnect captive portal within Tor Browser
commit 1eca93f1ee063cb59b4a598b7ff584288f66c325 Author: Richard Pospesel Date: Wed Apr 28 23:09:34 2021 -0500 Bug 27476: Implement about:torconnect captive portal within Tor Browser - implements new about:torconnect page as tor-launcher replacement - adds tor connection status to url bar and tweaks UX when not online - adds new torconnect component to browser - tor process management functionality remains implemented in tor-launcher through the TorProtocolService module - the onion pattern from about:tor migrated to an .inc.xhtml file now used by both about:tor and about:torconnect - various design tweaks and resusability fixes to onion pattern - adds warning/error box to about:preferences#tor when not connected to tor - explicitly allows about:torconnect URIs to ignore Resist Fingerprinting (RFP) - various tweaks to info-pages.inc.css for about:torconnect (also affects other firefox info pages) --- browser/actors/NetErrorParent.jsm | 8 + browser/base/content/aboutNetError.js | 10 +- browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js| 10 + browser/base/content/browser.xhtml | 2 + browser/components/BrowserGlue.jsm | 59 +++- browser/components/about/AboutRedirector.cpp | 4 + browser/components/about/components.conf | 1 + browser/components/moz.build | 1 + .../onionservices/HttpsEverywhereControl.jsm | 17 +- browser/components/sessionstore/SessionStore.jsm | 16 + browser/components/torconnect/TorConnectChild.jsm | 9 + browser/components/torconnect/TorConnectParent.jsm | 126 .../torconnect/content/aboutTorConnect.css | 151 + .../torconnect/content/aboutTorConnect.js | 339 + .../torconnect/content/aboutTorConnect.xhtml | 54 .../components/torconnect/content/onion-slash.svg | 7 + browser/components/torconnect/content/onion.svg| 3 + .../torconnect/content/torBootstrapUrlbar.js | 136 + .../torconnect/content/torconnect-urlbar.css | 65 .../torconnect/content/torconnect-urlbar.inc.xhtml | 11 + browser/components/torconnect/jar.mn | 7 + browser/components/torconnect/moz.build| 6 + .../components/torpreferences/content/torPane.js | 86 ++ .../torpreferences/content/torPane.xhtml | 34 +++ .../torpreferences/content/torPreferences.css | 121 browser/components/urlbar/UrlbarInput.jsm | 31 ++ browser/modules/TorConnect.jsm | 62 browser/modules/TorProcessService.jsm | 12 + browser/modules/TorProtocolService.jsm | 124 +++- browser/modules/TorStrings.jsm | 75 + browser/modules/moz.build | 2 + browser/themes/shared/jar.inc.mn | 1 + browser/themes/shared/onionPattern.css | 124 browser/themes/shared/onionPattern.inc.xhtml | 210 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 51 +++- dom/base/nsGlobalWindowOuter.cpp | 2 + toolkit/modules/AsyncPrefs.jsm | 2 + toolkit/modules/RemotePageAccessManager.jsm| 26 ++ toolkit/mozapps/update/UpdateService.jsm | 68 - .../themes/shared/in-content/info-pages.inc.css| 15 +- .../lib/environments/browser-window.js | 4 + 43 files changed, 2080 insertions(+), 16 deletions(-) diff --git a/browser/actors/NetErrorParent.jsm b/browser/actors/NetErrorParent.jsm index 035195391554..fa3cbf23fcb7 100644 --- a/browser/actors/NetErrorParent.jsm +++ b/browser/actors/NetErrorParent.jsm @@ -17,6 +17,10 @@ const { SessionStore } = ChromeUtils.import( ); const { HomePage } = ChromeUtils.import("resource:///modules/HomePage.jsm"); +const { TorProtocolService } = ChromeUtils.import( + "resource:///modules/TorProtocolService.jsm" +); + const PREF_SSL_IMPACT_ROOTS = [ "security.tls.version.", "security.ssl3.", @@ -318,6 +322,10 @@ class NetErrorParent extends JSWindowActorParent { break; } } +break; + case "ShouldShowTorConnect": +return TorProtocolService.shouldShowTorConnect(); } +return undefined; } } diff --git a/browser/base/content/aboutNetError.js b/browser/base/content/aboutNetError.js index 60db17f46eb9..6844154e16e3 100644 --- a/browser/base/content/aboutNetError.js +++ b/browser/base/content/aboutNetError.js @@ -194,8 +194,16 @@ async function setErrorPageStrings(err) { document.l10n.setAttributes(titleElement, title); } -function initPage() { +async function initPage() { var err = getErrorCode(); + + // proxyConnectFailure because no-tor running daemon
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 33342: Avoid disconnect search addon error after removal.
commit 278d6beefae7804a8d54ef5b39fb0bc907166cb1 Author: Alex Catarineu Date: Fri Mar 13 18:19:30 2020 +0100 Bug 33342: Avoid disconnect search addon error after removal. We removed the addon in #32767, but it was still being loaded from addonStartup.json.lz4 and throwing an error on startup because its resource: location is not available anymore. --- toolkit/mozapps/extensions/internal/XPIProvider.jsm | 6 ++ 1 file changed, 6 insertions(+) diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index 5e467fb4f14c..794c206fb453 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -970,6 +970,12 @@ var BuiltInLocation = new (class _BuiltInLocation extends XPIStateLocation { get enumerable() { return false; } + + restore(saved) { +super.restore(saved); +// Bug 33342: avoid restoring disconnect addon from addonStartup.json.lz4. +this.removeAddon("disconn...@search.mozilla.org"); + } })(); /** ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] 40209: Implement Basic Crypto Safety
commit 0dc2c5df8b918f561fc0e56110a44cd25788c927 Author: sanketh Date: Mon Feb 8 20:12:44 2021 -0500 40209: Implement Basic Crypto Safety Adds a CryptoSafety actor which detects when you've copied a crypto address from a HTTP webpage and shows a warning. Closes #40209. Bug 40428: Fix string attribute names --- browser/actors/CryptoSafetyChild.jsm | 87 browser/actors/CryptoSafetyParent.jsm| 142 +++ browser/actors/moz.build | 2 + browser/base/content/popup-notifications.inc | 14 +++ browser/components/BrowserGlue.jsm | 17 browser/modules/TorStrings.jsm | 48 + browser/themes/shared/browser.inc.css| 5 + toolkit/content/license.html | 32 ++ toolkit/modules/Bech32Decode.jsm | 103 +++ toolkit/modules/moz.build| 1 + 10 files changed, 451 insertions(+) diff --git a/browser/actors/CryptoSafetyChild.jsm b/browser/actors/CryptoSafetyChild.jsm new file mode 100644 index ..87ff261d4915 --- /dev/null +++ b/browser/actors/CryptoSafetyChild.jsm @@ -0,0 +1,87 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* Copyright (c) 2020, The Tor Project, Inc. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +var EXPORTED_SYMBOLS = ["CryptoSafetyChild"]; + +const { Bech32Decode } = ChromeUtils.import( + "resource://gre/modules/Bech32Decode.jsm" +); + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +const kPrefCryptoSafety = "security.cryptoSafety"; + +XPCOMUtils.defineLazyPreferenceGetter( + this, + "isCryptoSafetyEnabled", + kPrefCryptoSafety, + true /* defaults to true */ +); + +function looksLikeCryptoAddress(s) { + // P2PKH and P2SH addresses + // https://stackoverflow.com/a/24205650 + const bitcoinAddr = /^[13][a-km-zA-HJ-NP-Z1-9]{25,39}$/; + if (bitcoinAddr.test(s)) { +return true; + } + + // Bech32 addresses + if (Bech32Decode(s) !== null) { +return true; + } + + // regular addresses + const etherAddr = /^0x[a-fA-F0-9]{40}$/; + if (etherAddr.test(s)) { +return true; + } + + // t-addresses + // https://www.reddit.com/r/zec/comments/8mxj6x/simple_regex_to_validate_a_zcash_tz_address/dzr62p5/ + const zcashAddr = /^t1[a-zA-Z0-9]{33}$/; + if (zcashAddr.test(s)) { +return true; + } + + // Standard, Integrated, and 256-bit Integrated addresses + // https://monero.stackexchange.com/a/10627 + const moneroAddr = /^4(?:[0-9AB]|[1-9A-HJ-NP-Za-km-z]{12}(?:[1-9A-HJ-NP-Za-km-z]{30})?)[1-9A-HJ-NP-Za-km-z]{93}$/; + if (moneroAddr.test(s)) { +return true; + } + + return false; +} + +class CryptoSafetyChild extends JSWindowActorChild { + handleEvent(event) { +if (isCryptoSafetyEnabled) { + // Ignore non-HTTP addresses + if (!this.document.documentURIObject.schemeIs("http")) { +return; + } + // Ignore onion addresses + if (this.document.documentURIObject.host.endsWith(".onion")) { +return; + } + + if (event.type == "copy" || event.type == "cut") { +this.contentWindow.navigator.clipboard.readText().then(clipText => { + const selection = clipText.trim(); + if (looksLikeCryptoAddress(selection)) { +this.sendAsyncMessage("CryptoSafety:CopiedText", { + selection, +}); + } +}); + } +} + } +} diff --git a/browser/actors/CryptoSafetyParent.jsm b/browser/actors/CryptoSafetyParent.jsm new file mode 100644 index ..bac151df5511 --- /dev/null +++ b/browser/actors/CryptoSafetyParent.jsm @@ -0,0 +1,142 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* Copyright (c) 2020, The Tor Project, Inc. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +var EXPORTED_SYMBOLS = ["CryptoSafetyParent"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +XPCOMUtils.defineLazyModuleGetters(this, { + TorStrings: "resource:///modules/TorStrings.jsm", +}); + +const kPrefCryptoSafety = "security.cryptoSafety"; + +XPCOMUtils.defineLazyPreferenceGetter( + this, + "isCryptoSafetyEnabled", + kPrefCryptoSafety, + true /* defaults to true */ +); + +class CryptoSafetyParent extends JSWindowActorParent { + getBrowser() { +return this.browsingContext.top.embedderElement; + } + + receiveMessage(aMessage) { +if (isCryptoSafetyEnabled) { + if (aMessage.name == "CryptoSafety:CopiedText") { +showPopup(this.getBrowser(), aMessage.data.selection); + } +} +
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Adding issue template for bugs.
commit 8201e1f2c0875d4c2a852aee34914e508224988b Author: Gaba Date: Mon Jun 28 11:44:16 2021 -0700 Adding issue template for bugs. --- .gitlab/issue_templates/UXBug.md | 29 + .gitlab/issue_templates/bug.md | 32 2 files changed, 61 insertions(+) diff --git a/.gitlab/issue_templates/UXBug.md b/.gitlab/issue_templates/UXBug.md new file mode 100644 index ..8e7cb2a5e163 --- /dev/null +++ b/.gitlab/issue_templates/UXBug.md @@ -0,0 +1,29 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +## Relevant logs and/or screenshots +**Do you have screenshots? Attach them to this ticket please.** + +/label ~tor-ux ~needs-investigation ~bug +/assign @nah diff --git a/.gitlab/issue_templates/bug.md b/.gitlab/issue_templates/bug.md new file mode 100644 index ..6ce85a4864be --- /dev/null +++ b/.gitlab/issue_templates/bug.md @@ -0,0 +1,32 @@ + + +### Summary +**Summarize the bug encountered concisely.** + + +### Steps to reproduce: +**How one can reproduce the issue - this is very important.** + +1. Step 1 +2. Step 2 +3. ... + +### What is the current bug behavior? +**What actually happens.** + + +### What is the expected behavior? +**What you want to see instead** + + + +### Environment +**Which operating system are you using? For example: Debian GNU/Linux 10.1, Windows 10, Ubuntu Xenial, FreeBSD 12.2, etc.** +**Which installation method did you use? Distribution package (apt, pkg, homebrew), from source tarball, from Git, etc.** + +### Relevant logs and/or screenshots + + +/label ~bug ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop
commit 74b073476b2edd63dac7f6286c794aeae8f68018 Author: Alex Catarineu Date: Fri Sep 4 12:34:35 2020 +0200 Bug 40091: Load HTTPS Everywhere as a builtin addon in desktop This loads HTTPS Everywhere as a builtin addon from a hardcoded resource:// URI in desktop. It also ensures that the non-builtin HTTPS Everywhere addon is always uninstalled on browser startup. The reason of making this desktop-only is that there are some issues when installing a builtin extension from geckoview side, making the extension not available on first startup. So, at least for now we handle the Fenix case separately. See #40118 for a followup for investigating these. --- browser/components/BrowserGlue.jsm | 37 ++ toolkit/components/extensions/Extension.jsm| 14 ++-- .../mozapps/extensions/internal/XPIProvider.jsm| 13 3 files changed, 61 insertions(+), 3 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index ec38d0ca8b33..057a2121533c 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -56,6 +56,13 @@ XPCOMUtils.defineLazyServiceGetter( "nsIPushService" ); +XPCOMUtils.defineLazyServiceGetters(this, { + resProto: [ +"@mozilla.org/network/protocol;1?name=resource", +"nsISubstitutingProtocolHandler", + ], +}); + const PREF_PDFJS_ISDEFAULT_CACHE_STATE = "pdfjs.enabledCache.state"; /** @@ -675,6 +682,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { "resource://gre/modules/ContextualIdentityService.jsm", Corroborate: "resource://gre/modules/Corroborate.jsm", Discovery: "resource:///modules/Discovery.jsm", + ExtensionData: "resource://gre/modules/Extension.jsm", ExtensionsUI: "resource:///modules/ExtensionsUI.jsm", FirefoxMonitor: "resource:///modules/FirefoxMonitor.jsm", FxAccounts: "resource://gre/modules/FxAccounts.jsm", @@ -1330,6 +1338,35 @@ BrowserGlue.prototype = { "resource:///modules/themes/dark/" ); +// Install https-everywhere builtin addon if needed. +(async () => { + const HTTPS_EVERYWHERE_ID = "https-everywhere-...@eff.org"; + const HTTPS_EVERYWHERE_BUILTIN_URL = +"resource://torbutton/content/extensions/https-everywhere/"; + // This does something similar as GeckoViewWebExtension.jsm: it tries + // to load the manifest to retrieve the version of the builtin and + // compares it to the currently installed one to see whether we need + // to install or not. Here we delegate that to + // AddonManager.maybeInstallBuiltinAddon. + try { +const resolvedURI = Services.io.newURI( + resProto.resolveURI(Services.io.newURI(HTTPS_EVERYWHERE_BUILTIN_URL)) +); +const extensionData = new ExtensionData(resolvedURI); +const manifest = await extensionData.loadManifest(); + +await AddonManager.maybeInstallBuiltinAddon( + HTTPS_EVERYWHERE_ID, + manifest.version, + HTTPS_EVERYWHERE_BUILTIN_URL +); + } catch (e) { +const log = Log.repository.getLogger("HttpsEverywhereBuiltinLoader"); +log.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter())); +log.error("Could not install https-everywhere extension", e); + } +})(); + if (AppConstants.MOZ_NORMANDY) { Normandy.init(); } diff --git a/toolkit/components/extensions/Extension.jsm b/toolkit/components/extensions/Extension.jsm index 876e636be3db..7dbd888b1710 100644 --- a/toolkit/components/extensions/Extension.jsm +++ b/toolkit/components/extensions/Extension.jsm @@ -211,6 +211,7 @@ const LOGGER_ID_BASE = "addons.webextension."; const UUID_MAP_PREF = "extensions.webextensions.uuids"; const LEAVE_STORAGE_PREF = "extensions.webextensions.keepStorageOnUninstall"; const LEAVE_UUID_PREF = "extensions.webextensions.keepUuidOnUninstall"; +const PERSISTENT_EXTENSIONS = new Set(["https-everywhere-...@eff.org"]); const COMMENT_REGEXP = new RegExp( String.raw` @@ -331,7 +332,10 @@ var ExtensionAddonObserver = { return; } -if (!Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false)) { +if ( + !Services.prefs.getBoolPref(LEAVE_STORAGE_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id) +) { // Clear browser.storage.local backends. AsyncShutdown.profileChangeTeardown.addBlocker( `Clear Extension Storage ${addon.id} (File Backend)`, @@ -384,7 +388,10 @@ var ExtensionAddonObserver = { ExtensionPermissions.removeAll(addon.id); -if (!Services.prefs.getBoolPref(LEAVE_UUID_PREF, false)) { +if ( + !Services.prefs.getBoolPref(LEAVE_UUID_PREF, false) && + !PERSISTENT_EXTENSIONS.has(addon.id) +) { // Clear the entry in the UUID map UUIDMap.remove(addon.id); } @@ -2474,7 +2481,8 @@ class Extension extends ExtensionData { ); } else if
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots
commit b4ac13e68aade0c108ccf44ce00d7cba8411cfb6 Author: Alex Catarineu Date: Fri Oct 9 12:55:35 2020 +0200 Bug 40166: Disable security.certerrors.mitm.auto_enable_enterprise_roots --- browser/app/profile/000-tor-browser.js | 3 +++ browser/components/BrowserGlue.jsm | 14 ++ 2 files changed, 17 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 2db11b1ea3d7..760c405d06a6 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -325,6 +325,9 @@ pref("security.enterprise_roots.enabled", false); // Don't ping Mozilla for MitM detection, see bug 32321 pref("security.certerrors.mitm.priming.enabled", false); +// Don't automatically enable enterprise roots, see bug 40166 +pref("security.certerrors.mitm.auto_enable_enterprise_roots", false); + // Disable the language pack signing check for now on macOS, see #31942 #ifdef XP_MACOSX pref("extensions.langpacks.signatures.required", false); diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 057a2121533c..3750230a250b 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -1319,6 +1319,20 @@ BrowserGlue.prototype = { // handle any UI migration this._migrateUI(); +// Clear possibly auto enabled enterprise_roots prefs (see bug 40166) +if ( + !Services.prefs.getBoolPref( +"security.certerrors.mitm.auto_enable_enterprise_roots" + ) && + Services.prefs.getBoolPref( +"security.enterprise_roots.auto-enabled", +false + ) +) { + Services.prefs.clearUserPref("security.enterprise_roots.enabled"); + Services.prefs.clearUserPref("security.enterprise_roots.auto-enabled"); +} + if (!Services.prefs.prefHasUserValue(PREF_PDFJS_ISDEFAULT_CACHE_STATE)) { PdfJs.checkIsDefault(this._isNewProfile); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40073: Disable remote Public Suffix List fetching
commit bd9136b19fe39b38f60557aae149ba8a67dd04f3 Author: Alex Catarineu Date: Thu Aug 13 11:05:03 2020 +0200 Bug 40073: Disable remote Public Suffix List fetching In https://bugzilla.mozilla.org/show_bug.cgi?id=1563246 Firefox implemented fetching the Public Suffix List via RemoteSettings and replacing the default one at runtime, which we do not want. --- browser/components/BrowserGlue.jsm | 5 - 1 file changed, 5 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index e08e461a27ff..ec38d0ca8b33 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -695,7 +695,6 @@ XPCOMUtils.defineLazyModuleGetters(this, { PluralForm: "resource://gre/modules/PluralForm.jsm", PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.jsm", ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.jsm", - PublicSuffixList: "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm", RemoteSettings: "resource://services-settings/remote-settings.js", RemoteSecuritySettings: "resource://gre/modules/psm/RemoteSecuritySettings.jsm", @@ -2575,10 +2574,6 @@ BrowserGlue.prototype = { this._addBreachesSyncHandler(); }, - () => { -PublicSuffixList.init(); - }, - () => { RemoteSecuritySettings.init(); }, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1673237 - Always allow SVGs on about: pages r=acat, tjr, emilio
commit b89147a8fe0f5b741d8cac4de45c3ab3decce37b Author: sanketh Date: Tue Nov 3 17:34:20 2020 + Bug 1673237 - Always allow SVGs on about: pages r=acat,tjr,emilio - Updated layout/svg/tests/test_disabled.html to ensure that this doesn't allow rendering SVGs on about:blank and about:srcdoc. Differential Revision: https://phabricator.services.mozilla.com/D95139 --- dom/base/nsNodeInfoManager.cpp | 18 ++--- layout/svg/tests/file_disabled_iframe.html | 31 +- 2 files changed, 41 insertions(+), 8 deletions(-) diff --git a/dom/base/nsNodeInfoManager.cpp b/dom/base/nsNodeInfoManager.cpp index b0534b661a23..8bc6b0ba2bd6 100644 --- a/dom/base/nsNodeInfoManager.cpp +++ b/dom/base/nsNodeInfoManager.cpp @@ -352,9 +352,12 @@ void nsNodeInfoManager::RemoveNodeInfo(NodeInfo* aNodeInfo) { MOZ_ASSERT(ret, "Can't find mozilla::dom::NodeInfo to remove!!!"); } -static bool IsSystemOrAddonPrincipal(nsIPrincipal* aPrincipal) { +static bool IsSystemOrAddonOrAboutPrincipal(nsIPrincipal* aPrincipal) { return aPrincipal->IsSystemPrincipal() || - BasePrincipal::Cast(aPrincipal)->AddonPolicy(); + BasePrincipal::Cast(aPrincipal)->AddonPolicy() || + // NOTE: about:blank and about:srcdoc inherit the principal of their + // parent, so aPrincipal->SchemeIs("about") returns false for them. + aPrincipal->SchemeIs("about"); } bool nsNodeInfoManager::InternalSVGEnabled() { @@ -375,17 +378,18 @@ bool nsNodeInfoManager::InternalSVGEnabled() { } // We allow SVG (regardless of the pref) if this is a system or add-on - // principal, or if this load was requested for a system or add-on principal - // (e.g. a remote image being served as part of system or add-on UI) + // principal or about: page, or if this load was requested for a system or + // add-on principal or about: page (e.g. a remote image being served as part + // of system or add-on UI or about: page) bool conclusion = - (SVGEnabled || IsSystemOrAddonPrincipal(mPrincipal) || + (SVGEnabled || IsSystemOrAddonOrAboutPrincipal(mPrincipal) || (loadInfo && (loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_IMAGE || loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_OTHER) && -(IsSystemOrAddonPrincipal(loadInfo->GetLoadingPrincipal()) || - IsSystemOrAddonPrincipal(loadInfo->TriggeringPrincipal(); +(IsSystemOrAddonOrAboutPrincipal(loadInfo->GetLoadingPrincipal()) || + IsSystemOrAddonOrAboutPrincipal(loadInfo->TriggeringPrincipal(); mSVGEnabled = Some(conclusion); return conclusion; } diff --git a/layout/svg/tests/file_disabled_iframe.html b/layout/svg/tests/file_disabled_iframe.html index 6feae3024730..55eda75fdefb 100644 --- a/layout/svg/tests/file_disabled_iframe.html +++ b/layout/svg/tests/file_disabled_iframe.html @@ -48,5 +48,34 @@ t.firstChild.firstChild.textContent = "1&2<3>4\xA0"; is(t.innerHTML,
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 21952: Implement Onion-Location
commit 52335245e5a49770575f37de4e57d677ab08fd32 Author: Alex Catarineu Date: Thu Mar 5 22:16:39 2020 +0100 Bug 21952: Implement Onion-Location Whenever a valid Onion-Location HTTP header (or corresponding HTML http-equiv attribute) is found in a document load, we either redirect to it (if the user opted-in via preference) or notify the presence of an onionsite alternative with a badge in the urlbar. --- browser/base/content/browser.js| 12 ++ browser/base/content/browser.xhtml | 3 + browser/components/BrowserGlue.jsm | 9 ++ .../onionservices/OnionLocationChild.jsm | 43 ++ .../onionservices/OnionLocationParent.jsm | 161 + .../content/onionlocation-notification-icons.css | 5 + .../onionservices/content/onionlocation-urlbar.css | 27 .../content/onionlocation-urlbar.inc.xhtml | 10 ++ .../onionservices/content/onionlocation.svg| 3 + .../content/onionlocationPreferences.inc.xhtml | 11 ++ .../content/onionlocationPreferences.js| 31 browser/components/onionservices/jar.mn| 2 + browser/components/onionservices/moz.build | 2 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 17 +++ browser/themes/shared/notification-icons.inc.css | 2 + browser/themes/shared/urlbar-searchbar.inc.css | 2 + dom/base/Document.cpp | 34 - dom/base/Document.h| 2 + dom/webidl/Document.webidl | 9 ++ modules/libpref/init/StaticPrefList.yaml | 5 + xpcom/ds/StaticAtoms.py| 1 + 22 files changed, 392 insertions(+), 1 deletion(-) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index bd5f10cb6f64..04f8752b93f4 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -44,6 +44,7 @@ XPCOMUtils.defineLazyModuleGetters(this, { NetUtil: "resource://gre/modules/NetUtil.jsm", NewTabUtils: "resource://gre/modules/NewTabUtils.jsm", OpenInTabsUtils: "resource:///modules/OpenInTabsUtils.jsm", + OnionLocationParent: "resource:///modules/OnionLocationParent.jsm", PageActions: "resource:///modules/PageActions.jsm", PageThumbs: "resource://gre/modules/PageThumbs.jsm", PanelMultiView: "resource:///modules/PanelMultiView.jsm", @@ -5422,6 +5423,7 @@ var XULBrowserWindow = { Services.obs.notifyObservers(null, "touchbar-location-change", location); UpdateBackForwardCommands(gBrowser.webNavigation); ReaderParent.updateReaderButton(gBrowser.selectedBrowser); +OnionLocationParent.updateOnionLocationBadge(gBrowser.selectedBrowser); if (!gMultiProcessBrowser) { // Bug 1108553 - Cannot rotate images with e10s @@ -5964,6 +5966,16 @@ const AccessibilityRefreshBlocker = { var TabsProgressListener = { onStateChange(aBrowser, aWebProgress, aRequest, aStateFlags, aStatus) { +// Clear OnionLocation UI +if ( + aStateFlags & Ci.nsIWebProgressListener.STATE_START && + aStateFlags & Ci.nsIWebProgressListener.STATE_IS_NETWORK && + aRequest && + aWebProgress.isTopLevel +) { + OnionLocationParent.onStateChange(aBrowser); +} + // Collect telemetry data about tab load times. if ( aWebProgress.isTopLevel && diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 4cab5fad6475..c2caecc1a416 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1077,6 +1077,9 @@ onclick="FullZoom.reset();" tooltip="dynamic-shortcut-tooltip" hidden="true"/> + +#include ../../components/onionservices/content/onionlocation-urlbar.inc.xhtml + {}, +}; + +const options = { + autofocus: true, + persistent: true, + removeOnDismissal: false, + eventCallback(aTopic) { +if (aTopic === "removed") { + delete browser._onionLocationPrompt; + delete browser.onionpopupnotificationanchor; +} + }, + learnMoreURL: NOTIFICATION_LEARN_MORE_URL, + displayURI: { +hostPort: NOTIFICATION_TITLE, // This is hacky, but allows us to have a title without extra markup/css. + }, + hideClose: true, + popupIconClass: "onionlocation-notification-icon", +}; + +// A hacky way of setting the popup anchor outside the usual url bar icon box +// onionlocationpopupnotificationanchor comes from `${ANCHOR_ID}popupnotificationanchor` +// From https://searchfox.org/mozilla-esr68/rev/080f9ed47742644d2ff84f7aa0b10aea5c44301a/browser/components/newtab/lib/CFRPageActions.jsm#488 +browser.onionlocationpopupnotificationanchor = win.document.getElementById(
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40475: Include clearing CORS preflight cache
commit d57b416593b4e4588c387374a230cc4a3f25ce87 Author: Matthew Finkel Date: Sun Jun 6 20:32:23 2021 + Bug 40475: Include clearing CORS preflight cache --- netwerk/protocol/http/nsCORSListenerProxy.cpp | 7 +++ netwerk/protocol/http/nsCORSListenerProxy.h | 1 + netwerk/protocol/http/nsHttpHandler.cpp | 2 ++ 3 files changed, 10 insertions(+) diff --git a/netwerk/protocol/http/nsCORSListenerProxy.cpp b/netwerk/protocol/http/nsCORSListenerProxy.cpp index 76870e6cea3f..6d2e160c2a9b 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.cpp +++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp @@ -346,6 +346,13 @@ void nsCORSListenerProxy::Shutdown() { sPreflightCache = nullptr; } +/* static */ +void nsCORSListenerProxy::Clear() { + if (sPreflightCache) { +sPreflightCache->Clear(); + } +} + nsCORSListenerProxy::nsCORSListenerProxy(nsIStreamListener* aOuter, nsIPrincipal* aRequestingPrincipal, bool aWithCredentials) diff --git a/netwerk/protocol/http/nsCORSListenerProxy.h b/netwerk/protocol/http/nsCORSListenerProxy.h index 8c0df2e0ff28..3f76be33f209 100644 --- a/netwerk/protocol/http/nsCORSListenerProxy.h +++ b/netwerk/protocol/http/nsCORSListenerProxy.h @@ -54,6 +54,7 @@ class nsCORSListenerProxy final : public nsIStreamListener, NS_DECL_NSITHREADRETARGETABLESTREAMLISTENER static void Shutdown(); + static void Clear(); [[nodiscard]] nsresult Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI); diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index d5e2c61dbec9..c6cb95ca7fcc 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -10,6 +10,7 @@ #include "prsystem.h" #include "AltServiceChild.h" +#include "nsCORSListenerProxy.h" #include "nsError.h" #include "nsHttp.h" #include "nsHttpHandler.h" @@ -2290,6 +2291,7 @@ nsHttpHandler::Observe(nsISupports* subject, const char* topic, mAltSvcCache->ClearAltServiceMappings(); } } +nsCORSListenerProxy::Clear(); } else if (!strcmp(topic, NS_NETWORK_LINK_TOPIC)) { nsAutoCString converted = NS_ConvertUTF16toUTF8(data); if (!strcmp(converted.get(), NS_NETWORK_LINK_DATA_CHANGED)) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 32418: Allow updates to be disabled via an enterprise policy.
commit d71aa80258b339b85881957c1a477e62fb7c32c6 Author: Kathy Brade Date: Thu Apr 16 17:07:09 2020 -0400 Bug 32418: Allow updates to be disabled via an enterprise policy. Restrict the Enterprise Policies mechanism to only consult a policies.json file (avoiding the Windows Registry and macOS's file system attributes). Add a few disabledByPolicy() checks to the update service to avoid extraneous (and potentially confusing) log messages when updates are disabled by policy. Sample content for distribution/policies.json: { "policies": { "DisableAppUpdate": true } } On Linux, avoid reading policies from /etc/firefox/policies/policies.json --- .../components/enterprisepolicies/EnterprisePolicies.js | 12 toolkit/components/enterprisepolicies/moz.build | 4 +++- toolkit/mozapps/update/UpdateService.jsm | 16 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/toolkit/components/enterprisepolicies/EnterprisePolicies.js b/toolkit/components/enterprisepolicies/EnterprisePolicies.js index 070d5fe1f16b..adb073a2350c 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePolicies.js +++ b/toolkit/components/enterprisepolicies/EnterprisePolicies.js @@ -2,6 +2,10 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +// To ensure that policies intended for Firefox or another browser will not +// be used, Tor Browser only looks for policies in ${InstallDir}/distribution +#define AVOID_SYSTEM_POLICIES MOZ_PROXY_BYPASS_PROTECTION + const { XPCOMUtils } = ChromeUtils.import( "resource://gre/modules/XPCOMUtils.jsm" ); @@ -11,9 +15,11 @@ const { AppConstants } = ChromeUtils.import( ); XPCOMUtils.defineLazyModuleGetters(this, { +#ifndef AVOID_SYSTEM_POLICIES WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm", macOSPoliciesParser: "resource://gre/modules/policies/macOSPoliciesParser.jsm", +#endif Policies: "resource:///modules/policies/Policies.jsm", JsonSchemaValidator: "resource://gre/modules/components-utils/JsonSchemaValidator.jsm", @@ -117,11 +123,13 @@ EnterprisePoliciesManager.prototype = { _chooseProvider() { let platformProvider = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "win") { platformProvider = new WindowsGPOPoliciesProvider(); } else if (AppConstants.platform == "macosx") { platformProvider = new macOSPoliciesProvider(); } +#endif let jsonProvider = new JSONPoliciesProvider(); if (platformProvider && platformProvider.hasPolicies) { if (jsonProvider.hasPolicies) { @@ -470,6 +478,7 @@ class JSONPoliciesProvider { _getConfigurationFile() { let configFile = null; +#ifndef AVOID_SYSTEM_POLICIES if (AppConstants.platform == "linux") { let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance( Ci.nsIFile @@ -482,6 +491,7 @@ class JSONPoliciesProvider { return systemConfigFile; } } +#endif try { let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false); @@ -563,6 +573,7 @@ class JSONPoliciesProvider { } } +#ifndef AVOID_SYSTEM_POLICIES class WindowsGPOPoliciesProvider { constructor() { this._policies = null; @@ -637,6 +648,7 @@ class macOSPoliciesProvider { return this._failed; } } +#endif class CombinedProvider { constructor(primaryProvider, secondaryProvider) { diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build index 8f7d7d8cfed7..7528f569bb3e 100644 --- a/toolkit/components/enterprisepolicies/moz.build +++ b/toolkit/components/enterprisepolicies/moz.build @@ -19,10 +19,12 @@ TEST_DIRS += [ if CONFIG['MOZ_WIDGET_TOOLKIT'] != "android": EXTRA_COMPONENTS += [ -'EnterprisePolicies.js', 'EnterprisePolicies.manifest', 'EnterprisePoliciesContent.js', ] +EXTRA_PP_COMPONENTS += [ +'EnterprisePolicies.js', +] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows': EXTRA_JS_MODULES.policies += [ diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 2c565cecadd7..1fb397373151 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -3268,6 +3268,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get canApplyUpdates() { +if (this.disabledByPolicy) { + LOG( +"UpdateService.canApplyUpdates - unable to apply updates, " + + "the option has been disabled by the administrator." + ); + return false; +} + return getCanApplyUpdates() && hasUpdateMutex(); }, @@ -3275,6 +3283,14 @@ UpdateService.prototype = { * See nsIUpdateService.idl */ get
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 40025: Remove Mozilla add-on install permissions
commit 067f76e8a5ef82060730b0e97cca636cae5be006 Author: Alex Catarineu Date: Mon Jul 27 18:12:55 2020 +0200 Bug 40025: Remove Mozilla add-on install permissions --- browser/app/permissions | 6 -- 1 file changed, 6 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index c50a15acd72b..093c0f6c1bf8 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -11,12 +11,6 @@ origin uitour 1 https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ origin uitour 1 about:tor -# XPInstall -origin install 1 https://addons.mozilla.org - # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org -# addon install -origin install 1 https://private-network.firefox.com -origin install 1 https://fpn.firefox.com ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc.
commit 53bd979877f956fd1e4d1aeacb1bfa015845c545 Author: Kathy Brade Date: Tue Jul 14 11:15:07 2020 -0400 Bug 33852: Clean up about:logins (LockWise) to avoid mentioning sync, etc. Hide elements on about:logins that mention sync, "Firefox LockWise", and Mozilla's LockWise mobile apps. Disable the "Create New Login" button when security.nocertdb is true. --- browser/components/aboutlogins/AboutLoginsParent.jsm | 2 ++ browser/components/aboutlogins/content/aboutLogins.css | 8 +++- browser/components/aboutlogins/content/aboutLogins.js | 6 ++ .../aboutlogins/content/components/fxaccounts-button.css | 5 + .../components/aboutlogins/content/components/menu-button.css | 10 ++ 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/browser/components/aboutlogins/AboutLoginsParent.jsm b/browser/components/aboutlogins/AboutLoginsParent.jsm index 015ce5f29332..d06d6d0ec6c7 100644 --- a/browser/components/aboutlogins/AboutLoginsParent.jsm +++ b/browser/components/aboutlogins/AboutLoginsParent.jsm @@ -62,6 +62,7 @@ const PASSWORD_SYNC_NOTIFICATION_ID = "enable-password-sync"; const HIDE_MOBILE_FOOTER_PREF = "signon.management.page.hideMobileFooter"; const SHOW_PASSWORD_SYNC_NOTIFICATION_PREF = "signon.management.page.showPasswordSyncNotification"; +const NOCERTDB_PREF = "security.nocertdb"; // about:logins will always use the privileged content process, // even if it is disabled for other consumers such as about:newtab. @@ -431,6 +432,7 @@ class AboutLoginsParent extends JSWindowActorParent { importVisible: Services.policies.isAllowed("profileImport") && AppConstants.platform != "linux", +canCreateLogins: !Services.prefs.getBoolPref(NOCERTDB_PREF, false), }); await AboutLogins._sendAllLoginRelatedObjects( diff --git a/browser/components/aboutlogins/content/aboutLogins.css b/browser/components/aboutlogins/content/aboutLogins.css index 7ed29bda8297..dca63da2e649 100644 --- a/browser/components/aboutlogins/content/aboutLogins.css +++ b/browser/components/aboutlogins/content/aboutLogins.css @@ -69,6 +69,11 @@ login-item { grid-area: login; } +/* Do not promote Mozilla Sync in Tor Browser. */ +login-intro { + display: none !important; +} + #branding-logo { flex-basis: var(--sidebar-width); flex-shrink: 0; @@ -83,7 +88,8 @@ login-item { } } -:root:not(.official-branding) #branding-logo { +/* Hide "Firefox LockWise" branding in Tor Browser. */ +#branding-logo { visibility: hidden; } diff --git a/browser/components/aboutlogins/content/aboutLogins.js b/browser/components/aboutlogins/content/aboutLogins.js index da7d9016a2eb..361b2b0d02bf 100644 --- a/browser/components/aboutlogins/content/aboutLogins.js +++ b/browser/components/aboutlogins/content/aboutLogins.js @@ -19,6 +19,9 @@ const gElements = { get loginFooter() { return this.loginItem.shadowRoot.querySelector("login-footer"); }, + get createNewLoginButton() { +return this.loginList.shadowRoot.querySelector(".create-login-button"); + }, }; let numberOfLogins = 0; @@ -100,6 +103,9 @@ window.addEventListener("AboutLoginsChromeToContent", event => { gElements.loginList.setSortDirection(event.detail.value.selectedSort); document.documentElement.classList.add("initialized"); gElements.loginList.classList.add("initialized"); + if (!event.detail.value.canCreateLogins) { +gElements.createNewLoginButton.disabled = true; + } break; } case "ShowLoginItemError": { diff --git a/browser/components/aboutlogins/content/components/fxaccounts-button.css b/browser/components/aboutlogins/content/components/fxaccounts-button.css index aefda548c84d..a02707980158 100644 --- a/browser/components/aboutlogins/content/components/fxaccounts-button.css +++ b/browser/components/aboutlogins/content/components/fxaccounts-button.css @@ -8,6 +8,11 @@ align-items: center; } +/* Do not promote Mozilla Sync in Tor Browser. */ +.logged-out-view { + display: none !important; +} + .fxaccounts-extra-text { /* Only show at most 3 lines of text to limit the text from overflowing the header. */ diff --git a/browser/components/aboutlogins/content/components/menu-button.css b/browser/components/aboutlogins/content/components/menu-button.css index 3c93d409b2c7..2d7380b2ea37 100644 --- a/browser/components/aboutlogins/content/components/menu-button.css +++ b/browser/components/aboutlogins/content/components/menu-button.css @@ -85,3 +85,13 @@ .menuitem-mobile-android { background-image: url("chrome://browser/skin/logo-android.svg"); } + +/* + * Do not promote LockWise mobile apps in Tor Browser: hide the menu items + * and the separator line that precedes them. + */ +.menuitem-mobile-android, +.menuitem-mobile-ios, +button[data-event-name="AboutLoginsGetHelp"] + hr { + display: none !important; +}
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 28005: Implement .onion alias urlbar rewrites
commit 899e207f8d7733f988fe72987bf98ef062d5fc95 Author: Alex Catarineu Date: Thu Feb 13 13:24:33 2020 +0100 Bug 28005: Implement .onion alias urlbar rewrites A custom HTTPS Everywhere update channel is installed, which provides rules for locally redirecting some memorable .tor.onion URLs to non-memorable .onion URLs. When these redirects occur, we also rewrite the URL in the urlbar to display the human-memorable hostname instead of the actual .onion. Bug 34196: Update site info URL with the onion name Bug 40456: Update the SecureDrop HTTPS-Everywhere update channel Bug 40478: Onion alias url rewrite is broken --- browser/actors/ClickHandlerChild.jsm | 20 ++ browser/actors/ClickHandlerParent.jsm | 1 + browser/actors/ContextMenuChild.jsm| 4 + browser/base/content/browser-places.js | 12 +- browser/base/content/browser-siteIdentity.js | 12 +- browser/base/content/browser.js| 43 - browser/base/content/nsContextMenu.js | 18 ++ browser/base/content/pageinfo/pageInfo.js | 2 +- browser/base/content/pageinfo/pageInfo.xhtml | 10 + browser/base/content/pageinfo/security.js | 17 +- browser/base/content/tabbrowser.js | 7 + browser/base/content/utilityOverlay.js | 12 ++ browser/components/BrowserGlue.jsm | 8 + .../onionservices/ExtensionMessaging.jsm | 86 + .../onionservices/HttpsEverywhereControl.jsm | 147 +++ .../components/onionservices/OnionAliasStore.jsm | 201 + browser/components/onionservices/moz.build | 6 + browser/components/urlbar/UrlbarInput.jsm | 13 +- docshell/base/nsDocShell.cpp | 52 ++ docshell/base/nsDocShell.h | 6 + docshell/base/nsDocShellLoadState.cpp | 4 + docshell/base/nsIDocShell.idl | 5 + docshell/base/nsIWebNavigation.idl | 5 + docshell/shistory/SessionHistoryEntry.cpp | 14 ++ docshell/shistory/SessionHistoryEntry.h| 1 + docshell/shistory/nsISHEntry.idl | 5 + docshell/shistory/nsSHEntry.cpp| 22 ++- docshell/shistory/nsSHEntry.h | 1 + dom/interfaces/base/nsIBrowser.idl | 3 +- dom/ipc/BrowserChild.cpp | 2 + dom/ipc/BrowserParent.cpp | 3 +- dom/ipc/PBrowser.ipdl | 1 + modules/libpref/init/StaticPrefList.yaml | 6 + netwerk/dns/effective_tld_names.dat| 2 + netwerk/ipc/DocumentLoadListener.cpp | 10 + toolkit/content/widgets/browser-custom-element.js | 13 +- toolkit/modules/sessionstore/SessionHistory.jsm| 5 + 37 files changed, 757 insertions(+), 22 deletions(-) diff --git a/browser/actors/ClickHandlerChild.jsm b/browser/actors/ClickHandlerChild.jsm index 7dd060e83061..206a8fc97a4d 100644 --- a/browser/actors/ClickHandlerChild.jsm +++ b/browser/actors/ClickHandlerChild.jsm @@ -138,6 +138,26 @@ class ClickHandlerChild extends JSWindowActorChild { json.originStoragePrincipal = ownerDoc.effectiveStoragePrincipal; json.triggeringPrincipal = ownerDoc.nodePrincipal; + // Check if the link needs to be opened with .tor.onion urlbar rewrites + // allowed. Only when the owner doc has onionUrlbarRewritesAllowed = true + // and the same origin we should allow this. + json.onionUrlbarRewritesAllowed = false; + if (this.docShell.onionUrlbarRewritesAllowed) { +const sm = Services.scriptSecurityManager; +try { + let targetURI = Services.io.newURI(href); + let isPrivateWin = +ownerDoc.nodePrincipal.originAttributes.privateBrowsingId > 0; + sm.checkSameOriginURI( +docshell.currentDocumentChannel.URI, +targetURI, +false, +isPrivateWin + ); + json.onionUrlbarRewritesAllowed = true; +} catch (e) {} + } + // If a link element is clicked with middle button, user wants to open // the link somewhere rather than pasting clipboard content. Therefore, // when it's clicked with middle button, we should prevent multiple diff --git a/browser/actors/ClickHandlerParent.jsm b/browser/actors/ClickHandlerParent.jsm index 454c0fe69b27..42ab7a0f6e2a 100644 --- a/browser/actors/ClickHandlerParent.jsm +++ b/browser/actors/ClickHandlerParent.jsm @@ -102,6 +102,7 @@ class ClickHandlerParent extends JSWindowActorParent { charset: browser.characterSet, referrerInfo: E10SUtils.deserializeReferrerInfo(data.referrerInfo), allowMixedContent: data.allowMixedContent, + onionUrlbarRewritesAllowed:
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 28125 - Prevent non-Necko network connections
commit 001355e26fe082c9286e33001773c3c92515bd22 Author: Matthew Finkel Date: Thu Oct 25 19:17:09 2018 + Bug 28125 - Prevent non-Necko network connections --- .../gecko/media/GeckoMediaDrmBridgeV21.java| 49 +- .../exoplayer2/upstream/DefaultHttpDataSource.java | 47 + 2 files changed, 3 insertions(+), 93 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java index 3ba59bfd6776..eb57b1013642 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java @@ -488,54 +488,7 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm { @Override protected Void doInBackground(final Void... params) { -HttpURLConnection urlConnection = null; -BufferedReader in = null; -try { -URI finalURI = new URI(mURL + "=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8")); -urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI); -urlConnection.setRequestMethod("POST"); -if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString()); - -// Add data -urlConnection.setRequestProperty("Accept", "*/*"); -urlConnection.setRequestProperty("User-Agent", getCDMUserAgent()); -urlConnection.setRequestProperty("Content-Type", "application/json"); - -// Execute HTTP Post Request -urlConnection.connect(); - -int responseCode = urlConnection.getResponseCode(); -if (responseCode == HttpURLConnection.HTTP_OK) { -in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8)); -String inputLine; -StringBuffer response = new StringBuffer(); - -while ((inputLine = in.readLine()) != null) { -response.append(inputLine); -} -in.close(); -mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8); -if (DEBUG) Log.d(LOGTAG, "Provisioning, response received."); -if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length); -} else { -Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode); -} -} catch (IOException e) { -Log.e(LOGTAG, "Got exception during posting provisioning request ...", e); -} catch (URISyntaxException e) { -Log.e(LOGTAG, "Got exception during creating uri ...", e); -} finally { -if (urlConnection != null) { -urlConnection.disconnect(); -} -try { -if (in != null) { -in.close(); -} -} catch (IOException e) { -Log.e(LOGTAG, "Exception during closing in ...", e); -} -} +Log.i(LOGTAG, "This is Tor Browser. Skipping."); return null; } diff --git a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java index fdb44cc2ea1f..7a2044721d2d 100644 --- a/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java +++ b/mobile/android/geckoview/src/thirdparty/java/org/mozilla/thirdparty/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java @@ -395,51 +395,8 @@ public class DefaultHttpDataSource implements HttpDataSource { */ private HttpURLConnection makeConnection(URL url, byte[] postBody, long position, long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException { -/** - * Tor Project modified the way the connection object was created. For the sake of - * simplicity, instead of duplicating the whole file we changed the connection object - * to use the ProxySelector. - */ -HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); - -connection.setConnectTimeout(connectTimeoutMillis); -connection.setReadTimeout(readTimeoutMillis); -if (defaultRequestProperties != null) { - for (Map.Entry property :
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 25741 - TBA: Disable GeckoNetworkManager
commit 4e37110f4ac0c39af3b90ad1fcd73e7071e901b0 Author: Matthew Finkel Date: Thu Apr 26 22:22:51 2018 + Bug 25741 - TBA: Disable GeckoNetworkManager The browser should not need information related to the network interface or network state, tor should take care of that. --- .../src/main/java/org/mozilla/geckoview/GeckoRuntime.java | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java index ed86dcc5c299..f5587dd7e59c 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/GeckoRuntime.java @@ -121,7 +121,9 @@ public final class GeckoRuntime implements Parcelable { mPaused = false; // Monitor network status and send change notifications to Gecko // while active. - GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); +if (BuildConfig.TOR_BROWSER_VERSION == "") { + GeckoNetworkManager.getInstance().start(GeckoAppShell.getApplicationContext()); +} } @OnLifecycleEvent(Lifecycle.Event.ON_PAUSE) @@ -129,7 +131,9 @@ public final class GeckoRuntime implements Parcelable { Log.d(LOGTAG, "Lifecycle: onPause"); mPaused = true; // Stop monitoring network status while inactive. -GeckoNetworkManager.getInstance().stop(); +if (BuildConfig.TOR_BROWSER_VERSION == "") { +GeckoNetworkManager.getInstance().stop(); +} GeckoThread.onPause(); } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
commit 36f4cad5c7584bf4f8e4debafc859bb725788e0f Author: Amogh Pradeep Date: Fri Jun 12 02:07:45 2015 -0400 Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. See Bug 1357997 for partial uplift. Also: Bug 28051 - Use our Orbot for proxying our connections Bug 31144 - ESR68 Network Code Review --- .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++--- .../java/org/mozilla/gecko/util/BitmapUtils.java | 7 --- .../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++- 3 files changed, 59 insertions(+), 41 deletions(-) diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java index 995b23316c32..b9ca73bee2eb 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java @@ -1764,39 +1764,41 @@ public class GeckoAppShell { @WrapForJNI private static URLConnection getConnection(final String url) { -try { -String spec; -if (url.startsWith("android://")) { -spec = url.substring(10); -} else { -spec = url.substring(8); -} - -// Check if we are loading a package icon. -try { -if (spec.startsWith("icon/")) { -String[] splits = spec.split("/"); -if (splits.length != 2) { -return null; -} -final String pkg = splits[1]; -final PackageManager pm = getApplicationContext().getPackageManager(); -final Drawable d = pm.getApplicationIcon(pkg); -final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); -return new BitmapConnection(bitmap); -} -} catch (Exception ex) { -Log.e(LOGTAG, "error", ex); -} - -// if the colon got stripped, put it back -int colon = spec.indexOf(':'); -if (colon == -1 || colon > spec.indexOf('/')) { -spec = spec.replaceFirst("/", ":/"); -} -} catch (Exception ex) { -return null; -} +// Bug 31144 - Prevent potential proxy-bypass + +//try { +//String spec; +//if (url.startsWith("android://")) { +//spec = url.substring(10); +//} else { +//spec = url.substring(8); +//} + +//// Check if we are loading a package icon. +//try { +//if (spec.startsWith("icon/")) { +//String[] splits = spec.split("/"); +//if (splits.length != 2) { +//return null; +//} +//final String pkg = splits[1]; +//final PackageManager pm = getApplicationContext().getPackageManager(); +//final Drawable d = pm.getApplicationIcon(pkg); +//final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); +//return new BitmapConnection(bitmap); +//} +//} catch (Exception ex) { +//Log.e(LOGTAG, "error", ex); +//} + +//// if the colon got stripped, put it back +//int colon = spec.indexOf(':'); +//if (colon == -1 || colon > spec.indexOf('/')) { +//spec = spec.replaceFirst("/", ":/"); +//} +//} catch (Exception ex) { +//return null; +//} return null; } diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java index 73a69a3abd66..f795dacffb47 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/BitmapUtils.java @@ -101,13 +101,6 @@ public final class BitmapUtils { public static Bitmap decodeUrl(final URL url) { InputStream stream = null; -try { -stream = url.openStream(); -} catch (IOException e) { -Log.w(LOGTAG, "decodeUrl: IOException downloading " + url); -return null; -} - if (stream == null) { Log.w(LOGTAG, "decodeUrl: stream not found downloading " + url); return null; diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java index 3940d3c84249..9515975f680a 100644 ---
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 24796 - Comment out excess permissions from GeckoView
commit dc655b529b1520db218bc18cbf7c748a983a56f9 Author: Matthew Finkel Date: Wed Apr 11 17:52:59 2018 + Bug 24796 - Comment out excess permissions from GeckoView The GeckoView AndroidManifest.xml is not preprocessed unlike Fennec's manifest, so we can't use the ifdef preprocessor guards around the permissions we do not want. Commenting the permissions is the next-best-thing. --- .../android/geckoview/src/main/AndroidManifest.xml | 20 +--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/mobile/android/geckoview/src/main/AndroidManifest.xml b/mobile/android/geckoview/src/main/AndroidManifest.xml index 87ad6dc28047..4c8ab2a9d996 100644 --- a/mobile/android/geckoview/src/main/AndroidManifest.xml +++ b/mobile/android/geckoview/src/main/AndroidManifest.xml @@ -6,20 +6,32 @@ http://schemas.android.com/apk/res/android; package="org.mozilla.geckoview"> + + + + + + + + + + https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 31607: App menu items stop working on macOS
commit b34116764d4bf4b4cd7f1ce35b472eb55d6fb6b4 Author: Kathy Brade Date: Thu Oct 3 10:53:43 2019 -0400 Bug 31607: App menu items stop working on macOS Avoid re-creating the hidden window, since this causes the nsMenuBarX object that is associated with the app menu to be freed (which in turn causes all of the app menu items to stop working). More detail: There should only be one hidden window. XREMain::XRE_mainRun() contains an explicit call to create the hidden window and that is the normal path by which it is created. However, when Tor Launcher's wizard/progress window is opened during startup, a hidden window is created earlier as a side effect of calls to nsAppShellService::GetHiddenWindow(). Then, when XREMain::XRE_mainRun() creates its hidden window, the original one is freed which also causes the app menu's nsMenuBarX object which is associated with that window to be destroyed. When that happens, the menuGroupOwner property within each Cocoa menu items's MenuItemInfo object is cleared. This breaks the link that is necessary for NativeMenuItemTarget's menuItemHit method to dispatch a menu item event. --- xpfe/appshell/nsAppShellService.cpp | 4 1 file changed, 4 insertions(+) diff --git a/xpfe/appshell/nsAppShellService.cpp b/xpfe/appshell/nsAppShellService.cpp index 719684ceb072..1600a3fea789 100644 --- a/xpfe/appshell/nsAppShellService.cpp +++ b/xpfe/appshell/nsAppShellService.cpp @@ -93,6 +93,10 @@ void nsAppShellService::EnsureHiddenWindow() { NS_IMETHODIMP nsAppShellService::CreateHiddenWindow() { + if (mHiddenWindow) { +return NS_OK; + } + if (!XRE_IsParentProcess()) { return NS_ERROR_NOT_IMPLEMENTED; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 32220: Improve the letterboxing experience
commit 3a62f6cd9a05197a30e8096afd851cfbdd14ed27 Author: Richard Pospesel Date: Mon Oct 28 17:42:17 2019 -0700 Bug 32220: Improve the letterboxing experience CSS and JS changes to alter the UX surrounding letterboxing. The browser element containing page content is now anchored to the bottom of the toolbar, and the remaining letterbox margin is the same color as the firefox chrome. The letterbox margin and border are tied to the currently selected theme. Also adds a 'needsLetterbox' property to tabbrowser.xml to fix a race condition present when using the 'isEmpty' property. Using 'isEmpty' as a proxy for 'needsLetterbox' resulted in over-zealous/unnecessary letterboxing of about:blank tabs. --- browser/base/content/browser.css | 8 ++ browser/base/content/tabbrowser-tab.js | 9 +++ browser/themes/shared/tabs.inc.css | 6 ++ .../components/resistfingerprinting/RFPHelper.jsm | 94 +++--- 4 files changed, 105 insertions(+), 12 deletions(-) diff --git a/browser/base/content/browser.css b/browser/base/content/browser.css index 808c03e88223..a0b1bf4a8951 100644 --- a/browser/base/content/browser.css +++ b/browser/base/content/browser.css @@ -85,6 +85,14 @@ body { display: none; } + +.browserStack > browser.letterboxing { + border-color: var(--chrome-content-separator-color); + border-style: solid; + border-width : 1px; + border-top: none; +} + %ifdef MENUBAR_CAN_AUTOHIDE #toolbar-menubar[autohide="true"] { overflow: hidden; diff --git a/browser/base/content/tabbrowser-tab.js b/browser/base/content/tabbrowser-tab.js index 183eff1bab86..7f376ab1d122 100644 --- a/browser/base/content/tabbrowser-tab.js +++ b/browser/base/content/tabbrowser-tab.js @@ -225,6 +225,15 @@ return true; } +get needsLetterbox() { + let browser = this.linkedBrowser; + if (isBlankPageURL(browser.currentURI.spec)) { +return false; + } + + return true; +} + get lastAccessed() { return this._lastAccessed == Infinity ? Date.now() : this._lastAccessed; } diff --git a/browser/themes/shared/tabs.inc.css b/browser/themes/shared/tabs.inc.css index b47842af766c..019da6ecf76f 100644 --- a/browser/themes/shared/tabs.inc.css +++ b/browser/themes/shared/tabs.inc.css @@ -33,6 +33,12 @@ background-color: #f9f9fa; } +/* extend down the toolbar's colors when letterboxing is enabled*/ +#tabbrowser-tabpanels.letterboxing { + background-color: var(--toolbar-bgcolor); + background-image: var(--toolbar-bgimage); +} + :root[privatebrowsingmode=temporary] #tabbrowser-tabpanels { /* Value for --in-content-page-background in aboutPrivateBrowsing.css */ background-color: #25003e; diff --git a/toolkit/components/resistfingerprinting/RFPHelper.jsm b/toolkit/components/resistfingerprinting/RFPHelper.jsm index 49010d1c8cb1..b906a067fd63 100644 --- a/toolkit/components/resistfingerprinting/RFPHelper.jsm +++ b/toolkit/components/resistfingerprinting/RFPHelper.jsm @@ -40,6 +40,7 @@ class _RFPHelper { // constructor() { this._initialized = false; +this._borderDimensions = null; } init() { @@ -361,6 +362,24 @@ class _RFPHelper { }); } + getBorderDimensions(aBrowser) { +if (this._borderDimensions) { + return this._borderDimensions; +} + +const win = aBrowser.ownerGlobal; +const browserStyle = win.getComputedStyle(aBrowser); + +this._borderDimensions = { + top : parseInt(browserStyle.borderTopWidth), + right: parseInt(browserStyle.borderRightWidth), + bottom : parseInt(browserStyle.borderBottomWidth), + left : parseInt(browserStyle.borderLeftWidth), +}; + +return this._borderDimensions; + } + _addOrClearContentMargin(aBrowser) { let tab = aBrowser.getTabBrowser().getTabForBrowser(aBrowser); @@ -369,9 +388,13 @@ class _RFPHelper { return; } +// we add the letterboxing class even if the content does not need letterboxing +// in which case margins are set such that the borders are hidden +aBrowser.classList.add("letterboxing"); + // We should apply no margin around an empty tab or a tab with system // principal. -if (tab.isEmpty || aBrowser.contentPrincipal.isSystemPrincipal) { +if (!tab.needsLetterbox || aBrowser.contentPrincipal.isSystemPrincipal) { this._clearContentViewMargin(aBrowser); } else { this._roundContentView(aBrowser); @@ -539,10 +562,29 @@ class _RFPHelper { // Calculating the margins around the browser element in order to round the // content viewport. We will use a 200x100 stepping if the dimension set // is not given. -let margins = calcMargins(containerWidth, containerHeight); + +const borderDimensions = this.getBorderDimensions(aBrowser); +const marginDims =
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor
commit c62c33123c1ff0ee43ab161219d49b73ea39af17 Author: Richard Pospesel Date: Mon Sep 16 15:25:39 2019 -0700 Bug 31286: Implementation of bridge, proxy, and firewall settings in about:preferences#tor This patch adds a new about:preferences#tor page which allows modifying bridge, proxy, and firewall settings from within Tor Browser. All of the functionality present in tor-launcher's Network Configuration panel is present: - Setting built-in bridges - Requesting bridges from BridgeDB via moat - Using user-provided bridges - Configuring SOCKS4, SOCKS5, and HTTP/HTTPS proxies - Setting firewall ports - Viewing and Copying Tor's logs - The Networking Settings in General preferences has been removed --- browser/components/moz.build | 1 + browser/components/preferences/main.inc.xhtml | 55 -- browser/components/preferences/main.js | 14 - browser/components/preferences/preferences.js | 9 + browser/components/preferences/preferences.xhtml | 5 + browser/components/preferences/privacy.js | 1 + .../torpreferences/content/parseFunctions.jsm | 89 +++ .../torpreferences/content/requestBridgeDialog.jsm | 202 + .../content/requestBridgeDialog.xhtml | 35 + .../torpreferences/content/torBridgeSettings.jsm | 325 .../torpreferences/content/torCategory.inc.xhtml | 9 + .../torpreferences/content/torFirewallSettings.jsm | 72 ++ .../torpreferences/content/torLogDialog.jsm| 66 ++ .../torpreferences/content/torLogDialog.xhtml | 23 + .../components/torpreferences/content/torPane.js | 857 + .../torpreferences/content/torPane.xhtml | 123 +++ .../torpreferences/content/torPreferences.css | 77 ++ .../torpreferences/content/torPreferencesIcon.svg | 5 + .../torpreferences/content/torProxySettings.jsm| 245 ++ browser/components/torpreferences/jar.mn | 14 + browser/components/torpreferences/moz.build| 1 + browser/modules/BridgeDB.jsm | 110 +++ browser/modules/TorProtocolService.jsm | 212 + browser/modules/moz.build | 2 + 24 files changed, 2483 insertions(+), 69 deletions(-) diff --git a/browser/components/moz.build b/browser/components/moz.build index cb6eeb9164ef..09e209dc9c3b 100644 --- a/browser/components/moz.build +++ b/browser/components/moz.build @@ -58,6 +58,7 @@ DIRS += [ 'syncedtabs', 'uitour', 'urlbar', +'torpreferences', 'translation', ] diff --git a/browser/components/preferences/main.inc.xhtml b/browser/components/preferences/main.inc.xhtml index f3502e87af98..37ac50ee940b 100644 --- a/browser/components/preferences/main.inc.xhtml +++ b/browser/components/preferences/main.inc.xhtml @@ -676,59 +676,4 @@ - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js index 9f36871d6303..6b258429e773 100644 --- a/browser/components/preferences/main.js +++ b/browser/components/preferences/main.js @@ -361,15 +361,6 @@ var gMainPane = { }); this.updatePerformanceSettingsBox({ duringChangeEvent: false }); this.displayUseSystemLocale(); -let connectionSettingsLink = document.getElementById( - "connectionSettingsLearnMore" -); -let connectionSettingsUrl = - Services.urlFormatter.formatURLPref("app.support.baseURL") + - "prefs-connection-settings"; -connectionSettingsLink.setAttribute("href", connectionSettingsUrl); -this.updateProxySettingsUI(); -initializeProxyUI(gMainPane); if (Services.prefs.getBoolPref("intl.multilingual.enabled")) { gMainPane.initBrowserLocale(); @@ -503,11 +494,6 @@ var gMainPane = { "change", gMainPane.updateHardwareAcceleration.bind(gMainPane) ); -setEventListener( - "connectionSettings", - "command", - gMainPane.showConnections -); setEventListener( "browserContainersCheckbox", "command", diff --git a/browser/components/preferences/preferences.js b/browser/components/preferences/preferences.js index 27e9763a1f9e..089533f20ade 100644 --- a/browser/components/preferences/preferences.js +++ b/browser/components/preferences/preferences.js @@ -13,6 +13,7 @@ /* import-globals-from findInPage.js */ /* import-globals-from ../../base/content/utilityOverlay.js */ /* import-globals-from ../../../toolkit/content/preferencesBindings.js */ +/* import-globals-from ../torpreferences/content/torPane.js */ "use strict"; @@ -91,6 +92,14 @@ function init_all() { document.getElementById("template-paneSync").remove(); } register_module("paneSearchResults", gSearchResultsPane); + if (gTorPane.enabled) { +document.getElementById("category-tor").hidden =
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 31740: Remove some unnecessary RemoteSettings instances
commit af88a4535b70579190ad05b07223e40b1845af1f Author: Alex Catarineu Date: Wed Oct 16 23:01:12 2019 +0200 Bug 31740: Remove some unnecessary RemoteSettings instances More concretely, SearchService.jsm 'hijack-blocklists' and url-classifier-skip-urls. Avoid creating instance for 'anti-tracking-url-decoration'. If prefs are disabling their usage, avoid creating instances for 'cert-revocations' and 'intermediates'. Do not ship JSON dumps for collections we do not expect to need. For the ones in the 'main' bucket, this prevents them from being synced unnecessarily (the code in remote-settings does so for collections in the main bucket for which a dump or local data exists). For the collections in the other buckets, we just save some size by not shipping their dumps. We also clear the collections database on the v2 -> v3 migration. --- .../url-classifier/UrlClassifierFeatureBase.cpp| 2 +- netwerk/url-classifier/components.conf | 6 -- security/manager/ssl/RemoteSecuritySettings.jsm| 22 ++ services/settings/IDBHelpers.jsm | 4 services/settings/dumps/blocklists/moz.build | 1 - services/settings/dumps/main/moz.build | 5 - services/settings/dumps/security-state/moz.build | 1 - .../components/antitracking/antitracking.manifest | 2 +- toolkit/components/antitracking/components.conf| 7 --- toolkit/components/search/SearchService.jsm| 2 -- 10 files changed, 28 insertions(+), 24 deletions(-) diff --git a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp index 9bc7fc5d6e9a..3fb3b74a4f08 100644 --- a/netwerk/url-classifier/UrlClassifierFeatureBase.cpp +++ b/netwerk/url-classifier/UrlClassifierFeatureBase.cpp @@ -76,7 +76,7 @@ void UrlClassifierFeatureBase::InitializePreferences() { nsCOMPtr skipListService = do_GetService("@mozilla.org/url-classifier/skip-list-service;1"); - if (NS_WARN_IF(!skipListService)) { + if (!skipListService) { return; } diff --git a/netwerk/url-classifier/components.conf b/netwerk/url-classifier/components.conf index 7f49d94b6488..b2e667247317 100644 --- a/netwerk/url-classifier/components.conf +++ b/netwerk/url-classifier/components.conf @@ -13,10 +13,4 @@ Classes = [ 'constructor': 'mozilla::net::ChannelClassifierService::GetSingleton', 'headers': ['mozilla/net/ChannelClassifierService.h'], }, -{ -'cid': '{b9f4fd03-9d87-4bfd-9958-85a821750ddc}', -'contract_ids': ['@mozilla.org/url-classifier/skip-list-service;1'], -'jsm': 'resource://gre/modules/UrlClassifierSkipListService.jsm', -'constructor': 'UrlClassifierSkipListService', -}, ] diff --git a/security/manager/ssl/RemoteSecuritySettings.jsm b/security/manager/ssl/RemoteSecuritySettings.jsm index 199eeb5b58e1..96d6a7a2de48 100644 --- a/security/manager/ssl/RemoteSecuritySettings.jsm +++ b/security/manager/ssl/RemoteSecuritySettings.jsm @@ -350,6 +350,16 @@ var RemoteSecuritySettings = { class IntermediatePreloads { constructor() { +this.maybeInit(); + } + + maybeInit() { +if ( + this.client || + !Services.prefs.getBoolPref(INTERMEDIATES_ENABLED_PREF, true) +) { + return; +} this.client = RemoteSettings( Services.prefs.getCharPref(INTERMEDIATES_COLLECTION_PREF), { @@ -379,6 +389,7 @@ class IntermediatePreloads { ); return; } +this.maybeInit(); // Download attachments that are awaiting download, up to a max. const maxDownloadsPerRun = Services.prefs.getIntPref( @@ -704,6 +715,16 @@ function compareFilters(filterA, filterB) { class CRLiteFilters { constructor() { +this.maybeInit(); + } + + maybeInit() { +if ( + this.client || + !Services.prefs.getBoolPref(CRLITE_FILTERS_ENABLED_PREF, true) +) { + return; +} this.client = RemoteSettings( Services.prefs.getCharPref(CRLITE_FILTERS_COLLECTION_PREF), { @@ -729,6 +750,7 @@ class CRLiteFilters { ); return; } +this.maybeInit(); let current = await this.client.db.list(); let fullFilters = current.filter(filter => !filter.incremental); if (fullFilters.length < 1) { diff --git a/services/settings/IDBHelpers.jsm b/services/settings/IDBHelpers.jsm index 5dc59c3687ef..010a5ea82987 100644 --- a/services/settings/IDBHelpers.jsm +++ b/services/settings/IDBHelpers.jsm @@ -188,6 +188,10 @@ async function openIDB(allowUpgrades = true) { }); } if (event.oldVersion < 3) { +// Clear existing stores for a fresh start +transaction.objectStore("records").clear(); +transaction.objectStore("timestamps").clear(); +transaction.objectStore("collections").clear(); // Attachment store db.createObjectStore("attachments",
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 32092: Fix Tor Browser Support link in preferences
commit dffb6c07083037aef832384741135c300385a2cf Author: Alex Catarineu Date: Tue Oct 15 22:54:10 2019 +0200 Bug 32092: Fix Tor Browser Support link in preferences --- browser/components/preferences/preferences.js | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/browser/components/preferences/preferences.js b/browser/components/preferences/preferences.js index 089533f20ade..586e32e277cb 100644 --- a/browser/components/preferences/preferences.js +++ b/browser/components/preferences/preferences.js @@ -121,10 +121,7 @@ function init_all() { gotoPref().then(() => { let helpButton = document.getElementById("helpButton"); -let helpUrl = - Services.urlFormatter.formatURLPref("app.support.baseURL") + - "preferences"; -helpButton.setAttribute("href", helpUrl); +helpButton.setAttribute("href", "https://support.torproject.org/tbb;); document.getElementById("addonsButton").addEventListener("click", e => { if (e.button >= 2) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 13543: Spoof smooth and powerEfficient for Media Capabilities
commit 75b411f4a0daec7546409cb9aad9783d06a23083 Author: Alex Catarineu Date: Thu Oct 10 15:08:12 2019 +0200 Bug 13543: Spoof smooth and powerEfficient for Media Capabilities --- dom/media/mediacapabilities/MediaCapabilities.cpp | 5 + 1 file changed, 5 insertions(+) diff --git a/dom/media/mediacapabilities/MediaCapabilities.cpp b/dom/media/mediacapabilities/MediaCapabilities.cpp index fb1b1a2cb32c..3bc6b97eac63 100644 --- a/dom/media/mediacapabilities/MediaCapabilities.cpp +++ b/dom/media/mediacapabilities/MediaCapabilities.cpp @@ -290,6 +290,11 @@ already_AddRefed MediaCapabilities::DecodingInfo( if (aValue.IsReject()) { p = CapabilitiesPromise::CreateAndReject( std::move(aValue.RejectValue()), __func__); + } else if (nsContentUtils:: + ShouldResistFingerprinting()) { +p = CapabilitiesPromise::CreateAndResolve( +MediaCapabilitiesInfo(true, true, false), +__func__); } else { MOZ_ASSERT(config->IsVideo()); if (StaticPrefs::media_mediacapabilities_from_database()) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 32658: Create a new MAR signing key
commit c9d8168ab1e7c0c32d1d4a48fc1c321822a578f6 Author: Georg Koppen Date: Fri Jan 17 12:54:31 2020 + Bug 32658: Create a new MAR signing key It's time for our rotation again: Move the backup key in the front position and add a new backup key. squash! Bug 32658: Create a new MAR signing key Bug 33803: Move our primary nightly MAR signing key to tor-browser Bug 33803: Add a secondary nightly MAR signing key --- .../update/updater/nightly_aurora_level3_primary.der | Bin 1225 -> 1245 bytes .../updater/nightly_aurora_level3_secondary.der | Bin 1225 -> 1245 bytes toolkit/mozapps/update/updater/release_primary.der| Bin 1225 -> 1229 bytes toolkit/mozapps/update/updater/release_secondary.der | Bin 1225 -> 1229 bytes 4 files changed, 0 insertions(+), 0 deletions(-) diff --git a/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der b/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der index 44fd95dcff89..d579cf801e1a 100644 Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der differ diff --git a/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der b/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der index 90f8e6e82c63..7cbfa77d06e7 100644 Binary files a/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der and b/toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der differ diff --git a/toolkit/mozapps/update/updater/release_primary.der b/toolkit/mozapps/update/updater/release_primary.der index 1d94f88ad73b..0103a171de88 100644 Binary files a/toolkit/mozapps/update/updater/release_primary.der and b/toolkit/mozapps/update/updater/release_primary.der differ diff --git a/toolkit/mozapps/update/updater/release_secondary.der b/toolkit/mozapps/update/updater/release_secondary.der index 474706c4b73c..fcee3944e9b7 100644 Binary files a/toolkit/mozapps/update/updater/release_secondary.der and b/toolkit/mozapps/update/updater/release_secondary.der differ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 30237: Add v3 onion services client authentication prompt
commit f7273e785bb8239f70f275cbea7b6695c7e97116 Author: Kathy Brade Date: Tue Nov 12 16:11:05 2019 -0500 Bug 30237: Add v3 onion services client authentication prompt When Tor informs the browser that client authentication is needed, temporarily load about:blank instead of about:neterror and prompt for the user's key. If a correctly formatted key is entered, use Tor's ONION_CLIENT_AUTH_ADD control port command to add the key (via Torbutton's control port module) and reload the page. If the user cancels the prompt, display the standard about:neterror "Unable to connect" page. This requires a small change to browser/actors/NetErrorChild.jsm to account for the fact that the docShell no longer has the failedChannel information. The failedChannel is used to extract TLS-related error info, which is not applicable in the case of a canceled .onion authentication prompt. Add a leaveOpen option to PopupNotifications.show so we can display error messages within the popup notification doorhanger without closing the prompt. Add support for onion services strings to the TorStrings module. Add support for Tor extended SOCKS errors (Tor proposal 304) to the socket transport and SOCKS layers. Improved display of all of these errors will be implemented as part of bug 30025. Also fixes bug 19757: Add a "Remember this key" checkbox to the client auth prompt. Add an "Onion Services Authentication" section within the about:preferences "Privacy & Security section" to allow viewing and removal of v3 onion client auth keys that have been stored on disk. Also fixes bug 19251: use enhanced error pages for onion service errors. --- browser/actors/NetErrorChild.jsm | 7 + browser/base/content/aboutNetError.js | 10 +- browser/base/content/aboutNetError.xhtml | 1 + browser/base/content/browser.js| 10 + browser/base/content/browser.xhtml | 3 + browser/base/content/tab-content.js| 5 + browser/components/moz.build | 1 + .../content/authNotificationIcon.inc.xhtml | 6 + .../onionservices/content/authPopup.inc.xhtml | 16 ++ .../onionservices/content/authPreferences.css | 20 ++ .../content/authPreferences.inc.xhtml | 19 ++ .../onionservices/content/authPreferences.js | 66 + .../components/onionservices/content/authPrompt.js | 316 + .../components/onionservices/content/authUtil.jsm | 47 +++ .../onionservices/content/netError/browser.svg | 3 + .../onionservices/content/netError/network.svg | 3 + .../content/netError/onionNetError.css | 65 + .../content/netError/onionNetError.js | 244 .../onionservices/content/netError/onionsite.svg | 7 + .../onionservices/content/onionservices.css| 69 + .../onionservices/content/savedKeysDialog.js | 259 + .../onionservices/content/savedKeysDialog.xhtml| 42 +++ browser/components/onionservices/jar.mn| 9 + browser/components/onionservices/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 7 + browser/themes/shared/notification-icons.inc.css | 3 + docshell/base/nsDocShell.cpp | 81 +- dom/ipc/BrowserParent.cpp | 21 ++ dom/ipc/BrowserParent.h| 3 + dom/ipc/PBrowser.ipdl | 9 + js/xpconnect/src/xpc.msg | 10 + netwerk/base/nsSocketTransport2.cpp| 6 + netwerk/socket/nsSOCKSIOLayer.cpp | 49 toolkit/modules/PopupNotifications.jsm | 6 + toolkit/modules/RemotePageAccessManager.jsm| 1 + .../lib/environments/frame-script.js | 1 + xpcom/base/ErrorList.py| 22 ++ 39 files changed, 1449 insertions(+), 2 deletions(-) diff --git a/browser/actors/NetErrorChild.jsm b/browser/actors/NetErrorChild.jsm index af9d6bd46128..de66e9eeda18 100644 --- a/browser/actors/NetErrorChild.jsm +++ b/browser/actors/NetErrorChild.jsm @@ -13,6 +13,8 @@ const { RemotePageChild } = ChromeUtils.import( "resource://gre/actors/RemotePageChild.jsm" ); +const { TorStrings } = ChromeUtils.import("resource:///modules/TorStrings.jsm"); + XPCOMUtils.defineLazyServiceGetter( this, "gSerializationHelper", @@ -29,6 +31,7 @@ class NetErrorChild extends RemotePageChild { "RPMPrefIsLocked", "RPMAddToHistogram", "RPMRecordTelemetryEvent", + "RPMGetTorStrings", ]; this.exportFunctions(exportableFunctions); } @@ -82,4
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 26345: Hide tracking protection UI
commit 91ada501458597b8c4f19b235ee96d2cefc7d588 Author: Alex Catarineu Date: Tue Sep 10 16:29:31 2019 +0200 Bug 26345: Hide tracking protection UI --- browser/base/content/browser-siteIdentity.js| 4 ++-- browser/components/about/AboutRedirector.cpp| 4 browser/components/about/components.conf| 1 - browser/components/customizableui/content/panelUI.inc.xhtml | 4 ++-- browser/components/moz.build| 1 - browser/themes/shared/preferences/privacy.css | 4 6 files changed, 8 insertions(+), 10 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 71b12374758d..b7fa432d9478 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -837,10 +837,10 @@ var gIdentityHandler = { this._refreshPermissionIcons(); -// Hide the shield icon if it is a chrome page. +// Bug 26345: Hide tracking protection UI. gProtectionsHandler._trackingProtectionIconContainer.classList.toggle( "chromeUI", - this._isSecureInternalUI + true ); }, diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp index 933d519bd959..544e21782729 100644 --- a/browser/components/about/AboutRedirector.cpp +++ b/browser/components/about/AboutRedirector.cpp @@ -114,10 +114,6 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, -{"protections", "chrome://browser/content/protections.html", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | - nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, {"pioneer", "chrome://browser/content/pioneer.html", nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, #ifdef TOR_BROWSER_UPDATE diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf index f31159d30e15..d78de142e2e4 100644 --- a/browser/components/about/components.conf +++ b/browser/components/about/components.conf @@ -20,7 +20,6 @@ pages = [ 'policies', 'preferences', 'privatebrowsing', -'protections', 'profiling', 'reader', 'restartrequired', diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index 719eee14e681..45f4a10ace7b 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -244,7 +244,7 @@ oncommand="gSync.toggleAccountPanel('PanelUI-fxa', this, event)"/> - + @@ -255,7 +255,7 @@ - + description { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 27604: Fix addon issues when moving TB directory
commit 58b99677bdc4d49d443e351aa6aa4e3d2e51fbcb Author: Alex Catarineu Date: Wed Oct 30 10:44:48 2019 +0100 Bug 27604: Fix addon issues when moving TB directory --- toolkit/mozapps/extensions/internal/XPIProvider.jsm | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index bf31932b59f1..5e467fb4f14c 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -485,7 +485,7 @@ class XPIState { // Builds prior to be 1512436 did not include the rootURI property. // If we're updating from such a build, add that property now. -if (!("rootURI" in this) && this.file) { +if (this.file) { this.rootURI = getURIForResourceInFile(this.file, "").spec; } @@ -498,7 +498,10 @@ class XPIState { saved.currentModifiedTime != this.lastModifiedTime ) { this.lastModifiedTime = saved.currentModifiedTime; -} else if (saved.currentModifiedTime === null) { +} else if ( + saved.currentModifiedTime === null && + (!this.file || !this.file.exists()) +) { this.missing = true; } } @@ -1439,6 +1442,7 @@ var XPIStates = { if (oldState[loc.name]) { loc.restore(oldState[loc.name]); +changed = changed || loc.path != oldState[loc.name].path; } changed = changed || loc.changed; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 31563: force reloading search extensions if extensions.enabledScopes has changed
commit f4b3759af0dd4ab87b18504c7b335244203b11f1 Author: Alex Catarineu Date: Sat Aug 31 16:23:20 2019 +0200 Bug 31563: force reloading search extensions if extensions.enabledScopes has changed --- toolkit/components/search/SearchService.jsm | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/toolkit/components/search/SearchService.jsm b/toolkit/components/search/SearchService.jsm index 46b992bec8ec..608f3c475458 100644 --- a/toolkit/components/search/SearchService.jsm +++ b/toolkit/components/search/SearchService.jsm @@ -975,6 +975,7 @@ SearchService.prototype = { let locale = Services.locale.requestedLocale; let buildID = Services.appinfo.platformBuildID; let appVersion = Services.appinfo.version; +let enabledScopes = Services.prefs.getIntPref("extensions.enabledScopes", -1); // Allows us to force a cache refresh should the cache format change. cache.version = SearchUtils.CACHE_VERSION; @@ -988,6 +989,10 @@ SearchService.prototype = { cache.appVersion = appVersion; cache.locale = locale; +// Bug 31563: we want to force reloading engines if extensions.enabledScopes +// pref changes +cache.enabledScopes = enabledScopes; + if (gModernConfig) { cache.builtInEngineList = this._searchOrder; // For built-in engines we don't want to store all their data in the cache @@ -1049,7 +1054,8 @@ SearchService.prototype = { !cache.engines || cache.version != SearchUtils.CACHE_VERSION || cache.locale != Services.locale.requestedLocale || - cache.buildID != buildID; + cache.buildID != buildID || + cache.enabledScopes != Services.prefs.getIntPref("extensions.enabledScopes", -1); let enginesCorrupted = false; if (!rebuildCache) { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 30541: Disable WebGL readPixel() for web content
commit 40742f90d2419f85c333d99d514ad560f1bebd6a Author: Georg Koppen Date: Wed May 29 12:29:19 2019 + Bug 30541: Disable WebGL readPixel() for web content --- dom/canvas/ClientWebGLContext.cpp | 8 1 file changed, 8 insertions(+) diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp index 42c0b1ba6b80..c7f2559332d3 100644 --- a/dom/canvas/ClientWebGLContext.cpp +++ b/dom/canvas/ClientWebGLContext.cpp @@ -4118,6 +4118,14 @@ bool ClientWebGLContext::ReadPixels_SharedPrecheck( return false; } + // Security check passed, but don't let content readPixel calls through for + // now, if Resist Fingerprinting Mode is enabled. + if (nsContentUtils::ResistFingerprinting(aCallerType)) { +JsWarning("readPixels: Not allowed in Resist Fingerprinting Mode"); +out_error.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); +return false; + } + return true; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 31575: Replace Firefox Home (newtab) with about:tor
commit 0cdd542aca1ac2edc8169af28320ab9b89370763 Author: Alex Catarineu Date: Mon Sep 9 13:04:34 2019 +0200 Bug 31575: Replace Firefox Home (newtab) with about:tor Avoid loading AboutNewTab in BrowserGlue.jsm in order to avoid several network requests that we do not need. Besides, about:newtab will now point to about:blank or about:tor (depending on browser.newtabpage.enabled) and about:home will point to about:tor. --- browser/components/BrowserGlue.jsm | 29 ++-- browser/components/newtab/AboutNewTabService.jsm | 15 +--- browser/components/preferences/home.inc.xhtml| 4 ++-- browser/components/preferences/preferences.xhtml | 5 +++- browser/modules/HomePage.jsm | 2 +- 5 files changed, 10 insertions(+), 45 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3363e24a9b56..44b1426b92e0 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -29,12 +29,6 @@ ChromeUtils.defineModuleGetter( "resource:///modules/CustomizableUI.jsm" ); -ChromeUtils.defineModuleGetter( - this, - "AboutNewTab", - "resource:///modules/AboutNewTab.jsm" -); - ChromeUtils.defineModuleGetter( this, "E10SUtils", @@ -123,19 +117,6 @@ let JSWINDOWACTORS = { matches: ["about:newinstall"], }, - AboutNewTab: { -child: { - moduleURI: "resource:///actors/AboutNewTabChild.jsm", - events: { -DOMContentLoaded: {}, - }, -}, -// The wildcard on about:newtab is for the ?endpoint query parameter -// that is used for snippets debugging. -matches: ["about:home", "about:welcome", "about:newtab*"], -remoteTypes: ["privilegedabout"], - }, - AboutPlugins: { parent: { moduleURI: "resource:///actors/AboutPluginsParent.jsm", @@ -1730,8 +1711,6 @@ BrowserGlue.prototype = { // the first browser window has finished initializing _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) { -AboutNewTab.init(); - TabCrashHandler.init(); ProcessHangMonitor.init(); @@ -5199,12 +5178,8 @@ var AboutHomeStartupCache = { return { pageInputStream: null, scriptInputStream: null }; } -let state = AboutNewTab.activityStream.store.getState(); -return new Promise(resolve => { - this._cacheDeferred = resolve; - this.log.trace("Parent received cache streams."); - this._procManager.sendAsyncMessage(this.CACHE_REQUEST_MESSAGE, { state }); -}); +this.log.error("Activity Stream is disabled in Tor Browser."); +return { pageInputStream: null, scriptInputStream: null }; }, /** diff --git a/browser/components/newtab/AboutNewTabService.jsm b/browser/components/newtab/AboutNewTabService.jsm index 506b521f528c..3962ebf94ab5 100644 --- a/browser/components/newtab/AboutNewTabService.jsm +++ b/browser/components/newtab/AboutNewTabService.jsm @@ -286,20 +286,7 @@ class BaseAboutNewTabService { * the newtab page has no effect on the result of this function. */ get defaultURL() { -// Generate the desired activity stream resource depending on state, e.g., -// "resource://activity-stream/prerendered/activity-stream.html" -// "resource://activity-stream/prerendered/activity-stream-debug.html" -// "resource://activity-stream/prerendered/activity-stream-noscripts.html" -return [ - "resource://activity-stream/prerendered/", - "activity-stream", - // Debug version loads dev scripts but noscripts separately loads scripts - this.activityStreamDebug && !this.privilegedAboutProcessEnabled -? "-debug" -: "", - this.privilegedAboutProcessEnabled ? "-noscripts" : "", - ".html", -].join(""); +return "about:tor"; } /* diff --git a/browser/components/preferences/home.inc.xhtml b/browser/components/preferences/home.inc.xhtml index 2e900ccd296c..2a7412944d73 100644 --- a/browser/components/preferences/home.inc.xhtml +++ b/browser/components/preferences/home.inc.xhtml @@ -37,7 +37,7 @@ class="check-home-page-controlled" data-preference-related="browser.startup.homepage"> - + @@ -97,7 +97,7 @@ flex="1" preference="browser.newtabpage.enabled"> - + diff --git a/browser/components/preferences/preferences.xhtml b/browser/components/preferences/preferences.xhtml index 3d89ddf00808..c176457c68fd 100644 --- a/browser/components/preferences/preferences.xhtml +++ b/browser/components/preferences/preferences.xhtml @@ -14,7 +14,10 @@ - + + %aboutTorDTD; +]> http://www.w3.org/1999/xhtml; xmlns:html="http://www.w3.org/1999/xhtml; diff --git a/browser/modules/HomePage.jsm b/browser/modules/HomePage.jsm index c903787fde48..bf67b1c5d173 100644 --- a/browser/modules/HomePage.jsm
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 23247: Communicating security expectations for .onion
commit 8d7fb9525770cba1d0fbf9abddb53439319e968a Author: Richard Pospesel Date: Fri Jun 8 13:38:40 2018 -0700 Bug 23247: Communicating security expectations for .onion Encrypting pages hosted on Onion Services with SSL/TLS is redundant (in terms of hiding content) as all traffic within the Tor network is already fully encrypted. Therefore, serving HTTP pages from an Onion Service is more or less fine. Prior to this patch, Tor Browser would mostly treat pages delivered via Onion Services as well as pages delivered in the ordinary fashion over the internet in the same way. This created some inconsistencies in behaviour and misinformation presented to the user relating to the security of pages delivered via Onion Services: - HTTP Onion Service pages did not have any 'lock' icon indicating the site was secure - HTTP Onion Service pages would be marked as unencrypted in the Page Info screen - Mixed-mode content restrictions did not apply to HTTP Onion Service pages embedding Non-Onion HTTP content This patch fixes the above issues, and also adds several new 'Onion' icons to the mix to indicate all of the various permutations of Onion Services hosted HTTP or HTTPS pages with HTTP or HTTPS content. Strings for Onion Service Page Info page are pulled from Torbutton's localization strings. --- browser/base/content/browser-siteIdentity.js | 39 - browser/base/content/pageinfo/security.js | 64 ++ .../shared/identity-block/identity-block.inc.css | 19 +++ .../themes/shared/identity-block/onion-slash.svg | 5 ++ .../themes/shared/identity-block/onion-warning.svg | 6 ++ browser/themes/shared/identity-block/onion.svg | 3 + browser/themes/shared/jar.inc.mn | 3 + dom/base/nsContentUtils.cpp| 19 +++ dom/base/nsContentUtils.h | 5 ++ dom/base/nsGlobalWindowOuter.cpp | 3 +- dom/ipc/WindowGlobalActor.cpp | 4 +- dom/ipc/WindowGlobalChild.cpp | 6 +- dom/presentation/PresentationRequest.cpp | 3 +- dom/security/nsMixedContentBlocker.cpp | 16 +- security/manager/ssl/nsSecureBrowserUI.cpp | 12 15 files changed, 175 insertions(+), 32 deletions(-) diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js index 1d6f9555b33f..71b12374758d 100644 --- a/browser/base/content/browser-siteIdentity.js +++ b/browser/base/content/browser-siteIdentity.js @@ -131,6 +131,10 @@ var gIdentityHandler = { ); }, + get _uriIsOnionHost() { +return this._uriHasHost ? this._uri.host.toLowerCase().endsWith(".onion") : false; + }, + // smart getters get _identityPopup() { delete this._identityPopup; @@ -624,9 +628,9 @@ var gIdentityHandler = { get pointerlockFsWarningClassName() { // Note that the fullscreen warning does not handle _isSecureInternalUI. if (this._uriHasHost && this._isSecureConnection) { - return "verifiedDomain"; + return this._uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; } -return "unknownIdentity"; +return this._uriIsOnionHost ? "onionUnknownIdentity" : "unknownIdentity"; }, /** @@ -634,6 +638,10 @@ var gIdentityHandler = { * built-in (returns false) or imported (returns true). */ _hasCustomRoot() { +if (!this._secInfo) { + return false; +} + let issuerCert = null; issuerCert = this._secInfo.succeededCertChain[ this._secInfo.succeededCertChain.length - 1 @@ -676,11 +684,13 @@ var gIdentityHandler = { "identity.extension.label", [extensionName] ); -} else if (this._uriHasHost && this._isSecureConnection) { +} else if (this._uriHasHost && this._isSecureConnection && this._secInfo) { // This is a secure connection. - this._identityBox.className = "verifiedDomain"; + // _isSecureConnection implicitly includes onion services, which may not have an SSL certificate + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ? "onionVerifiedDomain" : "verifiedDomain"; if (this._isMixedActiveContentBlocked) { -this._identityBox.classList.add("mixedActiveBlocked"); +this._identityBox.classList.add(uriIsOnionHost ? "onionMixedActiveBlocked" : "mixedActiveBlocked"); } if (!this._isCertUserOverridden) { // It's a normal cert, verifier is the CA Org. @@ -691,17 +701,17 @@ var gIdentityHandler = { } } else if (this._isBrokenConnection) { // This is a secure connection, but something is wrong. - this._identityBox.className = "unknownIdentity"; + const uriIsOnionHost = this._uriIsOnionHost; + this._identityBox.className = uriIsOnionHost ?
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 27511: Add new identity button to toolbar
commit 3cedf1496a6aca3889fb8077b52768b504afb801 Author: Alex Catarineu Date: Fri Oct 4 19:08:33 2019 +0200 Bug 27511: Add new identity button to toolbar Also added 'New circuit for this site' button to CustomizableUI, but not visible by default. --- browser/base/content/browser.xhtml | 10 ++ .../components/customizableui/CustomizableUI.jsm| 21 + browser/themes/shared/icons/new_circuit.svg | 8 browser/themes/shared/icons/new_identity.svg| 9 + browser/themes/shared/jar.inc.mn| 3 +++ browser/themes/shared/menupanel.inc.css | 8 browser/themes/shared/toolbarbutton-icons.inc.css | 8 7 files changed, 67 insertions(+) diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 72c415b8f843..ddf5d766126b 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -1295,6 +1295,16 @@ ondragenter="newWindowButtonObserver.onDragOver(event)" ondragexit="newWindowButtonObserver.onDragExit(event)"/> + + + + +http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;> +Icon / New Circuit@1.5x + + + + + diff --git a/browser/themes/shared/icons/new_identity.svg b/browser/themes/shared/icons/new_identity.svg new file mode 100644 index ..91d5b35f7e80 --- /dev/null +++ b/browser/themes/shared/icons/new_identity.svg @@ -0,0 +1,9 @@ + +http://www.w3.org/2000/svg; xmlns:xlink="http://www.w3.org/1999/xlink;> +New Identity Icon + + + + + + \ No newline at end of file diff --git a/browser/themes/shared/jar.inc.mn b/browser/themes/shared/jar.inc.mn index 71fea38eb829..e4a3c8d2d41c 100644 --- a/browser/themes/shared/jar.inc.mn +++ b/browser/themes/shared/jar.inc.mn @@ -302,3 +302,6 @@ skin/classic/browser/install-ssb.svg (../shared/install-ssb.svg) skin/classic/browser/critical.svg (../shared/icons/critical.svg) skin/classic/browser/webRTC-indicator.css (../shared/webRTC-indicator.css) + + skin/classic/browser/new_circuit.svg (../shared/icons/new_circuit.svg) + skin/classic/browser/new_identity.svg (../shared/icons/new_identity.svg) diff --git a/browser/themes/shared/menupanel.inc.css b/browser/themes/shared/menupanel.inc.css index c919f32a1454..eae453ec5004 100644 --- a/browser/themes/shared/menupanel.inc.css +++ b/browser/themes/shared/menupanel.inc.css @@ -183,3 +183,11 @@ toolbarpaletteitem[place="palette"] > #bookmarks-menu-button, -moz-context-properties: fill, fill-opacity; fill-opacity: 0; } + +#appMenuNewIdentity { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#appMenuNewCircuit { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} diff --git a/browser/themes/shared/toolbarbutton-icons.inc.css b/browser/themes/shared/toolbarbutton-icons.inc.css index 9514eb1d5338..cf02f871c9a4 100644 --- a/browser/themes/shared/toolbarbutton-icons.inc.css +++ b/browser/themes/shared/toolbarbutton-icons.inc.css @@ -233,6 +233,14 @@ toolbar[brighttext] { list-style-image: url("chrome://browser/skin/new-tab.svg"); } +#new-identity-button { + list-style-image: url("chrome://browser/skin/new_identity.svg"); +} + +#new-circuit-button { + list-style-image: url("chrome://browser/skin/new_circuit.svg"); +} + #privatebrowsing-button { list-style-image: url("chrome://browser/skin/privateBrowsing.svg"); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 28369: Stop shipping pingsender executable
commit fcbe5b6d5f07b4a8c3f56f43c019b8228f3f4b0e Author: Alex Catarineu Date: Wed Apr 10 17:52:51 2019 +0200 Bug 28369: Stop shipping pingsender executable --- browser/app/macbuild/Contents/MacOS-files.in | 1 - browser/installer/package-manifest.in | 4 browser/installer/windows/nsis/shared.nsh | 1 - python/mozbuild/mozbuild/artifacts.py | 2 -- toolkit/components/telemetry/app/TelemetrySend.jsm | 19 +-- toolkit/components/telemetry/moz.build | 4 6 files changed, 1 insertion(+), 30 deletions(-) diff --git a/browser/app/macbuild/Contents/MacOS-files.in b/browser/app/macbuild/Contents/MacOS-files.in index a0cac14ef7e3..38c3766c6375 100644 --- a/browser/app/macbuild/Contents/MacOS-files.in +++ b/browser/app/macbuild/Contents/MacOS-files.in @@ -13,7 +13,6 @@ #if defined(MOZ_CRASHREPORTER) /minidump-analyzer #endif -/pingsender /pk12util /ssltunnel /xpcshell diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index ad7dd023a92e..9e36326dee5b 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -444,10 +444,6 @@ bin/libfreebl_64int_3.so @BINPATH@/minidump-analyzer@BIN_SUFFIX@ #endif -; [ Ping Sender ] -; -@BINPATH@/pingsender@BIN_SUFFIX@ - ; Shutdown Terminator @RESPATH@/components/terminator.manifest diff --git a/browser/installer/windows/nsis/shared.nsh b/browser/installer/windows/nsis/shared.nsh index 668fbca98b39..cb61865af70f 100755 --- a/browser/installer/windows/nsis/shared.nsh +++ b/browser/installer/windows/nsis/shared.nsh @@ -1472,7 +1472,6 @@ ${EndIf} Push "crashreporter.exe" Push "default-browser-agent.exe" Push "minidump-analyzer.exe" - Push "pingsender.exe" Push "updater.exe" Push "updateagent.exe" Push "${FileMainEXE}" diff --git a/python/mozbuild/mozbuild/artifacts.py b/python/mozbuild/mozbuild/artifacts.py index d1de6bca15d9..35107ac894fd 100644 --- a/python/mozbuild/mozbuild/artifacts.py +++ b/python/mozbuild/mozbuild/artifacts.py @@ -420,7 +420,6 @@ class LinuxArtifactJob(ArtifactJob): '{product}/{product}', '{product}/{product}-bin', '{product}/minidump-analyzer', -'{product}/pingsender', '{product}/plugin-container', '{product}/updater', '{product}/**/*.so', @@ -482,7 +481,6 @@ class MacArtifactJob(ArtifactJob): 'libosclientcerts.dylib', 'libsoftokn3.dylib', 'minidump-analyzer', -'pingsender', 'plugin-container.app/Contents/MacOS/plugin-container', 'updater.app/Contents/MacOS/org.mozilla.updater', # 'xpcshell', diff --git a/toolkit/components/telemetry/app/TelemetrySend.jsm b/toolkit/components/telemetry/app/TelemetrySend.jsm index f0f61b74026b..502416431b24 100644 --- a/toolkit/components/telemetry/app/TelemetrySend.jsm +++ b/toolkit/components/telemetry/app/TelemetrySend.jsm @@ -1578,23 +1578,6 @@ var TelemetrySendImpl = { }, runPingSender(pings, observer) { -if (AppConstants.platform === "android") { - throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); -} - -const exeName = - AppConstants.platform === "win" ? "pingsender.exe" : "pingsender"; - -let exe = Services.dirsvc.get("GreBinD", Ci.nsIFile); -exe.append(exeName); - -let params = pings.flatMap(ping => [ping.url, ping.path]); -let process = Cc["@mozilla.org/process/util;1"].createInstance( - Ci.nsIProcess -); -process.init(exe); -process.startHidden = true; -process.noShell = true; -process.runAsync(params, params.length, observer); +throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED); }, }; diff --git a/toolkit/components/telemetry/moz.build b/toolkit/components/telemetry/moz.build index 8d9104f632a6..520d2da3acf1 100644 --- a/toolkit/components/telemetry/moz.build +++ b/toolkit/components/telemetry/moz.build @@ -8,10 +8,6 @@ include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' -DIRS = [ -'pingsender', -] - DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] LOCAL_INCLUDES += [ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 26353: Prevent speculative connect that violated FPI.
commit 98346c87f8733e04202ab6f73c68d78c6c995605 Author: Arthur Edelstein Date: Sat Jul 14 08:50:55 2018 -0700 Bug 26353: Prevent speculative connect that violated FPI. Connections were observed in the catch-all circuit when the user entered an https or http URL in the URL bar, or typed a search term. --- toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm | 4 1 file changed, 4 insertions(+) diff --git a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm index ffa42297073e..82c7a3b950c2 100644 --- a/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm +++ b/toolkit/components/remotebrowserutils/RemoteWebNavigation.jsm @@ -74,6 +74,9 @@ class RemoteWebNavigation { fixupFlags |= Services.uriFixup.FIXUP_FLAG_PRIVATE_CONTEXT; } uri = Services.uriFixup.createFixupURI(aURI, fixupFlags); +/*** + TOR BROWSER: Disable the following speculative connect until + we can make it properly obey first-party isolation. // We know the url is going to be loaded, let's start requesting network // connection before the content process asks. @@ -97,6 +100,7 @@ class RemoteWebNavigation { } Services.io.speculativeConnect(uri, principal, null); } +***/ } catch (ex) { // Can't setup speculative connection for this uri string for some // reason (such as failing to parse the URI), just ignore it. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 21431: Clean-up system extensions shipped in Firefox
commit e003023cdb6fba232b5dabb8a25b061340d1d5bd Author: Kathy Brade Date: Tue May 23 17:05:29 2017 -0400 Bug 21431: Clean-up system extensions shipped in Firefox Only ship the pdfjs extension. --- browser/components/BrowserGlue.jsm| 6 ++ browser/extensions/moz.build | 5 - browser/installer/package-manifest.in | 1 - browser/locales/Makefile.in | 8 browser/locales/jar.mn| 7 --- 5 files changed, 6 insertions(+), 21 deletions(-) diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 3b7d8d6e0309..3363e24a9b56 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -2076,6 +2076,9 @@ BrowserGlue.prototype = { const ID = "screensh...@mozilla.org"; const _checkScreenshotsPref = async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { +return; + } let disabled = Services.prefs.getBoolPref(PREF, false); if (disabled) { await addon.disable({ allowSystemAddons: true }); @@ -2092,6 +2095,9 @@ BrowserGlue.prototype = { const ID = "webcompat-repor...@mozilla.org"; Services.prefs.addObserver(PREF, async () => { let addon = await AddonManager.getAddonByID(ID); + if (!addon) { +return; + } let enabled = Services.prefs.getBoolPref(PREF, false); if (enabled && !addon.isActive) { await addon.enable({ allowSystemAddons: true }); diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index fd2e65d01f02..499c59b8d6a5 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -5,12 +5,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. DIRS += [ -'doh-rollout', -'formautofill', 'pdfjs', -'screenshots', -'webcompat', -'report-site-issue' ] if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 53b0b7ddf731..ad7dd023a92e 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -268,7 +268,6 @@ @RESPATH@/browser/chrome/icons/default/default64.png @RESPATH@/browser/chrome/icons/default/default128.png #endif -@RESPATH@/browser/features/* ; [DevTools Startup Files] @RESPATH@/browser/chrome/devtools-startup@JAREXT@ diff --git a/browser/locales/Makefile.in b/browser/locales/Makefile.in index 05f0242c5248..1fdf34d9460f 100644 --- a/browser/locales/Makefile.in +++ b/browser/locales/Makefile.in @@ -58,10 +58,6 @@ libs-%: @$(MAKE) -C ../../toolkit/locales libs-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../services/sync/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../extensions/spellcheck/locales AB_CD=$* XPI_NAME=locale-$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales AB_CD=$* XPI_NAME=locale-$* -endif - @$(MAKE) -C ../extensions/report-site-issue/locales AB_CD=$* XPI_NAME=locale-$* @$(MAKE) -C ../../devtools/client/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) -C ../../devtools/startup/locales AB_CD=$* XPI_NAME=locale-$* XPI_ROOT_APPID='$(XPI_ROOT_APPID)' @$(MAKE) libs AB_CD=$* XPI_NAME=locale-$* PREF_DIR=$(PREF_DIR) @@ -75,14 +71,10 @@ chrome-%: @$(MAKE) -C ../../toolkit/locales chrome-$* @$(MAKE) -C ../../services/sync/locales chrome AB_CD=$* @$(MAKE) -C ../../extensions/spellcheck/locales chrome AB_CD=$* -ifneq (,$(wildcard ../extensions/formautofill/locales)) - @$(MAKE) -C ../extensions/formautofill/locales chrome AB_CD=$* -endif @$(MAKE) -C ../../devtools/client/locales chrome AB_CD=$* @$(MAKE) -C ../../devtools/startup/locales chrome AB_CD=$* @$(MAKE) chrome AB_CD=$* @$(MAKE) -C $(DEPTH)/$(MOZ_BRANDING_DIRECTORY)/locales chrome AB_CD=$* - @$(MAKE) -C ../extensions/report-site-issue/locales chrome AB_CD=$* package-win32-installer: $(SUBMAKEFILES) $(MAKE) -C ../installer/windows CONFIG_DIR=l10ngen ZIP_IN='$(ZIP_OUT)' installer diff --git a/browser/locales/jar.mn b/browser/locales/jar.mn index 31e2d3d870e6..ff577dfd4e7c 100644 --- a/browser/locales/jar.mn +++ b/browser/locales/jar.mn @@ -60,10 +60,3 @@ locale/browser/newInstall.dtd (%chrome/browser/newInstall.dtd) locale/browser/brandings.dtd (%chrome/browser/brandings.dtd) locale/browser/fxmonitor.properties (%chrome/browser/fxmonitor.properties) - -#ifdef XPI_NAME -# Bug 1240628, restructure how l10n repacks work with feature addons -# This is hacky, but ensures the chrome.manifest chain is complete -[.] chrome.jar: -% manifest features/chrome.manifest -#endif ___ tor-commits mailing list
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 25658: Replace security slider with security level UI
commit 983968e1c3557968e3e478455391b2591e909503 Author: Richard Pospesel Date: Mon Mar 4 16:09:51 2019 -0800 Bug 25658: Replace security slider with security level UI This patch adds a new 'securitylevel' component to Tor Browser intended to replace the torbutton 'Security Slider'. This component adds a new Security Level toolbar button which visually indicates the current global security level via icon (as defined by the extensions.torbutton.security_slider pref), a drop-down hanger with a short description of the current security level, and a new section in the about:preferences#privacy page where users can change their current security level. In addition, the hanger and the preferences page will show a visual warning when the user has modified prefs associated with the security level and provide a one-click 'Restore Defaults' button to get the user back on recommended settings. Strings used by this patch are pulled from the torbutton extension, but en-US defaults are provided if there is an error loading from the extension. With this patch applied, the usual work-flow of "./mach build && ./mach run" work as expected, even if the torbutton extension is disabled. --- browser/base/content/browser.js| 10 + browser/base/content/browser.xhtml | 5 + browser/components/moz.build | 1 + browser/components/preferences/preferences.xhtml | 1 + browser/components/preferences/privacy.inc.xhtml | 2 + browser/components/preferences/privacy.js | 19 + .../securitylevel/content/securityLevel.js | 501 + .../securitylevel/content/securityLevelButton.css | 9 + .../content/securityLevelButton.inc.xhtml | 7 + .../securitylevel/content/securityLevelButton.svg | 21 + .../securitylevel/content/securityLevelPanel.css | 82 .../content/securityLevelPanel.inc.xhtml | 38 ++ .../content/securityLevelPreferences.css | 26 ++ .../content/securityLevelPreferences.inc.xhtml | 62 +++ browser/components/securitylevel/jar.mn| 6 + browser/components/securitylevel/moz.build | 1 + 16 files changed, 791 insertions(+) diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 036d92e131da..a851be586c0c 100644 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -216,6 +216,11 @@ XPCOMUtils.defineLazyScriptGetter( ["DownloadsButton", "DownloadsIndicatorView"], "chrome://browser/content/downloads/indicator.js" ); +XPCOMUtils.defineLazyScriptGetter( + this, + ["SecurityLevelButton"], + "chrome://browser/content/securitylevel/securityLevel.js" +); XPCOMUtils.defineLazyScriptGetter( this, "gEditItemOverlay", @@ -1876,6 +1881,9 @@ var gBrowserInit = { // doesn't flicker as the window is being shown. DownloadsButton.init(); +// Init the SecuritySettingsButton +SecurityLevelButton.init(); + // Certain kinds of automigration rely on this notification to complete // their tasks BEFORE the browser window is shown. SessionStore uses it to // restore tabs into windows AFTER important parts like gMultiProcessBrowser @@ -2558,6 +2566,8 @@ var gBrowserInit = { DownloadsButton.uninit(); +SecurityLevelButton.uninit(); + gAccessibilityServiceIndicator.uninit(); AccessibilityRefreshBlocker.uninit(); diff --git a/browser/base/content/browser.xhtml b/browser/base/content/browser.xhtml index 229fc2a26dd2..72c415b8f843 100644 --- a/browser/base/content/browser.xhtml +++ b/browser/base/content/browser.xhtml @@ -20,6 +20,8 @@ + + @@ -623,6 +625,7 @@ #include ../../components/controlcenter/content/protectionsPanel.inc.xhtml #include ../../components/downloads/content/downloadsPanel.inc.xhtml #include ../../../devtools/startup/enableDevToolsPopup.inc.xhtml +#include ../../components/securitylevel/content/securityLevelPanel.inc.xhtml #include browser-allTabsMenu.inc.xhtml @@ -1136,6 +1139,8 @@ +#include ../../components/securitylevel/content/securityLevelButton.inc.xhtml + + diff --git a/browser/components/preferences/privacy.inc.xhtml b/browser/components/preferences/privacy.inc.xhtml index 572b0233c8c4..f36145ea80d4 100644 --- a/browser/components/preferences/privacy.inc.xhtml +++ b/browser/components/preferences/privacy.inc.xhtml @@ -913,6 +913,8 @@ +#include ../securitylevel/content/securityLevelPreferences.inc.xhtml + diff --git a/browser/components/preferences/privacy.js b/browser/components/preferences/privacy.js index 2cff75726546..949fa84c24ab 100644 --- a/browser/components/preferences/privacy.js +++ b/browser/components/preferences/privacy.js @@ -77,6 +77,12 @@ XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", function() { } });
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 23104: Add a default line height compensation
commit 8bbaf487ed0320dae43191fda73094d5011159c7 Author: Igor Oliveira Date: Sun Dec 10 18:16:59 2017 -0200 Bug 23104: Add a default line height compensation Many fonts have issues with their vertical metrics. they are used to influence the height of ascenders and depth of descenders. Gecko uses it to calculate the line height (font height + ascender + descender), however because of that idiosyncratic behavior across multiple operating systems, it can be used to identify the user's OS. The solution proposed in the patch uses a default factor to be multiplied with the font size, simulating the concept of ascender and descender. This way all operating systems will have the same line height only and only if the frame is outside the chrome. --- layout/generic/ReflowInput.cpp | 19 +--- layout/generic/test/mochitest.ini | 1 + layout/generic/test/test_tor_bug23104.html | 50 ++ 3 files changed, 65 insertions(+), 5 deletions(-) diff --git a/layout/generic/ReflowInput.cpp b/layout/generic/ReflowInput.cpp index 5b1f6d62043a..5da354f86558 100644 --- a/layout/generic/ReflowInput.cpp +++ b/layout/generic/ReflowInput.cpp @@ -30,6 +30,7 @@ #include #include "mozilla/dom/HTMLInputElement.h" #include "nsGridContainerFrame.h" +#include "nsContentUtils.h" using namespace mozilla; using namespace mozilla::css; @@ -2690,7 +2691,8 @@ void ReflowInput::CalculateBlockSideMargins(LayoutFrameType aFrameType) { // For risk management, we use preference to control the behavior, and // eNoExternalLeading is the old behavior. -static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { +static nscoord GetNormalLineHeight(nsIContent* aContent, + nsFontMetrics* aFontMetrics) { MOZ_ASSERT(nullptr != aFontMetrics, "no font metrics"); nscoord normalLineHeight; @@ -2698,6 +2700,12 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { nscoord externalLeading = aFontMetrics->ExternalLeading(); nscoord internalLeading = aFontMetrics->InternalLeading(); nscoord emHeight = aFontMetrics->EmHeight(); + + if (nsContentUtils::ShouldResistFingerprinting() && + !aContent->IsInChromeDocument()) { +return NSToCoordRound(emHeight * NORMAL_LINE_HEIGHT_FACTOR); + } + switch (GetNormalLineHeightCalcControl()) { case eIncludeExternalLeading: normalLineHeight = emHeight + internalLeading + externalLeading; @@ -2715,7 +2723,8 @@ static nscoord GetNormalLineHeight(nsFontMetrics* aFontMetrics) { return normalLineHeight; } -static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, +static inline nscoord ComputeLineHeight(nsIContent* aContent, +ComputedStyle* aComputedStyle, nsPresContext* aPresContext, nscoord aBlockBSize, float aFontSizeInflation) { @@ -2743,7 +2752,7 @@ static inline nscoord ComputeLineHeight(ComputedStyle* aComputedStyle, RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - return GetNormalLineHeight(fm); + return GetNormalLineHeight(aContent, fm); } nscoord ReflowInput::CalcLineHeight() const { @@ -2765,7 +2774,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, float aFontSizeInflation) { MOZ_ASSERT(aComputedStyle, "Must have a ComputedStyle"); - nscoord lineHeight = ComputeLineHeight(aComputedStyle, aPresContext, + nscoord lineHeight = ComputeLineHeight(aContent, aComputedStyle, aPresContext, aBlockBSize, aFontSizeInflation); NS_ASSERTION(lineHeight >= 0, "ComputeLineHeight screwed up"); @@ -2778,7 +2787,7 @@ nscoord ReflowInput::CalcLineHeight(nsIContent* aContent, if (!lh.IsNormal()) { RefPtr fm = nsLayoutUtils::GetFontMetricsForComputedStyle( aComputedStyle, aPresContext, aFontSizeInflation); - nscoord normal = GetNormalLineHeight(fm); + nscoord normal = GetNormalLineHeight(aContent, fm); if (lineHeight < normal) { lineHeight = normal; } diff --git a/layout/generic/test/mochitest.ini b/layout/generic/test/mochitest.ini index f6678d8d8e4e..c1602bbbc6b1 100644 --- a/layout/generic/test/mochitest.ini +++ b/layout/generic/test/mochitest.ini @@ -161,3 +161,4 @@ skip-if = debug == true || tsan # the test is slow. tsan: bug 1612707 [test_reframe_for_lazy_load_image.html] support-files = file_reframe_for_lazy_load_image.html +[test_tor_bug23104.html] diff --git a/layout/generic/test/test_tor_bug23104.html b/layout/generic/test/test_tor_bug23104.html new file mode 100644 index ..8ff1d2190c45 --- /dev/null +++ b/layout/generic/test/test_tor_bug23104.html @@ -0,0 +1,50 @@ + + + + +
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 4234: Use the Firefox Update Process for Tor Browser.
commit 14e54d43ad79ac9551190451609815589f8986ea Author: Kathy Brade Date: Fri Jan 13 11:40:24 2017 -0500 Bug 4234: Use the Firefox Update Process for Tor Browser. The following files are never updated: TorBrowser/Data/Browser/profiles.ini TorBrowser/Data/Browser/profile.default/bookmarks.html TorBrowser/Data/Tor/torrc Mac OS: Store update metadata under TorBrowser/UpdateInfo. Removed the %OS_VERSION% component from the update URL (13047) and added support for minSupportedOSVersion, an attribute of the element that may be used to trigger Firefox's "unsupported platform" behavior. Hide the "What's new" links (set app.releaseNotesURL value to about:blank). Windows: disable "runas" code path in updater (15201). Windows: avoid writing to the registry (16236). Also includes fixes for tickets 13047, 13301, 13356, 13594, 15406, 16014, 16909, 24476, and 25909. Also fix Bug 26049: reduce the delay before the update prompt is displayed. Instead of Firefox's 2 days, we use 1 hour (after which time the update doorhanger will be displayed). Also fix bug 27221: purge the startup cache if the Tor Browser version changed (even if the Firefox version and build ID did not change), e.g., after a minor Tor Browser update. Also fix 32616: Disable GetSecureOutputDirectoryPath() functionality. Bug 26048: potentially confusing "restart to update" message Within the update doorhanger, remove the misleading message that mentions that windows will be restored after an update is applied, and replace the "Restart and Restore" button label with an existing "Restart to update Tor Browser" string. Bug 28885: notify users that update is downloading Add a "Downloading Tor Browser update" item which appears in the hamburger (app) menu while the update service is downloading a MAR file. Before this change, the browser did not indicate to the user that an update was in progress, which is especially confusing in Tor Browser because downloads often take some time. If the user clicks on the new menu item, the about dialog is opened to allow the user to see download progress. As part of this fix, the update service was changed to always show update-related messages in the hamburger menu, even if the update was started in the foreground via the about dialog or via the "Check for Tor Browser Update" toolbar menu item. This change is consistent with the Tor Browser goal of making sure users are informed about the update process. Removed #28885 parts of this patch which have been uplifted to Firefox. Use a localized string from Torbutton for the app menu's "Downloading update" message. This is a temporary fix that can be removed once Tor Browser is based on Firefox 79 or newer (at which point the localized string will be included in the Firefox language packs). --- browser/app/Makefile.in| 2 + browser/app/profile/000-tor-browser.js | 16 +- browser/app/profile/firefox.js | 10 +- .../base/content/aboutDialog-appUpdater-legacy.js | 2 +- browser/base/content/aboutDialog-appUpdater.js | 2 +- browser/base/content/aboutDialog.js| 12 +- browser/components/BrowserContentHandler.jsm | 39 ++- .../customizableui/content/panelUI.inc.xhtml | 8 +- .../components/customizableui/content/panelUI.js | 22 ++ browser/confvars.sh| 35 +-- browser/installer/package-manifest.in | 2 + build/application.ini.in | 2 +- build/moz.configure/init.configure | 3 +- config/createprecomplete.py| 17 +- .../client/aboutdebugging/src/actions/runtimes.js | 5 + toolkit/modules/UpdateUtils.jsm| 34 +-- toolkit/mozapps/extensions/AddonManager.jsm| 24 ++ toolkit/mozapps/extensions/test/browser/head.js| 1 + .../extensions/test/xpcshell/head_addons.js| 1 + toolkit/mozapps/update/UpdateService.jsm | 127 +++- toolkit/mozapps/update/UpdateServiceStub.jsm | 4 + toolkit/mozapps/update/common/updatehelper.cpp | 8 + toolkit/mozapps/update/moz.build | 5 +- toolkit/mozapps/update/updater/launchchild_osx.mm | 2 + toolkit/mozapps/update/updater/moz.build | 2 +- toolkit/mozapps/update/updater/updater.cpp | 339 ++--- toolkit/xre/MacLaunchHelper.h | 2 + toolkit/xre/MacLaunchHelper.mm | 2 + toolkit/xre/nsAppRunner.cpp| 22 +- toolkit/xre/nsUpdateDriver.cpp | 109 ++- toolkit/xre/nsXREDirProvider.cpp | 42 ++- tools/update-packaging/common.sh
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing
commit 320bcc7288c1824bc2d1257c4f9bbd2475d4c2d1 Author: Mike Perry Date: Fri May 5 03:41:57 2017 -0700 Omnibox: Add DDG, Startpage, Disconnect, Youtube, Twitter; remove Amazon, eBay, bing eBay and Amazon don't treat Tor users very well. Accounts often get locked and payments reversed. Also: Bug 16322: Update DuckDuckGo search engine We are replacing the clearnet URL with an onion service one (thanks to a patch by a cypherpunk) and are removing the duplicated DDG search engine. Duplicating DDG happend due to bug 1061736 where Mozilla included DDG itself into Firefox. Interestingly, this caused breaking the DDG search if JavaScript is disabled as the Mozilla engine, which gets loaded earlier, does not use the html version of the search page. Moreover, the Mozilla engine tracked where the users were searching from by adding a respective parameter to the search query. We got rid of that feature as well. Also: This fixes bug 20809: the DuckDuckGo team has changed its server-side code in a way that lets users with JavaScript enabled use the default landing page while those without JavaScript available get redirected directly to the non-JS page. We adapt the search engine URLs accordingly. Also fixes bug 29798 by making sure we only specify the Google search engine we actually ship an .xml file for. Also regression tests. --- browser/app/profile/000-tor-browser.js | 9 +- .../search/extensions/ddg-onion/favicon.ico| Bin 0 -> 973 bytes .../search/extensions/ddg-onion/manifest.json | 26 .../components/search/extensions/ddg/favicon.ico | Bin 5430 -> 0 bytes .../components/search/extensions/ddg/favicon.png | Bin 0 -> 1150 bytes .../components/search/extensions/ddg/manifest.json | 40 +- .../extensions/google/_locales/b-1-d/messages.json | 23 .../extensions/google/_locales/b-1-e/messages.json | 23 .../extensions/google/_locales/b-d/messages.json | 23 .../extensions/google/_locales/b-e/messages.json | 23 .../extensions/google/_locales/en/messages.json| 24 .../search/extensions/google/manifest.json | 17 ++- browser/components/search/extensions/list.json | 141 ++--- .../search/extensions/startpage/favicon.png| Bin 0 -> 1150 bytes .../search/extensions/startpage/manifest.json | 26 .../search/extensions/twitter/favicon.ico | Bin 0 -> 1650 bytes .../search/extensions/twitter/manifest.json| 26 .../extensions/wikipedia/_locales/NN/messages.json | 20 --- .../extensions/wikipedia/_locales/NO/messages.json | 20 --- .../extensions/wikipedia/_locales/af/messages.json | 20 --- .../extensions/wikipedia/_locales/an/messages.json | 20 --- .../extensions/wikipedia/_locales/ar/messages.json | 20 --- .../wikipedia/_locales/ast/messages.json | 20 --- .../extensions/wikipedia/_locales/az/messages.json | 20 --- .../wikipedia/_locales/be-tarask/messages.json | 20 --- .../extensions/wikipedia/_locales/be/messages.json | 20 --- .../extensions/wikipedia/_locales/bg/messages.json | 20 --- .../extensions/wikipedia/_locales/bn/messages.json | 20 --- .../extensions/wikipedia/_locales/br/messages.json | 20 --- .../extensions/wikipedia/_locales/bs/messages.json | 20 --- .../extensions/wikipedia/_locales/ca/messages.json | 20 --- .../extensions/wikipedia/_locales/cy/messages.json | 20 --- .../extensions/wikipedia/_locales/cz/messages.json | 20 --- .../extensions/wikipedia/_locales/da/messages.json | 20 --- .../extensions/wikipedia/_locales/de/messages.json | 20 --- .../wikipedia/_locales/dsb/messages.json | 20 --- .../extensions/wikipedia/_locales/el/messages.json | 20 --- .../extensions/wikipedia/_locales/en/messages.json | 20 --- .../extensions/wikipedia/_locales/eo/messages.json | 20 --- .../extensions/wikipedia/_locales/es/messages.json | 20 --- .../extensions/wikipedia/_locales/et/messages.json | 20 --- .../extensions/wikipedia/_locales/eu/messages.json | 20 --- .../extensions/wikipedia/_locales/fa/messages.json | 20 --- .../extensions/wikipedia/_locales/fi/messages.json | 20 --- .../extensions/wikipedia/_locales/fr/messages.json | 20 --- .../wikipedia/_locales/fy-NL/messages.json | 20 --- .../wikipedia/_locales/ga-IE/messages.json | 20 --- .../extensions/wikipedia/_locales/gd/messages.json | 20 --- .../extensions/wikipedia/_locales/gl/messages.json | 20 --- .../extensions/wikipedia/_locales/gn/messages.json | 20 --- .../extensions/wikipedia/_locales/gu/messages.json | 20 --- .../extensions/wikipedia/_locales/he/messages.json | 20 --- .../extensions/wikipedia/_locales/hi/messages.json | 20 --- .../extensions/wikipedia/_locales/hr/messages.json | 20 --- .../wikipedia/_locales/hsb/messages.json | 20 ---
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 16285: Exclude ClearKey system for now
commit bd689b3ecc5463e796828cfe03c325f4fcb1163b Author: Georg Koppen Date: Mon May 22 12:44:40 2017 + Bug 16285: Exclude ClearKey system for now In the past the ClearKey system had not been compiled when specifying --disable-eme. But that changed and it is even bundled nowadays (see: Mozilla's bug 1300654). We don't want to ship it right now as the use case for it is not really visible while the code had security vulnerabilities in the past. --- browser/installer/package-manifest.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 792acb870afa..53b0b7ddf731 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -465,8 +465,8 @@ bin/libfreebl_64int_3.so #endif ; media -@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ -@RESPATH@/gmp-clearkey/0.1/manifest.json +;@RESPATH@/gmp-clearkey/0.1/@DLL_PREFIX@clearkey@DLL_SUFFIX@ +;@RESPATH@/gmp-clearkey/0.1/manifest.json #ifdef MOZ_DMD ; DMD ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 21830: Copying large text from web console leaks to /tmp
commit 75d10900192f95640d74e893804b72f9fb5bd108 Author: Georg Koppen Date: Fri Aug 4 05:55:49 2017 + Bug 21830: Copying large text from web console leaks to /tmp Patch written by Neill Miller --- widget/nsTransferable.cpp | 6 ++ 1 file changed, 6 insertions(+) diff --git a/widget/nsTransferable.cpp b/widget/nsTransferable.cpp index 9ccfc8639350..135135ab23a8 100644 --- a/widget/nsTransferable.cpp +++ b/widget/nsTransferable.cpp @@ -33,6 +33,7 @@ Notes to self: #include "nsILoadContext.h" #include "nsXULAppAPI.h" #include "mozilla/UniquePtr.h" +#include "mozilla/Preferences.h" using namespace mozilla; @@ -195,6 +196,11 @@ nsTransferable::Init(nsILoadContext* aContext) { if (aContext) { mPrivateData = aContext->UsePrivateBrowsing(); + } else { +// without aContext here to provide PrivateBrowsing information, +// we defer to the active configured setting +mPrivateData = +mozilla::Preferences::GetBool("browser.privatebrowsing.autostart"); } #ifdef DEBUG mInitialized = true; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 16940: After update, load local change notes.
commit 9031cfbd7f66e407de575dc5e97cfbe1c2acdaac Author: Kathy Brade Date: Wed Nov 25 11:36:20 2015 -0500 Bug 16940: After update, load local change notes. Add an about:tbupdate page that displays the first section from TorBrowser/Docs/ChangeLog.txt and includes a link to the remote post-update page (typically our blog entry for the release). Always load about:tbupdate in a content process, but implement the code that reads the file system (changelog) in the chrome process for compatibility with future sandboxing efforts. Also fix bug 29440. Now about:tbupdate is styled as a fairly simple changelog page that is designed to be displayed via a link that is on about:tor. --- browser/actors/AboutTBUpdateChild.jsm | 53 browser/actors/moz.build | 5 + .../base/content/abouttbupdate/aboutTBUpdate.css | 74 .../base/content/abouttbupdate/aboutTBUpdate.js| 10 ++ .../base/content/abouttbupdate/aboutTBUpdate.xhtml | 39 ++ browser/base/content/browser-siteIdentity.js | 2 +- browser/base/content/browser.js| 4 + browser/base/jar.mn| 5 + browser/components/BrowserContentHandler.jsm | 55 ++--- browser/components/BrowserGlue.jsm | 25 browser/components/about/AboutRedirector.cpp | 6 + browser/components/about/components.conf | 3 + browser/components/moz.build | 5 +- .../locales/en-US/chrome/browser/aboutTBUpdate.dtd | 8 ++ browser/locales/jar.mn | 3 + browser/modules/AboutTBUpdate.jsm | 134 + browser/modules/moz.build | 5 + 17 files changed, 420 insertions(+), 16 deletions(-) diff --git a/browser/actors/AboutTBUpdateChild.jsm b/browser/actors/AboutTBUpdateChild.jsm new file mode 100644 index ..91bb4dbba888 --- /dev/null +++ b/browser/actors/AboutTBUpdateChild.jsm @@ -0,0 +1,53 @@ +// Copyright (c) 2019, The Tor Project, Inc. +// See LICENSE for licensing information. +// +// vim: set sw=2 sts=2 ts=8 et syntax=javascript: + +var EXPORTED_SYMBOLS = ["AboutTBUpdateChild"]; + +const {ActorChild} = ChromeUtils.import("resource://gre/modules/ActorChild.jsm"); + +class AboutTBUpdateChild extends ActorChild { + receiveMessage(aMessage) { +if (aMessage.name == "AboutTBUpdate:Update") + this.onUpdate(aMessage.data); + } + + handleEvent(aEvent) { +switch (aEvent.type) { + case "AboutTBUpdateLoad": +this.onPageLoad(); +break; + case "pagehide": +this.onPageHide(aEvent); +break; +} + } + + // aData may contain the following string properties: + // version + // releaseDate + // moreInfoURL + // releaseNotes + onUpdate(aData) { +let doc = this.content.document; +doc.getElementById("version-content").textContent = aData.version; +if (aData.releaseDate) { + doc.body.setAttribute("havereleasedate", "true"); + doc.getElementById("releasedate-content").textContent = aData.releaseDate; +} +if (aData.moreInfoURL) + doc.getElementById("infolink").setAttribute("href", aData.moreInfoURL); +doc.getElementById("releasenotes-content").textContent = aData.releaseNotes; + } + + onPageLoad() { +this.mm.sendAsyncMessage("AboutTBUpdate:RequestUpdate"); + } + + onPageHide(aEvent) { +if (aEvent.target.defaultView.frameElement) { + return; +} + } +} diff --git a/browser/actors/moz.build b/browser/actors/moz.build index 4b903146699e..e70f0f09fe3a 100644 --- a/browser/actors/moz.build +++ b/browser/actors/moz.build @@ -74,3 +74,8 @@ FINAL_TARGET_FILES.actors += [ 'WebRTCChild.jsm', 'WebRTCParent.jsm', ] + +if CONFIG['TOR_BROWSER_UPDATE']: +FINAL_TARGET_FILES.actors += [ +'AboutTBUpdateChild.jsm', +] diff --git a/browser/base/content/abouttbupdate/aboutTBUpdate.css b/browser/base/content/abouttbupdate/aboutTBUpdate.css new file mode 100644 index ..7c1a34b77f17 --- /dev/null +++ b/browser/base/content/abouttbupdate/aboutTBUpdate.css @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2019, The Tor Project, Inc. + * See LICENSE for licensing information. + * + * vim: set sw=2 sts=2 ts=8 et syntax=css: + */ + +:root { + --abouttor-text-color: white; + --abouttor-bg-toron-color: #420C5D; +} + +body { + font-family: Helvetica, Arial, sans-serif; + color: var(--abouttor-text-color); + background-color: var(--abouttor-bg-toron-color); + background-attachment: fixed; + background-size: 100% 100%; +} + +a { + color: var(--abouttor-text-color); +} + +.two-column-grid { + display: inline-grid; + grid-template-columns: auto auto; + grid-column-gap: 50px; + margin: 10px 0px 0px 50px; +} + +.two-column-grid div { + margin-top: 40px; + align-self: baseline; /* Align baseline of text across the row. */
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 11641: change TBB directory structure to be more like Firefox's
commit d69a4fe13d41e7bfd30055b1c985f601d766e7fd Author: Kathy Brade Date: Tue Apr 29 13:08:24 2014 -0400 Bug 11641: change TBB directory structure to be more like Firefox's Unless the -osint command line flag is used, the browser now defaults to the equivalent of -no-remote. There is a new -allow-remote flag that may be used to restore the original (Firefox-like) default behavior. --- toolkit/xre/nsAppRunner.cpp | 21 - 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 9854332f6917..69006b49250e 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1429,8 +1429,10 @@ static void DumpHelp() { " --migrationStart with migration wizard.\n" " --ProfileManager Start with ProfileManager.\n" #ifdef MOZ_HAS_REMOTE - " --no-remoteDo not accept or send remote commands; implies\n" + " --no-remote(default) Do not accept or send remote commands; " + "implies\n" " --new-instance.\n" + " --allow-remote Accept and send remote commands.\n" " --new-instance Open new instance, not a new window in running " "instance.\n" #endif @@ -3543,16 +3545,25 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { gSafeMode); #if defined(MOZ_HAS_REMOTE) + // In Tor Browser, remoting is disabled by default unless -osint is used. + bool allowRemote = (CheckArg("allow-remote") == ARG_FOUND); + bool isOsint = (CheckArg("osint", nullptr, CheckArgFlag::None) == ARG_FOUND); + if (!allowRemote && !isOsint) { +SaveToEnv("MOZ_NO_REMOTE=1"); + } // Handle --no-remote and --new-instance command line arguments. Setup // the environment to better accommodate other components and various // restart scenarios. ar = CheckArg("no-remote"); - if (ar == ARG_FOUND || EnvHasValue("MOZ_NO_REMOTE")) { + if ((ar == ARG_FOUND) && allowRemote) { +PR_fprintf(PR_STDERR, + "Error: argument --no-remote is invalid when argument " + "--allow-remote is specified\n"); +return 1; + } + if (EnvHasValue("MOZ_NO_REMOTE")) { mDisableRemoteClient = true; mDisableRemoteServer = true; -if (!EnvHasValue("MOZ_NO_REMOTE")) { - SaveToEnv("MOZ_NO_REMOTE=1"); -} } ar = CheckArg("new-instance"); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 21724: Make Firefox and Tor Browser distinct macOS apps
commit 01b3ed01f7c75a2b4d34782c490a4dc2c8277b0c Author: teor Date: Mon Mar 13 23:06:23 2017 +1100 Bug 21724: Make Firefox and Tor Browser distinct macOS apps When macOS opens a document or selects a default browser, it sometimes uses the CFBundleSignature. Changing from the Firefox MOZB signature to a different signature TORB allows macOS to distinguish between Firefox and Tor Browser. --- browser/app/Makefile.in | 2 +- browser/app/macbuild/Contents/Info.plist.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in index 1aec6541fc0f..6770319f1866 100644 --- a/browser/app/Makefile.in +++ b/browser/app/Makefile.in @@ -103,5 +103,5 @@ ifdef MOZ_UPDATER mv -f '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' '$(dist_dest)/Contents/Library/LaunchServices' ln -s ../../../../Library/LaunchServices/org.mozilla.updater '$(dist_dest)/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater' endif - printf APPLMOZB > '$(dist_dest)/Contents/PkgInfo' + printf APPLTORB > '$(dist_dest)/Contents/PkgInfo' endif diff --git a/browser/app/macbuild/Contents/Info.plist.in b/browser/app/macbuild/Contents/Info.plist.in index f6791ea48125..95b3bc83905c 100644 --- a/browser/app/macbuild/Contents/Info.plist.in +++ b/browser/app/macbuild/Contents/Info.plist.in @@ -179,7 +179,7 @@ CFBundleShortVersionString %APP_VERSION% CFBundleSignature - MOZB + TORB CFBundleURLTypes ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 13379: Sign our MAR files.
commit 419c791d6522d4ff1d66b53cc67fb8c50fb800d6 Author: Kathy Brade Date: Wed Dec 17 16:37:11 2014 -0500 Bug 13379: Sign our MAR files. Configure with --enable-verify-mar (when updating, require a valid signature on the MAR file before it is applied). Use the Tor Browser version instead of the Firefox version inside the MAR file info block (necessary to prevent downgrade attacks). Use NSS on all platforms for checking MAR signatures (instead of using OS-native APIs, which Mozilla does on Mac OS and Windows). So that the NSS and NSPR libraries the updater depends on can be found at runtime, we add the firefox directory to the shared library search path on macOS. On Linux, rpath is used by Mozilla to solve that problem, but that approach won't work on macOS because the updater executable is copied during the update process to a location that is under TorBrowser-Data, and the location of TorBrowser-Data varies. Also includes the fix for bug 18900. --- .mozconfig | 1 + .mozconfig-asan| 1 + .mozconfig-mac | 1 + .mozconfig-mingw | 1 + modules/libmar/tool/mar.c | 6 +-- modules/libmar/tool/moz.build | 12 -- modules/libmar/verify/moz.build| 14 +++--- .../mozapps/update/updater/updater-common.build| 24 +-- toolkit/mozapps/update/updater/updater.cpp | 25 +++ toolkit/xre/moz.build | 3 ++ toolkit/xre/nsUpdateDriver.cpp | 50 ++ 11 files changed, 113 insertions(+), 25 deletions(-) diff --git a/.mozconfig b/.mozconfig index 18cd1f9b6487..c50c57d410de 100755 --- a/.mozconfig +++ b/.mozconfig @@ -37,3 +37,4 @@ ac_add_options MOZ_TELEMETRY_REPORTING= ac_add_options --disable-tor-launcher ac_add_options --with-tor-browser-version=dev-build ac_add_options --disable-tor-browser-update +ac_add_options --enable-verify-mar diff --git a/.mozconfig-asan b/.mozconfig-asan index 98ea6ac6f3fe..8bee813bfee8 100644 --- a/.mozconfig-asan +++ b/.mozconfig-asan @@ -30,6 +30,7 @@ ac_add_options --enable-official-branding ac_add_options --enable-default-toolkit=cairo-gtk3 ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-strip ac_add_options --disable-install-strip diff --git a/.mozconfig-mac b/.mozconfig-mac index 26e2b6b92fdb..5b4624ef1f67 100644 --- a/.mozconfig-mac +++ b/.mozconfig-mac @@ -43,6 +43,7 @@ ac_add_options --disable-debug ac_add_options --enable-tor-browser-data-outside-app-dir ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-crashreporter ac_add_options --disable-webrtc diff --git a/.mozconfig-mingw b/.mozconfig-mingw index 3ec6ff18a3e9..ce6ace1dad67 100644 --- a/.mozconfig-mingw +++ b/.mozconfig-mingw @@ -15,6 +15,7 @@ ac_add_options --enable-strip ac_add_options --enable-official-branding ac_add_options --enable-tor-browser-update +ac_add_options --enable-verify-mar ac_add_options --disable-bits-download # Let's make sure no preference is enabling either Adobe's or Google's CDM. diff --git a/modules/libmar/tool/mar.c b/modules/libmar/tool/mar.c index 0bf2cb4bd1d4..ea2b79924914 100644 --- a/modules/libmar/tool/mar.c +++ b/modules/libmar/tool/mar.c @@ -65,7 +65,7 @@ static void print_usage() { "signed_input_archive.mar base_64_encoded_signature_file " "changed_signed_output.mar\n"); printf("(i) is the index of the certificate to extract\n"); -# if defined(XP_MACOSX) || (defined(XP_WIN) && !defined(MAR_NSS)) +# if (defined(XP_MACOSX) || defined(XP_WIN)) && !defined(MAR_NSS) printf("Verify a MAR file:\n"); printf(" mar [-C workingDir] -D DERFilePath -v signed_archive.mar\n"); printf( @@ -149,7 +149,7 @@ int main(int argc, char** argv) { memset((void*)certBuffers, 0, sizeof(certBuffers)); #endif #if !defined(NO_SIGN_VERIFY) && \ -((!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX)) +(!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) memset(DERFilePaths, 0, sizeof(DERFilePaths)); memset(fileSizes, 0, sizeof(fileSizes)); #endif @@ -181,7 +181,7 @@ int main(int argc, char** argv) { argc -= 2; } #if !defined(NO_SIGN_VERIFY) -# if (!defined(MAR_NSS) && defined(XP_WIN)) || defined(XP_MACOSX) +# if (!defined(MAR_NSS) && (defined(XP_WIN) || defined(XP_MACOSX))) /* -D DERFilePath, also matches -D[index] DERFilePath We allow an index for verifying to be symmetric with the import and export command line arguments. */ diff --git a/modules/libmar/tool/moz.build b/modules/libmar/tool/moz.build index 19653fb0b073..8953af0bb15c 100644 --- a/modules/libmar/tool/moz.build +++
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 19121: reinstate the update.xml hash check
commit dcf21efedf73b9a28b42a78b5ccd49980e320c55 Author: Kathy Brade Date: Mon Apr 23 15:22:57 2018 -0400 Bug 19121: reinstate the update.xml hash check Revert most changes from Mozilla Bug 1373267 "Remove hashFunction and hashValue attributes from nsIUpdatePatch and code related to these attributes." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. Also partial revert of commit f1241db6986e4b54473a1ed870f7584c75d51122. Revert the nsUpdateService.js changes from Mozilla Bug 862173 "don't verify mar file hash when using mar signing to verify the mar file (lessens main thread I/O)." Changes to the tests were not reverted; the tests have been changed significantly and we do not run automated updater tests for Tor Browser at this time. We kept the addition to the AppConstants API in case other JS code references it in the future. --- toolkit/modules/AppConstants.jsm| 7 toolkit/mozapps/update/UpdateService.jsm| 63 - toolkit/mozapps/update/UpdateTelemetry.jsm | 1 + toolkit/mozapps/update/nsIUpdateService.idl | 11 + 4 files changed, 81 insertions(+), 1 deletion(-) diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm index cd8ca2659626..84516f0d4c66 100644 --- a/toolkit/modules/AppConstants.jsm +++ b/toolkit/modules/AppConstants.jsm @@ -212,6 +212,13 @@ this.AppConstants = Object.freeze({ false, #endif + MOZ_VERIFY_MAR_SIGNATURE: +#ifdef MOZ_VERIFY_MAR_SIGNATURE + true, +#else + false, +#endif + MOZ_MAINTENANCE_SERVICE: #ifdef MOZ_MAINTENANCE_SERVICE true, diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 1dc86a073646..ead961ab5252 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -742,6 +742,20 @@ function LOG(string) { } } +/** + * Convert a string containing binary values to hex. + */ +function binaryToHex(input) { + var result = ""; + for (var i = 0; i < input.length; ++i) { +var hex = input.charCodeAt(i).toString(16); +if (hex.length == 1) + hex = "0" + hex; +result += hex; + } + return result; +} + /** * Gets the specified directory at the specified hierarchy under the * update root directory and creates it if it doesn't exist. @@ -1534,6 +1548,8 @@ function UpdatePatch(patch) { } break; case "finalURL": + case "hashFunction": + case "hashValue": case "state": case "type": case "URL": @@ -1553,6 +1569,8 @@ UpdatePatch.prototype = { // over writing nsIUpdatePatch attributes. _attrNames: [ "errorCode", +"hashFunction", +"hashValue", "finalURL", "selected", "size", @@ -1566,6 +1584,8 @@ UpdatePatch.prototype = { */ serialize: function UpdatePatch_serialize(updates) { var patch = updates.createElementNS(URI_UPDATE_NS, "patch"); +patch.setAttribute("hashFunction", this.hashFunction); +patch.setAttribute("hashValue", this.hashValue); patch.setAttribute("size", this.size); patch.setAttribute("type", this.type); patch.setAttribute("URL", this.URL); @@ -4315,7 +4335,42 @@ Downloader.prototype = { } LOG("Downloader:_verifyDownload downloaded size == expected size."); -return true; +let fileStream = Cc["@mozilla.org/network/file-input-stream;1"]. + createInstance(Ci.nsIFileInputStream); +fileStream.init(destination, FileUtils.MODE_RDONLY, FileUtils.PERMS_FILE, 0); + +let digest; +try { + let hash = Cc["@mozilla.org/security/hash;1"]. + createInstance(Ci.nsICryptoHash); + var hashFunction = Ci.nsICryptoHash[this._patch.hashFunction.toUpperCase()]; + if (hashFunction == undefined) { +throw Cr.NS_ERROR_UNEXPECTED; + } + hash.init(hashFunction); + hash.updateFromStream(fileStream, -1); + // NOTE: For now, we assume that the format of _patch.hashValue is hex + // encoded binary (such as what is typically output by programs like + // sha1sum). In the future, this may change to base64 depending on how + // we choose to compute these hashes. + digest = binaryToHex(hash.finish(false)); +} catch (e) { + LOG("Downloader:_verifyDownload - failed to compute hash of the " + + "downloaded update archive"); + digest = ""; +} + +fileStream.close(); + +if (digest == this._patch.hashValue.toLowerCase()) { + LOG("Downloader:_verifyDownload hashes match."); + return true; +} + +LOG("Downloader:_verifyDownload hashes do not match. "); +AUSTLMY.pingDownloadCode(this.isCompleteUpdate, + AUSTLMY.DWNLD_ERR_VERIFY_NO_HASH_MATCH); +return false; }, /** @@ -4889,6
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 18821: Disable libmdns for Android and Desktop
commit 9e14f7f3b9aacd82d8408b7f69bd5032fab2152f Author: Georg Koppen Date: Wed Apr 20 14:34:50 2016 + Bug 18821: Disable libmdns for Android and Desktop There should be no need to remove the OS X support introduced in https://bugzilla.mozilla.org/show_bug.cgi?id=1225726 as enabling this is governed by a preference (which is actually set to `false`). However, we remove it at build time as well (defense in depth). This is basically a backout of the relevant passages of https://hg.mozilla.org/mozilla-central/rev/6bfb430de85d, https://hg.mozilla.org/mozilla-central/rev/609b337bf7ab and https://hg.mozilla.org/mozilla-central/rev/8e092ec5fbbd. Fixed bug 21861 (Disable additional mDNS code to avoid proxy bypasses) as well. --- dom/presentation/provider/components.conf | 10 -- dom/presentation/provider/moz.build | 1 - netwerk/dns/mdns/libmdns/components.conf | 15 --- netwerk/dns/mdns/libmdns/moz.build| 28 4 files changed, 54 deletions(-) diff --git a/dom/presentation/provider/components.conf b/dom/presentation/provider/components.conf index 04cb28ec757e..56994ed7cd94 100644 --- a/dom/presentation/provider/components.conf +++ b/dom/presentation/provider/components.conf @@ -6,9 +6,6 @@ categories = {} -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] in ('cocoa', 'android'): -categories["presentation-device-provider"] = "MulticastDNSDeviceProvider" - Classes = [ { 'cid': '{f4079b8b-ede5-4b90-a112-5b415a931deb}', @@ -16,11 +13,4 @@ Classes = [ 'jsm': 'resource://gre/modules/PresentationControlService.jsm', 'constructor': 'PresentationControlService', }, -{ -'cid': '{814f947a-52f7-41c9-94a1-3684797284ac}', -'contract_ids': ['@mozilla.org/presentation-device/multicastdns-provider;1'], -'type': 'mozilla::dom::presentation::MulticastDNSDeviceProvider', -'headers': ['/dom/presentation/provider/MulticastDNSDeviceProvider.h'], -'categories': categories, -}, ] diff --git a/dom/presentation/provider/moz.build b/dom/presentation/provider/moz.build index eaea61af415a..d97b75ddbcf9 100644 --- a/dom/presentation/provider/moz.build +++ b/dom/presentation/provider/moz.build @@ -10,7 +10,6 @@ EXTRA_JS_MODULES += [ UNIFIED_SOURCES += [ 'DeviceProviderHelpers.cpp', -'MulticastDNSDeviceProvider.cpp', ] XPCOM_MANIFESTS += [ diff --git a/netwerk/dns/mdns/libmdns/components.conf b/netwerk/dns/mdns/libmdns/components.conf index 6e64140c820e..1b50dbf673a4 100644 --- a/netwerk/dns/mdns/libmdns/components.conf +++ b/netwerk/dns/mdns/libmdns/components.conf @@ -5,20 +5,5 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. Classes = [ -{ -'cid': '{14a50f2b-7ff6-48a5-88e3-615fd111f5d3}', -'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-info;1'], -'type': 'mozilla::net::nsDNSServiceInfo', -'headers': ['/netwerk/dns/mdns/libmdns/nsDNSServiceInfo.h'], -}, ] -if buildconfig.substs['MOZ_WIDGET_TOOLKIT'] != 'cocoa': -Classes += [ -{ -'cid': '{f9346d98-f27a-4e89-b744-493843416480}', -'contract_ids': ['@mozilla.org/toolkit/components/mdnsresponder/dns-sd;1'], -'jsm': 'resource://gre/modules/DNSServiceDiscovery.jsm', -'constructor': 'nsDNSServiceDiscovery', -}, -] diff --git a/netwerk/dns/mdns/libmdns/moz.build b/netwerk/dns/mdns/libmdns/moz.build index 05dc75eb9eda..a6fc1a8a559a 100644 --- a/netwerk/dns/mdns/libmdns/moz.build +++ b/netwerk/dns/mdns/libmdns/moz.build @@ -4,34 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': -UNIFIED_SOURCES += [ -'MDNSResponderOperator.cpp', -'MDNSResponderReply.cpp', -'nsDNSServiceDiscovery.cpp', -] - -LOCAL_INCLUDES += [ - '/netwerk/base', -] - -else: -EXTRA_JS_MODULES += [ -'DNSServiceDiscovery.jsm', -'fallback/DataReader.jsm', -'fallback/DataWriter.jsm', -'fallback/DNSPacket.jsm', -'fallback/DNSRecord.jsm', -'fallback/DNSResourceRecord.jsm', -'fallback/DNSTypes.jsm', -'fallback/MulticastDNS.jsm', -] - -if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': -EXTRA_JS_MODULES += [ -'MulticastDNSAndroid.jsm', -] - UNIFIED_SOURCES += [ 'nsDNSServiceInfo.cpp', ] ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Add TorStrings module for localization
commit f91e7e8fcd6df27476d40884aa77393f9bbcf9c6 Author: Alex Catarineu Date: Fri Jul 24 21:15:20 2020 +0200 Add TorStrings module for localization --- browser/modules/TorStrings.jsm | 490 + browser/modules/moz.build | 1 + 2 files changed, 491 insertions(+) diff --git a/browser/modules/TorStrings.jsm b/browser/modules/TorStrings.jsm new file mode 100644 index ..e8a8d37ae373 --- /dev/null +++ b/browser/modules/TorStrings.jsm @@ -0,0 +1,490 @@ +"use strict"; + +var EXPORTED_SYMBOLS = ["TorStrings"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); +const { Services } = ChromeUtils.import( + "resource://gre/modules/Services.jsm" +); +const { getLocale } = ChromeUtils.import( + "resource://torbutton/modules/utils.js" +); + +XPCOMUtils.defineLazyGlobalGetters(this, ["DOMParser"]); +XPCOMUtils.defineLazyGetter(this, "domParser", () => { + const parser = new DOMParser(); + parser.forceEnableDTD(); + return parser; +}); + +/* + Tor DTD String Bundle + + DTD strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorDTDStringBundle { + constructor(aBundleURLs, aPrefix) { +let locations = []; +for (const [index, url] of aBundleURLs.entries()) { + locations.push(`%dtd_${index};`); +} +this._locations = locations; +this._prefix = aPrefix; + } + + // copied from testing/marionette/l10n.js + localizeEntity(urls, id) { +// Use the DOM parser to resolve the entity and extract its real value +let header = ``; +let elem = `&${id};`; +let doc = domParser.parseFromString(header + elem, "text/xml"); +let element = doc.querySelector("elem[id='elementID']"); + +if (element === null) { + throw new Error(`Entity with id='${id}' hasn't been found`); +} + +return element.textContent; + } + + getString(key, fallback) { +if (key) { + try { +return this.localizeEntity(this._bundleURLs, `${this._prefix}${key}`); + } catch (e) {} +} + +// on failure, assign the fallback if it exists +if (fallback) { + return fallback; +} +// otherwise return string key +return `$(${key})`; + } +} + +/* + Tor Property String Bundle + + Property strings loaded from torbutton/tor-launcher, but provide a fallback in case they aren't available +*/ +class TorPropertyStringBundle { + constructor(aBundleURL, aPrefix) { +try { + this._bundle = Services.strings.createBundle(aBundleURL); +} catch (e) {} + +this._prefix = aPrefix; + } + + getString(key, fallback) { +if (key) { + try { +return this._bundle.GetStringFromName(`${this._prefix}${key}`); + } catch (e) {} +} + +// on failure, assign the fallback if it exists +if (fallback) { + return fallback; +} +// otherwise return string key +return `$(${key})`; + } +} + +/* + Security Level Strings +*/ +var TorStrings = { + /* +Tor Browser Security Level Strings + */ + securityLevel: (function() { +let tsb = new TorDTDStringBundle( + ["chrome://torbutton/locale/torbutton.dtd"], + "torbutton.prefs.sec_" +); +let getString = function(key, fallback) { + return tsb.getString(key, fallback); +}; + +// read localized strings from torbutton; but use hard-coded en-US strings as fallbacks in case of error +let retval = { + securityLevel: getString("caption", "Security Level"), + customWarning: getString("custom_warning", "Custom"), + overview: getString( +"overview", +"Disable certain web features that can be used to attack your security and anonymity." + ), + standard: { +level: getString("standard_label", "Standard"), +tooltip: getString("standard_tooltip", "Security Level : Standard"), +summary: getString( + "standard_description", + "All Tor Browser and website features are enabled." +), + }, + safer: { +level: getString("safer_label", "Safer"), +tooltip: getString("safer_tooltip", "Security Level : Safer"), +summary: getString( + "safer_description", + "Disables website features that are often dangerous, causing some sites to lose functionality." +), +description1: getString( + "js_on_https_sites_only", + "JavaScript is disabled on non-HTTPS sites." +), +description2: getString( + "limit_typography", + "Some fonts and math symbols are disabled." +), +description3: getString( + "click_to_play_media", + "Audio and video (HTML5 media), and WebGL are click-to-play." +), + }, + safest: { +level: getString("safest_label", "Safest"), +tooltip: getString("safest_tooltip", "Security Level : Safest"), +summary: getString( +
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp
commit 3fff4c3437ce8442abe53f43096afcda25aaa61f Author: Kathy Brade Date: Thu Apr 21 10:40:26 2016 -0400 Bug 18800: Remove localhost DNS lookup in nsProfileLock.cpp Instead of using the local computer's IP address within symlink-based profile lock signatures, always use 127.0.0.1. --- toolkit/profile/nsProfileLock.cpp | 17 - 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/toolkit/profile/nsProfileLock.cpp b/toolkit/profile/nsProfileLock.cpp index 25c4f5a79e56..1942815e3446 100644 --- a/toolkit/profile/nsProfileLock.cpp +++ b/toolkit/profile/nsProfileLock.cpp @@ -289,18 +289,17 @@ nsresult nsProfileLock::LockWithSymlink(nsIFile* aLockFile, if (!mReplacedLockTime) aLockFile->GetLastModifiedTimeOfLink(); + // For Tor Browser, avoid a DNS lookup here so the Tor network is not + // bypassed. Instead, always use 127.0.0.1 for the IP address portion + // of the lock signature, which may cause the browser to refuse to + // start in the rare event that all of the following conditions are met: + // 1. The browser profile is on a network file system. + // 2. The file system does not support fcntl() locking. + // 3. Tor Browser is run from two different computers at the same time. + struct in_addr inaddr; inaddr.s_addr = htonl(INADDR_LOOPBACK); - char hostname[256]; - PRStatus status = PR_GetSystemInfo(PR_SI_HOSTNAME, hostname, sizeof hostname); - if (status == PR_SUCCESS) { -char netdbbuf[PR_NETDB_BUF_SIZE]; -PRHostEnt hostent; -status = PR_GetHostByName(hostname, netdbbuf, sizeof netdbbuf, ); -if (status == PR_SUCCESS) memcpy(, hostent.h_addr, sizeof inaddr); - } - mozilla::SmprintfPointer signature = mozilla::Smprintf("%s:%s%lu", inet_ntoa(inaddr), aHaveFcntlLock ? "+" : "", (unsigned long)getpid()); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 13252: Do not store data in the app bundle
commit 4224ffb11eb968cd36555fe04896c4c37f88e417 Author: Kathy Brade Date: Fri Mar 18 14:20:02 2016 -0400 Bug 13252: Do not store data in the app bundle When --enable-tor-browser-data-outside-app-dir is enabled, all user data is stored in a directory named TorBrowser-Data which is located next to the application directory. Display an informative error message if the TorBrowser-Data directory cannot be created due to an "access denied" or a "read only volume" error. On Mac OS, add support for the --invisible command line option which is used by the meek-http-helper to avoid showing an icon for the helper browser on the dock. --- toolkit/xre/nsAppRunner.cpp| 76 +++--- toolkit/xre/nsXREDirProvider.cpp | 43 +- toolkit/xre/nsXREDirProvider.h | 6 ++ xpcom/io/TorFileUtils.cpp | 142 + xpcom/io/TorFileUtils.h| 33 xpcom/io/moz.build | 5 ++ xpcom/io/nsAppFileLocationProvider.cpp | 53 +--- 7 files changed, 290 insertions(+), 68 deletions(-) diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8de43a8c4cfc..9854332f6917 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -1886,6 +1886,8 @@ static nsresult ProfileMissingDialog(nsINativeAppSupport* aNative) { } } +// If aUnlocker is NULL, it is also OK for the following arguments to be NULL: +// aProfileDir, aProfileLocalDir, aResult. static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIFile* aProfileLocalDir, ProfileStatus aStatus, @@ -1894,17 +1896,19 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, nsIProfileLock** aResult) { nsresult rv; - bool exists; - aProfileDir->Exists(); - if (!exists) { -return ProfileMissingDialog(aNative); + if (aProfileDir) { +bool exists; +aProfileDir->Exists(); +if (!exists) { + return ProfileMissingDialog(aNative); +} } ScopedXPCOMStartup xpcom; rv = xpcom.Initialize(); NS_ENSURE_SUCCESS(rv, rv); - mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); + if (aProfileDir) mozilla::Telemetry::WriteFailedProfileLock(aProfileDir); rv = xpcom.SetWindowCreator(aNative); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); @@ -1994,7 +1998,8 @@ static ReturnAbortOnError ProfileErrorDialog(nsIFile* aProfileDir, } } else { #ifdef MOZ_WIDGET_ANDROID - if (java::GeckoAppShell::UnlockProfile()) { + if (aProfileDir && aProfileLocalDir && aResult && + java::GeckoAppShell::UnlockProfile()) { return NS_LockProfilePath(aProfileDir, aProfileLocalDir, nullptr, aResult); } @@ -2102,6 +2107,23 @@ static ReturnAbortOnError ShowProfileManager( return LaunchChild(false); } +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR +static ProfileStatus CheckTorBrowserDataWriteAccess(nsIFile* aAppDir) { + // Check whether we can write to the directory that will contain + // TorBrowser-Data. + nsCOMPtr tbDataDir; + RefPtr dirProvider = nsXREDirProvider::GetSingleton(); + if (!dirProvider) return PROFILE_STATUS_OTHER_ERROR; + nsresult rv = + dirProvider->GetTorBrowserUserDataDir(getter_AddRefs(tbDataDir)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + nsCOMPtr tbDataDirParent; + rv = tbDataDir->GetParent(getter_AddRefs(tbDataDirParent)); + NS_ENSURE_SUCCESS(rv, PROFILE_STATUS_OTHER_ERROR); + return nsToolkitProfileService::CheckProfileWriteAccess(tbDataDirParent); +} +#endif + static bool gDoMigration = false; static bool gDoProfileReset = false; static nsCOMPtr gResetOldProfile; @@ -3178,6 +3200,14 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if (PR_GetEnv("XRE_MAIN_BREAK")) NS_BREAK(); #endif +#if defined(XP_MACOSX) && defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + bool hideDockIcon = (CheckArg("invisible") == ARG_FOUND); + if (hideDockIcon) { +ProcessSerialNumber psn = {0, kCurrentProcess}; +TransformProcessType(, kProcessTransformToBackgroundApplication); + } +#endif + IncreaseDescriptorLimits(); #ifdef USE_GLX_TEST @@ -4026,7 +4056,34 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) { return 0; } +#if (defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID)) || \ +defined(TOR_BROWSER_DATA_OUTSIDE_APP_DIR) + nsCOMPtr exeFile, exeDir; + bool persistent; + rv = mDirProvider.GetFile(XRE_EXECUTABLE_FILE, , +getter_AddRefs(exeFile)); + NS_ENSURE_SUCCESS(rv, 1); + rv = exeFile->GetParent(getter_AddRefs(exeDir)); + NS_ENSURE_SUCCESS(rv, 1); +#endif + rv = NS_NewToolkitProfileService(getter_AddRefs(mProfileSvc)); +#ifdef TOR_BROWSER_DATA_OUTSIDE_APP_DIR + if (NS_FAILED(rv)) { +//
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 19273: Avoid JavaScript patching of the external app helper dialog.
commit 1fa8ac7f02880e8353908efae11b8a071d2ebd0b Author: Kathy Brade Date: Tue Jun 28 15:13:05 2016 -0400 Bug 19273: Avoid JavaScript patching of the external app helper dialog. When handling an external URI or downloading a file, invoke Torbutton's external app blocker component (which will present a download warning dialog unless the user has checked the "Automatically download files from now on" box). For e10s compatibility, avoid using a modal dialog and instead use a callback interface (nsIHelperAppWarningLauncher) to allow Torbutton to indicate the user's desire to cancel or continue each request. Other bugs fixed: Bug 21766: Crash with e10s enabled while trying to download a file Bug 21886: Download is stalled in non-e10s mode Bug 22471: Downloading files via the PDF viewer download button is broken Bug 22472: Fix FTP downloads when external helper app dialog is shown Bug 22610: Avoid crashes when canceling external helper app downloads Bug 22618: Downloading pdf file via file:/// is stalling --- .../exthandler/nsExternalHelperAppService.cpp | 202 + uriloader/exthandler/nsExternalHelperAppService.h | 3 + .../exthandler/nsIExternalHelperAppService.idl | 47 + 3 files changed, 217 insertions(+), 35 deletions(-) diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 4ff7ed2e27cc..0dcc1d3ed6ab 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -132,6 +132,9 @@ static const char NEVER_ASK_FOR_SAVE_TO_DISK_PREF[] = static const char NEVER_ASK_FOR_OPEN_FILE_PREF[] = "browser.helperApps.neverAsk.openFile"; +static const char WARNING_DIALOG_CONTRACT_ID[] = +"@torproject.org/torbutton-extAppBlocker;1"; + // Helper functions for Content-Disposition headers /** @@ -388,6 +391,22 @@ static nsresult GetDownloadDirectory(nsIFile** _directory, return NS_OK; } +static already_AddRefed GetDialogParentAux( +BrowsingContext* aBrowsingContext, nsIInterfaceRequestor* aWindowContext) { + nsCOMPtr dialogParent = aWindowContext; + + if (!dialogParent && aBrowsingContext) { +dialogParent = do_QueryInterface(aBrowsingContext->GetDOMWindow()); + } + if (!dialogParent && aBrowsingContext && XRE_IsParentProcess()) { +RefPtr element = aBrowsingContext->Top()->GetEmbedderElement(); +if (element) { + dialogParent = do_QueryInterface(element->OwnerDoc()->GetWindow()); +} + } + return dialogParent.forget(); +} + /** * Structure for storing extension->type mappings. * @see defaultMimeEntries @@ -544,6 +563,111 @@ static const nsDefaultMimeTypeEntry nonDecodableExtensions[] = { {APPLICATION_COMPRESS, "z"}, {APPLICATION_GZIP, "svgz"}}; +// +// begin nsExternalLoadURIHandler class definition and implementation +// +class nsExternalLoadURIHandler final : public nsIHelperAppWarningLauncher { + public: + NS_DECL_THREADSAFE_ISUPPORTS + NS_DECL_NSIHELPERAPPWARNINGLAUNCHER + + nsExternalLoadURIHandler(nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, + nsIPrincipal* aTriggeringPrincipal, + BrowsingContext* aBrowsingContext); + + protected: + ~nsExternalLoadURIHandler(); + + nsCOMPtr mHandlerInfo; + nsCOMPtr mURI; + nsCOMPtr mTriggeringPrincipal; + RefPtr mBrowsingContext; + nsCOMPtr mWarningDialog; +}; + +NS_IMPL_ADDREF(nsExternalLoadURIHandler) +NS_IMPL_RELEASE(nsExternalLoadURIHandler) + +NS_INTERFACE_MAP_BEGIN(nsExternalLoadURIHandler) + NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIHelperAppWarningLauncher) + NS_INTERFACE_MAP_ENTRY(nsIHelperAppWarningLauncher) +NS_INTERFACE_MAP_END + +nsExternalLoadURIHandler::nsExternalLoadURIHandler( +nsIHandlerInfo* aHandlerInfo, nsIURI* aURI, +nsIPrincipal* aTriggeringPrincipal, BrowsingContext* aBrowsingContext) +: mHandlerInfo(aHandlerInfo), + mURI(aURI), + mTriggeringPrincipal(aTriggeringPrincipal), + mBrowsingContext(aBrowsingContext) + +{ + nsresult rv = NS_OK; + mWarningDialog = do_CreateInstance(WARNING_DIALOG_CONTRACT_ID, ); + if (NS_SUCCEEDED(rv) && mWarningDialog) { +// This will create a reference cycle (the dialog holds a reference to us +// as nsIHelperAppWarningLauncher), which will be broken in ContinueRequest +// or CancelRequest. +nsCOMPtr dialogParent = +GetDialogParentAux(aBrowsingContext, nullptr); +rv = mWarningDialog->MaybeShow(this, dialogParent); + } + + if (NS_FAILED(rv)) { +// If for some reason we could not open the download warning prompt, +// continue with the request. +ContinueRequest(); + } +} +
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 16620: Clear window.name when no referrer sent
commit 27396fa15161ed0ed8fd14577aa6f5708200d1a0 Author: Kathy Brade Date: Fri Oct 30 14:28:13 2015 -0400 Bug 16620: Clear window.name when no referrer sent Convert JS implementation (within Torbutton) to a C++ browser patch. --- docshell/base/nsDocShell.cpp | 60 +++ docshell/test/mochitest/mochitest.ini | 3 + docshell/test/mochitest/test_tor_bug16620.html | 211 + docshell/test/mochitest/tor_bug16620.html | 51 ++ docshell/test/mochitest/tor_bug16620_form.html | 51 ++ 5 files changed, 376 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d0aa79344605..22eb5c4556f6 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -7476,11 +7476,71 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType, aOpenedChannel->GetURI(getter_AddRefs(mLoadingURI)); } FirePageHideNotification(!mSavingOldViewer); + if (mIsBeingDestroyed) { // Force to stop the newly created orphaned viewer. viewer->Stop(); return NS_ERROR_DOCSHELL_DYING; } + + // Tor bug 16620: Clear window.name of top-level documents if + // there is no referrer. We make an exception for new windows, + // e.g., window.open(url, "MyName"). + bool isNewWindowTarget = false; + nsCOMPtr props(do_QueryInterface(aRequest, )); + if (props) { +props->GetPropertyAsBool(NS_LITERAL_STRING("docshell.newWindowTarget"), + ); + } + + if (!isNewWindowTarget) { +nsCOMPtr httpChannel(do_QueryInterface(aOpenedChannel)); +nsCOMPtr httpReferrer; +if (httpChannel) { + nsCOMPtr referrerInfo; + rv = httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo)); + NS_ENSURE_SUCCESS(rv, rv); + if (referrerInfo) { +// We want GetComputedReferrer() instead of GetOriginalReferrer(), since +// the former takes into consideration referrer policy, protocol +// whitelisting... +httpReferrer = referrerInfo->GetComputedReferrer(); + } +} + +bool isTopFrame = mBrowsingContext->IsTop(); + +#ifdef DEBUG_WINDOW_NAME +printf("DOCSHELL %p CreateContentViewer - possibly clearing window.name:\n", + this); +printf(" current window.name: \"%s\"\n", + NS_ConvertUTF16toUTF8(mName).get()); + +nsAutoCString curSpec, loadingSpec; +if (this->mCurrentURI) mCurrentURI->GetSpec(curSpec); +if (mLoadingURI) mLoadingURI->GetSpec(loadingSpec); +printf(" current URI: %s\n", curSpec.get()); +printf(" loading URI: %s\n", loadingSpec.get()); +printf(" is top document: %s\n", isTopFrame ? "Yes" : "No"); + +if (!httpReferrer) { + printf(" referrer: None\n"); +} else { + nsAutoCString refSpec; + httpReferrer->GetSpec(refSpec); + printf(" referrer: %s\n", refSpec.get()); +} +#endif + +bool clearName = isTopFrame && !httpReferrer; +if (clearName) SetName(NS_LITERAL_STRING("")); + +#ifdef DEBUG_WINDOW_NAME +printf(" action taken: %s window.name\n", + clearName ? "Cleared" : "Preserved"); +#endif + } + mLoadingURI = nullptr; // Set mFiredUnloadEvent = false so that the unload handler for the diff --git a/docshell/test/mochitest/mochitest.ini b/docshell/test/mochitest/mochitest.ini index 25d3187711fe..663750b7fc8e 100644 --- a/docshell/test/mochitest/mochitest.ini +++ b/docshell/test/mochitest/mochitest.ini @@ -52,6 +52,8 @@ support-files = start_historyframe.html url1_historyframe.html url2_historyframe.html + tor_bug16620.html + tor_bug16620_form.html [test_anchor_scroll_after_document_open.html] [test_bfcache_plus_hash.html] @@ -115,6 +117,7 @@ support-files = file_bug675587.html [test_framedhistoryframes.html] support-files = file_framedhistoryframes.html [test_pushState_after_document_open.html] +[test_tor_bug16620.html] [test_windowedhistoryframes.html] [test_triggeringprincipal_location_seturi.html] [test_bug1507702.html] diff --git a/docshell/test/mochitest/test_tor_bug16620.html b/docshell/test/mochitest/test_tor_bug16620.html new file mode 100644 index ..46fff5a04711 --- /dev/null +++ b/docshell/test/mochitest/test_tor_bug16620.html @@ -0,0 +1,211 @@ + + + + + + Test for Tor Bug 16620 - Clear window.name when no referrer sent + + + + +https://trac.torproject.org/projects/tor/ticket/16620;>Tor Bug 16620 + +// ## Test constants +const kTestPath = "/tests/docshell/test/mochitest/"; +const kLinkFile = "tor_bug16620.html"; +const kFormFile = "tor_bug16620_form.html"; +const kBaseURL1 = "http://example.com"; +const kBaseURL1_https = "https://example.com"; +const kBaseURL2 = "http://example.net"; +const kSendReferrerPref = "network.http.sendRefererHeader"; +const
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 9173: Change the default Firefox profile directory to be TBB-relative.
commit c6a5f9b3367d6e4328b5f52d417288051902408b Author: Kathy Brade Date: Fri Oct 18 15:20:06 2013 -0400 Bug 9173: Change the default Firefox profile directory to be TBB-relative. This should eliminate our need to rely on a wrapper script that sets /Users/arthur and launches Firefox with -profile. --- toolkit/profile/nsToolkitProfileService.cpp | 5 +- toolkit/xre/nsAppRunner.cpp | 2 +- toolkit/xre/nsConsoleWriter.cpp | 2 +- toolkit/xre/nsXREDirProvider.cpp| 150 ++-- toolkit/xre/nsXREDirProvider.h | 16 +-- xpcom/io/nsAppFileLocationProvider.cpp | 97 +++--- 6 files changed, 84 insertions(+), 188 deletions(-) diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index dc4811313b5e..a3e50f8c00d3 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -723,10 +723,11 @@ nsresult nsToolkitProfileService::Init() { NS_ASSERTION(gDirServiceProvider, "No dirserviceprovider!"); nsresult rv; - rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(mAppData)); + rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(mAppData)); NS_ENSURE_SUCCESS(rv, rv); - rv = nsXREDirProvider::GetUserLocalDataDirectory(getter_AddRefs(mTempData)); + rv = + gDirServiceProvider->GetUserLocalDataDirectory(getter_AddRefs(mTempData)); NS_ENSURE_SUCCESS(rv, rv); rv = mAppData->Clone(getter_AddRefs(mProfileDBFile)); diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp index 8b5bce27cdc4..e3e7f785ada9 100644 --- a/toolkit/xre/nsAppRunner.cpp +++ b/toolkit/xre/nsAppRunner.cpp @@ -3182,7 +3182,7 @@ int XREMain::XRE_mainInit(bool* aExitFlag) { if ((mAppData->flags & NS_XRE_ENABLE_CRASH_REPORTER) && NS_SUCCEEDED(CrashReporter::SetExceptionHandler(xreBinDirectory))) { nsCOMPtr file; -rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(file)); +rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file)); if (NS_SUCCEEDED(rv)) { CrashReporter::SetUserAppDataDirectory(file); } diff --git a/toolkit/xre/nsConsoleWriter.cpp b/toolkit/xre/nsConsoleWriter.cpp index 0a2c0c342893..46735a293a00 100644 --- a/toolkit/xre/nsConsoleWriter.cpp +++ b/toolkit/xre/nsConsoleWriter.cpp @@ -29,7 +29,7 @@ void WriteConsoleLog() { } else { if (!gLogConsoleErrors) return; -rv = nsXREDirProvider::GetUserAppDataDirectory(getter_AddRefs(lfile)); +rv = gDirServiceProvider->GetUserAppDataDirectory(getter_AddRefs(lfile)); if (NS_FAILED(rv)) return; lfile->AppendNative(NS_LITERAL_CSTRING("console.log")); diff --git a/toolkit/xre/nsXREDirProvider.cpp b/toolkit/xre/nsXREDirProvider.cpp index 7641ef683c39..f80cb2827349 100644 --- a/toolkit/xre/nsXREDirProvider.cpp +++ b/toolkit/xre/nsXREDirProvider.cpp @@ -32,6 +32,7 @@ #include "nsArrayEnumerator.h" #include "nsEnumeratorUtils.h" #include "nsReadableUtils.h" +#include "nsXPCOMPrivate.h" // for XPCOM_FILE_PATH_SEPARATOR #include "SpecialSystemDirectory.h" @@ -249,9 +250,6 @@ nsresult nsXREDirProvider::GetUserProfilesRootDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), false); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) -rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -267,9 +265,6 @@ nsresult nsXREDirProvider::GetUserProfilesLocalDir(nsIFile** aResult) { nsresult rv = GetUserDataDirectory(getter_AddRefs(file), true); if (NS_SUCCEEDED(rv)) { -#if !defined(XP_UNIX) || defined(XP_MACOSX) -rv = file->AppendNative(NS_LITERAL_CSTRING("Profiles")); -#endif // We must create the profile directory here if it does not exist. nsresult tmp = EnsureDirectoryExists(file); if (NS_FAILED(tmp)) { @@ -1403,7 +1398,7 @@ nsresult nsXREDirProvider::SetUserDataProfileDirectory(nsCOMPtr& aFile, nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, bool aLocal) { // Copied from nsAppFileLocationProvider (more or less) - nsresult rv; + NS_ENSURE_ARG_POINTER(aFile); nsCOMPtr localDir; if (aLocal && gDataDirHomeLocal) { @@ -1413,81 +1408,39 @@ nsresult nsXREDirProvider::GetUserDataDirectoryHome(nsIFile** aFile, return gDataDirHome->Clone(aFile); } -#if defined(XP_MACOSX) - FSRef fsRef; - OSType folderType; - if (aLocal) { -folderType = kCachedDataFolderType; - } else { -# ifdef MOZ_THUNDERBIRD -folderType = kDomainLibraryFolderType; -# else -folderType = kApplicationSupportFolderType; -# endif - } - OSErr err = ::FSFindFolder(kUserDomain, folderType, kCreateFolder, ); - NS_ENSURE_FALSE(err,
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 16439: Remove screencasting code
commit 62fc099224201682f771bf342c13046c1ee62747 Author: Kathy Brade Date: Wed Jun 24 11:01:11 2015 -0400 Bug 16439: Remove screencasting code We avoid including the screencasting code on mobile (it got ripped out for desktop in bug 1393582) by simply excluding the related JS modules from Tor Browser. --- toolkit/modules/moz.build | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index f000f35c126f..e1f1eb5759c5 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -260,10 +260,11 @@ if 'Android' != CONFIG['OS_TARGET']: ] else: DEFINES['ANDROID'] = True -EXTRA_JS_MODULES += [ -'secondscreen/RokuApp.jsm', -'secondscreen/SimpleServiceDiscovery.jsm', -] +if not CONFIG['TOR_BROWSER_VERSION']: +EXTRA_JS_MODULES += [ +'secondscreen/RokuApp.jsm', +'secondscreen/SimpleServiceDiscovery.jsm', +] if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows': ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 13028: Prevent potential proxy bypass cases.
commit 28b81c11f73b9368a3196a59721ec3dabb30ccd4 Author: Mike Perry Date: Mon Sep 29 14:30:19 2014 -0700 Bug 13028: Prevent potential proxy bypass cases. It looks like these cases should only be invoked in the NSS command line tools, and not the browser, but I decided to patch them anyway because there literally is a maze of network function pointers being passed around, and it's very hard to tell if some random code might not pass in the proper proxied versions of the networking code here by accident. --- security/nss/lib/certhigh/ocsp.c| 8 .../lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c | 21 + 2 files changed, 29 insertions(+) diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index cea8456606bf..86fa971cfbef 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -2932,6 +2932,14 @@ ocsp_ConnectToHost(const char *host, PRUint16 port) PRNetAddr addr; char *netdbbuf = NULL; +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted OSCP direct connect to %s, port %u\n", host, +port); +goto loser; +#endif + sock = PR_NewTCPSocket(); if (sock == NULL) goto loser; diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c index e8698376b5be..85791d84a932 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c @@ -1334,6 +1334,13 @@ pkix_pl_Socket_Create( plContext), PKIX_COULDNOTCREATESOCKETOBJECT); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct socket connect\n"); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + socket->isServer = isServer; socket->timeout = timeout; socket->clientSock = NULL; @@ -1433,6 +1440,13 @@ pkix_pl_Socket_CreateByName( localCopyName = PL_strdup(serverName); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif + sepPtr = strchr(localCopyName, ':'); /* First strip off the portnum, if present, from the end of the name */ if (sepPtr) { @@ -1582,6 +1596,13 @@ pkix_pl_Socket_CreateByHostAndPort( PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByHostAndPort"); PKIX_NULLCHECK_THREE(hostname, pStatus, pSocket); +// XXX: Do we need a unittest ifdef here? We don't want to break the tests, but +// we want to ensure nothing can ever hit this code in production. +#if 1 +printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname, +portnum); +PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED); +#endif prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), ); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 14631: Improve profile access error messages.
commit 4cf9e1ae1e005610b77dd69f6b6fc6d8e3d44f24 Author: Kathy Brade Date: Tue Feb 24 13:50:23 2015 -0500 Bug 14631: Improve profile access error messages. Instead of always reporting that the profile is locked, display specific messages for "access denied" and "read-only file system". To allow for localization, get profile-related error strings from Torbutton. Use app display name ("Tor Browser") in profile-related error alerts. --- .../mozapps/profile/profileSelection.properties| 5 + toolkit/profile/nsToolkitProfileService.cpp| 57 +++- toolkit/profile/nsToolkitProfileService.h | 13 +- toolkit/xre/nsAppRunner.cpp| 155 ++--- 4 files changed, 207 insertions(+), 23 deletions(-) diff --git a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties index 2be092bf4c4b..922b52cb1385 100644 --- a/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties +++ b/toolkit/locales/en-US/chrome/mozapps/profile/profileSelection.properties @@ -12,6 +12,11 @@ restartMessageUnlocker=%S is already running, but is not responding. The old %S restartMessageNoUnlockerMac=A copy of %S is already open. Only one copy of %S can be open at a time. restartMessageUnlockerMac=A copy of %S is already open. The running copy of %S will quit in order to open this one. +# LOCALIZATION NOTE (profileProblemTitle, profileReadOnly, profileReadOnlyMac, profileAccessDenied): Messages displayed when the browser profile cannot be accessed or written to. %S is the application name. +profileProblemTitle=%S Profile Problem +profileReadOnly=You cannot run %S from a read-only file system. Please copy %S to another location before trying to use it. +profileReadOnlyMac=You cannot run %S from a read-only file system. Please copy %S to your Desktop or Applications folder before trying to use it. +profileAccessDenied=%S does not have permission to access the profile. Please adjust your file system permissions and try again. # Profile manager # LOCALIZATION NOTE (profileTooltip): First %S is the profile name, second %S is the path to the profile folder. profileTooltip=Profile: â%Sâ - Path: â%Sâ diff --git a/toolkit/profile/nsToolkitProfileService.cpp b/toolkit/profile/nsToolkitProfileService.cpp index a3e50f8c00d3..3f32bd95f9c9 100644 --- a/toolkit/profile/nsToolkitProfileService.cpp +++ b/toolkit/profile/nsToolkitProfileService.cpp @@ -1161,9 +1161,10 @@ nsToolkitProfileService::SelectStartupProfile( } bool wasDefault; + ProfileStatus profileStatus; nsresult rv = SelectStartupProfile(, argv.get(), aIsResetting, aRootDir, aLocalDir, - aProfile, aDidCreate, ); + aProfile, aDidCreate, , profileStatus); // Since we were called outside of the normal startup path complete any // startup tasks. @@ -1196,7 +1197,8 @@ nsToolkitProfileService::SelectStartupProfile( nsresult nsToolkitProfileService::SelectStartupProfile( int* aArgc, char* aArgv[], bool aIsResetting, nsIFile** aRootDir, nsIFile** aLocalDir, nsIToolkitProfile** aProfile, bool* aDidCreate, -bool* aWasDefaultSelection) { +bool* aWasDefaultSelection, ProfileStatus& aProfileStatus) { + aProfileStatus = PROFILE_STATUS_OK; if (mStartupProfileSelected) { return NS_ERROR_ALREADY_INITIALIZED; } @@ -1290,6 +1292,13 @@ nsresult nsToolkitProfileService::SelectStartupProfile( rv = XRE_GetFileFromPath(arg, getter_AddRefs(lf)); NS_ENSURE_SUCCESS(rv, rv); +aProfileStatus = CheckProfileWriteAccess(lf); +if (PROFILE_STATUS_OK != aProfileStatus) { + NS_ADDREF(*aRootDir = lf); + NS_ADDREF(*aLocalDir = lf); + return NS_ERROR_FAILURE; +} + // Make sure that the profile path exists and it's a directory. bool exists; rv = lf->Exists(); @@ -2079,3 +2088,47 @@ nsresult XRE_GetFileFromPath(const char* aPath, nsIFile** aResult) { # error Platform-specific logic needed here. #endif } + +// Check for write permission to the profile directory by trying to create a +// new file (after ensuring that no file with the same name exists). +ProfileStatus nsToolkitProfileService::CheckProfileWriteAccess( +nsIFile* aProfileDir) { +#if defined(XP_UNIX) + NS_NAMED_LITERAL_STRING(writeTestFileName, ".parentwritetest"); +#else + NS_NAMED_LITERAL_STRING(writeTestFileName, "parent.writetest"); +#endif + + nsCOMPtr writeTestFile; + nsresult rv = aProfileDir->Clone(getter_AddRefs(writeTestFile)); + if (NS_SUCCEEDED(rv)) rv = writeTestFile->Append(writeTestFileName); + + if (NS_SUCCEEDED(rv)) { +bool doesExist = false; +rv = writeTestFile->Exists(); +if (NS_SUCCEEDED(rv) && doesExist) rv = writeTestFile->Remove(true); + } + + if (NS_SUCCEEDED(rv)) { +rv = writeTestFile->Create(nsIFile::NORMAL_FILE_TYPE, 0666); +
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 12974: Disable NTLM and Negotiate HTTP Auth
commit e51ea662fec39a23c1e6cce0ad6346da26c74d6c Author: Mike Perry Date: Wed Aug 27 15:19:10 2014 -0700 Bug 12974: Disable NTLM and Negotiate HTTP Auth This is technically an embargoed Mozilla bug, so I probably shouldn't provide too many details. Suffice to say that NTLM and Negotiate auth are bad for Tor users, and I doubt very many (or any of them) actually need it. The Mozilla bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1046421 --- extensions/auth/nsHttpNegotiateAuth.cpp | 4 netwerk/protocol/http/nsHttpNTLMAuth.cpp | 3 +++ 2 files changed, 7 insertions(+) diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index 99720475b9dd..1c08fcf3da7e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -152,6 +152,10 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel* authChannel, nsIAuthModule* rawModule = (nsIAuthModule*)*continuationState; *identityInvalid = false; + + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + if (rawModule) { return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpNTLMAuth.cpp b/netwerk/protocol/http/nsHttpNTLMAuth.cpp index 0a30de051014..891aaadfd758 100644 --- a/netwerk/protocol/http/nsHttpNTLMAuth.cpp +++ b/netwerk/protocol/http/nsHttpNTLMAuth.cpp @@ -168,6 +168,9 @@ nsHttpNTLMAuth::ChallengeReceived(nsIHttpAuthenticableChannel* channel, *identityInvalid = false; + /* Always fail Negotiate auth for Tor Browser. We don't need it. */ + return NS_ERROR_ABORT; + // Start a new auth sequence if the challenge is exactly "NTLM". // If native NTLM auth apis are available and enabled through prefs, // try to use them. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 3547: Block all plugins.
commit 0763f589e1da827013606d03f3c0ffda9c70ab52 Author: Mike Perry Date: Tue Dec 4 16:03:13 2012 -0800 Bug 3547: Block all plugins. We cannot use the @mozilla.org/extensions/blocklist;1 service, because we actually want to stop plugins from ever entering the browser's process space and/or executing code (for example, AV plugins that collect statistics/analyse urls, magical toolbars that phone home or "help" the user, skype buttons that ruin our day, and censorship filters). Hence we rolled our own. See https://trac.torproject.org/projects/tor/ticket/3547#comment:6 for musings on a better way. Until then, it is delta-darwinism for us. --- dom/plugins/base/PluginFinder.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/plugins/base/PluginFinder.cpp b/dom/plugins/base/PluginFinder.cpp index 4e1c1fd53698..cace7d4ef6ba 100644 --- a/dom/plugins/base/PluginFinder.cpp +++ b/dom/plugins/base/PluginFinder.cpp @@ -480,6 +480,9 @@ nsresult PluginFinder::ScanPluginsDirectory(nsIFile* pluginsDir, *aPluginsChanged = false; + // Block all plugins + return NS_OK; + #ifdef PLUGIN_LOGGING nsAutoCString dirPath; pluginsDir->GetNativePath(dirPath); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 12620: TorBrowser regression tests
commit 01a09b0ae5d1285a8276708ccf5250c35522d925 Author: Arthur Edelstein Date: Wed Aug 27 16:25:00 2014 -0700 Bug 12620: TorBrowser regression tests Regression tests for Bug #2950: Make Permissions Manager memory-only Regression tests for TB4: Tor Browser's Firefox preference overrides. Note: many more functional tests could be made here Regression tests for #2874: Block Components.interfaces from content Bug 18923: Add a script to run all Tor Browser specific tests Regression tests for Bug #16441: Suppress "Reset Tor Browser" prompt. --- run-tbb-tests| 66 +++ tbb-tests-ignore.txt | 13 +++ tbb-tests/browser.ini| 5 +++ tbb-tests/browser_tor_TB4.js | 35 +++ tbb-tests/browser_tor_bug2950.js | 74 tbb-tests/mochitest.ini | 3 ++ tbb-tests/moz.build | 10 ++ tbb-tests/test_tor_bug2874.html | 25 ++ toolkit/toolkit.mozbuild | 3 +- 9 files changed, 233 insertions(+), 1 deletion(-) diff --git a/run-tbb-tests b/run-tbb-tests new file mode 100755 index ..bc09839f9f05 --- /dev/null +++ b/run-tbb-tests @@ -0,0 +1,66 @@ +#!/bin/bash + +# This script runs all the Mochitest tests that have been added or +# modified since the last ffxbld commit. +# +# It does not currently run XPCShell tests. We should change this if we +# start using this type or other types of tests. +# +# The logs of the tests are stored in the tbb-tests.log file. +# Ignored tests are listed in the tbb-tests-ignore.txt file. +# +# https://trac.torproject.org/projects/tor/ticket/18923 + +IFS=$'\n' + +if [ -n "$USE_TESTS_LIST" ] && [ -f tbb-tests-list.txt ] +then +echo "Using tests list from file tbb-tests-list.txt" +tests=($(cat tbb-tests-list.txt)) +else +ffxbld_commit=$(git log -500 --format='oneline' | grep "TB3: Tor Browser's official .mozconfigs." \ +| head -1 | cut -d ' ' -f 1) + +tests=($(git diff --name-status "$ffxbld_commit" HEAD | \ +grep -e '^[AM].*/test_[^/]\+\.\(html\|xul\)$' \ + -e '^[AM].*/browser_[^/]\+\.js$' \ + | sed 's/^[AM]\s\+//')) +fi + +echo 'The following tests will be run:' +for i in "${!tests[@]}" +do +if [ -z "$USE_TESTS_LIST" ] \ +&& grep -q "^${tests[$i]}$" tbb-tests-ignore.txt +then +unset "tests[$i]" +continue +fi +echo "- ${tests[$i]}" +done + +if [ -n "$WRITE_TESTS_LIST" ] +then +rm -f tbb-tests-list.txt +for i in "${!tests[@]}" +do +echo "${tests[$i]}" >> tbb-tests-list.txt +done +exit 0 +fi + +rm -f tbb-tests.log +echo $'\n''Starting tests' +# We need `security.nocertdb = false` because of #18087. That pref is +# forced to have the same value as `browser.privatebrowsing.autostart` in +# torbutton, so we just set `browser.privatebrowsing.autostart=false` here. +./mach mochitest --log-tbpl tbb-tests.log \ +--setpref network.file.path_blacklist='' \ +--setpref extensions.torbutton.use_nontor_proxy=true \ +--setpref browser.privatebrowsing.autostart=false \ + "${tests[@]}" + +echo "*" +echo "*" +echo "Summary of failed tests:" +grep --color=never TEST-UNEXPECTED-FAIL tbb-tests.log diff --git a/tbb-tests-ignore.txt b/tbb-tests-ignore.txt new file mode 100644 index ..ee3927a9e7c4 --- /dev/null +++ b/tbb-tests-ignore.txt @@ -0,0 +1,13 @@ +browser/extensions/onboarding/test/browser/browser_onboarding_accessibility.js +browser/extensions/onboarding/test/browser/browser_onboarding_keyboard.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_2.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_3.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_4.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_5.js +browser/extensions/onboarding/test/browser/browser_onboarding_notification_click_auto_complete_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_select_default_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_skip_tour.js +browser/extensions/onboarding/test/browser/browser_onboarding_tours.js +browser/extensions/onboarding/test/browser/browser_onboarding_tourset.js +browser/extensions/onboarding/test/browser/browser_onboarding_uitour.js diff --git a/tbb-tests/browser.ini b/tbb-tests/browser.ini new file mode 100644 index ..f481660f1417 --- /dev/null +++ b/tbb-tests/browser.ini @@ -0,0 +1,5 @@ +[DEFAULT] + +[browser_tor_bug2950.js] +[browser_tor_omnibox.js] +[browser_tor_TB4.js] diff --git a/tbb-tests/browser_tor_TB4.js b/tbb-tests/browser_tor_TB4.js new file mode 100644 index
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 10760: Integrate TorButton to TorBrowser core
commit 47642982f7dc760a102f348009762cceb32ecd51 Author: Alex Catarineu Date: Wed Feb 19 23:05:08 2020 +0100 Bug 10760: Integrate TorButton to TorBrowser core Because of the non-restartless nature of Torbutton, it required a two-stage installation process. On mobile, it was a problem, because it was not loading when the user opened the browser for the first time. Moving it to tor-browser and making it a system extension allows it to load when the user opens the browser for first time. Additionally, this patch also fixes Bug 27611. Bug 26321: New Circuit and New Identity menu items Bug 14392: Make about:tor behave like other initial pages. Bug 25013: Add torbutton as a tor-browser submodule --- .gitmodules| 3 ++ browser/base/content/aboutDialog.xhtml | 38 +++-- browser/base/content/browser-doctype.inc | 6 +++ browser/base/content/browser-menubar.inc | 49 -- browser/base/content/browser-sets.inc | 2 + browser/base/content/browser.js| 1 + browser/base/content/browser.xhtml | 9 .../controlcenter/content/identityPanel.inc.xhtml | 17 .../customizableui/content/panelUI.inc.xhtml | 17 +++- browser/installer/package-manifest.in | 2 + docshell/base/nsAboutRedirector.cpp| 6 ++- docshell/build/components.conf | 1 + mobile/android/installer/package-manifest.in | 4 ++ toolkit/moz.build | 1 + .../mozapps/extensions/internal/XPIProvider.jsm| 9 toolkit/torproject/torbutton | 1 + .../lib/environments/browser-window.js | 6 ++- 17 files changed, 142 insertions(+), 30 deletions(-) diff --git a/.gitmodules b/.gitmodules new file mode 100644 index ..2f03bd8e22df --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "toolkit/torproject/torbutton"] + path = toolkit/torproject/torbutton + url = https://git.torproject.org/torbutton.git diff --git a/browser/base/content/aboutDialog.xhtml b/browser/base/content/aboutDialog.xhtml index 69cbf846bbef..5274cbc02831 100644 --- a/browser/base/content/aboutDialog.xhtml +++ b/browser/base/content/aboutDialog.xhtml @@ -7,11 +7,11 @@ + + http://www.w3.org/1999/xhtml; @@ -28,7 +28,7 @@ data-l10n-id="aboutDialog-title" #endif role="dialog" -aria-describedby="version distribution distributionId communityDesc contributeDesc trademark" +aria-describedby="version distribution distributionId projectDesc helpDesc trademark trademarkTor" > #ifdef XP_MACOSX #include macWindow.inc.xhtml @@ -132,24 +132,36 @@ - -http://www.mozilla.org/; data-l10n-name="community-mozillaLink"> - + + + + + +https://www.torproject.org/;> + + - -https://donate.mozilla.org/?utm_source=firefoxutm_medium=referralutm_campaign=firefox_aboututm_content=firefox_about; data-l10n-name="helpus-donateLink"> -http://www.mozilla.org/contribute/; data-l10n-name="helpus-getInvolvedLink"> + + +https://donate.torproject.org/;> + + + +https://community.torproject.org/;> + + - - - -https://www.mozilla.org/privacy/; data-l10n-id="bottomLinks-privacy"> + +https://support.torproject.org/;> +https://community.torproject.org/relay/;> + + diff --git a/browser/base/content/browser-doctype.inc b/browser/base/content/browser-doctype.inc index 9aa278773158..48cf6cd3eda0 100644 --- a/browser/base/content/browser-doctype.inc +++ b/browser/base/content/browser-doctype.inc @@ -14,3 +14,9 @@ %syncBrandDTD; %brandingsDTD; + +%torbuttonDTD; + +%aboutTorDTD; + +%aboutDialogDTD; diff --git a/browser/base/content/browser-menubar.inc b/browser/base/content/browser-menubar.inc index 267ec91707ba..6f4aa9289c35 100644 --- a/browser/base/content/browser-menubar.inc +++ b/browser/base/content/browser-menubar.inc @@ -33,6 +33,18 @@ command="Tools:NonFissionWindow" accesskey="s" label="New Non-Fission Window"/> #endif + + + + - + + + + + +https://tb-manual.torproject.org/' + Services.locale.requestedLocale, {triggeringPrincipal:
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 28044: Integrate Tor Launcher into tor-browser
commit 5fa7c7d065bca9ac134b8f1129a9133afccd149f Author: Kathy Brade Date: Tue Feb 26 10:07:17 2019 -0500 Bug 28044: Integrate Tor Launcher into tor-browser Build and package Tor Launcher as part of the browser (similar to how pdfjs is handled). If a Tor Launcher extension is present in the user's profile, it is removed. --- browser/extensions/moz.build| 5 + browser/installer/package-manifest.in | 5 + toolkit/mozapps/extensions/internal/XPIProvider.jsm | 10 ++ 3 files changed, 20 insertions(+) diff --git a/browser/extensions/moz.build b/browser/extensions/moz.build index 4c9fa789d12a..fd2e65d01f02 100644 --- a/browser/extensions/moz.build +++ b/browser/extensions/moz.build @@ -12,3 +12,8 @@ DIRS += [ 'webcompat', 'report-site-issue' ] + +if not CONFIG['TOR_BROWSER_DISABLE_TOR_LAUNCHER']: +DIRS += [ +'tor-launcher', +] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index 7deaf1b51f9a..582a6e13d607 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -248,6 +248,11 @@ @RESPATH@/browser/chrome/browser.manifest @RESPATH@/browser/chrome/pdfjs.manifest @RESPATH@/browser/chrome/pdfjs/* +#ifndef TOR_BROWSER_DISABLE_TOR_LAUNCHER +@RESPATH@/browser/chrome/torlauncher.manifest +@RESPATH@/browser/chrome/torlauncher/* +@RESPATH@/browser/@PREF_DIR@/torlauncher-prefs.js +#endif @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest @RESPATH@/chrome/recording.manifest diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm index ba67e5f6bee8..bcdf6f40d5ed 100644 --- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm +++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm @@ -1462,6 +1462,16 @@ var XPIStates = { for (let [id, file] of loc.readAddons()) { knownIds.delete(id); +// Since it is now part of the browser, uninstall the Tor Launcher +// extension. This will remove the Tor Launcher .xpi from user +// profiles on macOS. +if (id === "tor-launc...@torproject.org") { + logger.debug("Uninstalling the Tor Launcher extension."); + loc.installer.uninstallAddon(id); + changed = true; + continue; +} + let xpiState = loc.get(id); if (!xpiState) { // If the location is not supported for sideloading, skip new ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] TB4: Tor Browser's Firefox preference overrides.
commit ee04b5d1befc0cab4a58619cfe64794d89532095 Author: Mike Perry Date: Tue Sep 10 18:20:43 2013 -0700 TB4: Tor Browser's Firefox preference overrides. This hack directly includes our preference changes in omni.ja. Bug 18292: Staged updates fail on Windows Temporarily disable staged updates on Windows. Bug 18297: Use separate Noto JP,KR,SC,TC fonts Bug 23404: Add Noto Sans Buginese to the macOS whitelist Bug 23745: Set dom.indexedDB.enabled = true Bug 13575: Disable randomised Firefox HTTP cache decay user tests. (Fernando Fernandez Mancera ) Bug 17252: Enable session identifiers with FPI Session tickets and session identifiers were isolated by OriginAttributes, so we can re-enable them by allowing the default value (true) of "security.ssl.disable_session_identifiers". The pref "security.enable_tls_session_tickets" is obsolete (removed in https://bugzilla.mozilla.org/917049) Bug 14952: Enable http/2 and AltSvc In Firefox, SPDY/HTTP2 now uses Origin Attributes for isolation of connections, push streams, origin frames, etc. That means we get first-party isolation provided "privacy.firstparty.isolate" is true. So in this patch, we stop overriding "network.http.spdy.enabled" and "network.http.spdy.enabled.http2". Alternate Services also use Origin Attributes for isolation. So we stop overriding "network.http.altsvc.enabled" and "network.http.altsvc.oe" as well. (All 4 of the abovementioned "network.http.*" prefs adopt Firefox 60ESR's default value of true.) However, we want to disable HTTP/2 push for now, so we set "network.http.spdy.allow-push" to false. "network.http.spdy.enabled.http2draft" was removed in Bug 1132357. "network.http.sped.enabled.v2" was removed in Bug 912550. "network.http.sped.enabled.v3" was removed in Bug 1097944. "network.http.sped.enabled.v3-1" was removed in Bug 1248197. Bug 26114: addons.mozilla.org is not special * Don't expose navigator.mozAddonManager on any site * Don't block NoScript from modifying addons.mozilla.org or other sites Enable ReaderView mode again (#27281). Bug 29916: Make sure enterprise policies are disabled Bug 2874: Block Components.interfaces from content Bug 26146: Spoof HTTP User-Agent header for desktop platforms In Tor Browser 8.0, the OS was revealed in both the HTTP User-Agent header and to JavaScript code via navigator.userAgent. To avoid leaking the OS inside each HTTP request (which many web servers log), always use the Windows 7 OS value in the desktop User-Agent header. We continue to allow access to the actual OS via JavaScript, since doing so improves compatibility with web applications such as GitHub and Google Docs. Bug 12885: Windows Jump Lists fail for Tor Browser Jumplist entries are stored in a binary file in: %APPDATA%\\Microsoft\Windows\Recent\CustomDestinations\ and has a name in the form [a-f0-9]+.customDestinations-ms The hex at the front is unique per app, and is ultimately derived from something called the 'App User Model ID' (AUMID) via some unknown hashing method. The AUMID is provided as a key when programmatically creating, updating, and deleting a jumplist. The default behaviour in firefox is for the installer to define an AUMID for an app, and save it in the registry so that the jumplist data can be removed by the uninstaller. However, the Tor Browser does not set this (or any other) regkey during installation, so this codepath fails and the app's AUMID is left undefined. As a result the app's AUMID ends up being defined by windows, but unknowable by Tor Browser. This unknown AUMID is used to create and modify the jumplist, but the delete API requires that we provide the app's AUMID explicitly. Since we don't know what the AUMID is (since the expected regkey where it is normally stored does not exist) jumplist deletion will fail and we will leave behind a mostly empty customDestinations-ms file. The name of the file is derived from the binary path, so an enterprising person could reverse engineer how that hex name is calculated, and generate the name for Tor Browser's default Desktop installation path to determine whether a person had used Tor Browser in the past. The 'taskbar.grouping.useprofile' option that is enabled by this patch works around this AUMID problem by having firefox.exe create it's own AUMID based on the profile path (rather than looking for a regkey). This way, if a user goes in and enables and disables jumplist entries, the backing store is properly deleted. Unfortunately, all windows users currently have this file lurking in the above mentioned
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] TB3: Tor Browser's official .mozconfigs.
commit 02f0f242afa977c40d08186e1f4cc5d19b3e18e5 Author: Mike Perry Date: Mon May 6 15:51:06 2013 -0700 TB3: Tor Browser's official .mozconfigs. Also: Bug #9829.1: new .mozconfig file for the new cross-compiler and ESR24 Changes needed to build Mac in 64bit Bug 10715: Enable Webgl for mingw-w64 again. Disable ICU when cross-compiling; clean-up. Bug 15773: Enable ICU on OS X Bug 15990: Don't build the sandbox with mingw-w64 Bug 12761: Switch to ESR 38 for OS X Updating .mozconfig-asan Bug 12516: Compile hardenend Tor Browser with -fwrapv Bug 18331: Switch to Mozilla's toolchain for building Tor Browser for OS X Bug 17858: Cannot create incremental MARs for hardened builds. Define HOST_CFLAGS, etc. to avoid compiling programs such as mbsdiff (which is part of mar-tools and is not distributed to end-users) with ASan. Bug 13419: Add back ICU for Windows Bug 21239: Use GTK2 for ESR52 Linux builds Bug 23025: Add hardening flags for macOS Bug 24478: Enable debug assertions and tests in our ASan builds --enable-proxy-bypass-protection Bug 27597: ASan build option in tor-browser-build is broken Bug 27623 - Export MOZILLA_OFFICIAL during desktop builds This fixes a problem where some preferences had the wrong default value. Also see bug 27472 where we made a similar fix for Android. Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING Bug 31450: Set proper BINDGEN_CFLAGS for ASan builds Add an --enable-tor-browser-data-outside-app-dir configure option Add --with-tor-browser-version configure option Bug 21849: Don't allow SSL key logging. Bug 31457: disable per-installation profiles The dedicated profiles (per-installation) feature does not interact well with our bundled profiles on Linux and Windows, and it also causes multiple profiles to be created on macOS under TorBrowser-Data. Bug 31935: Disable profile downgrade protection. Since Tor Browser does not support more than one profile, disable the prompt and associated code that offers to create one when a version downgrade situation is detected. Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT Bug 25741 - TBA: Disable features at compile-time MOZ_NATIVE_DEVICES for casting and the media player MOZ_TELEMETRY_REPORTING for telemetry MOZ_DATA_REPORTING for all data reporting preferences (crashreport, telemetry, geo) Bug 25741 - TBA: Add default configure options in dedicated file Define MOZ_ANDROID_NETWORK_STATE and MOZ_ANDROID_LOCATION Bug 29859: Disable HLS support for now Add --disable-tor-launcher build option Add --enable-tor-browser-update build option Bug 33734: Set MOZ_NORMANDY to False Bug 33851: Omit Parental Controls. Bug 40061: Omit the Windows default browser agent from the build Bug 40107: Adapt .mozconfig-asan for ESR 78 Bug 40252: Add --enable-rust-simd to our tor-browser mozconfig files --- .mozconfig| 39 .mozconfig-android| 36 ++ .mozconfig-asan | 45 .mozconfig-mac| 56 +++ .mozconfig-mingw | 31 +++ browser/base/moz.build| 3 ++ browser/installer/Makefile.in | 8 + browser/moz.configure | 8 ++--- build/moz.configure/old.configure | 6 mobile/android/confvars.sh| 9 ++ mobile/android/geckoview/build.gradle | 1 + mobile/android/moz.configure | 17 +-- mobile/android/torbrowser.configure | 30 +++ old-configure.in | 49 ++ security/moz.build| 2 +- security/nss/lib/ssl/Makefile | 2 +- toolkit/modules/AppConstants.jsm | 9 ++ toolkit/modules/moz.build | 3 ++ 18 files changed, 346 insertions(+), 8 deletions(-) diff --git a/.mozconfig b/.mozconfig new file mode 100755 index ..18cd1f9b6487 --- /dev/null +++ b/.mozconfig @@ -0,0 +1,39 @@ +. $topsrcdir/browser/config/mozconfig + +# This mozconfig file is not used in official Tor Browser builds. +# It is only intended to be used when doing incremental Linux builds +# during development. The platform-specific mozconfig configuration +# files used in official Tor Browser releases can be found in the +# tor-browser-build repo: +# https://gitweb.torproject.org/builders/tor-browser-build.git/ +# under: +# tor-browser-build/projects/firefox/mozconfig-$OS-$ARCH + +mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-@CONFIG_GUESS@ +mk_add_options MOZ_APP_DISPLAYNAME="Tor Browser" +export MOZILLA_OFFICIAL=1 + +ac_add_options
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1585470 - Remove duplicate cpu-features.c definition when building GV without webrtc r=glandium
commit e35a9b5e28abfa01dffb396242856b589f10bf07 Author: Matthew Finkel Date: Thu Jul 9 19:10:34 2020 + Bug 1585470 - Remove duplicate cpu-features.c definition when building GV without webrtc r=glandium Differential Revision: https://phabricator.services.mozilla.com/D82120 --- media/libaom/moz.build | 5 - 1 file changed, 5 deletions(-) diff --git a/media/libaom/moz.build b/media/libaom/moz.build index 2dec3de4581c..0b3ba0707df9 100644 --- a/media/libaom/moz.build +++ b/media/libaom/moz.build @@ -84,11 +84,6 @@ if CONFIG['OS_TARGET'] == 'Android': # the OS they're on, so do it for them. DEFINES['__linux__'] = True -if not CONFIG['MOZ_WEBRTC']: -SOURCES += [ -'%%%s/sources/android/cpufeatures/cpu-features.c' % CONFIG['ANDROID_NDK'], -] - for f in SOURCES: if f.endswith('sse2.c'): SOURCES[f].flags += CONFIG['SSE2_FLAGS'] ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1642754 - Update prompts should not depend on how update was initiated r=bytesized
commit ef66d4ad30f4c49af88d7383d1406ead781d43d6 Author: Mark Smith Date: Wed Jun 17 19:24:09 2020 + Bug 1642754 - Update prompts should not depend on how update was initiated r=bytesized Show update badge and doorhanger when entering the "pending" state for foreground updates. Differential Revision: https://phabricator.services.mozilla.com/D79903 --- toolkit/mozapps/update/UpdateService.jsm | 10 ++ .../browser/browser_aboutDialog_fc_downloadAuto.js | 18 +- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/toolkit/mozapps/update/UpdateService.jsm b/toolkit/mozapps/update/UpdateService.jsm index 8dd397f628f5..1dc86a073646 100644 --- a/toolkit/mozapps/update/UpdateService.jsm +++ b/toolkit/mozapps/update/UpdateService.jsm @@ -5002,8 +5002,6 @@ Downloader.prototype = { } } -// XXX ehsan shouldShowPrompt should always be false here. -// But what happens when there is already a UI showing? var state = this._patch.state; var shouldShowPrompt = false; var shouldRegisterOnlineObserver = false; @@ -5044,9 +5042,7 @@ Downloader.prototype = { } else { state = STATE_PENDING; } -if (this.background) { - shouldShowPrompt = !getCanStageUpdates(); -} +shouldShowPrompt = !getCanStageUpdates(); AUSTLMY.pingDownloadCode(this.isCompleteUpdate, AUSTLMY.DWNLD_SUCCESS); // Tell the updater.exe we're ready to apply. @@ -5329,9 +5325,7 @@ Downloader.prototype = { LOG( "Downloader:onStopRequest - failed to stage update. Exception: " + e ); - if (this.background) { -shouldShowPrompt = true; - } + shouldShowPrompt = true; } } } diff --git a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js index 6a8835251dec..be65ce8ddef1 100644 --- a/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js +++ b/toolkit/mozapps/update/tests/browser/browser_aboutDialog_fc_downloadAuto.js @@ -15,7 +15,7 @@ add_task(async function aboutDialog_foregroundCheck_downloadAuto() { // Since the partial should be successful specify an invalid size for the // complete update. - let params = { queryString: "=1" }; + let params = { queryString: "=1=0" }; await runAboutDialogUpdateTest(params, [ { panelId: "checkingForUpdates", @@ -28,6 +28,22 @@ add_task(async function aboutDialog_foregroundCheck_downloadAuto() { continueFile: CONTINUE_DOWNLOAD, downloadInfo, }, +async function aboutDialog_restart_notification() { + is( +PanelUI.notificationPanel.state, +"closed", +"The window's doorhanger is closed." + ); + ok( +PanelUI.menuButton.hasAttribute("badge-status"), +"The window has a badge." + ); + is( +PanelUI.menuButton.getAttribute("badge-status"), +"update-restart", +"The restart badge is showing for the background window" + ); +}, { panelId: "apply", checkActiveUpdate: { state: STATE_PENDING }, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-78.12.0esr-11.0-1] Bug 1642404 - add an option to show that an update is being downloaded r=bytesized, fluent-reviewers, flod
commit e9080b7ede6b46632375d6b65175fd981d87685a Author: Mark Smith Date: Mon Jun 22 20:24:46 2020 + Bug 1642404 - add an option to show that an update is being downloaded r=bytesized,fluent-reviewers,flod Add support for a hidden preference named app.update.notifyDuringDownload that, when set to true, causes a "Downloading update" message to appear in the app menu during a MAR download. Clicking the message opens the about box so the user can see detailed progress information. Differential Revision: https://phabricator.services.mozilla.com/D77688 --- browser/app/profile/firefox.js | 4 ++ browser/components/BrowserGlue.jsm | 1 + .../customizableui/content/panelUI.inc.xhtml | 2 + .../components/customizableui/content/panelUI.js | 5 ++ .../test/browser_panelUINotifications.js | 62 ++ browser/locales/en-US/browser/appmenu.ftl | 2 + .../themes/shared/customizableui/panelUI.inc.css | 3 ++ browser/themes/shared/notification-icons.inc.css | 1 + browser/themes/shared/toolbarbutton-icons.inc.css | 1 + toolkit/mozapps/update/UpdateListener.jsm | 50 +++-- toolkit/mozapps/update/UpdateService.jsm | 27 ++ .../mozapps/update/tests/browser/browser.bits.ini | 1 + toolkit/mozapps/update/tests/browser/browser.ini | 1 + .../update/tests/browser/browser.legacy.bits.ini | 1 + .../update/tests/browser/browser.legacy.ini| 1 + .../browser/browser_aboutDialog_bc_downloading.js | 17 ++ .../browser_aboutDialog_bc_downloading_notify.js | 58 toolkit/mozapps/update/tests/data/shared.js| 1 + 18 files changed, 222 insertions(+), 16 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index a7e0bd808254..479c68efdd8c 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -131,6 +131,10 @@ pref("app.update.download.promptMaxAttempts", 2); // download a fresh installer. pref("app.update.elevation.promptMaxAttempts", 2); +// If set to true, a message will be displayed in the hamburger menu while +// an update is being downloaded. +pref("app.update.notifyDuringDownload", false); + // If set to true, the Update Service will automatically download updates if the // user can apply updates. This pref is no longer used on Windows, except as the // default value to migrate to the new location that this data is now stored diff --git a/browser/components/BrowserGlue.jsm b/browser/components/BrowserGlue.jsm index 70f5ad8b85e4..0a3555f26432 100644 --- a/browser/components/BrowserGlue.jsm +++ b/browser/components/BrowserGlue.jsm @@ -769,6 +769,7 @@ const global = this; const listeners = { observers: { +"update-downloading": ["UpdateListener"], "update-staged": ["UpdateListener"], "update-downloaded": ["UpdateListener"], "update-available": ["UpdateListener"], diff --git a/browser/components/customizableui/content/panelUI.inc.xhtml b/browser/components/customizableui/content/panelUI.inc.xhtml index e5c9c00c35e4..3a8b74b0a9f3 100644 --- a/browser/components/customizableui/content/panelUI.inc.xhtml +++ b/browser/components/customizableui/content/panelUI.inc.xhtml @@ -223,6 +223,8 @@ { +mainActionCalled = true; + }, +}; +// The downloading notification is always displayed in a dismissed state. +AppMenuNotifications.showNotification( + "update-downloading", + mainAction, + undefined, + { dismissed: true } +); +is(PanelUI.notificationPanel.state, "closed", "doorhanger is closed."); + +is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is displaying on PanelUI button." +); + +await gCUITestUtils.openMainMenu(); +isnot( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is hidden on PanelUI button." +); +let menuItem = PanelUI.mainView.querySelector(".panel-banner-item"); +is( + menuItem.label, + menuItem.getAttribute("label-update-downloading"), + "Showing correct label (downloading)" +); +is(menuItem.hidden, false, "update-downloading menu item is showing."); + +await gCUITestUtils.hideMainMenu(); +is( + PanelUI.menuButton.getAttribute("badge-status"), + "update-downloading", + "Downloading badge is shown on PanelUI button." +); + +await gCUITestUtils.openMainMenu(); +menuItem.click(); +ok(mainActionCalled, "Main action callback was called"); + +AppMenuNotifications.removeNotification(/.*/); + }); +}); + /** * We want to ensure a few things with this: * - Adding a doorhanger will make a badge disappear diff --git a/browser/locales/en-US/browser/appmenu.ftl b/browser/locales/en-US/browser/appmenu.ftl index
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit b820a47c0f94bcce520498d6f02dcef3c01d5c33 Author: Translation commit bot Date: Wed Jul 14 14:45:15 2021 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+pl.po | 34 +++--- contents+tr.po | 16 2 files changed, 43 insertions(+), 7 deletions(-) diff --git a/contents+pl.po b/contents+pl.po index d806f9f13d..bb94ae7302 100644 --- a/contents+pl.po +++ b/contents+pl.po @@ -482,6 +482,9 @@ msgid "" "becoming a user researcher with Tor](https://community.torproject.org/user-; "research/guidelines)." msgstr "" +"Przed uruchomieniem badania użytkowników Tora koniecznie przeczytaj nasze " +"[Wskazówki, jak zostaÄ badaczem użytkowników z " +"Torem](https://community.torproject.org/user-research/guidelines)." #: https//community.torproject.org/user-research/open/ #: (content/user-research/open/contents+en.lrpage.body) @@ -495,6 +498,9 @@ msgid "" "Usage](https://gitlab.torproject.org/tpo/ux/research/-/blob/master/scripts%20and%20activities/2020; "/browser-usage.md)" msgstr "" +"* [Użycie przeglÄ darki " +"Tor](https://gitlab.torproject.org/tpo/ux/research/-/blob/master/scripts%20and%20activities/2020; +"/browser-usage.md)" #: https//community.torproject.org/user-research/open/ #: (content/user-research/open/contents+en.lrpage.body) @@ -582,7 +588,7 @@ msgstr "" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) msgid "## Respect privacy" -msgstr "" +msgstr "## Szanuj prywatnoÅÄ" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -611,7 +617,7 @@ msgstr "" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) msgid "## Learn" -msgstr "" +msgstr "## Ucz siÄ" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -620,6 +626,9 @@ msgid "" "their lives, the laws of the jurisdictions they live in, and the " "difficulties they are going through." msgstr "" +"Podczas szkolenia sÅuchamy historii, które ludzie opowiadajÄ nam o swoim " +"życiu, prawach jurysdykcji, w których żyjÄ , i trudnoÅciach, przez które " +"przechodzÄ ." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -627,11 +636,13 @@ msgid "" "This way, we can learn how to facilitate better access to information " "through Tor. By listening, we learn." msgstr "" +"W ten sposób możemy dowiedzieÄ siÄ, jak uÅatwiÄ lepszy dostÄp do informacji " +"za poÅrednictwem Tora. SÅuchajÄ c, uczymy siÄ." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) msgid "## Describe and Ask for consent" -msgstr "" +msgstr "## Opisz i poproÅ o zgodÄ" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -728,7 +739,7 @@ msgstr "" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) msgid "## The interview process" -msgstr "" +msgstr "## Przebieg rozmowy kwalifikacyjnej" #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -736,11 +747,13 @@ msgid "" "Thank the participant for their willingness to participate and explain that " "we are testing the product, not them." msgstr "" +"PodziÄkuj uczestnikowi za chÄÄ udziaÅu i wyjaÅnij, że to my testujemy " +"produkt, a nie on." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) msgid "The interview should not last longer than 20 minutes." -msgstr "" +msgstr "Rozmowa nie powinna trwaÄ dÅużej niż 20 minut." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -748,6 +761,8 @@ msgid "" "You can take notes on the printed material you will carry with you, or on " "your computer." msgstr "" +"Możesz robiÄ notatki na drukowanych materiaÅach, które bÄdziesz nosiÄ przy " +"sobie, lub na swoim komputerze." #: https//community.torproject.org/user-research/guidelines/ #: (content/user-research/guidelines/contents+en.lrpage.body) @@ -756,6 +771,9 @@ msgid "" "participants, it's important for us to be able to determine the reach of our" " training sessions, usability workshops and interviews." msgstr "" +"ChoÄ nie interesujÄ nas specyfika poszczególnych uczestników, ważne jest dla" +" nas, abyÅmy byli w stanie okreÅliÄ zasiÄg naszych szkoleÅ, warsztatów " +"użytecznoÅci i wywiadów." #:
[tor-commits] [snowflake-webext/main] Point users to community doc for standalone proxy
commit 37f956a498cf2037eefc50ac5ca6f32121e6a82e Author: Cecylia Bocovich Date: Fri Jun 25 19:35:03 2021 -0400 Point users to community doc for standalone proxy --- static/_locales/en_US/messages.json | 7 +-- static/index.html | 3 +++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/static/_locales/en_US/messages.json b/static/_locales/en_US/messages.json index 1516692..eefa767 100644 --- a/static/_locales/en_US/messages.json +++ b/static/_locales/en_US/messages.json @@ -39,13 +39,13 @@ "message": "Snowflake is a system to defeat internet censorship. People who are censored can use Snowflake to access the internet. Their connection goes through Snowflake proxies, which are run by volunteers. For more detailed information about how Snowflake works see our https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home\;>documentation wiki." }, "browser": { -"message": "Browser" +"message": "Use Snowflake" }, "censoredUsers": { "message": "If your internet access is censored, you should download https://www.torproject.org/download/\;>Tor Browser." }, "extension": { -"message": "Extension" +"message": "Run a Proxy" }, "installExtension": { "message": "If your internet access is not censored, you should consider installing the Snowflake extension to help users in censored networks. There is no need to worry about which websites people are accessing through your proxy. Their visible browsing IP address will match their Tor exit node, not yours." @@ -56,6 +56,9 @@ "installChrome": { "message": "Install in Chrome" }, + "installStandalone": { +"message": "If you would like to run a command-line version of the Snowflake proxy on your desktop or server, see our https://community.torproject.org/relay/setup/snowflake/standalone/\;>community documentation for running a standalone Snowflake proxy." + }, "reportingBugs": { "message": "Reporting Bugs" }, diff --git a/static/index.html b/static/index.html index 3cab645..349c0d8 100644 --- a/static/index.html +++ b/static/index.html @@ -59,6 +59,9 @@ + + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 731d7376390031048dc55fbf2c76359a7f763046 Author: Translation commit bot Date: Wed Jul 14 14:16:42 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- da.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/da.po b/da.po index 5899db00bc..74feeea98a 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 13:43+\n" +"PO-Revision-Date: 2021-07-14 13:49+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit d9bfdfbad04f942420a17120eb36821e64112232 Author: Translation commit bot Date: Wed Jul 14 14:15:54 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- da.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/da.po b/da.po index 1ae9a90064..3dc71b9bc9 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 13:43+\n" +"PO-Revision-Date: 2021-07-14 13:49+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" @@ -2022,7 +2022,7 @@ msgid "" "You are not connected to a local network yet.\\n\\nTo be able to start the " "Unsafe Browser, you first need to connect to a Wi-Fi, wired, or mobile " "network." -msgstr "" +msgstr "Du er ikke forbundet til et lokalt netværk endnu.\\n\\nFor at kunne starte Usikker browser skal du først oprette forbindelse til et Wi-Fi-, kablet- eller mobilt netværk." #: config/chroot_local-includes/usr/local/sbin/unsafe-browser:135 msgid "Failed to run browser." @@ -2638,7 +2638,7 @@ msgid "" "1. Send an empty email to brid...@torproject.org from a Gmail or Riseup email address.\n" "\n" "2. Type below the bridges that you received by email." -msgstr "" +msgstr "For at anmode om nye Tor-broer kan du også:\n\n1. Sende en tom e-mail til brid...@torproject.org fra en e-mailadresse hos Gmail eller Riseup.\n\n2. Indtaste de broer du modtog via e-mail nedenfor." #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:740 #: ../config/chroot_local-includes/usr/share/tails/tca/main.ui.in:1154 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/communitytpo-contentspot] https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot
commit 181c60ac47b83aa6ddfa4b2cb025f7a17ac19ba8 Author: Translation commit bot Date: Wed Jul 14 14:15:12 2021 + https://gitweb.torproject.org/translation.git/commit/?h=communitytpo-contentspot --- contents+pl.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contents+pl.po b/contents+pl.po index 3792351102..d806f9f13d 100644 --- a/contents+pl.po +++ b/contents+pl.po @@ -464,7 +464,7 @@ msgstr "" #: https//community.torproject.org/user-research/persona/ #: (content/user-research/persona/contents+en.lrpage.section) msgid "user research" -msgstr "" +msgstr "badania użytkowników" #: https//community.torproject.org/user-research/open/ #: (content/user-research/open/contents+en.lrpage.body) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc_release] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release
commit 1d81be0db6d9341156d28112216118e38f7ab7fe Author: Translation commit bot Date: Wed Jul 14 13:46:28 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc_release --- da.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/da.po b/da.po index a7605c25c4..5899db00bc 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 00:29+\n" +"PO-Revision-Date: 2021-07-14 13:43+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-misc] https://gitweb.torproject.org/translation.git/commit/?h=tails-misc
commit e59083957574d35697a0147b63ccdb1b26349462 Author: Translation commit bot Date: Wed Jul 14 13:45:46 2021 + https://gitweb.torproject.org/translation.git/commit/?h=tails-misc --- da.po | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/da.po b/da.po index d7b18656bd..1ae9a90064 100644 --- a/da.po +++ b/da.po @@ -23,7 +23,7 @@ msgstr "" "Project-Id-Version: Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2021-07-01 11:43+0200\n" -"PO-Revision-Date: 2021-07-14 00:29+\n" +"PO-Revision-Date: 2021-07-14 13:43+\n" "Last-Translator: scootergrisen\n" "Language-Team: Danish (http://www.transifex.com/otf/torproject/language/da/)\n" "MIME-Version: 1.0\n" @@ -1642,7 +1642,7 @@ msgstr "Netværkskortet ${nic} deaktiveret" msgid "" "MAC address anonymization failed for network card ${nic_name} (${nic}) so it is temporarily disabled.\n" "You might prefer to restart Tails and disable MAC address anonymization." -msgstr "" +msgstr "Anonymisering af MAC-adresse mislykkedes for netværkskortet ${nic_name} (${nic}), så det er deaktiveret midlertidigt.\nDet kan være du vil foretrække at genstarte Tails og deaktivere anonymisering af MAC-adresse." #: config/chroot_local-includes/usr/local/lib/tails-spoof-mac:66 msgid "All networking disabled" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits